Thanks for the help. I keep getting an error that says "Couldn't execute referral check query."
If it helps I am posting the whole file. Thanks again.
<?php
if(basename($_SERVER[php_SELF])=="register.inc.php")
{
header("Location: /index.php");
exit;
}
if($_POST['action'] == "do_reg") {
//check input for errors
$login_length = strlen($_POST['login']);
$pass_length = strlen($_POST['pass1']);
$login = $_POST['login'];
$pass1 = $_POST['pass1'];
$pass2 = $_POST['pass2'];
$email = $_POST['email'];
$newsletter = $_POST['newsletter'];
$displayname = $_POST['displayname'];
$deferral = $_POST['deferral'];
$agreestoterms = $_POST['agreestoterms'];
if("$pass1" != "$pass2") {
$pass_err = "Your passwords do not match!";
$error = "1";
}
if(empty($displayname)) {
$dn_err = "You did not enter a Display Name!";
$error = "1";
}
if(empty($agreestoterms)) {
$terms_err = "You must agree to the terms of service!";
$error = "1";
}
if($login_length < 3) {
$login_err = "Your username must be at least 3 characters!";
$error = "1";
}
if($pass_length < 3) {
$pass_err = "Your password must be at least 3 charachters!";
$error = "1";
}
if(ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@([a-zA-Z0-9-]+\.)+([a-zA-Z]{2,3})$", $email)) {
$okmail="1";
}
if($okmail != "1") {
$email_err = "Your email address is not properly formatted!";
$error = "1";
}
if (ereg("^[a-zA-Z0-9]+$",$login)) {
$oklogin="1";
}
if($oklogin != "1") {
$login_err = "You username may contain only letters and numbers!";
$error = "1";
}
if (ereg("^[a-zA-Z0-9]+$",$pass1)) {
$okpass="1";
}
if($okpass != "1") {
$pass_err = "Your password may contain only letters and numbers!";
$error = "1";
}
if (ereg("^[a-zA-Z0-9]+$",$displayname)) {
$okdisplay="1";
}
if($okdisplay != "1") {
$dn_err = "Your Display Name may contain only letters and numbers!";
$error = "1";
}
$connection = @mysql_connect("$db_host", "$db_user", "$db_pass") or die("Couldn't connect.");
$db = @mysql_select_db($db_name, $connection) or die("Couldn't select database.");
$checkl = "SELECT * FROM $tbl_members WHERE login = ".quote_smart($login)."";
$check_l = @mysql_query($checkl,$connection) or die("Couldn't execute login check query.");
while ($row = mysql_fetch_array($check_l)) {
$ch_login = $row['login'];
}
if(isset($ch_login)) {
$login_err = "That username is already taken!";
$error = "1";
}
$check2 = "SELECT * FROM $tbl_restricted WHERE r_login = ".quote_smart($login)."";
$check_2 = @mysql_query($check2,$connection) or die("Couldn't execute login check query.");
while ($row = mysql_fetch_array($check_2)) {
$r_login = $row['r_login'];
}
if(isset($r_login)) {
$login_err = "That username is reserved!";
$error = "1";
}
$checkref = "SELECT * FROM $tbl_profiles WHERE referral = ".quote_smart($referral)."";
$check_ref = @mysql_query($checkref,$connection) or die("Couldn't execute referral check query.");
if(mysql_num_rows($check_ref) < 1){
$referral_err = "The referral name you used is not in the database.";
$error = "1";
}
$checke = "SELECT * FROM $tbl_members WHERE email = ".quote_smart($email)."";
$check_e = @mysql_query($checke,$connection) or die("Couldn't execute email check query.");
while ($row = mysql_fetch_array($check_e)) {
$ch_email = $row['email'];
}
if(isset($ch_email)) {
$email_err = "That email address has already been used!";
$error = "1";
}
if(empty($newsletter)) $newsletter = "no";
if(!$error) {
//input is ok, register new member!
$ipaddr = $_SERVER['REMOTE_ADDR'];
$sql = "INSERT INTO $tbl_members (login, enabled, password, email, displayname, newsletter, ipaddr, referral)
VALUES (
".quote_smart($login).",
".quote_smart($autoenable).",
".quote_smart($pass1).",
".quote_smart($email).",
".quote_smart($displayname).",
".quote_smart($newsletter).",
".quote_smart($ipaddr).",
".quote_smart($referral)."
)";
$result = @mysql_query($sql,$connection) or die("<b>A fatal MySQL error occured</b>.\n<br />Query: " . $query . "<br />\nError: (" . mysql_errno() . ") " . mysql_error());
if($mailonnew == "yes") {
$to = "$site_email";
$subject = "New $sitename Member!";
$from_mail = "$adminemail";
$message = "Dear Admin,\n\n";
$message .= "You have a new member with the login: $login.\n\n";
$message .= "$siteurl";
$headers = "From: $from_mail\r\n";
$headers .= "Reply-To: $from_mail\r\n";
$headers .= "X-Mailer: phpProfiles";
mail($to, $subject, $message, $headers);
}
include("./include/welcome_msg.inc.php");
include("./include/reg_success.inc.php");
exit;
}
}
$ipaddr = $_SERVER['REMOTE_ADDR'];
$connection = @mysql_connect("$db_host", "$db_user", "$db_pass") or die("Couldn't connect.");
$db = @mysql_select_db($db_name, $connection) or die("Couldn't select database.");
$sql = "SELECT * FROM $tbl_banned WHERE bip = \"$ipaddr\"";
$result = @mysql_query($sql,$connection) or die("Couldn't execute ban lookup query.");
$num=mysql_num_rows($result);
if($num > 0) {
while ($row = mysql_fetch_array($result)) {
$bcomment = $row['bcomment'];
}
if(empty($bcomment)) {
$bcomment = "no reason given.";
}
echo "<p>Sorry, you cannot register at this time. You have been banned because:</p>
<p align=\"center\"><i>$bcomment</i></p>";
include("./include/footer.inc.php");
exit;
}
if (!$_POST) { ?>
<form method="POST">
<table align="center" cellpadding="4" cellspacing="0" width="60%">
<tr>
<td>
<p><?php echo "$txt_reg1"; ?></p>
</td>
</tr>
<tr>
<td align="center">
<p><img src="securimage_show.php?sid=<?php echo md5(uniqid(time())); ?>"></p>
</td>
</tr>
<tr>
<td align="center">
<p><input type="text" tabindex="1" name="code" id="text"></p>
</td>
</tr>
<tr>
<td align="center">
<p><input type="hidden" name="show" value="register">
<input type="submit" value="Verify code" class="button"></p>
</td>
</tr>
<tr>
<td align="center">
<p> <a href="register.php">I can't
read the code.</a></p>
</td>
</tr>
</table>
</form>
<?php
} else { //form is posted
include("securimage.php");
$img = new securimage();
$valid = $img->check($_POST['code']);
if($_POST['action'] == "do_reg") {
$valid = "true";
}
if($valid == FALSE) {
echo "<center>Sorry, the code you entered was invalid.
<a href=\"register.php\">Go back</a> to try again.</center>";
include("./include/footer.inc.php");
exit;
} else {
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
<table align="center" cellpadding="4" cellspacing="0">
<?php
if($error) {
?>
<tr>
<td colspan="3"><p><span class="required">
<?php
if($login_err) { echo "$login_err<br>"; }
if($pass_err) { echo "$pass_err<br>"; }
if($email_err) { echo "$email_err<br>"; }
if($dn_err) { echo "$dn_err<br>"; }
if($referral_err) { echo "$referral_err<br>"; }
if($terms_err) { echo "$terms_err<br>"; }
?>
</span></p></td>
</tr>
<?php
}
?>
<tr>
<td valign="top">
<p>Choose Username:</p>
</td>
<td valign="top">
<p><input type="text" name="login" maxlength="20" size="20" id="text<?php if($login_err) { echo "error"; } ?>" value="<?php echo $_POST['login'] ?>"></p>
</td>
<td valign="top">
<p><span class="help">Your Username may be 3-20 characters, letters
and or numbers only.</span></p>
</td>
</tr>
<tr>
<td valign="top">
<p>Password:</p>
</td>
<td valign="top">
<p><input type="password" name="pass1" maxlength="20" size="20" id="text<?php if($pass_err) { echo "error"; } ?>"></p>
</td>
<td valign="top">
<p><span class="help">Your Password may be 3-20 characters, letters
and or numbers only.</span></p>
</td>
</tr>
<tr>
<td valign="top">
<p>Repeat Password:</p>
</td>
<td valign="top">
<p><input type="password" name="pass2" maxlength="20" size="20" id="text<?php if($pass_err) { echo "error"; } ?>"></p>
</td>
<td valign="top">
<p><span class="help">Please verify your password.</span></p>
</td>
</tr>
<tr>
<td valign="top">
<p>Email Address:</p>
</td>
<td valign="top">
<p><input type="text" name="email" maxlength="150" size="25" id="text<?php if($email_err) { echo "error"; } ?>" value="<?php echo $_POST['email'] ?>"></p>
</td>
<td valign="top">
<p><span class="help">Your email address is used to retrieve lost
password. It is not displayed to the public.</span></p>
</td>
</tr>
<tr>
<td valign="top">
<p>Display Name:</p>
</td>
<td valign="top">
<p><input type="text" name="displayname" maxlength="25" size="25" id="text<?php if($dn_err) { echo "error"; } ?>" value="<?php echo $_POST['displayname'] ?>"></p>
</td>
<td valign="top">
<p><span class="help">This is your nickname or the name you want
the system to refer to you by. No spaces!</span></p>
</td>
</tr>
<tr>
<tr>
<td valign="top">
<p>Member Referral:</p>
</td>
<td valign="top">
<p><input type="text" name="referral" maxlength="25" size="25" id="text<?php if($referral_err) { echo "error"; } ?>" value="<?php echo $_POST['referral'] ?>"></p>
</td>
<td valign="top">
<p><span class="help">This is your nickname or the name you want
the system to refer to you by. No spaces!</span></p>
</td>
</tr>
<tr>
<td valign="top" colspan="3">
<p> <input type="checkbox" name="agreestoterms" value="agreestoterms">
I have read the <a href="aup.php" target="_blank">Acceptable Use
Policy</a> and agree to the terms.</p>
</td>
</tr>
<tr>
<td valign="top" colspan="3">
<p> <input type="checkbox" name="newsletter" value="yes" checked>Subscribe
to Newsletter updates (occasional updates regarding the site).</p>
</td>
</tr>
<tr>
<td valign="top" colspan="3">
<p>Patience! Registration will take a few moments.</p>
</td>
</tr>
<tr>
<td valign="top">
<p> </p>
</td>
<td valign="top">
<p><input type="hidden" name="action" value="do_reg">
<input type="submit" name="register" value="Register!"></p>
</td>
<td valign="top">
<p> </p>
</td>
</tr>
</table>
</form>
<? }} ?>