<?php
session_start();

ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);

function database_entry($fname, $lname, $username, $password_hash, $email, $website) {
    $root = realpath($_SERVER["DOCUMENT_ROOT"]);
    require($root."/database/credentials.php");
    // Connect the database
    try{
        $db = new PDO("mysql:host=$host;dbname=$database;charset=utf8", 
            $user, 
            $password, 
            array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION
            ));
    }catch (Exception $e){
        die("Error : ".$e->getMessage());
    }
    $req = $db->prepare('INSERT INTO `authors` (`id`, `firstname`, `lastname`, `username`, `email`, `website`, `password`, `entry_timestamp`) VALUES (NULL,  :fname, :lname, :username, :email, :website, :password, current_timestamp());');
    $req->execute(array(
        'fname' => $fname,
        'lname' => $lname,
        'username' => $username,
        'email' => $email,
        'website' => $website,
        'password' => $password_hash
    ));
}

$_SESSION['error_msg'] = "";

if (isset($_POST['submit']))
{
    if (isset($_POST['firstname']))
    {
        $fname = $_POST['firstname'];
    } else 
    {
        $_SESSION['error_msg'] .= _('You did not enter a proper first name.').'\n';
    }
    if (isset($_POST['lastname']))
    {
        $lname = $_POST['lastname'];
    } else 
    {
        $_SESSION['error_msg'] .= _('You did not enter a proper last name.');
    }
    if (isset($_POST['username']))
    {
        $username = $_POST['username'];
    } else 
    {
        $_SESSION['error_msg'] .= _('You did not enter a proper username.').'\n';
    }
    if (isset($_POST['email']))
    {
        $email = $_POST['email'];
    } else 
    {
        $_SESSION['error_msg'] .= _('You did not enter a proper email address.').'\n';
    }
    $website = isset($_POST['website']) ? $_POST['website'] : "";
    if (isset($_POST['password'])) {
        $password_hash = password_hash($_POST['password'], PASSWORD_DEFAULT);
    } else {
        $_SESSION['error_msg'] .= _('You did not enter a proper password.').'\n';
    }
} else 
{
    $_SESSION['error_msg'] .= _('You did not submit the register form.').'\n';
}

if ($_SESSION['error_msg'] == "")
{
    database_entry($fname, $lname, $username, $password_hash, $email, $website, $password);
    header('Location: '."../../auth/login");
} else 
{
    header('Location: '."../../auth/register");
}
?>