HEX
Server: Apache
System: Linux b:u:newjapaneti:1 3.10.0-1160.31.1.el7.x86_64 #1 SMP Thu Jun 10 13:32:12 UTC 2021 x86_64
User: newjapaneti (381717)
PHP: 5.6.30
Disabled: apache_get_modules, apache_get_version, apache_reset_timeout, apache_getenv, apache_note, apache_setenv
$ pwd: /var/www/html/newjapanetiquetas.com.br/web/docs/
Upload Files
File: /var/www/html/newjapanetiquetas.com.br/web/docs/form-usuario.php
<?php

require_once('includes/config.php');
if( !$user->is_logged_in() ){ header('Location: login.php'); }
if(isset($_POST['submit'])){

	//very basic validation
	if(strlen($_POST['username']) < 3){
		$error[] = 'Username is too short.';
	} else {
		$stmt = $db->prepare('SELECT username FROM members WHERE username = :username');
		$stmt->execute(array(':username' => $_POST['username']));
		$row = $stmt->fetch(PDO::FETCH_ASSOC);

		if(!empty($row['username'])){
			$error[] = 'Nome de usuario ja cadastrado tente novamente';
		}

	}

	if(strlen($_POST['password']) < 3){
		$error[] = 'Senha muito curto';
	}

	if(strlen($_POST['passwordConfirm']) < 3){
		$error[] = 'Confirme a senha';
	}

	if($_POST['password'] != $_POST['passwordConfirm']){
		$error[] = 'As senhas não conferem';
	}

	//email validation
	if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)){
	    $error[] = 'Entre com email valido';
	} else {
		$stmt = $db->prepare('SELECT email FROM members WHERE email = :email');
		$stmt->execute(array(':email' => $_POST['email']));
		$row = $stmt->fetch(PDO::FETCH_ASSOC);

		if(!empty($row['email'])){
			$error[] = 'Esse email ja esta em usuario!';
		}

	}


	//if no errors have been created carry on
	if(!isset($error)){

		//hash the password
		//$hashedpassword = $user->password_hash($_POST['password'], PASSWORD_BCRYPT);

		//create the activasion code
		//$activasion = md5(uniqid(rand(),true));

		try {

			//insert into database with a prepared statement
			$stmt = $db->prepare('INSERT INTO members (username,password,email,name,type) VALUES (:username, :password, :email, :name, :type)');
			$stmt->execute(array(
				':username' => $_POST['username'],
				':password' => md5($_POST['password']),
				':email' => $_POST['email'],
        ':name' => $_POST['name'],
        ':type' => $_POST['type']
			));
			$id = $db->lastInsertId('memberID');


			//redirect to index page
			header('Location: form-usuario.php?action=joined');
			exit;

		//else catch the exception and show the error.
		} catch(PDOException $e) {
		    $error[] = $e->getMessage();
		}

	}

}

?>


<?php require_once "header.php"; ?>
      <!-- main area -->
      <div class="main-content">

        <div class="page-title">
          <div class="title">Cadastro de Usuarios</div>
          <div class="sub-title"></div>
        </div>
        <div class="card bg-white">
          <div class="card-header">
            Dados do Usuario
          </div>
          <div class="card-block">
    				<?php
    				//check for any errors
    				if(isset($error)){
    					foreach($error as $error){
    						echo '<p class="bg-danger">'.$error.'</p>';
    					}
    				}

    				//if action is joined show sucess
    				if(isset($_GET['action']) && $_GET['action'] == 'joined'){
    					echo "<h2 class='bg-success'>Usuario cadastrado com sucesso !.</h2>";
    				}
    				?>

            </hr>
            <form class="form-horizontal" role="form" method="post" action="" autocomplete="off">
              <div class="form-group">
                <label class="col-sm-2 control-label">Nome</label>
                <div class="col-sm-10">
                  <input type="text" name="name" id="name" class="form-control input-lg" placeholder="Seu Nome" value="<?php if(isset($error)){ echo $_POST['name']; } ?>"  required>
                </div>
              </div>
              <div class="form-group">
                <label class="col-sm-2 control-label">Usuario</label>
                <div class="col-sm-10">
                  <input type="text" name="username" id="username" class="form-control input-lg" placeholder="Usuario" value="<?php if(isset($error)){ echo $_POST['username']; } ?>"  required>
                </div>
              </div>
              <div class="form-group">
                <label for="inputPassword" class="col-sm-2 control-label">Senha</label>
                <div class="col-sm-10">
                  <input type="password" name="password" id="password" class="form-control input-lg" placeholder="Senha"  required>
                </div>
              </div>
              <div class="form-group">
                <label for="inputPassword" class="col-sm-2 control-label">Confirmar Senha</label>
                <div class="col-sm-10">
                  <input type="password" name="passwordConfirm" id="passwordConfirm" class="form-control input-lg" placeholder="Confirmar Senha" required>                </div>
              </div>

              <div class="form-group">
                <label class="col-sm-2 control-label">E-mail</label>
                <div class="col-sm-10">
                  <input type="email" name="email" id="email" class="form-control input-lg" placeholder="Email" value="<?php if(isset($error)){ echo $_POST['email']; } ?>" required>
                </div>
              </div>

              <div class="form-group">
                <label class="col-sm-2 control-label">Perfil</label>
                <div class="col-sm-10">
                  <select id="type" name="type"  class="cs-select input-lg form-control" required>
                    <option value="2">Representante</option>
                    <option value="1">Administrador</option>
                  </select>
                </div>
              </div>
              <button class="btn btn-primary btn-block btn-lg m-b" name="submit" type="submit" onclick="?excluir">Salvar</button>
            </form>
          </div>
        </div>



      </div>
      <!-- /main area -->
<?php require_once "footer.php" ?>
@ Telegram