<?php//no reason for session_start, just connect to the db hererequire_once(

1. <?php
2. //no reason for session_start, just connect to the db here
3. require_once("db.php");
4.  
5. //This code runs if the form has been submitted
6. if (isset($_POST['submit'])) {
7.     //mysql_real_escape_string() is used to sanitize the inputs, if you don't people could hack your entire db. :)
8.     $_POST['password'] = mysql_real_escape_string($_POST['password']);
9.     $_POST['password2'] = mysql_real_escape_string($_POST['password2']);
10.     $_POST['username'] = mysql_real_escape_string($_POST['username']);
11.    
12. // same function like before   
13. function enchsetenev($toencode,$times)
14. {
15.     $salt = 's+(_a*';
16.     for($zo=0;$zo<$times;$zo=$zo+1)
17.     {
18.         $toencode = hash('sha512',$salt.$toencode);
19.         $toencode = md5($toencode.$salt);
20.     }
21.     return $toencode;
22. }  
23. $password = enchsetenev("{$_POST['password']}",500);  // if you change the 500, make sure to change it in the login script also BEFORE PEOPLE REGISTER.
24. // change inputs to easier variables
25. $username = $_POST['username'];
26. //This makes sure they did not leave any fields blank
27. if (!$_POST['username'] | !$_POST['password'] | !$_POST['password2']) {
28. echo'<body bgcolor="black" text="white">You did not complete all of the required fields</body>';
29. }
30. // checks if the username is in use
31. if (!POST_magic_quotes_gpc()) {
32. $username = addslashes($username);
33. }
34. $usercheck = $_POST['username'];
35. $check = mysql_query("SELECT username FROM user WHERE username = '{$usercheck}'")
36. or die(mysql_error());
37. $check2 = mysql_num_rows($check);
38.  
39. //if the name exists it gives an error
40. if ($check2 != 0) {
41. echo '<body bgcolor="black" text="white">Sorry, the username '.$_POST['username'].' is already in use.</body>';
42. }
43.  
44. // this makes sure both passwords entered match
45. if ($_POST['password'] != $_POST['password2']) {
46. echo '<body bgcolor="black" text="white">Your passwords did not match. </body>';
47. }
48. // i insert the ip so you can check it if you want.
49. // here you would also ban some guys with certain ips.
50. $ip=$_SERVER['REMOTE_ADDR'];
51. // now we insert it into the database
52. $insert = "INSERT INTO user (username, password,ip)
53. VALUES ('$username', '$password','{$ip}')";
54. $add_member = mysql_query($insert);
55. ?>
56.  
57.  
58. <h1>Registered</h1>
59. <p>Registering Complete<br />
60. <body bgcolor="black" text="white" alink="white" vlink="white" link="white">Thank you, you may now <a href="login.php">Log in</a></body>.</p>
61. <?php
62. }
63. else
64. {
65. ?>
66.  
67. <title> Register</title>
68. <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
69. <table border='1' bordercolor='1166ff' align='center' bgcolor='black'><tr><td>
70. <table border="0">
71. <tr><th><h2 align='center'>Register</h2></th></tr>
72. <tr><td>Username:</td><td>
73. <input type="text" name="username" maxlength="16">
74. </td></tr>
75. <tr><td>Password:</td><td>
76. <input type="password" name="password" maxlength="50">
77. </td></tr>
78. <tr><td>Confirm Password:</td><td>
79. <input type="password" name="password2" maxlength="50">
80. </td></tr>
81. <tr><th colspan=2><input type="submit" name="submit" value="Register"></th></tr> </table></tr></td></table>
82. </form><body bgcolor="black" text="white" link="white" alink="white" vlink="white">
83. <?php
84. }
85. ?>