Basically the code for the game registration we use is as such
Code: Select all
<?php
require_once('recaptchalib.config.php');
require_once('recaptchalib.php');
require_once('db.config.php');
$user_ip = $_SERVER['REMOTE_ADDR'];
$username = isset($_POST['username']) ? mssql_escape_string(trim($_POST['username'])) : '';
$Email = isset($_POST['Email']) ? mssql_escape_string(trim($_POST['Email'])) : '';
$password = isset($_POST['password']) ? mssql_escape_string(trim($_POST['password'])) : '';
$password2 = isset($_POST['password2']) ? mssql_escape_string(trim($_POST['password2'])) : '';
$errors = array();
$success = false;
if(isset($_POST) && !empty($_POST)){
require_once('db.php');
// Validate user name.
$result = @odbc_exec($conn,"SELECT UserID FROM UserData.dbo.Users WHERE UserID = '{$username}'") or die('Failed to verify is the provided user named already exists.');
if(empty($username)){
$errors[] = 'Please provide a user name.';
}else if(strlen($username) < 3 || strlen($username) > 16){
$errors[] = 'User name must be between 3 and 16 characters in length.';
}else if(ctype_alnum($username) === false){
$errors[] = 'User name must consist of numbers and letters only.';
}else if(odbc_num_rows($result)){
$errors[] = 'User name already exists, please choose a different user name.';
}
//Validate user password.
if(empty($password)){
$errors[] = 'Please provide a password.';
}else if(strlen($password) < 3 || strlen($password) > 16){
$errors[] = 'Password must be between 3 and 16 characters in length.';
}else if($password != $password2){
$errors[] = 'Passwords do not match.';
}
// Validate reCAPTCHA. This is to prevent someone botting account creation.
$response = recaptcha_check_answer($recaptcha_private_key,$_SERVER['REMOTE_ADDR'],$_POST['recaptcha_challenge_field'],$_POST['recaptcha_response_field']);
if(!$response->is_valid){
if($response->error == 'incorrect-captcha-sol'){
$errors['recaptcha'] = 'Incorrect answer to reCAPTCHA';
}else{
$errors['recaptcha'] = $response->error;
}
}
// Persist the new account to the database if no previous errors occured.
if(count($errors) == 0){
$sql = "INSERT INTO UserData.dbo.Users
(UserID,Pw,JoinDate,Admin,AdminLevel,UseQueue,Status,Leave,LeaveDate,UserType,Point,EnPassword,UserIp)
VALUES ('{$username}','{$password}',GETDATE(),0,0,0,0,0,GETDATE(),'N',0,'','{$user_ip}')";
// Remove the @ symbol here to see what the SQL error message is when running the above query in $sql.
if($result = @odbc_exec($conn,$sql)){
$success = "Account {$username} successfully created!";
}else{
// This means the insert statement is probably not valid for your database. Fix the query or fix your database, your choice ;)
$errors[] = 'Failed to create a new account, please try again later';
}
}
}
// Determine which view to show.
if($success === false){
require_once('register.view.php');
}else{
require_once('success.view.php');
}
?>I got it to work but the problem is that it does allowed any simple word format to be enetered (ex mail$gmail.com not just the @)
Code: Select all
// Validate an Email.
$result = @odbc_exec($conn,"SELECT Email FROM UserData.dbo.Users WHERE Email = '{$Email}'") or die('Provided Email adress already exists.');
if (empty($_POST['Email'])) {//if the email supplied is empty
$error[] = 'Please enter a valid Email ';
} else {
if (preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/", $_POST['Email'])) {
$Email = $_POST['Email'];
} else {
$error[] = 'Your EMail Address is invalid ';
}Code: Select all
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Welcome To Register</title>
<meta http-equiv="content-type" content="text/html;charset=utf-8" />
<meta http-equiv="Content-Style-Type" content="text/css" />
<style type="text/css">#error {color:#ff0000; list-style:none;}</style>
<script type="text/javascript">var RecaptchaOptions = {theme:'clean'};</script>
</head>
<body>
<h3>SIGN UP FOR A FREE ACCOUNT</h3>
<?php if(count($errors)){ ?>
<ul id="error">
<?php foreach($errors as $error){ ?>
<li><?php echo $error; ?></li>
<?php } ?>
</ul>
<?php } ?>
<form action="register.php" method="post">
<div style="width:436px; border:opx solid #000000; padding:16px;">
User Name - <font color="gray">'At least 4 characters/numbers.'</font>
<input name="username" value="<?php if(isset($_POST['username'])){ echo $_POST['username']; } ?>" style="width:100%;" />
<div style="height: 5px;"> </div>
Email - <font color="gray">'At least 4 characters/numbers.'</font>
<input name="Email" value="<?php if(isset($_POST['Email'])){ echo $_POST['Email']; } ?>" style="width:100%;" />
<div style="height: 5px;"> </div>
Password - <font color="gray">'At least 4 characters/numbers and max 11.'</font>
<input name="password" type="password" value="<?php if(isset($_POST['password'])){ echo $_POST['password']; } ?>" style="width:100%;" />
<div style="height: 5px;"> </div>
Confirm Password - <font color="gray">'If your passwords aren’t equal, you will fail registering '</font>
<input name="password2" type="password" value="<?php if(isset($_POST['password2'])){ echo $_POST['password2']; } ?>" style="width:100%;" />
<div style="height: 5px;"> </div>
Please type this in the text box below to prove you are human
<?php echo recaptcha_get_html($recaptcha_public_key); ?>
<div style="height: 5px;"> </div>
<input type="submit" value="Create Account" />
</div>
</form>
</body>
</html>1:) To be able to register by also inserting an email address ( which will help in password recovery)
2:) Be able to register by inserting a valid email address plus a confirmation link send to that email ( this part I have nothing so might need another .php part maybe)