1
고객을 등록 할 때 주소가 필요하지만 'houseno', 'addressa', 'addressb', 'addressc', 'county' 다른 정보를 삽입하는 동안 고객이내 고객 정보의 일부가 데이터베이스에 삽입되고 일부는
<?php
echo "<h2>Register</h2>";
$submit = $_POST['register'];
//form data
$fullname = mysql_real_escape_string(htmlentities(strip_tags($_POST['fullname'])));
$username = strtolower(mysql_real_escape_string(htmlentities(strip_tags($_POST['username']))));
$password = mysql_real_escape_string(htmlentities(strip_tags($_POST['password'])));
$repeatpassword = mysql_real_escape_string(htmlentities(strip_tags($_POST['repeatpassword'])));
$email = mysql_real_escape_string(htmlentities(strip_tags($_POST['email'])));
$houseno = mysql_real_escape_string(htmlentities(strip_tags($_POST['houseno'])));
$addressa = mysql_real_escape_string(htmlentities(strip_tags($_POST['addressa'])));
$addressb = mysql_real_escape_string(htmlentities(strip_tags($_POST['addressb'])));
$addressc = mysql_real_escape_string(htmlentities(strip_tags($_POST['addressc'])));
$county = mysql_real_escape_string(htmlentities(strip_tags($_POST['county'])));
$state = mysql_real_escape_string(htmlentities(strip_tags($_POST['state'])));
$country = mysql_real_escape_string(htmlentities(strip_tags($_POST['country'])));
$accept = mysql_real_escape_string(htmlentities(strip_tags($_POST['accept'])));
if ($submit)
{
$namecheck = mysql_query("SELECT username FROM reusers WHERE username='$username'");
$count = mysql_num_rows($namecheck);
if($count!=0)
{
die("Username already taken!");
}
//check for registration form details
if ($fullname&&$username&&$password&&$repeatpassword&&$email&&$houseno&&$addressa&&$county&&$state&&$country)
{
if($accept == 1)
{
if ($password==$repeatpassword)
{
//check char lenght of username and fullname
if (strlen($username)>25||strlen($fullname)>25)
{
echo "Lenght of username or fullname is too long";
}
else
{
//check password length
if(strlen($password)>25||strlen($password)<6)
{
echo"Password must be between 6 and 25 characters";
}
else
{
//check password length
$emailcheck = mysql_query("SELECT email FROM reusers WHERE email='$email'");
$ecount = mysql_num_rows($emailcheck);
if($ecount!=0)
{
echo"email already registered Please sign in into your account to continue";
}
else
{
//generate random code
$code = rand(11111111,99999999);
//send activation email
$to = $email;
$subject = "Activate your account";
$headers = "From: [email protected]";
$body = " Hello $fullname,\n\nUsername $username,\n\n Password $password ,\n\nYou registered and need to activate your account. Click the link below or paste it into the URL bar of your browser\n\nhttp://reacheasy.co.uk/activate.php?code=$code\n\nThanks!";
if (!mail($to,$subject,$body,$headers))
echo "We couldn't sign you up at this time. Please try again later.";
else
{
//register the user!
//encript password
$password = md5($password);
$repeatpassword = md5($repeatpassword);
$queryreg = mysql_query("
INSERT INTO reusers VALUES ('','$fullname','$username','$password','$email','$code','0','houseno','addressa','addressb','addressc','county','state','country')
");
die("You have been registered successfully! Please check your email ($email) to activate your account<a href='index.php'>Return to login page</a>");
}
}
}
}
}
else
echo"Your passwords do not match!";
}
else
echo"Please read and accept Terms and Conditions before registering!";
}
else
echo "Please fill in <b>all</> fields!";
}
?>
</div>
<p>
<form action='reregister.php' method='Post' class='rl'>
<div>
<label for='fullname' class='fixedwidth'>Your full name*</label>
<input type='text' name='fullname' id='username' value='<?php echo $fullname; ?>'/>
</div>
<div>
<label for='username' class='fixedwidth'>Choose a user name*</label>
<input type='text' name='username' id='username' value='<?php echo $username; ?>'/>
</div>
<div>
<label for='password' class='fixedwidth'>Choose a password*</label>
<input type='password' name='password' id='password'/>
</div>
<div>
<label for='repeatpassword' class='fixedwidth'>Repeat your password*</label>
<input type='password' name='repeatpassword' id='repeatpassword'/>
</div>
<div>
<label for='email' class='fixedwidth'>E-mail*</label>
<input type='text' name='email' id='email'/>
</div>
<h2>Personal details</h2>
<div>
<label for='houseno' class='fixedwidth'>HOUSE NAME/NO*</label>
<input type='text' name='houseno' id='houseno' value='<?php echo $houseno; ?>' />
</div>
<div>
<label for='addressa' class='fixedwidth'>ADDRESS LINE 1*</label>
<input type='text' name='addressa' id='addressa' value='<?php echo $addressa; ?>' />
</div>
<div>
<label for='addressb' class='fixedwidth'>ADDRESS LINE 2</label>
<input type='text' name='addressb' id='addressb' value='<?php echo $addressb; ?>' />
</div>
<div>
<label for='addressc' class='fixedwidth'>ADDRESS LINE 3</label>
<input type='text' name='addressc' id='addressc' value='<?php echo $addressc; ?>' />
</div>
<div>
<label for='county' class='fixedwidth'>COUNTY/LGA*</label>
<input type='text' name='county' id='county' value='<?php echo $county; ?>' />
</div>
<div>
<label for='state' class='fixedwidth'>STATE*</label>
<input type='text' name='state' id='state' value='<?php echo $state; ?>' />
</div>
<div>
<label for='country' class='fixedwidth'>COUNTRY*</label>
<input type='country' name='country' id='country' value='<?php echo $country; ?>' />
</div>
<div>
<input name="accept" type="checkbox" class="tickbox" value="1" />
<a href="termsandcondition.php">Terms and Conditions</a>
</div>
<div class='buttonarea'>
<p>
<input type='submit' name='register' value='Register'>
</p>
</div>
</p>
</form>
</div>
</div>
변경해야합니다 귀하의 SQL 쿼리에 $의 몇 가지가 필요합니다 생각 수동으로 탈출하는 많은 사용자 입력과 가장 중요한, 머리통 –