Quote:
Originally Posted by gedimazs
How do you think people can help you when they don't see your whole code? How do they know what is in you 5th line or 18th and etc.
|
<?php
require_once "config.inc.php";
if(isset($_SESSION[step2]) && isset($_POST[step2])) {
//ÌáÈ¡µÄ×îºóÒ»²½
$errorStr = formStep3();
if($errorStr!=null){
require_once('register.html');
}else{
require_once('success.html');
$suc=$success;
unset($_SESSION[step2], $_SESSION[step1]);
}}
else {
//×¢²áµÄµÚ¶þ²½
require_once('register.html');
$_SESSION[step2] = 1; }
//ÅжÏÓû§Ìá½»µÄ±íµ¥µÄÊý¾ÝµÄ ׼ȷÐÔ ºÍ ±£´æÌá½»Êý¾Ý µÄº¯Êý
function formStep3(){
$errors = array();
$errorStr = null;
//²éѯÓû§ÃûÊÇ·ñ´æÔÚ
$strSql="select * from Tbl_user where user_id='$_POST[username]'";
if ($_POST[ZoneGroup]=="zone1") {
$account_odbc = odbc_connect('account','account','account');
} elseif ($_POST[ZoneGroup]=="zone2") {
$account_odbc = odbc_connect('account2','sa','55555');
} else {
die ("<p><b>·ÖÇøÑ¡Ôñ´íÎó!</b></p>");
}
$user_result=odbc_do($account_odbc,$strSql);
$result_query=odbc_fetch_row($user_result);
if (odbc_result($user_result,1)!= "") $errors[] = "¸ÃÃû³ÆÒѾ*±»Õ¼Óã¬ÇëÖØÐÂÊäÈë";
//ÑéÖ¤Óû§ÃûÊÇ·ñ¹æ·¶
if(!preg_match("/^[0-9a-zA-Z]{6,12}$/i", $_POST[username])) $errors[]="Ö»ÄÜÓÃÓ¢ÎÄ´óСд×ÖĸÊý×ÖµÄ×éºÏ×÷ΪÓû§Ãû";
//ÑéÖ¤Óû§Ãû³¤¶È
if(strlen($_POST[username])<6) $errors[] = "Óû§ÃûµÄ³¤¶È²»ÄÜСÓÚ6λ";
if(strlen($_POST[username])>12) $errors[]= "Óû§ÃûµÄ³¤¶È²»Äܳ¬¹ý12λ";
//ÑéÖ¤ÃÜÂëÊÇ·ñ¹æ·¶
if(!preg_match("/^[0-9a-zA-Z]{6,12}$/i", $_POST[password1])) $errors[]="Ö»ÄÜÓÃÓ¢ÎÄ´óСд×ÖĸÊý×ÖµÄ×éºÏ×÷ΪÃÜÂë";
if(preg_match("/^[0-9]{6,12}$/i",$_POST[password1])) $errors[]="²»¿ÉʹÓô¿Êý×Ö×÷ΪÃÜÂë";
//ÑéÖ¤Óû§ÃûºÍÃÜÂëÊÇ·ñÏàͬ
if($_POST[username]==$_POST[password1]) $errors[]= "ÕʺźÍÃÜÂë²»ÄÜÏàͬ";
//ÑéÖ¤ÃÜÂ볤¶È
if(strlen($_POST[password1])<6) $errors[] = "ÃÜÂëµÄ³¤¶È²»ÄÜСÓÚ6λ";
if(strlen($_POST[password1])>12) $errors[] = "ÃÜÂ볤¶È²»ÄÜ´óÓÚ12λ";
//ÑéÖ¤ÃÜÂëÒ»ÖÂÐÔ
if($_POST[password2]!=$_POST[password1]) $errors[] = "ÊäÈëµÄÃÜÂë²»Ò»ÖÂ";
//ÑéÖ¤ÕÒ»ØÃÜÂëÎÊÌâ´ð°¸³¤¶È
if(strlen($_POST[question])>20) $errors[] = "ÕÒ»ØÃÜÂëÎÊÌâ´óÓÚ20룬Çë·µ»ØÖØÐÂÊäÈë";
if(strlen($_POST[question])<10) $errors[] = "ÕÒ»ØÃÜÂëÎÊÌâСÓÚ10룬Çë·µ»ØÖØÐÂÊäÈë";
if(strlen($_POST[answer])>20) $errors[] = "ÕÒ»ØÃÜÂë´ð°¸´óÓÚ20룬Çë·µ»ØÖØÐÂÊäÈë";
if(strlen($_POST[answer])<10) $errors[] = "ÕÒ»ØÃÜÂë´ð°¸Ð¡ÓÚ10룬Çë·µ»ØÖØÐÂÊäÈë";
//ÑéÖ¤Óû§emailÕýÈ·ÐÔ
if(!preg_match("/^\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*$/i",$_POST[mail])) $errors[]="EmailµØÖ·²»ÕýÈ·£¬ÇëÖØÐÂÊäÈëÕýÈ·µÄEmailµØÖ·";
//´íÎóÐÅÏ¢Êä³ö
if(sizeof($errors)>0){
$errorStr .= "<br><font>";
$errorStr .= "ÐÅÏ¢ÊäÈë´íÎó£º";
foreach($errors as $error)
$errorStr .= "<li>$error</li>";
$errorStr .= "</font><br><br>";
}else{
//¼ÓÃÜÃÜÂë
$passwd_user=md5($_POST[password1]);
//»ñÈ¡user_no
$dk_time=strftime("%y%m%d%H%M%S");
list($usec1, $sec1) = explode(" ",microtime());
$dk_user_no=$dk_time.substr($usec1,2,2);
//Óû§×¢²áÓï¾ä
$dk_account_query="insert into user_profile(user_no,user_id,user_pwd,resident_no, user_type,login_flag,login_tag,ipt_time,login_time ,logout_time,user_ip_addr,server_id) values('$dk_user_no','$_POST[username]','$passwd_user','801011000000','1','0','Y','01/01/2006 00:00:00',null,null,null,'000')";
//Óû§×ÊÁϱ£´æ
$dk_account_query2="insert into Tbl_user(user_no,user_id,user_pwd,user_mail,user_a nswer,user_question) values('$dk_user_no','$_POST[username]','$_POST[password1]','$_POST[mail]','$_POST[answer]','$_POST[question]')";
//Ö´ÐÐÓû§×¢²áºÍ×ÊÁϱ£´æÓï¾ä
$dk_account_result1=odbc_do($account_odbc,$dk_acco unt_query);
$dk_account_result2=odbc_do($account_odbc,$dk_acco unt_query2);
odbc_close($account_odbc);
}
//·µ»Ø´íÎóÏûÏ¢µ½Ò³Ãæ
return $errorStr;
}
?>
ok here it is