Galleries/PHPGallery
1
0
Fork 0
mirror of https://github.com/Fluffy-Bean/image-gallery.git synced 2025-05-23 20:04:55 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Signup switched to AJAX, omg this took forever

Browse source
This commit is contained in:
Michał Gdula 2022-08-13 12:04:17 +00:00
parent 79889d64e8
commit cd0c829e07
2 changed files with 249 additions and 147 deletions
Download patch file Download diff file Expand all files Collapse all files

171
account/signup.php
View file

@ -32,165 +32,42 @@
<?php <?php
include "../ui/required.php"; include "../ui/required.php";
include "../ui/nav.php"; include "../ui/nav.php";
// Validate susness of Username
if (isset($_POST['signup'])) {
if (empty(trim($_POST["username"]))) {
// Username was taken
$error = "Enter a username reeeee";
} elseif (!preg_match('/^[a-zA-Z0-9_]+$/', trim($_POST["username"]))) {
// Username entered contains illegal characters
$error = "Very sus. Username can only contain letters, numbers, and underscores";
} else {
// Prepare sql for sus
$sql = "SELECT id FROM users WHERE username = ?";
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "s", $username_request);
$username_request = trim($_POST["username"]);
if (mysqli_stmt_execute($stmt)) {
// Ask sql nicely if other usernames exist and store info
mysqli_stmt_store_result($stmt);
if (mysqli_stmt_num_rows($stmt) == 1) {
// Username not entered
$error = "Oopsie, username taken :c";
} else {
$username = trim($_POST["username"]);
}
} else {
$error = "Sussy things happened on our end, please try again later";
}
// Outa here with this
mysqli_stmt_close($stmt);
}
}
// Validate sussness of Password
if (empty(trim($_POST["password"]))) {
// No password entered
$error = "Bruh, enter a password";
} elseif(strlen(trim($_POST["password"])) < 6){
// Password not long enough 👀
$error = "(Password) Not long enough 👀";
} else {
$password = trim($_POST["password"]);
}
// Validate sussiness of the other Password
if (empty(trim($_POST["confirm_password"]))) {
// Did not confirm passowrd
$error = "You must confirm password!!!!!";
} else {
$confirm_password = trim($_POST["confirm_password"]);
if (empty($error) && $confirm_password != $password) {
// Password and re-entered Password does not match
$error = "Passwords need to be the same, smelly smelly";
}
}
// Check for invite code
if (isset($_POST['token'])) {
// Check if invite code is empty
if (empty($_POST['token'])) {
$error = "Enter Invite Code ;3";
} else {
// Prepare sql for sus
$sql = "SELECT id FROM tokens WHERE code = ? AND used = 0";
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "s", $param_code);
$param_code = $_POST['token'];
// Ask sql nicely if other usernames exist and store info
if (mysqli_stmt_execute($stmt)) {
mysqli_stmt_store_result($stmt);
if (mysqli_stmt_num_rows($stmt) == 1) {
$token = trim($_POST["token"]);
} else {
$error = "Invite code not valid";
}
} else {
$error = "Sussy things happened on our end and couldn't check token";
}
// Outa here with this
mysqli_stmt_close($stmt);
}
}
}
// Checking for errors
if (empty($error)) {
$sql = "INSERT INTO users (username, password) VALUES (?, ?)";
if ($stmt = mysqli_prepare($conn, $sql)) {
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "ss", $param_username, $param_password);
// Set parameters
$param_username = $username;
$param_password = password_hash($password, PASSWORD_DEFAULT);
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
// Prepare sql
$sql = "UPDATE tokens SET used = True WHERE code = ?";
$stmt = mysqli_prepare($conn, $sql);
mysqli_stmt_bind_param($stmt, "s", $param_token);
$param_token = $_POST['token'];
if (mysqli_stmt_execute($stmt)) {
//
// Hey fluffy why didn't you do this
// Hey fluffy, thats not how you do this
// Thats wrong! Do this instead!!!!!!
//
// I DON'T KNOW HOW TO DO THIS, BUT IT WORKS
// SO LEAVE ME ALONEEEEEEEEEE
// anyway....
// Generate Token
$token_array = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890abcdefghijklmnopqrstuvwxyz';
$new_token = substr(str_shuffle($token_array), 0, 10);
// Prepare sql
$sql = "INSERT INTO tokens (code, used) VALUES(?, False)";
$stmt = mysqli_prepare($conn, $sql);
mysqli_stmt_bind_param($stmt, "s", $param_new_token);
$param_new_token = $new_token;
mysqli_stmt_execute($stmt);
}
// Yupeee! Account was made
$success = "Account made for ".$username."!!!!!!";
} else {
$error = "Something went fuckywucky, please try later";
}
}
}
}
?> ?>
<div class="signup-root"> <div class="signup-root">
<h2>Make account</h2> <h2>Make account</h2>
<p>And amazing things happened here...</p> <p>And amazing things happened here...</p>
<br> <br>
<form method="POST" action="signup.php" enctype="multipart/form-data"> <form id="signupForm" method="POST" action="signup.php" enctype="multipart/form-data">
<input class="btn btn-neutral" type="text" name="username" placeholder="Username"> <input id="signupUsername" class="btn btn-neutral" type="text" name="username" placeholder="Username">
<br> <br>
<input class="btn btn-neutral" type="password" name="password" placeholder="Password"> <input id="signupPassword" class="btn btn-neutral" type="password" name="password" placeholder="Password">
<input class="btn btn-neutral" type="password" name="confirm_password" placeholder="Re-enter Password"> <input id="signupPasswordConfirm" class="btn btn-neutral" type="password" name="confirm_password" placeholder="Re-enter Password">
<br> <br>
<input class="btn btn-neutral" type="text" name="token" placeholder="Invite Code"> <input id="signupToken" class="btn btn-neutral" type="text" name="token" placeholder="Invite Code">
<br> <br>
<button class="btn btn-good" type="submit" name="signup"><img class="svg" src="../assets/icons/sign-in.svg">Sign Up</button> <button id="signupSubmit" class="btn btn-good" type="submit" name="signup"><img class="svg" src="../assets/icons/sign-in.svg">Sign Up</button>
</form> </form>
</div> </div>
<script>
$("#signupForm").submit(function(event) {
event.preventDefault();
var username = $("#signupUsername").val();
var password = $("#signupPassword").val();
var confirm_password = $("#signupPasswordConfirm").val();
var token = $("#signupToken").val();
var submit = $("#signupSubmit").val();
$("#sniffle").load("../app/account/signup.php", {
username: username,
password: password,
confirm_password: confirm_password,
token: token,
submit: submit
});
});
</script>
<?php include "../ui/footer.php"; ?> <?php include "../ui/footer.php"; ?>
</body> </body>
</html> </html>

225
app/account/signup.php Normal file
View file

@ -0,0 +1,225 @@
<?php
/*
|-------------------------------------------------------------
| Signup
|-------------------------------------------------------------
| The dreaded signup. Funfact, the one thing I hate more than
| late-stage capitalism and this world is JavaScript. Please
| save me...
|-------------------------------------------------------------
*/
// Include server connection
include "../server/conn.php";
if (isset($_POST['submit'])) {
/*
|-------------------------------------------------------------
| Set error status to 0
|-------------------------------------------------------------
| if there are more than 0 error, then they cannot submit a
| request
|-------------------------------------------------------------
*/
$error = 0;
if (empty(trim($_POST["username"]))) {
// Username not entered
?>
<script>
sniffleAdd('Hmmm', 'You must enter a username!', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
} elseif (!preg_match('/^[a-zA-Z0-9_]+$/', trim($_POST["username"]))) {
// Username entered contains illegal characters
?>
<script>
sniffleAdd('Sussy Wussy', 'Very sus. Username can only contain letters, numbers, and underscores', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
} else {
// Prepare sql for sus
$sql = "SELECT id FROM users WHERE username = ?";
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "s", $username_request);
$username_request = trim($_POST["username"]);
if (mysqli_stmt_execute($stmt)) {
// Ask sql nicely if other usernames exist and store info
mysqli_stmt_store_result($stmt);
if (mysqli_stmt_num_rows($stmt) == 1) {
// Username taken
?>
<script>
sniffleAdd('A clone?', 'Sorry, but username was already taken by someone else', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
} else {
$username = trim($_POST["username"]);
}
} else {
?>
<script>
sniffleAdd('Reee', 'We had a problem on our end, sowwy', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
}
// Outa here with this
mysqli_stmt_close($stmt);
}
}
// Validate sussness of Password
if (empty(trim($_POST["password"]))) {
// No password entered
?>
<script>
sniffleAdd('What', 'You must enter a password, dont want just anyone seeing your stuff uwu', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
} elseif(strlen(trim($_POST["password"])) < 6){
// Password not long enough 👀
?>
<script>
sniffleAdd('👀', 'Nice (Password) but its not long enough 👀', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
} else {
$password = trim($_POST["password"]);
}
// Validate sussiness of the other Password
if (empty(trim($_POST["confirm_password"]))) {
// Did not confirm passowrd
?>
<script>
sniffleAdd('Eh?', 'Confirm the password pls, its very important you remember what it issss', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
} else {
$confirm_password = trim($_POST["confirm_password"]);
if (empty($error) && $confirm_password != $password) {
// Password and re-entered Password does not match
?>
<script>
sniffleAdd('Try again', 'Passwords need to be the same, smelly smelly', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
}
}
// Check for invite code
if (isset($_POST['token'])) {
// Check if invite code is empty
if (empty($_POST['token'])) {
?>
<script>
sniffleAdd('smelly', 'Enter Invite Code ;3', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
} else {
// Prepare sql for sus
$sql = "SELECT id FROM tokens WHERE code = ? AND used = 0";
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "s", $param_code);
$param_code = $_POST['token'];
// Ask sql nicely if other usernames exist and store info
if (mysqli_stmt_execute($stmt)) {
mysqli_stmt_store_result($stmt);
if (mysqli_stmt_num_rows($stmt) == 1) {
$token = trim($_POST["token"]);
} else {
?>
<script>
sniffleAdd('Argh', 'Your invite code/token did not check out, woopsie!', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
}
} else {
?>
<script>
sniffleAdd('Woops', 'The server or website died inside and could not process your information, sowwy!', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
$error = $error + 1;
}
// Outa here with this
mysqli_stmt_close($stmt);
}
}
}
// Checking for errors
if ($error <= 0) {
$sql = "INSERT INTO users (username, password) VALUES (?, ?)";
if ($stmt = mysqli_prepare($conn, $sql)) {
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "ss", $param_username, $param_password);
// Set parameters
$param_username = $username;
$param_password = password_hash($password, PASSWORD_DEFAULT);
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
// Prepare sql
$sql = "UPDATE tokens SET used = True WHERE code = ?";
$stmt = mysqli_prepare($conn, $sql);
mysqli_stmt_bind_param($stmt, "s", $param_token);
$param_token = $_POST['token'];
if (mysqli_stmt_execute($stmt)) {
//
// Hey fluffy why didn't you do this
// Hey fluffy, thats not how you do this
// Thats wrong! Do this instead!!!!!!
//
// I DON'T KNOW HOW TO DO THIS, BUT IT WORKS
// SO LEAVE ME ALONEEEEEEEEEE
// anyway....
// Generate Token
$token_array = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890abcdefghijklmnopqrstuvwxyz';
$new_token = substr(str_shuffle($token_array), 0, 15);
// Prepare sql
$sql = "INSERT INTO tokens (code, used) VALUES(?, False)";
$stmt = mysqli_prepare($conn, $sql);
mysqli_stmt_bind_param($stmt, "s", $param_new_token);
$param_new_token = $new_token;
mysqli_stmt_execute($stmt);
}
// Yupeee! Account was made
?>
<script>
sniffleAdd('Success!', 'You account made for <?php echo $username; ?>!!!!! You will be redirected in a moment to login', 'var(--green)', '../assets/icons/hand-waving.svg');
setTimeout(function(){window.location.href = "../account/login.php";}, 4000);
</script>
<?php
} else {
?>
<script>
sniffleAdd('Bruh', 'Something went fuckywucky, please try later', 'var(--red)', '../assets/icons/cross.svg');
</script>
<?php
}
}
}
}