-
-
Save komang4130/4aa9676f0db4cb51c1f60db4a84ba435 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php require_once("lib/connection.php"); ?> | |
<?php | |
if ( isset($_SESSION["is_logged"]) ) | |
{ | |
if ( $_SESSION["admin"]) | |
{ | |
header("Location: admin.php"); | |
exit(); | |
} | |
else | |
{ | |
header("Location: user.php"); | |
exit(); | |
} | |
} | |
?> | |
<?php | |
if (empty ($_SESSION["csrf_token"])){ | |
$_SESSION["csrf_token"] = md5(uniqid()); | |
} | |
?> | |
<?php | |
$status = ""; | |
$message = ""; | |
function xor_strings($email,$key) | |
{ | |
$token = ""; | |
for($i = 0 ; $i < strlen($email) ; $i++) | |
{ | |
$enc = ord($email[$i]) ^ ord($key[$i%16]); | |
$token = $token.chr($enc); | |
} | |
return base64_encode($token); | |
} | |
if (isset($_POST['btn-login']) ) | |
{ | |
$email = $_POST["email"] ; | |
$pass = $_POST["pass"]; | |
$csrf_token = $_SESSION["csrf_token"];; | |
if ( !($_SESSION["csrf_token"] && $_POST["csrf_token"] === $_SESSION["csrf_token"])) | |
{ | |
header("Location: fail.php"); | |
exit(); | |
} | |
if (empty($email) || empty($pass) ) | |
{ | |
header("Location: fail.php"); | |
exit(); | |
} | |
unset($_SESSION["csrf_token"]); | |
$_SESSION["csrf_token"] = md5(uniqid()); | |
$query = $conn->prepare("SELECT email FROM users WHERE email=?"); | |
$query->bind_param("s",$email); | |
$query->execute(); | |
$result = $query->get_result(); | |
if ($result->num_rows == 1) | |
{ | |
$status = "0"; | |
$message = "Your email has already been taken, please choose another email"; | |
$query->close(); | |
$conn->close(); | |
} | |
else | |
{ | |
$status = "1"; | |
$key = "mY_R4nd0m_Str1ng"; | |
$token = xor_strings($email,$key); | |
$password = password_hash($pass,PASSWORD_BCRYPT); | |
$query = $conn->prepare("INSERT INTO users (email, password, token, admin) VALUES (?, ?, ?, false)"); | |
$query->bind_param("sss",$email,$password,$token); | |
$query->execute(); | |
$query->close(); | |
$conn->close(); | |
$message = "Successfully registered, Click <a href='index.php'>Here</a> to login."; | |
} | |
} | |
?> | |
<!DOCTYPE html> | |
<html lang="en"> | |
<head> | |
<title>Register</title> | |
<meta charset="UTF-8"> | |
<meta name="viewport" content="width=device-width, initial-scale=1"> | |
<!--===============================================================================================--> | |
<link rel="icon" type="image/png" href="css/favicon.ico"/> | |
<!--===============================================================================================--> | |
<link rel="stylesheet" type="text/css" href="css/bootstrap.min.css"> | |
<!--===============================================================================================--> | |
<link rel="stylesheet" type="text/css" href="css/font-awesome-4.7.0/css/font-awesome.min.css"> | |
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css"> | |
<!--===============================================================================================--> | |
<link rel="stylesheet" type="text/css" href="css/animate.css"> | |
<!--===============================================================================================--> | |
<link rel="stylesheet" type="text/css" href="css/hamburgers.min.css"> | |
<!--===============================================================================================--> | |
<link rel="stylesheet" type="text/css" href="css/select2.min.css"> | |
<!--===============================================================================================--> | |
<link rel="stylesheet" type="text/css" href="css/util.css"> | |
<link rel="stylesheet" type="text/css" href="css/main.css"> | |
<!--===============================================================================================--> | |
</head> | |
<body> | |
<div class="limiter"> | |
<div class="container-login100"> | |
<div class="wrap-login100"> | |
<div class="login100-pic js-tilt" data-tilt> | |
<img src="css/luffy.gif" alt="IMG"> | |
</div> | |
<form class="login100-form validate-form" action="register.php" method="post"> | |
<span class="login100-form-title"> | |
Member register | |
</span> | |
<div class="wrap-input100 validate-input" data-validate = "Invalid email"> | |
<input class="input100" type="text" name="email" placeholder="Email"> | |
<span class="focus-input100"></span> | |
<span class="symbol-input100"> | |
<i class="fa fa-envelope" aria-hidden="true"></i> | |
</span> | |
</div> | |
<div class="wrap-input100 validate-input" data-validate = "Invalid password."> | |
<input class="input100" type="password" name="pass" placeholder="Password"> | |
<span class="focus-input100"></span> | |
<span class="symbol-input100"> | |
<i class="fa fa-lock" aria-hidden="true"></i> | |
</span> | |
</div> | |
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION["csrf_token"]; ?>" /> | |
<div class="container-login100-form-btn"> | |
<button class="login100-form-btn" name="btn-login"> | |
Register | |
</button> | |
</div> | |
<div class="text-center p-t-12"> | |
<span class="txt1"> | |
Forgot | |
</span> | |
<a class="txt2" href="forget.php"> | |
Username / Password? | |
</a> | |
</div> | |
<?php | |
if ( $status == "1" ) | |
{ | |
echo "<div class='alert alert-success alert-autocloseable-success'>".$message."</div>"; | |
} | |
else if ( $status == "0") | |
{ | |
echo "<div class='alert alert-warning alert-autocloseable-warning'>".$message."</div>"; | |
} | |
?> | |
<div class="text-center p-t-136"> | |
<a class="txt2" href="index.php"> | |
Back to login | |
<i class="fa fa-long-arrow-right m-l-5" aria-hidden="true"></i> | |
</a> | |
</div> | |
</form> | |
</div> | |
</div> | |
</div> | |
<!--===============================================================================================--> | |
<script src="css/jquery-3.2.1.min.js"></script> | |
<!--===============================================================================================--> | |
<script src="css/popper.js"></script> | |
<script src="css/bootstrap.min.js"></script> | |
<!--===============================================================================================--> | |
<script src="css/select2.min.js"></script> | |
<!--===============================================================================================--> | |
<script src="css/tilt.jquery.min.js"></script> | |
<script > | |
$('.js-tilt').tilt({ | |
scale: 1.1 | |
}) | |
</script> | |
<!-- Global site tag (gtag.js) - Google Analytics --> | |
<script async src="https://www.googletagmanager.com/gtag/js?id=UA-23581568-13"></script> | |
<script> | |
window.dataLayer = window.dataLayer || []; | |
function gtag(){dataLayer.push(arguments);} | |
gtag('js', new Date()); | |
gtag('config', 'UA-23581568-13'); | |
</script> | |
<!--===============================================================================================--> | |
<script src="css/main.js"></script> | |
</body> | |
</html> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment