djsundog
/
AllWhomstWander
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

first pass at registration

This commit is contained in:
Sundog Jones 2024-05-13 11:40:23 -04:00
parent f51acb42d6
commit 712f42e790
1 changed files with 86 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

86
src/webserver/auth/register.php Normal file
View File

@ -0,0 +1,86 @@
<?php
$db_path = realpath(dirname(__FILE__) . '/../config/db.php');
require_once($db_path);
require_once(realpath(dirname(__FILE__) . '/../header.php'));
?>
<h1>All Whomst Wander</h1>
<h2>Register</h2>
<?php
if (!isset($_POST['nickname'])) {
// display registration form
regForm();
?>
<?php
} else {
// process registration
$errors = [];
// ensure nickname
if (!isset($_POST['nickname']) || trim($_POST['nickname']) === "") {
array_push($errors, "Your nickname is needed to log you in and share your progress with your friends.");
}
// ensure email address
if (!isset($_POST['email']) || trim($_POST['email']) === "") {
array_push($errors, "Your email address is needed in case you need to reset your password in the future.");
}
// ensure password and confirmation match
if (!isset($_POST['password']) || !isset($_POST['confirm_password']) || trim($_POST['password']) === "" || $_POST['password'] !== $_POST['confirm_password']) {
array_push($errors, "You need to provide a password and confirm the same password a second time in order to register.");
}
// check nickname uniqueness
$stmt = $conn->prepare('SELECT id FROM Players WHERE nickname = :nickname');
if ($stmt) {
$stmt->bindValue(':nickname', $_POST['nickname']);
$result = $stmt->execute();
if ($result && is_array($result->fetchArray())) {
array_push($errors, "That nickname is already taken. Please choose another.");
}
}
if (sizeof($errors) > 0) {
foreach ($errors as $e) {
echo "<p>" . $e . "</p>";
}
regForm();
} else {
$add_stmt = $conn->prepare('INSERT INTO Players (nickname, is_active) VALUES (:nickname, 1)');
if ($add_stmt) {
$add_stmt->bindValue(':nickname', $_POST['nickname']);
$add_result = $add_stmt->execute();
$player_id = false;
if ($add_result) {
$player_id = $conn->lastInsertRowID();
if ($player_id) {
$credentials_stmt = $conn->prepare('INSERT INTO PlayerAuth (player_id, email, hashed_pw, is_active, is_email_verified) VALUES (:player_id, :email, :hashed_pw, 1, 0)');
if ($credentials_stmt) {
$credentials_stmt->bindParam(':player_id', $player_id);
$credentials_stmt->bindParam(':email', $_POST['email']);
$credentials_stmt->bindParam(':hashed_pw', password_hash($_POST['password'], PASSWORD_DEFAULT, ['cost' => 12]));
$credentials_result = $credentials_stmt->execute();
if ($credentials_result) {
echo "<p>Your account has been created. You can now <a href='login.php'>log in and start playing</a>!</p>";
}
}
}
}
}
}
}
require_once(realpath(dirname(__FILE__) . '/../footer.php'));
function regForm() {
?>
<form method="POST" action="register.php" />
<p><label for="nickname">Your username: </label><input type="text" name="nickname" id="nickname" /></p>
<p><label for="email">Your email address: </label><input type="text" name="email" id="email" /></p>
<p><label for="password">Your password: </label><input type="password" name="password" id="password" /></p>
<p><label for="confirm_password">Confirm password: </label><input type="password" name="confirm_password" id="confirm_password" /></p>
<p><input type="submit" value="Register!" /></p>
</form>
<?php
}
?>