|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2007-08-14 20:19 UTC] jani@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Sat Dec 06 04:00:01 2025 UTC |
Description: ------------ dont run Reproduce code: --------------- <?php if(ereg("^([a-zA-Z0-9_-])*$", $_POST['account']) && ereg("^([a-zA-Z0-9_-])*$", $_POST['password']) && ereg("^([a-zA-Z0-9_-])*$", $_POST['password2'])) { if ($page="index.php" && $_POST['account'] && strlen($_POST['account'])<16 && strlen($_POST['account'])>3 && $_POST['password'] && $_POST['password2'] && $_POST['password']==$_POST['password2']) { $check=mysql_query("select * from accounts where login='".$_POST['account']."'"); $check1=mysql_num_rows($check); if($check1>0) { echo "<p clss='error'><b>Failed to register : an account already excist .</b></p>"; } else { mysql_query("INSERT INTO accounts (login, password, access_level) VALUES ('".$_POST['account']."', '".base64_encode(pack('H*', sha1($_POST['password'])))."', 0)", $link); mysql_close($link); print '<p class="error"><b>Registration over successful </b></p>'; } } else { print '<p class="error"><b> </b></p>'.mysql_error(); } } else { echo "Restrictions have not been tested for safety. Please try to sign up with another username and password."; } ?> Expected result: ---------------- Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in \insert.php on line 7 Registration over successful Actual result: -------------- a