Houdini

class Registration extends PDO {
	private $config = [
		'Host' => '127.0.0.1',
		'Database' => 'houdini',
		'User' => 'root',
		'Pass' => '',
	];
	public function __construct(){
		parent::__construct('mysql:host='. $this->config['Host'] . ';dbname=' . $this->config['Database'], $this->config['User'], $this->config['Pass']);
	}
	public function encryptPassword($password, $md5 = true) {
		if($md5 !== false) {
			$password = md5($password);
		}
		$hash = substr($password, 16, 16) . substr($password, 0, 16);
		return $hash;
	}
	public function sendError($errorType, $message){
		switch($errorType){
			case "success":
				$error = "<div class=\"alert alert-success\">{$message}</div>";
			break;
			case "error":
				$error = "<div class=\"alert alert-danger\">{$message}</div>";
			break;
		}
		return $error;
	}
	public function getLoginHash($password, $staticKey) {
		$hash = $this->encryptPassword($password, false);
		$hash .= $staticKey;
		$hash .= 'Y(02.>\'H}t":E1';
		$hash = $this->encryptPassword($hash);
		$hash = password_hash($hash, PASSWORD_DEFAULT, [ 'cost' => 12 ]);
		return $hash;
	}

    public function addUser($username, $email, $password, $color){
        $hashedPassword = strtoupper(md5($password));
        $staticKey = 'e4a2dbcca10a7246817a83cd';
        $fancyPassword = $this->getLoginHash($hashedPassword, $staticKey);
        $strQuery = "INSERT INTO penguins (ID, Username, Nickname, Password, LoginKey, Email, RegistrationDate, LastPaycheck, Color, Inventory, Igloos, Floors, Furniture, Stamps, Buddies, Ignore) VALUES (NULL, :username, :username, :password, '', :email, :TimeDate, '', :color, '', '1', '', '', '7', '', '')";
        $insertUser = $this->prepare($strQuery);
        $insertUser->bindValue(":username", $username);
        $insertUser->bindValue(":email", $email);
        $insertUser->bindValue(":TimeDate", time());
        $insertUser->bindValue(":password", $fancyPassword);
        $insertUser->bindValue(":color", $color);
        $insertUser->execute();
        $insertUser->closeCursor();

        $penguinId = $this->lastInsertId();
		$this->addActiveIgloo($penguinId);
		$this->addColors($penguinId);
		return $penguinId;
    }

    private function addColors($penguinId) {
    	$insertStatement = $this->prepare("UPDATE `penguins` SET `Inventory` = '%14%1%2%3%4%5%6%7%8%9%10%11%12%13%15' WHERE ID = :Penguin;");
    	$insertStatement->bindValue(":Penguin", $penguinId);
    	$insertStatement->execute();
    	$insertStatement->closeCursor();
    }

    private function addActiveIgloo($penguinId) {
		$insertStatement = $this->prepare("INSERT INTO `igloos` (`ID`, `Owner`, `Furniture`) VALUES (NULL, :Owner, '');");
		$insertStatement->bindValue(":Owner", $penguinId);
		$insertStatement->execute();
		$insertStatement->closeCursor();
        $iglooId = $this->lastInsertId();

        $setActiveIgloo = $this->prepare("UPDATE `penguins` SET `Igloo` = :Igloo WHERE ID = :Penguin;");
        $setActiveIgloo->bindValue(":Igloo", $iglooId);
        $setActiveIgloo->bindValue(":Penguin", $penguinId);
        $setActiveIgloo->execute();
        $setActiveIgloo->closeCursor();
	}

    public function getID($penguinId){
        $strQuery = 'SELECT ID FROM penguins WHERE ID = :ID';
        $getID = $this->prepare($strQuery);
        $getID->bindValue(':ID', $penguinId);
        $getID->execute();
        $idExists = $getID->rowCount() > 0;
        return $idExists;
    }

	public function usernameExists($username){
		$strQuery = 'SELECT Username FROM penguins WHERE Username = :username';
		$checkUsername = $this->prepare($strQuery);
		$checkUsername->bindValue(':username', $username);
		$checkUsername->execute();
		$usernameExists = $checkUsername->rowCount() > 0;
		return $usernameExists;
	}

	public function EmailExists($email){
		$strQuery = 'SELECT Email FROM penguins WHERE Email = :email';
		$checkEmail = $this->prepare($strQuery);
		$checkEmail->bindValue(':email', $email);
		$checkEmail->execute();
		$emailExists = $checkEmail->rowCount() > 0;
		return $emailExists;
	}
}
$db = new Registration();
if(isset($_POST) && !empty($_POST)){
	if(isset($_POST["username"],$_POST["email"], $_POST["password"], $_POST["repassword"], $_POST["penguinColor"], $_POST["g-recaptcha-response"]) && !empty($_POST["username"]) && !empty($_POST["email"]) && !empty($_POST["password"]) && !empty($_POST["repassword"]) && !empty($_POST["penguinColor"]) && !empty($_POST["g-recaptcha-response"])){
			$strUsername = $_POST["username"];
			$strEmail = $_POST["email"];
			$strPassword = $_POST["password"];
			$strRePassword = $_POST["repassword"];
			$intColor = $_POST["penguinColor"];
			$strCaptcha = $_POST["g-recaptcha-response"];
			$intIP = $_SERVER['REMOTE_ADDR'];
			$strSecretKey = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
			$strResponse = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$strSecretKey."&response=".$strCaptcha."&remoteip=".$intIP);
			$strResponseKeys = json_decode($strResponse, true);
			$censor = new CensorWords;
			$cen = $censor->censorString($strUsername);
			if($db->usernameExists($strUsername)){
				$error = $db->sendError('error', 'There was an error!');
			}
			//elseif(in_array($strUsername, $strBadNames)){
			elseif(count($cen['matched']) > 0){
				$strBad = "";
				foreach ($cen['matched'] as $bad) {
					$strBad .= "$bad ";
				}
				$error = $db->sendError('error', 'This username is not allowed: ' . $strBad);
			}
			elseif($db->emailExists($strEmail)){
				$error = $db->sendError('error', 'There was an error!');
			}
			elseif(strlen($strUsername) == 0){
				$error = sendError('error', 'You need to provide a name for your penguin.');
			}
			elseif(strlen($strUsername) < 4 || strlen($strUsername) > 21){
				$error = $db->sendError('error', 'Your penguin name is either too short or too long.');
			}
			elseif(preg_match_all("/[0-9]/", $strUsername) > 21){
				$error = $db->sendError('error', 'Your penguin name can only contain 21 numbers.');
			}
			elseif(!preg_match("/[A-z]/i", $strUsername)){
				$error = $db->sendError('error', 'Penguin names must contain at least 1 letter.');
			}
			elseif(preg_match('/[^a-z0-9\s]/i', $strUsername)){
				$error = $db->sendError('error', 'That username is not allowed.');
			}
			elseif(!filter_var($strEmail, FILTER_VALIDATE_EMAIL)){
				$error = $db->sendError('error', 'Your email isn\'t valid.');
			}
			elseif(strlen($strPassword) < 4) {
				$error = $db->sendError('error', "Your password is too short!");
			}
			elseif($strPassword != $strRePassword){
				$error = $db->sendError('error', "Passwords do not match!");
			}
			elseif(!$strCaptcha){
				$error = $db->sendError('error', 'Please fill out the captcha.');
				die();
			}
			/*elseif(intval($strResponseKeys["success"]) !== 1) {
				$error = $db->sendError('error', 'Invalid validation!');
			}*/
			if(empty($error)){
				$db->addUser($strUsername, $strEmail, $strPassword, $intColor);
				echo '<script language="javascript">';
				echo 'window.onload = function () {';
				echo 'swal("Well done!", "You have successfully registered!", "success")';
				echo '};';
				echo '</script>';
			}
	} else
		{
			$error = $db->sendError('error', "Please complete all the fields.");
		}
}