-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathaddUser.php
More file actions
executable file
·72 lines (72 loc) · 2.65 KB
/
addUser.php
File metadata and controls
executable file
·72 lines (72 loc) · 2.65 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
<?php
session_start();
/**
* Created by PhpStorm.
* User: Admin
* Date: 13/02/2018
* Time: 10:37
*/
if($_POST){
if (isset($_POST['username']) && $_POST['username'] === "") {
$_SESSION['error']['username'] = "Renseignez un username";
}
if(isset($_POST['email']) && $_POST['email'] === "" && !filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
$_SESSION['error']['email'] = "Renseignez un email valide";
}
if (isset($_POST['password']) && $_POST['password'] === "") {
$_SESSION['error']['password'] = "Renseignez un mot de passe";
}
if (isset($_POST['confpassword']) && $_POST['confpassword'] === "") {
$_SESSION['error']['confpassword'] = "Confirmez votre mot de passe";
}
if ($_POST['password'] !== $_POST['confpassword']) {
$_SESSION['error']['samepassword'] = "Veuillez entrer des mots de passe identiques";
}
if (!isset($_SESSION['error'])){
require_once "./connexion.php";
$sql2 = "SELECT
username, email
FROM
`user`
WHERE
email = :email
OR
username = :username;";
$stmt2 = $conn->prepare($sql2);
$stmt2->bindValue(':email', $_POST['email']);
$stmt2->bindValue(':username', $_POST['username']);
$stmt2->execute();
$row = $stmt2->fetch();
$nbRow = $stmt2->rowCount();
if($nbRow > 0){
if($row['email'] === $_POST['email']){
$_SESSION['error']['emailexist'] = "Adresse mail déjà existante";
}
if($row['username'] === $_POST['username']){
$_SESSION['error']['userexist'] = "Username déjà existant";
}
header('Location: ./inscription.php');
exit;
}
$sql = "INSERT INTO
`user`
(`username`, `email`, `password`, `role_id`)
VALUES
(:username, :email, :password, 2)
;";
$stmt = $conn->prepare($sql);
$stmt->bindValue(':username', htmlspecialchars($_POST['username']));
$stmt->bindValue(':email', $_POST['email']);
$stmt->bindValue(':password', hash('sha256', $_POST['password']));
$stmt->execute();
$_SESSION['success']['adduser'] = "Votre inscription a bien été prise en compte. Vous pouvez maintenant vous connecter";
header("Location: ./signIn.php");
exit;
}
header("Location: ./inscription.php");
exit;
}else{
header("Location: ./index.php");
exit;
}
?>