$accountExists = mssql_num_rows(mssql_query("select StrUserID from TB_User where StrUserID='$_POST[username]'"));
if($accountExists > 0) {
echo "<script type='text/javascript'>alert('Account with such username already exists'); </script>";
} else {
$email = $_POST['email'];
$emailExists = mssql_num_rows(mssql_query("select * from dbo.TB_User where Email='$email'"));
if ($emailExists > 0) {
echo "<script type='text/javascript'>alert('Account with such Email already exists'); </script>";
}
else {
$pwd = md5($_POST['pw1']);
mssql_query("insert into TB_User(StrUserID,password,sec_primary,sec_content,Email,sec_question,sec_answer) values('$_POST[username]','$pwd','3','3','$email','$_POST[question]','$_POST[answer]')");
$accountExists = mssql_num_rows(mssql_query("select StrUserID from TB_User where StrUserID='$_POST[username]'"));
if($accountExists > 0) {
echo "<script type='text/javascript'>alert('Account with such username already exists'); </script>";
} else {
$email = $_POST['email'];
$emailExists = mssql_num_rows(mssql_query("select * from dbo.TB_User where Email='$email'"));
if ($emailExists > 0) {
echo "<script type='text/javascript'>alert('Account with such Email already exists'); </script>";
}
else {
$pwd = md5($_POST['pw1']);
mssql_query("insert into TB_User(StrUserID,password,sec_primary,sec_content,Email,sec_question,sec_answer) values('$_POST[username]','$pwd','3','3','$email','$_POST[question]','$_POST[answer]')");
@LastThief correct me if i'm wrong but don't you forgot to escape some variables before you use it in any kind of query for example the email I don't you escaping it.
Also I would like to advice you to use PDO which does all the charactere escaping for you and it looks a lot nicer then using all those functions since it's OO and not to forget easier to switch from database source. But I guess you already know what it is since you're working with it for 5 years.
@LastThief correct me if i'm wrong but don't you forgot to escape some variables before you use it in any kind of query for example the email I don't you escaping it.
Also I would like to advice you to use PDO which does all the charactere escaping for you and it looks a lot nicer then using all those functions since it's OO and not to forget easier to switch from database source. But I guess you already know what it is since you're working with it for 5 years.
maybe i forgot the email but others are will just return false if it's not aA-zZ-0-9
well i don't use PHP data objects often but it's good suggestion gonna use it later on my developing
you taught me 4-7 words . i remember its . that was my first php days.
well and those thing you taught me you can find it any where like i said its was my first days i was so fresh new with php .
this don't mean you taught 80%.
people changes dude . no body still the same.
Sorry for my bad English.
Quote:
Originally Posted by kevin_owner
@LastThief correct me if i'm wrong but don't you forgot to escape some variables before you use it in any kind of query for example the email I don't you escaping it.
Also I would like to advice you to use PDO which does all the charactere escaping for you and it looks a lot nicer then using all those functions since it's OO and not to forget easier to switch from database source. But I guess you already know what it is since you're working with it for 5 years.
Quote:
Originally Posted by LastThief
maybe i forgot the email but others are will just return false if it's not aA-zZ-0-9
well i don't use PHP data objects often but it's good suggestion gonna use it later on my developing
Well both of you are wrong.
he used
PHP Code:
if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) $msg[] = 'Incorrect email.';
so if there no (@ , .) the mail don't work
so if he used shutdown its will not work because its will give error back because it got not @ , .
also check your script twice before release it .
if the user of this script hacked by it . he will lose all the trust.
Sorry for my bad English
[Release]Simple regpage and cash shop v1.5 beta 04/25/2011 - Cabal Private Server - 13 Replies This is a basic cash shop designed to work with my simple regpage that uses game Alz from the player's warehouse for buying cash items. The layout is loosely based on the official Cabal EU cash shop without quite so many tabs.
Tested on WinXP 32 bit, Windows 2003 64 bit, Xampp, MSSQL 2000, MSSQL 2005.
Make sure you read the readme.txt carefully.
Download v1.5-> Chumpy's.CashShop.v1.5.7z
[Release]Sea-emu regpage v1.1 05/18/2010 - SRO PServer Guides & Releases - 6 Replies So all..I'm going to release my regpage again,I added more functions,and I release it because I don't need it anymore.
Enjoy,and don't modify the copyright&don't PM me about this.
Download:
RapidShare: 1-CLICK Web hosting - Easy Filehosting
and don't forget to press "Thanks" if you like it..:P
edit: maybe tomorrow I'll post a guide too..
[Release] Simple regpage for the 5165 02/21/2010 - CO2 PServer Guides & Releases - 10 Replies Well seen people asking for it, so i decided to edit and old regpage i had. This should work fine for the Source 5165 released wich was i belive developed by Tanel..
Thanks will be apreciated -.-
Simply put this in your WWW directory under appserver,
if your OldCODB is in a different place open up the file and edit
("AccountFilesPath", "C:\OldCODB\Users\\");
its not so perfect but it will do,
[Release] V5165 RegPage 100% Worken 02/15/2010 - CO2 PServer Guides & Releases - 18 Replies This is a 100% worken regpage for though's who have 5165 severs or want 1 and dont know how 2 make the regpage for it. (=^_^=)
People said that the first one register.rar, and if it really doesn't work properly try the new one i added.