} ?> <?php // called for new sign in $erraddr1 = 'signup.php?msg1'; $erraddr2 = 'signup.php?msg2'; $erraddr3 = 'signup.php?msg3'; $erraddrrc = 'signup.php?msgrc'; // check and clean inputs $username = check_text_input($_POST['usernamesu'], 1, 16, 'Username', $erraddr1); $password = check_text_input($_POST['passwordsu'], 6, 32, 'First Password', $erraddr2); $password2 = check_text_input($_POST['passwordsu2'], 6, 32, 'Confirm Password', $erraddr2); $email = check_text_input($_POST['emailsu'], 1, 255, 'First Email', $erraddr3); $email2 = check_text_input($_POST['emailsu2'], 1, 255, 'Confirm Email', $erraddr3); if (!(check_legal_chars($username) == $username)) { do_err($erraddr1, 'Illegal characters in Username'); } if (!($password == $password2)) { do_err($erraddr2, 'Passwords do not match'); } if (!($email == $email2)) { do_err($erraddr3, 'Emails do not match'); } dbconnect(0); // check email still available $result = doSQL("select * from users where email=?;", $email) or do_err($erraddr3, "Database Error"); if (is_array($result)) { // no, exists, quit do_err($erraddr3, "Email in use"); }
<?php include '../../phpinclude/init.php'; include '../../phpinclude/begin.php'; ?> <?php $message = "unspecified"; if (isset($_GET['err'])) { $message = check_legal_chars(urldecode($_GET['err'])); } ?> <div class="titletext">An error occurred: <?php echo $message; ?> </div> <br><br><br><br><br><br><br><br><br><br><br><br> <?php include '../../phpinclude/end.php';
<?php $message1 = " "; if (isset($_GET['msg1'])) { $message1 = check_legal_chars($_GET['msg1']); } $message2 = " "; if (isset($_GET['msg2'])) { $message2 = check_legal_chars($_GET['msg2']); } $message3 = " "; if (isset($_GET['msg3'])) { $message3 = check_legal_chars($_GET['msg3']); } $messagerc = " "; if (isset($_GET['msgrc'])) { $messagerc = check_legal_chars($_GET['msgrc']); } ?> <div class="titletext">Sign Up for an Account</div> <table width="500"> <form name="signupform" id="signupform" action="signup2.php" method="post" enctype="application/x-www-form-urlencoded"> <tr><td colspan='3'> </td></tr> <tr> <td align="right"><b>Email:</b></td> <td align="left" valign="middle"><input type="Text" name="emailsu" id="emailsu" value="" maxlength="255" onchange="$('#msg3').html('');"></td> <td align="left"> </td> </tr> <tr> <td align="right"><b>Confirm:</b></td>
} } if (!isset($_POST['u'])) { echo "ERR"; exit; } $username = $_POST['u']; if (strlen($username) == 0) { echo "EMPTY"; exit; } if (strlen($username) > 16) { echo "LONG"; exit; } $illegal = check_legal_chars($username); if ($illegal == "Illegal Input") { echo "ILL"; exit; } // check any reserved words if (in_array(strtolower($username), $global_reserved_usernames)) { echo "TAKEN"; exit; } // username exists? dbconnect(0); $result = doSQL("select * from users where username=?;", $username) or die("ERR"); if (is_array($result)) { // exists echo "TAKEN";