<?php include 'db.php'; session_start(); require 'clearDataFunctions.php'; if (isset($_POST['email'])) { $email = $_POST['email']; customUnset($email); } if (isset($_POST['password'])) { $password = $_POST['password']; customUnset($password); } clearString($email); clearString($password); $password = md5($password); //md5 hashing $result = mysqli_query($link, "SELECT * FROM user_profile WHERE email='{$email}'"); $myrow = mysqli_fetch_array($result); if ($myrow['password'] == $password) { $_SESSION['fname'] = $myrow['fname']; $_SESSION['lname'] = $myrow['lname']; $_SESSION['email'] = $myrow['email']; $_SESSION['id'] = $myrow['id']; } header('Location: index.php');
} if (isset($_POST['password'])) { $password = $_POST['password']; customUnset($password); } if (isset($_POST['password_confirm'])) { $password_confirm = $_POST['password_confirm']; customUnset($password_confirm); } if (isset($_POST['fname'])) { $fname = $_POST['fname']; customUnset($fname); } if (isset($_POST['lname'])) { $lname = $_POST['lname']; customUnset($lname); } clearString($fname); clearString($lname); clearString($password); clearString($password_confirm); clearString($email); $resultSel = mysqli_query($link, "SELECT id FROM user_profile WHERE email='{$email}'"); $myrow = mysqli_fetch_array($resultSel); if (!empty($myrow['id'])) { exit("Извините, введённый вами логин уже зарегистрирован. Введите другой логин."); } $date = getdate(date("U")); $dateStr = $date[mday] . '/' . $date[mon] . '/' . $date[year]; $password = md5($password); $resultIns = mysqli_query($link, "INSERT INTO user_profile (email,password,fname,lname,registration_date, status) VALUES('{$email}','{$password}','{$fname}','{$lname}','{$dateStr}', 0)");