Source of: /ADI/auth-db-sessions/signup_action.php
<?php
include("inc/db.php");
if(!isset($_POST['submitok'])) {
header("Location: signup.php");
}
else {
$db = dbconnect($hostname,$db_name,$db_user,$db_passwd);
if( $_POST['newid'] == '' or
$_POST['newname'] == '' or
$_POST['newemail'] == '' ) {
header("Location: signup.php?m=1");
exit;
}
$query = "SELECT * FROM users WHERE userid = '" .$_POST['newid'] ."'";
$result = @ mysqli_query($db, $query);
if(!$result)
showerror($db);
if(mysqli_num_rows($result) > 0) {
header("Location: signup.php?m=2");
exit;
}
$userid = $_POST['newid'];
$password = substr(md5(time()),0,6);
$fullname = $_POST['newname'];
$email = $_POST['newemail'];
$notes = $_POST['newnotes'];
$present_date = date("Y-m-d H:i:s");
$sql_insert = "INSERT INTO users(userid,password,fullname,email,notes, created_at)
VALUES('$userid','$password','$fullname','$email','$notes','$present_date')";
if(!mysqli_query($db, $sql_insert))
showerror();
mysqli_close($db);
$message = "Hello
Your personal account for the Project Web Site
has been created!
Your personal login ID and password are as
follows:
userid: $userid
password: $password
- Figo
";
mail($_POST['newemail'],"Your Password for the Website",
$message, "From:Figo <figo@deei.fct.ualg.pt>");
header("Location: signup_success.php");
}
?>