here

1. <?php
2.  
3. // Configuration.
4. // database.
5. $r_db = "realmd";
6. // IP (and port).
7. $ip = "127.0.0.1:3306";
8. // Username.
9. $user = "root";
10. // Password.
11. $pass = "root";
12. // End config.
13.  
14.  
15. $user_chars = "#[^a-zA-Z0-9_\-]#";
16. $email_chars = "/^[^0-9][A-z0-9_]+([.][A-z0-9_]+)*[@][A-z0-9_]+([.][A-z0-9_]+)*[.][A-z]{2,4}$/";
17.  
18. $result;
19. $realmip;
20. $con = @mysql_connect($ip, $user, $pass);
21. if (!$con) {
22. $result = "> Unable to connect to database: " . mysql_error();
23. }
24. else
25. {
26. $qry = @mysql_query("select address from " . mysql_real_escape_string($r_db) . ".realmlist where id = 1", $con);
27. if ($qry)
28. {
29. while ($row = mysql_fetch_assoc($qry))
30. {
31. $realmip = $row['address'];
32. }
33. }
34. if (!empty($_POST)) {
35. if ((empty($_POST["username"]))||(empty($_POST["password"]))||(empty($_POST["email"])))
36. {
37. $result = "> You did not enter all the required information.";
38. }
39. else
40. {
41. $username = strtoupper($_POST["username"]);
42. $password = strtoupper($_POST["password"]);
43. $password2 = strtoupper($_POST["password2"]);
44. $email = strtoupper($_POST["email"]);
45. if (strlen($username) < 4) {
46. $result = "> Username too short.";
47. };
48. if (strlen($username) > 14) {
49. $result = "> Username too long.";
50. };
51. if (strlen($password) < 3) {
52. $result = "> Password too short.";
53. };
54. if (strlen($password) > 12) {
55. $result = "> Password too long.";
56. };
57. if ($password!=$password2) {
58. $result = "> Passwords do not match.";
59. };
60. if (strlen($email) < 10) {
61. $result = "> Email was too short.";
62. };
63. if (strlen($email) > 50) {
64. $result = "> Email was too long.";
65. };
66. if (preg_match($user_chars,$username)) {
67. $result = "> Username contained illegal characters.";
68. };
69. if (preg_match($user_chars,$password)) {
70. $result = "> Password contained illegal characters.";
71. };
72. if (!preg_match($email_chars,$email)) {
73. $result = "> Email was in an incorrect format.";
74. };
75. if (strlen($result) < 1)
76. {
77. $username = mysql_real_escape_string($username);
78. $password = mysql_real_escape_string($password);
79. $email = mysql_real_escape_string($email);
80. unset($qry);
81. $qry = @mysql_query("select username from " . mysql_real_escape_string($r_db) . ".account where username = '" . $username . "'", $con);
82. if (!$qry) {
83. $result = "> Error querying database: " . mysql_error();
84. }
85. else
86. {
87. if ($existing_username = mysql_fetch_assoc($qry)) {
88. foreach ($existing_username as $key => $value) {
89. $existing_username = $value;
90. };
91. };
92. $existing_username = strtoupper($existing_username);
93. if ($existing_username == strtoupper($_POST['username'])) {
94. $result = "> That username is already taken.";
95. }
96. else
97. {
98. unset($qry);
99. $qry = @mysql_query("select email from " . mysql_real_escape_string($r_db) . ".account where email = '" . $email . "'", $con);
100. if (!$qry) {
101. $result = "> Error querying database: " . mysql_error();
102. }
103. else
104. {
105. if ($existing_email = mysql_fetch_assoc($qry)) {
106. foreach ($existing_email as $key => $value) {
107. $existing_email = $value;
108. };
109. };
110. if ($existing_email == strtoupper($_POST['email'])) {
111. $result = "> That email is already in use.";
112. }
113. else
114. {
115. unset($qry);
116. $sha_pass_hash = sha1(strtoupper($username) . ":" . strtoupper($password));
117. $register_sql = "insert into " . mysql_real_escape_string($r_db) . ".account (username, sha_pass_hash, email) values (upper('" . $username . "'),'" . $sha_pass_hash . "','" . $email . "')";
118. $qry = @mysql_query($register_sql, $con);
119. if (!$qry) {
120. $result = "> Error creating account: " . mysql_error();
121. }
122. else
123. {
124. $result = "> Account successfully created.";
125. };
126. };
127. };
128. };
129. };
130. };
131. };
132. };
133. };
134. ?>