149 lines
4.9 KiB
PHP
Executable File
149 lines
4.9 KiB
PHP
Executable File
<?php
|
|
error_reporting(E_ALL);
|
|
ini_set('display_errors', '1');
|
|
require_once($_SERVER['DOCUMENT_ROOT'] . '/socialtune/includes/session.php');
|
|
require_once($_SERVER['DOCUMENT_ROOT'] . '/socialtune/includes/config.php');
|
|
/* ## On security...
|
|
* Change the encryption method. >> bcrypt
|
|
OR
|
|
SHA-256 + per-user salt.
|
|
|
|
*/
|
|
|
|
$is_band = (!empty($_POST['is_Band'])) ? $_POST['is_Band'] : false;
|
|
|
|
|
|
/********************************************
|
|
***** ------------------------------- *
|
|
***** ### NORMA USER SIGN UP PART #### *
|
|
***** ------------------------------- *
|
|
*********************************************/
|
|
|
|
if($is_band == false){
|
|
|
|
$first_name = (!empty($_POST['first_name'])) ? $_POST['first_name'] : false;
|
|
$last_name = (!empty($_POST['last_name'])) ? $_POST['last_name'] : false;
|
|
$email = (!empty($_POST['email'])) ? $_POST['email'] : false;
|
|
$password = (!empty($_POST['password'])) ? $_POST['password'] : false;
|
|
$month = (!empty($_POST['month'])) ? $_POST['month'] : false;
|
|
$day = (!empty($_POST['day'])) ? $_POST['day'] : false;
|
|
$year = (!empty($_POST['year'])) ? $_POST['year'] : false;
|
|
|
|
// Disallow "text entry"
|
|
|
|
if(is_string($month)){
|
|
$month = false;
|
|
}
|
|
if(is_string($day)){
|
|
$day = false;
|
|
}
|
|
if(is_string($year)){
|
|
$year = false;
|
|
}
|
|
|
|
|
|
// Convert to proper input.
|
|
$birthdate = $month."/".$day."/".$year;
|
|
|
|
$date = getdate();
|
|
$signup_date = $date['mon'].'/'.$date['mday'].'/'.$date['year'];
|
|
|
|
|
|
if($first_name && $last_name && $email && $password && $year && $day && $year){
|
|
$connection = mysqli_connect($dbHost, $dbUser, $dbPass, $dbName); // variables provided /include/.
|
|
$storedHash = $salt . $password;
|
|
for($i = 0; $i < 1; $i++){
|
|
$storedHash = hash('sha256', $storedHash);
|
|
}
|
|
$officialHash = substr($storedHash, 0, 64);
|
|
$password = $officialHash;
|
|
if(mysqli_connect_error()){
|
|
echo "ERROR #001 - ".mysqli_connect_error; // Didn't connect. Check all settings.
|
|
}
|
|
$command = "INSERT INTO users(first_name, last_name, email, password, birthdate, signup_date)
|
|
VALUES
|
|
( '$first_name', '$last_name', '$email', '$password', '$birthdate', '$signup_date')";
|
|
if(!mysqli_query($connection, $command)){
|
|
die("This email is already registered.");
|
|
header("Location: signup.php?q=1"); // NOT SO MUCH READY TO GO. WTF DUDE GET AN EMAIL BR0.
|
|
}
|
|
echo "Signup complete... You are being redirected.";
|
|
header("location: index.php?q=1"); // Ready to go!!!
|
|
|
|
}else{
|
|
echo "Missing data. -- Normal user";
|
|
header("Location: signup.php?q=2"); // Normal user - Forgot to input something.
|
|
}
|
|
}
|
|
|
|
|
|
|
|
|
|
/********************************************
|
|
***** -------------------------- *
|
|
***** ### BAND SIGN UP PART #### *
|
|
***** -------------------------- *
|
|
*********************************************/
|
|
|
|
if($is_band){
|
|
|
|
$band_name = (!empty($_POST['band_name'])) ? $_POST['band_name'] : false;
|
|
$email = (!empty($_POST['email'])) ? $_POST['email'] : false;
|
|
$password = (!empty($_POST['password'])) ? $_POST['password'] : false;
|
|
$month = (!empty($_POST['month'])) ? $_POST['month'] : false;
|
|
$day = (!empty($_POST['day'])) ? $_POST['day'] : false;
|
|
$year = (!empty($_POST['year'])) ? $_POST['year'] : false;
|
|
|
|
|
|
/*---- Disallow "text entry" ----*/
|
|
if(ctype_alpha($month)){
|
|
$month = false;
|
|
echo 'something went wrong with the month entry.<br>';
|
|
}
|
|
if(ctype_alpha($day)){
|
|
$day = false;
|
|
echo 'something went wrong with the day entry.<br>';
|
|
}
|
|
if(ctype_alpha($year)){
|
|
$year = false;
|
|
echo 'something went wrong with the year entry.<br>';
|
|
}
|
|
|
|
// Converts to proper input.
|
|
$birthdate = $month."/".$day."/".$year;
|
|
|
|
$date = getdate();
|
|
$signup_date = $date['mon'].'/'.$date['mday'].'/'.$date['year'];
|
|
|
|
|
|
|
|
if($band_name && $email && $password && $month && $day && $year){
|
|
$connection = mysqli_connect($dbHost, $dbUser, $dbPass, $dbName); // variables provided /include/.
|
|
$storedHash = $salt . $password;
|
|
for($i = 0; $i < 1; $i++){
|
|
$storedHash = hash('sha256', $storedHash);
|
|
}
|
|
$officialHash = substr($storedHash, 0, 64);
|
|
$password = $officialHash;
|
|
if(mysqli_connect_error()){
|
|
echo "ERROR #001 - ".mysqli_connect_error; // Didn't connect. Check all settings.
|
|
}
|
|
$command = "INSERT INTO users(first_name, email, password, birthdate, signup_date, user_type)
|
|
VALUES
|
|
( '$band_name', '$email', '$password', '$birthdate', '$signup_date', '$is_band')";
|
|
if(!mysqli_query($connection, $command)){
|
|
die("This email is already registered.");
|
|
// header("Location: signup.php?q=1"); // NOT SO MUCH READY TO GO. WTF DUDE GET AN EMAIL BR0.
|
|
}
|
|
echo "Signup complete... You are being redirected.";
|
|
header("location: index.php?q=1"); // Ready to go!!!
|
|
|
|
}else{
|
|
echo "Missing data. -- band users. <br /><br />";
|
|
header("Location: signup.php?q=1"); // NOT SO MUCH READY TO GO. WTF DUDE GET AN EMAIL BR0.
|
|
}
|
|
}
|
|
|
|
|
|
|
|
?>
|