<?php
$con = new PDO('mysql:host=localhost;dbname=shadowngu;', 'root', '';
$a_email = "[email protected]";
$s_url = "https://your_site_url.com";
?>
<?php
require 'config.php';
session_start();
if(isset($_POST['register']))
{
$username = $_POST['username'];
$email = $_POST['email'];
$password = md5($_POST['password']);
$password_c = md5($_POST['password_c']);
if(empty($username) or empty($email) or empty($password) or empty($password_c))
{
echo 'All fields must be filled in!';
} else
{
//Checking if the username entered has already been registered.
$usrcheck = $con->prepare('SELECT * FROM user_table WHERE username = :username';
$usrcheck->bindValue(':username', $username, PDO:ARAM_STR);
$usrcheck->execute();
if($usrcheck->rowCount() >= 1)
{
echo 'Username already exists!';
} else
{
//Checking if the email entered has already been registered.
$emailcheck = $con->prepare('SELECT email FROM user_table WHERE username = :username';
$emailcheck->bindValue(':username', $username, PDO:ARAM_STR);
$emailcheck->execute();
if($emailcheck->rowCount() >= 1)
{
//Checking if the entered email is valid.
if (preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/", $_POST['email']))
{
//Generating your unique verification code
$activation = md5(uniqid(rand(), true));
//Confirming passwords match.
if($password == $password_c)
{
$query = $con->prepare('INSERT INTO users (username,email,password,joined,activation) VALUESusername,:email,:password,:join_date,:activation)';
$query->bindValue(':username', $username, PDO:ARAM_STR);
$query->bindValue(':email', $email, PDO:ARAM_STR);
$query->bindValue(':password', $password, PDO:ARAM_STR);
$query->bindValue(':join_date', $join_date, PDO:ARAM_STR);
$query->bindValue(':activation', $activation, PDO:ARAM_STR);
$query->execute();
$message = 'To activate your account, please click this link:\n\n';
$message .= $s_url . '/activate.php?email=' . urlencode($email) . '&key=$activation';
$headers = 'From: ' . $a_email . "
" .
'Reply-To: ' . $a_email . "
" . 'X-Mailer: PHP/' . phpversion();
mail($email, 'Registration Confirmation', $message, $headers);
echo 'You have successfully registered, a confirmation email has been sent to ' . $email . '.';
} else
{
echo 'Passwords do not match!';
}
} else
{
echo 'Your email is invalid!';
}
} else
{
echo 'Email already exists!';
}
}
?>
<?php
require 'config.php';
if (isset($_GET['email']) && preg_match('/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/', $_GET['email']))
{
$email = $_GET['email'];
}
if (isset($_GET['key']) && (strlen($_GET['key']) == 32))
{
$key = $_GET['key'];
}
if (isset($email) && isset($key))
{
$query_activate_account = $con->query("UPDATE users SET activation=NULL WHERE(email ='$email' AND activation='$key'LIMIT 1");
if ($con->rowCount() == 1) //if update query was successfull
{
echo 'Your account is now active. You may now <a href="login.php">Log in</a>';
} else
{
echo 'Oops, your account could not be activated. Please re-check the link or contact the system administrator.';
}
} else
{
echo 'Error Occured .';
}
?>
<?php
require 'config.php';
if (isset($_POST['login'])) {
session_start();
$username = $_POST['username'];
$password = $_POST['password'];
if (empty($username) or empty($password))
{
echo 'All fields must be filled in!';
} else {
$query_check_credentials = $con->prepare("SELECT * FROM user_table WHERE (username = :username AND password = :password) AND Activation IS NULL");
$query_check_credentials->bindValue(':username', $username, PDO:ARAM_STR);
$query_check_credentials->bindValue(':password', $password, PDO:ARAM_STR);
$query_check_credentials->execute();
if($query_check_credentials->rowCount() == 1)
{
$_SESSION['username'] = $username;
echo '<script>window.location="index.php";</script>';
} else
{
echo 'Your account is inactive or username/password is incorrect.';
}
?>
Copyright © 2024, NextGenUpdate.
All Rights Reserved.