$wrapEnd = '</p>';
if (!empty($_POST['register-submit'])) {
$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password'];
$emailAgain = $_POST['email-again'];
$passwordAgain = $_POST['password-again'];
if (!empty($username) && !empty($email) && !empty($password) && !empty($emailAgain) && !empty($passwordAgain)) {
if (preg_match('/^[a-zA-Z0-9]+$/', $username)) {
if ($email === $emailAgain && $password === $passwordAgain) {
$exists = $loginSystem->checkUserExists($email, $username);
if ($exists) {
echo $wrapStart . 'An account with this email/username already exists.' . $wrapEnd;
} else {
if (!ProfanityFilter::containsProfanity($username)) {
$response = $loginSystem->createUser($email, $password, $username);
echo $response;
} else {
echo $wrapStart . 'No profanity please.' . $wrapEnd;
}
}
} else {
echo $wrapStart . 'Email and/or password did not match. Please try again.' . $wrapEnd;
}
} else {
echo $wrapStart . 'Username must be alphanumeric (a-z A-Z 0-9) with no spaces.' . $wrapEnd;
}
} else {
echo $wrapStart . 'Please enter your email and password.' . $wrapEnd;
}
}
function create($usertype, $name, $passwrd, $email)
{
$password = md5($passwrd);
$sql = "SELECT * FROM users WHERE username='******' or email_address='{$email}';";
$sql1 = "SELECT * FROM group_members WHERE member_name='{$name}' or member_email='{$email}';";
//checking if the username or email is available in db
$check = $this->db->query($sql);
$count_row = $check->num_rows;
$check1 = $this->db->query($sql1);
$count_row1 = $check1->num_rows;
//if the username is not in db then insert to the table
if ($count_row == 0 && $count_row1 == 0) {
$sql1 = "INSERT INTO `users` (`user_id`, `username`, `email_address`, `password`) VALUES (NULL, '{$name}', '{$email}', '{$password}')";
$result = mysqli_query($this->db, $sql1) or die(mysqli_connect_errno() . "Data cannot inserted");
session_start();
$user = new UserModel($name);
$this->usertype = $user->get_usertype();
$this->id = $user->get_id();
$_SESSION['user'] = $user;
$_SESSION['usertype'] = $user->get_usertype();
return $result;
} else {
if ($count_row == 0 && $count_row1 == 1) {
$sql1 = "INSERT INTO `users` (`user_id`, `username`, `email_address`, `password`, `usertype`, `group_created`, `member_active`) VALUES (NULL, '{$name}', '{$email}', '{$password}', 'user', '0', '1')";
$result = mysqli_query($this->db, $sql1) or die(mysqli_connect_errno() . "Data cannot inserted");
$ls = new LoginSystem();
$ls->attach(new NewUserMailer());
$ls->createUser($name);
session_start();
$user = new UserModel($name);
$this->usertype = $user->get_usertype();
$this->id = $user->get_id();
$_SESSION['user'] = $user;
$_SESSION['usertype'] = $user->get_usertype();
return $result;
} else {
return false;
}
}
}
