-
Notifications
You must be signed in to change notification settings - Fork 2
/
signup.php
90 lines (84 loc) · 3.2 KB
/
signup.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
<?php
// IF SUBMIT HAS DONE
if (isset($_POST['signup'])) {
// CONNECT DATABASE
require_once "dbcon.php";
// GET USER INPUT
$id = $_POST['id'];
$pw = $_POST['pw'];
$name = $_POST['name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$address = $_POST['address'];
$datetime = date('Y-m-d') . ' ' . date('H:i:s');
$latest = $datetime;
$login_count = 0;
$ip = $_SERVER['REMOTE_ADDR'];
// UPDATE PASSWORD USING DYNAMIC SALT
$pw = getSaltString($datetime, $latest, $login_count, $pw);
// VERIFY MEMBER&INPUT_ID
$member_count_query = "SELECT COUNT(*) as cnt FROM member WHERE id = '$id' ";
if($result = mysqli_query($conn,$member_count_query)){
$member_count = mysqli_fetch_assoc($result);
if($member_count && (int)$member_count['cnt'] === 1){ // UNREGISTERED USER
echo '<script type="text/javascript">';
echo 'alert("Member already exists");';
echo 'window.location.href = "signup.html";';
echo '</script>';
exit();
}else{ // REGISTERED USER
// INSERT INPUT INTO MEMBER DB
// id,pw,name,email,phone,address,datetime,latest,login_count,ip
$insert = "INSERT INTO member(id, password, datetime, name, email, phone, address, latest, login_count, IP) VALUES('$id', '$pw', '$datetime', '$name', '$email', '$phone', '$address', '$latest', '$login_count', '$ip')";
if (mysqli_query($conn, $insert)) { // SIGNUP SUCESS
mysqli_close($conn);
echo '<script type="text/javascript">';
echo 'alert("User Registeration Completed!");';
echo 'window.location.href = "index.php";';
echo '</script>';
exit();
} else { // DB CONNECTION FAIL
echo '<script type="text/javascript">';
echo 'alert("Lost server connection :(");';
echo 'window.location.href = "login.html";';
echo '</script>';
exit();
}
}
}else{ // DB CONNECTION FAIL
echo '<script type="text/javascript">';
echo 'alert("Lost server connection :(");';
echo 'window.location.href = "login.html";';
echo '</script>';
exit();
}
// CLOSE DB CONNECTION
mysqli_close($conn);
} else{ // WRONG INPUT
echo "<script>alert('You've misseed some of the input. Please try again. :( ');";
echo 'window.location.href = "signup.html";';
echo '</script>';
exit();
}
// ---- DYNAMIC SALT ----
function getSaltString($datetime, $latest, $login_count, $password)
{
// mod operation
$mod = unpack("I", $password)[1] % 24; // unsigned integer
$arr = [$datetime, $latest, $login_count, $password];
// algorithm
for ($i = 0; $i < count($arr); $i++) {
for ($j = 0; $j < count($arr); $j++) {
for ($k = 0; $k < count($arr); $k++) {
if ($i == $j || $j == $k || $k == $i) {
continue;
}
$saltString[] = $arr[$i] . $arr[$j] . $arr[$k];
}
}
}
// hash section
return hash('sha256', "$saltString[$mod]");
}
// ---- END OF SALT ----
?>