3raser Posted November 15, 2009 Share Posted November 15, 2009 It wont say if the nospam code is correct... :/ <?php require "global_navigation.php"; ?> <head><script language="javascript" type="text/javascript"> /*This is the location of your PHP script*/ var url = "register.php?param="; function updateName() { document.getElementById('checked').innerHTML = "Verifying..."; var name = document.getElementById("anti").value; http.open("GET", url + escape(name), true); http.onreadystatechange = handleHttpResponse; http.send(null); } function handleHttpResponse() { if (http.readyState == 4) { results = http.responseText; /* Again, we're assuming your username input ID is "username" */ var name = document.getElementById("anti").value; /* If the username is available, Print this message: */ if(results == "<?php echo $anti1; ?>") results = "<font color=\"green\"><i>"+name+"</i> is correct!</font>"; document.getElementById('checked').innerHTML = results; } } function getHTTPObject() { var xmlhttp; if (!xmlhttp && typeof XMLHttpRequest != 'undefined') { try { xmlhttp = new XMLHttpRequest(); } catch (e) { xmlhttp = false; } } return xmlhttp; } var http = getHTTPObject(); </script></head> <?php $username = $_POST['username']; $password = $_POST['password']; $signature = $_POST['signature']; $email = $_POST['email']; $anti = $_POST['anti']; if (!$username || !$password) die (" <form action='register.php' method='POST'> <b>Please note that the following characters: `*<>() will be removed upon registering.</b><br /><br /> * Username: <input type='text' name='username' maxlength='10'><br /><br /> * Anti-spam verification (Code=nospam54): <input type='text' name='anti' onblur='updateName();><div name='checked' id='checked'><br /><br /> * Password: <input type='password' name='password' maxlength='15'></div><br /><br /> Signature:<br /> <textarea maxlength='230' name='signature' rows='10' cols='40'></textarea><br /><br /> Email: <input type='text' name='email' max='50'> <input type='submit' value='Register'> </form>"); $u = addslashes($_GET['param']); $checked = strtolower($checked); $u2 = strtolower($u); if($u2 == $anti1) { echo "$u is correct!"; } if (!$anti) die ("You didn't enter in the anti-spam verification code!"); if ($anti=="$anti1") { if (strlen($password)<=$passmax) { echo "Password must be more then $passmax characters long! <a href='register.php'> << Back </a>"; } else { if (strlen($username)<=$usermax) { echo "Username must be more then $usermax characters long! <a href='register.php'> << Back </a>"; } else { $ip = $_SERVER['REMOTE_ADDR']; //protection $before = array('(', ')', '^', '<', '>', '`', '*', '<script>', '</script>', ';DROP TABLE users;', 'users', 'DROP', 'TABLE'); $after = array('', '', '', '', '', '', '', '', '', '', '', '', ''); $output = str_replace($before, $after, $username); //protection $output3 = str_replace($before, $after, $password); //protection $output4 = str_replace($before, $after, $email); //protection $output2 = str_replace($before, $after, $signature); $connect = mysql_connect("$dbhost","$dbuser","$dbpassword") or die("Connection failed!"); mysql_select_db("$db") or die("Database fail!"); $query = mysql_query("SELECT * FROM users WHERE username='$output'"); $numrows = mysql_num_rows($query); if ($numrows!=0) { echo "This username already exists!"; } else { //write $write = mysql_query("INSERT INTO users VALUES ('','$output','$output3','$output4','$ip','$output2', '', '0', '0', '0', '$email')") or die(mysql_error()); echo "<div class='box'>Thank you for registering $output! Login <a href='login.php'>here</a>!</div>"; } } } } else { echo "You entered the incorrect anti-spam verification code!"; } ?><?php require("global_footer.php"); ?> http://www.commentbb.site11.com Link to comment https://forums.phpfreaks.com/topic/181648-why-isnt-this-working/ Share on other sites More sharing options...
Irresistable Posted November 15, 2009 Share Posted November 15, 2009 I think it looks quite obvious. All the functions aren't within PHP Tags. The functions look like PHP to me. Link to comment https://forums.phpfreaks.com/topic/181648-why-isnt-this-working/#findComment-958126 Share on other sites More sharing options...
3raser Posted November 15, 2009 Author Share Posted November 15, 2009 I think it looks quite obvious. All the functions aren't within PHP Tags. The functions look like PHP to me. I don't understand what you mean... Link to comment https://forums.phpfreaks.com/topic/181648-why-isnt-this-working/#findComment-958128 Share on other sites More sharing options...
Irresistable Posted November 15, 2009 Share Posted November 15, 2009 My mistake, the functions are javascript. It would be better off in the javascript section... Is the nospam code, a captcha code? I can easily provide you with a php one. Link to comment https://forums.phpfreaks.com/topic/181648-why-isnt-this-working/#findComment-958133 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.