The following files exists in this folder. Click to view.
create_account.php38 lines UTF-8 Unix (LF)
<?php
require_once('databaseconnection.php');
include('functions.php');
if(isset($_POST['username']) and isset($_POST['password'])){
$password = sha1("LBM".trim($_POST['password'])."Stegen"); //krypterar
$username = trim($_POST['username']);
$username = htmlspecialchars($username, ENT_QUOTES, "UTF-8");
$sql = "SELECT * FROM Users
WHERE username = :username AND password = :password";
$stm = $pdo->prepare($sql);
$stm->execute(array('username' => $username, 'password' => $password));
$res = $stm->fetch(PDO::FETCH_ASSOC);
if(isset($res["userId"])){
if($res['active'] != 1){
header('location: index.php?action=login&mess=deleted');
exit();
}
header('location: index.php?action=login&mess=exists');
exit();
}
//Lägger in information om användaren i databasen
$sql = "INSERT INTO Users (userId, userlvl, password, username, latestLogin) VALUES (NULL, 'user', '$password', '$username', '".date('Y-m-d H:i:s')."');";
$stm = $pdo->prepare($sql);
$stm->execute();
$lastId = $pdo->lastInsertId();
header('location: index.php?action=login&mess=created');
exit();
}
else{
header('location: index.php?action=login&mess=error');
exit();
}
?>