Untitled

<?php
if(empty($_SESSION["user"]))
{
$user = htmlspecialchars(addslashes($_REQUEST["username"]));
$pass = addslashes($_REQUEST["passwort"]);
$email = htmlspecialchars(addslashes($_REQUEST["email"]));
$captcha = $_REQUEST["captcha"];
if(!empty($user) AND !empty($pass) AND !empty($email) AND !empty($captcha))
	{
		if(strstr($user, "�") OR strstr($pass, "�") OR strstr($email, "�"))
		{
			echo '<font color="red">Keine Special Char\'s erlaubt!</font>';
			die();
		};

	$exists = mysql_query('SELECT * FROM users WHERE username="'.$user.'" OR email="'.$email.'"');
	if(mysql_num_rows($exists)>0)
		$error = '<font color="red">Benutzername oder Email wird bereits verwendet.</font>';
	else
		{
		if($captcha == $_SESSION["captcha"])
			{
			 mysql_query('INSERT INTO users (username, pass, email, ip) VALUES ("'.$user.'", "'.md6($pass).'", "'.$email.'", "'.$_SERVER["REMOTE_ADDR"].'")');
			 $_SESSION["user"] = $user;
			 $error = '<meta http-equiv="refresh" content="0; url=index.php?id=8"><center><a href="index.php?id=8">Klicken Sie hier falls sie nicht weitergeleitet werden.</a></center>';
			}
		else
		$error = '<font color="red">Captcha falsch.</font>';
		}
	}
else
	if(!empty($user) OR !empty($pass) OR !empty($email) OR !empty($captcha))
	 $error = '<font color="red">Bitte alle Felder ausf�llen.</font>';
?>
<form action="index.php?id=6" method="post">
 <table id="login">
  <tr><td>Benutzername: </td><td><input type="text" name="username"></td></tr>
  <tr><td>Passwort: </td><td><input type="password" name="passwort"></td></tr>
  <tr><td>E-Mail: </td><td><input type="text" name="email"></td></tr>
  <tr><td>Captcha: <?php echo captcha() ?></td><td><input type="text" name="captcha"></td></tr>
  <tr><td></td><td><input type="submit" value="Registrieren"></td></tr>
 </table>
</form>
<?php
}
else
echo'<font color="red">Sie sind bereits eingeloggt.</font>';
?>