Desculpa pela demora galera, so que não sou eu que estou fazendo o site, é um colega meu.. Script: <html> <head> <title>PornGunz - Registration</title> <style> body { color: #003300; font-family: Verdana, Arial, Serif; font-size: 10pt; } input { border: 1px solid #003300; color: #003300; background: #DDDDDD; font-family: Verdana, Arial, Serif; font-size: 10pt; } tr { font-size: 10pt; } a:link { text-decoration: none; color: #003300; } a:visited { text-decoration: none; color: #003300; } a:active { text-decoration: none; color: #003300; } a:hover { text-decoration: none; color: #FF6600; } </style> </head> <body> <div align="center"> <?php $srvip = "gunz.servegame.com"; $srvport = "6000"; $mssql_user = ""; $mssql_pass = ""; $mssql_database = "GunzDB"; $mssql_host = "JOAO\SQLEXPRESS"; $conn = mssql_connect($mssql_host, $mssql_user, $mssql_pass); mssql_select_db($mssql_database); ?> <FORM METHOD=POST ACTION="<?php echo $_SERVER['PHP_SELF']; ?>?act=register"> <table cellspacing=0 border=0> <tr> <td colspan=2 style="border: 1px solid #003300; background: #DDDDDD;"><CENTER> <A HREF="#">Porn Gunz Registration</A> </CENTER></td> </tr> <tr> <td style="border-left: 1px solid #003300"> Login ID:</td> <td style="border-right: 1px solid #003300"><input type="text" name="login" ></td> </tr> <tr> <td style="border-left: 1px solid #003300"> Password:</td> <td style="border-right: 1px solid #003300"><INPUT TYPE="password" NAME="senha1"> </td> </tr> <tr> <td style="border-left: 1px solid #003300"> Confirm Password: </td> <td style="border-right: 1px solid #003300"><INPUT TYPE="password" NAME="senha2"> </td> </tr> <tr> <td style="border-left: 1px solid #003300"> E-mail:</td> <td style="border-right: 1px solid #003300"><INPUT TYPE="text" NAME="email"> </td> </tr> <tr> <td style="border: 1px solid #003300; border-top: 0px;" colspan=2><CENTER><INPUT NAME="Cadastrar" VALUE="Register!" TYPE="submit"></CENTER></td> </tr> </table> </FORM> <?php if ($_GET['act'] == 'register') { $user = anti_injection($_POST['login']); $pass1 = anti_injection($_POST['senha1']); $pass2 = anti_injection($_POST['senha2']); $email = anti_injection($_POST['email']); if (valida(Array($user,$pass1,$pass2,$email)) == true) { if ($pass1 == $pass2) { if (ereg("([0-9,a-z,A-Z])", $user)) { if (ereg("^([0-9,a-z,A-Z]+)([.,_]([0-9,a-z,A-Z]+))*[@]([0-9,a-z,A-Z]+)([.,_,-]([0-9,a-z,A-Z]+))*[.]([0-9,a-z,A-Z]){2}([0-9,a-z,A-Z])?$", $email)) { $query = mssql_query("SELECT * FROM Accounts WHERE UserID='$user'"); $num_rows = mssql_num_rows($query); if ($num_rows == 0) { $query = mssql_query("SELECT * FROM Accounts WHERE E_Mail='$email'"); $num_rows = mssql_num_rows($query); if ($num_rows == 0) { $query = mssql_query("INSERT INTO Accounts (UserID, Password, E_Mail) VALUES ('$user','$pass1','$email')"); if (!$query) { echo ":: Error occured! Please try again later. ::<br>"; } else { echo ":: Congratulations! The registration had completed successfully! ::<br>"; } } else { echo ":: E-mail in use. ::<br>"; } } else { echo ":: Login ID in use, please try again. ::<br>"; } } else { echo ":: Invalid E-mail. ::<br>"; } } else { echo ":: Only use NUMBERS and LETTERS in Login ID! ::<br>"; } } else { echo ":: The Password you typed DOESN't MATCH! ::<br>"; } } } $query = mssql_query("SELECT * FROM Accounts"); $num_rows = mssql_num_rows($query); echo "Total Accounts: ".$num_rows."<br>"; echo "<br><B>Your server is:</B> "; $fp = @fsockopen($srvip, $srvport, $errno, $errstr, 1); if (!$fp) { echo "<font style='color: #FF3300'><B>Offline</B></font></br>"; } else { echo "<font style='color: #009933'><B>Online</B></font></br>"; fclose($fp); } // Função Anti Injection function anti_injection($sql) { $sql = preg_replace(sql_regcase("/(from|select|insert|delete|where|drop table|show tables|#|\*|--|\\\\)/"),"",$sql); $sql = trim($sql); $sql = strip_tags($sql); $sql = addslashes($sql); return $sql; } // Verificar Campos Vazios function valida($campos){ foreach($campos as $c){ if(empty($c)){ echo ":: Preencha todos os campos ::<br>"; return false; }else{ return true; } } } ?> </div> </body> </html>[/codebox]
