PK
<?php
include "conn.php";
include "includes/form_validation.php"; // Include validation functions
if ($_SESSION['member_id'] != "") {
echo "<script>window.location.href='index.php'</script>";
header('location: index.php');
die();
}
include "header.php";
// Google reCAPTCHA site key
$recaptcha_site_key = "6LegcUcrAAAAABu1qLmxmcf5AleLggi4kn6flJvX"; // Replace with your reCAPTCHA site key
if($_POST['register_btn']){
$errors = array();
// Honeypot check
if(!empty($_POST['website'])) { // If honeypot field is filled, it's likely a bot
die("Bot detected");
}
// Validate email
if(!validateEmail($_POST['email_id'])) {
$errors[] = "Invalid email format";
}
// Validate mobile
if(!validateMobile($_POST['mobile'])) {
$errors[] = "Invalid mobile number format. Must be 10 digits starting with 6-9";
}
// Validate password
if(!validatePassword($_POST['password'])) {
$errors[] = "Password must be at least 8 characters and contain uppercase, lowercase, number and special character";
}
// Verify passwords match
if($_POST['password'] !== $_POST['password1']) {
$errors[] = "Passwords do not match";
}
// Check for spam attempts
$ip_address = $_SERVER['REMOTE_ADDR'];
if(checkSpamAttempts($conn, $ip_address)) {
$errors[] = "Too many registration attempts. Please try again after 15 minutes.";
} // Verify reCAPTCHA v3
$recaptcha_response = $_POST['g-recaptcha-response'] ?? '';
if(empty($recaptcha_response)) {
$errors[] = "Security verification token is missing. Please refresh the page and try again.";
} else {
$recaptcha_secret = "6LegcUcrAAAAANKHYjHR4IWguP40epmIy65FNy3v";
try {
// Make POST request to verify the token
$recaptcha_url = 'https://www.google.com/recaptcha/api/siteverify';
$recaptcha_data = [
'secret' => $recaptcha_secret,
'response' => $recaptcha_response,
'remoteip' => $_SERVER['REMOTE_ADDR'] // Optional but recommended
];
// Use curl instead of file_get_contents
$ch = curl_init($recaptcha_url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $recaptcha_data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // Only for local testing
$verify = curl_exec($ch);
if(curl_errno($ch)) {
throw new Exception(curl_error($ch));
}
curl_close($ch);
$captcha_success = json_decode($verify);
if ($captcha_success === null) {
throw new Exception('Failed to decode reCAPTCHA response');
}
if (!$captcha_success->success) {
$errors[] = "Security verification failed: " . implode(', ', $captcha_success->{'error-codes'} ?? ['unknown error']);
} else if ($captcha_success->score < 0.5) {
$errors[] = "Security verification failed: suspicious activity detected";
}
} catch (Exception $e) {
error_log("reCAPTCHA verification error: " . $e->getMessage());
$errors[] = "Security verification failed. Please try again.";
}
}
if(empty($errors)) {
// Log this attempt
logRegistrationAttempt($conn, $ip_address);
// Proceed with registration
$msg = register();
echo $msg;
} else {
echo "<div class='alert alert-danger'>" . implode("<br>", $errors) . "</div>";
}
}
?>
<!-- Add reCAPTCHA script -->
<script src="https://www.google.com/recaptcha/api.js?render=<?php echo $recaptcha_site_key; ?>"></script>
<script>
// Debug logging
console.log('Starting reCAPTCHA initialization');
// Function to handle form submission
function onSubmit(e) {
e.preventDefault();
console.log('Form submission intercepted');
grecaptcha.execute('<?php echo $recaptcha_site_key; ?>', {action: 'register'})
.then(function(token) {
console.log('Got reCAPTCHA token');
document.getElementById('g-recaptcha-response').value = token;
e.target.submit();
})
.catch(function(error) {
console.error('reCAPTCHA error:', error);
});
}
</script>
<div class="breadcrumb-section">
<div class="container">
<h2>Create account</h2>
<nav class="theme-breadcrumb">
<ol class="breadcrumb">
<li class="breadcrumb-item">
<a href="index.html">Home</a>
</li>
<li class="breadcrumb-item active">Create account</li>
</ol>
</nav>
</div>
</div>
<section class="login-page section-b-space">
<div class="container">
<h3>create account</h3>
<div class="theme-card">
<form class="theme-form" action="" method="post">
<div class="row">
<div class="col-md-6">
<div class="form-box">
<label for="fname" class="form-label">First Name</label>
<input type="text" class="form-control" name="fname" id="fname" placeholder="First Name" required="">
</div>
</div>
<div class="col-md-6">
<div class="form-box">
<label for="lname" class="form-label">Last Name</label>
<input type="text" class="form-control" name="lname" id="lname" placeholder="Last Name"
required="">
</div>
</div>
<div class="col-md-6">
<div class="form-box">
<label for="mobile" class="form-label">Mobile</label>
<input type="text" class="form-control" name="mobile" id="mobile" placeholder="Enter your mobile" required="">
</div>
</div>
<div class="col-md-6">
<div class="form-box">
<label for="email_id" class="form-label">email</label>
<input type="email" class="form-control" name="email_id" id="email_id" placeholder="Email" required="">
</div>
</div>
<div class="col-md-6">
<div class="form-box">
<label for="password" class="form-label">Password</label>
<input type="password" class="form-control" name="password" id="password" placeholder="Enter your password" required="">
</div>
</div>
<div class="col-md-6">
<div class="form-box">
<label for="password1" class="form-label">Confirm Password</label>
<input type="password" class="form-control" name="password1" id="password1" placeholder="Enter your Confirm password" required="">
</div>
</div>
<div class="col-md-6">
<div class="form-box">
<label for="Address1" class="form-label">Address 1</label>
<input name="Address1" type="text" class="form-control" id="Address1" value="<?php echo $_POST['Address1']?>" />
</div>
</div>
<div class="col-md-6">
<div class="form-box">
<label for="Address2" class="form-label">Address 2</label>
<input name="Address2" type="text" class="form-control" id="Address2" value="<?php echo $_POST['Address2']?>" />
</div>
</div>
<div class="col-md-6">
<div class="form-box">
<label for="City" class="form-label">City</label>
<input name="City" type="text" class="form-control" id="City" value="<?php echo $_POST['City']?>" required="required">
</div>
</div>
<div class="col-md-6">
<div class="form-box">
<label for="State" class="form-label">State</label>
<select name="State" class="form-control" required="required" id="State">
<option value="">State:</option>
<option>Andhra Pradesh</option>
<option>Arunachal Pradesh</option>
<option>Assam</option>
<option>Bihar</option>
<option>Chandigarh</option>
<option>Chhattisgarh</option>
<option>Delhi</option>
<option>Goa</option>
<option>Gujarat</option>
<option>Haryana</option>
<option>Himachal Pradesh</option>
<option>Jammu & Kashmir</option>
<option>Jharkhand</option>
<option>Karnataka</option>
<option>Kerala</option>
<option>Madhya Pradesh</option>
<option>Maharashtra</option>
<option>Manipur</option>
<option>Meghalaya</option>
<option>Mizoram</option>
<option>Nagaland</option>
<option>Odisha (Orissa)</option>
<option>Punjab</option>
<option>Rajasthan</option>
<option>Sikkim</option>
<option>Tamil Nadu</option>
<option>Telangana</option>
<option>Tripura</option>
<option>Uttar Pradesh</option>
<option>Uttarakhand</option>
<option>West Bengal</option>
</select>
</div>
</div>
<div class="col-md-6">
<div class="form-box">
<label for="Country" class="form-label">Country</label>
<select name="Country" class="form-control" required="required" id="Country">
<option value="India">India</option>
</select>
</div>
</div>
<div class="col-md-6">
<div class="form-box">
<label for="Pincode" class="form-label">Pincode</label>
<input name="Pincode" type="text" class="form-control" id="Pincode" value="<?php echo $_POST['Pincode']?>" required="required">
</div>
</div>
<div class="col-md-6">
<div class="form-box">
<label for="website" class="form-label" style="display:none;">Website (Honeypot)</label>
<input type="text" name="website" id="website" class="form-control" style="display:none;">
</div>
</div> <input type="hidden" name="g-recaptcha-response" id="g-recaptcha-response">
<div class="col-12" id="password-strength">
<div class="alert alert-info">
Password must contain:
<ul>
<li>At least 8 characters</li>
<li>At least one uppercase letter</li>
<li>At least one lowercase letter</li>
<li>At least one number</li>
<li>At least one special character (@$!%*?&)</li>
</ul>
</div>
</div>
<div class="col-12">
<input type="Submit" name="register_btn" value="create Account" class="btn btn-solid w-auto" />
</div>
</div>
</form>
</div>
</div>
</section>
<!-- Add reCAPTCHA v3 execution and form handling -->
<script>
grecaptcha.ready(function() {
console.log('reCAPTCHA is ready');
// Get initial token
grecaptcha.execute('<?php echo $recaptcha_site_key; ?>', {action: 'register'})
.then(function(token) {
console.log('Initial token generated');
document.getElementById('g-recaptcha-response').value = token;
})
.catch(function(error) {
console.error('Initial token error:', error);
});
});
// Add form submission handler
document.addEventListener('DOMContentLoaded', function() {
var form = document.querySelector('form.theme-form');
if (form) {
form.addEventListener('submit', onSubmit);
console.log('Form submit handler attached');
} else {
console.error('Form not found');
}
});
</script>
<!-- Add password strength checker -->
<script>
document.getElementById('password').addEventListener('input', function() {
var password = this.value;
var strength = {
uppercase: /[A-Z]/.test(password),
lowercase: /[a-z]/.test(password),
number: /[0-9]/.test(password),
special: /[@$!%*?&]/.test(password),
length: password.length >= 8
};
var ul = document.querySelector('#password-strength ul');
var items = ul.getElementsByTagName('li');
items[0].style.color = strength.length ? 'green' : 'red';
items[1].style.color = strength.uppercase ? 'green' : 'red';
items[2].style.color = strength.lowercase ? 'green' : 'red';
items[3].style.color = strength.number ? 'green' : 'red';
items[4].style.color = strength.special ? 'green' : 'red';
});
</script>
<?php include "footer.php"; ?>
PK 99