Indie-Resource.com

<?php
include 'connect.php';

?>

<form method ="post" action="reguser.php">
Type Username Here: <input type="text" name="player" size="21"><br>
Type Password Here: <input type="text" name="password" size "15"><br>
ReType Password Again: <input type="text" name="pass2" size "15"><br>
Type Email Address: <input type="text" name="email" size "60"><br>

<input type="submit" value="submit">

<form method="POST" action="authenticate.php">
Username <input type="text" name="player" size="21">
Password <input type="text" name="password" size="21" mask="p">
<br>
<input type="submit" name="submit">

<?php
include_once 'connect.php';
session_start();

if (isset($_POST['submit']))
{
$player=$_POST['player'];
$password=$_POST['password'];
$player=strip_tags($player);
$password=strip_tags($password);
$password=md5($password);

$query = "select name,password from players where name='$player' and password='$password'";
$result = mysql_query($query) or die("Could not query players");
$result2 = mysql_fetch_array($result);
if ($result2)
{
$_SESSION['player']=$player;

echo "<big>Logged in successfully<br>";
echo "<A href='battle.php'>Continue</a></big>";
}
else
{
echo "<big>Wrong username or password.<A href='login.php'>Try Again</a></big>";
}
}
?>

<?php
include 'connect.php';
?>

<?php
$player=$_POST['player'];
$password=$_POST['password'];
$pass2=$_POST['pass2'];
$player=strip_tags($player);
$email=$_POST['email'];
$email=strip_tags($email);

if ($email == "")
{
echo "You didn't enter a email address!<br>";
echo " <A href='register.php'>Go back</a>";
exit;
}
if ($password==$pass2)
{

$isplayer="SELECT * from players where name='$player'";
$isplayer2=mysql_query($isplayer) or die("Could not query players table");
$isplayer3=mysql_fetch_array($isplayer2);

if(!$_POST['password'] || !$_POST['pass2'])
{
print "You did not enter a password<br>";
echo " <A href='register.php'>Go back</a>";
exit;
}
else if($isplayer3 || strlen($player)>21 || strlen($player)<1)
{
print "There is already a player of that name or the name you specified is over 16 letters or less than 1 letter";
echo " <A href='register.php'>Go back</a><br>";
exit;
}
else
{
$isaddress="SELECT * from players where email='$email'";
$isaddress2=mysql_query($isaddress) or die("not able to query for password");
$isaddress3=mysql_fetch_array($isaddress2);
if($isaddress3)
{
print "There is already a player with that e-mail address";
echo " <A href='register.php'>Go back</a><br>";
exit;
}
else
{
$password=md5($password);

$SQL = "INSERT into players(name, password, email, level, exper, attack, defense, hpoints, maxhp) VALUES ('$player','$password','$email','1','0','5','5','30',)";
mysql_query($SQL) or die("could not register");

print "Thank you for registering!";

}
}
}

else
{
print "Your password didn't match or you did not enter a password";
echo " <A href='register.php'>Go back</a><br>";
exit;
}
echo " <A href='login.php'>Login Page</a><br>";
?>