Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require_once 'sqllogin.php';
- require_once 'passhash.php';
- echo <<< _END
- <html>
- <head>
- <title>Index</title>
- </head>
- <body>
- <form method='post' action='index.php'>
- Name: <input type='text' name='name' size='10' maxlength='64' /> <br />
- Email address: <input type='text' name='email' size='10' maxlength='254' /> <br />
- Password: <input type='password' name='password' / size='10'> <br />
- Friend code: <input type='text' name='friend1' size='4' maxlength='4' />-<input type='text' name='friend2' size='4' maxlength='4' /><input type='text' name='friend3' size='4' maxlength='4' /><br />
- <input type="submit" value="Submit" />
- </form>
- _END;
- $db_server = connect();
- mysql_select_db($db_database) or die("Unable to select db: " . mysql_error());
- if (isset($_GET['deleteid'])) {
- $delete = $_GET['deleteid'];
- $delete = mysql_escape_string($delete);
- $deletesql = "DELETE FROM users WHERE uid=" . $delete;
- $deleted = mysql_query($deletesql);
- if (!$deleted) die ("Database error: " . mysql_error());
- }
- if(isset($_POST['name']) &&
- isset($_POST['email']) &&
- isset($_POST['password']) &&
- isset($_POST['friend1']) &&
- isset($_POST['friend2']) &&
- isset($_POST['friend3']))
- {
- $name = $_POST['name'];
- $email = $_POST['email'];
- $password = $_POST['password'];
- $friendcode = $_POST['friend1'] . "-" . $_POST['friend2'] . "-" . $_POST['friend3'];
- if (!(strlen($friendcode == 15))) {
- $friendcode = "0000-0000-0000";
- }
- $friendcode = mysql_escape_string($friendcode);
- $password = mysql_escape_string($password);
- $email = mysql_escape_string($email);
- $name = mysql_escape_string($name);
- $insert = "INSERT INTO users (friendcode, emailaddress, name) VALUES ('" . $friendcode . "', '" . $email . "', '" . $name . "')";
- $inserted = mysql_query($insert);
- if (!$inserted) die ("Database error:" . mysql_error());
- $id = mysql_insert_id();
- $password = passhash($password, $id);
- $insert = "UPDATE users SET pass='" . $password . "' WHERE uid='" + $id . "'";
- $inserted = mysql_query($insert);
- if (!$inserted) die ("Database error:" . mysql_error());
- }
- $returned = mysql_query("SELECT uid,friendcode,emailaddress,name,pass FROM users;");
- if (!$returned) die ("Database error:" . mysql_error());
- $rows = mysql_num_rows($returned);
- for ($j = 0; $j < $rows; ++$j) {
- $row = mysql_fetch_row($returned);
- echo "Name: " . $row[3] . "<br />";
- echo "Email Address: " . $row[2] . "<br />";
- echo "UserID: " . $row[0] . "<br />";
- echo "Friend Code: " . $row[1] . "<br />";
- $link = "<a href='index.php?deleteid=" . $row[0] . "'>Delete</a> <br /><br />";
- echo $link;
- }
- mysql_close($db_server);
- echo "</body></html>";
- ?>
Add Comment
Please, Sign In to add comment