function pp_register($userName, $userPass, $userMail) { if (empty($userName) || empty($userPass) || empty($userMail)) { return false; } $link = pp_connect(); if ($link) { $sql = "SELECT userId FROM " . PP_TABLE_USER . " WHERE userName='******' OR userEmail='" . mysqli_real_escape_string($link, $userMail) . "'"; $result = mysqli_query($link, $sql); if (mysqli_fetch_assoc($result)) { echo "<p>This username or email is already registered!</p>"; return false; } $sql = "INSERT INTO " . PP_TABLE_USER . " VALUES(" . "NULL" . ", " . "'" . mysqli_real_escape_string($link, $userName) . "', " . "'" . mysqli_real_escape_string($link, password_hash($userPass, PASSWORD_DEFAULT)) . "', " . "'" . "user" . "', " . "'" . mysqli_real_escape_string($link, $userMail) . "', " . "'" . mysqli_real_escape_string($link, pp_generate_user_token()) . "', " . "0)"; $result = mysqli_query($link, $sql); if ($result) { $newUserId = mysqli_insert_id($link); //Create menu and page; $newPageId = pp_create_page($newUserId, "My First Page", "<h2>Page by " . $userName . "</h2>"); $newMenuId = pp_create_menu($newUserId, "My Menu"); pp_create_menu_item($newMenuId, $newPageId); pp_set_active_menu($newUserId, $newMenuId); return true; } else { echo "<p>An error occured registering a new user</p>"; echo "<p>" . mysqli_error($link) . "</p>"; } } return false; }
<?php if (isset($_SESSION['user']['userId'])) { echo '<p><a href="?page=admin">Back to admin panel</a></p>'; echo '<h2>Your pages</h2>'; if (isset($_POST['submit'])) { $name = filter_input(INPUT_POST, "name"); $content = filter_input(INPUT_POST, "content"); if (!empty($name) && !empty($content)) { $pageId = pp_create_page($_SESSION['user']['userId'], $name, $content); if ($pageId) { echo "<p>Your page was created! (id:" . $pageId . ")</p>"; } } } $pageData = pp_get_user_pages($_SESSION['user']['userId']); if ($pageData) { echo '<table>'; echo '<tr><th rel="col" class="align_left">Page name</th><th rel="col">Page id</th><th rel="col">Delete page</th></tr>'; foreach ($pageData as $data) { echo "<tr>\n"; echo '<td class="align_left"><a href="?page=editpage¶m=' . $data['pageId'] . '">' . $data['pageName'] . '</a></td>'; echo '<td>' . $data['pageId'] . '</td>'; echo '<td><a href="?page=shredpage¶m=' . $data['pageId'] . '">delete</a></td>'; echo "</tr>\n"; } echo '</table>'; } else { echo "<p>You don't seem to have any pages</p>"; } ?>