Untitled

<?php
require './conn/connect.php';

//connect to MySQL or return an error
$conn = @mysql_connect($dbhost, $dbuser, $dbpass)
or die('Could not connect , Try it later ...');

//set database name
$dbname = "l2jdb";

//select database or return an error
$dbselect = mysql_select_db("$dbname")
or die ('Could not select database , Try it later ...');

//get username and password info from the form, protecting against SQL injection
$pass = mysql_real_escape_string($_POST["pass"]);
$confirm = mysql_real_escape_string($_POST["confirm"]);
$user = mysql_real_escape_string($_POST["name"]);

if($_POST['submit'])
{
    //validate user input
    if(!preg_match('/^[a-zA-Z0-9]{5,20}$/',$user)) {
    header("Location: account-1.html");
    die();
    die ('Usernames can only contain alphanumeric characters and must be between 5 and 20 characters in length.');
    }

    if(!preg_match('/^[a-zA-Z0-9]{5,20}$/',$pass)) {
    header("Location: account-1.html");
    die();
    die('Passwords can only contain alphanumeric characters and must be between 5 and 20 characters in length.');
    }

    if($pass != $confirm) {
    header("Location: account-1.html");
    die();
    }

    //make sure user doesn't already exist and if it doesn't, add new record to the database
    $result = mysql_query("SELECT login FROM accounts WHERE login='$user'");

    if(mysql_num_rows($result)>0)
    {
        header("Location: account-1.html");
        die();
        die ('Username already exists.');
    }
    else
    {
        mysql_query("INSERT INTO accounts (login, password, accessLevel) VALUES ('".$_POST['name']."', '".base64_encode(pack('H*', sha1($_POST['pass'])))."', 0)")
        or die ('Error: ' . mysql_error());
    }

    //report successful registration
    header("Location: account-5.html");
    echo "Account created successfully.";

    //close MySQL connection
    mysql_close();
}
else
{
    echo "Account Manager for Lineage 2 Avocado<br>Leave This Page :)";
    //close MySQL connection
    mysql_close();
}
?>