-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathregistration.php
127 lines (108 loc) · 3.24 KB
/
registration.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Account Registration</title>
<link rel="stylesheet" type="text/css" href="styles.css">
</head>
<body>
<?php
session_start();
//Note: Database information removed for Github.
$server_hostname = "";
$server_username = "";
$server_password = "";
$server_dbname = "";
$db = mysqli_connect($server_hostname, $server_username, $server_password, $server_dbname) or die ("Could not connect to database.");
$username = $_POST['username'];
$password = $_POST['password'];
$confirmpassword = $_POST['confirmpassword'];
$errors = array();
if(isset($_POST['login']))
{
if(empty($username))
{
array_push($errors, "A username is required for account creation.");
}
if(empty($password))
{
array_push($errors, "A password is required for account creation.");
}
if(count($errors) == 0)
{
$password = md5($password);
$query = "SELECT * FROM users WHERE username = ? AND password = ?";
$stmt = $db->prepare($query);
$stmt->bind_param("ss", $username, $password);
$stmt->execute();
$result = $stmt->get_result();
$user = $result->fetch_assoc();
if($user)
{
$_SESSION['username'] = $username;
echo "<p style='color:white;'>" . "You are now logged in. Redirecting in 3 seconds." . "</p>";
}
else
{
array_push($errors, "Account not found. Please try again.");
}
}
mysqli_close($db);
header("refresh:3; url=index.html");
}
else
{
$errors = array();
if(empty($username))
{
array_push($errors, "A username is required to login.");
}
if(empty($password))
{
array_push($errors, "A password is required to login.");
}
if($password != $confirmpassword)
{
array_push($errors, "The passwords do not match.");
}
//check database for existing user with same username
$user_check_query = "SELECT * FROM users WHERE username = ? LIMIT 1";
$stmt = $db->prepare($user_check_query);
$stmt->bind_param("s", $username);
$stmt->execute();
$result = $stmt->get_result();
$user = $result->fetch_assoc();
if($user)
{
if($user["username"] === $username)
{
array_push($errors, "This username is already registered.");
}
}
//Register user if no errors
if(count($errors) == 0)
{
$password = md5($password);
$insertion_query = "INSERT INTO users VALUES (?, ?)";
$stmt = $db->prepare($insertion_query);
$stmt->bind_param("ss", $username, $password);
$stmt->execute();
$_SESSION['username'] = $username;
echo "<p style='color:white;'>" . "You are now registered. Redirecting in 3 seconds." . "</p>";
mysqli_close($db);
header("refresh:3; url=index.html");
}
}
?>
<?php if (is_countable($errors) && count($errors) > 0) : ?>
<div>
<?php foreach($errors as $error) : ?>
<p><?php echo $error ?></p>
<?php endforeach ?>
<p><?php echo "<p style='color:white;'>" . "Redirecting in 3 seconds." . "</p>"; ?></p>
<?php header("Refresh:3; url=login.html"); ?>
</div>
<?php endif ?>
</body>
</html>