<?/** * Process.php */ include("database.php"); /** process form */

1. <?
2. /**
3. * Process.php
4. */
5.  
6. include("database.php");
7. /** process form */
8. /** really shouldnt use posts but u can always sanitize them */
9.  
10. $subuser = $_POST["username"];
11. $subfirst = $_POST["firstname"];
12. $subsurname = $_POST["surname"];
13. $subpassword = $_POST["password"];
14.  
15. /* check username is taken */
16.  
17.  
18. /* Username error checking */
19. $field = "username";
20. if(!$subuser || strlen($subuser = trim($subuser)) == 0){
21. // $form->setError($field, "* Username not entered");
22. }
23. else{
24. /* Spruce up username, check length */
25. $subuser = stripslashes($subuser);
26. if(strlen($subuser) < 4){
27. // $form->setError($field, "* Username below 4 characters");
28. }
29. else if(strlen($subuser) > 30){
30. // $form->setError($field, "* Username above 30 characters");
31. }
32. /* Check if username is not alphanumeric */
33. else if(!eregi("^([0-9a-z])+$", $subuser)){
34. // $form->setError($field, "* Username not alphanumeric");
35. }
36. /* Check if username is already in use
37. else if(usernameTaken($subuser)){
38. $form->setError($field, "* Username already in use");
39. } */
40. }
41. $num_errors = 0;
42. /* Errors exist, have user correct them */
43. if($num_errors > 0){
44. return 1; //Errors with form
45. }
46. /* No errors, add the new account to the database*/
47. else{
48. $q = mysql_query ("INSERT INTO users (username, firstname, surname, password) VALUES ('$subuser', '$subfirst', '$subsurname', '$subpassword')"); echo mysql_error();
49. $success = 1;
50.  
51. if ($success == 1) { echo "User Added"; }
52. else echo "Error";
53. // re direct to form.php
54. }
55.  
56. ?>