151 lines
4.9 KiB
PHP
151 lines
4.9 KiB
PHP
<?php
|
||
|
||
session_start();
|
||
require_once __DIR__ . '/../config/database.php';
|
||
|
||
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||
$errors = [];
|
||
|
||
$full_name = trim($_POST['fio'] ?? '');
|
||
$city = trim($_POST['city'] ?? '');
|
||
$email = trim($_POST['email'] ?? '');
|
||
$phone = trim($_POST['phone'] ?? '');
|
||
$password = $_POST['password'] ?? '';
|
||
$confirm_password = $_POST['confirm-password'] ?? '';
|
||
|
||
if (empty($full_name) || strlen($full_name) < 3) {
|
||
$errors[] = 'ФИО должно содержать минимум 3 символа';
|
||
}
|
||
|
||
if (empty($city) || strlen($city) < 2) {
|
||
$errors[] = 'Введите корректное название города';
|
||
}
|
||
|
||
if (empty($email) || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
||
$errors[] = 'Введите корректный email адрес';
|
||
}
|
||
|
||
if (empty($phone) || !preg_match('/^(\+7|8)[\s-]?\(?\d{3}\)?[\s-]?\d{3}[\s-]?\d{2}[\s-]?\d{2}$/', $phone)) {
|
||
$errors[] = 'Введите корректный номер телефона';
|
||
}
|
||
|
||
if (empty($password) || strlen($password) < 6) {
|
||
$errors[] = 'Пароль должен содержать минимум 6 символов';
|
||
}
|
||
|
||
if ($password !== $confirm_password) {
|
||
$errors[] = 'Пароли не совпадают';
|
||
}
|
||
|
||
if (!isset($_POST['privacy']) || $_POST['privacy'] !== 'on') {
|
||
$errors[] = 'Необходимо согласие с условиями обработки персональных данных';
|
||
}
|
||
|
||
if (!empty($errors)) {
|
||
$_SESSION['registration_errors'] = $errors;
|
||
$_SESSION['old_data'] = [
|
||
'fio' => $full_name,
|
||
'city' => $city,
|
||
'email' => $email,
|
||
'phone' => $phone
|
||
];
|
||
header('Location: register.php');
|
||
exit();
|
||
}
|
||
|
||
$db = Database::getInstance()->getConnection();
|
||
|
||
try {
|
||
|
||
$checkStmt = $db->prepare("SELECT user_id FROM users WHERE email = ?");
|
||
$checkStmt->execute([$email]);
|
||
|
||
if ($checkStmt->fetch()) {
|
||
$_SESSION['registration_errors'] = ['Пользователь с таким email уже существует'];
|
||
$_SESSION['old_data'] = [
|
||
'fio' => $full_name,
|
||
'city' => $city,
|
||
'email' => $email,
|
||
'phone' => $phone
|
||
];
|
||
header('Location: register.php');
|
||
exit();
|
||
}
|
||
|
||
$password_hash = password_hash($password, PASSWORD_DEFAULT);
|
||
|
||
$is_admin = false;
|
||
$admin_emails = ['admin@aeterna.ru', 'administrator@aeterna.ru', 'aeterna@mail.ru'];
|
||
if (in_array(strtolower($email), $admin_emails)) {
|
||
$is_admin = true;
|
||
}
|
||
|
||
$stmt = $db->prepare("
|
||
INSERT INTO users (email, password_hash, full_name, phone, city, is_admin)
|
||
VALUES (?, ?, ?, ?, ?, ?)
|
||
RETURNING user_id
|
||
");
|
||
|
||
$stmt->execute([
|
||
$email,
|
||
$password_hash,
|
||
$full_name,
|
||
$phone,
|
||
$city,
|
||
$is_admin ? 1 : 0
|
||
]);
|
||
|
||
$user_id = $stmt->fetchColumn();
|
||
|
||
if ($user_id) {
|
||
|
||
$_SESSION['user_id'] = $user_id;
|
||
$_SESSION['user_email'] = $email;
|
||
$_SESSION['full_name'] = $full_name;
|
||
$_SESSION['user_phone'] = $phone;
|
||
$_SESSION['user_city'] = $city;
|
||
$_SESSION['isLoggedIn'] = true;
|
||
$_SESSION['isAdmin'] = $is_admin;
|
||
$_SESSION['login_time'] = time();
|
||
|
||
$updateStmt = $db->prepare("UPDATE users SET last_login = CURRENT_TIMESTAMP WHERE user_id = ?");
|
||
$updateStmt->execute([$user_id]);
|
||
|
||
$_SESSION['registration_success'] = 'Регистрация прошла успешно! ' .
|
||
($is_admin ? 'Вы зарегистрированы как администратор.' : 'Добро пожаловать в AETERNA!');
|
||
|
||
header('Location: catalog.php');
|
||
exit();
|
||
} else {
|
||
throw new Exception('Ошибка при создании пользователя');
|
||
}
|
||
|
||
} catch (PDOException $e) {
|
||
|
||
error_log("Registration DB Error: " . $e->getMessage());
|
||
error_log("SQL State: " . $e->getCode());
|
||
error_log("Email: " . $email);
|
||
|
||
$_SESSION['registration_errors'] = ['Ошибка базы данных: ' . $e->getMessage()];
|
||
$_SESSION['old_data'] = [
|
||
'fio' => $full_name,
|
||
'city' => $city,
|
||
'email' => $email,
|
||
'phone' => $phone
|
||
];
|
||
header('Location: register.php');
|
||
exit();
|
||
} catch (Exception $e) {
|
||
error_log("Registration Error: " . $e->getMessage());
|
||
|
||
$_SESSION['registration_errors'] = [$e->getMessage()];
|
||
header('Location: register.php');
|
||
exit();
|
||
}
|
||
|
||
} else {
|
||
|
||
header('Location: register.php');
|
||
exit();
|
||
}
|
||
?>
|