function check_for_symbols($string)
{
$len=strlen($string);
$allowed_chars="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
for($i=0;$i<$len;$i++)if(!strstr($allowed_chars,$string[$i]))
return TRUE;
return FALSE;
}
to:
function check_for_symbols($string)
{
if(preg_replace("([^A-Za-z0-9])", "", $string) != $string)
return false;
return true;
}
function sha_password($user,$pass)
{
$user = strtoupper($user);
$pass = strtoupper($pass);
return SHA1($user.':'.$pass);
}
small clean up:
function sha_password($user,$pass)
{
return sha1(strtoupper($user.':'.$pass));
}
if ($host != "" && $user != "" && $pass != "" && $auth != "")
to:
if(!empty($host) AND !empty($user) AND !empty($pass) AND !empty($auth))
<?php
$server_ip = "127.0.0.1"; // Server ip
to:
<?php
error_reporting(0);
$server_ip = "127.0.0.1"; // Server ip
if ($username == "")
{
echo "Field username is empty!";
}
else if ($password == "")
{
echo "Field password is empty!";
}
else if ($email == "")
{
echo "Field email is empty!";
}
else if (mysql_num_rows($check_email) != NULL)
{
echo "Email is already used";
}
else if (check_for_symbols($_POST[password]) == TRUE)
{
echo "Error with creating account: password has invalid symbols in it.";
}
else if (check_for_symbols($username) == TRUE)
{
echo "Error with creating account: username has invalid symbols in it.";
}
else if (mysql_num_rows($check_username) != NULL)
{
echo "Error with creating account: name is already in use.";
}
else if ($password != $password2)
{
echo "Passwords not matches!";
}
change to:
if (empty($username))
$err[] = "Field username is empty!";
if (empty($password) or empty($password2))
$err[] = "Field password is empty!";
if (empty($email))
$err[] = "Field email is empty!";
if (mysql_num_rows($check_email) /* not need 0 = false */ != NULL)
$err[] = "Email is already used";
// Password can have all chars, in db is in sha1
//elseif (check_for_symbols($_POST[password]) == TRUE)
//{
// echo "Error with creating account: password has invalid symbols in it.";
//}
if (check_for_symbols($username) == TRUE)
$err[] = "Error with creating account: username has invalid symbols in it.";
if (mysql_num_rows($check_username) != NULL)
$err[] = "Error with creating account: name is already in use.";
if ($password != $password2)
$err[] = "Passwords not matches!";
if(isset($err) and is_array($err))
{
echo "<ul>";
foreach($err as $i => $var)
{
echo "<li>{$var}</li>";
}
echo "</ul>";
exit;
}
Code written on fast, no tested. Small clean up