38443-vm/auth/register.php

<?php
require_once __DIR__ . '/session.php';

$error = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $username = $_POST['username'] ?? '';
    $email = $_POST['email'] ?? '';
    $password = $_POST['password'] ?? '';
    $invite_code = $_POST['invite_code'] ?? '';
    
    if ($username && $email && $password) {
        $target_server_id = 1;
        $can_register = true;

        if (defined('PRIVATE_REGISTRATION') && PRIVATE_REGISTRATION && empty($invite_code)) {
            $can_register = false;
            $error = "Invite code is required for private registration.";
        }

        if ($can_register && !empty($invite_code)) {
            $stmt = db()->prepare("SELECT id, invite_code_expires_at FROM servers WHERE invite_code = ?");
            $stmt->execute([$invite_code]);
            $server = $stmt->fetch();
            if (!$server) {
                $can_register = false;
                $error = "Invalid invite code.";
            } elseif (!empty($server['invite_code_expires_at']) && strtotime($server['invite_code_expires_at']) < time()) {
                $can_register = false;
                $error = "Invite code has expired.";
            } else {
                $target_server_id = $server['id'];
            }
        }

        if ($can_register) {
            $hash = password_hash($password, PASSWORD_DEFAULT);
            try {
                $stmt = db()->prepare("INSERT INTO users (username, display_name, email, password_hash) VALUES (?, ?, ?, ?)");
                $stmt->execute([$username, $username, $email, $hash]);
                $userId = db()->lastInsertId();
                
                // Add to target server
                $stmt = db()->prepare("INSERT IGNORE INTO server_members (server_id, user_id) VALUES (?, ?)");
                $stmt->execute([$target_server_id, $userId]);

                $_SESSION['user_id'] = $userId;
                header('Location: ../index.php');
                exit;
            } catch (Exception $e) {
                $error = "Registration failed: " . $e->getMessage();
            }
        }
    } else {
        $error = "Please fill all fields.";
    }
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Register | Discord Clone</title>
    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
    <link rel="stylesheet" href="../assets/css/discord.css">
    <style>
        body { background-color: #313338; display: flex; align-items: center; justify-content: center; height: 100vh; }
        .auth-card { background-color: #2b2d31; padding: 32px; border-radius: 8px; width: 100%; max-width: 480px; box-shadow: 0 2px 10px rgba(0,0,0,0.2); }
        .form-label { color: #b5bac1; font-size: 12px; font-weight: bold; text-transform: uppercase; }
        .form-control { background-color: #1e1f22; border: none; color: #dbdee1; padding: 10px; }
        .form-control:focus { background-color: #1e1f22; color: #dbdee1; box-shadow: none; }
        .btn-blurple { background-color: #5865f2; color: white; width: 100%; font-weight: bold; margin-top: 20px; }
        .btn-blurple:hover { background-color: #4752c4; color: white; }
        .auth-footer { color: #949ba4; font-size: 14px; margin-top: 10px; }
        .auth-footer a { color: #00a8fc; text-decoration: none; }
    </style>
</head>
<body>
    <div class="auth-card">
        <h3 class="text-center mb-4">Create an account</h3>
        <?php if($error): ?>
            <div class="alert alert-danger"><?php echo htmlspecialchars($error); ?></div>
        <?php endif; ?>
        <form method="POST">
            <div class="mb-3">
                <label class="form-label">Username</label>
                <input type="text" name="username" class="form-control" required>
            </div>
            <div class="mb-3">
                <label class="form-label">Email</label>
                <input type="email" name="email" class="form-control" required>
            </div>
            <div class="mb-3">
                <label class="form-label">Password</label>
                <input type="password" name="password" class="form-control" required>
            </div>
            <div class="mb-3">
                <label class="form-label">Invite Code <?php echo (defined('PRIVATE_REGISTRATION') && PRIVATE_REGISTRATION) ? '' : '(Optional)'; ?></label>
                <input type="text" name="invite_code" class="form-control" placeholder="Enter your invitation code" <?php echo (defined('PRIVATE_REGISTRATION') && PRIVATE_REGISTRATION) ? 'required' : ''; ?>>
            </div>
            <button type="submit" class="btn btn-blurple">Continue</button>
            <div class="auth-footer">
                Already have an account? <a href="login.php">Login</a>
            </div>
        </form>
    </div>
</body>
</html>