<?php$limit = 5;$ip = $_SERVER['REMOTE_ADDR'];$times = mysql_query("SELE

1. <?php
2. $limit = 5;
3.  
4. $ip = $_SERVER['REMOTE_ADDR'];
5. $times = mysql_query("SELECT times FROM reglog WHERE ip=$ip");
6. if($times >= $limit){
7. echo "Sorry, you have reached the limit of accounts you can make per IP!";
8. }else{
9. ?><center><h3>Register</font size></h3>
10. <hr />
11. <?php
12. if (array_key_exists('reset', $_POST)) {
13.  
14. function sanitize($value)
15. {
16. if(is_array($value))
17. {
18. $value = array_map('sanitize', $value);
19. }
20. else
21. {
22. if(function_exists("mysql_real_escape_string"))
23. {
24. $value = mysql_real_escape_string($value);
25. }
26. else
27. {
28. $value = addslashes($value);
29. }
30. }
31. return $value;
32. }
33. $_POST = array_map('sanitize', $_POST);
34. $_GET = array_map('sanitize', $_GET);
35. ?>
36.  
37. <?php
38. $name = mysql_real_escape_string($_POST['name']);
39. $pass = mysql_real_escape_string($_POST['pass']);
40. $pass2 = mysql_real_escape_string($_POST['pass2']);
41. $email = mysql_real_escape_string($_POST['email']);
42. $dob = mysql_real_escape_string($_POST['dob']);
43.  
44. print '<title>Registration</title>';
45. $name = $_POST['name'];
46. $pass = $_POST['pass'];
47. $pass2 = $_POST['pass2'];
48. $sel = 'SELECT * FROM accounts WHERE name="'.$_POST['name'].'"';
49. if($name == ""){
50. $message[] = "No username filled in";
51. }if($pass != $pass2){
52. $message[] = "Your passwords do not match!";
53. }elseif(mysql_num_rows(mysql_query($sel)) >= 1 ){
54. $message[] = "This username already exists!";
55. }elseif($pass == ""){
56. $message[] = "No password filled in";
57. }else{
58. $check = 'UPDATE reglog SET times=times WHERE ip=$ip';
59. if($check){
60. $updatetimes = 'UPDATE reglog SET times=time + 1 WHERE ip=$ip';
61. }else{
62. $updatetimes ='INSERT INTO reglog (ip, times) VALUES ($ip, 1)';
63. $d = 'INSERT INTO accounts (name, password, email, birthday) VALUES ("'.sql_sanitize($name).'","'.sql_sanitize($pass).'", "'.sql_sanitize($email).'", "'.sql_sanitize($dob).'")';
64. mysql_query($d) OR die (mysql_error());
65. mysql_query($updatetimes) OR die (mysql_error());
66. echo '<center>Your account has been successfully created. You may now log in</center>' or die(mysql_error());
67. $message[] = "You have successfully registered to <b>$servername.</b>";
68. }
69. }
70. }
71. ?>
72.  
73. <!-- start content -->
74. <div align="center">
75. <div class="display">
76. <?php
77. if (isset($message)) {
78. echo '<ul>';
79. foreach ($message as $item) {
80. echo "<li>$item</li>";
81. }
82. echo '</ul>';
83. }
84. ?>
85. </div>
86. <center>
87. <table cellspacing=1 cellpadding=5>
88. <tr><br>
89. <form id="form1" name="form1" method="post" action="">
90. <tr><td class=list align=left>Username:</td><td class=list><input type=text name=name maxlength="12"></td></tr>
91. <tr><td class=list align=left>Password:</td><td class=list><input type=password name=pass maxlength="30"></td></tr>
92. <tr><td class=list align=left>Confirm:</td><td class=list><input type=password name=pass2 maxlength="30"></td></tr>
93. <tr><td class=list align=left>Email:</td><td class=list><input type=text name=email maxlength="50"></td></tr>
94. <tr><td class=list align=left>Date of Birth: <br><i>Ex. 1988-09-23</i></td><td class=list><input type=text name=dob maxlength="15"></td></tr>
95. <tr><td class=listtitle align=right colspan=2><input type=submit id=reset name=reset value='Register'></td></tr>
96. </form>
97. </table>
98. <br>
99. </center>
100. </div>
101. <?php
102. }
103. ?>