Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <p>
- <?php
- require('db.php');
- $email = $_POST['email'];
- $email = strip_tags($email);
- function checkEmail($email) {
- // checks proper syntax
- if(preg_match("/^( [a-zA-Z0-9] )+( [a-zA-Z0-9._-] )*@( [a-zA-Z0-9_-] )+( [a-zA-Z0-9._-] +)+$/" , $email)) {
- // gets domain name
- list($username,$domain)=split('@',$email);
- // checks for if MX records in the DNS
- if(!checkdnsrr($domain, 'MX')) {
- return false;
- }
- // attempts a socket connection to mail server
- if(!fsockopen($domain,25,$errno,$errstr,30)) {
- return false;
- }
- return true;
- }
- return false;
- }
- $username = $_POST['username'];
- $password = $_POST['password'];
- $planet = $_POST['planet'];
- $title = $_POST['title'];
- $password2 = $_POST['password2'];
- $confirm = $_POST['confirm'];
- //define input as variables
- $username = mysql_real_escape_string($username);
- $title = mysql_real_escape_string($title);
- $planet = mysql_real_escape_string($planet);
- $password = mysql_real_escape_string($password);
- $password2 = mysql_real_escape_string($password2);
- $confirm = mysql_real_escape_string($confirm);
- //make safe for database input
- $username = strip_tags($username);
- $password = strip_tags($password);
- $password2 = strip_tags($password2);
- $confirm = strip_tags($confirm);
- //redundant html tag remover for added security
- $row = mysql_query("SELECT * FROM members WHERE username='$username'");
- $user = mysql_fetch_row($row);
- //check username
- $row1 = mysql_query("SELECT * FROM members WHERE planet='$planet'");
- $user1 = mysql_fetch_row($row1);
- //check planet
- //now check for errors in input
- if($password != $password2) {
- $error = "Passwords do not match";
- exit($error);
- } elseif($email == null) {
- $error = "You did not enter an e-mail address";
- exit($error);
- } elseif($username == null) {
- $error = "You did not enter a username";
- exit($error);
- } elseif($planet == null) {
- $error = "You did not enter a planet name";
- exit($error);
- } elseif($title == null) {
- $error = "You did not enter a title";
- exit($error);
- } elseif(strlen($title) > 10) {
- $error = "Your title is too long";
- exit($error);
- } elseif(strlen($planet) > 20) {
- $error = "Your planet name is over 20 characters";
- exit($error);
- } elseif(strlen($planet) < 6) {
- $error = "Your planet name is under 6 characters";
- exit($error);
- } elseif($password == null) {
- $error = "You did not enter a password";
- exit($error);
- } elseif(strlen($username) > 20) {
- $error = "Your username is over 20 characters";
- exit($error);
- } elseif(strlen($username) < 5) {
- $error = "Your username is under 5 characters";
- exit($error);
- } elseif(strlen($password) < 6) {
- $error = "Your password must be at least 6 characters";
- exit($error);
- } elseif(strlen($password) > 20) {
- $error = "Your password cannot be longer than 20 characters";
- exit($error);
- } elseif($confirm != 15) {
- $error = "You entered a wrong confirmation number";
- exit($error);
- } elseif($user != 0) {
- $error = "That username is already taken";
- exit($error);
- } elseif($user1 != 0) {
- $error = "That planet name has already been taken";
- exit($error);
- } else {
- $email = trim($_POST['email']);
- if(!checkEmail($email)) {
- $error = "Invalid email address";
- exit($error);
- }
- $hab = rand(0,3);
- if($hab == 0)
- $habitat = "Frozen";
- elseif($hab == 1)
- $habitat = "Molten";
- elseif($hab == 2)
- $habitat = "Desert";
- elseif($hab == 3)
- $habitat = "Terran";
- $password = md5($password);
- //encode password
- mysql_query("INSERT INTO members (ip, username, password, email, planet, title, habitat) VALUES ('$ip', '$username', '$password', '$email', '$planet', '$title', '$habitat')");
- echo "You have successfully registered. You may now <a href='index.php?id=login'>login</a>.";
- mysql_close($con);
- }
- ?>
- </p>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement