Can you see anything wrong with this script?
<?php
mysql_connect("myhost","myuser","mypass");
mysql_select_db("mydatabase");
$password1 = $_POST["password1"];
$password2 = $_POST["password2"];
echo "$password1<br>";
$username = $_POST["username"];
echo "$username";
$query = "SELECT * FROM `table` WHERE username = '$username' ";
$result = mysql_query($query);
$num = mysql_num_rows($result);
if ($num == 0)
{
$pass = 1;
}
else
{
echo "An user <b>$username</b> already exists. Sorry";
$pass = 0;
}
$query = "INSERT INTO 'table'('username', 'password') VALUES ('$username', '$password1')";
if ($password1 == $password2 && $password1 != "" && $password1 != " " && $pass == 1)
{
mysql_query($query);
echo "Query OK, The user $username has been added to the database.";
}
else
{
echo "The passwords do not match or the delivered password was an empty string or a space character.";
}
?>
|