-
Notifications
You must be signed in to change notification settings - Fork 3
/
server.php
98 lines (93 loc) · 3.28 KB
/
server.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
<?php
session_start();
?>
<!--=======User Policy Registration=======-->
<?php
require 'connect.php';
//variable declaration
$fname='';
$lname='';
$dob='';
$email='';
$address='';
$city='';
$country='';
$ptype='';
$pricing='';
$annual='';
$idno='';
$phone='';
$gender='';
//get values
if(isset($_POST['submitreg'])){
$fname=mysqli_real_escape_string($conn,$_POST['fname']);
$lname=mysqli_real_escape_string($conn,$_POST['lname']);
$dob=mysqli_real_escape_string($conn,$_POST['dob']);
$email=mysqli_real_escape_string($conn,$_POST['email']);
$address=mysqli_real_escape_string($conn,$_POST['address']);
$city=mysqli_real_escape_string($conn,$_POST['city']);
$country=mysqli_real_escape_string($conn,$_POST['country']);
$ptype=mysqli_real_escape_string($conn,$_POST['ptype']);
$pricing=mysqli_real_escape_string($conn,$_POST['pricing']);
$annual=mysqli_real_escape_string($conn,$_POST['annual']);
$idno=mysqli_real_escape_string($conn,$_POST['idno']);
$phone=mysqli_real_escape_string($conn,$_POST['phone']);
$gender=mysqli_real_escape_string($conn,$_POST['gender']);
//post to database
$sql="INSERT into policy_registration (first_name,last_name,dob,email,address,city,country,policy_type,policy_pricing,annual_income,id_number,phone_number,gender) VALUES('$fname','$lname','$dob','$email','$address','$city','$country','$ptype','$pricing','$annual','$idno','$phone','$gender')";
$query=mysqli_query($conn,$sql);
if(!$query){
die ('could not submit data'. mysqli_error($conn));
}
echo 'successfull';
}
?>
<!--=======End User Policy Registration=======-->
<!--=======User Sign Up/ Registration=========-->
<?php
// REGISTER USER
$uname='';
$umail='';
$pass1='';
$pass2='';
$errors=array();
if (isset($_POST['usubmit'])) {
// receive all input values from the form
$uname = mysqli_real_escape_string($conn, $_POST['uname']);
$umail = mysqli_real_escape_string($conn, $_POST['umail']);
$pass1 = mysqli_real_escape_string($conn, $_POST['pass1']);
$pass2 = mysqli_real_escape_string($conn, $_POST['pass2']);
// form validation: ensure that the form is correctly filled ...
// by adding (array_push()) corresponding error unto $errors array
if (empty($uname)) { array_push($errors, "Username is required"); }
if (empty($umail)) { array_push($errors, "Email is required"); }
if (empty($pass1)) { array_push($errors, "Password is required"); }
if ($pass1 != $pass2) {
array_push($errors, "The two passwords do not match");
};
// first check the database to make sure
// a user does not already exist with the same username and/or email
$sql = "SELECT * FROM users WHERE username='$uname' OR email='$umail' LIMIT 1";
$result = mysqli_query($conn, $sql);
$user = mysqli_fetch_assoc($result);
if ($user) { // if user exists
if ($user['email'] === $umail) {
array_push($errors, "email already exists");
}
};
// Finally, register user if there are no errors in the form
if (count($errors) == 0) {
$password = md5($pass1);//encrypt the password before saving in the database
$query = "INSERT INTO users (username, email, password)
VALUES('$uname', '$umail', '$password')";
$retval=mysqli_query($conn, $query);
if(!$retval){
die ('error'. mysqli_error($conn));
}
$_SESSION['uname'] = $uname;
$_SESSION['success'] = "You are now logged in";
header('location: index.php');
}
}
?>
<!--======End User Sign Up/ Registration======-->