· 5 years ago · Jun 27, 2020, 12:48 PM
1<?php
2require_once "../../config.php";
3$username = $password = $confirm_password = $email = "";
4$username_err = $password_err = $confirm_password_err = $email_err = "";
5
6if($_SERVER["REQUEST_METHOD"] == "POST") {
7 $secretKey = '';
8 $captcha = $_POST['g-recaptcha-response'];
9 if(!$captcha) {
10 echo '<p class="alert alert-warning">Please check the the captcha form.</p>';
11 exit;
12 }
13
14
15 if(empty(trim($_POST["username"]))) {
16 $username_err = "Please enter a username.";
17 } elseif(!preg_match("/^[A-Za-z0-9]{8,16}$/", trim($_POST["username"]))) {
18 $username_err = "Must contain between 8 and 16 characters or numbers.";
19 } else {
20 $sql = "SELECT id FROM users WHERE username = ?";
21 if($stmt = $mysqli->prepare($sql)) {
22 $stmt->bind_param("s", $param_username);
23 $param_username = trim($_POST["username"]);
24 if($stmt->execute()) {
25 $stmt->store_result();
26 if($stmt->num_rows == 1) {
27 $username_err = "This username is already taken.";
28 } else {
29 $username = trim($_POST["username"]);
30 }
31 } else {
32 echo "Oops! Something went wrong. Please try again later.";
33 }
34 $stmt->close();
35 }
36 }
37 // Validate email
38 if(empty(trim($_POST["email"]))) {
39 $email_err = "Please confirm email.";
40 } elseif(!(filter_var(trim($_POST["email"]), FILTER_VALIDATE_EMAIL))) {
41 $email_err = "Email not valid.";
42 } else {
43 $sql1 = "SELECT id FROM users WHERE email = ?";
44 if($stmt = $mysqli->prepare($sql1)) {
45 $stmt->bind_param("s", $param_email);
46 $param_email = trim($_POST["email"]);
47 if($stmt->execute()) {
48 $stmt->store_result();
49 if($stmt->num_rows == 1) {
50 $email_err = "This email is already in use.";
51 } else {
52 $email = trim($_POST["email"]);
53 }
54 } else {
55 echo "Oops! Something went wrong. Please try again later.";
56 }
57 $stmt->close();
58 }
59 }
60
61 if(empty(trim($_POST["password"]))) {
62 $password_err = "Please enter a password.";
63 } elseif(!preg_match("^(?=\P{Ll}*\p{Ll})(?=\P{Lu}*\p{Lu})(?=\P{N}*\p{N})[\s\S]{8,}$^", trim($_POST["password"]))) {
64 $password_err = "At least 8 characters, must contain at least 1 of uppercase, lowercase and number";
65 } else {
66 $password = trim($_POST["password"]);
67 }
68
69 if(empty(trim($_POST["confirm_password"]))) {
70 $confirm_password_err = "Please confirm password.";
71 } else {
72 $confirm_password = trim($_POST["confirm_password"]);
73 if(empty($password_err) && ($password != $confirm_password)) {
74 $confirm_password_err = "Password did not match.";
75 }
76 }
77
78 if(!empty($username_err) || !empty($password_err) || !empty($confirm_password_err) || !empty($email_err)) {
79 echo '<script>
80 alert("Creation failed, details not correct.");
81 window.location.href="../login.php";
82 </script>';
83 }
84 if(empty($username_err) && empty($password_err) && empty($confirm_password_err) && empty($email_err)) {
85 $sql = "INSERT INTO users (username, password, email) VALUES (?, ?, ?)";
86 if($stmt = $mysqli->prepare($sql)) {
87 $stmt->bind_param("sss", $param_username, $param_password, $param_email);
88 $param_username = $username;
89 $param_password = password_hash($password, PASSWORD_DEFAULT);
90 $param_email = $email;
91 if($stmt->execute()) {
92 $EmailSubject = 'subject';
93 $from = "From: test\r\n";
94 $from .= "Content-type: text/html; charset=iso-8859-1\r\n";
95 $MESSAGE_BODY = "Username: ".$username."<br>";
96 $MESSAGE_BODY .= "Password: ".$password."<br>";
97 mail($email, $EmailSubject, $MESSAGE_BODY , $from);
98 echo '<script>
99 alert("Account successfully created.");
100 window.location.href="../login.php";
101 </script>';
102 } else {
103 echo '<script>
104 alert("Creation failed, please try again.");
105 window.location.href="../login.php";
106 </script>';
107 }
108 $stmt->close();
109 }
110 }
111 // Close connection
112 $mysqli->close();
113}
114?>