-
Notifications
You must be signed in to change notification settings - Fork 0
/
validate_data.php
154 lines (135 loc) · 3.88 KB
/
validate_data.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
<?php #include "header.php";
include "connectDb.php"; #connect to mysql database.
$regmsg=$name=$fullname=$pwd=$repwd=$age=$email=$phone=$gender=$countries=$abtme=$propic=""; #Variables to store input values.
$userErr=$nameErr=$pwdErr=$repwdErr=$emailErr=$phoneErr=$ageErr=$countryErr=$ageErr=$genErr=$propicErr=""; #Variables to return error messages.
$checked=true; #Boolean variable to check if all fields are correct or not.
if($_SERVER["REQUEST_METHOD"]=="POST") {
#Check for proper name - empty/invalid characters
if(!empty($_POST["name"])) {
$fullname=processData($_POST["name"]);
if (!preg_match("/^[a-zA-Z ]*$/",$fullname)) {
$nameErr = "Only letters and white space allowed";
$checked=false;
$name="";
}
}
else {
$nameErr="Enter your name";
$checked=false;
}
#Validate username - empty field
if(empty($_POST["user"])) {
$userErr="Enter Username";
$checked=false;
}
else
$name=processData($_POST["user"]);
#validate password - empty field
if(empty($_POST["pwd"])) {
$pwdErr="Enter your password";
$checked=false;
}
else
$pwd=processData($_POST["pwd"]);
#validate password - empty field
if(empty($_POST["repwd"])) {
$repwdErr="Enter password again";
$checked=false;
}
else
$repwd=processData($_POST["repwd"]);
#Check if two password fields are same.
if(checkPwdEquality($pwd,$repwd) != 0) {
$repwdErr="Passwords do not match!";
$checked=false;
}
#validate email address
if(!empty($_POST["mail"])) {
$email=processData($_POST["mail"]);
if(!validate_email($email)) {
$emailErr="Invalid Email - Try again";
$checked=false;
$email="";
}
}
else {
$emailErr="Enter your EmailId";
$checked=false;
}
#check for proper mobile number
if(!empty($_POST["phone"])) {
$phone=processData($_POST["phone"]);
if(filter_var($phone, FILTER_VALIDATE_INT) === false) {
$phone_len = strlen((string)$phone);
if($phone_len < 10) {
$phoneErr="Invalid mobile number";
$checked=false;
$phone="";
}
}
else {
$phoneErr="Enter proper mobile number";
$phone="";
$checked=false;
}
}
else {
$phoneErr="Enter your mobile number";
$checked=false;
}
#check for empty field
if(empty($_POST["age"])) {
$ageErr="Enter your age";
$checked=false;
}
else
$age=processData($_POST["age"]);
#check for empty field.
if(empty($_POST["gender"])) {
$genErr="Choose your gender";
$checked=false;
}
else
$gender=processData($_POST["name"]);
#check for empty field.
if(empty($_POST["countries"])) {
$countryErr="What's your location?";
$checked=false;
}
else
$countries=processData($_POST["countries"]);
$abtme=processData($_POST["abtme"]);
#If everything is fine - Add the user.
if($checked==true) {
try {
$sql="insert into users
(user_id,disp_name,encrypt_pwd,email_addr,ph_num,age,location,description,pro_img_url,status,up_votes,down_votes)
values
('".$name."','".$fullname."','".md5($pwd)."','".$email."',".$phone.",".$age.",'".$countries."','".$abtme."',NULL,'A',0,0)";
$conn->exec($sql);
$regmsg="Registration successfull";
include "session.php"; #Starting user session
echo '<script type="text/javascript">window.location="upload.php";</script>'; #On successful registration, redirect to profile pic upload
}
catch(PDOException $e) {
$regmsg="Some error occured".$e->getMessage();
}
}
}
#Function to trim extra spaces/backslashes and avoiding cross-scripting
function processData($text) {
$text=trim($text);
$text=stripslashes($text);
$text=htmlspecialchars($text);
return $text;
}
#Password equality check
function checkPwdEquality($pass1,$pass2) {
return strcmp($pass1,$pass2);
}
function validate_email($email) {
if (!filter_var($email, FILTER_VALIDATE_EMAIL))
return false;
return true;
}
?>