Code: [Select]<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><title>Register</title></head><body><h1>Register</h1><table><tr><form action=register.php method=post><td width="81">Username:</td><td width="247"><input name="username" size="30" autocomplete="off" value="" type="text" /></td></tr><tr><td>Password:</td><td><input name="password" size="30" type="password" /></td></tr><tr><td>First Name:</td><td><input name="firstname" size="30" type="text" /></td></tr><tr><td>Last Name:</td><td><input name="lastname" size="30" type="text" /></td></tr><tr><td>Age:</td><td><input name="age" size="30" maxlength="2" /></td></tr></table><p><input type="submit" class="button" value="Register" /></p></form></body></html>
Code: [Select]<?php$con = mysql_connect("DB_HOST","DB_USER","DB_PASS");mysql_select_db("DB_NAME", $con);?>
Code: [Select]<?phpinclude 'mysql-connect.php';$username = $_POST['username'];$password = $_POST['password'];$firstname = $_POST['firstname'];$lastname = $_POST['lastname'];$age = $_POST['age'];$ip = $_SERVER['REMOTE_ADDR'];$result = mysql_num_rows(mysql_query("SELECT * FROM TABLENAME WHERE username='$username'"));if($result == 1) { echo ‘<h1>ERROR!</h1>The username you have chosen already exists!’; }else { mysql_query("INSERT INTO TABLENAME (username, password, firstname, lastname, age, ip)VALUES ('$username', '$password', '$firstname', '$lastname', '$age', '$ip')"); echo ' <p>Congratulations! You have successfully registered! </p> <p>Click <a href="login.php">here</a> to login.</p>‘;?>
Code: [Select]<html><head><title>Login</title></head><body><form name="login" action="login2.php" method="post"><table align="center"><tr><td class="title">Username</td><td><input name="user" size="30" autocomplete="off" value="" type="text" /></td></tr><tr><td class="title">Password</td><td><input name="pass" size="30" type="password" /></td></tr></table><p style="text-align:center;"><input type="submit" class="button" value="Login" /></p></form></body></html>
Code: [Select]<?phpinclude 'mysql-connect.php';$username = $_POST['user'];$password = $_POST['pass'];$query1 = mysql_query("SELECT * FROM TABLENAME WHERE username='$username'");$result = mysql_num_rows($query1);if($result == 0){include '<h1>Error!</h1>The username you specified does not exist!';}else{$checkuser = mysql_query("SELECT * FROM TABLENAME WHERE username='$username'"); $row = mysql_fetch_array($checkuser); $password2 = $row['password']; $status = $row['status']; if ($password == $password2) { //PUT PASSWORD PROTECTED INFORMATION HERE } else { echo '<h1>Error!</h1>The username and password combination you entered does not match the ones we have in the database.'; }}?>