jun 13

php/register.php

@@ -5,35 +5,48 @@ require 'core.inc.php';
 if (!loggedin()) {
     if (
         isset($_POST['name']) && isset($_POST['email'])
-        && isset($_POST['password']) && isset($_POST['password_again'])
+        && isset($_POST['password']) && isset($_POST['password_again']) && isset($_POST['birth_day'])
+        && isset($_POST['birth_month']) && isset($_POST['birth_year'])
     ) {
         $name = $_POST['name'];
         $email = $_POST['email'];
         $password = $_POST['password'];
         $password_again = $_POST['password_again'];
         $password_hash = md5($password);
-        $upperCase = preg_match('/[A-Z]/', $password); 
+        $birth_day = $_POST['birth_day'];
+        $birth_month = $_POST['birth_month'];
+        $birth_year = $_POST['birth_year'];
 
         if (
             !empty($name) && !empty($password) && !empty($password_again) &&
-            !empty($email)
+            !empty($email) && !empty($birth_day) && !empty($birth_month) && !empty($birth_year)
         ) {
             if (strlen($name) > 30) {
                 echo 'Please ahear to maxlength of fields';
+            } elseif (preg_match("/\d/", $name) || preg_match("/\W/", $name)) {
+                echo 'Your name must contains only letters!';
             } else {
                 if ($password != $password_again) {
                     echo 'Passwords do not match';
-                }elseif (strlen($password) < 6){
+                } elseif (strlen($password) <= 8) {
                     echo 'Password is weak!';
-                }
-                 else {
+                } elseif (!preg_match("/\d/", $password)) {
+                    echo 'Password must have one number at least!';
+                } elseif (!preg_match("#[A-Z]+#", $password)) {
+                    echo 'Password must have one capital letter at least!';
+                } elseif (!preg_match("#[a-z]+#", $password)) {
+                    echo 'Password must have one letter at least!';
+                } elseif (!preg_match("/\W/", $password)) {
+                    echo 'Password must have one special carachter at least!';
+                } else {
                     $query = "SELECT `email` FROM `globaly_accounts` WHERE `email` ='$email'";
                     $query_run = mysqli_query($con, $query);
                     if (mysqli_num_rows($query_run) == 1) {
                         echo 'The email ' . $email . 'already exists';
                     } else {
                         $query = "INSERT INTO `globaly_accounts` VALUES (NULL ,'" . mysqli_real_escape_string($con, $name) .
-                            "','" . mysqli_real_escape_string($con, $email) . "','" . mysqli_real_escape_string($con, $password_hash) . "')";
+                            "','" . mysqli_real_escape_string($con, $email) . "','" . mysqli_real_escape_string($con, $password_hash) . "','" .
+                            mysqli_real_escape_string($con, $birth_day) . "','" . mysqli_real_escape_string($con, $birth_month) . "','" . mysqli_real_escape_string($con, $birth_year)  . "')";
                         if ($query_run = mysqli_query($con, $query)) {
                             echo '<script>alert("You are registerd!")</script>';
                             header('Location: ../index.html');