Untitled

<?php
if (@$_POST["register"] != "1") {
?>
<div id="main">
<center>
<div class="h3">Registration</div>
<div class="mainbox">
<table cellspacing=1 cellpadding=5>
<tr><td class="listtitle" colspan=2><center><span class='title2'></span></center></td></tr>
<form action="?page=register" method="POST">
<tr><td class="list" align="left">Username:</td>
<td class="list"><input type="text" name="musername" maxlength="12"></td></tr>

<tr><td class="list" align="left">Password:</td>
<td class="list"><input type="password" name="mpass" maxlength="30"></td></tr>

<tr><td class="list" align="left">Verify Password: <br><i>(Retype your password)</i></td>
<td class="list"><input type="password" name="mpwcheck" maxlength="30"></td></tr>

<tr><td class="list" align="left">Email: <br><i>(Please fill in a valid email)</i></td>
<td class="list"><input type="text" name="memail" maxlength="50"></td></tr>

<tr><td class="list" align="left">Date of Birth: <br><i>Ex. 2010-10-23</i></td>
<td class="list"><?php include_once("config/parseBirth.php"); echo showDate('month')."&nbsp;";
echo showDate('day')."&nbsp;"; echo showDate('year'); ?></td></tr>

<tr><td class="list" align="left">Captcha: <br><i>(Retype the code in the image)</i></td>
<td class="list"><img src="config/captcha.php" alt="Captcha" /><br />
<input class="fieldlong" type="text" name="mcaptcha" />
</td></tr>

<tr><td class="listtitle" align="left" colspan=2>
<center><input type="image" src="images/button-register.png" class="submit" name="submit" value=" Register"/>
<input type="hidden" name="register" value="1" /></td></tr></center>

</form>
</table>
</div>
</center>
</div>
<?php
} else {
	if (!isset($_POST["musername"]) OR
		!isset($_POST["mpass"]) OR
		!isset($_POST["mpwcheck"]) OR
		!isset($_POST["memail"]) OR
		!isset($_POST["mcaptcha"])) {
		die ("Error: Not all fields complete");
	}

	include('config/init.php');

	function checkEmail($mail) {
		if(preg_match("/^([.0-9a-z_-]+)@(([0-9a-z-]+\.)+[0-9a-z]{2,4})$/i", $mail)) {
			return TRUE;
		} else {
			return FALSE;
		}
	}

	$username = mysql_real_escape_string($_POST["musername"]);
	$password = mysql_real_escape_string($_POST["mpass"]);
	$confirm_password = mysql_real_escape_string($_POST["mpwcheck"]);
	$email = mysql_real_escape_string($_POST["memail"]);
	$captcha = mysql_real_escape_string($_POST["mcaptcha"]);
	$birth = mysql_real_escape_string($_POST['year'])."-".mysql_real_escape_string($_POST['month'])."-".mysql_real_escape_string($_POST['day']);

	$select_user_result = $database->query("SELECT `id` FROM `accounts` WHERE `name`='".$username."' OR `email`='".$email."' LIMIT 1");
	if ($database->rows() > 0) {
		$message = "This username or email is already used!";
	} else if ($password != $confirm_password) {
		$message = "Passwords didn't match!";
	} else if (strlen($password) < 4 || strlen($password) > 12) {
		$message = "Your password must be between 4-12 characters";
	} else if (strlen($username) < 4 || strlen($username) > 12) {
		$message = "Your username must be between 4-12 characters";
	} else if (!checkEmail($email)){
		$message = "You have filled in a wrong email address";
	} else if($captcha != $_SESSION['captcha_code']){
		$message = "The entered captcha is not valid!";
	} else {
		$insert_user_query = "INSERT INTO accounts (`name`, `password`, `email`, `birthday`) VALUES ('".
			$username."', '".hash("sha1", $password)."', '".$email."', '".$birth."')";
		$database->query($insert_user_query);
		$message = "<font color=\"green\">You have successfully registered to $servername !</font>";
	}
	?>
		<div id="main">
		<center>
		<div class="h3">Registration</div>
		<div class="mainbox">
		<table cellspacing=1 cellpadding=5>
		<?php echo $message; ?>
		</table>
		</div>
		</div>
<?php
}
?>