help me with this script

Sergeant

<?php
include "connect.php";
$path="path/to/killmonster";
$player=$POST['player'];
$password=$POST['password'];
$pass2=$POST['pass2'];
$player=strip_tags($player);
$email=$POST['email'];
$email=strip_tags($email);
if ($password==$pass2)
{

$isplayer="SELECT from km_users where playername='$player'";
$isplayer2=mysql_query($isplayer) or die("could not query player tables");
$isplayer3=mysql_fetch_array($isplayer2);
if(!$POST['password'] || !$POST['pass2'])
{
print "You did not enter a password";
}
else if($isplayer3 || strlen($player)>15 || strlen($player)<1)
{
print "There is already a player of that name or the name you specified is over 15 letters or less than 1 letter";
}
else
{
$isaddress="SELECT from km_users where email='$email'";
$isaddress2=mysql_query($isaddress) or die("not able to query for password");
$isaddress3=mysql_fetch_array($isaddress2);
if($isaddress3)
{
print "There is already a player with that e-mail address";
}
else
{
$password=md5($password);
$date=round(date("U")/1000);
srand($date);
$thekey=rand(1,100000000);
$thekey=md5($thekey);
$SQL = "INSERT into km_users(playername, password, skillpts, email, validated, validkey) VALUES ('$player','$password', '5', '$email','0','$thekey')";
mysql_query($SQL) or die("could not register");
mail("$email","Your Kill Monster Activation key","Paste the URL to activate your account. $path/activate.php?player=$player&password=$password&keynode=$thekey");
print "registration successful. You have been sent an activation key.<br>";
print "Click here to <A href='login.php'>Login</a>";
}
}
}

else
{
print "You suck, your passwords didn't match or you did not enter a password";
}
?>

idk i finally got my connect.php fixed and then this error message shows up

could not query player tables

wow i feel so stupid help would be appreciated

planetsim

try adding mysql_error() onto that or die statement, and please use [php][/php] tags around your PHP code in future.

Sergeant

<?php 
include "connect.php"; 
$path="path/to/killmonster"; 
$player=$_POST['player']; 
$password=$_POST['password']; 
$pass2=$_POST['pass2']; 
$player=strip_tags($player); 
$email=$_POST['email']; 
$email=strip_tags($email); 
if ($password==$pass2) 
{ 

$isplayer="SELECT * from km_users where playername='$player'"; 
$isplayer2=mysql_query($isplayer) or die("could not query player tables"); 
$isplayer3=mysql_fetch_array($isplayer2); 
if(!$_POST['password'] || !$_POST['pass2']) 
{ 
print "You did not enter a password"; 
} 
else if($isplayer3 || strlen($player)>15 || strlen($player)<1) 
{ 
print "There is already a player of that name or the name you specified is over 15 letters or less than 1 letter"; 
} 
else 
{ 
$isaddress="SELECT * from km_users where email='$email'"; 
$isaddress2=mysql_query($isaddress) or die("not able to query for password"); 
$isaddress3=mysql_fetch_array($isaddress2); 
if($isaddress3) 
{ 
print "There is already a player with that e-mail address"; 
} 
else 
{ 
$password=md5($password); 
$date=round(date("U")/1000); 
srand($date); 
$thekey=rand(1,100000000); 
$thekey=md5($thekey); 
$SQL = "INSERT into km_users(playername, password, skillpts, email, validated, validkey) VALUES ('$player','$password', '5', '$email','0','$thekey')"; 
mysql_query($SQL) or die("could not register"); 
mail("$email","Your Kill Monster Activation key","Paste the URL to activate your account. $path/activate.php?player=$player&password=$password&keynode=$thekey"); 
print "registration successful. You have been sent an activation key.<br>"; 
print "Click here to <A href='login.php'>Login</a>"; 
} 
} 
} 

else 
{ 
print "You suck, your passwords didn't match or you did not enter a password"; 
} 
?>

ok sorry but i dont understand where to put that if you would please explain or show me

Sergeant

someone please reply and help i need this script to work i dont understand what planetsim said to do

jansky

could you show us the script in connect.php
and as what planetism mention or die (mysql_error());

$isaddress2=mysql_query($isaddress) or die(mysql_error()."not able to query for password");

Sergeant

<?php
parse_str("$QUERY_STRING");

$dbh=mysql_connect ("localhost", "shdw_shdw", "******") or die ('I cannot connect to the database because: ' . mysql_error());
mysql_select_db ("shdw_data"); 
if(!get_magic_quotes_gpc()) 
{
  $_GET = array_map('mysql_real_escape_string', $_GET); 
  $_POST = array_map('mysql_real_escape_string', $_POST); 
  $_COOKIE = array_map('mysql_real_escape_string', $_COOKIE);
}
else
{  

   $_GET = array_map('stripslashes', $_GET); 
   $_POST = array_map('stripslashes', $_POST); 
   $_COOKIE = array_map('stripslashes', $_COOKIE);
   $_GET = array_map('mysql_real_escape_string', $_GET); 
   $_POST = array_map('mysql_real_escape_string', $_POST); 
   $_COOKIE = array_map('mysql_real_escape_string', $_COOKIE);
}
?>

is this what you want

jansky

here try this in your connect.php

mysql_select_db ("shdw_data") or die("Error in selecting table ". mysql_error());

Sergeant

ok my database is connecting fin its my

Parse error: parse error, unexpected T_STRING in /home/shdw/public_html/reguser.php on line 15

error that im trying fix now and from what i can see and everyone ive had look at it my register.php is fine

<?php 
include "connect.php"; 
$path="path/to/killmonster"; 
$player=$_POST['player']; 
$password=$_POST['password']; 
$pass2=$_POST['pass2']; 
$player=strip_tags($player); 
$email=$_POST['email']; 
$email=strip_tags($email); 
if ($password==$pass2) 
{ 

$isplayer="SELECT * from km_users where playername='$player'"; 
$isplayer2=mysql_query($isplayer) or die("could not query player tables"); 
$isplayer3=mysql_fetch_array($isplayer2); 
if(!$_POST['password'] || !$_POST['pass2']) 
{ 
print "You did not enter a password"; 
} 
else if($isplayer3 || strlen($player)>15 || strlen($player)<1) 
{ 
print "There is already a player of that name or the name you specified is over 15 letters or less than 1 letter"; 
} 
else 
{ 
$isaddress="SELECT * from km_users where email='$email'"; 
$isaddress2=mysql_query($isaddress) or die("not able to query for password"); 
$isaddress3=mysql_fetch_array($isaddress2); 
if($isaddress3) 
{ 
print "There is already a player with that e-mail address"; 
} 
else 
{ 
$password=md5($password); 
$date=round(date("U")/1000); 
srand($date); 
$thekey=rand(1,100000000); 
$thekey=md5($thekey); 
$SQL = "INSERT into km_users(playername, password, skillpts, email, validated, validkey) VALUES ('$player','$password', '5', '$email','0','$thekey')"; 
mysql_query($SQL) or die("could not register"); 
mail("$email","Your Kill Monster Activation key","Paste the URL to activate your account. $path/activate.php?player=$player&password=$password&keynode=$thekey"); 
print "registration successful. You have been sent an activation key.<br>"; 
print "Click here to <A href='login.php'>Login</a>"; 
} 
} 
} 

else 
{ 
print "You suck, your passwords didn't match or you did not enter a password"; 
} 
?>