-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsignup_process.php
245 lines (202 loc) · 6.97 KB
/
signup_process.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
<html>
<head>
<title>Poodle</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<?php include "master.php"; ?>
</head>
<body>
<br><br><br><br><br><br>
<?php
require('PHPMailer-master/vendor/autoload.php');
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\SMTP;
use PHPMailer\PHPMailer\Exception;
session_start();
// initializing variables
$name=$mail=$mobile=$uId=$pwd="";
//Validations
if($_SERVER["REQUEST_METHOD"]=="POST")
{
if(empty($_POST["name"]))
{
header('Location:./signup.php?error=Name is required');
exit();
}
else
{
$name=test($_POST["name"]);
if(!preg_match("/^[a-zA-Z ]*$/",$name))
{
header('Location:./signup.php?error=Only letters and white space are allowed for the name');
exit();
}
}
if(empty($_POST["email"]))
{
header('Location:./signup.html?error=Email is required');
exit();
}
else
{
$mail=test($_POST["email"]);
if(!filter_var($mail, FILTER_VALIDATE_EMAIL))
{
header('Location:./signup.php?error=Invalid email format');
exit();
}
}
if(empty($_POST["phone"]))
{
$mobile="";
}
else
{
$mobile=test($_POST["phone"]);
//if(!filter_var($mobile,"/^[0-9]*$/")||$mobile.length!=10)
if(!preg_match('/^[0-9]{3}[0-9]{3}[0-9]{4}$/',$mobile))
{
header('Location:./signup.php?error=Invalid phone number');
exit();
}
}
if(empty($_POST["username"]))
{
header('Location:./signup.php?error=Username is required');
exit();
}
else
{
$uId=test($_POST["username"]);
if(!preg_match("/^[a-zA-Z0-9 ]*$/",$name))
{
header('Location:./signup.php?error=Username must contain letters and/or digits only');
exit();
}
}
if(empty($_POST["password"]))
{
header('Location:./signup.php?error=wrong password');
exit();
}
else
{
$pwd=test($_POST["password"]);
//if(!preg_match("/^[a-zA-Z0-9]*$/",$pwd))
if(!preg_match("/^[a-zA-Z0-9]*$/",$pwd)||strlen($pwd)<8)
{
header('Location:./signup.php?error=Password must have digits and/or letters only and must be at least 8 characters long');
exit();
}
}
$repwd=test($_POST["repassword"]);
if(!strcmp($pwd,$repwd)==0) {
header('Location:./signup.php?error=password not match');
exit();
}
}
//PHP mailer
//database connection
$servername="localhost";
$username="admin";
$pass="monarchs";
$db="userlog";
$captcha;
$secretKey = "6LeNucEUAAAAAHUiE8ChOsEMDBJ7A96uspDHj5Jt";
// connect to the database
$conn=mysqli_connect($servername,$username,$pass,$db);
if($conn->connect_error){
die("Connection failed:".$conn->connect_error);
}
else echo"Successfully connected to the database!<br>";
if(isset($_POST['g-recaptcha-response'])){
$captcha=$_POST['g-recaptcha-response'];}
if(!$captcha){
header('Location:./login.php?error=Captcha Not Verified, Please Check');
exit();
}
$secretKey = "6LeNucEUAAAAAHUiE8ChOsEMDBJ7A96uspDHj5Jt";
$ip = $_SERVER['REMOTE_ADDR'];
// post request to server
$url = 'https://www.google.com/recaptcha/api/siteverify?secret=' . urlencode($secretKey) . '&response=' . urlencode($captcha);
$response = file_get_contents($url);
$responseKeys = json_decode($response,true);
// should return JSON with success as true
if($responseKeys["success"]) {
$query = "SELECT * FROM users WHERE email='$mail'";
$result = $conn->query($query);
if ($result->num_rows>0) {
//Email is taken
header('Location:./signup.php?error=Email is already used. Please try another one or <a href="login.php">Login</a> here if you already have an account.');
exit();
}
$query = "SELECT * FROM users WHERE mobile='$mobile'";
$result = $conn->query($query);
if ($result->num_rows>0) {
//Mobile is taken
header('Location:./signup.php?error=Mobile number is already used. Please check again!');
exit();
}
$query = "SELECT * FROM users WHERE uname='$uId'";
$result = $conn->query($query);
if ($result->num_rows>0) {
//Username is taken
header('Location:./signup.php?error=Username is already in use. Please try again using a different username!');
exit();
}
// REGISTER USER
$name = mysqli_real_escape_string($conn, $_POST['name']);
$mail = mysqli_real_escape_string($conn, $_POST['email']);
$mobile= mysqli_real_escape_string($conn, $_POST['phone']);
$uId= mysqli_real_escape_string($conn, $_POST['username']);
$pwd= mysqli_real_escape_string($conn, $_POST['password']);
$hash = password_hash($pwd, PASSWORD_BCRYPT);
$reset_token=md5($mail);
$sql="INSERT INTO users (name,email,mobile,uname,password,reset_token) VALUES('$name','$mail', '$mobile','$uId','$hash', '$mail')";
if($conn->query($sql)==TRUE)
{
$message = "<p>Please click the link below to activate your account</p>";
$message .= "<a href='http://localhost/Poodle.com/login.php?email=$mail&reset_token=$reset_token'>";
$message .= "Activate Account";
$message .= "</a>";
function send_mail($to, $subject, $message)
{
$mail = new PHPMailer(true);
try {
//Server settings
$mail->SMTPDebug = 0; // Enable verbose debug output
$mail->isSMTP(); // Set mailer to use SMTP
$mail->Host = 'smtp.gmail.com;'; // Specify main and backup SMTP servers
$mail->SMTPAuth = true; // Enable SMTP authentication
$mail->Username = '[email protected]'; // SMTP username
$mail->Password = 'doodle4poodle*'; // SMTP password
$mail->SMTPSecure = 'tls'; // Enable TLS encryption, `ssl` also accepted
$mail->Port = 587; // TCP port to connect to
$mail->setFrom('[email protected]', 'Poodle.com');
//Recipients
$mail->addAddress($to);
// Content
$mail->isHTML(true); // Set email format to HTML
$mail->Subject = $subject;
$mail->Body = $message;
$mail->send();
echo 'Message has been sent. Please check your email to activate your account.';
} catch (Exception $e) {
echo "Message could not be sent. Mailer Error: {$mail->ErrorInfo}";
}
}
send_mail($mail, "Confirmation Email", $message);
//echo"You have successfully registered<br>";
//echo'Now to complete the process,<a href="login.php">click here</a> to login';
}
else echo"Error:".$sql."<br>".$conn->error;
}
else {
echo '<h2>You are robot !</h2>';
}
$conn->close();
?>
<footer id="foot01"></footer>
</body>
<script>document.getElementById("foot01").innerHTML = "<p>© " + new Date().getFullYear() + " Poodle.com | All rights reserved.</p>";
</script>
</html>