function register_user()
{
global $mysql;
if ($_POST['password'] !== $_POST['confirm_password']) {
echo "<b>Error: Passwords do not match</b>";
display_register_form();
die("");
}
$insert = array('username' => $_POST['username'], 'password' => $_POST['password'], 'email' => $_POST['email'], 'date' => date('H:i:y'));
$insert_keys = array_keys($insert);
$insert_values = array_values($insert);
$mysql->dbquery_insert('users', $insert_keys, $insert_values);
echo "New user created! You may now login!";
}
function display_login_form()
{
echo '<ul>
<li> <a href="main.php">Home</a> </li>
</ul>';
$_SESSION['login_token'] = md5(uniqid(mt_rand(), true));
echo '
<form id="logNreg" action="log_in.php" method="post" enctype="multipart/form-data">
<span>
username:<input type="text" name="log_username">
password:<input type="password" name="log_password">
</span>
<input type="hidden" name="login_token" value="' . $_SESSION['login_token'] . '">
<input type="hidden" name="choice" value="LOGIN">
<input class="form_button" type="submit" value="LOGIN">
</form>
<input type="submit" class="form_button" id="registerbt" value="REGISTER">';
display_register_form();
}
function main_display()
{
$status = session_status();
switch ($status) {
case PHP_SESSION_DISABLED:
/*display_login_form();*/
break;
case PHP_SESSION_ACTIVE:
if (checkLogged()) {
} else {
/*session_destroy();*/
display_register_form();
}
break;
case PHP_SESSION_NONE:
/*display_login_form();*/
break;
default:
break;
}
}
$query = "SELECT username FROM user WHERE MD5(CONCAT(username,'{$secret}'))='{$confirm}' AND active='0'";
$result = mysql_query("{$query}");
if (mysql_num_rows($result) == 1) {
# the registration confirmation was successufull,
# thus we can enable the useraccount in the database.
$username = mysql_result($result, 0);
$query = "UPDATE user SET active='1' WHERE username='******' AND active='0'";
if (mysql_query($query)) {
echo "You are now registered. Happy bookmarking!";
}
} else {
display_register_form();
}
} else {
display_register_additional_text();
display_register_form();
}
}
function display_register_form()
{
?>
<form method="POST" action="<?php
echo $_SERVER["PHP_SELF"];
?>
" name="loginform">
<table border="0">
<tr>
<td>Username:</td>
<td><input name="reg_username" type="text" value=""></td>
</tr>
<?php
include_once "global/includes.php";
if (!$user->isAdmin()) {
header("Location: index.php?status=Registration is closed to non-administrator users. Please contact your facility admin.");
}
if (isset($_POST['name']) && isset($_POST['email']) && isset($_POST['password']) && isset($_POST['password_confirmation'])) {
$registerUser = $user->register($_POST['name'], $_POST['email'], $_POST['password'], $_POST['password_confirmation'], $_POST['facility_id']);
redirect_to($registerUser);
} else {
start_html($user, "UC Medicine QA", "", $_REQUEST['status']);
?>
<div class="row">
<div class="span4"> </div>
<div class="span4">
<?php
display_register_form("register.php");
?>
</div>
<div class="span4"> </div>
</div>
<?php
display_footer();
}
