Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <div id="maincontent">
- <h1>WoW Registration Form</h1>
- <p>Please fill out the form below to create a new account. Note by clicking "Create Account" you are agreeing to the rules outlined <a href="insert_rules_page">here.</a></p>
- <br />
- <div id="reg">
- <form method="post" action="insert.php">
- Username:<br />
- <input name="username" type="text" maxlength="14" />
- <br /><br />
- Password:<br />
- <input name="pw" type="password" maxlength="12" />
- <br /><br />
- Email:<br />
- <input name="email" type="text" maxlength="50" />
- <br /><br />
- <input name="tbc" type="checkbox" checked="checked" /> TBC <br />
- <br /><br />
- <br />
- <br />
- <input name="Submit" type="submit" value="Create Account" />
- </form>
- <br />
- </div><!--reg-->
- </div><!--MainContent-->
- --------------------------------
- insert.php file
- ---------------------------------
- <?php
- // Configuration.
- // Realm database.
- $r_db = "realmd";
- // IP (and port).
- $ip = "localhost:3306";
- // Username.
- $user = "trinity";
- // Password.
- $pass = "trinity";
- function error_s($text) {
- echo("<p>" . $text);
- };
- $user_chars = "#[^a-zA-Z0-9_\-]#";
- $email_chars = "/^[^0-9][A-z0-9_]+([.][A-z0-9_]+)*[@][A-z0-9_]+([.][A-z0-9_]+)*[.][A-z]{2,4}$/";
- if ( !isset($_POST['username']) || !isset($_POST['pw']) || !isset($_POST['email']) )
- {
- echo "User/Pass/Email not passed.";
- return;
- }
- $con = @mysql_connect($ip, $user, $pass);
- if (!$con) {
- error_s("Unable to connect to database: " . mysql_error());
- };
- if (!empty($_POST)) {
- if ((empty($_POST["username"]))||(empty($_POST["pw"]))||(empty($_POST["email"]))||(empty($_POST["tbc"])) ) {
- error_s("You did not enter all the required information.");
- exit();
- } else {
- $username = strtoupper($_POST["username"]);
- $pw = strtoupper($_POST["pw"]);
- $email = strtoupper($_POST["email"]);
- if (strlen($username) < 5) {
- error_s("Username too short.");
- exit();
- };
- if (strlen($username) > 14) {
- error_s("Username too long.");
- exit();
- };
- if (strlen($pw) < 6) {
- error_s("Password too short.");
- exit();
- };
- if (strlen($pw) > 12) {
- error_s("Password too long.");
- exit();
- };
- if (strlen($email) < 10) {
- error_s("Email was too short.");
- exit();
- };
- if (strlen($email) > 50) {
- error_s("Email was too long.");
- exit();
- };
- if (preg_match($user_chars,$username)) {
- error_s("Username contained illegal characters.");
- exit();
- };
- if (preg_match($user_chars,$pw)) {
- error_s("Password contained illegal characters.");
- exit();
- };
- if (!preg_match($email_chars,$email)) {
- error_s("Email was in an incorrect format.");
- exit();
- };
- if ($_POST['tbc'] != "on") {
- $tbc = "0";
- } else {
- $tbc = "1";
- };
- $username = mysql_real_escape_string($username);
- $pw = mysql_real_escape_string($pw);
- $email = mysql_real_escape_string($email);
- $qry = @mysql_query("select username from " . mysql_real_escape_string($r_db) . ".account where username = '" . $username . "'", $con);
- if (!$qry) {
- error_s("Error querying database: " . mysql_error());
- };
- if ($existing_username = mysql_fetch_assoc($qry)) {
- foreach ($existing_username as $key => $value) {
- $existing_username = $value;
- };
- };
- $existing_username = strtoupper($existing_username);
- if ($existing_username == strtoupper($_POST['username'])) {
- error_s("That username is already taken.");
- exit();
- };
- unset($qry);
- $qry = @mysql_query("select email from " . mysql_real_escape_string($r_db) . ".account where email = '" . $email . "'", $con);
- if (!$qry) {
- error_s("Error querying database: " . mysql_error());
- };
- if ($existing_email = mysql_fetch_assoc($qry)) {
- foreach ($existing_email as $key => $value) {
- $existing_email = $value;
- };
- };
- if ($existing_email == $_POST['email']) {
- error_s("That email is already in use.");
- exit();
- };
- unset($qry);
- $sha_pass_hash = sha1(strtoupper($username) . ":" . strtoupper($pw));
- $register_sql = "insert into " . mysql_real_escape_string($r_db) . ".account (username, sha_pass_hash, email, expansion) values (upper('" . $username . "'),'" . $sha_pass_hash . "','" . $email . "','" . $tbc . "')";
- $qry = @mysql_query($register_sql, $con);
- if (!$qry) {
- error_s("Error creating account: " . mysql_error());
- };
- echo("Account successfully created.");
- exit();
- };
- } else {
- echo($page);
- };
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement