Code: Select all
<?php
session_start();
require("config.php");
$db = mysql_connect($dbhost, $dbuser);
mysql_select_db($dbdatabase, $db);
if($_POST['submit']) {
if($_POST['password'] == $_POST['password2']) {
$checksql = "SELECT * FROM user WHERE username = '" . $_POST['username'] . "';";
$checkresult = mysql_query($checksql)or die(mysql_error());
$checknumrows = mysql_num_rows($checkresult);
if($checknumrows == 1) {
header("Location: " . $config_basedir . "reg.php?error=taken");
}
else {
for($i = 0; $i < 16; $i++) {
$randomstring .= chr(mt_rand(32,126));
}
$verifystring = urlencode($randomstring);
$validusername = $_POST['username'];
$sql = "INSERT INTO user(username, password, name, lastname) VALUES('" . $_POST['username'] . "', '" . $_POST['password'] . "' '" . $_POST['name'] . "' '" . $_POST['lastname'] . "' '" . addslashes($randomstring) . "', 0);";
$query = mysql_query($sql)or die(mysql_error());
require("header.php");
}
if(!$query) {
header("Location: " . $config_basedir . "reg.php?error=pass");
}
if(!empty($_GET['error'])){
require("header.php");
switch($_GET['error']) {
case "pass":
echo "Passwords do not match!";
break;
case "taken":
echo "Username taken, please use another.";
break;
case "no":
echo "Incorect login details!";
break;
}
?>
<h2>Register</h2>
To register on <?php echo $config_blogname; ?>, fill out the form below.
<form action="<?php echo $SCRIPT_NAME ?>" method="POST">
<table>
<tr>
<td>Username</td>
<td><input type="text" name="username"></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name="password"></td>
</tr>
<tr>
<td>Re-type Password</td>
<td><input type="password" name="password2"></td>
</tr>
<tr>
<td>First Name</td>
<td><input type="text" name="name"></td>
</tr>
<tr>
<td>Last Name</td>
<td><input type="text" name="lastname"></td>
</tr>
<tr>
<td></td>
<td><input type="submit" value="Register!"></td>
</tr>
</table>
</form>
<?php
}
}
}
require("footer.php");
?>
thanks in advance