registering

Apollo_Ares

I am currently working on the registering php for I game I am creating. Someone told me that I could code it in a more simple and if you know how please tell me. Any suggestions on improvement would be greatly appreciated.

Here is my register.php

<?php # Script 6 - register.php
// This is the registration page for the site.

// Set page title and include the HTML header.
$page_title = 'Register';
include ('includes/header.html');

//Include configuration file for error mangament and such.
require_once ('includes/config.inc');

if (isset($_POST['submit'])) { // Handle the form.

require_once ('../mysql_connect.php'); // Connect to database.

// Check for a username.
if (eregi ("^[[:alpha:]_]{1,15}$", stripslashes(trim($_POST['username'])))) {
	$u = escape_data($_POST['username']);
} else {
	$u = FALSE;
	echo '<p><font color="red" size="+1"> Please enter a valid username!</font></P>';
}

// Check for an email adderess.
if (eregi ("^[[:alnum:]][a-z0-9_.-]*@[a-z0-9.-]+\.[a-z]{2,4}$", stripslashes(trim($_POST['email'])))) {
	$e = escape_data($_POST['email']);
} else {
	$e = FALSE;
	echo '<p><font color="red" size="+1">Please enter a valid email address!</font></p>';
}

// Check for a password and match against the confirmed passoword.
if (eregi ("^[[:alnum:]]{4,20}$", stripslashes(trim($_POST['password1'])))) 
{
	if ($_POST['password1'] == $_POST['password2']) 
{
		$p = escape_data($_POST['password1']);
	} 
                else
                {
		$p = FALSE;
		echo '<p><font color="red" size="+1">Your password did not match the confirmed password!</font></p>';
	}
}
else
{
	$p = FALSE;
               echo '<p><font color="red" size="+1">Please enter a valid password!</font></p>';
}
//Check for an empire choice.
if (eregi ("[[:alpha:]]", ($_POST['race'])))
{
$r = escape_data($_POST['race']);
}
else
{
	$r = FALSE;
	echo '<p><font color="red" size="+1"> Please choose an empire!</font></p>';
}

//Check for an charater choice.
if (eregi ("[[:alpha:]]", ($_POST['characteristics'])))
{
$c = escape_data($_POST['characteristics']);
} else {
	$c = FALSE;
	echo '<p><font color="red" size="+1"> Please choose an characteristic!</font></p>';
}

if ($u && $e && $p && $r && $c) { // If everything's okay.

	// Make sure the username is avaible.
$query = "SELECT user_id FROM users WHERE username='$u'";
$result = @mysql_query ($query);

if (mysql_num_rows($result) == 0) { // Avaible.

	// Add the user.
	$query = "INSERT INTO users (username, email, password, registration_date) VALUES ('$u', '$e', PASSWORD('$p'), NOW() )";		$result = @mysql_query ($query); // Run the query.

	if ($result) { // If it ran okay.

	// Report success.
	echo '<h3>You are registered.</h3>';
	include ('includes/footer.html'); // Include the HTML footer.
	exit();

	} else { // If it did not run okay.
		// Send message to the error log.
		echo '<p><font color="red" size="+1">You could not be registered due to a system error. We apologize for any inconvience.</font></p>';
	}

} else { // The username is not avaible.
	echo '<p><font color="red" size="+1">That username has been taken. Sorry.</font></p>';
}

mysql_close(); // Close the database connection.

} else { // If one of the data tests failed.
	echo '<p.<font color="red" size="+1">Please try again.</font></p>';
}

} // End of the main Submit conditional.
?>

  <center>
  <table border="1" width="80%" bgcolor="#E9E9E9">
    <tr>
      <td width="80%">

  <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">  <fieldset>

  <p align="bottom">
  <font face="Arial">Enter your account information below:&nbsp;</font>
  <p align="bottom">&nbsp;
  <div align="center">
    <table border="0" width="100%" >
      <tr>
        <td width="28%"><b>Character Name:</b> </td>
        <td width="72%"> <input type="text" name="username" size="10" maxlength="20" value="<?php if (isset($_POST['username'])) echo $_POST['username']; ?>" /> <small>Use only letters, numbers, and the underscore. Must be between 1 and 20 characters long.</small></td>
      </tr>
      <tr>
        <td width="28%"><b>Email Address:</b> &nbsp;</td>
        <td width="72%"> <input type="text" name="email" size="40" maxlength="40" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" /> </td>
      </tr>
      <tr>
        <td width="28%"><b>Password:</b> </td>
        <td width="72%"> <input type="password" name="password1" size="20" maxlength="20" /> <small>Use only letters and numbers. Must be between 4 and 20 characters long.</small></td>
      </tr>
      <tr>
        <td width="28%"><b>Retype Password:</b> &nbsp;</td>
        <td width="72%"> <input type="password" name="password2" size="20" maxlength="20" /></td>
      </tr>
      <tr>
        <td width="28%"><b>Empire:</b> 
          &nbsp;</td>
        <td width="72%"> 
  <input type="radio" name="race" value="T" />Tal
  <input type="radio" name="race" value="J" />Janeer Federation
  <input type="radio" name="race" value="M" />Malkan Swarm
  <input type="radio" name="race" value="U" />United Galactic Commonwealth</td>
      </tr>
      <tr>
        <td width="28%"><b>Sub-Empire Name:</b> </td>
        <td width="72%"> <input type="text" name="sub_empire_name" size="20" maxlength="40" /></td>
      </tr>
      <tr>
        <td width="28%"><b>
          Characteristics:</b></td>
        <td width="72%"><b><select size="1" name="characteristics">
    <option value="o">strong offense</option>
    <option value="d">strong defense</option>
    <option value="p">weak but prolific</option>
    <option value="b" selected>balanced</option>
    </select></b>
        </td>
      </tr>
    </table>
  </fieldset>

<div align="center"><input type="submit" name="submit" value="Register" /></div></div>

</form><!-- End of Form -->

  </center>

<?php // Include the HTML footer.
 include ('includes/footer.html');
?>

Apollo_Ares

Also I keep on getting a parse error message for line 170 the very end of the script were there is nothing. I can't figure out what is causing the error.

mattsinclair

dont have the time to look at it and figure out optimization as i'm going out the door
but

when you get an error for a line where there's nothing wrong, it usually is a {} mismatch error.

if you get an error that is at the LAST line of the file, which is what yours is... it's definately a {} mismatch.

you have a lot of them, so it was a pain to look through, but just add TWO } after:

} // End of the main Submit conditional.

so it looks like this

} // End of the main Submit conditional. 
}
}

that should fix the errors.

Apollo_Ares

I found the place that those two missmatched }s go and have put them in the proper place (also added them to the post above). That error is now fixed. I have a few others of a different type but I think can fix them.

Again, any segguestions on improvement, such as optimization ( I think I need to turn the register_globals on) or better security techniques, would be apperciated.