Add the following features:

[Project_webapp.git] / includes / formregister.php

diff --git a/includes/formregister.php b/includes/formregister.php
index 53b5f6d0f88b7d177e8367af6cb931b5a1f25501..6cb92236fa569bfa61d91993776b3bec8d8ca33d 100644 (file)
--- a/includes/formregister.php
+++ b/includes/formregister.php
@@ -4,7 +4,7 @@ $form_firstname = filter_input(INPUT_POST, "firstname", FILTER_SANITIZE_STRING);
 $form_numstreet = filter_input(INPUT_POST, "numstreet", FILTER_VALIDATE_INT);
 $form_street = filter_input(INPUT_POST, "street", FILTER_SANITIZE_STRING);
 $form_postalcode = filter_input(INPUT_POST, "postalcode", FILTER_VALIDATE_INT);
-$form_town = filter_input(INPUT_POST, "postalcode", FILTER_SANITIZE_STRING);
+$form_city = filter_input(INPUT_POST, "city", FILTER_SANITIZE_STRING);
 $form_email = filter_input(INPUT_POST, "email", FILTER_VALIDATE_EMAIL);
 $form_password = filter_input(INPUT_POST, "password", FILTER_SANITIZE_STRING);
 $form_confirmpassword = filter_input(INPUT_POST, "confirmpassword", FILTER_SANITIZE_STRING);
@@ -15,30 +15,42 @@ $error_email = false;
 $error_password = false;
 
 if (!$form_numstreet) {
-    echo "The street number is not valid <br>" ;
+    echo "The street number is not valid. <br>" ;
     $error_numstreet = true;
 }
 if (!$form_postalcode) {
-    echo "The postal code is not valid <br>";
+    echo "The postal code is not valid. <br>";
     $error_postalcode = true;
 }
 if (!$form_email) {
-    echo "The email is not valid <br>";
+    echo "The email is not valid. <br>";
     $error_email = true;
 }
-if (strcmp($form_password, $form_confirmpassword) === 0) {
-    echo "Password do not match <br>";
+if (strcmp($form_password, $form_confirmpassword) !== 0) {
+    echo "Password do not match. <br>";
     $error_password = true;
 }
 
 if (!empty($form_name) && !empty($form_firstname) && !empty($form_numstreet) && !empty($form_street) &&
-    !empty($form_postalcode) && !empty($form_town) && !empty($form_email) && !empty($form_password)){
-    global $connection;
-    $sql_pquery = "select count(NumCl) from CLIENTS where EmailCl = ?";
-    $stmt = $connection->prepare_query($sql_pquery);
-    $stmt->bind_param("s", $form_email);
-    //$connection->prepared_query_bind_param("s", $form_email);
-    $connection->run_prepared_query();
-    $connection->close_prepared_query();
+    !empty($form_postalcode) && !empty($form_city) && !empty($form_email) && !empty($form_password) &&
+    !$error_numstreet && !$error_postalcode && !$error_email && !$error_password) {
+    if (!chk_account($form_email)) {
+        global $connection;
+        $hashed_password = password_hash($form_password, PASSWORD_DEFAULT);
+        $sql_pquery = "insert into CLIENTS (NomCl, PrenomCl, EmailCl, PasswordCl, NumRueCl, NomRueCl, CodePosteCl, VilleCl)
+                       values (?, ?, ?, ?, ?, ?, ?, ?)";
+        $connection->prepare_query($sql_pquery);
+        $connection->prepared_query_bind_param("ssssisis", array($form_name, $form_firstname, $form_email, $hashed_password, $form_numstreet, $form_street, $form_postalcode, $form_city));
+        $connection->run_prepared_query();
+        $connection->close_prepared_query();
+        echo "You've successfully registered, you will be redirected to the login form in 3 seconds. <br>";
+        redirect("index.php?page=login", 3);
+    } else {
+        echo "You're already registered, you will be redirected to the login form in 3 seconds. <br>";
+        redirect("index.php?page=login", 3);
+    }
+} else {
+    echo "There's a required non filled field or the input in a field do not match the required pattern. <br>";
+    echo "<a href=\"javascript:history.go(-1)\">Retour</a>";
 }
 ?>