but for some reason, I didn't get any error messages... Here is my code...
<?php
if (!isset($_POST['submit'])) {
header("Location: ../signup.php");
exit();
} else {
include_once 'dbh.php';
// information from users table
$first = $_POST['first'];
$last = $_POST['last'];
$email = $_POST['email'] ;
$uid = $_POST['uid'];
$password = $_POST['pwd'];
$user_permission = 'Standard User';
$freelesson = $_POST['freelesson'];
$datejoined = date('Y-m-d H:i:s', strtotime('+1 day'));
$user_activate = 0;
$premium = 0;
// information from memberships table
$subscriptionplan = $_POST['subscriptionplan'];
$subscriptionplandate = date('Y-m-d H:i:s', strtotime('+1 day'));
$subscriptionplandate2 = date('Y-m-d H:i:s', strtotime('+1 day'));
$subscriptionplandate3 = date('Y-m-d H:i:s', strtotime('+1 day'));
$fees = 0;
$fees2 = 0;
$fees3 = 0;
$totalfees = 0;
$paid = 0;
$paid2 = 0;
$paid3 = 0;
$expirydate = date('Y-m-d H:i:s', strtotime('+1 day'));
$expirydate2 = date('Y-m-d H:i:s', strtotime('+1 day'));
$expirydate3 = date('Y-m-d H:i:s', strtotime('+1 day'));
$paidbydate = date('Y-m-d H:i:s', strtotime('+1 day'));
$paidbydate2 = date('Y-m-d H:i:s', strtotime('+1 day'));
$paidbydate3 = date('Y-m-d H:i:s', strtotime('+1 day'));
$overdue = 0;
$overdue2 = 0;
$overdue3 = 0;
// $fees = mysqli_real_escape_string($conn, $_POST['fees']);
// $totalfees = mysqli_real_escape_string($conn, $_POST['totalfees']);
$activate = 0;
//Error handlers...
if (empty($first) || empty($last) || empty($email) || empty($uid)|| empty($password)) {
header("Location: ../signup.php?signup=empty");
exit();
} else {
//Check if input characters are valid
if (!preg_match("/^[a-zA-Z]*$/", $first) || !preg_match("/^[a-zA-Z]*$/", $last)) {
header("Location: ../signup.php?signup=invalid");
exit();
} else {
//Checking for valid emails
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
header("Location: ../signup.php?signup=email");
exit();
} else {
if (Strlen($password) < 5) {
header("Location: ../signup.php?signup=invalidlength");
exit();
} else {
if (!preg_match('/^(?=.*\d)(?=.*[A-Za-z])[0-9A-Za-z!@#$%]{8,20}$/', $password)) {
header ("Location: ../signup.php?signup=notalphanumeric");
exit();
} else {
$sql = "SELECT * FROM users WHERE user_uid = ?;";
// Create a prepared statement
$stmt = mysqli_stmt_init($conn);
//Prepare the prepared stement
if (!mysqli_stmt_prepare($stmt, $sql)) {
echo "SQL statement failed";
} else {
//Bind parameters to the placeholder
mysqli_stmt_bind_param($stmt, "s", $uid);
}
if($resultCheck > 0) {
header("Location: ../signup.php?signup=usertaken");
exit();
} else {
// Select subscription
// Supply a random generated token for email activation
$token = 'qqewreqreqwsdfdfdafcbvcQERFGHFGHGFHRETERTDF!@#$%^^()';
$token = str_shuffle($token);
$token = substr($token, 0, 10);
$token2 = 'qqewreqreqwsdfdfdafcbvcQERFGHFGHGFHRETERTDF!@#$%^^()';
$token2 = str_shuffle($token2);
$token2 = substr($token2, 0, 10);
$paid = 0;
$activate = 0;
//Hashing the password
$hashedPwd = password_hash($password, PASSWORD_DEFAULT);
//Insert the user into the database
$sql ="INSERT INTO users (user_first, user_last, user_email, user_uid, user_password, user_permission, freelesson, datejoined, user_token, user_activate, premium) VALUES (?,?,?,?,?,?,?,?,?,?,?);";
$stmt = mysqli_stmt_init($conn);
if(!mysqli_stmt_prepare($stmt, $sql)) {
echo "SQL error";
} else {
mysqli_stmt_bind_param($stmt, "sssssssssss", $first, $last, $email, $uid, $hashedPwd, $user_permission, $freelesson,$datejoined, $token, $user_activate, $premium);
mysqli_stmt_execute($stmt);
}
// insert into user_lessonsubscription table
// $subscriptionplan = implode(',',$subscriptionplan);
$sql ="INSERT INTO memberships (user_uid, subscriptionplandate, subscriptionplandate2, subscriptionplandate3, fees, fees2, fees3, totalfees, paid, paid2, paid3, expirydate, expirydate2, expirydate3, paidbydate, paidbydate2, paidbydate3, overdue, overdue2, overdue3, token, activate) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?);";
$stmt = mysqli_stmt_init($conn);
if(!mysqli_stmt_prepare($stmt, $sql)) {
echo "SQL error";
} else {
mysqli_stmt_bind_param($stmt, "sssssssssssssssssssssss", $uid, $subscriptionplandate, $subscriptionplandate2, $subscriptionplandate3, $fees, $fees2, $fees3, $totalfees, $paid, $paid2, $paid3, $expirydate, $expirydate2, $expirydate3, $paidbydate, $paidbydate2, $paidbydate3, $overdue, $overdue2, $overdue3, $token2, $activate);
mysqli_stmt_execute($stmt);
}
// Send an email to the user:
$company = "pianocourse101@hotmail.com";
$subject = "Activate your email account";
$mailTo = "piano0011@hotmail.com";
$headers = "From: ".$company;
$txt = "Thank you for registering with pianocourse101! At pianocourse101, your child can now learn how to play the piano right from the comfort of your own home! \n\nOur lessons are based from the Bastien Piano Basics series because it is both fun and educational for your child. \n\nHowever, you must activate your FREE membership account by clicking on the link below: \n\n http://localhost/loginsystem/includes/activate.php?email=".$mailTo."&activatetoken=".$token."" ;
mail($mailTo, $subject, $txt, $headers);
header("Location: ../signup.php?signup=success");
exit();
}
}
}
}
}
}
}