<?php require_once('dbconnect.php'); $username = mysql_real_escape_string

1. <?php
2.     require_once('dbconnect.php');
3.    
4.     $username = mysql_real_escape_string($_POST['username']);
5.     $password = md5(mysql_real_escape_string($_POST['password']));
6.     $error = NULL;
7.    
8.     if((!isset($username)) || (!isset($password))){
9.         echo "Please fill in all fields";
10.         echo "<br><a href='../register.php'>Go Back</a>";
11.         $error = 1;
12.         exit();
13.     }
14.     if(!filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL)) {
15.         echo "Please enter a valid email address";
16.         echo "<br><a href='../register.php'>Go Back</a>";
17.     } else
18.         $email = $_POST['email'];
19.    
20.     $sql = mysql_query("SELECT * FROM `users` WHERE username='$username'");
21.     $sql2 = mysql_query("SELECT * FROM `users` WHERE email = '$email'");
22.    
23.     if(mysql_num_rows($sql2) != 0){
24.         echo "Email address is already registered";
25.         echo "<br><a href='../register.php'>Go Back</a>";
26.         $error = 1;
27.         exit();
28.     }
29.    
30.     if(mysql_num_rows($sql) != 0){
31.         echo "Username already exists";
32.         echo "<br><a href='../register.php'>Go Back</a>";
33.         $error = 1;
34.         exit();
35.     }
36.    
37.     if($error == 1){
38.         exit();
39.     }
40.    
41.     $sql3 = mysql_query("INSERT INTO `users` VALUES ('','$username','$password','$email')");
42.     if($sql3){
43.         echo "Thank you, you have been registered";
44.         echo "<br><a href='../index.php'>Login</a>";
45.     } else {
46.         echo "There was an error";
47.         echo "<br><a href='../register.php'>Go Back</a>";
48.     }
49. ?>