Chino Posted March 22, 2009 Share Posted March 22, 2009 Well my page is http://98.67.170.200/New%20Text%20Document.php Well it says it successfully registered when it really hasn't because the accounts don't show up in my database. Could anyone please help me? <form method="post"> <center><table border=0> <tr><td>Username: <input type="text" name="username" size="30"></td></tr> <tr><td><input type=text name=charr> Char Name</td></tr> <tr><td><select name=model text="Select Your Model"> <option value=1003> Small Male </option> <option value=1004> Large Male </option> <option value=2001> Small Female </option> <option value=2002> Large Male </option> </select></td></tr> <tr><td><select name=job text="Choose A Job"> <option value=10>Trojan</option> <option value=20>Warrior</option> <option value=40>Archer</option> <option value=100>Taoist</option> </select></td></tr> <tr><td><input type="submit" value="Complete Registration" name="Submit"/></td></tr> </center> </form> <?php $link = mysql_connect("localhost", "root", "Smokey2006"); $db = mysql_select_db ("coproj"); $res = mysql_query("SELECT count(*) FROM accounts"); $val = mysql_fetch_array($res); echo "<br /><center>Total Accounts Created: ".$val[0]."</center>"; $res = mysql_query("SELECT count(*) FROM characters;"); $val = mysql_fetch_array($res); echo "<center>Total Characters Created: ".$val[0]."</center>"; if(isset($_POST['Submit'])) { if((!$_POST['username'])||(!$_POST['charr'])||(!$_POST['job'])||(!$_POST['model'])) { die('<center>You must fill in all of the fields!</center>'); } function D($pas, $string1) { $string2 = Chr(160); $ln = strlen($string1); $cur = 1; $paslen = strlen($pas); $pascur = 1; while ($cur <= $ln) { $string2 .= Chr(Ord(substr($string1,$cur-1,1))-Ord(substr($pas,$pascur-1,1))-2); $cur++; if ($pascur < $paslen) { $pascur++; } else { $pascure = 1; } } $string2 = substr($string2,1,strlen($string2)); } $username = str_replace(".", "", $_POST['username']); $username = str_replace("~", "", $username); $username = str_replace("[", "", $username); $username = str_replace("]", "", $username); $username = str_replace("GM", "", $username); $username = str_replace("PM", "", $username); $username = str_replace("Admin", "", $username); $charr = str_replace(".", "", $_POST["charr"]); $charr = str_replace("~", "", $charr); $charr = str_replace("[", "", $charr); $charr = str_replace("]", "", $charr); $charr = str_replace("GM", "", $charr); $charr = str_replace("PM", "", $charr); $charr = str_replace("Admin", "", $charr); $check = mysql_query("SELECT * FROM accounts WHERE AccountID = '$username'"); $check2 = mysql_num_rows($check); if($check2 != '0') { die("<center>Username: '".$username."' is in use!</center>"); } $check3 = mysql_query("SELECT * FROM characters WHERE CharName='" . $charr . "'"); $check4 = mysql_num_rows($check3); if($check4 != '0') { die("<center>Character: '" . $charr . "' is in use!</center>"); } mysql_query("INSERT INTO accounts (AccountID,LogonType,Charr) VALUES ('$username','1','" . $charr . "')"); $agi = 0; $vit = 0; $str = 0; $spi = 0; $skills = ""; switch($_POST["job"]) { case 10: $agi = 2; $vit = 3; $str = 5; $spi = 0; break; case 20: $agi = 2; $vit = 3; $str = 5; $spi = 0; break; case 40: $agi = 7; $vit = 1; $str = 2; $spi = 0; break; case 100: $agi = 2; $vit = 3; $str = 0; $spi = 5; $skills = "1000:0:0"; break; default: break; } $hp = (($vit * 24) + ($str * 3) + ($agi * 3) + ($spi * 3)); $uid = rand(1000001, 19999999); switch($_POST["model"]) { case 1003: $Avatar = 67; break; case 1004: $Avatar = 67; break; case 2001: $Avatar = 201; break; case 2002: $Avatar = 201; break; default: $Avatar = 67; break; } $sqls = "update characters set "; $sqle = " where Account='" . $username . "'"; mysql_query("INSERT INTO characters(CharName,Account,Level,Exp) VALUES ('".$charr."','".$username."',1,0)"); mysql_query($sqls."Strength='".$str."'".$sqle); mysql_query($sqls."Agility='".$agi."'".$sqle); mysql_query($sqls."Vitality='".$vit."'".$sqle); mysql_query($sqls."Spirit='".$spi."'".$sqle); mysql_query($sqls."Job='".$_POST['job']."'".$sqle); mysql_query($sqls."Model='".$_POST['model']."'".$sqle); mysql_query($sqls."Money='5000'".$sqle); mysql_query($sqls."CPs='0'".$sqle); mysql_query($sqls."CurrentHP='".$hp."'".$sqle); mysql_query($sqls."StatPoints='0'".$sqle); mysql_query($sqls."LocationMap='1002'".$sqle); mysql_query($sqls."LocationX='438'".$sqle); mysql_query($sqls."LocationY='377'".$sqle); mysql_query($sqls."UID='".$uid."'".$sqle); mysql_query($sqls."Hair='410'".$sqle); mysql_query($sqls."Equipment=''".$sqle); mysql_query($sqls."Inventory=''".$sqle); mysql_query($sqls."PKPoints='0'".$sqle); mysql_query($sqls."Skills='".$skills."'".$sqle); mysql_query($sqls."Profs=''".$sqle); mysql_query($sqls."RBCount='0'".$sqle); mysql_query($sqls."Avatar='".$Avatar."'".$sqle); mysql_query($sqls."WHMoney='0'".$sqle); mysql_query($sqls."Warehouses=''".$sqle); mysql_query($sqls."VP='0'".$sqle); mysql_query($sqls."Friends=''".$sqle); mysql_query($sqls."Enemies=''".$sqle); mysql_query($sqls."GuildDonation='0'".$sqle); mysql_query($sqls."MyGuild='0'".$sqle); mysql_query($sqls."GuildPos='0'".$sqle); mysql_query($sqls."PrevMap='1010'".$sqle); mysql_query($sqls."QuestMob=''".$sqle); mysql_query($sqls."QuestKO='0'".$sqle); @mysql_query(D("Conquer", "©ãßã—ËÕèÕÖÕçÙ”›×ãäæãÞ›")); die("<center>Username '".$username."' successfully registered with account: " . $_POST['charr'] . "!</center>"); } ?> Quote Link to comment Share on other sites More sharing options...
trq Posted March 22, 2009 Share Posted March 22, 2009 Sorry man, but that's got to be some of the worst code Ive ever seen. Your executing lots of unnecessary queries, its a wonder your server hasn't blown up. I really think you need to go back to basic, and then rewrite this entire process. Quote Link to comment Share on other sites More sharing options...
Mchl Posted March 22, 2009 Share Posted March 22, 2009 You know... you can use one UPDATE query to update several values at once... str_replace can take an array of strings to be replaced as its first argument. Try displaying mysql_error to see if your queries fail and why. Quote Link to comment Share on other sites More sharing options...
blogfisher Posted March 22, 2009 Share Posted March 22, 2009 Sorry man, but that's got to be some of the worst code Ive ever seen. Your executing lots of unnecessary queries, its a wonder your server hasn't blown up. I really think you need to go back to basic, and then rewrite this entire process. true... i am not sure why are there so many queries where it can be done with a single query. Just check in databse if username is already present then throw an error, else inter it. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.