125 lines
3.8 KiB
PHP
125 lines
3.8 KiB
PHP
<?php
|
|
// public/auth/register.php
|
|
|
|
require __DIR__ . '/../../config/fileload.php'; // Pfad ggf. anpassen
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
|
$lang = $_GET['lang'] ?? 'de';
|
|
header('Location: /login/?lang=' . urlencode($lang) . '&view=register#auth');
|
|
exit;
|
|
}
|
|
|
|
$lang = $_POST['lang'] ?? 'de';
|
|
$name = trim((string)($_POST['name'] ?? ''));
|
|
$email = trim((string)($_POST['email'] ?? ''));
|
|
$password = (string)($_POST['password'] ?? '');
|
|
$redirect = $_POST['redirect'] ?? '/';
|
|
|
|
if ($name === '' || $email === '' || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
|
flash_set('error', 'Bitte einen gültigen Namen und eine gültige E-Mail-Adresse eingeben.', 'register');
|
|
header('Location: /login/?lang=' . urlencode($lang) . '&view=register#auth');
|
|
exit;
|
|
}
|
|
|
|
if (strlen($password) < 8) {
|
|
flash_set('error', 'Das Passwort muss mindestens 8 Zeichen lang sein.', 'register');
|
|
header('Location: /login/?lang=' . urlencode($lang) . '&view=register#auth');
|
|
exit;
|
|
}
|
|
|
|
// Prüfen, ob E-Mail bereits existiert
|
|
try {
|
|
$stmt = $pdo->prepare('SELECT id FROM users WHERE email = :email LIMIT 1');
|
|
$stmt->execute([':email' => $email]);
|
|
$existing = $stmt->fetch(PDO::FETCH_ASSOC);
|
|
} catch (Throwable $e) {
|
|
flash_set('error', 'Es ist ein Fehler bei der Registrierung aufgetreten. Bitte versuche es später erneut.', 'register');
|
|
header('Location: /login/?lang=' . urlencode($lang) . '&view=register#auth');
|
|
exit;
|
|
}
|
|
|
|
if ($existing) {
|
|
flash_set('error', 'Diese E-Mail-Adresse ist bereits registriert.', 'register');
|
|
header('Location: /login/?lang=' . urlencode($lang) . '&view=register#auth');
|
|
exit;
|
|
}
|
|
|
|
// Username aus E-Mail ableiten (oder einfach die komplette E-Mail nutzen)
|
|
$username = $email;
|
|
|
|
// Vor- und Nachname grob aus dem „Name“-Feld splitten
|
|
$firstName = $name;
|
|
$lastName = null;
|
|
|
|
$parts = preg_split('/\s+/', $name);
|
|
if (count($parts) >= 2) {
|
|
$firstName = array_shift($parts);
|
|
$lastName = implode(' ', $parts);
|
|
}
|
|
|
|
$passwordHash = password_hash($password, PASSWORD_DEFAULT);
|
|
|
|
try {
|
|
$stmt = $pdo->prepare('
|
|
INSERT INTO users
|
|
(username, email, password_hash, first_name, last_name, plan)
|
|
VALUES
|
|
(:username, :email, :password_hash, :first_name, :last_name, :plan)
|
|
');
|
|
$stmt->execute([
|
|
':username' => $username,
|
|
':email' => $email,
|
|
':password_hash' => $passwordHash,
|
|
':first_name' => $firstName,
|
|
':last_name' => $lastName,
|
|
':plan' => 'free',
|
|
]);
|
|
|
|
$userId = (int)$pdo->lastInsertId();
|
|
} catch (Throwable $e) {
|
|
flash_set('error', 'Die Registrierung ist fehlgeschlagen. Bitte versuche es später erneut.', 'register');
|
|
header('Location: /login/?lang=' . urlencode($lang) . '&view=register#auth');
|
|
exit;
|
|
}
|
|
|
|
// Direkt einloggen
|
|
if (session_status() !== PHP_SESSION_ACTIVE) {
|
|
@session_start();
|
|
}
|
|
|
|
$initials = '';
|
|
if ($firstName !== '') {
|
|
$initials .= mb_substr($firstName, 0, 1);
|
|
}
|
|
if ($lastName !== null && $lastName !== '') {
|
|
$initials .= mb_substr($lastName, 0, 1);
|
|
}
|
|
if ($initials === '') {
|
|
$initials = mb_substr($username, 0, 2);
|
|
}
|
|
$initials = mb_strtoupper($initials);
|
|
|
|
$_SESSION['user'] = [
|
|
'id' => $userId,
|
|
'email' => $email,
|
|
'username' => $username,
|
|
'first_name' => $firstName,
|
|
'last_name' => $lastName,
|
|
'plan' => 'free',
|
|
'initials' => $initials,
|
|
];
|
|
|
|
flash_set('success', 'Konto erfolgreich erstellt. Willkommen bei USBCheck!', 'login');
|
|
|
|
// Redirect-Ziel prüfen (nur interne Pfade)
|
|
$target = is_string($redirect) ? trim($redirect) : '/';
|
|
if ($target === '' || $target[0] !== '/') {
|
|
$target = '/';
|
|
}
|
|
|
|
$sep = (strpos($target, '?') === false) ? '?' : '&';
|
|
$target = $target . $sep . 'lang=' . urlencode($lang);
|
|
|
|
header('Location: ' . $target);
|
|
exit;
|