From 1a7fa60f6cb2ee26843ca19e37bb4ff44104ad55 Mon Sep 17 00:00:00 2001 From: Bulletin Date: Thu, 29 Dec 2016 16:42:32 -0500 Subject: Added existing progress --- signup.php | 154 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 154 insertions(+) create mode 100644 signup.php (limited to 'signup.php') diff --git a/signup.php b/signup.php new file mode 100644 index 0000000..de5e3e9 --- /dev/null +++ b/signup.php @@ -0,0 +1,154 @@ + 0) loggedin(); +$e = 0; +if (!empty($_POST['signup'])) { + $patterns = array( + 'name' => '/^([A-Z][a-z\-\']*)(\s[A-Z][a-z\-\']*)+$/', + 'email' => '/^.+@.+\..+$/', + 'password' => '/^.+$/', + 'zip' => '/^\d{5}([-\s]\d{4})?$/', + 'phone0' => '/\+?\d{1,3}$/', + 'phone1' => '/^\(?\d{3}\)?$/', + 'phone2' => '/^\d{3}$/', + 'phone3' => '/^\d{4}$/', + ); + $pkeys = array_keys($patterns); + foreach ($pkeys as $n => $pkey) { + if (!preg_match($patterns[$pkey], $_POST[$pkey])) { + $e = $n+1; + goto err; + } + } + if ($_POST['password'] != $_POST['confirm']) { + $e = 100; + goto err; + } + $db = new bdb(); + $result = $db->query('SELECT id FROM users WHERE email = \''.$db->escape_string($_POST['email']).'\' LIMIT 1') or fatal($db->error); + if ($result->num_rows > 0) { + $result->free(); + $db->close(); + $e = 101; + goto err; + } + $result->free(); + + $stmt = $db->prepare('INSERT INTO users (type, name, email, password, zipcode, phone, session) VALUES (?, ?, ?, ?, ?, ?, ?)') or fatal($db->error); + $type = intval($_POST['type']) ? 'EMPLOYER' : 'EMPLOYEE'; + $pass = hash('sha512', $_POST['password']); + $area = (intval($_POST['phone1'])>0)?intval($_POST['phone1']):intval(substr($_POST['phone1'], 1, -1)); + $phone = intval($_POST['phone0']).' ('.$area.') '.intval($_POST['phone2']).'-'.intval($_POST['phone3']); + $sess = uniqid('act', true); + $stmt->bind_param('sssssss', $type, $_POST['name'], $_POST['email'], $pass, $_POST['zip'], $phone, hash('sha512', $sess)); + $stmt->execute(); + if ($stmt->affected_rows < 1) fatal('Failed to affect database.'); + $uid = intval($stmt->insert_id); + $stmt->close(); + $db->close(); + + mail($_POST['email'], 'Activate Your Bulletin Account', eml_tpl(array( + 'activation_vars' => 'uid='.$uid.'&key='.$sess, + )), "From: ".$b_config['mail_from']."\r\nContent-type: text/html") or fatal('We didn\'t manage to send out your activation email. Please try again later.'); + fatal('An activation email has been sent to the address you supplied. To access your account, click the \'Activate Account\' link when you receive the email.', $b_config['base_url'].'login.php'); +} + +#### THIS IS FOR GOTO, IT'S GROSS BUT DON'T REMOVE IT #### +err: +#### DO NOT REMOVE #### +if ($e > 0 && $e < 100) $e_msg = 'The fields indicated are not valid.'; +else if ($e == 100) $e_msg = 'The passwords do not match.'; +else if ($e == 101) $e_msg = 'A user with your email or phone number already exists.'; +else $e_msg = 'An unknown error has occurred.'; +?> + + + + + Sign Up / Bulletin + + + + + +
+
+
+ I am a + +
+'.PHP_EOL; + else + echo '
'.PHP_EOL; +?> + +
+'; + else + echo '
'; +?> + +
+'.PHP_EOL; + else + echo '
'.PHP_EOL; +?> + +
+'; + else + echo '
'; +?> + +
+'.PHP_EOL; + else + echo '
'.PHP_EOL; +?> + +
+ = 5 && $e <= 8) || $e == 101) + echo '
'.PHP_EOL; + else + echo '
'.PHP_EOL; +?> + + + + +
+
+
 
+
+ +
+
+ + 0) + echo '

'.htmlentities($e_msg).'

'; +?> +

Already have an account? Log In

+
+
+

Welcome to Bulletin! :)

+

Copyright © 2016 Bulletin Team

+ + -- cgit v1.2.3