> bcrypt OR SHA-256 + per-user salt. */ $is_band = (!empty($_POST['is_Band'])) ? $_POST['is_Band'] : false; /******************************************** ***** ------------------------------- * ***** ### NORMA USER SIGN UP PART #### * ***** ------------------------------- * *********************************************/ if($is_band == false){ $first_name = (!empty($_POST['first_name'])) ? $_POST['first_name'] : false; $last_name = (!empty($_POST['last_name'])) ? $_POST['last_name'] : false; $email = (!empty($_POST['email'])) ? $_POST['email'] : false; $password = (!empty($_POST['password'])) ? $_POST['password'] : false; $month = (!empty($_POST['month'])) ? $_POST['month'] : false; $day = (!empty($_POST['day'])) ? $_POST['day'] : false; $year = (!empty($_POST['year'])) ? $_POST['year'] : false; // Disallow "text entry" if(is_string($month)){ $month = false; } if(is_string($day)){ $day = false; } if(is_string($year)){ $year = false; } // Convert to proper input. $birthdate = $month."/".$day."/".$year; $date = getdate(); $signup_date = $date['mon'].'/'.$date['mday'].'/'.$date['year']; if($first_name && $last_name && $email && $password && $year && $day && $year){ $connection = mysqli_connect($dbHost, $dbUser, $dbPass, $dbName); // variables provided /include/. $storedHash = $salt . $password; for($i = 0; $i < 1; $i++){ $storedHash = hash('sha256', $storedHash); } $officialHash = substr($storedHash, 0, 64); $password = $officialHash; if(mysqli_connect_error()){ echo "ERROR #001 - ".mysqli_connect_error; // Didn't connect. Check all settings. } $command = "INSERT INTO users(first_name, last_name, email, password, birthdate, signup_date) VALUES ( '$first_name', '$last_name', '$email', '$password', '$birthdate', '$signup_date')"; if(!mysqli_query($connection, $command)){ die("This email is already registered."); header("Location: signup.php?q=1"); // NOT SO MUCH READY TO GO. WTF DUDE GET AN EMAIL BR0. } echo "Signup complete... You are being redirected."; header("location: index.php?q=1"); // Ready to go!!! }else{ echo "Missing data. -- Normal user"; header("Location: signup.php?q=2"); // Normal user - Forgot to input something. } } /******************************************** ***** -------------------------- * ***** ### BAND SIGN UP PART #### * ***** -------------------------- * *********************************************/ if($is_band){ $band_name = (!empty($_POST['band_name'])) ? $_POST['band_name'] : false; $email = (!empty($_POST['email'])) ? $_POST['email'] : false; $password = (!empty($_POST['password'])) ? $_POST['password'] : false; $month = (!empty($_POST['month'])) ? $_POST['month'] : false; $day = (!empty($_POST['day'])) ? $_POST['day'] : false; $year = (!empty($_POST['year'])) ? $_POST['year'] : false; /*---- Disallow "text entry" ----*/ if(ctype_alpha($month)){ $month = false; echo 'something went wrong with the month entry.
'; } if(ctype_alpha($day)){ $day = false; echo 'something went wrong with the day entry.
'; } if(ctype_alpha($year)){ $year = false; echo 'something went wrong with the year entry.
'; } // Converts to proper input. $birthdate = $month."/".$day."/".$year; $date = getdate(); $signup_date = $date['mon'].'/'.$date['mday'].'/'.$date['year']; if($band_name && $email && $password && $month && $day && $year){ $connection = mysqli_connect($dbHost, $dbUser, $dbPass, $dbName); // variables provided /include/. $storedHash = $salt . $password; for($i = 0; $i < 1; $i++){ $storedHash = hash('sha256', $storedHash); } $officialHash = substr($storedHash, 0, 64); $password = $officialHash; if(mysqli_connect_error()){ echo "ERROR #001 - ".mysqli_connect_error; // Didn't connect. Check all settings. } $command = "INSERT INTO users(first_name, email, password, birthdate, signup_date, user_type) VALUES ( '$band_name', '$email', '$password', '$birthdate', '$signup_date', '$is_band')"; if(!mysqli_query($connection, $command)){ die("This email is already registered."); // header("Location: signup.php?q=1"); // NOT SO MUCH READY TO GO. WTF DUDE GET AN EMAIL BR0. } echo "Signup complete... You are being redirected."; header("location: index.php?q=1"); // Ready to go!!! }else{ echo "Missing data. -- band users.

"; header("Location: signup.php?q=1"); // NOT SO MUCH READY TO GO. WTF DUDE GET AN EMAIL BR0. } } ?>