Viewing File: /home/quiczmwg/public_html/authenticator/signin-process.php
<?php
@session_start();
require_once("../_db.php");
// Google reCAPTCHA Secret Key
$recaptcha_secret = "6LfcSP8qAAAAAHZLluQzqX4IBlI7jQGyEotEw0XN";
// Function to verify Google reCAPTCHA response
function verifyRecaptcha($recaptcha_response, $secret_key) {
$url = "https://www.google.com/recaptcha/api/siteverify";
$data = [
"secret" => $secret_key,
"response" => $recaptcha_response
];
$options = [
"http" => [
"header" => "Content-type: application/x-www-form-urlencoded\r\n",
"method" => "POST",
"content" => http_build_query($data)
]
];
$context = stream_context_create($options);
$result = file_get_contents($url, false, $context);
$response = json_decode($result, true);
return $response["success"] ?? false;
}
// Function to validate user input
function validateInput($full_name, $email, $username, $password, $cpassword) {
$errors = [];
if (empty($full_name) || empty($email) || empty($username) || empty($password) || empty($cpassword)) {
$errors[] = 'Enter all fields';
} elseif (strlen($password) < 7) {
$errors[] = 'Password should be at least 7 characters long';
} elseif ($password !== $cpassword) {
$errors[] = 'Password and Confirm Password do not match';
}
return $errors;
}
// Check if the form is submitted
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$full_name = $_POST['full_name'];
$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password'];
$cpassword = $_POST['cpassword'];
$recaptcha_response = $_POST['g-recaptcha-response'];
// Verify reCAPTCHA before processing
if (!verifyRecaptcha($recaptcha_response, $recaptcha_secret)) {
header('Location: ../signin.php?status=error&message=Invalid reCAPTCHA. Please try again.');
exit();
}
// Validate user input
$errors = validateInput($full_name, $email, $username, $password, $cpassword);
if (!empty($errors)) {
header('Location: ../signin.php?status=error&message=' . implode(' ', $errors));
exit();
}
// Check if the email already exists
$checkEmailQuery = "SELECT * FROM user_login WHERE email = ?";
$checkEmailStmt = $conn->prepare($checkEmailQuery);
if ($checkEmailStmt) {
$checkEmailStmt->bind_param("s", $email);
$checkEmailStmt->execute();
$checkEmailResult = $checkEmailStmt->get_result();
$checkEmailStmt->close();
if ($checkEmailResult->num_rows > 0) {
header('Location: ../signin.php?status=error&message=User Email already exists.');
exit();
}
// Auto-generate user_id
$userid = generateUserId();
// Hash the password
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
// Insert user data
$insertQuery = "INSERT INTO user_login (userid, full_name, email, username, password) VALUES (?, ?, ?, ?, ?)";
$insertStmt = $conn->prepare($insertQuery);
if ($insertStmt) {
$insertStmt->bind_param("sssss", $userid, $full_name, $email, $username, $hashed_password);
$insertStmt->execute();
if ($insertStmt->error) {
header('Location: ../signin.php?status=error&message=Database error: ' . $insertStmt->error);
exit();
}
// Send email notification
$subject = "Welcome to Quick-wittedtraded";
sendEmailNotification($email, $full_name, $userid, $subject);
header('Location: ../signin.php?status=success&message=Registration successful. Verify Your Email');
exit();
} else {
header('Location: ../signin.php?status=error&message=Database error: ' . $conn->error);
exit();
}
} else {
header('Location: ../signin.php?status=error&message=Database error: ' . $conn->error);
exit();
}
} else {
header('Location: ../signin.php?status=error&message=Invalid request');
exit();
}
// Function to generate a random user ID
function generateUserId() {
return 'OPM' . mt_rand(100000, 999999);
}
?>
Back to Directory
File Manager
<