I'm making a basic registration system with the help of a tutorial; the tutorial doesn't say how to make it so that it verifies if an email the user tried to register with has been taken, but it does so for the username. How do I make it so that it verifies both the username and email are free and not in the database? And yes, I did enter my database details properly, I just removed them for this post. (By the way, this is a register.php file which the site goes to after entering details and pressing enter in another webpage.)
<?php
$DATABASE_HOST = '';
$DATABASE_USER = '';
$DATABASE_PASS = '';
$DATABASE_NAME = '';
$con = mysqli_connect($DATABASE_HOST, $DATABASE_USER, $DATABASE_PASS, $DATABASE_NAME);
if (mysqli_connect_errno()) {
die ('Failed to connect to MySQL: ' . mysqli_connect_error());
}
if ($stmt = $con->prepare('SELECT id, password FROM accounts WHERE username = ?')) {
if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
die ('Email is not valid!');
}
if (preg_match('/[A-Za-z0-9]+/', $_POST['username']) == 0) {
die ('Username is not valid!');
}
if (strlen($_POST['password']) > 20 || strlen($_POST['password']) < 5) {
die ('Password must be between 5 and 20 characters long!');
}
$stmt->bind_param('s', $_POST['username']);
$stmt->execute();
$stmt->store_result();
if ($stmt->num_rows > 0) {
echo 'Username exists, please choose another!';
} else {
if ($stmt = $con->prepare('INSERT INTO accounts (username, password, email) VALUES (?, ?, ?)')) {
$password = password_hash($_POST['password'], PASSWORD_DEFAULT);
$stmt->bind_param('sss', $_POST['username'], $password, $_POST['email']);
$stmt->execute();
echo 'You have successfully registered, you can now login!';
} else {
echo 'Could not prepare statement!';
}
}
$stmt->close();
} else {
echo 'Could not prepare statement!';
}
$con->close();
?>
Aucun commentaire:
Enregistrer un commentaire