Turner/Social-Network
1
0
Fork 0
Code Issues 5 Pull Requests Packages Projects 2 Releases Wiki Activity
dev
Social-Network/includes/form_handlers/register_handler.php

188 lines
6.1 KiB
PHP
Raw Permalink Normal View History

Migrated to Dev Branch, Implemented SQLI pretection and Login/Registration.
2024-01-26 01:53:21 +00:00
<?php
// Variables declaration to prevent errors
$fname = "";
$lname = "";
$email = "";
$email_conf = "";
$pass = "";
$pass_conf = "";
$date = ""; // Registration Date
$errors = array(); // Used to hold any errors.
if(isset($_POST['register_but'])) {
// Variable Assignments
// *** strip_tags() is used to prevent html injection. *** //
$fname = strip_tags($_POST['reg_fname']); //Sets the value from the forum.
$fname = str_replace(' ', '', $fname); // Removes any spaces.
$fname = ucfirst(strtolower($fname)); // Capitalizes first letter, lowercases the rest.
$_SESSION['reg_fname'] = $fname; // Stores values into session variable.
$lname = strip_tags($_POST['reg_lname']);
$lname = str_replace(' ', '', $lname);
$lname = ucfirst(strtolower($lname));
$_SESSION['reg_lname'] = $lname;
$email = strip_tags($_POST['reg_email']);
$email = str_replace(' ', '', $email);
$email = strtolower($email);
$_SESSION['reg_email'] = $email;
$email_conf = strip_tags($_POST['reg_email_conf']);
$email_conf = str_replace(' ', '', $email_conf);
$email_conf = strtolower($email_conf);
$_SESSION['reg_email_conf'] = $email_conf;
$pass = strip_tags($_POST['reg_pass']);
$pass = str_replace(' ', '', $pass);
$pass_conf = strip_tags($_POST['reg_pass_conf']);
$pass_conf = str_replace(' ', '', $pass_conf);
$date = date("Y-m-d"); // Sets the registration date.
if ($email == $email_conf) {
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
$email = filter_var($email, FILTER_VALIDATE_EMAIL);
$username_check = $con->prepare("SELECT COUNT(*) FROM users WHERE email = ?");
$username_check->bind_param("s", $email);
$username_check->bind_result($num_rows);
$username_check->execute();
$username_check->fetch();
if ($num_rows > 0) {
array_push($errors, "email_exists");
}
} else {
array_push($errors, "email_invalid");
}
} else {
array_push($errors, "email_mismatch");
}
if (strlen($fname) > 25 || strlen($fname) < 2) {
array_push($errors, "fname_invalid");
}
if (strlen($lname) > 25 || strlen($lname) < 2) {
array_push($errors, "lname_invalid");
}
if ($pass != $pass_conf) {
array_push($errors, "pass_mismatch");
} else {
if(preg_match('/[^A-Za-z0-9]/', $pass)) {
array_push($errors, "pass_invalid_char");
} else {
if (strlen($pass) > 30 || strlen($pass) < 5) {
array_push($errors, "pass_invalid_length");
}
}
}
if (!file_exists('debug/logs')) {
mkdir('debug/logs', 0755, true); // Create recursively with appropriate permissions
}
if (empty($errors)) {
$pass = password_hash($pass, PASSWORD_BCRYPT); // Encrypts password
$username = strtolower($fname . "." . $lname);
$username_check = $con->prepare("SELECT COUNT(*) FROM users WHERE username = ?");
$temp = $username;
$username_check->bind_param("s", $temp);
$username_check->bind_result($count);
$username_check->execute();
$username_check->fetch();
$i = 0;
while ($count == 1) {
$i++;
$temp = $username;
if ($i > 0) {
$temp .= $i; // Use string concatenation directly with .=
}
$username_check->bind_param("s", $temp);
$username_check->bind_result($count);
$username_check->execute();
$username_check->fetch();
error_log("\nCounter=$i\nTemp = $temp\nNum Of Names: $count", 3, 'debug/logs/register_error.log');
}
if ($i > 0) {
$username = $username . $i;
}
$username_check->close();
$rand = rand(1,16);
$profile_pic = random_profile_pic($rand);
$create_user = $con->prepare("INSERT INTO users VALUES (NULL,?,?,?,?,?,?,?,'0','0','0',',')");
$create_user->bind_param("sssssss", $fname,$lname,$username,$email,$pass,$date,$profile_pic);
$create_user->execute();
$create_user->close();
array_push($errors, "<span style='color: #14C800;'>You're all set! Go ahead and login!</span><br>");
$_SESSION['reg_fname'] = "";
$_SESSION['reg_lname'] = "";
$_SESSION['reg_email'] = "";
$_SESSION['reg_email_conf'] = "";
}
}
function random_profile_pic($rand) {
$profile_pic = "assets/profile_pics/defaults/";
switch ($rand) {
case 1:
$profile_pic = $profile_pic . "head_alizarin.png";
break;
case 2:
$profile_pic = $profile_pic . "head_amethyst.png";
break;
case 3:
$profile_pic = $profile_pic . "head_belize_hole.png";
break;
case 4:
$profile_pic = $profile_pic . "head_carrot.png";
break;
case 5:
$profile_pic = $profile_pic . "head_deep_blue.png";
break;
case 6:
$profile_pic = $profile_pic . "head_emerald.png";
break;
case 7:
$profile_pic = $profile_pic . "head_green_sea.png";
break;
case 8:
$profile_pic = $profile_pic . "head_nephritis.png";
break;
case 9:
$profile_pic = $profile_pic . "head_pete_river.png";
break;
case 10:
$profile_pic = $profile_pic . "head_pomegranate.png";
break;
case 11:
$profile_pic = $profile_pic . "head_pumpkin.png";
break;
case 12:
$profile_pic = $profile_pic . "head_red.png";
break;
case 13:
$profile_pic = $profile_pic . "head_sun_flower.png";
break;
case 14:
$profile_pic = $profile_pic . "head_turqoise.png";
break;
case 15:
$profile_pic = $profile_pic . "head_wet_asphalt.png";
break;
case 16:
$profile_pic = $profile_pic . "head_wistera.png";
break;
}
return $profile_pic;
}
?>
Reference in New Issue Copy Permalink