Security-flawed script. You should provide two alternative scripts for the most recent sqlsrv_() anyways.
...
$userinput = $_POST['UserInput'];
$username = mysql_escape($userinput);
$passinput = md5($_POST['PassInput']);
$password = mysql_escape($passinput);
...
$sql = "SELECT fields FROM table WHERE user='{$username}' AND pass='{$password}' ";
$result = mysql_query($sql);
...
...
$userinput = $_POST['UserInput'];
$username = mysql_escape($userinput);
$passinput = md5($_POST['PassInput']);
$password = mysql_escape($passinput);
...
$sql = "SELECT fields FROM table WHERE user='{$username}' AND pass='{$password}' ";
$result = mysql_query($sql);
...
<?php
$host = "(local)\\SQLExpress"; // your sql instance
$user = "sa"; // username
$pw = ""; // password
$db = "Auth"; // db
$md5_key = "2011"; // your md5 key
$connect = mssql_connect($host,$user,$pw)
or die("Can't connect to the datebase.");
mssql_select_db($db,$connect)
or die("Can't select the datebase");
?>
<html>
<head>
<title>Register</title>
<center>
<h3 style="color:red">Rappelz : Register Page ( Pls insert more then 4 chars ! )</h3>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
Username : <input type="text" size="20" name="username" /><br />
Password : <input type="password" size="20" name="password" /><br /><br />
<input type="submit" value="Register now !" name="senden" />
</form>
<?php
$usr = $_POST['username'];
$pass = $_POST['password'];
$endPw = $md5_key . $pass;
$md5 = md5($endPw);
$results = mssql_query("SELECT * FROM dbo.Accounts WHERE '$usr' LIKE login_name");
$res = mssql_num_rows($results);
if(strlen($usr) > 4 && strlen($pass) > 4)
{
if($res > 0)
{
echo "Account Exists !";
}
else
{
mssql_query("INSERT INTO dbo.Accounts(login_name,password,block,withdraw_remain_time,age,auth_ok,pcbang,last_login_server_idx,event_code,result) VALUES('$usr','$md5',0,0,18,1,1,1,0,1)");
echo "Registration Success !";
}
}
else
{
echo "Username or Password to small...";
}
?>
</center>
</head>
</html>