<?php
session_start();
$env = parse_ini_file('.env');
$host = $env['DB_HOST'];
$user = $env['DB_USER'];
$pass = $env['DB_PASS'];
$db = $env['DB_NAME'];
$con = mysqli_connect($host, $user, $pass, $db);
if(mysqli_connect_errno()) {
echo "Failed to connect to database: " . mysqli_connect_errno();
}
// Variables declaration to prevent errors
$fname = "";
$lname = "";
$email = "";
$email_conf = "";
$pass = "";
$pass_conf = "";
$date = ""; // Registration Date
$errors = array(); // Used to hold any errors.
if(isset($_POST['register_but'])) {
// Variable Assignments
// *** strip_tags() is used to prevent html injection. *** //
$fname = strip_tags($_POST['reg_fname']); //Sets the value from the forum.
$fname = str_replace(' ', '', $fname); // Removes any spaces.
$fname = ucfirst(strtolower($fname)); // Capitalizes first letter, lowercases the rest.
$_SESSION['reg_fname'] = $fname; // Stores values into session variable.
$lname = strip_tags($_POST['reg_lname']);
$lname = str_replace(' ', '', $lname);
$lname = ucfirst(strtolower($lname));
$_SESSION['reg_lname'] = $lname;
$email = strip_tags($_POST['reg_email']);
$email = str_replace(' ', '', $email);
$email = strtolower($email);
$_SESSION['reg_email'] = $email;
$email_conf = strip_tags($_POST['reg_email_conf']);
$email_conf = str_replace(' ', '', $email_conf);
$email_conf = strtolower($email_conf);
$_SESSION['reg_email_conf'] = $email_conf;
$pass = strip_tags($_POST['reg_pass']);
$pass = str_replace(' ', '', $pass);
$pass_conf = strip_tags($_POST['reg_pass_conf']);
$pass_conf = str_replace(' ', '', $pass_conf);
$date = date("Y-m-d"); // Sets the registration date.
if ($email == $email_conf) {
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
$email = filter_var($email, FILTER_VALIDATE_EMAIL);
$e_check = mysqli_query($con, "SELECT email FROM users WHERE email='$email'");
$num_rows = mysqli_num_rows($e_check);
if ($num_rows > 0) {
array_push($errors, "email_exists");
}
} else {
array_push($errors, "email_invalid");
}
} else {
array_push($errors, "email_mismatch");
}
if (strlen($fname) > 25 || strlen($fname) < 2) {
array_push($errors, "fname_invalid");
}
if (strlen($lname) > 25 || strlen($lname) < 2) {
array_push($errors, "lname_invalid");
}
if ($pass != $pass_conf) {
array_push($errors, "pass_mismatch");
} else {
if(preg_match('/[^A-Za-z0-9]/', $pass)) {
array_push($errors, "pass_invalid_char");
} else {
if (strlen($pass) > 30 || strlen($pass) < 5) {
array_push($errors, "pass_invalid_length");
}
}
}
if (empty($errors)) {
$pass = password_hash($pass, PASSWORD_BCRYPT); // Encrypts password
$username = strtolower($fname . "." . $lname);
$check_username_query = mysqli_query($con, "SELECT username FROM users WHERE username='$username'");
$i = 0;
$temp = $username;
while (mysqli_num_rows($check_username_query) != 0) {
$i++;
$temp = $username . $i;
$check_username_query = mysqli_query($con, "SELECT username FROM users WHERE username='$temp'");
}
if ($i > 0) {
$username = $username . $i;
}
$rand = rand(1,16);
$profile_pic = random_profile_pic($rand);
$query = mysqli_query($con, "INSERT INTO users VALUES (NULL,'$fname','$lname','$username','$email','$pass','$date','$profile_pic','0','0','0',',')");
}
}
function random_profile_pic($rand) {
$profile_pic = "assets/profile_pics/defaults/";
switch ($rand) {
case 1:
$profile_pic = $profile_pic . "head_alizarin.png";
break;
case 2:
$profile_pic = $profile_pic . "head_amethyst.png";
break;
case 3:
$profile_pic = $profile_pic . "head_belize_hole.png";
break;
case 4:
$profile_pic = $profile_pic . "head_carrot.png";
break;
case 5:
$profile_pic = $profile_pic . "head_deep_blue.png";
break;
case 6:
$profile_pic = $profile_pic . "head_emerald.png";
break;
case 7:
$profile_pic = $profile_pic . "head_green_sea.png";
break;
case 8:
$profile_pic = $profile_pic . "head_nephritis.png";
break;
case 9:
$profile_pic = $profile_pic . "head_pete_river.png";
break;
case 10:
$profile_pic = $profile_pic . "head_pomegranate.png";
break;
case 11:
$profile_pic = $profile_pic . "head_pumpkin.png";
break;
case 12:
$profile_pic = $profile_pic . "head_red.png";
break;
case 13:
$profile_pic = $profile_pic . "head_sun_flower.png";
break;
case 14:
$profile_pic = $profile_pic . "head_turqoise.png";
break;
case 15:
$profile_pic = $profile_pic . "head_wet_asphalt.png";
break;
case 16:
$profile_pic = $profile_pic . "head_wistera.png";
break;
}
return $profile_pic;
}
?>
<html>
<head>
<title>Meme Machine</title>
</head>
<body>
<form action="register.php" method="POST">
<input type="text" name="reg_fname" placeholder="First Name"
value ="<?php if(isset($_SESSION['reg_fname'])) {
echo $_SESSION['reg_fname'];
} ?>" required>
<br>
<?php if(in_array("fname_invalid", $errors))
echo "Your first name must be between 2 and 25 characters.<br>"; ?>
<input type="text" name="reg_lname" placeholder="Last Name"
value ="<?php if(isset($_SESSION['reg_lname'])) {
echo $_SESSION['reg_lname'];
} ?>" required>
<br>
<?php if(in_array("lname_invalid", $errors))
echo "Your last name must be between 2 and 25 characters.<br>"; ?>
<input type="email" name="reg_email" placeholder="Email"
value ="<?php if(isset($_SESSION['reg_email'])) {
echo $_SESSION['reg_email'];
} ?>" required>
<br>
<input type="email" name="reg_email_conf" placeholder="Confirm Email"
value ="<?php if(isset($_SESSION['reg_email_conf'])) {
echo $_SESSION['reg_email_conf'];
} ?>" required>
<br>
<?php
if(in_array("email_exists", $errors))
echo "Email already exists.<br>";
else if(in_array("email_invalid", $errors))
echo "Invalid format<br>";
else if(in_array("email_mismatch", $errors))
echo "The email's do not match.<br>";
?>
<input type="password" name="reg_pass" placeholder="Password" required>
<br>
<input type="password" name="reg_pass_conf" placeholder="Confirm Password" required>
<br>
<?php if(in_array("pass_mismatch", $errors))
echo "Your passwords do not match.<br>";
else if(in_array("pass_invalid_char", $errors))
echo "Your password can only contain english characters or numbers.<br>";
else if(in_array("pass_invalid_length", $errors))
echo "Your password must be between 5 and 30 characters.<br>"; ?>
<input type="submit" name="register_but" value="Register">
</form>
</body>
</html>