William/WMU-CS4430-Project
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Signup is now functional!

Browse Source
This commit is contained in:
WilliamMiceli
2019-12-04 17:10:55 -05:00
parent 9f134993a7
commit 05275da9b6
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
var/www/signup.php
View File

@@ -8,12 +8,12 @@
if(4 <= strlen($_POST['signup_username']) && strlen($_POST['signup_username']) <= 25){ if(4 <= strlen($_POST['signup_username']) && strlen($_POST['signup_username']) <= 25){
if(4 <= strlen($_POST['signup_password']) && strlen($_POST['signup_password']) <= 25){ if(4 <= strlen($_POST['signup_password']) && strlen($_POST['signup_password']) <= 25){
// Make sure no special characters are present // Make sure no special characters are present
if((preg_match('/[\'^£$%&*()}{@#~?><>,|=_+¬-]/',$_POST['signup_username']) && (preg_match('/[\'^£$%&*()}{@#~?><>,|=_+¬-]/',$_POST['signup_password'])){ if(ctype_alnum($_POST['signup_username']) && ctype_alnum($_POST['signup_password'])){
// Need to first check if a user with the desired username already esists // Need to first check if a user with the desired username already esists
$db_check_statement = $db_connection->prepare("SELECT COUNT(*) FROM login WHERE username = '".$_POST["signup_username"]."'"); $db_check_statement = $db_connection->prepare("SELECT COUNT(*) FROM login WHERE username = '".$_POST["signup_username"]."'");
$db_check_statement->execute(); $db_check_statement->execute();
$db_check_statement->setFetchMode(PDO::FETCH_ASSOC); $db_check_statement->setFetchMode(PDO::FETCH_ASSOC);
$db_check_returned = $db_statement->fetchAll(); $db_check_returned = $db_check_statement->fetchAll();
$existingUsers = $db_check_returned[0]['COUNT(*)']; $existingUsers = $db_check_returned[0]['COUNT(*)'];
if($existingUsers == 0){ if($existingUsers == 0){
$db_connection->exec("INSERT INTO login (username, pword) VALUES ('".$_POST["signup_username"]."','".$_POST["signup_password"]."')"); $db_connection->exec("INSERT INTO login (username, pword) VALUES ('".$_POST["signup_username"]."','".$_POST["signup_password"]."')");
@@ -47,8 +47,8 @@
<div class="message"> <div class="message">
<p><?php if($_SESSION['signupError']!=""){ echo $_SESSION['signupError']; } ?></p> <p><?php if($_SESSION['signupError']!=""){ echo $_SESSION['signupError']; } ?></p>
</div> </div>
<h2>>And you are...?</h2> <h2>And you are...?</h2>
<h5>Up to 25 characters, and no special characters</h5> <h5>Username and password both can be up to 25 alphanumeric characters</h5>
<form action="" method="post"> <form action="" method="post">
Username&colon; <input type="text" name="signup_username" placeholder="Username"><br /> Username&colon; <input type="text" name="signup_username" placeholder="Username"><br />
Password&colon; <input type="password" name="signup_password" placeholder="Password"><br /> Password&colon; <input type="password" name="signup_password" placeholder="Password"><br />