Untitled

<?php
function Error($Error)
{
	echo "<center><b><span style='color:#FFFFFF;'>" . $Error . "</span></b></center>";
}
function ConnectMysql()
{
include('functions/configs.php');
	$link=mysql_connect("" . $mysql_host . "","" . $mysql_user . "","" . $mysql_pass . "");

	if(!$link) {
	echo "Cannot connect to database!";
	}else{
	mysql_select_db("". $mysql_db . "",$link);
	}
}

function register()
{
include('functions/configs.php');

if($core == 1) {
	$flags = 2;
		ConnectMysql();
		$user_chars = "#[^a-zA-Z0-9_\-]#";

        if ((empty($_POST["user"]))||(empty($_POST["password"])) ) {
				echo '<script type="text/javascript">window.location = "?pagina=register&error=You did not enter all the required information.";</script>';
        } else {
                $username = strtoupper($_POST["user"]);
                $password = strtoupper($_POST["password"]);
                if (strlen($username) < 3) {
						echo '<script type="text/javascript">window.location = "?pagina=register&error=Username too short.";</script>';
						exit();
                };
                if (strlen($username) > 30) {
						echo '<script type="text/javascript">window.location = "?pagina=register&error=Username too long.";</script>';
						exit();
                };
                if (strlen($password) < 3) {
						echo '<script type="text/javascript">window.location = "?pagina=register&error=Password too short.";</script>';
						exit();
                };
                if (strlen($password) > 30) {
						echo '<script type="text/javascript">window.location = "?pagina=register&error=Password too long.";</script>';
						exit();
                };
                if (preg_match($user_chars,$username)) {
						echo '<script type="text/javascript">window.location = "?pagina=register&error=Username contained illegal characters.";</script>';
						exit();
                };
                if (preg_match($user_chars,$password)) {
						echo '<script type="text/javascript">window.location = "?pagina=register&error=Password contained illegal characters.";</script>';
						exit();
                };
                $username = mysql_real_escape_string($username);
                $password = mysql_real_escape_string($password);
                $qry = mysql_query("SELECT username FROM account WHERE username = '" . $username . "'");
				if (!$qry) {
					echo '<script type="text/javascript">window.location = "?pagina=register&error=Error querying database.";</script>';
					exit();
				};
                if ($existing_username = mysql_fetch_assoc($qry)) {
                        foreach ($existing_username as $key => $value) {
                                $existing_username = $value;
                        };
                };
                $existing_username = strtoupper($existing_username);
                if ($existing_username == strtoupper($_POST['user'])) {
						echo '<script type="text/javascript">window.location = "?pagina=register&error=That username is already taken.";</script>';
						exit();
                };
				unset($qry);
				$sha_pass_hash = sha1(strtoupper($username) . ":" . strtoupper($password));
                $register_sql = "INSERT INTO account (username, sha_pass_hash, expansion) VALUES ('" . $username . "','" . $sha_pass_hash . "','" . $flags . "')";
                $qry = mysql_query($register_sql);
				if (!$qry) {
					echo '<script type="text/javascript">window.location = "?pagina=register&error=Error creating account.";</script>';
					exit();
				};
				echo '<br /><br /><br /><br /><br /><br /><center><span style="color:#FFFFFF;">Account successfully created.<br /></span></center>';
        };

}
}
?>