$captcha = $_POST['g-recaptcha-response'] ?? ''; // Basic validation if (empty($username) || empty($email) || empty($confirm_email) || empty($password) || empty($dob)) { $errors[] = "All fields are required."; } if ($email !== $confirm_email) { $errors[] = "Emails do not match."; } if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $errors[] = "Invalid email format."; } if (strlen($password) < 6) { $errors[] = "Password must be at least 6 characters."; } // Date of Birth validation if ($dob) { try { $birthDate = new DateTime($dob); $today = new DateTime(); if ($birthDate > $today) { $errors[] = "Date of birth cannot be in the future."; } if ($birthDate < new DateTime('1900-01-01')) { $errors[] = "Please enter a valid birth year (1900 or later)."; } $age = $today->diff($birthDate)->y; if ($age < 16) { $errors[] = "You must be at least 16 years old to register."; } } catch (Exception $e) { $errors[] = "Invalid date of birth."; } } // CAPTCHA validation $captcha_secret = '6LeIxAcTAAAAAGG-vFI1TnRWxMZNFuojJ4WifJWe'; // Google's test secret key $captcha_response = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret={$captcha_secret}&response={$captcha}"); $captcha_data = json_decode($captcha_response); if (!$captcha_data->success) { $errors[] = "CAPTCHA verification failed."; } if (empty($errors)) { $conn = getConnection(); // Check for existing user $stmt = $conn->prepare("SELECT id FROM users WHERE email = :email OR username = :username"); $stmt->execute(['email' => $email, 'username' => $username]); if ($stmt->fetch()) { $errors[] = "Email or username already in use."; } else { $hash = password_hash($password, PASSWORD_BCRYPT, ['cost' => 12]); $uniqueId = bin2hex(random_bytes(16)); $insert = $conn->prepare("INSERT INTO users (username, email, password, dob, uniqueid) VALUES (:username, :email, :password, :dob, :uniqueid)"); $insert->execute([ 'username' => $username, 'email' => $email, 'password' => $hash, 'dob' => $dob, 'uniqueid' => $uniqueId, ]); $_SESSION['user_id'] = $conn->lastInsertId(); $_SESSION['uniqueid'] = $uniqueId; header("Location: /home.php"); exit(); } } $_SESSION['register_error'] = implode("
", $errors); header("Location: /landing.php"); exit(); } ?>