signup.php

完善的PHP/MySQL电子商务方案

<?
/* signup.php (c) 2000 Ying Zhang (ying@zippydesign.com)
 *
 * TERMS OF USAGE:
 * This file was written and developed by Ying Zhang (ying@zippydesign.com)
 * for educational and demonstration purposes only.  You are hereby granted the
 * rights to use, modify, and redistribute this file as you like.  The only
 * requirement is that you must retain this notice, without modifications, at
 * the top of your source code.  No warranties or guarantees are expressed or
 * implied. DO NOT use this code in a production environment without
 * understanding the limitations and weaknesses pretaining to or caused by the
 * use of these scripts, directly or indirectly. USE AT YOUR OWN RISK!
 */

/******************************************************************************
 * MAIN
 *****************************************************************************/

include("../application.php");

/* form has been submitted, try to create the new user account */
if (match_referer() && isset($HTTP_POST_VARS)) {
	$frm = $HTTP_POST_VARS;
	$errormsg = validate_form($frm, $errors);

	if (empty($errormsg)) {
		insert_user($frm);

		$DOC_TITLE = "MyMarket Signup Successful";
		include("$CFG->templatedir/header.php");
		include("templates/signup_success.php");
		include("$CFG->templatedir/footer.php");
		die;
	}
}

$DOC_TITLE = "MyMarket Signup";
include("$CFG->templatedir/header.php");
include("$CFG->templatedir/form_header.php");
include("templates/signup_form.php");
include("$CFG->templatedir/footer.php");

/******************************************************************************
 * FUNCTIONS
 *****************************************************************************/

function validate_form(&$frm, &$errors) {
/* validate the signup form, and return the error messages in a string.  if
 * the string is empty, then there are no errors */

	$errors = new Object;
	$msg = "";

	if (empty($frm["username"])) {
		$errors->username = true;
		$msg .= "<li>You did not specify a username";

	} elseif (username_exists($frm["username"])) {
		$errors->username = true;
		$msg .= "<li>The username <b>" . ov($frm["username"]) ."</b> already exists";

	} elseif (empty($frm["password"])) {
		$errors->password = true;
		$msg .= "<li>You did not specify a password";

	} elseif (empty($frm["firstname"])) {
		$errors->firstname = true;
		$msg .= "<li>You did not specify your firstname";

	} elseif (empty($frm["lastname"])) {
		$errors->lastname = true;
		$msg .= "<li>You did not specify your lastname";

	} elseif (empty($frm["email"])) {
		$errors->email = true;
		$msg .= "<li>You did not specify your email address";

	} elseif (email_exists($frm["email"])) {
		$errors->email = true;
		$msg .= "<li>The email address <b>" . ov($frm["email"]) ."</b> already exists";

	} elseif (empty($frm["phone"])) {
		$errors->phone = true;
		$msg .= "<li>You did not specify your phone number";

	} elseif (empty($frm["address"])) {
		$errors->address = true;
		$msg .= "<li>You did not specify your address";
	}

	return $msg;
}

function insert_user(&$frm) {
/* add the new user into the database */

	$qid = db_query("
	INSERT INTO users (
		username, password, firstname, lastname, email, phone, address
	) VALUES (
		 '$frm[username]'
		,'" . md5($frm["password"]) ."'
		,'$frm[firstname]'
		,'$frm[lastname]'
		,'$frm[email]'
		,'$frm[phone]'
		,'$frm[address]'
	)");
}

?>