15) {
$message[] = 'Username must be between 6 and 15 characters';
}
// validate username
if (!ctype_alnum($username)) {
$message[] = 'Username must consist of alphanumeric characters with no spaces';
}
// check password
if (strlen($pwd) < 6 || preg_match('/\s/', $pwd)) {
$message[] = 'Password must be at least 6 characters with no spaces';
}
// check that the passwords match
if ($pwd != $_POST['confirmpwd']) {
$message[] = 'Your passwords don\'t match';
}
// if no errors so far, check for duplicate username
if (!$message) {
// connect to database as administrator
//$conn = dbConnect('admin');
mysql_select_db("$database", $conn);
// check for duplicate username
$checkDuplicate = "SELECT adminid FROM users
WHERE username = '$username'";
$result = mysql_query($checkDuplicate) or die(mysql_error());
$numRows = mysql_num_rows($result);
// if $numRows is positive, the username is already in use
if ($numRows) {
$message[] = "$username is already in use. Please choose another username.";
}
// otherwise, it's OK to insert the details in the database
else {
// create key
$key = 'takeThisWith@PinchOfSalt';
// insert details into database
$insert = "INSERT INTO users (username,pwd)VALUES ('$username', ENCODE('$pwd', '$key'))";
$result = mysql_query($insert) or die(mysql_error());
if ($result) {
$message[] = "Account created for $username";
}
else {
$message[] = "There was a problem creating an account for $username";
}
}
}
}
?>
USERS REGISTRATION PAGE