forked from arjaylc/PLDT
/
check_register.php
66 lines (55 loc) · 1.97 KB
/
check_register.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
<?php
require_once('includes/database_master.inc.php');
require_once('includes/page_master.inc.php');
require_once('includes/session_master.inc.php');
$database_master = new DatabaseMaster();
$page_master = new PageMaster();
$session_master = new SessionMaster();
$idNo = $_POST['idno'];
$idNo = $database_master->escapeString($idNo);
$firstName = $_POST['firstname'];
$firstName = $database_master->escapeString($firstName);
$lastName = $_POST['lastname'];
$lastName = $database_master->escapeString($lastName);
$password = $_POST['password'];
$password = $database_master->escapeString($password);
$repass = $_POST['repass'];
$repass = $database_master->escapeString($repass);
$user_type = $_POST['user_type'];
$user_type = $database_master->escapeString($user_type);
$office = $_POST['office'];
$office = $database_master->escapeString($office);
$position = $_POST['position'];
$position = $database_master->escapeString($position);
$redirectPage = 'index.php?';
if(!$database_master->checkIdNo($idNo)){
$errors['idNo'] = $idNo;
$redirectPage.='id='.$idNo;
}
if($password!=$repass){
$errors['password'] = "nomatch";
$redirectPage.='&password=nomatch';
}
if(empty($idNo)||empty($password)||empty($repass)||empty($user_type)||empty($position)){
$errors['empty'] = "true";
$redirectPage.='&error=empty';
}
if(!$database_master->checkUser_type($user_type)){
$errors['user_type'] = $user_type;
$redirectPage.='&user_type='.$user_type;
}
if(!$database_master->checkOffice($office)){
$errors['office'] = $office;
$redirectPage.='&office='.$office;
}
if(empty($errors)){
$query = "INSERT INTO users VALUES ('$idNo', '$user_type', SHA('$password'), '$firstName', '$lastName',
'$position', '$office')";
if($database_master->queryUpdate($query)){
$page_master->redirectUser('index.php?register=success&new_user='.$idNo);
}
else $page_master->redirectUser('index.php?register=failed');
} else{
$page_master->redirectUser($redirectPage);
}
?>