Page 1 of 1

Register 2

Posted: Sat Mar 26, 2005 6:50 am
by shireen_az
i was wondering how i could convert the following code so that it doesnt need php 4.3 or higher to run. I know it needs mysql_escape_string() instead of mysql_real_escape_string() but i dont know how to convert the code, any help would be much appreciated:

Code: Select all

<?php # register.php 
$page_title = 'Register'; 

function doDB() { 
global $conn; 

$conn = mysql_connect("localhost", "tcigroupbiz", "Piper007") or die(mysql_error()); 
mysql_select_db("tci_property",$conn) or die(mysql_error()); 
} 

function escape_data($data) { 
global $dbc; 
if(ini_get('magic_quotes_gpc')) 
{ 
$data = stripslashes($data); 
} 
return mysql_real_escape_string(trim($data),$dbc); 
} 


if (isset($_POST['submit'])) { 

doDB(); 

//Check for a first name. 
if (eregi("^[[].' -]{2,15}$", stripslashes(trim($_POST['first_name'])))) { 
$fn = escape_data($_POST['first_name']); 
} else { 
$fn = FALSE; 
echo '<p><font color="red" size="+1">Please enter your first name!</font></p>'; 
} 
//Check for a last name. 

if(eregi("^[[].' -]{2,30}$", stripslashes(trim($_POST['last_name'])))){ 
$ln = escape_data($_POST['last_name']); 
} else { 
$ln = FALSE; 
echo '<p><font color="red" size="+1">Please enter your last name!</font></p>'; 
} 

//Check for an email address. 

if(eregi("^[[]][a-z0-9_.-}*@[a-z0-9]+\.[a-z]{2,4}$", 
stripslashes(trim($_POST['email'])))) { 
$e = escape_data($_POST['email']); 
} else { 
$e = FALSE; 
echo '<p><font color="red" size"+1">Please enter a valid email address!</font></p>'; 
} 

//Check for a username. 
if(eregi("^[[]_]{4,20}$", stripslashes(trim($_POST['username'])))) { 
$you = escape_data($_POST['username']); 
} else { 
$you = FALSE; 
echo '<p><font color="red" size="+1">Please enter a valid username!</font></p>'; 
} 

//Check for a password and match against the confirmed password. 
if(eregi ("^[[]]{4,20}$", stripslashes(trim($_POST['password1'])))) { 
if($_POST['password1'] == $_POST['password2']) { 
$p = escape_data($_POST['password1']); 

} else { 
$p = FALSE; 
echo '<p><font color="red" size="+1">Your password did not match the confirmed password!</font></p>'; 
} 

if ($fn && $ln && $e && $you && $p) { // if everything is ok. 

//Make sure username is available. 
$query = "SELECT user_id FROM users WHERE username='$you'"; 
$result = @my_query ($query); 

if(mysql_num_rows($result) == 0) { //Available. 

//Add the user. 
$query = "INSERT INTO users((username, first_name, last_name, email, password, 
registration_date) VALUES ('$you', '$fn', '$ln', '$e', PASSWORD('$p'), NOW() )"; 
$result = @mysql_query ($query);// Run the query. 

if ($result) { //if OK. 


echo '<h3>Thank you for registering!</h3>'; 
include('includes/footer.html'); //Include the HTML footer. 
exit(); 

} else { // If it did not run OK 
//Send a message to the error log. 
echo '<p><font color="red" size"+1">You could not be registered 
due to a system error. We apologise for any inconvenience.</font></p>'; 

} 

} else { // The username is not available. 
echo '<p><font color="red" size"+1">That username is already taken.</font></p>'; 
} 

mysql_close(); //Close the database connection. 

} else { //If one of the data tests failed. 
echo '<p><font color="red" size="+1">Please try again.</font></p>'; 
} 
} 
} 


?> 

<h1>Register</h1> 
<body bgcolor="#000000" text="#003366"> 
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> 
<fieldset> 

<p><b>First Name:</b> <input type="text" name="first_name" size="15" maxlength="15" 
value="<?php if (isset($_POST['first_name'])) echo $_POST['first_name']; ?>" /></p> 

<p><b>Last Name:</b> <input type="text" name="last_name" size="30" maxlength="30" 
value="<?php if (isset($_POST['last_name'])) echo $_POST['last_name']; ?>" /></p> 

<p><b>Email:</b> <input type="text" name="email" size="40" maxlength="40" 
value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" /></p> 

<p><b>User Name:</b> <input type="text" name="username" size="10" maxlength="20" 
value="<?php if (isset($_POST['username'])) echo $_POST['username']; ?>" /> <small>Use only 
letters, numbers and underscore. Must be between 4 and 20 characters long.</small></p> 

<p><b>Password:</b> <input type="password" name="password1" size="20" maxlength="20" /> 
<small>USe only letters and numbers. Must be between 4 and 20 characters long.</small></p> 

<p><b>Confirm Password:</b> <input type="password" name="password2" size="20" maxlength="20" 
/></p> 
</fieldset> 

<div align="center"><input type="submit" name="submit" value="Register" /></div> 

</form><!-- End of Form -->

Posted: Sat Mar 26, 2005 8:19 am
by feyd
you can edit your posts.. so watch the double posting. :?

look at all the functions the code calls in the php documentation. Each one should have details of when it was added. For the ones that are newer, figure out how the old way was done (sometimes in the user comments)