Ive got the following code for registering new users on my website:
Code: Select all
<?php
$page_title = 'Register';
include ('templates/header.inc');
if (isset($_POST['submit'])) {
require_once ('includes/mysql_connect.php');
function escape_data ($data) {
global $dbc;
if (ini_get('magic_quotes_gpc')) {
$data = stripslashes($data);
}
return mysql_real_escape_string($data, $dbc);
}
$message = NULL;
if (empty($_POST['username'])) {
$u = FALSE;
$message .= '<p> You forgot to rnter a Username </p>';
} else {
$u = escape_data($_POST['username']);
}
if (empty($_POST['first_name'])) {
$fn = FALSE;
$message .= '<p> You forgot to enter your First Name </p>';
} else {
$fn = escape_data($_POST['username']);
}
if (empty($_POST['second_name'])) {
$sn = FALSE;
$message .= '<p> You forgot to enter your Second Name </p>';
} else {
$sn = escape_data($_POST['username']);
}
if (empty($_POST['email'])) {
$e = FALSE;
$message .= '<p> You forgot to enter an E-Mail Address </p>';
} else {
$e = escape_data($_POST['username']);
}
if (empty($_POST['password1'])) {
$p = FALSE;
$message .= '<p> You forgot to enter a Password </p>';
} else {
if ($_POST['password1'] == $_POST['password2']) {
$p = escape_data($_POST['password1']);
} else {
$p = FALSE;
$message .= '<p> Your passwords did not match </p>';
}
}
if ($u && $fn && $sn && $e && $p) { //everything is ok
$query = "SELECT user_id FROM users WHERE username='$u'";
$result = @mysql_query ($query);
if (mysql_num_rows($result) == 0) {
// Make Query
$query = "INSERT INTO users (username, first_name, second_name, email, password, registration_date) VALUES ($u, $fn, $sn, $e, PASSWORD('$p'), NOW() )";
$result = @mysql_query ($query);
if ($result) { // everything went ok
// Send Email If Desired
echo '<p><b> You have been registered</b></p>';
include ('templates/footer.inc');
exit();
} else {
$message = '<p>You could not be registered at this time, please try again later.' . mysql_error() . '</p>';
}
} else {
$message = '<p> The username has already been taken.</p>';
}
mysql_close();
} else {
$message .= '<p> Please try again. </p>';
}
}
if (isset($message)) {
echo '<font color="red"><b>', $message, '</b></font>';
}
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<fieldset><legend> Enter Your Information in the box below: </legend>
<b> First Name: </b> <input type="text" name="first_name" maxlength="20" size="15" value="<?php if (isset($_POST['first_name'])) echo ($_POST['first_name']); ?>" /> <br />
<b> Second Name: </b> <input type="text" name="second_name" maxlength="20" size="15" value="<?php if (isset($_POST['second_name'])) echo ($_POST['second_name']); ?>" /> <br />
<b> E-Mail: </b> <input type="text" name="email" maxlength="20" size="15" value="<?php if (isset($_POST['email'])) echo ($_POST['email']); ?>" /> <br />
<b> User Name: </b> <input type="text" name="username" maxlength="20" size="15" value="<?php if (isset($_POST['username'])) echo ($_POST['username']); ?>" /> <br />
<b> Password: </b> <input type="password" name="password1" maxlength="20" size="15" value="" /> <br />
<b> Confirm Password: </b> <input type="password" name="password2" maxlength="20" size="15" value="" /> <br />
<input type="hidden" name="submit" value="submit">
<input type="submit" name="submit" value="Register">
</fieldset>
</form>
<?php
include ('templates/footer.inc');
?>Cheers,
Andrew