187 lines
7.9 KiB
PHP
187 lines
7.9 KiB
PHP
<?php
|
|
session_start();
|
|
require_once 'includes/globals.php';
|
|
require_once 'vendor/autoload.php';
|
|
|
|
use DJMixHosting\Database;
|
|
use Aws\Ses\SesClient;
|
|
use Aws\Exception\AwsException;
|
|
|
|
// If the user is already logged in, redirect them
|
|
if(isset($_SESSION['user'])) {
|
|
header("Location: profile.php");
|
|
exit;
|
|
}
|
|
|
|
if($_SERVER['REQUEST_METHOD'] == 'POST') {
|
|
// Gather form fields
|
|
$username = trim($_POST['username'] ?? '');
|
|
$email = trim($_POST['email'] ?? '');
|
|
$password = $_POST['password'] ?? '';
|
|
$confirm_password = $_POST['confirm_password'] ?? '';
|
|
$first_name = trim($_POST['first_name'] ?? '');
|
|
$last_name = trim($_POST['last_name'] ?? '');
|
|
|
|
// Basic validation
|
|
$errors = [];
|
|
if(empty($username) || empty($email) || empty($password) || empty($confirm_password) || empty($first_name) || empty($last_name)) {
|
|
$errors[] = "All fields are required.";
|
|
}
|
|
if($password !== $confirm_password) {
|
|
$errors[] = "Passwords do not match.";
|
|
}
|
|
if(!filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
|
$errors[] = "Invalid email format.";
|
|
}
|
|
if(!preg_match('/^[a-zA-Z0-9_]{3,25}$/', $username)) {
|
|
$errors[] = "Invalid username format.";
|
|
}
|
|
|
|
if(!empty($errors)) {
|
|
$_SESSION['error'] = implode(" ", $errors);
|
|
header("Location: register.php");
|
|
exit;
|
|
}
|
|
|
|
$db = new Database($config);
|
|
|
|
// Check if username or email already exists
|
|
$stmt = $db->prepare("SELECT id FROM users WHERE username = ? OR email = ?");
|
|
$stmt->bind_param("ss", $username, $email);
|
|
$stmt->execute();
|
|
$result = $stmt->get_result();
|
|
if($result->num_rows > 0) {
|
|
$_SESSION['error'] = "Username or email already exists.";
|
|
header("Location: register.php");
|
|
exit;
|
|
}
|
|
$stmt->close();
|
|
|
|
// Insert the new user record. (Assuming columns firstName and lastName exist.)
|
|
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
|
|
$stmt = $db->prepare("INSERT INTO users (username, password, email, firstName, lastName, img, emailVerified) VALUES (?, ?, ?, ?, ?, '', 0)");
|
|
$stmt->bind_param("sssss", $username, $hashed_password, $email, $first_name, $last_name);
|
|
if(!$stmt->execute()){
|
|
$_SESSION['error'] = "Registration failed. Please try again.";
|
|
header("Location: register.php");
|
|
exit;
|
|
}
|
|
$user_id = $stmt->insert_id;
|
|
$stmt->close();
|
|
|
|
// Log the user in
|
|
$_SESSION['user'] = [
|
|
'id' => $user_id,
|
|
'username' => $username,
|
|
'email' => $email
|
|
];
|
|
|
|
// Trigger email verification: generate a verification code valid for 15 minutes
|
|
$verification_code = bin2hex(random_bytes(16));
|
|
$expires_at = date("Y-m-d H:i:s", strtotime("+15 minutes"));
|
|
// Insert record with purpose 'email_verification'
|
|
$stmt = $db->prepare("REPLACE INTO email_verifications (user_id, email, verification_code, expires_at, purpose) VALUES (?, ?, ?, ?, 'email_verification')");
|
|
$stmt->bind_param("isss", $user_id, $email, $verification_code, $expires_at);
|
|
$stmt->execute();
|
|
$stmt->close();
|
|
|
|
// Send verification email via AWS SES using config settings
|
|
$sesClient = new SesClient([
|
|
'version' => 'latest',
|
|
'region' => $config['aws']['ses']['region'],
|
|
'credentials' => [
|
|
'key' => $config['aws']['ses']['access_key'],
|
|
'secret' => $config['aws']['ses']['secret_key']
|
|
]
|
|
]);
|
|
$sender_email = $config['aws']['ses']['sender_email'];
|
|
$recipient_email = $email;
|
|
$subject = "Verify Your Email Address";
|
|
$verification_link = $config['app']['url'] . "/verify_email.php?code={$verification_code}";
|
|
$body_text = "Thank you for registering at " . $config['app']['name'] . ".\n\n";
|
|
$body_text .= "Please verify your email address by clicking the link below or by entering the verification code in your profile:\n\n";
|
|
$body_text .= "{$verification_link}\n\nYour verification code is: {$verification_code}\nThis code will expire in 15 minutes.";
|
|
|
|
try {
|
|
$result = $sesClient->sendEmail([
|
|
'Destination' => [
|
|
'ToAddresses' => [$recipient_email],
|
|
],
|
|
'ReplyToAddresses' => [$sender_email],
|
|
'Source' => $sender_email,
|
|
'Message' => [
|
|
'Body' => [
|
|
'Text' => [
|
|
'Charset' => 'UTF-8',
|
|
'Data' => $body_text,
|
|
],
|
|
],
|
|
'Subject' => [
|
|
'Charset' => 'UTF-8',
|
|
'Data' => $subject,
|
|
],
|
|
],
|
|
]);
|
|
$_SESSION['success'] = "Registration successful! A verification email has been sent to your email address.";
|
|
} catch (AwsException $e) {
|
|
$_SESSION['error'] = "Registration successful, but failed to send verification email: " . $e->getAwsErrorMessage();
|
|
}
|
|
|
|
header("Location: profile.php");
|
|
exit;
|
|
}
|
|
|
|
require_once 'includes/header.php';
|
|
?>
|
|
|
|
<section class="register-section py-5">
|
|
<div class="container">
|
|
<div class="row justify-content-center">
|
|
<div class="col-lg-6">
|
|
<?php
|
|
if(isset($_SESSION['error'])) {
|
|
echo '<div class="alert alert-danger alert-dismissible fade show mb-4" role="alert">' . htmlspecialchars($_SESSION['error']) . '<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button></div>';
|
|
unset($_SESSION['error']);
|
|
}
|
|
?>
|
|
<div class="card shadow-sm border-0">
|
|
<div class="card-body p-4">
|
|
<h3 class="text-center mb-4">Register</h3>
|
|
<form action="register.php" method="post" class="needs-validation" novalidate>
|
|
<div class="mb-3">
|
|
<label for="username" class="form-label">Username</label>
|
|
<input type="text" class="form-control" id="username" name="username" required>
|
|
</div>
|
|
<div class="mb-3">
|
|
<label for="email" class="form-label">Email</label>
|
|
<input type="email" class="form-control" id="email" name="email" required>
|
|
</div>
|
|
<div class="mb-3">
|
|
<label for="firstName" class="form-label">First Name</label>
|
|
<input type="text" class="form-control" id="firstName" name="first_name" required>
|
|
</div>
|
|
<div class="mb-3">
|
|
<label for="lastName" class="form-label">Last Name</label>
|
|
<input type="text" class="form-control" id="lastName" name="last_name" required>
|
|
</div>
|
|
<div class="mb-3">
|
|
<label for="password" class="form-label">Password</label>
|
|
<input type="password" class="form-control" id="password" name="password" required>
|
|
</div>
|
|
<div class="mb-3">
|
|
<label for="confirm_password" class="form-label">Confirm Password</label>
|
|
<input type="password" class="form-control" id="confirm_password" name="confirm_password" required>
|
|
</div>
|
|
<button type="submit" class="btn btn-primary w-100">Register</button>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
<div class="text-center mt-4">
|
|
<p class="mb-0">Already have an account? <a href="login.php" class="text-decoration-none">Login</a></p>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</section>
|
|
|
|
<?php require_once 'includes/footer.php'; ?>
|