<?php
include 'connect.php';
include 'header.php';

echo '<h3>Sign up</h3><br />';

if($_SERVER['REQUEST_METHOD'] != 'POST')
{
    
	 /* note that the action="" will cause the form to post to the same page it is on */
    echo '<form method="post" action="">
 	 	Username: &nbsp &nbsp &nbsp <input type="text" name="user_name" /><br />
 		Password: &nbsp &nbsp &nbsp &nbsp <input type="password" name="user_pass"><br />
		Confirm Password: <input type="password" name="user_pass_check"><br />
		E-mail: &nbsp &nbsp &nbsp &nbsp &nbsp &nbsp &nbsp <input type="email" name="user_email"><br />
 		<input type="submit" value="Submit" />
 	 </form>';
}
else
{
    
	$errors = array(); 
	
	if(isset($_POST['user_name']))
	{
		//the user name exists
		if(!ctype_alnum($_POST['user_name']))
		{
			$errors[] = 'The username can only contain letters and digits.';
		}
		if(strlen($_POST['user_name']) > 30)
		{
			$errors[] = 'The username cannot be longer than 30 characters.';
		}
	}
	else
	{
		$errors[] = 'The username field must not be empty.';
	}
	
	
	if(isset($_POST['user_pass']))
	{
		if($_POST['user_pass'] != $_POST['user_pass_check'])
		{
			$errors[] = 'The two passwords did not match.';
		}
	}
	else
	{
		$errors[] = 'The password field cannot be empty.';
	}
	
	if(!empty($errors)) /*check for an empty array, if there are errors, they're in this array (note the ! operator)*/
	{
		echo 'Oops! a couple of fields are not filled incorrectly..<br /><br />';
		echo '<ul>';
		foreach($errors as $key => $value) /* walk through the array so all the errors get displayed */
		{
			echo '<li>' . $value . '</li>'; /* this generates a nice error list */
		}
		echo '</ul>';
	}
	else
	{
		
		$sql = "INSERT INTO
					users(user_name, user_pass, user_email ,user_date, user_level)
				VALUES('" . mysql_real_escape_string($_POST['user_name']) . "',
					   '" . sha1($_POST['user_pass']) . "',
					   '" . mysql_real_escape_string($_POST['user_email']) . "',
						NOW(),
						0)";
						
		$result = mysql_query($sql);
		if(!$result)
		{
			
			echo 'Something went wrong while registering. Please try again later.';
			
		}
		else
		{
			echo 'Succesfully registered. You can now <a href="signin.php">sign in</a> and start posting.';
		}
	}
}

include 'footer.php';
?>
