The YUME|TEC store handles user authentication through a single page,Documentation Index
Fetch the complete documentation index at: https://mintlify.com/wreyesus/Sencillo_Carrito_de_Compras_en_PHP/llms.txt
Use this file to discover all available pages before exploring further.
nuevo_usuario.php, which renders a registration form and a login form side by side. New visitors fill in the registration form and are handled by registro.php; returning users submit the login form which is handled by ingreso.php. Both handlers write the authenticated user’s details into the PHP session and redirect to resumenc_compra.php — the assumption being that a visitor most often arrives at the auth page in the middle of completing a purchase.
Registration form (nuevo_usuario.php → registro.php)
The registration form posts toregistro.php via method="post". All fields are marked required, preventing submission if any are left blank. The available fields are:
| Field name | Input type | Notes |
|---|---|---|
nickname | text | Used as the display name stored in $_SESSION['usuario'] |
nombre | text | First name, stored in the usuario table |
correo | mail | Email address for the welcome email (see note below) |
apellido | text | Last name, stored in the usuario table |
contrasena | password | Password; stored as plain text (see warning below) |
contrasena_vali | password | Repeat-password field; checked client-side via comparar_contra() |
pais | select | El Salvador, Guatemala, Honduras, Costa Rica, Nicaragua |
ciudad | text | City, stored in the usuario table |
Registration handler (registro.php)
Whenregistro.php receives the POST, it performs three actions in order:
Insert the new user into MySQL
The submitted values are interpolated directly into an
INSERT statement against the usuario table. The idusuario primary key is set to NULL so MySQL assigns the next auto-increment value, and fechaingreso is populated with the current date:Log the new user in immediately
Immediately after the insert, a
SELECT query fetches the just-created row by matching nickname and contrasena. If the row is found, the session variables are set and the browser is redirected to the checkout summary page:Send a welcome email via PHPMailer
After the redirect header is issued, Update
registro.php configures a PHPMailer instance and sends a welcome message to the email address the user provided in the registration form:$correo_empresa, $empresa, and $mail->Host with your actual store details before deploying.Login handler (ingreso.php)
The login form onnuevo_usuario.php posts nickname and contrasena to ingreso.php. The handler queries the usuario table for a matching row:
$filasn <= 0), $valido is set to false and no redirect occurs — the browser stays on the current page without an explicit error message being displayed to the user.
Logout (cerrar_sesion.php)
cerrar_sesion.php ends the current session in three steps and then redirects back to the store’s homepage:
$_SESSION to an empty array before calling session_destroy() ensures that all session data — including the cart and the authenticated user’s identity — is cleared immediately, even if session_destroy() does not purge the superglobal in the same request on some server configurations.
Password match validation
Before the registration form can be submitted, a small JavaScript function onnuevo_usuario.php fires on the onChange event of the repeat-password field and alerts the user if the two entries do not match:
id="contra1" and the second carries id="contra2". This is a convenience check only — there is no server-side re-validation that the two passwords matched before the insert is executed.
The email field in the registration form uses
type="mail" — a non-standard
attribute value — instead of the HTML5 type="email". Most browsers do not
recognise type="mail" and fall back to treating the field as a plain text
input, so built-in browser email format validation is not triggered. If you
need format validation on the email field, change the attribute to
type="email".