Untitled

<?php

require_once("config.php");

if (!isset ($_POST['submit'])) { ?>

<html>
	<head>
		<title>Register</title>
		<style type="text/css">
		background { background: #f2f2f2; font-family: Arial, sans-serif;}
		form { padding: 10px; background: #222; color: #fff; font-size: 16px; font-family: Arial, sans-serif; }
		.center { margin-left: auto; margin-right: auto; max-width: 450px; }
		</style>
	</head>
	<body>
		<div class="center">
		<form action="register.php" method="post">
		First Name: <input type="text" name="firstname" value="" /><br>
		Last Name: <input type="text" name="lastname" value="" /><br>
		Username: <input type="text" name="username" value="" /><br>
		Password: <input type="password" name="password" value="" /><br>
		Verify Password: <input type="password" name="verify" value="" /><br>
		<input type="submit" name="submit" />
		</form>
		</div>
	</body>
</html>

<?php }

	if (isset($_POST['submit'])) {

	// define variables
	$username = $_POST['username'];
	$firstname = $_POST['firstname'];
	$lastname = $_POST['lastname'];
	$password = $_POST['password'];
	$verify = $_POST['verify'];

	function checkEmpty($empty) {
	if (empty($empty))
		echo "<strong style=\"color:#ff0000;\">Field Required</strong>"; }

	if (empty($username) || empty($firstname) || empty($lastname) || empty($password) || empty($verify)) { ?>

			<html>
				<head>
					<title>Register</title>
					<style type="text/css">
					background { background: #f2f2f2; font-family: Arial, sans-serif;}
					form { padding: 10px; background: #222; color: #fff; font-size: 16px; font-family: Arial, sans-serif; }
					.center { margin-left: auto; margin-right: auto; max-width: 450px; }
					</style>
				</head>
				<body>
					<div class="center">
					<form action="register.php" method="post">
					First Name: <input type="text" name="firstname" value="<?php echo "$firstname"; ?>" /> <?php checkEmpty("$firstname"); ?><br>
					Last Name: <input type="text" name="lastname" value="<?php echo "$lastname"; ?>" /> <?php checkEmpty("$lastname"); ?><br>
					Username: <input type="text" name="username" value="<?php echo "$username"; ?>" /> <?php checkEmpty("$username"); ?><br>
					Password: <input type="password" name="password" value="<?php echo "$password"; ?>" /> <?php checkEmpty("$password"); ?><br>
					Verify Password: <input type="password" name="verify" value="<?php echo "$verify"; ?>" /> <?php checkEmpty("$verify"); ?><br>
					<input type="submit" name="submit" />
					</form>
					</div>
				</body>
			</html>

<?php }

	else {

function cleanQuery($string)
{
	$badWords = array("/delete/i", "/update/i","/union/i","/insert/i","/drop/i","/http/i","/--/i");
	$string = preg_replace($badWords, "", $string);

	if(get_magic_quotes_gpc())
		$string = stripslashes($string);
	if (phpversion() >= '4.3.0')
		$string = mysql_real_escape_string($string);
	else
		$string = mysql_escape_string($string);

	return $string;
}

$username = cleanQuery($_POST['username']);
$password = cleanQuery($_POST['password']);
$firstname = ereg_replace("[^A-Za-z]", "", $_POST['firstname']);
$lastname = ereg_replace("[^A-Za-z]", "", $_POST['lastname']);
$mod_username = ereg_replace("[^A-Za-z0-9]", "", $username);
$ip = $_SERVER[REMOTE_ADDR];

	$query = mysql_query("INSERT INTO users (username,password,ip,firstname,lastname) VALUES ('$mod_username','".md5($password)."','$ip','$firstname','$lastname')") or die ("Registration Failed.");

	echo "Welcome $_POST[username]! You've been successfully reigstered!<br /><br />
		please login <a href='login.php'><b>here</b></a>.";

		exit();
		}
		}

?>