<?php
$ps_loginname = stripslashes($_POST['ps_loginname']);
$ps_name = stripslashes($_POST['ps_loginname']);
$ps_email = stripslashes($_POST['ps_email']);
$ps_person_id = stripslashes($_POST['ps_person_id']);
$ps_password = stripslashes($_POST['ps_password']);
$ps_repassword = stripslashes($_POST['ps_repassword']);
$ps_recquest = stripslashes($_POST['ps_recquest']);
$ps_recans = stripslashes($_POST['ps_recans']);
$verifyinput2 = stripslashes($_POST['verifyinput2']);
$country = 'Bulgaria';
$gender = 'male';
$date = date('m/d/Y');
if ((eregi("[^a-zA-Z0-9_-]", ps_loginname)) || (eregi("[^0-9.]", $ps_person_id)) || (eregi("[^0-9.]", $verifyinput2)) || (eregi("[^a-zA-Z0-9\.@_-]", $ps_email)) || (eregi("[^a-zA-Z0-9_-]", $ps_name)) || (eregi("[^a-zA-Z0-9_-]", $ps_recans)) || (eregi("[^a-zA-Z0-9_-]", $ps_recquest)) || (eregi("[^a-zA-Z0-9_-]", $ps_password)) || (eregi("[^a-zA-Z0-9_-]", $ps_repassword)))
{
echo("SQL Injection Detected");
exit();
}
require("config.php");
if ($_SESSION['image_random_value'] != md5($verifyinput2)){
$error= 1;
show_error("$warning_start Please Go Back And Write Code Correctly! $warning_end");
}
else{
$sql_email_check = mssql_query("SELECT mail_addr FROM MEMB_INFO WHERE mail_addr='$ps_email'");
$sql_username_check = mssql_query("SELECT memb___id FROM MEMB_INFO WHERE memb___id='$ps_loginname'");
$email_check = mssql_num_rows($sql_email_check);
$username_check = mssql_num_rows($sql_username_check);
if (empty($ps_loginname) || empty($ps_email) || empty($ps_person_id) || empty($ps_password) || empty($ps_repassword) || empty($ps_recquest) || empty($ps_recans) ) {
echo "Error: Some fields were left blank. Please go back and try again."; $Error=1;
}
elseif (($email_check > 0) || ($username_check > 0)){
if($email_check > 0){
show_error("$warning_start E-Mail Is Already In Use, Please Choose Another! $warning_end");
$Error=1;
$Error=1;
}
if ($username_check > 0){
show_error("$warning_start Account Is Already In Use, Please Choose Another! $warning_end");
$Error=1;
$Error=1;
}
}
if ($Error!=1){
if($muweb['md5'] == 0){
$msquery2 = "SET IDENTITY_INSERT MEMB_INFO ON";
$msquery3 = $db->Execute("INSERT INTO MEMB_INFO (memb___id,memb__pwd,memb_name,sno__numb,mail_addr,appl_days,modi_days,out__days,true_days,mail_chek,bloc_code,ctl1_code,memb__pwd2,fpas_ques,fpas_answ,country,gender) VALUES (?,?,'MuWeb',?,?,$date,$date,'2005-01-03','2005-01-03','1','0','0',?,?,?,?,?)",array($ps_loginname,$ps_password,$ps_person_id,$ps_email,$ps_password,$ps_recquest,$ps_recans,$country,$gender));
$msquery4 = "INSERT INTO VI_CURR_INFO (ends_days,chek_code,used_time,memb___id,memb_name,memb_guid,sno__numb,Bill_Section,Bill_value,Bill_Hour,Surplus_Point,Surplus_Minute,Increase_Days ) VALUES ('2005','1',1234,'$ps_loginname','$ps_name',1,'7','6','3','6','6','2003-11-23 10:36:00','0' )";
$msresults= mssql_query($msquery2);
$msresults= mssql_query($msquery4);
}
elseif($muweb['md5'] == 1){
$insert_account = $db->Execute("INSERT INTO MEMB_INFO (memb__pwd,memb_name,sno__numb,mail_addr,appl_days,modi_days,out__days,true_days,mail_chek,bloc_code,ctl1_code,memb__pwd2,fpas_ques,fpas_answ,country,gender) VALUES ([dbo].[fn_md5](?,?),'MuWeb',?,?,$date,$date,'2005-01-03','2005-01-03','1','0','0',?,?,?,?,?)",array($ps_loginname,$ps_password,$ps_loginname,$ps_person_id,$ps_email,$ps_password,$ps_recquest,$ps_recans,$country,$gender));
}
show_error("$ok_start Your Account Has Been Created SuccesFully! $ok_end");
}
}
?>