-
Register
Can somebody spoof this a little bit
i need email requirement taken out because my source doesn't have email in MySQL
It's a Register Script
PHP Code:
<div class="body">
<?php
if (@$_POST["register"] != "1") {
?>
<div class="title"><?php echo $servername;?> Registration</div>
<center>
<table cellspacing=1 cellpadding=5>
<tr><td class="listtitle" colspan=2><center><span class='title2'></span></center></td></tr>
<form action="?page=register" method="POST">
<tr><td class="list" align="left">Username:</td>
<td class="list"><input type="text" name="musername" maxlength="12"></td></tr>
<tr><td class="list" align="left">Password:</td>
<td class="list"><input type="password" name="mpass" maxlength="30"></td></tr>
<tr><td class="list" align="left">Verify Password: <br><i><font size="1">(Retype your password)</font></i></td>
<td class="list"><input type="password" name="mpwcheck" maxlength="30"></td></tr>
<tr><td class="list" align="left">Email: <br><i><font size="1">(Please fill in a valid email)</font></i></td>
<td class="list"><input type="text" name="memail" maxlength="50"></td></tr>
<tr><td class="list" align="left">Date of Birth: <br><i><font size="1">Ex. 2010-10-23</font></i></td>
<td class="list"><?php include_once("config/parseBirth.php"); echo showDate('month')." ";
echo showDate('day')." "; echo showDate('year'); ?></td></tr>
<tr><td class="listtitle" align="left" colspan=2>
<center><input type="image" src="images/button-register.png" class="submit" name="submit" value=" Register"/>
<input type="hidden" name="register" value="1" /></td></tr></center>
</form>
</table>
</center>
<?php
} else {
if (!isset($_POST["musername"]) OR
!isset($_POST["mpass"]) OR
!isset($_POST["mpwcheck"]) OR
!isset($_POST["memail"])) {
die ("Error: Not all fields complete <br><br><a href='?page=register'>Go back</a>");
}
include('config/init.php');
function checkEmail($mail) {
if(preg_match("/^([.0-9a-z_-]+)@(([0-9a-z-]+\.)+[0-9a-z]{2,4})$/i", $mail)) {
return TRUE;
} else {
return FALSE;
}
}
$username = mysql_real_escape_string($_POST["musername"]);
$password = mysql_real_escape_string($_POST["mpass"]);
$confirm_password = mysql_real_escape_string($_POST["mpwcheck"]);
$email = mysql_real_escape_string($_POST["memail"]);
$birth = mysql_real_escape_string($_POST['year'])."-".mysql_real_escape_string($_POST['month'])."-".mysql_real_escape_string($_POST['day']);
$select_user_result = $database->query("SELECT `id` FROM `accounts` WHERE `name`='".$username."' OR `email`='".$email."' LIMIT 1");
if ($database->rows() > 0) {
$message = "This username or email is already used!<br><br><a href='?page=register'>Go back</a>";
} else if ($password != $confirm_password) {
$message = "Passwords didn't match!<br><br><a href='?page=register'>Go back</a>";
} else if (strlen($password) < 4 || strlen($password) > 12) {
$message = "Your password must be between 4-12 characters<br><br><a href='?page=register'>Go back</a>";
} else if (strlen($username) < 4 || strlen($username) > 12) {
$message = "Your username must be between 4-12 characters<br><br><a href='?page=register'>Go back</a>";
} else if (!checkEmail($email)){
$message = "You have filled in a wrong email address<br><br><a href='?page=register'>Go back</a>";
} else {
$insert_user_query = "INSERT INTO accounts (`name`, `password`, `ip`, `email`, `birthday`) VALUES ('".
$username."', '".hash("sha1", $password)."', '/".$userip."', '".$email."', '".$birth."')";
$database->query($insert_user_query);
$message = "<font color=\"green\">You have successfully registered to $servername !</font>";
}
?>
<center>
Registration
<table cellspacing=1 cellpadding=5>
<?php echo $message; ?>
</table>
<?php
}
?>
</div>
Thank you
-
Re: Register
Add the email to your mysql?
-
Re: Register
PHP Code:
<div class="body">
<?php
if (@$_POST["register"] != "1") {
?>
<div class="title"><?php echo $servername;?> Registration</div>
<center>
<table cellspacing=1 cellpadding=5>
<tr><td class="listtitle" colspan=2><center><span class='title2'></span></center></td></tr>
<form action="?page=register" method="POST">
<tr><td class="list" align="left">Username:</td>
<td class="list"><input type="text" name="musername" maxlength="12"></td></tr>
<tr><td class="list" align="left">Password:</td>
<td class="list"><input type="password" name="mpass" maxlength="30"></td></tr>
<tr><td class="list" align="left">Verify Password: <br><i><font size="1">(Retype your password)</font></i></td>
<td class="list"><input type="password" name="mpwcheck" maxlength="30"></td></tr>
<tr><td class="list" align="left">Date of Birth: <br><i><font size="1">Ex. 2010-10-23</font></i></td>
<td class="list"><?php include_once("config/parseBirth.php"); echo showDate('month')." ";
echo showDate('day')." "; echo showDate('year'); ?></td></tr>
<tr><td class="listtitle" align="left" colspan=2>
<center><input type="image" src="images/button-register.png" class="submit" name="submit" value=" Register"/>
<input type="hidden" name="register" value="1" /></td></tr></center>
</form>
</table>
</center>
<?php
} else {
if (!isset($_POST["musername"]) OR
!isset($_POST["mpass"]) OR
!isset($_POST["mpwcheck"]) OR
die ("Error: Not all fields complete <br><br><a href='?page=register'>Go back</a>");
}
include('config/init.php');
$username = mysql_real_escape_string($_POST["musername"]);
$password = mysql_real_escape_string($_POST["mpass"]);
$confirm_password = mysql_real_escape_string($_POST["mpwcheck"]);
$birth = mysql_real_escape_string($_POST['year'])."-".mysql_real_escape_string($_POST['month'])."-".mysql_real_escape_string($_POST['day']);
$select_user_result = $database->query("SELECT `id` FROM `accounts` WHERE `name`='".$username."' LIMIT 1");
if ($database->rows() > 0) {
$message = "This username or email is already used!<br><br><a href='?page=register'>Go back</a>";
} else if ($password != $confirm_password) {
$message = "Passwords didn't match!<br><br><a href='?page=register'>Go back</a>";
} else if (strlen($password) < 4 || strlen($password) > 12) {
$message = "Your password must be between 4-12 characters<br><br><a href='?page=register'>Go back</a>";
} else if (strlen($username) < 4 || strlen($username) > 12) {
$message = "Your username must be between 4-12 characters<br><br><a href='?page=register'>Go back</a>";
} else {
$insert_user_query = "INSERT INTO accounts (`name`, `password`, `ip`, `birthday`) VALUES ('".
$username."', '".hash("sha1", $password)."', '/".$userip."', '".$birth."')";
$database->query($insert_user_query);
$message = "<font color=\"green\">You have successfully registered to $servername !</font>";
}
?>
<center>
Registration
<table cellspacing=1 cellpadding=5>
<?php echo $message; ?>
</table>
<?php
}
?>
</div>
-
Re: Register
it doesn't show up
nothing on the page shows up when you click register
@Chance
can you change the gtop info
for the link Mapleshuffle -Mike
BUMP !!!
still need help either adding the MySQL or on the register script
-
Re: Register
ALTER TABLE `accounts` ADD COLUMN `email` VARCHAR(45) NOT NULL ;
-
Re: Register
i am still getting a blank page when i try to register
Solved
