1 <?php
2 session_start();
3
4 if (isset($_POST['submit'])) {
5
6 $dbServername = "localhost";
7 $dbUsername = "root";
8 $dbPassword = "password";
9 $dbName = "test";
10
11 $conn = mysqli_connect($dbServername, $dbUsername, $dbPassword, $dbName) or die('Error database signup');
12
13 $first = mysqli_real_escape_string($conn, $_POST['first']);
14 $last = mysqli_real_escape_string($conn, $_POST['last']);
15 $age = mysqli_real_escape_string($conn, $_POST['age']);
16 $email = mysqli_real_escape_string($conn, $_POST['email']);
17 $uid = mysqli_real_escape_string($conn, $_POST['uid']);
18 $pwd = mysqli_real_escape_string($conn, $_POST['pwd']);
19 $phone = mysqli_real_escape_string($conn, $_POST['phone']);
20
21 //Error handlers
22 //Check for empty fields
23 if (empty($first) || empty($last) || empty($email) || empty($uid) || empty($pwd) || empty($age) || empty($phone))
24 {
25 header("Location: ../signup.php?signup=empty");
26 $_SESSION['emptys'] = "One or more fields were left empty.<br>Please fill all details.";
27 exit();
28 }
29 else
30 {
31 //Check if input characters are valid
32 if (!preg_match("/^[a-zA-Z]*$/", $first) || !preg_match("/^[a-zA-Z]*$/", $last))
33 {
34 header("Location: ../signup.php?signup=invalid");
35 $_SESSION['invalid'] = "Ivalid entry(s) detected.<br>Please enter valid details.";
36 exit();
37 }
38 else
39 {
40 //Check if email is valid
41 if (!filter_var($email, FILTER_VALIDATE_EMAIL))
42 {
43 header("Location: ../signup.php?signup=email");
44 $_SESSION['invalid'] = "Ivalid entry(s) detected.<br>Please enter valid details.";
45 exit();
46 }
47 elseif ($age<15)
48 {
49 header("Location: ../signup.php?signup=age");
50 $_SESSION['age'] = "Sorry.<br>You should be 15 or above to register.";
51 exit();
52 }
53 elseif (!preg_match('/^[0-9]*$/', $phone) || strlen($phone)!=10)
54 {
55 header("Location: ../signup.php?signup=phone");
56 $_SESSION['phone'] = "Please enter a valid phone number.";
57 exit();
58 }
59 else
60 {
61 $sql = "SELECT * FROM users WHERE uname='$uid'";
62 $result = mysqli_query($conn, $sql);
63 $resultCheck = mysqli_num_rows($result);
64
65 if ($resultCheck > 0)
66 {
67 header("Location: ../signup.php?signup=usertaken");
68 $_SESSION['usertaken'] = "This username is already in use.<br>Please try with a different username.";
69 exit();
70 }
71 else
72 {
73 //Hashing the password
74 $hashedPwd = password_hash($pwd, PASSWORD_DEFAULT);
75 //Insert the user into the database
76 $sql = "INSERT INTO users (fname,lname,age,email,phone,uname,pwd) VALUES ('$first', '$last','$age', '$email','$phone', '$uid', '$hashedPwd')";
77 mysqli_query($conn, $sql) or die ('Insert error');
78 header("Location: ../signup.php?signup=success");
79 $_SESSION['success'] = "Signup successfull.<br>Login to continue.";
80 exit();
81 }
82 }
83 }
84 }
85
86 }
87 elseif (isset($_POST['submit1'])) {
88
89 $dbServername = "localhost";
90 $dbUsername = "root";
91 $dbPassword = "password";
92 $dbName = "test";
93
94 $conn = mysqli_connect($dbServername, $dbUsername, $dbPassword, $dbName);
95
96 $first = mysqli_real_escape_string($conn, $_POST['first']);
97 $last = mysqli_real_escape_string($conn, $_POST['last']);
98 $age = mysqli_real_escape_string($conn, $_POST['age']);
99 $email = mysqli_real_escape_string($conn, $_POST['email']);
100 $uid = mysqli_real_escape_string($conn, $_POST['uid']);
101 $pwd = mysqli_real_escape_string($conn, $_POST['pwd']);
102 $phone = mysqli_real_escape_string($conn, $_POST['phone']);
103
104 //Error handlers
105 //Check for empty fields
106 if (empty($first) || empty($last) || empty($email) || empty($uid) || empty($pwd) || empty($age) || empty($phone))
107 {
108 header("Location: ../details.php?change=empty");
109 $_SESSION['emptys'] = "One or more fields were left empty.<br>Please fill all details.";
110 exit();
111 }
112 else
113 {
114 //Check if input characters are valid
115 if (!preg_match("/^[a-zA-Z]*$/", $first) || !preg_match("/^[a-zA-Z]*$/", $last))
116 {
117 header("Location: ../details.php?change=name");
118 $_SESSION['invalid'] = "Ivalid entry(s) detected.<br>Please enter valid details.";
119 exit();
120 }
121 else
122 {
123 //Check if email is valid
124 if (!filter_var($email, FILTER_VALIDATE_EMAIL))
125 {
126 header("Location: ../details.php?change=email");
127 $_SESSION['invalid'] = "Ivalid entry(s) detected.<br>Please enter valid details.";
128 exit();
129 }
130 elseif ($age<15)
131 {
132 header("Location: ../details.php?change=age");
133 $_SESSION['age1'] = "Sorry.<br>You should be 15 or above.";
134 exit();
135 }
136 elseif (!preg_match('/^[0-9]*$/', $phone) || strlen($phone)!=10)
137 {
138 header("Location: ../details.php?change=phone");
139 $_SESSION['phone1'] = "Please enter a valid phone number.";
140 exit();
141 }
142
143 elseif($uid!=$_SESSION['u_uid'])
144 {
145 $sql = "SELECT * FROM users WHERE uname='$uid'";
146 mysqli_query($conn, $sql)or die('error usertaken change');
147 $result = mysqli_query($conn, $sql);
148 $resultCheck = mysqli_num_rows($result);
149
150 if ($resultCheck > 0)
151 {
152 header("Location: ../details.php?change=usertaken");
153 $_SESSION['usertaken'] = "This username is already in use.<br>Please try with a different username.";
154 exit();
155 }
156 }
157
158 else
159 {
160 //Hashing the password
161 $hashedPwd = password_hash($pwd, PASSWORD_DEFAULT);
162 //Insert the user into the database
163 $sql = "UPDATE `users` SET `fname` = '$first', `lname` = '$last', `age` = '$age', `phone` = '$phone', `email` = '$email', `uname` = '$uid',`pwd` ='$hashedPwd' WHERE `users`.`id` ='".$_SESSION['u_id']."'";
164 mysqli_query($conn, $sql) or die ('Change error');
165 header("Location: ../index1.php?change=success");
166 $_SESSION['success1'] = "Details changed successfully.<br>Please Logout and Login again to continue.";
167 exit();
168 }
169
170 }
171 }
172
173 }
174
175
176 else
177 {
178 header("Location: ../users.php");
179 exit();
180 }