index.php
Code:
!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<style type="text/css">
<!--
body,td,th {
color: #000000;
}
a:link {
color: #000000;
text-decoration: none;
}
a:visited {
text-decoration: none;
color: #000000;
}
a:hover {
text-decoration: none;
color: #000000;
}
a:active {
text-decoration: none;
color: #000000;
}
-->
</style></head>
<body>
<div align="center">
<p><a href="index.php"><img src="CO_logo.png" width="190" height="84" border="0" /></a></p>
<form id="form1" name="form1" method="post" action="">
<strong>Username</strong><br />
<label>
<input type="text" name="username" id="username" />
<br />
<strong>Password</strong></label>
<br />
<input type="password" name="password" id="password" />
<br />
<strong>Email Address </strong>
<br />
<input type="text" name="emailaddress" id="emailaddress" />
<br />
<strong>Secret Number (Used for recovering)</strong><br />
<input type="text" name="secretnumber" id="secretnumber" />
<br />
<br />
<label>
<input type="submit" name="register" id="register" value="Continue" />
</label>
<br />
</form>
</div>
</body>
</html>
<?php
function isValidEmail($value){
$pattern = "/^([a-zA-Z0-9])+([\.a-zA-Z0-9_-])*@([a-zA-Z0-9_-])+(\.[a-zA-Z0-9_-]+)+/";
return preg_match($pattern, $value);
}
error_reporting(0);
include("settings.php");
echo "<title>".$settings_title."</title>";
$con = mysql_connect($settings_sqlhost,$settings_username,$settings_password);
mysql_select_db($settings_database, $con);
$res = mysql_query("SELECT count(*) FROM accounts;");
$val = mysql_fetch_array($res);
echo("<br /><br /><center><font size='2'><u>Total Accounts Created: ".$val[0]."</u><font></center>");
if(isset($_POST['register']))
{
if(!empty($_POST['username']) && !empty($_POST['password']) && !empty($_POST['emailaddress']) && !empty($_POST['secretnumber']))
{
if($con)
{
if(isValidEmail($_POST['emailaddress']))
{
if(is_numeric($_POST['secretnumber']))
{
$check = mysql_query("SELECT * FROM accounts WHERE AccountID = '".$_POST['username']."'");
if(mysql_num_rows($check) != '0')
{
die("<br /><center>Username <i>'".$_POST['username']."'</i> is already registered, please use another name.</center>");
}
else
{
mysql_query("INSERT INTO accounts (AccountID, Email, SecretNumber) VALUES ('".$_POST['username']."', '".$_POST['emailaddress']."', '".$_POST['secretnumber']."')");
echo("<br /><center>Username <i>'".$_POST['username']."'</i> successfully created.</center>");
}
}
else
{
die("<br /><center>The secret number you entered is not a number, please try again.</center>");
}
}
else
{
die("<br /><center>The email address you entered is not correct, please try again.</center>");
}
}
else
{
die("<br /><center>Failed to connect to database.</center>");
}
}
else
{
die("<br /><center>One or more fields missing, please try again.</center>");
}
}
?>
Settings.php
Code:
<?php
//Mysql Settings
$settings_sqlhost = "localhost";
$settings_username = "root";
$settings_password = "PASSWORD";
$settings_database = "conqueremu";
//Other
$settings_title = "Conquer Registration";
?>