/
new_user_func.php
102 lines (76 loc) · 2.39 KB
/
new_user_func.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
<?php
session_start();
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "dnd";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
function val ($input) {
if($input == "") {
?>
<script>
alert("sorry but you have not fulled all of the inputs");
document.location = "dash.php";
</script>
<?php
}
$input = trim($input);
$input = stripslashes($input);
$input = htmlspecialchars($input);
return $input;
}
include("character_sheet/1.php");
$player_name = val($_POST['player_name']);
$email = val($_POST['user_email']);
$username = val($_POST['user_username']);
$password = password_hash(val($_POST['user_password']), PASSWORD_DEFAULT);
$sp = $sheet[0]['sp'];
$gp = $sheet[0]['gp'];
$hit_point = $sheet[1]['hit_point'];
$sql = "INSERT INTO user(name, cp, sp, gp, hit_point, id, level, user_name, password, email)
VALUES ('$player_name','','$sp','$gp','$hit_point','','1','$username','$password','$email')";
if (mysqli_query($conn, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
$sql = "SELECT id FROM user WHERE user_name = '$username'";
$result = mysqli_query($conn, $sql);
// output data of each row
while($row = mysqli_fetch_assoc($result)) {
$id = $row['id'];
}
//adding equipment
$sql = "";
foreach ($sheet[0]['equipment'] as $value) {
$name = $value[0];
$quantity = $value[1];
$sql = "INSERT INTO `equipment`(`name`, `quantity`, `id`, `user_id`) VALUES
('$name','$quantity','','$id')";
if (mysqli_query($conn, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
}
$sql = "";
foreach ($sheet[1]['actions'] as $value) {
$name = $value['name'];
$atk_bonus = $value['atk_bonus'];
$damage = $value['damage'];
$sql = "INSERT INTO `attack`(`name`, `atk_bonus`, `damage`, `id`, `user_id`) VALUES
('$name','$atk_bonus','$damage','','$id')";
if (mysqli_query($conn, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
}
$_SESSION['id'] = $id;
header("Location: dash.php");
?>