<?php// ODBC $DB = "KN_Online";$User = "Knight";$Pass = "Knight";//

1. <?php
2. // ODBC
3. $DB = "KN_Online";
4. $User = "Knight";
5. $Pass = "Knight";
6.  
7. // Function
8. function sanitize($input,$length)
9. {
10.         return substr(htmlentities($input, ENT_QUOTES), 0, $length);
11. }
12.  
13. // Check
14. if (sizeof($_POST))
15.  
16. // Buttons, Text.
17. echo '
18. <div align = "center">
19. <form action = "Register.php" method="post">
20. <div align = "center">ID: <input type="text" name="userid" /></div>
21. <div align = "center">Password: <input type="text" name="pass1" /></div>
22. <div align = "center">Confirm Passowrd: <input type="text" name="pass2" /></div>
23. <div align = "center">Security Code: <input type="text" name="charsil" /></div>
24. <div align = "center">Confirm Security Code: <input type="text" name="charsil1" /></div>
25. <div align = "center">Email: <input type="text" name="email" /></div>
26. <div align = "center">Confirm Email: <input type="text" name="email1" /></div>
27. <div align = "center"><input type = "submit" value = "Register" /></div>
28. </form>
29. </div>
30. ';
31.  
32.  
33.  
34. else
35.  
36. {
37.  
38.  
39. // Posted Data
40. $login = sanitize($_POST['userid'],5);
41.             $pw = sanitize($_POST['pass1'],5);
42.             $c_pw =sanitize($_POST['pass2'],5);
43.             $socNo = sanitize($_POST['charsil'],4);
44.             $socNo2 = sanitize($_POST['charsil1'],4);
45.             $email = sanitize($_POST['email'],25);
46.             $email2 = sanitize($_POST['email1'],25);
47.  
48.  
49.  
50. // Error Codes
51. if ($pw == $c_pw) {
52. echo 'Password Confirmed';
53. die();
54. }
55.  
56. if (empty($login)) {
57. echo 'Fill In Login Field';
58. die();
59. }
60.  
61. if (empty($pw) || empty($c_pw)) {
62. echo 'Fill in Password Field';
63. die();
64. }
65.  
66. if (empty($socNo) || empty($socNo2)) {
67. echo 'Fill In Security Code Field';
68. die();
69. }
70.  
71. if (empty($email) || empty($email2)) {
72. echo 'Fill In Email Field';
73. die();
74. }
75.  
76. // Check For Previous Accounts
77. $msconnect=odbc_connect($DB,$User,$Pass);
78. $stmt = odbc_prepare($msconnect, " select count(*) from TB_User where straccountid = ?");
79. $msresul=odbc_exec($msconnect,$stmt)
80.         $count = odbc_fetch_row ($msresul);
81.  if ($count > 0) deny { // Curious why count would have to be a variable in this?
82.  echo 'Account Name In Use'
83.  die ();
84.  }
85.  
86.  
87. //Registration
88. $stmt = odbc_prepare($msconnect, "INSERT INTO TB_USER (strACcountID, strPasswd, strSocNo, Email) VALUES (?,?,?,?)");
89.     $result = odbc_execute($stmt, array($login,$pw,$socno,$email));
90.  
91. }
92.  
93.  
94.  
95.  
96.  
97.  
98.  
99. ?>