<?php
$con = mysql_connect("localhost", "root", "");
$name = $_GET['jente_navn'];
$name = mysql_real_escape_string($name);
$ip = $_SERVER['REMOTE_ADDR'];
mysql_select_db("name", $con);
if ( preg_match("/^[^a-z]|[^A-Z]+/i", $name) )
{
die ("Feil: Kan bare bruke gyldige tegn");
}else{
$cb = 'SELECT * FROM banned WHERE name= \'' . $name . '\' OR ip= \'' . $ip . '\'';
$result = mysql_query($cb);
if( mysql_num_rows($result) ){
print "That Name, or your ip adress is. BANNED!";
}
}
$sql = "INSERT INTO girl (`girl`,`accepted`,`ip`,`sex`) VALUES ('$name', '0', '$ip', 'Female');";
if ( mysql_query($sql, $con) ){
mysql_close($con);
header('http://localhost/takk.php');
}else{
mysql_close($con);
header('http://localhost/error.php');
}
?>
still doesn't work. :s
Even if I did this:
<?php
$con = mysql_connect("localhost", "root", "");
$name = $_GET['jente_navn'];
$name = mysql_real_escape_string($name);
$ip = $_SERVER['REMOTE_ADDR'];
mysql_select_db("name", $con);
if ( preg_match("/^[^a-z]|[^A-Z]+/i", $name) )
{
die ("Feil: Kan bare bruke gyldige tegn");
}else{
$cb = 'SELECT * FROM banned WHERE name= \'' . $name . '\' OR ip= \'' . $ip . '\'';
$result = mysql_query($cb);
if( mysql_num_rows($result) ){
print "That Name, or your ip adress is. BANNED!";
}
}
$sql = "INSERT INTO girl (`girl`,`accepted`,`ip`,`sex`) VALUES (`$name`, `0`, `$ip`, `Female`);";
if ( mysql_query($sql, $con) ){
mysql_close($con);
header('http://localhost/takk.php');
}else{
mysql_close($con);
header('http://localhost/error.php');
}
?>