Need Web Help!

Greetings, i need some help from you to upgrade my register script.

What i want it to do.

After you click register, to check for existing username/email, if ok proceed to next step.

Next step, is a bridge to mybb, the account gets inserted into mybb_awaitingactication.

A mail gets send to user, with activation link, after its activated to be mvoed in mybb_users and auth.account.

Can you guys give a help @ php code?

Here is my config.

<?php // MySQL Host IP $dbhost = 'localhost'; // MySQL Username $dbuser = 'root'; // MySQL Password $dbpassword = 'xxx'; // Account Database $logondb = 'auth'; // Forum Database $forumdb= 'forum'; // Error Message $errormsg="There was an error creating your account"; // Succes Message $succesmsg="Your account has succesfully been created!"; ?>

and here is my register script witch i found it somehwere around the internet, i dont remember where.

<?php function Reg() { if (isset($_POST['reg'])==true) { require_once('config.php'); $user = $_POST['username']; $pass = sha1(strtoupper($user.':'.$_POST['password'])); $email = $_POST['email']; $con = mysql_connect($dbhost, $dbuser, $dbpassword); if (!$con) { die('Could not connect!'); } else { mysql_select_db("$logondb", $con); $sql="INSERT INTO account (username, sha_pass_hash, email) VALUES ('$user','$pass','$email')"; if (!mysql_query($sql,$con)) { die('There was an error creating your account.Username or Email already Exists.'); } echo $succesmsg; mysql_close($con); } } else { ?> Username:






Please help me with php code.


[ul][li]Don’t bump topics you made on the same day. Matter of fact, don’t bump at all. If someone wants to help you, they will.[/li][li]Your code is riddled with SQL injection vulnerability. My advice (instead of linking that to a DB) is to throw it out and get someone who knows what they are doing, or you risk data loss.[/li][li]I very seriously doubt someone is interested in helping you with all of this, considering you have very little done, and what you do have is very poor. If you are willing to pay for this to be done, PM me and I might help you out.[/li][li]If you aren’t willing to pay, I suggest you keep searching. That or learn PHP. Learn PDO as well.[/li][/ul]



Irish Spring? /emoticons/default_tongue.png

I believe the Shadez Armory original, which has (or used to anyway) a registration, is vulnerable too…but if you don’t care, it’s at

Yeah, like Paradox said it, use SOAP to do you register.
Account register isn’t any more only an insert to account table.

Just pointing out that this topic is 2 months old. He’s probably not coming back.

Maybe he used SOAP and figured it out.

One can only hope. /emoticons/default_smile.png