38873-vm/register.php

<?php
require_once __DIR__ . '/db/config.php';
require_once __DIR__ . '/mail/MailService.php';
session_start();

// Redirect if already logged in
if (isset($_SESSION['user_id'])) {
    header("Location: dashboard.php");
    exit;
}

$error = '';
$success = '';

function isUniversityEmail($email) {
    $parts = explode('@', $email);
    if (count($parts) !== 2) return false;
    $domain = strtolower($parts[1]);
    
    // Whitelist for university domains
    $university_suffixes = ['.edu', '.ac.uk', '.edu.cn', '.edu.au', '.edu.in', '.edu.pk', '.edu.br', '.ac.jp', '.ac.kr', '.edu.za', '.ac.il', '.edu.mx', '.edu.ar', '.edu.co', '.edu.ph', '.edu.my', '.edu.sg'];
    
    foreach ($university_suffixes as $suffix) {
        if (str_ends_with($domain, $suffix)) {
            return true;
        }
    }
    
    return false;
}

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $full_name = trim($_POST['full_name'] ?? '');
    $email = trim($_POST['email'] ?? '');
    $password = $_POST['password'] ?? '';
    $role = $_POST['role'] ?? '';
    $university = trim($_POST['university'] ?? '');
    $graduation_year = (int)($_POST['graduation_year'] ?? 0);

    // Simple validation
    if (empty($full_name) || empty($email) || empty($password) || empty($role) || empty($university) || empty($graduation_year)) {
        $error = "All fields are required.";
    } elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
        $error = "Invalid email format.";
    } elseif ($role === 'founder' && !isUniversityEmail($email)) {
        $error = "Founders must use a valid university email address (e.g. .edu, .ac.uk).";
    } elseif ($graduation_year < 1900 || $graduation_year > 2100) {
        $error = "Invalid graduation year.";
    } else {
        // Check if email already exists
        $stmt = db()->prepare("SELECT id FROM users WHERE email = ?");
        $stmt->execute([$email]);
        if ($stmt->fetch()) {
            $error = "Email already registered.";
        } else {
            // Generate verification code
            $verification_code = bin2hex(random_bytes(16));
            $hashed_password = password_hash($password, PASSWORD_DEFAULT);

            // Insert user
            $stmt = db()->prepare("INSERT INTO users (full_name, email, password, role, university, graduation_year, verification_code, verified) VALUES (?, ?, ?, ?, ?, ?, ?, ?)");
            try {
                // Investors are verified by default as they don't need student verification
                $is_verified = ($role === 'investor') ? 1 : 0;
                $stmt->execute([$full_name, $email, $hashed_password, $role, $university, $graduation_year, $verification_code, $is_verified]);
                
                if ($role === 'founder') {
                    $success = "Registration successful! A verification link has been sent to $email. Please verify your account before logging in.";
                    
                    // Send verification email
                    $baseUrl = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? "https" : "http") . "://" . $_SERVER['HTTP_HOST'];
                    $verifyUrl = "$baseUrl/verify.php?code=$verification_code";
                    $subject = "Verify your " . PLATFORM_NAME . " account";
                    $html = "<h1>Welcome to " . PLATFORM_NAME . "!</h1><p>Please click the link below to verify your student status:</p><p><a href='$verifyUrl'>$verifyUrl</a></p>";
                    $text = "Welcome to " . PLATFORM_NAME . "!\n\nPlease visit the following URL to verify your account:\n$verifyUrl";
                    
                    MailService::sendMail($email, $subject, $html, $text);
                } else {
                    $success = "Registration successful! You can now log in to your investor account.";
                }
            } catch (PDOException $e) {
                $error = "Database error: " . $e->getMessage();
            }
        }
    }
}

$platformName = defined('PLATFORM_NAME') ? PLATFORM_NAME : 'Gatsby';
?>
<!doctype html>
<html lang="en">
<head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <title>Sign Up — <?= htmlspecialchars($platformName) ?></title>
    <link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap" rel="stylesheet">
    <link rel="stylesheet" href="assets/css/custom.css?v=<?php echo time(); ?>">
    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css">
</head>
<body style="display: flex; align-items: center; justify-content: center; min-height: 100vh; padding: 20px; background: var(--bg-color);">

<div class="card" style="width: 100%; max-width: 500px; padding: 40px;">
    <div style="text-align: center; margin-bottom: 40px;">
        <img src="assets/images/logo.svg?v=<?php echo time(); ?>" alt="Logo" style="width: 64px; height: 64px; margin-bottom: 16px;">
        <div class="logo-text" style="font-size: 28px; justify-content: center;"><?= htmlspecialchars($platformName) ?></div>
    </div>

    <h2 style="margin-bottom: 8px; text-align: center; font-size: 24px; font-weight: 800;">Join the Exclusive Network</h2>
    <p style="text-align: center; color: var(--text-secondary); margin-bottom: 32px; font-size: 14px;">Verify your student or graduate status to get started.</p>

    <?php if ($error): ?>
        <div style="background: rgba(255, 68, 68, 0.1); border: 1px solid var(--error-color); color: var(--error-color); padding: 12px; border-radius: 8px; margin-bottom: 24px; text-align: center; font-weight: 600;">
            <?= htmlspecialchars($error) ?>
        </div>
    <?php endif; ?>

    <?php if ($success): ?>
        <div style="background: rgba(0, 200, 83, 0.1); border: 1px solid var(--success-color); color: var(--success-color); padding: 12px; border-radius: 8px; margin-bottom: 24px; text-align: center; font-weight: 600;">
            <?= htmlspecialchars($success) ?>
        </div>
        <p style="text-align: center;"><a href="login.php" class="btn btn-primary" style="width: 100%; padding: 16px;">Go to Log In</a></p>
    <?php else: ?>
        <form method="POST">
            <div style="margin-bottom: 20px;">
                <label>Full Name</label>
                <input type="text" name="full_name" required placeholder="John Doe">
            </div>
            <div style="margin-bottom: 20px;">
                <label>University Email</label>
                <input type="email" name="email" required placeholder="you@university.ac.uk">
                <span id="founder-hint" style="font-size: 12px; color: var(--text-secondary); margin-top: 6px; display: block;">Only university/graduate emails accepted for founders.</span>
            </div>
            <div style="display: grid; grid-template-columns: 1fr 1fr; gap: 20px; margin-bottom: 20px;">
                <div>
                    <label>University</label>
                    <input type="text" name="university" required placeholder="Oxford">
                </div>
                <div>
                    <label>Grad Year</label>
                    <input type="number" name="graduation_year" required placeholder="2026">
                </div>
            </div>
            <div style="margin-bottom: 20px;">
                <label>Password</label>
                <input type="password" name="password" required placeholder="••••••••">
            </div>
            <div style="margin-bottom: 32px;">
                <label>I want to be a:</label>
                <div style="display: grid; grid-template-columns: 1fr 1fr; gap: 15px;">
                    <label style="display: block; cursor: pointer;">
                        <input type="radio" name="role" value="founder" required style="display: none;" class="role-radio" onchange="toggleHint()">
                        <div class="role-box" style="padding: 15px; border: 1px solid var(--border-color); border-radius: 12px; text-align: center; transition: all 0.2s; font-weight: 700; color: var(--text-secondary);">
                            Founder
                        </div>
                    </label>
                    <label style="display: block; cursor: pointer;">
                        <input type="radio" name="role" value="investor" required style="display: none;" class="role-radio" onchange="toggleHint()">
                        <div class="role-box" style="padding: 15px; border: 1px solid var(--border-color); border-radius: 12px; text-align: center; transition: all 0.2s; font-weight: 700; color: var(--text-secondary);">
                            Investor
                        </div>
                    </label>
                </div>
            </div>
            <button type="submit" class="btn btn-primary" style="width: 100%; padding: 16px;">Create Account</button>
            <p style="text-align: center; margin-top: 24px; color: var(--text-secondary); font-size: 14px;">
                Already have an account? <a href="login.php" style="color: var(--accent-primary); font-weight: 700;">Log In</a>
            </p>
        </form>
    <?php endif; ?>
</div>

<script>
    function toggleHint() {
        const selectedRole = document.querySelector('input[name="role"]:checked');
        if (selectedRole) {
            const isFounder = selectedRole.value === 'founder';
            document.getElementById('founder-hint').style.display = isFounder ? 'block' : 'none';
        }
    }
    toggleHint();
</script>

<style>
    .role-radio:checked + .role-box {
        background: var(--accent-primary) !important;
        border-color: var(--accent-primary) !important;
        color: #000 !important;
    }
</style>

</body>
</html>