<?php // Connect to Phpmyadmin database localhost. $hostname = "localhost";//"";127.0.0.1 $username = "root"; $password = "password";//"password"; $dbname = "test"; $conn = new mysqli($hostname, $username, $password, $dbname); if($conn -> connect_error) { die("Connection failed: " . $conn -> connect_error); } // USED to CHANGE the db. - (mysqli_select_db($con, "test") or die()); /* Check to make all fields entered -make sure submitted- #2*/ if(isset($_POST["register"])) { if(!$_POST["email"] | !$_POST["password"] | !$_POST["password2"]) { die("You did not fill in all the fields"); } /* do escape strings for SQL injection */ $emailsafe = mysqli_real_escape_string($conn, $_POST["email"]); $passsafe = mysqli_real_escape_string($conn, $_POST["password"]); $pass2safe = mysqli_real_escape_string($conn, $_POST["password2"]); /* Check and see if email EXISTS in db. */ /* Insert email in db if does not exist */ $sql = "SELECT email FROM users WHERE email = '$emailsafe'";//limit 1 $result = $conn->query($sql) or die("invalid email check " . mysqli_error($conn)); $numrows = mysqli_num_rows($result); if($numrows != 0) { die("Sorry the email " . $_POST["email"] . "is already in use"); } // check if passwords both match if($_POST["password"] != $_POST["password2"]) { die("Passwords did NOT match"); } // if passwords match encrypt $hashedpass = password_hash($passsafe, PASSWORD_DEFAULT); // With everything escaped and hashed INSERT into db. $sqlINSERT = "INSERT INTO users(email, password) " . "VALUES('" . $emailsafe ."','". $hashedpass ."')"; if($query = $conn->query($sqlINSERT)=== TRUE) { echo '<script type="text/javascript">alert("Successfully INSERTed");</script>'; } else { die("Unsuccessful"); } $conn->close(); ?>
var
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)