New signup page! Hopefully it works...
This commit is contained in:
William Miceli
63
var/www/signup.php
Normal file
63
var/www/signup.php
Normal file
@@ -0,0 +1,63 @@
|
||||
<?php
|
||||
require 'common.php';
|
||||
unset($_SESSION['loggedInUser']);
|
||||
|
||||
try{
|
||||
if($_POST['signup_username'] != '' && $_POST['signup_password'] != ''){
|
||||
// username and password must be 4 <= length <= 25
|
||||
if(4 <= strlen($_POST['signup_username']) && strlen($_POST['signup_username']) <= 25){
|
||||
if(4 <= strlen($_POST['signup_password']) && strlen($_POST['signup_password']) <= 25){
|
||||
// Make sure no special characters are present
|
||||
if((preg_match('/[\'^£$%&*()}{@#~?><>,|=_+¬-]/',$_POST['signup_username']) && (preg_match('/[\'^£$%&*()}{@#~?><>,|=_+¬-]/',$_POST['signup_password'])){
|
||||
// Need to first check if a user with the desired username already esists
|
||||
$db_check_statement = $db_connection->prepare("SELECT COUNT(*) FROM login WHERE username = '".$_POST["signup_username"]."'");
|
||||
$db_check_statement->execute();
|
||||
$db_check_statement->setFetchMode(PDO::FETCH_ASSOC);
|
||||
$db_check_returned = $db_statement->fetchAll();
|
||||
$existingUsers = $db_check_returned[0]['COUNT(*)'];
|
||||
if($existingUsers == 0){
|
||||
$db_connection->exec("INSERT INTO login (username, pword) VALUES ('".$_POST["signup_username"]."','".$_POST["signup_password"]."')");
|
||||
$_SESSION["loginError"] = "Your account has been created and can now login";
|
||||
unset($_SESSION['signupError']);
|
||||
header('Location: /login.php');
|
||||
}else{$_SESSION["signupError"] = "Another user with that username already exists, please choose another name";}
|
||||
}else{$_SESSION["signupError"] = "Special characters are not allowed";}
|
||||
}else{$_SESSION["signupError"] = "Password must be at least 4 characters and at most 25 characters";}
|
||||
}else{$_SESSION["signupError"] = "Username must be at least 4 characters and at most 25 characters";}
|
||||
}else{
|
||||
// If user submitted form wihout actually filling it out completely, send user an error message
|
||||
if(!empty($_POST)){
|
||||
$_SESSION["signupError"] = "Username and Password are required, please try again";
|
||||
}
|
||||
}
|
||||
}catch(PDOException $e){echo "PDOException: ".$e->getMessage();
|
||||
}catch(Exception $e){echo "Exception: ".$e->getMessage();
|
||||
}
|
||||
?>
|
||||
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
||||
<head>
|
||||
<title>friendbook Login</title>
|
||||
<meta http-equiv="content-type" content="text/html; charset=utf-8"/>
|
||||
<link rel="stylesheet" type="text/css" href="styling.css">
|
||||
</head>
|
||||
<body>
|
||||
<!--#include virtual="header.html" -->
|
||||
<div class="message">
|
||||
<p><?php if($_SESSION['signupError']!=""){ echo $_SESSION['signupError']; } ?></p>
|
||||
</div>
|
||||
<h2>>And you are...?</h2>
|
||||
<h5>Up to 25 characters, and no special characters</h5>
|
||||
<form action="" method="post">
|
||||
Username: <input type="text" name="signup_username" placeholder="Username"><br />
|
||||
Password: <input type="password" name="signup_password" placeholder="Password"><br />
|
||||
<br />
|
||||
<input type="submit" class="button">
|
||||
<a href="/login.php" class="button">Login Instead</a>
|
||||
</form>
|
||||
</body>
|
||||
</html>
|
||||
<?php
|
||||
$db_connection = null;
|
||||
?>
|
||||
Reference in New Issue
Block a user