function validate_input() { $error = false; if (!(strlen($_POST['username']) > 3)) { echo "<B><font color=red>Username must be at least 4 characters</font></B><BR>"; $error = true; } if (!(strlen($_POST['password1']) > 5)) { echo "<B><font color=red>Password must be at least 6 characters</font></B><BR>"; $error = true; } if (!($_POST['password1'] == $_POST['password2'])) { echo "<B><font color=red>Password fields must match</font></B><BR>"; $error = true; } if (!preg_match('/[a-z]/', strtolower($_POST['username']))) { echo "<B><font color=red>Username must contain at least one letter</font></B><BR>"; $error = true; } if ($error) { display_form(); } else { check_account_exists(); } }
if ($_SERVER["REQUEST_METHOD"] == "POST") { include 'db-credentials.php'; $tbl_name = "Account"; // Table name // Connect to server and select databse. $link = new mysqli($servername, $username, $password, $dbname); if ($link->connect_error) { die("Connection failed: " . $link->connect_error); } // username and password and email sent from form $username = $_POST['username']; $password = $_POST['password']; $email = $_POST['email']; //check if a row is returned, meaning account username / email is taken $usernametaken = check_account_exists("username", $username, $link); $emailtaken = check_account_exists("email", $email, $link); // if a row was returned for same email, display error message if ($emailtaken == 1) { $emailerror = "* An account exists with this email."; } else { if ($usernametaken == 1) { $nameerror = "* Username is taken. Please choose another one."; } else { //ADD NEW ACCOUNT TO DATABASE $sql = "INSERT INTO {$tbl_name} (email, username, password, isAdmin)\n VALUES ('{$email}', '{$username}', '{$password}', '0')"; if ($link->query($sql) != true) { $emailerror = "ERROR: Could not able to execute {$sql}. " . $link->connect_error; } //start session, initialize session variables session_start(); $_SESSION['loggedin'] = true;