Просмотр файла reg.php

Размер файла: 3.28Kb 
<?php
####################
# Автор: [Svig]    #
# ICQ: 563000172   #
####################

$reg = "reg";
if($_GET['page']==$reg)
{
include ("head.php");

echo <<< sss
<div class="nav">
<form action=reg.php?page=add method=post>
Ник: *<br />
<input name="user" maxlength="15" type="text" value=""><br />
Пароль: * <br />
<input name="pass" maxlength="20" type="text" value=""><br />
Имя: *<br />
<input name="name" maxlength="15"type="text" value=""><br />
Пол: <br />
<select size="1" name="pol">
  <option value="Мужской">Мужской</option>
  <option value="Женский">Женский</option>
</select><br />
E-mail:<br />
<input name="email" maxlength="70" type="text" value=""><br />

Введите код:<br />
<img style='margin-top:1px;' src='img/sum.gif'>
<input style='margin-left:6px;' name='pr' type='text' size='5' maxlength='5'><br />


<input type='submit' value='Регистрировать'>
</form>
</div>
<div class="nav">
• <a href="index.php">Назад</a>
</div>
sss;

include ("foot.php");
exit();
}

$add = "add";
if($_GET['page']==$add)
{
include ("conf.php");


$user = htmlspecialchars(mysql_real_escape_string(trim($_POST['user'])));
$pass = htmlspecialchars(mysql_real_escape_string(trim($_POST['pass']))); if ($pass == ''){unset($pass); }
$email = htmlspecialchars(mysql_real_escape_string(trim($_POST['email'])));
$pol = htmlspecialchars(mysql_real_escape_string(trim($_POST['pol'])));
$name = htmlspecialchars(mysql_real_escape_string(trim($_POST['name']))); if ($name == ''){unset($name); }
$pr = htmlspecialchars(mysql_real_escape_string(trim($_POST['pr'])));


$count_users = mysql_result(mysql_query("SELECT COUNT(*) FROM userlist WHERE user='$user'",$db),0);
if ($count_users)
{


include ("head.php");
echo "<div class='nav'>Извините, введённый вами ник уже зарегистрирован. Введите другой ник.</div>";
echo <<<sss
<div class='nav'>
• <a href="reg.php?page=reg">Назад</a>
</div>
sss;
include ("foot.php");
exit();
}
if (isset($user) && isset($pass) && isset($name))
{
if ($pr != 31885) { include ('head.php'); echo "<div class='nav'>Неверный код с картинки!<br /><input name='back' type='button' value='Назад' onclick='javascript:self.back();'></div>"; include ("foot.php"); exit();}
$datereg = date("Y-m-d");
$result = mysql_query("INSERT INTO userlist (user,pass,email,pol,name,datereg,photo) VALUES ('$user','$pass','$email','$pol','$name','$datereg','0')");

if ($result == 'true')
{
include ("head.php");
echo "<div class='nav'>Вы успешно зарегистрировались!</p>";
echo "<b>Ваш ник:</b> ".$user." <br />";
echo "<b>Ваш пароль:</b> ".$pass." <br />";
echo <<<sss
<form name="" action="menu.php" method="get">
<input name="user" type="hidden" value="$user">
<input name="pass" type="hidden" value="$pass">
<input type="submit" value="Войти"></form>
</div>
sss;
include ("foot.php");
exit();
}
}
else
{
include ("head.php");
echo "<div class='nav'>Вы ввели не всю информацию!</div>";
echo <<<sss
<div class='nav'>
• <a href="reg.php?page=reg">Назад</a>
</div>
sss;
include ("foot.php");
exit();
}
}

?>