|
|
<?php |
|
|
|
|
|
session_start(); |
|
|
include_once 'db.php'; |
|
|
|
|
|
|
|
|
if (!$db) { |
|
|
http_response_code(503); |
|
|
echo json_encode(array("success" => false, "message" => "Service temporarily unavailable.")); |
|
|
exit; |
|
|
} |
|
|
|
|
|
|
|
|
$input = file_get_contents("php://input"); |
|
|
$data = json_decode($input); |
|
|
|
|
|
if (json_last_error() !== JSON_ERROR_NONE) { |
|
|
http_response_code(400); |
|
|
echo json_encode(array("success" => false, "message" => "Invalid JSON data.")); |
|
|
exit; |
|
|
} |
|
|
|
|
|
|
|
|
if ( |
|
|
!empty($data->username) && |
|
|
!empty($data->email) && |
|
|
!empty($data->country) && |
|
|
!empty($data->phone) && |
|
|
!empty($data->password) && |
|
|
!empty($data->confirm_password) |
|
|
) { |
|
|
|
|
|
if ($data->password !== $data->confirm_password) { |
|
|
http_response_code(400); |
|
|
echo json_encode(array("success" => false, "message" => "Passwords do not match.")); |
|
|
exit; |
|
|
} |
|
|
|
|
|
if (strlen($data->password) < 6) { |
|
|
http_response_code(400); |
|
|
echo json_encode(array("success" => false, "message" => "Password must be at least 6 characters.")); |
|
|
exit; |
|
|
} |
|
|
|
|
|
if (!filter_var($data->email, FILTER_VALIDATE_EMAIL)) { |
|
|
http_response_code(400); |
|
|
echo json_encode(array("success" => false, "message" => "Invalid email format.")); |
|
|
exit; |
|
|
} |
|
|
|
|
|
|
|
|
$query = "SELECT id FROM users WHERE username = :username OR email = :email"; |
|
|
$stmt = $db->prepare($query); |
|
|
$stmt->bindParam(":username", $data->username); |
|
|
$stmt->bindParam(":email", $data->email); |
|
|
|
|
|
try { |
|
|
$stmt->execute(); |
|
|
} catch(PDOException $e) { |
|
|
error_log("Database error: " . $e->getMessage()); |
|
|
http_response_code(500); |
|
|
echo json_encode(array("success" => false, "message" => "Database error occurred.")); |
|
|
exit; |
|
|
} |
|
|
|
|
|
if ($stmt->rowCount() > 0) { |
|
|
http_response_code(409); |
|
|
echo json_encode(array("success" => false, "message" => "User already exists with this username or email.")); |
|
|
exit; |
|
|
} |
|
|
|
|
|
|
|
|
$hashed_password = password_hash($data->password, PASSWORD_DEFAULT); |
|
|
|
|
|
|
|
|
$referral_code = strtoupper(substr($data->username, 0, 3) . bin2hex(random_bytes(3))); |
|
|
|
|
|
|
|
|
$query = "INSERT INTO users |
|
|
SET username = :username, email = :email, country = :country, |
|
|
phone_number = :phone, password_hash = :password, referral_code = :referral_code, |
|
|
user_type = 'marketer', tier = 'Basic', package = 'None', balance = 0.00, |
|
|
total_deposits = 0.00, total_withdrawals = 0.00, rewards = 0.00, meta_earnings = 0.00, |
|
|
pin_hash = '', is_active = 1, account_status = 'active'"; |
|
|
|
|
|
$stmt = $db->prepare($query); |
|
|
|
|
|
|
|
|
$username = htmlspecialchars(strip_tags($data->username)); |
|
|
$email = htmlspecialchars(strip_tags($data->email)); |
|
|
$country = htmlspecialchars(strip_tags($data->country)); |
|
|
$phone = htmlspecialchars(strip_tags($data->phone)); |
|
|
|
|
|
$stmt->bindParam(":username", $username); |
|
|
$stmt->bindParam(":email", $email); |
|
|
$stmt->bindParam(":country", $country); |
|
|
$stmt->bindParam(":phone", $phone); |
|
|
$stmt->bindParam(":password", $hashed_password); |
|
|
$stmt->bindParam(":referral_code", $referral_code); |
|
|
|
|
|
|
|
|
try { |
|
|
if ($stmt->execute()) { |
|
|
$user_id = $db->lastInsertId(); |
|
|
|
|
|
|
|
|
$ip_address = $_SERVER['REMOTE_ADDR'] ?? 'unknown'; |
|
|
$user_agent = $_SERVER['HTTP_USER_AGENT'] ?? 'unknown'; |
|
|
$session_id = $sessionManager->createSession($user_id, $ip_address, $user_agent); |
|
|
|
|
|
if ($session_id) { |
|
|
|
|
|
$sessionManager->logActivity($user_id, 'registration', 'User registered successfully', $ip_address, $user_agent); |
|
|
$sessionManager->updateLastLogin($user_id); |
|
|
|
|
|
|
|
|
$_SESSION['user_id'] = $user_id; |
|
|
$_SESSION['username'] = $username; |
|
|
$_SESSION['email'] = $email; |
|
|
$_SESSION['tier'] = 'Basic'; |
|
|
$_SESSION['package'] = 'None'; |
|
|
$_SESSION['balance'] = 0.00; |
|
|
$_SESSION['total_deposits'] = 0.00; |
|
|
$_SESSION['total_withdrawals'] = 0.00; |
|
|
$_SESSION['rewards'] = 0.00; |
|
|
$_SESSION['session_id'] = $session_id; |
|
|
$_SESSION['logged_in'] = true; |
|
|
$_SESSION['login_time'] = time(); |
|
|
|
|
|
http_response_code(201); |
|
|
echo json_encode(array( |
|
|
"success" => true, |
|
|
"message" => "User registered successfully.", |
|
|
"redirect" => "src/pages/index.php", |
|
|
"user_data" => [ |
|
|
"user_id" => $user_id, |
|
|
"username" => $username, |
|
|
"email" => $email, |
|
|
"tier" => "Basic" |
|
|
] |
|
|
)); |
|
|
} else { |
|
|
throw new Exception("Failed to create session"); |
|
|
} |
|
|
} else { |
|
|
http_response_code(503); |
|
|
echo json_encode(array("success" => false, "message" => "Unable to create user.")); |
|
|
} |
|
|
} catch(PDOException $e) { |
|
|
error_log("Insert error: " . $e->getMessage()); |
|
|
http_response_code(500); |
|
|
echo json_encode(array("success" => false, "message" => "Database error occurred.")); |
|
|
} catch(Exception $e) { |
|
|
error_log("Session error: " . $e->getMessage()); |
|
|
http_response_code(500); |
|
|
echo json_encode(array("success" => false, "message" => "Session creation failed.")); |
|
|
} |
|
|
} else { |
|
|
http_response_code(400); |
|
|
echo json_encode(array("success" => false, "message" => "Unable to create user. Data is incomplete.")); |
|
|
} |
|
|
?> |
