Can you do or check the following php script if this scrip is vulnerable of sql injection please, and can you recommend us the right way or some sample on how to to this, I am really suck at PHP scripting.
Thank You in advance
PHP Code:
<?php
function madSafety($string) {
$string = stripslashes($string);
$string = strip_tags($string);
$string = mysql_real_escape_string($string);
return $string;
}
# was there a reCAPTCHA response?
if(isset($_POST['submits']))
{
$conn = mysql_connect("localhost", "root", "password");
$db = mysql_select_db("database");
mysql_select_db($accdb);
$username=$_POST['name'];
$password=$_POST['pass'];
$email=$_POST["email"];
$ip = $_SERVER['REMOTE_ADDR'];
$username = madSafety($username);
$password = madSafety($password);
$email = madSafety($email);
$AllRight = True;
require_once('recaptchalib.php');
// Get a key from https://www.google.com/recaptcha/admin/create
$publickey = "6Ld339MSAAAAAHNQMGcQ35VZW18fqm4iUk5fVIJe";
$privatekey = "6Ld339MSAAAAAEjMoKlss8CJAO_sSURNPm97YZdj";
# the response from reCAPTCHA
$resp = null;
# the error code from reCAPTCHA, if any
$error = null;
$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if ($resp->is_valid)
{
$AllRight = True;
}
else
{
# set the error code so that we can display it
$error = "<tr><FONT COLOR='#0000FF'><FONT SIZE='3'><center>".$resp->error."</center></FONT></FONT></p>";
print "<center>You provided an invalid security code</center>";
$AllRight = False;
}
if(!$username) { print("<center>Account ID Field Empty!</center>"); $AllRight = False; }
else
if(!$pass]) { print("Password Field Empty!"); $AllRight = False;}
else
if(!$pass2]) { print("Confirm Password Field Empty!"); $AllRight = False;}
else
if(!$email]) { print("E-mail Address Field Empty!"); $AllRight = False;}
else
if(!ereg("^[0-9a-z]{4,12}$",$username)) { print("AccountID only letters from \"a\" to \"z\" and numbers, length of 4 to 12 characters"); $AllRight = False; }
else
if(!ereg("^[0-9a-z]{4,14}$",$password)) { print("Password only letters from \"a\" to \"z\" and numbers, length of 4 to 14 characters"); $AllRight = False;}
else
if($_POST["pass"]!=$_POST["pass2"]) { print("Passwords do not match!"); $AllRight = False; }
else
$check = mysql_query("SELECT * FROM accounts WHERE Username = '".$username."'");
if(mysql_num_rows($check) != '0')
{
echo"<center><FONT COLOR='white'>Username <i>'".$username."'</i> is already registered, please use another name.</FONT></center>";
}
else
{
mysql_query('INSERT INTO accounts(Username,Password,Email) VALUES ("'.$username.'","'.$password.'","'.$email.'")') or die(mysql_error());
echo "<center><FONT COLOR='white'>Registered Successfully</FONT></center>";
}
mysql_close($conn);
}
?>