however, as soon as I reach this page, it just will not work.
any ideas on why this particular page would kill session variables?
ps, im not very good at php, alot of this what cut and paste work
Code: Select all
<?php include("auth.php"); ?>
<?php include("header.php"); ?>
<body>
<table width="602" border="0" align="center">
<tr>
<td width="193"><a href="main.php"><img src="images/rtr.gif" alt="Reuters Logo" border="0" /></a></td>
<td width="393"><?php include("menu.php"); ?></td>
</tr>
<tr>
<td valign="top"><?php include ("username.php"); ?></td>
<td valign="top">
<?php
require('db_connect.php'); // database connect script.
?>
<title>Register an Account</title>
<body>
<?php include ("auth_admin.php") ?>
<?php
if (isset($_POST['submit'])) { // if form has been submitted
/* check they filled in what they supposed to,
passwords matched, username
isn't already taken, etc. */
if (!$_POST['uname'] | !$_POST['passwd'] | !$_POST['passwd_again'] | !$_POST['email']) {
die('You did not fill in a required field.');
}
// check if username exists in database.
if (!get_magic_quotes_gpc()) {
$_POST['uname'] = addslashes($_POST['uname']);
}
$name_check = $db_object->query("SELECT rtrusername FROM users WHERE rtrusername = '".$_POST['uname']."'");
if (DB::isError($name_check)) {
die($name_check->getMessage());
}
$name_checkk = $name_check->numRows();
if ($name_checkk != 0) {
die('Sorry, the username: <strong>'.$_POST['uname'].'</strong> is already taken, please pick another one.');
}
// check passwords match
if ($_POST['passwd'] != $_POST['passwd_again']) {
die('Passwords did not match.');
}
// check e-mail format
if (!preg_match("/.*@.*..*/", $_POST['email']) | preg_match("/(<|>)/", $_POST['email'])) {
die('Invalid e-mail address.');
}
// no HTML tags in username, website, location, password
$_POST['uname'] = strip_tags($_POST['uname']);
$_POST['passwd'] = strip_tags($_POST['passwd']);
// check show_email data
if ($_POST['show_email'] != 0 & $_POST['show_email'] != 1) {
die('Nope');
}
/* the rest of the information is optional, the only thing we need to
check is if they submitted a website,
and if so, check the format is ok. */
// now we can add them to the database.
// encrypt password
$_POST['passwd'] = md5($_POST['passwd']);
if (!get_magic_quotes_gpc()) {
$_POST['passwd'] = addslashes($_POST['passwd']);
$_POST['email'] = addslashes($_POST['email']);
}
$regdate = date('m d, Y');
$insert = "Insert INTO users (
rtrusername,
rtrpassword,
permissions,
regdate,
email,
show_email,
last_login)
VALUES (
'".$_POST['uname']."',
'".$_POST['passwd']."',
'".$_POST['permissions']."',
'$regdate',
'".$_POST['email']."',
'".$_POST['show_email']."',
'Never')";
$add_member = $db_object->query($insert);
if (DB::isError($add_member)) {
die($add_member->getMessage());
}
$db_object->disconnect();
if ($permissions == 2) {
$path = "d:/pixstore/{$uname}";
mkdir($path);}
if ($permissions == 3) {
$path = "d:/pixstore/{$uname}";
mkdir("$dirname");}
?>
<span class="boldtextbig">Registered</span>
<br />
The user
<?php echo $_POST['uname'];?>
has been added to the database <?php if ($permissions == 2) { echo "and a folder named {$uname} has been created in PixStore";} if ($permissions == 3) { echo "and a folder named {$uname} has been created in PixStore";}?>. <br />
<br />
<a href="admin_register.php">Add another user</a><?php
} else { // if form hasn't been submitted
?>
<span class="boldtextbig">Register A New User</span>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table align="center" border="0" cellspacing="0" cellpadding="3" width="100%">
<tr><td>Username*:</td><td>
<input type="text" name="uname" maxlength="40">
</td></tr>
<tr><td>Password*:</td><td>
<input type="password" name="passwd" maxlength="50">
</td></tr>
<tr><td>Confirm Password*:</td><td>
<input type="password" name="passwd_again" maxlength="50">
</td></tr>
<tr>
<td>Permissions*:</td>
<td><select name="permissions">
<option value="1" selected="selected">Limited Access</option>
<option value="2">Stringer Access</option>
<option value="3">Admin Access</option>
</select></td>
</tr>
<tr><td>E-Mail*:</td><td>
<input type="text" name="email" maxlength="100">
</td></tr>
<tr><td>Show E-Mail?</td><td>
<select name="show_email">
<option value="1" selected="selected">Yes</option>
<option value="0">No</option></select>
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Sign Up">
</td></tr>
</table>
</form>
<?php
}
?> </td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
</table>
</body>
</html>