Untitled

register.php-

<table width="294" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#FFFFFF" bordercolor="#FFFFFF">
<tr>
<form name="form1" method="post" action="index.php?id=register_send">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#CCCCCC" bordercolor="#66FF33">
<tr>
<td colspan="3"><center><strong>Geckoville Registration</strong></center></td>
</tr>
<tr>
<td width="78"><div align=right>Username: </align></td>
<td width="294"><input name="myusername" type="text" id="uname"></td>
</tr>
<tr>
<td><div align=right>Password: </align></td>
<td><input name="mypassword" type="password" id="pwd"></td>
</tr>
<tr>
<td><div align=right>Confirm Password: </align></td>
<td><input name="mypassword" type="password" id="pwd2"></td>
</tr>
<tr>
<td colspan="3"><center><input type="submit" name="Register!" value="submit"></center></td>
</tr>
</table>
</td>
</form>
</tr>
</table>

register_send.php-

<?php
require('db.php');
if(isset($_POST['submit']))
{
unset($_POST['submit']);
if(!isset($_POST['uname'])) {
echo "You did not enter a Username.";
mysql_close($con);
} elseif(!isset($_POST['pwd'])) {
echo "You did not enter a password.";
mysql_close($con);
} elseif(!isset($_POST['pwd2'])) {
echo "You need to confirm your password.";
mysql_close($con);
} elseif($_POST['pwd'] != $_POST['pwd2']) {
echo "Your passwords do not match.";
mysql_close($con);
}
}
$sql = "SELECT * FROM members WHERE username = '.$_POST[uname].'";
$result = mysql_query($sql,$con);
$ucheck = mysql_num_rows($result);
if($ucheck != 0) {
echo "Sorry, that username is taken. Please press the back button and choose another.";
} else {
$uname = mysql_real_escape_string($_POST['uname']);
$pwd = mysql_real_escape_string($_POST['pwd']);
$pwd2 = mysql_real_escape_string($_POST['pwd2']);
mysql_query("INSERT INTO members (username, password) VALUES ($uname, $pwd)");
mysql_close($con);
echo "You have successfully registered.";
}
?>