Sign up
'; if($_SERVER['REQUEST_METHOD'] != 'POST') { /*the form hasn't been posted yet, display it note that the action="" will cause the form to post to the same page it is on */ echo ''; } else { /* so, the form has been posted, we'll process the data in three steps: 1. Check the data 2. Let the user refill the wrong fields (if necessary) 3. Save the data */ $errors = array(); /* declare the array for later use */ if(isset($_POST['userName'])) { //the user name exists if(!ctype_alnum($_POST['userName'])) { $errors[] = 'The username can only contain letters and digits.'; } if(strlen($_POST['userName']) > 30) { $errors[] = 'The username cannot be longer than 30 characters.'; } } else { $errors[] = 'The username field must not be empty.'; } if(isset($_POST['userPass'])) { if($_POST['userPass'] != $_POST['userPassCheck']) { $errors[] = 'The two passwords did not match.'; } } else { $errors[] = 'The password field cannot be empty.'; } if(!empty($errors)) /*check for an empty array, if there are errors, they're in this array (note the ! operator)*/ { echo 'Uh-oh.. a couple of fields are not filled in correctly..

'; echo '

' . $value . '

'; echo 'Click here to try again.'; } else { //the form has been posted without, so save it //notice the use of mysql_real_escape_string, keep everything safe! //also notice the sha1 function which hashes the password $sql = "INSERT INTO users (userName, userPass, userEmail, userDate, userLevel) VALUES (?, ?, ?, NOW(), 0)"; $stmt = $conn->prepare($sql); $stmt->bind_param('sss', $_POST['userName'], sha1($_POST['userPass']), $_POST['userEmail']); if(!$stmt->execute()) { //something went wrong, display the error echo 'Something went wrong while registering. Please try again later.'; //echo $conn->error; //debugging purposes, uncomment when needed //echo var_dump($stmt) . "|" . $uname . "|" . $upass . "|" . $uemail; } else { echo 'Succesfully registered. You can now sign in and start posting! :-)'; } } } include 'footer.php'; ?>