Code: Select all
<?php
include('config.php');
if($loggedin == '1')
die("You can't register another account while you're logged in.");
if(isset($_POST['submit']))
{
$callname = mysql_real_escape_string($_POST['callname']);
$uname = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string($_POST['password']);
$email = mysql_real_escape_string($_POST['email']);
if((!isset($_POST['username'])) || (!isset($_POST['callname'])) || (!isset($_POST['email'])) || (!isset($_POST['pass'])) || ($uname == '') || ($_POST['pass'] == ''))
die("Please fill out the form completely. <br><br>
<a href=register.php>Continue</a>");
$check = @mysql_query("SELECT id FROM users WHERE username = '$uname'");
$check = @mysql_num_rows($check);
if($check > 0)
die("Sorry, that username has already been taken. Please try again.
<br><br>
<a href=register.php>Continue</a>");
function validateEmailAddress($email) {
return filter_var($email, FILTER_VALIDATE_EMAIL) && preg_match('/@.+\./', $email);
}
if(validateEmailAddress($email) !=1) {
echo "That email address does not exist.<br /><br /><a href=register.php>Continue</a>";
exit();
}
$pass = md5($_POST['pass']);
$date = date("m/d/y");
$newPlayer = @mysql_query("INSERT INTO users (username, password, callname, email, registered) VALUES ('$uname', '$pass', '$callname', '$email', '$date')" or die('Cant connect to database').mysql_error());
echo 'You have been registered! You may now <a href=index.php>Log in</a>.';
}
else
{
echo '<form action=register.php method=post>
Callname: <input type=text name=callname><br>
Username: <input type=text name=username><br>
Email: <input type=text name=email><br>
Password: <input type=password name=pass><br>
<input type=submit name=submit value=Submit>
</form>';
}
?>