if(!empty($host) AND !empty($user) AND !empty($pass) AND !empty($auth))
<?php
$server_ip = "127.0.0.1"; // Server ip
to:
<?php
error_reporting(0);
$server_ip = "127.0.0.1"; // Server ip
if ($username == "")
{
echo "Field username is empty!";
}
else if ($password == "")
{
echo "Field password is empty!";
}
else if ($email == "")
{
echo "Field email is empty!";
}
else if (mysql_num_rows($check_email) != NULL)
{
echo "Email is already used";
}
else if (check_for_symbols($_POST[password]) == TRUE)
{
echo "Error with creating account: password has invalid symbols in it.";
}
else if (check_for_symbols($username) == TRUE)
{
echo "Error with creating account: username has invalid symbols in it.";
}
else if (mysql_num_rows($check_username) != NULL)
{
echo "Error with creating account: name is already in use.";
}
else if ($password != $password2)
{
echo "Passwords not matches!";
}
change to:
if (empty($username))
$err[] = "Field username is empty!";
if (empty($password) or empty($password2))
$err[] = "Field password is empty!";
if (empty($email))
$err[] = "Field email is empty!";
if (mysql_num_rows($check_email) /* not need 0 = false */ != NULL)
$err[] = "Email is already used";
// Password can have all chars, in db is in sha1
//elseif (check_for_symbols($_POST[password]) == TRUE)
//{
// echo "Error with creating account: password has invalid symbols in it.";
//}
if (check_for_symbols($username) == TRUE)
$err[] = "Error with creating account: username has invalid symbols in it.";
if (mysql_num_rows($check_username) != NULL)
$err[] = "Error with creating account: name is already in use.";
if ($password != $password2)
$err[] = "Passwords not matches!";
if(isset($err) and is_array($err))
{
echo "<ul>";
foreach($err as $i => $var)
{
echo "<li>{$var}</li>";
}
echo "</ul>";
exit;
}
[PHP] Utilities
in Web Scripts
Posted
function check_for_symbols($string) { $len=strlen($string); $allowed_chars="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; for($i=0;$i<$len;$i++)if(!strstr($allowed_chars,$string[$i])) return TRUE; return FALSE; }to:function check_for_symbols($string) { if(preg_replace("([^A-Za-z0-9])", "", $string) != $string) return false; return true; }function sha_password($user,$pass) { $user = strtoupper($user); $pass = strtoupper($pass); return SHA1($user.':'.$pass); }small clean up:function sha_password($user,$pass) { return sha1(strtoupper($user.':'.$pass)); }
to:
to:if ($username == "") { echo "Field username is empty!"; } else if ($password == "") { echo "Field password is empty!"; } else if ($email == "") { echo "Field email is empty!"; } else if (mysql_num_rows($check_email) != NULL) { echo "Email is already used"; } else if (check_for_symbols($_POST[password]) == TRUE) { echo "Error with creating account: password has invalid symbols in it."; } else if (check_for_symbols($username) == TRUE) { echo "Error with creating account: username has invalid symbols in it."; } else if (mysql_num_rows($check_username) != NULL) { echo "Error with creating account: name is already in use."; } else if ($password != $password2) { echo "Passwords not matches!"; }change to:if (empty($username)) $err[] = "Field username is empty!"; if (empty($password) or empty($password2)) $err[] = "Field password is empty!"; if (empty($email)) $err[] = "Field email is empty!"; if (mysql_num_rows($check_email) /* not need 0 = false */ != NULL) $err[] = "Email is already used"; // Password can have all chars, in db is in sha1 //elseif (check_for_symbols($_POST[password]) == TRUE) //{ // echo "Error with creating account: password has invalid symbols in it."; //} if (check_for_symbols($username) == TRUE) $err[] = "Error with creating account: username has invalid symbols in it."; if (mysql_num_rows($check_username) != NULL) $err[] = "Error with creating account: name is already in use."; if ($password != $password2) $err[] = "Passwords not matches!"; if(isset($err) and is_array($err)) { echo "<ul>"; foreach($err as $i => $var) { echo "<li>{$var}</li>"; } echo "</ul>"; exit; }Code written on fast, no tested. Small clean up