php-gallery/account/signup.php

197 lines
6.6 KiB
PHP
Raw Normal View History

2022-07-25 15:13:26 +00:00
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
2022-08-03 16:46:50 +00:00
<title>Lynx Gallery</title>
2022-08-09 20:09:20 +00:00
<!-- Stylesheets -->
2022-08-12 16:54:35 +00:00
<link rel="stylesheet" href="../css/main.css">
2022-08-09 20:09:20 +00:00
<link rel="stylesheet" href="../css/normalise.css">
<!-- Google Fonts -->
<link rel="stylesheet" href="https://fonts.googleapis.com/css2?family=Lexend+Deca:wght@600">
<link rel="stylesheet" href="https://fonts.googleapis.com/css2?family=Secular+One&display=swap">
2022-08-03 16:46:50 +00:00
<!-- JQuery -->
2022-08-09 20:09:20 +00:00
<script
src="https://code.jquery.com/jquery-3.6.0.min.js"
integrity="sha256-/xUj+3OJU5yExlq6GSYGSHk7tPXikynS7ogEvDej/m4="
crossorigin="anonymous">
</script>
<!-- Sniffle script! -->
<script src="../Sniffle/sniffle.js"></script>
<link rel='stylesheet' href='../Sniffle/sniffle.css'>
<!-- Flyout script! -->
<script src="../Flyout/flyout.js"></script>
<link rel='stylesheet' href='../Flyout/flyout.css'>
2022-07-25 15:13:26 +00:00
</head>
<body>
<?php
include "../ui/required.php";
2022-08-03 16:46:50 +00:00
include "../ui/nav.php";
2022-07-25 15:13:26 +00:00
// Validate susness of Username
if (isset($_POST['signup'])) {
if (empty(trim($_POST["username"]))) {
// Username was taken
$error = "Enter a username reeeee";
} elseif (!preg_match('/^[a-zA-Z0-9_]+$/', trim($_POST["username"]))) {
2022-07-27 19:13:10 +00:00
// Username entered contains illegal characters
2022-07-25 15:13:26 +00:00
$error = "Very sus. Username can only contain letters, numbers, and underscores";
} else {
// Prepare sql for sus
$sql = "SELECT id FROM users WHERE username = ?";
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "s", $username_request);
$username_request = trim($_POST["username"]);
if (mysqli_stmt_execute($stmt)) {
// Ask sql nicely if other usernames exist and store info
mysqli_stmt_store_result($stmt);
if (mysqli_stmt_num_rows($stmt) == 1) {
// Username not entered
$error = "Oopsie, username taken :c";
} else {
$username = trim($_POST["username"]);
}
} else {
$error = "Sussy things happened on our end, please try again later";
}
// Outa here with this
mysqli_stmt_close($stmt);
}
}
// Validate sussness of Password
if (empty(trim($_POST["password"]))) {
// No password entered
$error = "Bruh, enter a password";
} elseif(strlen(trim($_POST["password"])) < 6){
// Password not long enough 👀
$error = "(Password) Not long enough 👀";
} else {
$password = trim($_POST["password"]);
}
// Validate sussiness of the other Password
if (empty(trim($_POST["confirm_password"]))) {
// Did not confirm passowrd
$error = "You must confirm password!!!!!";
} else {
$confirm_password = trim($_POST["confirm_password"]);
if (empty($error) && $confirm_password != $password) {
// Password and re-entered Password does not match
$error = "Passwords need to be the same, smelly smelly";
}
}
2022-07-25 17:28:55 +00:00
// Check for invite code
2022-07-27 18:47:19 +00:00
if (isset($_POST['token'])) {
// Check if invite code is empty
if (empty($_POST['token'])) {
$error = "Enter Invite Code ;3";
} else {
// Prepare sql for sus
$sql = "SELECT id FROM tokens WHERE code = ? AND used = 0";
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "s", $param_code);
$param_code = $_POST['token'];
// Ask sql nicely if other usernames exist and store info
if (mysqli_stmt_execute($stmt)) {
mysqli_stmt_store_result($stmt);
if (mysqli_stmt_num_rows($stmt) == 1) {
$token = trim($_POST["token"]);
} else {
$error = "Invite code not valid";
}
} else {
$error = "Sussy things happened on our end and couldn't check token";
}
// Outa here with this
mysqli_stmt_close($stmt);
}
2022-07-25 17:28:55 +00:00
}
}
2022-07-25 15:13:26 +00:00
// Checking for errors
if (empty($error)) {
$sql = "INSERT INTO users (username, password) VALUES (?, ?)";
if ($stmt = mysqli_prepare($conn, $sql)) {
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "ss", $param_username, $param_password);
// Set parameters
$param_username = $username;
$param_password = password_hash($password, PASSWORD_DEFAULT);
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
2022-07-27 18:47:19 +00:00
// Prepare sql
$sql = "UPDATE tokens SET used = True WHERE code = ?";
$stmt = mysqli_prepare($conn, $sql);
mysqli_stmt_bind_param($stmt, "s", $param_token);
$param_token = $_POST['token'];
if (mysqli_stmt_execute($stmt)) {
//
// Hey fluffy why didn't you do this
// Hey fluffy, thats not how you do this
// Thats wrong! Do this instead!!!!!!
//
// I DON'T KNOW HOW TO DO THIS, BUT IT WORKS
// SO LEAVE ME ALONEEEEEEEEEE
// anyway....
// Generate Token
$token_array = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890abcdefghijklmnopqrstuvwxyz';
$new_token = substr(str_shuffle($token_array), 0, 10);
// Prepare sql
$sql = "INSERT INTO tokens (code, used) VALUES(?, False)";
$stmt = mysqli_prepare($conn, $sql);
mysqli_stmt_bind_param($stmt, "s", $param_new_token);
$param_new_token = $new_token;
mysqli_stmt_execute($stmt);
}
// Yupeee! Account was made
2022-07-25 15:13:26 +00:00
$success = "Account made for ".$username."!!!!!!";
} else {
$error = "Something went fuckywucky, please try later";
}
}
}
}
?>
2022-08-12 16:54:35 +00:00
<div class="signup-root">
<h2>Make account</h2>
<p>And amazing things happened here...</p>
<br>
<form method="POST" action="signup.php" enctype="multipart/form-data">
<input class="btn btn-neutral" type="text" name="username" placeholder="Username">
<br>
<input class="btn btn-neutral" type="password" name="password" placeholder="Password">
<input class="btn btn-neutral" type="password" name="confirm_password" placeholder="Re-enter Password">
<br>
<input class="btn btn-neutral" type="text" name="token" placeholder="Invite Code">
<br>
<button class="btn btn-good" type="submit" name="signup"><img class="svg" src="../assets/icons/sign-in.svg">Sign Up</button>
2022-07-25 15:13:26 +00:00
</form>
</div>
<?php include "../ui/footer.php"; ?>
2022-07-25 15:13:26 +00:00
</body>
</html>