-
Notifications
You must be signed in to change notification settings - Fork 0
/
registration.php
93 lines (77 loc) · 2.75 KB
/
registration.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
<?php
if (isset($_POST["submit"])) {
$user_name = $_POST["user_name"];
$user_email = $_POST["user_email"];
$user_password = $_POST["user_password"];
// Hash the password
$passwordHash = password_hash($user_password, PASSWORD_DEFAULT);
require_once "config.php";
// Use prepared statements to prevent SQL injection
$sql = "INSERT INTO table_user (user_name, user_email, user_password) VALUES (?, ?, ?)";
$stmt = mysqli_stmt_init($conn);
if (mysqli_stmt_prepare($stmt, $sql)) {
mysqli_stmt_bind_param($stmt, "sss", $user_name, $user_email, $passwordHash);
mysqli_stmt_execute($stmt);
$success_message = "You've registered successfully";
echo "<script>
window.onload = function() {
alert('$success_message');
window.location.href = 'index.php';
};
</script>";
// Redirect to index.php
header("location: index.php");
exit(); // Ensure that no further code is executed after the redirect
} else {
die("Something went wrong. Please try again later.");
}
// Close the statement and connection
mysqli_stmt_close($stmt);
mysqli_close($conn);
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Creating Account...</title>
<style>
:root {
filter: blur(35px);
}
</style>
<link rel="icon" href="src/emyu.png" type="image/icon type">
</head>
<body>
<?php
if (isset($_POST["submit"])) {
$user_name = $_POST["user_name"];
$user_email = $_POST["user_email"];
$user_password = $_POST["user_password"];
// Hash the password
$passwordHash = password_hash($user_password, PASSWORD_DEFAULT);
require_once "config.php";
// Use prepared statements to prevent SQL injection
$sql = "INSERT INTO table_user (user_name, user_email, user_password) VALUES (?, ?, ?)";
$stmt = mysqli_stmt_init($conn);
if (mysqli_stmt_prepare($stmt, $sql)) {
mysqli_stmt_bind_param($stmt, "sss", $user_name, $user_email, $passwordHash);
mysqli_stmt_execute($stmt);
$success_message = "You've registered successfully";
echo "<script>
window.onload = function() {
alert('$success_message');
window.location.href = 'index.php';
};
</script>";
} else {
die("Something went wrong. Please try again later.");
}
// Close the statement and connection
mysqli_stmt_close($stmt);
mysqli_close($conn);
}
?>
</body>
</html>