process(trim($_POST['password1'])); $password2 = $filterObj->process(trim($_POST['password2'])); $username = $filterObj->process(trim($_POST['newUsername'])); $userEmail = $filterObj->process(trim($_POST['userEmail'])); if ( $username == '' ) $err = 1; elseif ( !preg_match('/^[a-zA-Z0-9_]*$/', $username) ) $err = 1; elseif ( preg_match('/^[_]*$/', $username) ) $err = 1; elseif ( check_field_exists($username, 'username', 'signup') == 1 ) $err = 1; elseif ( $password1 == '' ) $err = 1; elseif ( $password1 != $password2 ) $err = 1; if ($err==1){ $_SESSION['err_signup']=true; echo $_SESSION['err_signup']; } if ( $err == '' ) { $username = mysql_real_escape_string($username); $passwd = mysql_real_escape_string(md5($password1)); $sql = "insert into signup set username='" .$username. "', pwd='" .$passwd. "',email='".$userEmail."'"; $conn->execute($sql); $userid = mysql_insert_id(); $_SESSION['UID'] = $userid; $_SESSION['USERNAME'] = $_REQUEST['username']; $_SESSION['PASSWORD'] = $password; header("Location:/"); } } STemplate::display('header.tpl'); STemplate::display('signup.tpl'); STemplate::display('footer.tpl'); STemplate::gzip_encode(); ?>