diff options
| author | Nathan Kinkade <nath@nkinka.de> | 2008-02-03 23:23:24 +0000 |
|---|---|---|
| committer | Nathan Kinkade <nath@nkinka.de> | 2008-02-03 23:23:24 +0000 |
| commit | d895b852a6e160496ffc760d46d3719a3d62ff86 (patch) | |
| tree | 52230bb04148197e8312e09b5c5273417e7a3be9 /register.php | |
Initial checkin of nutridb.org and basic subversion directory structure
Diffstat (limited to 'register.php')
| -rw-r--r-- | register.php | 137 |
1 files changed, 137 insertions, 0 deletions
diff --git a/register.php b/register.php new file mode 100644 index 0000000..e8cb2bf --- /dev/null +++ b/register.php @@ -0,0 +1,137 @@ +<?php + +# include the main site config where various global variables +# and libraries are included +include("config.php"); + +# if the user got here by pressing the "Register" button, then +# let's process the request. +if ( isset($_POST['action']) && ($_POST['action'] == "registerUser") ) { + + # validate the form .. this is already done through javascript, but we + # better make sure + + # make sure they entered a username + if ( isset($_POST['username']) && ("" == trim($_POST['username'])) ) { + $_SESSION['systemMsg'] = "<span class='msgError'>You must specify a login name.</span>"; + header("Location: {$config->_previousUri}"); + exit; + } else { + $username = trim($_POST['username']); + if ( strlen($username) < 5 ) { + $_SESSION['systemMsg'] = "<span class='msgError'>The login name must contain at least 5 characters.</span>"; + header("Location: {$config->_previousUri}"); + exit; + } + } + # make sure there is a password and that the confirm password matches + if ( isset($_POST['password']) && ("" == trim($_POST['password'])) ) { + $_SESSION['systemMsg'] = "<span class='msgError'>You must specify a password.</span>"; + header("Location: {$config->_previousUri}"); + exit; + } else { + $password = trim($_POST['password']); + if ( strlen($password) < 5 ) { + $_SESSION['systemMsg'] = "<span class='msgError'>The password must contain at least 5 characters.</span>"; + header("Location: {$config->_previousUri}"); + exit; + } + if ( ! isset($_POST['password2']) || (trim($_POST['password']) != trim($_POST['password2'])) ) { + $_SESSION['systemMsg'] = "<span class='msgError'>Your passwords do not match.</span>"; + header("Location: {$config->_previousUri}"); + exit; + } + } + + # make sure the user entered a birthday, and if so, covert it to a UNIX timestamp + if ( isset($_POST['birthday']) && ("" == trim($_POST['birthday'])) ) { + $_SESSION['systemMsg'] = "<span class='msgError'>You must specify a birthday (even if it's not real).</span>"; + header("Location: {$config->_previousUri}"); + exit; + } else { + $birthday = strtotime($_POST['birthday']); + if ( ! $birthday ) { + $_SESSION['systemMsg'] = "<span class='msgError'>Your birthday doesn't appear to be an actual date.</span>"; + header("Location: {$config->_previousUri}"); + exit; + } + } + + # make sure they accepted the Terms & Conditions + if ( ! isset($_POST['terms']) ) { + $_SESSION['systemMsg'] = "<span class='msgError'>You must accept the Terms & Conditions of this site in order to register.</span>"; + header("Location: {$config->_previousUri}"); + exit; + } + # make sure the user doesn't already exist in the database + $sql = sprintf (" + SELECT * FROM users + WHERE username = '%s' + ", + trim($_POST['username']) + ); + $db->Select($sql); + if ( $db->_rowCount > 0 ) { + $_SESSION['systemMsg'] = "<span class='msgError'>The login name you selected is already in use. Please select another.</span>"; + header("Location: {$config->_previousUri}"); + exit; + } + + # validation must have passed so let's add the new user. + # the local variables were assigned during validation + $sql = sprintf (" + INSERT INTO users(username,password,birthday,gender) + VALUES ('%s', '%s', '%s', '%s') + ", + $username, + md5($password), + $birthday, + $_POST['gender'] + ); + $db->Modify($sql); + if ( $db->_affectedRows == 1 ) { + # give the new user authorization + $_SESSION['auth']['status'] = "access_granted"; + $_SESSION['auth']['ipaddress'] = $_SERVER['REMOTE_ADDR']; + # dump the users info into the session + $_SESSION['user']['id'] = $db->InsertId(); + $_SESSION['user']['username'] = $username; + $_SESSION['user']['birthday'] = $birthday; + $_SESSION['user']['gender'] = $_POST['gender']; + + # now let's add the default nutrients as the users default set of nutrients + $sql = sprintf(" + INSERT INTO userNutrients(user, nutrient) + SELECT '%s', nutr_no FROM nutrientDefs + WHERE is_default = '1' + ", + $_SESSION['user']['id'] + ); + $db->Modify($sql); + if ( ! $db->_error ) { + $_SESSION['systemMsg'] = "<span class='msgOkay'>Congratulations. Registration succeeded.</span>"; + } else { + $_SESSION['systemMsg'] = "<span class='msgError'>Registration succeeded, but with errors.</span>"; + } + + # send the user to the main page + header("Location: {$config->_rootUri}"); + exit; + } else { + $_SESSION['systemMsg'] = "<span class='msgError'>There was an error. Registration failed.</span>"; + header("Location: {$config->_previousUri}"); + exit; + } + +} + +# grab the various parts. these sections are not printed to the screen +# but rather dumped into smarty variables that will simply be printed +# in the template, so the order doesn't matter here at the moment +include("header.php"); +include("sidebar_left.php"); +include("sidebar_right.php"); +include("footer.php"); + +$smarty->display("register.tpl"); + |