Posts: 10,289
Name: Knight13
Location: Cleveland, Ohio
|
Ok i am not sure if this signup script is good or not, this is my first try at it and it does work but their are a few questions i have if anyone can help?
1, Is this script right meaning is this script done right? or atleast ok?
2, Is their some way that i can make sure the email is a real email address and not just 1 letter or nonsense writing in it?
3, If this code is wrong can you tell me what is wrong with it?
Thanks!!!
Code:
<?php
$con = mysql_connect('localhost','aaaa','aaaa') or die (mysql_error());
$db = mysql_select_db('aaadatabase') or die (mysql_error());
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
$submit = $_POST['submit'];
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$email = mysql_real_escape_string($email);
$error = false;
$message = "";
if(strlen($username) < 5) {
$error = true;
$message .= "<font color='#ff0000' size='2'><b>You did not enter a username.</b></font>";
}
if(strlen($password) < 8) {
$error = true;
$message .= "<font color='#ff0000' size='2'><b>Your password must be atleast 8 - 15 characters long.</b></font>";
}
if(strlen($email) < 1) {
$error = true;
$message .= "<font color='#ff0000' size='2'><b>You must enter an email address.</b></font>";
}
$sql = "select user_name from users where user_name='$username' ";
$result = mysql_query($sql);
if($row = mysql_fetch_array($result)) {
$error = true;
$message .= "Sorry that username is already in use";
} else {
$sql = mysql_query("Insert into users (user_name, user_password, user_email) values ('$username' , '$password' , '$email') or die (mysql_error()");
$sql2 = mysql_query("insert into books (user_name) values ('$username')");
$result = mysql_query($sql);
$error = true;
$message .= "<font color='#ff0000' size='2'><b>Congratulations you are now a member please login.</b></font><br/><br/>";
}
?>
|
