Location: PHPKode > projects > RoseWeb > index.php

// Simple Registration for the RoseOnline private server
// You may edit these files, and re-release them but please give me credit, matt[at]ragezone.com
// You may PM me on RaGEZONE for help with this, or make a thread the in the rose section
// Edit this file VERY carefully

include ('config.php');

echo '<link href="stylesheet.css" rel="stylesheet" type="text/css" />';

mysql_connect($db['host'], $db['user'], $db['pass']);

$registration_form = "<fieldset><legend>Register</legend><center></form><table>
<form action=\"index.php\" method=\"post\">
<tr><td>Username:</td><td><input type=\"text\" name=\"user\"></td></tr>
<tr><td>Password:</td><td><input type=\"password\" name=\"pass\"></td></tr>
<tr><td>Repeat Pass:</td><td><input type=\"password\" name=\"passr\"></td></tr>
<tr><td>Email:</td><td><input type=\"text\" name=\"mail\"></td></tr>
<tr><td>Age:</td><td><input type=\"text\" name=\"age\"></td></tr>
<tr><td></td><td><input type=\"submit\" name=\"submit\" value=\"Register\"></td></tr>

function protect($string)
    $string = mysql_real_escape_string($string);
    $string = strip_tags($string);
    $string = addslashes($string);

    return $string;

if (!isset($_POST['submit'])) {
    echo $registration_form;
} else {
    // Make sure we protect the database from sql injections =O
    $username = protect($_POST['user']);
    $password = md5($_POST['pass']);
    $repeat = protect($_POST['passr']);
    $address = protect($_POST['mail']);
    $age = protect($_POST['age']);

    // Define a new error array
    $error = array();

    // Now check to see if the shiznat is filled in
    if (!$_POST['user']) {
        $error[] = "Username not filled in!";

    if (!$_POST['user']) {
        $error[] = "Password not filled in!";

    if (!$_POST['passr']) {
        $error[] = "Password not filled in!";

    if (!$_POST['mail']) {
        $error[] = "E-Mail address not filled in!";

    // Check to see if the passwords match
    if ($_POST['pass'] != $_POST['passr']) {
        $error[] = "Sorry, but the passwords you have entered do not match.";

    // Check to see if the username is already in use
    $query = mysql_query("SELECT `username` FROM `accounts` WHERE `username` = '{$username}'");
    $get_amount = mysql_num_rows($query);
    if ($get_amount != '0') {
        die('Username is already in use!');

// Check for errors, and insert the data
if (count($error) > 0) {
    foreach ($error as $err) {
        echo $err . "<br>\n";
} else {
    $makemember = mysql_query("INSERT INTO `accounts` (`username`, `password`, `email`) VALUES ('$username', '$password', '$address')");
    if (!$makemember) {
        echo 'Sorry, we cannot register you for some unknown reason, please try again.';
    } else {
        echo 'Congratulations! You are now a member of our server.';
Return current item: RoseWeb