Dear All,
It is my first time to be in your forum, which seems to be gorgeous. I would like to seek your help with my php script where I want to match two passwords together but it is not working. In addition to that, can anyone suggest to me more scripts for security enhancements.
I appreciate your help and time.
<?php
$username=$_POST["usrename"];
$title=$_POST["title"];
$fname=$_POST["firstname"];
$lname=$_POST["surname"];
$birth[d]=$_POST["day"];
$birth[m]=$_POST["month"];
$birth[y]=$_POST["year"];
$prof=$_POST["prof"];
$password = md5($_POST["pass"]);
$pass= md5($_POST["pass_conf"]);
$mobno=$_POST['tele1'];
$lanno=$_POST['tele2'];
$worno=$_POST['tele3'];
$e_add[1]=$_POST["email1"];
$e_add[2]=$_POST["email2"];
$address[hn]=$_POST["housen"];
$address[st]=$_POST["street"];
$address[ci]=$_POST["city"];
$address[co]=$_POST["county"];
$address[cy]=$_POST["country"];
$zip=$_POST["post"];
$details=$_POST["details"];
include ("db.php");
if ($title && $fname && $lname && $birth[d] && $birth[m]&& $birth[y]&& $password && $pass)
{
if ($password==$pass)
{
$query = "SELECT FirstName FROM users WHERE FirstName = '$fname'";
$result = @mysql_query($query);
$num = @mysql_num_rows($result);
if ($num==0)
{
$users = "INSERT INTO users (User_ID, UserName, Title, FirstName, LastName, Password, Birth)
VALUES('', '$username', '$title', '$fname', '$lname', '$password', '$birth[d] $birth[m] $birth[y] ')";
$phone = "INSERT INTO phones (Phone_ID, Mobile_NO, Work_NO, Landline_NO)
VALUES('', '$mobno', '$worno', '$lanno')";
$address = "INSERT INTO Address (Address_ID, House_NO, Street, City, Region, Country, ZIP_POST, Other_Details)
VALUES('', '$address[hn]', '$address[st]', '$address[ci]', '$address[co]', '$address[cy]', '$zip', '$details')";
$email = "INSERT INTO Emails (Email_ID, Email1, Email2)
VALUES('', '$e_add[1]', '$e_add[2]')";
$input[1]=mysql_query($users) or die(mysql_error());
$input[2]=mysql_query($phone) or die(mysql_error());
$input[3]=mysql_query($address) or die(mysql_error());
$input[4]=mysql_query($email) or die(mysql_error());
mysql_close();
echo "Account Created ";
}
else
echo "Passwords don't match";
}
else
die("This username has already been taken");
}
else
die("Please make sure that all fields are filled in")
?>