2024-01-20 16:04:27 +01:00
|
|
|
<?php
|
|
|
|
session_start();
|
|
|
|
require_once 'config.php';
|
|
|
|
|
|
|
|
// Handle registration form submission
|
|
|
|
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
2024-01-20 17:15:31 +01:00
|
|
|
// Validate that required fields are provided
|
|
|
|
if (empty($_POST['username']) || empty($_POST['email']) || empty($_POST['password'])) {
|
|
|
|
echo "Please provide all required fields (username, email, and password).";
|
|
|
|
} else {
|
|
|
|
$username = $_POST['username'];
|
|
|
|
$email = $_POST['email'];
|
|
|
|
$password = $_POST['password'];
|
2024-01-20 16:04:27 +01:00
|
|
|
|
2024-01-20 17:26:43 +01:00
|
|
|
// Validate username length
|
|
|
|
if (strlen($username) < 3 || strlen($username) > 32) {
|
|
|
|
echo "Username must be between 3 and 32 characters.";
|
|
|
|
} elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
|
|
|
// Validate email format
|
|
|
|
echo "Invalid email format.";
|
|
|
|
} elseif (strlen($password) < 8 || strlen($password) > 128) {
|
|
|
|
// Validate password length
|
|
|
|
echo "Password must be between 8 and 128 characters.";
|
|
|
|
} else {
|
|
|
|
// Check if the username or email already exists
|
|
|
|
$checkQuery = "SELECT id FROM users WHERE username = ? OR email = ?";
|
|
|
|
$checkStmt = $mysqli->prepare($checkQuery);
|
|
|
|
$checkStmt->bind_param("ss", $username, $email);
|
|
|
|
$checkStmt->execute();
|
|
|
|
$checkStmt->store_result();
|
2024-01-20 16:04:27 +01:00
|
|
|
|
2024-01-20 17:26:43 +01:00
|
|
|
if ($checkStmt->num_rows > 0) {
|
|
|
|
echo "Username or email already exists. Please choose a different one.";
|
|
|
|
} else {
|
|
|
|
// Hash the password
|
|
|
|
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
|
2024-01-20 16:35:03 +01:00
|
|
|
|
2024-01-20 17:26:43 +01:00
|
|
|
// Prepare and execute the SQL query using prepared statements
|
|
|
|
$insertQuery = "INSERT INTO users (username, email, password) VALUES (?, ?, ?)";
|
|
|
|
$insertStmt = $mysqli->prepare($insertQuery);
|
|
|
|
$insertStmt->bind_param("sss", $username, $email, $hashed_password);
|
2024-01-20 16:04:27 +01:00
|
|
|
|
2024-01-20 17:26:43 +01:00
|
|
|
// Execute the statement
|
|
|
|
$result = $insertStmt->execute();
|
2024-01-20 16:35:03 +01:00
|
|
|
|
2024-01-20 17:26:43 +01:00
|
|
|
if ($result) {
|
|
|
|
echo "Registration successful. <a href='pages/login.html'>Login here</a>.";
|
|
|
|
} else {
|
|
|
|
echo "Error: " . $mysqli->error;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Close the statements
|
|
|
|
$insertStmt->close();
|
|
|
|
}
|
|
|
|
|
|
|
|
// Close the statement for checking existing username or email
|
|
|
|
$checkStmt->close();
|
|
|
|
}
|
2024-01-20 17:15:31 +01:00
|
|
|
}
|
2024-01-20 16:04:27 +01:00
|
|
|
}
|
|
|
|
?>
|