Sign upLogin

jhuesser/bzu-jodel-clone

View on GitHub
Star
signup.php

Summary

Maintainability
A
0 mins
Test Coverage
<?php
 
    session_start();
    //Load functions, config and pass metadata
    $title = "Sign up | SocialDomayn";
    $stylesheet = "login.css";
    include 'functions/header.php';
    require 'functions/apicalls.php';
    $config = require('config.php');
    $apiroot = $config->apiUrl;
 
    $mainaction = true;
 
    if(isset($_GET['register'])) {
        $mainaction = false;
        //User wants to register
        //set local values for easy handling
         $error = false;
        $username = $_POST['username'];
         $password = $_POST['password1'];
         $password2 = $_POST['password2'];
        if(isset($_POST['g-recaptcha-response']))
            //captcha is solved
              $captcha=$_POST['g-recaptcha-response'];
            if(!$captcha){
                //captcha is not solved
                  $errorMsg = $config->app_msgs['catpcha_not_solved'];
          
            }
            $captachresp =json_decode(file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$config->recaptcha_secret . "&response=".$captcha."&remoteip=".$_SERVER['REMOTE_ADDR']), true);
            if($captachresp['success'] == false){
                //captcha is false
                  $errorMsg = $config->app_msgs['captcha_fail'];
            } else {
                  if(strlen($password) == 0) {
                 //password is not set
                 $errorMsg = $config->app_msgs['set_passwd'];
                 $error = true;
             }
             if($password != $password2) {
                 $errorMsg = $config->app_msgs['passwd_mismatch'];
                 $error = true;
             }
            //check if username is already taken
             if(!$error) { 
                $caller =  $apiroot . "jodlers?transform=1&filter=jodlerHRID,eq," . $username;
                $resp = getCall($caller);
                if($resp !== '{"jodlers":[]}') {
                     //recived empty JSON
                     //TODO: make this nice (code styling, json handling)
                    $errorMsg = $config->app_msgs['nametaken'];
                     $error = true;
                 } 
             }
             //no errors, user can be registered
             if(!$error) { 
                 //hash password & salt it
                 $password_hash = password_hash($password, PASSWORD_DEFAULT);
                //remove special chars, to avoid injection
                $username = htmlspecialchars($username, ENT_QUOTES);
                //register the user
                 $caller = $apiroot . "jodlers";
                 $postdata = "{\n  \"jodlerHRID\": \"$username\",\n  \"karma\": 50,\n  \"account_state\": 1,\n  \"passphrase\": \"$password_hash\"\n}";
                $userid = postCall($caller, $postdata);
                //response is ID of the new user
                if(is_numeric($userid)) { 
                    //if ID is a number, user is created
                    $successMsg = $config->app_msgs['acc_created'];
                     header('Location: ' . $config->baseUrl . 'login.php');
                     $showFormular = false;
                 } else {
                     //something went wrong
                     $errorMsg = $config->app_msgs['general_error'];
                 }
             } 
        }
 
        
        }
        if($mainaction == true){
 
?>
<a class="forker" target="_blank" href="https://github.com/jhuesser/bzu-jodel-clone"><img class="forker" style="position: absolute; top: 0; right: 0; border: 0;" src="https://camo.githubusercontent.com/652c5b9acfaddf3a9c326fa6bde407b87f7be0f4/68747470733a2f2f73332e616d617a6f6e6177732e636f6d2f6769746875622f726962626f6e732f666f726b6d655f72696768745f6f72616e67655f6666373630302e706e67" alt="Fork me on GitHub" data-canonical-src="https://s3.amazonaws.com/github/ribbons/forkme_right_orange_ff7600.png"></a>
<div id="top"></div>
<!-- main menu -->
<ul class="nav ">
    <li class="nav-item">
        <img src="img/domaynW.png" alt="DomaynTec Logo" width="30%">
    </li>
  
</ul>
<!-- end main menu -->
<div class="test"></div>
<?php
if(isset($errorMsg)) {
            //Show error message
            ?>
            <div class="alert alert-danger" role="alert">
                  <strong>Holy guacamole!</strong> <?php echo $errorMsg;?>
            </div>
            <?php
         }
        if(isset($successMsg)) {
             ?>
            <div class="alert alert-success" role="alert">
                  <strong>Perfect!</strong> <?php echo $successMsg;?>
            </div>
            <?php
    }?>
 
<div class="alert alert-warning" role="alert">
  <strong>Warning!</strong> This is a test environment. Every user that is not approved by the admins / developer gets banned.
</div>
<!-- signup form -->
<div class="container">
    <div class="wrapper">
        <form action="?register=1" method="post" name="signupform" class="form-signup">       
            <h3 class="form-signin-heading"><?php echo $config->login_strings['title_signup'];?></h3>
              <hr class="colorgraph"><br>
              
              <input type="text" class="form-control" name="username" placeholder="<?php echo $config->login_strings['username'];?>" required="true" autofocus="true" />
              <input type="password" class="form-control" name="password1" placeholder="<?php echo $config->login_strings['paswd'];?>" required="true"/>
              <input type="password" class="form-control" name="password2" placeholder="<?php echo $config->login_strings['repeat_paswd'];?>" required="true"/>  
              <div class="g-recaptcha" data-sitekey="<?php echo $config->recaptcha_sitekey; ?>"></div>              
             
              <button class="btn btn-lg btn-block"  name="Submit" value="Signup" type="Submit"><?php echo $config->login_strings['signup'];?></button>              
        </form>
        <!-- link to login page -->
        <p><?php echo $config->login_strings['acc_exists']; ?></p>            
    </div>
</div>
<!-- end form -->
<?php include 'functions/footer.php';
        }