-
Notifications
You must be signed in to change notification settings - Fork 0
/
signup.php
97 lines (94 loc) · 4.07 KB
/
signup.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
<!DOCTYPE html>
<html lang="en" style="background: url('./background.png') 100% 100%; overflow: hidden;">
<head>
<title> S I G N U P </title>
<link rel="icon" href="sol.png">
<link rel="stylesheet" href="home.css" type="text/css">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta charset="UTF-8">
</head>
<body style="overflow: hidden; box-shadow: 0 0 25vw black inset, 0 0 25vw black inset !important;">
<?php
ini_set('session.use_only_cookies', 1);
session_start();
require_once 'DB.php';
if ($cnct->connect_error) {
die("<script>alert('Connection error.');location.replace('signup.php');</script>");
}
include_once("menu.php"); //import menu
?>
<div id="content" style="top: 20px;">
<p class="line"></p>
<p id="navbar">
<a href="./search.php">Search</a>
<a href="./index.php">Home</a>
<a href="./browse.php">Browse</a>
</p>
<p class="line"></p>
<?php
if (isset($_POST['user']) && isset($_POST['pass1']) && isset($_POST['pass2'])) {
$usr = trim($cnct->real_escape_string($_POST['user']));
$pwd1 = trim($cnct->real_escape_string($_POST['pass1']));
$pwd2 = trim($cnct->real_escape_string($_POST['pass2']));
$valid = validate($usr, $pwd1, $pwd2);
if ($valid == "") {
$stmt = $cnct->prepare("SELECT * FROM sekrit WHERE user=?"); //check if username exists
$stmt->bind_param("s", $usr);
$stmt->execute();
$result = $stmt->get_result();
if (!$result) {
die("<script>alert('Signup failed.');location.replace('signup.php');</script>");
} elseif ($result->num_rows == 0) { //username not found in DB
$salt = "*5&@p%";
$token = hash('sha256', "$salt$pwd1$salt");
$stmt = $cnct->prepare("INSERT INTO sekrit VALUES(?, ?, 'NULL')");
$stmt->bind_param("ss", $usr, $token);
$stmt->execute();
$result = $stmt->store_result();
if (!$result) {
die("<script>alert('Signup failed.');location.replace('signup.php');</script>");
} else {
//$stmt->close();
die("<script>location.replace('login.php');</script>");
}
} else {
die("<script>alert('Username not available.');location.replace('signup.php');</script>");
}
} else {
die("<script>alert('$valid');location.replace('signup.php');</script>");
}
}
?>
<div id="backGif">
<form class="center" action="signup.php" method="post">
<span class="names">Username</span><input class="loginField" type="text" name="user">
<span class="names">Password</span><input class="loginField" type="text" name="pass1">
<span class="names">Confirm Password</span><input class="loginField" type="text" name="pass2">
<div class="center" style="top: 48vh;">
<input type="submit" value="SIGN UP">
</div>
</form>
</div>
<?php
$cnct->close();
function validate($user, $pass1, $pass2) {
if ($user == "" || $pass1 == "" || $pass2 == "") {
return "Please enter a username and password.";
} elseif (strlen($user) < 5) {
return "Username must be at least 5 characters.";
} elseif (preg_match("/[^a-zA-Z0-9]/", $user)) {
return "Username must contain letters and numbers only.";
} elseif ($pass1 != $pass2) {
return "Passwords do not match.";
} elseif (strlen($pass1) < 5) {
return "Password must be at least 5 characters.";
} elseif (!preg_match("/[a-zA-Z]/", $pass1) || !preg_match("/[0-9]/", $pass1)) {
return "Password must contain both letters and numbers.";
} elseif (preg_match("/[^a-zA-Z0-9]/", $pass1)) {
return "Password must contain letters and numbers only.";
}
return "";
}
?>
</body>
</html>