Untitled

<?php include_once 'connect.php'; ?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <link href="style.css" rel="stylesheet" type="text/css" />
        <title>Tutorial MMORPG</title>
    </head>
    <body>
<div id="reg_page">
<?php

function reg_form($max, $maxPass, $player = null, $password=null, $pass2 = null, $email = null, $class = null){
    // Displays the register form when needed.
    echo '<br>
    <div id="reg_form">
    <form method="post" action="register.php">
        Desired Username: <input type="text" name="player" size="'.$max.'" value="'.$player.'"><br>
        Password: <input type="password" name="password" size="'.$maxPass.'" value="'.$password.'"><br>
        Retype Password: <input type="password" name="pass2" size="'.$maxPass.'" value="'.$pass2.'"><br>
        Email Address: <input type="text" name="email" size="55" value="'.$email.'"><br>
        <input type="submit" value="Register">';

    echo "</form>
    </div>";

    echo '<center><a href="./index.php">Back to Homepage</a><center>';

/**
Validate an email address.
Provide email address (raw input)
Returns true if the email address has the email
address format and the domain exists.
*/
function checkEmail($email)
{
   $isValid = true;
   $atIndex = strrpos($email, "@");
   if (is_bool($atIndex) && !$atIndex)
   {
      $isValid = false;
   }
   else
   {
      $domain = substr($email, $atIndex+1);
      $local = substr($email, 0, $atIndex);
      $localLen = strlen($local);
      $domainLen = strlen($domain);
      if ($localLen < 1 || $localLen > 64)
      {
         // local part length exceeded
         $isValid = false;
      }
      else if ($domainLen < 1 || $domainLen > 255)
      {
         // domain part length exceeded
         $isValid = false;
      }
      else if ($local[0] == '.' || $local[$localLen-1] == '.')
      {
         // local part starts or ends with '.'
         $isValid = false;
      }
      else if (preg_match('/\\.\\./', $local))
      {
         // local part has two consecutive dots
         $isValid = false;
      }
      else if (!preg_match('/^[A-Za-z0-9\\-\\.]+$/', $domain))
      {
         // character not valid in domain part
         $isValid = false;
      }
      else if (preg_match('/\\.\\./', $domain))
      {
         // domain part has two consecutive dots
         $isValid = false;
      }
      else if
(!preg_match('/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/',
                 str_replace("\\\\","",$local)))
      {
         // character not valid in local part unless
         // local part is quoted
         if (!preg_match('/^"(\\\\"|[^"])+"$/',
             str_replace("\\\\","",$local)))
         {
            $isValid = false;
         }
      }
      if ($isValid && !(checkdnsrr($domain,"MX") || checkdnsrr($domain,"A")))
      {
         // domain not found in DNS
         $isValid = false;
      }
   }
   return $isValid;
}


if($_POST){
    // Grabbing the information the user filled out.
    $player = strip_tags($_POST['player']);
    $password = $_POST['password'];
    $pass2 = $_POST['pass2'];
    $email = strip_tags($_POST['email']);

    // Here you can change the maximum or minimum number of characters allowed
    // for usernames and passwords. Just change it here and the rest of the code
    // takes care of it.
    $maxNameLength = 30;
    $minNameLength = 4;
    $maxPassLength = 15;
    $minPassLength = 6;


    // Error finder - Checks every possibility in order of importance so that
    //                it only checks or sees errors that matter.
    $completeError = "<ul> \n";
    $errorz = 0;
    if(strlen($player) > $maxNameLength){
        $completeError .= "<li>Username is too long. (".$minNameLength."-".$maxNameLength." character limit)</li> \n";
        $errorz = 1;
    } elseif (strlen($player) < $minNameLength){
        $completeError .= "<li>Username is too short. (".$minNameLength."-".$maxNameLength." character limit)</li> \n";
        $errorz = 1;
    } else {
        $query = "SELECT * FROM players WHERE name='$player'";
        $result = mysql_query($query) or die("Could not query players table");
        $result = mysql_fetch_array($result);
        if($result){
            $completeError .= "<li>Username has already been taken. Please come up with another.</li> \n";
            $errorz = 1;
        }
    }

    if(!$password || !$pass2){
        $completeError .= "<li>You didn't fill out one of the password fields.</li> \n";
        $errorz = 1;
    } elseif (strlen($password) > $maxPassLength) {
        $completeError .= "<li>Your password is too long. (".$minPassLength."-".$maxPassLength." character limit)</li> \n";
        $errorz = 1;
    } elseif (strlen($password) < $minPassLength) {
        $completeError .= "<li>Your password is too short. (".$minPassLength."-".$maxPassLength." character limit)</li> \n";
        $errorz = 1;
    } elseif ($password != $pass2){
        $completeError .= "<li>Your passwords do not match.</li> \n";
        $errorz = 1;
    }

    if (!$email){
        $completeError .= "<li>You didn't fill in your email address.</li> \n";
        $errorz = 1;
    } elseif (!checkEmail($email)){
        $completeError .= "<li>You did not enter a valid email address.</li> \n";
        $errorz = 1;
    } else {
        $query = "SELECT * FROM players WHERE email='$email'";
        $result = mysql_query($query) or die("Not able to query for email");
        $result = mysql_fetch_array($result);
        if($result){
            $completeError .= "<li>Someone has already registered with that email address.</li> \n";
            $errorz = 1;
        }
    }
    $completeError .= "</ul> \n";
    // END ERROR FINDER


    // Error handler - Either displays errors with the register form or just
    //                 registers the user
    if ($errorz){
        echo "<div id='reg_error'>The following error(s) occurred: \n";
        echo $completeError;
        echo "</div>";
        reg_form($maxNameLength,$maxPassLength,$player,$password,$pass2,$email,$classchoice);
    } else {
        $password=md5($password);

        // Class query - Get rid of this if you don't use the classes
        $query = "SELECT * from classes where name='$classchoice'";
        $result = mysql_query($query) or die("Could not query classes");
        $result = mysql_fetch_array($result);
        $att = $result['attack'];
        $def = $result['defense'];
        $hp  = $result['hpoints'];
        $sp  = $result['spoints'];
        $cname = $result['name'];
        // END CLASS QUERY

        // This inserts the data into the database. If you took out classes or
        // changed stuff about the players table then make sure you have the
        // correct variables and such here.
        $SQL = "INSERT INTO players(name, password, email, level, exper, location, attack, defense, hpoints, maxhp, spoints, maxspoints,pclass)
        VALUES ('$player','$password','$email','1','0','Crocania','$result[attack]','$result[defense]','$result[hpoints]','$result[hpoints]','$result[spoints]','$result[spoints]','$result[name]')";

        mysql_query($SQL) or die("could not register");
        echo "Successfully registered!";
        echo "<br><a href='./index.php'>Go back to login</a>";
    }
    // END ERROR HANDLER

} else {
    // What happens when you first enter the page
    reg_form($maxNameLength,$maxPassLength);
}


?>
</div>
    </body>
</html>