<?php
/* File: registracija_obrazac.php
* Objasnjenje: Prikazuje formu za registrovanje clana.
*/
?>
<form action="prijava.php" method="POST">
<?php
if (isset($message_new))
{
echo "<tr><td>$message_new<br></td></tr>";
}
?>
<table border="0">
<tr><td>----------------------</td>
<td>----------------------------------------</td>
</tr>
<tr><td>Nadimak:</td>
<td><input type="text" name="nadimak" value="<?php echo @$nadimak ?>" size="24" maxlength="20"></td>
</tr>
<hr>
<tr><td>----------------------</td>
<td>----------------------------------------</td>
</tr>
<tr>
<td>Šifra:</td>
<td><input type="password" name="sifra" value="<?php echo @$sifra ?>" size="15" maxlength="20"></td>
</tr>
<tr>
<td>Unesi ponovo šifru:</td>
<td><input type="password" name="sifra2" value="<?php echo @$sifra2 ?>" size="15" maxlength="20"></td>
</tr>
<tr><td>----------------------</td>
<td>----------------------------------------</td>
</tr>
<tr><td>Ime:</td>
<td><input type="text" name="ime" value="<?php echo @$ime ?>" size="40" maxlength="30"></td>
</tr>
<tr><td>Prezime:</td>
<td><input type="text" name="prezime" value="<?php echo @$prezime ?>" size="40" maxlength="30"></td>
</tr>
<tr><td>----------------------</td>
<td>----------------------------------------</td>
</tr>
<tr><td>----------------------</td>
<td>----------------------------------------</td>
</tr>
<tr><td>Grad:</td>
<td><input type="text" name="grad" value="<?php echo @$grad ?>" size="40" maxlength="30"></td>
</tr>
<tr>
<td>Država:</td>
<td><input type="text" name="drzava" value="<?php echo @$drzava ?>" size="40" maxlength="30"></td>
</tr>
<tr><td>----------------------</td>
<td>----------------------------------------</td>
</tr>
<tr><td>Email:</td>
<td><input type="text" name="email" value="<?php echo @$email ?>" size="40" maxlength="30"></td>
</tr>
<tr><td>----------------------</td>
<td>----------------------------------------</td>
</tr>
<input type="hidden" name="do" value="registracija">
<tr><td> </td>
<td><input type="submit" value="registruj se"></td>
</tr>
</table>
<hr>
</form>
<?php
/* Program: prijava.php
* Objašnjenje: Program obezbedjuje prijavu vec registrovanog clana
* i ukoliko clan nije registrovan njegovu registraciju.
*/
session_start();
include("ctod.php");
switch (@$_POST['do'])
{
case "prijava":
$cxn = mysqli_connect($host, $user, $password, $dbname)
or die ("Greška pri konekciji sa serverom");
$sql = "SELECT Nadimak FROM member WHERE Nadimak='$_POST[fnadimak]'";
$result = mysqli_query($cxn,$sql)
or die ("Greška pri konekciji sa serverom!");
$num = mysqli_num_rows($result);
if ($num>0) //ukoliko je nadimak nadjen u bazi
{
$sql = "SELECT Nadimak FROM member WHERE Nadimak='$Post[fnadimak]' AND šifra=md5('$_POST[fsifra]')";
$result2 = mysql_query($cxn,$sql)
or die ("Greška pri konekciji sa serverom!!");
$num2 = mysql_num_rows($result2);
if ($num2>0) // šifra je potvrdjena
{
$_SESSION['auth']="yes";
$nadimak=$_POST['fnadimak'];
$_SESSION['logname']=$nadimak;
$danas=date("Y-m-d h:i:s");
$sql="INSERT INTO login (Nadimak,vremePrijave) VALUES ('$nadimak','$danas')";
$result=mysql_query($cxn,$sql)
or die ("Greška pri konekciji sa serverom!!!");
header("Location: potvrda_prijave.php");
}
else //šifra nije potvrdjena
{
$message="Nadimak '$_POST[fnadimak]' postoji, ali je šifra pogrešna!<br>Molimo vas pokušajte ponovo.<br>";
include("files/prijava_obrazac.php");
}
}
elseif ($num==0)//Nadimak nije pronadjen
{
$message="Nadimak koji ste uneli ne postoji u nasoj bazi!<br>Molimo vas pokušajte ponovo.<br/>";
include("files/prijava_obrazac.php");
}
break;
case "registracija";
/*provera praznih upita*/
foreach($_POST as $field => $value)
{
if ($value=="")
{
$blanks[] = $field;
}
}
if(isset($blanks))
{
$message_new="Molimo vas popunite sledeća prazna polja:<br>";
foreach($blanks as $value)
{
$message_new.="$value, ";
}
extract($_POST);
include("registracija_obrazac.php");
exit();
}
foreach($_POST as $field => $value)
{
if(!empty($value))
{
if($field!="email" and $field!="ime")
{
if (!eregi("^[A-Za-z]{1,50}$",$value))
{
$errors[]="$value is not a valid name.";
}
}
if(eregi("email",$field))
{
if(!eregi("^.+@.+\\..+$",$value))
{
$errors[]="$value nije validna email adresa.";
}
}
}
}
/*Potvrda validnosti podataka*/
if(@is_array($errors))
{
$message_new="";
foreach($errors as $value)
{
$message_new.=$value."Molimo vas pokusajte ponovo<br>";
}
extract($_POST);
include("registracija_obrazac.php");
exit();
}
/* ocisti podatke*/
$cxn=mysqli_connect($host,$user,$password,$dbname);
foreach($_POST as $field => $value)
{
if($field!="Button" and $field!="do")
{
if($field=="sifra")
{
$sifra=strip_tags(trim($value));
}
else
{
$fields[]=$field;
$value=strip_tags(trim($value));
$values[]=mysqli_real_escape_string($cxn,$value);
$$field=$value;
}
}
}
/*provera da li nadimak vec postoji u bazi*/
$sql="SELECT nadimak FROM member WHERE nadimak='$nadimak'";
$result=mysqli_query($cxn,$sql)
or die("Greska pri konekciji sa bazom!!!!");
$num=mysqli_num_rows($result);
if ($num>0)
{
$message_new="Nadimak $nadimak vec postoji. Izaberi drugi.";
include("registracija_obrazac.php");
exit();
}
/*Dodaj clana u bazi*/
else
{
$today=date("Y-m-d");
$fields_str=implode(",",$fields);
$values_str=implode('","',$values);
$fields_str.=",datumPrijave";
$values_str.='"'.",".'"'.$today;
$fields_str.=",sifra";
$values_str.='"'.","."md5"."('".$sifra."')";
$sql="INSERT INTO member ";
$sql.="(".$fields_str.")";
$sql.=" VALUES ";
$sql.="(".'"'.$values_str.")";
$result=mysqli_query($cxn,$sql)
or die("Greska pri konekciji na serveru");
$_SESSION['auth']="yes";
$_SESSION['logname']=$nadimak;
header("Location:novi_clan.php");
}
break;
}
?>