Added City, State, Country, Phone and error's #2

git-svn-id: https://webim.svn.sourceforge.net/svnroot/webim/trunk@538 c66351dc-e62f-0410-b875-e3a5c0b9693f

site/login/login/register-exec.php

@@ -0,0 +1,134 @@
+<?php
+	//Start session
+	session_start();
+	
+	//Include database connection details
+	require_once('libs/config.php');
+	
+	//Array to store validation errors
+	$errmsg_arr = array();
+	
+	//Validation error flag
+	$errflag = false;
+	
+	//Connect to mysql server
+	$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
+	if(!$link) {
+		die('Failed to connect to server: ' . mysql_error());
+	}
+	
+	//Select database
+	$db = mysql_select_db(DB_DATABASE);
+	if(!$db) {
+		die("Unable to select database");
+	}
+	
+	//Function to sanitize values received from the form. Prevents SQL injection
+	function clean($str) {
+		$str = @trim($str);
+		if(get_magic_quotes_gpc()) {
+			$str = stripslashes($str);
+		}
+		return mysql_real_escape_string($str);
+	}
+	
+	//Sanitize the POST values
+	$fname = clean($_POST['fname']);
+	$lname = clean($_POST['lname']);
+	$city = clean($_POST['city']);
+    $state = clean($_POST['state']);
+    $country = clean($_POST['country']);
+    $phone = clean($_POST['phone']);
+    $email = clean($_POST['email']);
+	$login = clean($_POST['login']);
+	$password = clean($_POST['password']);
+	$cpassword = clean($_POST['cpassword']);
+	
+	//Input Validations
+	if($fname == '') {
+		$errmsg_arr[] = 'First name is missing';
+		$errflag = true;
+	}
+	if($lname == '') {
+		$errmsg_arr[] = 'Last name is missing';
+		$errflag = true;
+	}
+    if($city == '') {
+		$errmsg_arr[] = 'City is missing';
+		$errflag = true;
+	}
+    if($state == '') {
+		$errmsg_arr[] = 'State is missing';
+		$errflag = true;
+	}
+    if($country == '') {
+		$errmsg_arr[] = 'Country is missing';
+		$errflag = true;
+	}
+    if($phone == '') {
+		$errmsg_arr[] = 'Phone is missing';
+		$errflag = true;
+	}
+     if($phone == '000-000-0000') {
+		$errmsg_arr[] = 'Phone is invalid';
+		$errflag = true;
+	}
+		if($email == '') {
+		$errmsg_arr[] = 'Email is missing';
+		$errflag = true;
+	}
+	if($login == '') {
+		$errmsg_arr[] = 'Login ID is missing';
+		$errflag = true;
+	}
+	
+	if($password == '') {
+		$errmsg_arr[] = 'Password is missing';
+		$errflag = true;
+	}
+	if($cpassword == '') {
+		$errmsg_arr[] = 'Confirm password is missing';
+		$errflag = true;
+	}
+	if( strcmp($password, $cpassword) != 0 ) {
+		$errmsg_arr[] = 'Passwords do not match';
+		$errflag = true;
+	}
+	
+	//Check for duplicate login ID
+	if($login != '') {
+		$qry = "SELECT * FROM members WHERE login='$login'";
+		$result = mysql_query($qry);
+		if($result) {
+			if(mysql_num_rows($result) > 0) {
+				$errmsg_arr[] = 'Login ID already in use';
+				$errflag = true;
+			}
+			@mysql_free_result($result);
+		}
+		else {
+			die("Query failed");
+		}
+	}
+
+
+	//If there are input validations, redirect back to the registration form
+	if($errflag) {
+		$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
+		session_write_close();
+		header("location: register-form.php");
+		exit();
+	}
+
+	//Create INSERT query
+	$qry = "INSERT INTO members(firstname, lastname, city, state, country, phone, email, login, passwd) VALUES('$fname','$lname', '$city','$state', '$country', '$phone', '$email', '$login','".md5($_POST['password'])."')";
+	$result = @mysql_query($qry);
+	
+	//Check whether the query was successful or not
+	if($result) {
+		header("location: register-success.php");
+		exit();
+	}else {
+		die("Query failed");
+	}
+?>

site/login/login/register-form.php

@@ -0,0 +1,75 @@
+<?php
+	session_start();
+?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
+<title>Login Form</title>
+<link href="loginmodule.css" rel="stylesheet" type="text/css" />
+</head>
+<body>
+<?php
+	if( isset($_SESSION['ERRMSG_ARR']) && is_array($_SESSION['ERRMSG_ARR']) && count($_SESSION['ERRMSG_ARR']) >0 ) {
+		echo '<ul class="err">';
+		foreach($_SESSION['ERRMSG_ARR'] as $msg) { ?>
+			 <div align="center" ><font color="red" <? echo '<li>',$msg,'</li>'; ?> </div> </font> <?
+		}
+		echo '</ul>';
+		unset($_SESSION['ERRMSG_ARR']);
+	}
+	
+?>
+
+<form id="loginForm" name="loginForm" method="post" action="register-exec.php">
+  <table width="300" border="0" align="center" cellpadding="2" cellspacing="0">
+    <tr>
+      <th>First Name </th>
+      <td><input name="fname" type="text" class="textfield" id="fname" /></td>
+    </tr>
+    <tr>
+      <th>Last Name </th>
+      <td><input name="lname" type="text" class="textfield" id="lname" /></td>
+    </tr>
+    <tr>
+      <th>City </th>
+      <td><input name="city" type="text" class="textfield" id="city" /></td>
+    </tr>
+      <tr>
+      <th>State </th>
+      <td><input name="state" type="text" class="textfield" id="state" /></td>
+    </tr>
+     <tr>
+      <th>Country </th>
+      <td><input name="country" type="text" class="textfield" id="country" /></td>
+    </tr>
+    <tr>
+      <th>Phone </th>
+      <td><input name="phone" type="text" class="textfield" id="phone" /></td>
+    </tr>
+    <tr>
+      <th>Email </th>
+      <td><input name="email" type="text" class="textfield" id="email" /></td>
+    </tr>
+    <tr>
+      <th width="124">Login</th>
+      <td width="168"><input name="login" type="text" class="textfield" id="login" /></td>
+    </tr>
+   
+    <tr>
+      <th>Password</th>
+      <td><input name="password" type="password" class="textfield" id="password" /></td>
+    </tr>
+    <tr>
+      <th>Confirm Password </th>
+      <td><input name="cpassword" type="password" class="textfield" id="cpassword" /></td>
+    </tr>
+    <tr>
+      <td>&nbsp;</td>
+      <td><input type="submit" name="Submit" value="Register" /></td>
+      
+    </tr>
+  </table>
+</form>
+</body>
+</html>

site/login/login/register-success.php

@@ -0,0 +1,12 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
+<title>Registration Successful</title>
+<link href="loginmodule.css" rel="stylesheet" type="text/css" />
+</head>
+<body>
+<h1>Registration Successful</h1>
+<p><a href="index.php">Click here</a> to login to your account.</p>
+</body>
+</html>