Notice: this uses MD5 hashing for passwords, to disable it change:
to:Code:statement->bindParam(3, md5($password));
Code:statement->bindParam(3, $password);Credits:Code:<?php $user = 'sa'; $pass = 'password'; $server = 'WIN-69MQRTJIMAS\\SQLEXPRESS'; //host $database = 'GunzDB'; $connectString = sprintf("odbc:Driver={SQL Server};Server={%s};Database={%s};", $server, $database); $pdo = new PDO($connectString, $user, $pass); if (!$pdo) { die("An error has occured while attempting to contact the database.<br />Please try again later."); } function userExists($pdo, $user) { $statement = $pdo->prepare("SELECT COUNT(AID) as total FROM Account WHERE UserID = ?"); $statement->bindParam(1, $user); $statement->execute(); $array = $statement->fetch(); return $array['total'] > 0; } function emailExists($pdo, $email) { $statement = $pdo->prepare("SELECT COUNT(AID) as total FROM Account WHERE Email = ?"); $statement->bindParam(1, $email); $statement->execute(); $array = $statement->fetch(); return $array['total'] > 0; } if (isset($_POST['username'])) { $user = $_POST['username']; $email = $_POST['email']; $password = $_POST['password']; $passwordVer = $_POST['passwordVer']; $name = $_POST['name']; $age = (int)$_POST['age']; $error = ""; $userLen = strlen($user); $passLen = strlen($password); $nameLen = strlen($name); $emailLen = strlen(filter_var($email, FILTER_VALIDATE_EMAIL)); if ($userLen < 4 || $userLen > 12) $error .= "Your username must be within 4 & 12 characters. <br/>"; if ($passLen < 4 || $passLen > 16) $error .= "Your password must be within 4 & 16 characters. <br/>"; if ($password != $passwordVer) $error .= "Your passwords do not match. <br/>"; if ($nameLen < 4 || $nameLen > 64) $error .= "Your name must be within 4 & 64 characters. <br/>"; if (!$emailLen) $error .= "You must use a real email account. <br/>"; if (userExists($pdo, $user)) $error .= "Username is already in-use. <br/>"; if (emailExists($pdo, $email)) $error .= "Email is already in-use. <br/>"; if (!empty($error)) die('<div align="center">'.$error.'</div>'); $statement = $pdo->prepare("INSERT INTO Account(UserID,UGradeID,PGradeID,Email,Name,RegDate) VALUES(?,0,0,?,?,GetDate())"); $statement->bindParam(1, $user); $statement->bindParam(2, $email); $statement->bindParam(3, $name); $statement->execute(); $statement = $pdo->prepare("SELECT @@IDENTITY"); $statement->execute(); $array = $statement->fetch(); $aid = $array[0]; $statement = $pdo->prepare("INSERT INTO Login(AID,UserID,Password) VALUES(?,?,?)"); $statement->bindParam(1, $aid); $statement->bindParam(2, $user); $statement->bindParam(3, md5($password)); $statement->execute(); die('<div align="center"><span style="font-weight: bold; color: red;">Your account has been registererd with the username: '.$user.'.<br/>Please enjoy your stay at Watch The Throne'); } ?> <!DOCTYPE html> <head> <title>GunZ Register Page</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> </head> <body> <div align="center"> <div>Watch The Throne Server:<br></div> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST"> <table> <tr> <td>Username</td> <td><input type="text" name="username" maxlength="25" /></td> </tr> <tr> <td>Password</td> <td><input type="password" name="password" maxlength="25" /></td> </tr> <tr> <td>Password(Verification)</td> <td><input type="password" name="passwordVer" maxlength="25" /></td> </tr> <tr> <td>E-mail</td> <td><input type="text" name="email" maxlength="100" /></td> </tr> <tr> <td>Name</td> <td><input type="text" name="name" maxlength="50" /></td> </tr> <tr> <td>Age</td> <td><input type="text" name="age" maxlength="2" /></td> </tr> <tr> <td align="center" colspan="2"><input type="submit" name="register" value="Register!" /></td> </tr> </table> </form> </div> </body> </html>
Myself
Aaron - for the HTML codez.
Reply With Quote
Originally Posted by maxolahird
