Register 2
Posted: Sat Mar 26, 2005 6:50 am
i was wondering how i could convert the following code so that it doesnt need php 4.3 or higher to run. I know it needs mysql_escape_string() instead of mysql_real_escape_string() but i dont know how to convert the code, any help would be much appreciated:
Code: Select all
<?php # register.php
$page_title = 'Register';
function doDB() {
global $conn;
$conn = mysql_connect("localhost", "tcigroupbiz", "Piper007") or die(mysql_error());
mysql_select_db("tci_property",$conn) or die(mysql_error());
}
function escape_data($data) {
global $dbc;
if(ini_get('magic_quotes_gpc'))
{
$data = stripslashes($data);
}
return mysql_real_escape_string(trim($data),$dbc);
}
if (isset($_POST['submit'])) {
doDB();
//Check for a first name.
if (eregi("^[[].' -]{2,15}$", stripslashes(trim($_POST['first_name'])))) {
$fn = escape_data($_POST['first_name']);
} else {
$fn = FALSE;
echo '<p><font color="red" size="+1">Please enter your first name!</font></p>';
}
//Check for a last name.
if(eregi("^[[].' -]{2,30}$", stripslashes(trim($_POST['last_name'])))){
$ln = escape_data($_POST['last_name']);
} else {
$ln = FALSE;
echo '<p><font color="red" size="+1">Please enter your last name!</font></p>';
}
//Check for an email address.
if(eregi("^[[]][a-z0-9_.-}*@[a-z0-9]+\.[a-z]{2,4}$",
stripslashes(trim($_POST['email'])))) {
$e = escape_data($_POST['email']);
} else {
$e = FALSE;
echo '<p><font color="red" size"+1">Please enter a valid email address!</font></p>';
}
//Check for a username.
if(eregi("^[[]_]{4,20}$", stripslashes(trim($_POST['username'])))) {
$you = escape_data($_POST['username']);
} else {
$you = FALSE;
echo '<p><font color="red" size="+1">Please enter a valid username!</font></p>';
}
//Check for a password and match against the confirmed password.
if(eregi ("^[[]]{4,20}$", stripslashes(trim($_POST['password1'])))) {
if($_POST['password1'] == $_POST['password2']) {
$p = escape_data($_POST['password1']);
} else {
$p = FALSE;
echo '<p><font color="red" size="+1">Your password did not match the confirmed password!</font></p>';
}
if ($fn && $ln && $e && $you && $p) { // if everything is ok.
//Make sure username is available.
$query = "SELECT user_id FROM users WHERE username='$you'";
$result = @my_query ($query);
if(mysql_num_rows($result) == 0) { //Available.
//Add the user.
$query = "INSERT INTO users((username, first_name, last_name, email, password,
registration_date) VALUES ('$you', '$fn', '$ln', '$e', PASSWORD('$p'), NOW() )";
$result = @mysql_query ($query);// Run the query.
if ($result) { //if OK.
echo '<h3>Thank you for registering!</h3>';
include('includes/footer.html'); //Include the HTML footer.
exit();
} else { // If it did not run OK
//Send a message to the error log.
echo '<p><font color="red" size"+1">You could not be registered
due to a system error. We apologise for any inconvenience.</font></p>';
}
} else { // The username is not available.
echo '<p><font color="red" size"+1">That username is already taken.</font></p>';
}
mysql_close(); //Close the database connection.
} else { //If one of the data tests failed.
echo '<p><font color="red" size="+1">Please try again.</font></p>';
}
}
}
?>
<h1>Register</h1>
<body bgcolor="#000000" text="#003366">
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<fieldset>
<p><b>First Name:</b> <input type="text" name="first_name" size="15" maxlength="15"
value="<?php if (isset($_POST['first_name'])) echo $_POST['first_name']; ?>" /></p>
<p><b>Last Name:</b> <input type="text" name="last_name" size="30" maxlength="30"
value="<?php if (isset($_POST['last_name'])) echo $_POST['last_name']; ?>" /></p>
<p><b>Email:</b> <input type="text" name="email" size="40" maxlength="40"
value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" /></p>
<p><b>User Name:</b> <input type="text" name="username" size="10" maxlength="20"
value="<?php if (isset($_POST['username'])) echo $_POST['username']; ?>" /> <small>Use only
letters, numbers and underscore. Must be between 4 and 20 characters long.</small></p>
<p><b>Password:</b> <input type="password" name="password1" size="20" maxlength="20" />
<small>USe only letters and numbers. Must be between 4 and 20 characters long.</small></p>
<p><b>Confirm Password:</b> <input type="password" name="password2" size="20" maxlength="20"
/></p>
</fieldset>
<div align="center"><input type="submit" name="submit" value="Register" /></div>
</form><!-- End of Form -->