/
save_user.php
60 lines (50 loc) · 1.52 KB
/
save_user.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
<?php
// user inputs
$username = $_POST["username"];
$password = $_POST["password"];
$confirm_password = $_POST["confirm_password"];
$reg_date = $_POST["reg_date"];
$test = $_POST["test"];
// validation check
$is_valid = true;
$error_message = "";
if (empty($username)) {
$is_valid = false;
$error_message = "You need to provide a username <br>";
}
if (empty($password)) {
$is_valid = false;
$error_message .= "You need to provide a password <br>";
}
if (empty($confirm_password)) {
$is_valid = false;
$error_message .= "You need to confirm your password <br>";
}
if (!empty($password) && !empty($confirm_password) && $password != $confirm_password) {
$is_valid = false;
$error_message .= "Make sure your passwords match <br>";
}
if (empty($test) || $test != 28) {
$is_valid = false;
$error_message .= "INVALID FORM SUBMISSION<br>";
}
include("db.php");
// see if username already exists
$sql = "SELECT user_id FROM users WHERE username = '$username'";
$result = $conn->query($sql);
// see how many rows our query returns (meaning user already exists)
$count = $result->rowCount();
if ($count > 0) {
$error_message .= "Sorry, that username already exists. <br>";
$is_valid = false;
}
if ($is_valid == false) {
echo $error_message . " <a href='register.php'> <Back to Register</a>";
}
if ($is_valid) {
$hashed_password = hash('sha512', $password);
$sql = "INSERT INTO users (reg_date, username, password) VALUES ('$reg_date', '$username', '$hashed_password')";
$conn->exec($sql);
$conn = null;
header("Location: login.php");
}