USERNAME_LENGTH[1]) {
exit(create_alert('/register.php', 400, sprintf('Your username must be between %d and %d characters long', USERNAME_LENGTH[0], USERNAME_LENGTH[1]), null));
}
if (strlen($password) < PASSWORD_LENGTH) {
exit(create_alert('/register.php', 400, sprintf('Your password must be at least %d characters long', PASSWORD_LENGTH), null));
}
$db = new PDO(DB_URL, DB_USER, DB_PASS);
// checking for already existing accounts
$stmt = $db->prepare('SELECT id FROM users WHERE username = ?');
$stmt->execute([$username]);
if ($stmt->rowCount() > 0) {
exit(create_alert('/register.php', 409, 'This username has been taken.', null));
}
$userid = 0;
do {
$userid = random_int(USERNAME_ID_RANGE[0], USERNAME_ID_RANGE[1]);
$stmt = $db->prepare('SELECT username FROM users WHERE id = ?');
$stmt->execute([$userid]);
} while ($stmt->rowCount() > 0);
$password = password_hash($password, PASSWORD_DEFAULT);
$db->prepare('INSERT INTO users(id, username, `password`) VALUES (?, ?, ?)')
->execute([$userid, $username, $password]);
$stmt = $db->prepare('SELECT id, username, joined_at FROM users WHERE id = ?');
$stmt->execute([$userid]);
$user = $stmt->fetch(PDO::FETCH_ASSOC) ?: null;
exit(create_alert('/login.php', 200, 'Registered! Now log in to your account.', $user));
}
?>
Register - id