-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathregistration.php
240 lines (217 loc) · 10.4 KB
/
registration.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<?php
$servername_HFR = "150.145.136.104";
$username_HFR = "HFRwebformUser";
$password_HFR = "!_e2MKonpy5paMTgR9_!";
$dbname_HFR = "HFR_node_db";
// Create connection to EU HFR node DB
$conn_HFR = mysqli_connect($servername_HFR, $username_HFR, $password_HFR, $dbname_HFR);
// Check connection
if (!$conn_HFR) {
die("Connection failed: " . mysqli_connect_error());
}
// Set the desired charset after establishing a connection
mysqli_set_charset($conn_HFR, 'utf8');
?>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>The European HFR Node</title>
<link href='http://fonts.googleapis.com/css?family=Roboto' rel='stylesheet' type='text/css'>
<link href="/css/EU_HFR_WF_StyleSheet.css" rel="stylesheet" type="text/css">
</head>
<body class="twoColFixRtHdr">
<div id="container">
<div id="header" style="background: url('images/header_2022.png')">
<h1>EU HFR NODE - Data Entry Web Form</h1><br>
Web Form for managing HFR network information
<!-- end #header --></div>
<div id="mainContent">
<h1>Registration form</h1>
<div id="Buttons">
<a href="https://cnrsc-my.sharepoint.com/:b:/g/personal/lorenzopaolo_corgnati_cnr_it/Ecoa9zTYUmVNiXuDxiKWslQBqwbtuG3r1RVwdI5Dy-E9zg?e=bylH89" target="_blank"><button style="height:40px; width:200px">Webform User Manual</button><a>
<br><br>
<a href="index.php"><button style="height:40px; width:200px">Back to homepage</button><a>
<br><br>
</div>
<div id="registration_form">
Please insert your information
<?php
// valorizzazione delle variabili con i parametri dal form
if(isset($_POST['submit'])&&($_POST['submit']=="Save"))
{
if(isset($_POST['username'])){
$username = addslashes(filter_var($_POST['username'], FILTER_SANITIZE_STRING));
}
// Check if the username is empty
if($username!=''){
// Check if the username already exists
$sql_usernames = "SELECT * FROM account_tb WHERE username='$username'";
$result_usernames = mysqli_query($conn_HFR, $sql_usernames) or die(mysqli_error());
$count_usernames = mysqli_num_rows($result_usernames);
if ($count_usernames>0){
$mess = "The username already exists. Please choose a different one.";
header("Location: registration.php?login_message=" . $mess);
}
else {
// Check the email address
if(isset($_POST['email'])){
$email = addslashes(filter_var($_POST['email'], FILTER_SANITIZE_STRING));
}
if($email!=''){
// Check if the username already exists
$sql_emails = "SELECT * FROM account_tb WHERE email='$email'";
$result_emails = mysqli_query($conn_HFR, $sql_emails) or die(mysqli_error());
$count_emails = mysqli_num_rows($result_emails);
if($count_emails>0){
$mess = "The email you inserted already exists in the database. An email will be sent to you where you can find your username and your account details. Please use your username to recover your password, in case you forgot it.";
// Retrieve user details
$emails = mysqli_fetch_assoc($result_emails);
$username_rec = $emails['username'];
$name_rec = $emails['name'];
$surname_rec = $emails['surname'];
$institution_rec = $emails['institution'];
$network_id_rec = $emails['network_id'];
// Send email for password recovery
$msg_rec = "Dear " . $name_rec . ",\nyou are already registered to the European HFR Node with this email.\nIt seems that you are trying to create a new account with the same email.\nBelow you find the details of your account.\nUsername: " . $username_rec . "\nName: " . $name_rec . "\nSurname: " . $surname_rec . "\nInstitution: " . $institution_rec . "\nManaged HFR networks: " . $network_id_rec . "\n\nPlease use your username to recover your password, in case you forgot it.\n\nBest regards.\nThe EU HFR node team.";
// use wordwrap() if lines are longer than 70 characters
$msg_rec = wordwrap($msg_rec,70);
// set headers
$headers = "MIME-Version: 1.0" . "\r\n";
//$headers .= "Content-type:text/html;charset=UTF-8" . "\r\n";
$headers .= 'From: <lorenzo.corgnati@sp.ismar.cnr.it>' . "\r\n";
// send email
mail($email,"EU HFR Node registration",$msg_rec,$headers);
header("Location: index.php?login_message=" . $mess);
}
else{
if(isset($_POST['confirm_email'])){
$confirm_email = addslashes(filter_var($_POST['confirm_email'], FILTER_SANITIZE_STRING));
}
if($email != $confirm_email){
$mess = "The confirmation email you inserted does not match your email address. Please restart the registration.";
header("Location: registration.php?login_message=" . $mess);
}
else {
if(isset($_POST['password'])){
if($_POST['password']==''){
$password = '';
}
else{
$password = sha1(addslashes(filter_var($_POST['password'], FILTER_SANITIZE_STRING)));
}
}
if($password!=''){
if(isset($_POST['name'])){
$name = addslashes(filter_var($_POST['name'], FILTER_SANITIZE_STRING));
}
if($name!=''){
if(isset($_POST['surname'])){
$surname = addslashes(filter_var($_POST['surname'], FILTER_SANITIZE_STRING));
}
if($surname!=''){
if(isset($_POST['institution'])){
$institution = addslashes(filter_var($_POST['institution'], FILTER_SANITIZE_STRING));
}
if($institution!=''){
if(isset($_POST['network_id'])){
$network_id = addslashes(filter_var($_POST['network_id'], FILTER_SANITIZE_STRING));
}
// chiamata alla funzione per l'inserimento dei dati in EU HFR node DB
$sql_insert = "INSERT INTO account_tb (username, name, surname, institution, email, network_id) VALUES (\"" . $username . "\",\"" . $name . "\",\"" . $surname . "\",\"" . $institution . "\",\"" . $email . "\",\"" . $network_id . "\")";
$insert_query = mysqli_query($conn_HFR, $sql_insert) or die(mysqli_error());
// chiamata alla funzione per l'inserimento dei dati in CDM DB
$sql_insert_psw = "INSERT INTO login_tb (username_login, password_login) VALUES (\"" . $username . "\",\"" . $password . "\")";
$insert_query_psw = mysqli_query($conn_HFR, $sql_insert_psw) or die(mysqli_error());
$mess = "The account information have been successfully inserted.";
// Send email for registration confirmation
$msg = "Dear " . $name . ",\nyou have been succesfully registered to the European HFR Node.\nBelow you find the details of your account.\nUsername: " . $username . "\nName: " . $name . "\nSurname: " . $surname . "\nInstitution: " . $institution . "\nManaged HFR networks: " . $network_id . "\n\nYou can start filling in the information of the HFR networks you manage in the web form.\n\nBest regards.\nThe EU HFR node team.";
// use wordwrap() if lines are longer than 70 characters
$msg = wordwrap($msg,70);
// set headers
$headers = "MIME-Version: 1.0" . "\r\n";
//$headers .= "Content-type:text/html;charset=UTF-8" . "\r\n";
$headers .= 'From: <lorenzo.corgnati@sp.ismar.cnr.it>' . "\r\n";
// send email
mail($email,"EU HFR Node registration",$msg,$headers);
header("Location: index.php?login_message=" . $mess);
}
else{
$mess = "No institution has been inserted. Please insert one.";
header("Location: registration.php?login_message=" . $mess);
}
}
else{
$mess = "No surname has been inserted. Please insert one.";
header("Location: registration.php?login_message=" . $mess);
}
}
else{
$mess = "No name has been inserted. Please insert one.";
header("Location: registration.php?login_message=" . $mess);
}
}
else{
$mess = "No password has been inserted. Please insert one.";
header("Location: registration.php?login_message=" . $mess);
}
}
}
}
else{
$mess = "No email has been inserted. Please insert one.";
header("Location: registration.php?login_message=" . $mess);
}
}
}
else{
$mess = "No username has been inserted. Please insert one.";
header("Location: registration.php?login_message=" . $mess);
}
}
else
{
// form per l'inserimento
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<br>Username:<br>
<input name="username" type="text" value=""><br />
<br>Password:<br>
<input name="password" type="text" value=""><br />
<br>Name:<br>
<input name="name" type="text" value=""><br />
<br>Surname:<br>
<input name="surname" type="text" value=""><br />
<br>Institution:<br>
<input name="institution" type="text" value=""><br />
<br>Email:<br>
<input name="email" type="text" value=""><br />
<br>Confirm email:<br>
<input name="confirm_email" type="text" value=""><br />
<input name="submit" type="submit" value="Save">
</form>
<?php
}
?>
<br><br>
You can request the management of an existing network in the page <b>"Edit your profile"</b>.
<!-- end #registration_form --></div>
<!-- end #mainContent --></div>
<!-- Questo elemento di clearing deve seguire immediatamente il div #mainContent al fine di forzare il div #container a contenere tutti i float di livello inferiore --><br class="clearfloat" />
<div id="footer">
<p><b>CNR-ISMAR Institute of Marine Sciences - National Research Council of Italy</b> :: S.S. Lerici / Forte Santa Teresa, 19032 Pozzuolo di Lerici (SP) - Italy
<br>Web Form development :: Lorenzo Corgnati :: lorenzo.corgnati@sp.ismar.cnr.it</p>
<!-- end #footer --></div>
<!-- end #container --></div>
<?php
if($_GET["login_message"] != ''){
echo "<script language=\"javascript\">";
echo "alert(\"" . $_GET["login_message"] . "\")";
echo "</script>";
}
?>
</body>
</html>
<?php
mysqli_close($conn_HFR);
?>