Source<?php # Script 9.3 - register.php
// This script performs an INSERT query to add a record to the users table.
//
include (CHAPTER_PATH.'/'.$chapter.'/includes/9.1.php');
// check if form has been submitted
if($_SERVER['REQUEST_METHOD'] == 'POST') {
// create error array
$errors = array();
// check each field for validity, assign error message if fails
// first_name
if (empty($_POST['first_name'])) {
$errors['fn'] = 'You forgot to enter your first name.';
} else {
$fn = trim($_POST['first_name']);
}
// last_name
if (empty($_POST['last_name'])) {
$errors['ln'] = 'You forgot to enter your last name.';
} else {
$ln = trim($_POST['last_name']);
}
// email
if (empty($_POST['email'])) {
$errors['e'] = 'You forgot to enter your email address.';
} else {
$e = trim($_POST['email']);
}
// pass1==pass2
if (!empty($_POST['pass1'])) {
if ($_POST['pass1'] != $_POST['pass2']) {
$errors['p2'] = 'Your passwords do not match.';
} else {
$p = trim($_POST['pass1']);
}
} else {
$errors['p1'] = 'You forgot to enter your password.';
}
if(empty($errors)) { // if no errors
// connect to db
require(CONNECT);
// build query
$q= "INSERT INTO site_users (first_name,last_name,email,pass,registration_date) VALUES ('$fn','$ln','$e',SHA1('$p'),NOW())";
// submit data
$r= mysqli_query($link,$q);
if($r) {
// data successfully inserted
$message = "<h2>Thank you!</h2><p>Your name has been added to our list of users!</p>";
} else {
// error - data not inserted
$message = "<h2>System Error</h2><p class='error'>Your information could not be added to our database.<br />We apologize for any inconvenience, please <a href='javascript:history.back()'>try again</a>.</p>";
$message .= '<p><span class="content-caption">Debugging information</span>Error message: <br />'.mysqli_error($link).'<br /><br />Query: <br />'. $q .'</p>';
}
//disconnect from db
require(DISCONNECT);
// provide feedback from submission
echo '<div id="content" class="message">'.$message.'</div>';
// include footer
include (CHAPTER_PATH.'/'.$chapter.'/includes/9.2.php');
// exit script - do not redisplay form
exit();
} else {
// show feedback about errors on submission
echo "<div class='error-message error'><h2>Error</h2><p>Your information could not be processed. <br />Please resubmit your data after correcting the highlighted errors.</p></div>";
}
}
// begin form output. if submitted with errors - include original submission values with error messages
echo "<div id='content'>";
?>
<h1>Register</h1>
<form action="" method="post">
<p>
<label for='fn'>First Name: </label>
<input type="text" id='fn' name="first_name" size="15" maxlength="20" value="<?php if (isset($_POST['first_name'])) echo $_POST['first_name']; ?>" />
<?php echo (isset($errors['fn']))?'<span class="error">'.$errors['fn'].'</span>' : ''; ?>
</p>
<p>
<label for='ln'>Last Name: </label>
<input type="text" id='ln' name="last_name" size="15" maxlength="40" value="<?php if (isset($_POST['last_name'])) echo $_POST['last_name']; ?>" />
<?php echo (isset($errors['ln']))?'<span class="error">'.$errors['ln'].'</span>' : ''; ?></p>
<p>
<label for='e'>Email Address: </label>
<input type="text" id='e' name="email" size="20" maxlength="60" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" />
<?php echo (isset($errors['e']))?'<span class="error">'.$errors['e'].'</span>' : ''; ?>
</p>
<p>
<label for='p1'>Password: </label>
<input type="password" id='p1' name="pass1" size="10" maxlength="20" value="<?php if (isset($_POST['pass1'])) echo $_POST['pass1']; ?>" />
<?php echo (isset($errors['p1']))?'<span class="error">'.$errors['p1'].'</span>' : ''; ?>
</p>
<p>
<label for='p2'>Confirm Password: </label>
<input type="password" id='p2' name="pass2" size="10" maxlength="20" value="<?php if (isset($_POST['pass2'])) echo $_POST['pass2']; ?>" />
<?php echo (isset($errors['p2']))?'<span class="error">'.$errors['p2'].'</span>' : ''; ?>
</p>
<p>
<input type="submit" name="submit" value="Register" />
</p>
</form>
<?php
echo "</div>";
include (CHAPTER_PATH.'/'.$chapter.'/includes/9.2.php');
?>