<?php include_once '../functions.php'; include_once '../db_connect.php'; sec_session_start(); if (isset($_POST['school_name'], $_POST['location'])) { echo createSchool($mysqli, $_POST['school_name'], $_POST['location']); } else { echo "error"; header("HTTP/1.0 500 Internal Server Error"); exit; }
$user = $_SESSION['db_user']; $pass = $_SESSION['db_pass']; $db = $_SESSION['db_name']; $connectionString = sprintf('mysql:host=%s;port=%d;dbname=%s', $host, $port, $db); if (!empty($_POST) && isset($_POST['createUser'])) { $acctUser = $_POST['username']; $acctPass1 = $_POST['password1']; $acctPass2 = $_POST['password2']; $schoolName = $_POST['school_name']; $schoolCode = $_POST['school_code']; if (!empty($acctPass1) && $acctPass1 === $acctPass2) { if (!empty($schoolName)) { try { $pdo = new PDO($connectionString, $user, $pass); createUser($pdo, $acctUser, $acctPass1); createSchool($pdo, $schoolName, $schoolCode); $_SESSION['username'] = $acctUser; $_SESSION['password'] = $acctPass1; header('Location: ' . $url . '?step=5'); } catch (PDOException $ex) { $_SESSION['error'] = $ex->getMessage(); header('Location: ' . $url . '?step=4'); } } else { $_SESSION['error'] = 'Please enter your school name.'; header('Location: ' . $url . '?step=4'); } } else { $_SESSION['error'] = 'Your account passwords do not match.'; header('Location: ' . $url . '?step=4'); }