<?php

$errorMsg = "";
// First we check to see if the form has been submitted
if (isset($_POST['username'])){
//Connect to the database through our include
include_once "connect_to_mysql.php";
// Filter the posted variables
$username = $_POST['username'];
$address = $_POST['address'];
$phone = $_POST['phone'];
$specials = $_POST['specials'];
$country = ereg_replace("[^A-Z a-z0-9]", "", $_POST['country']); // filter everything but spaces, numbers, and letters
$state = ereg_replace("[^A-Z a-z0-9]", "", $_POST['state']); // filter everything but spaces, numbers, and letters
$city = ereg_replace("[^A-Z a-z0-9]", "", $_POST['city']); // filter everything but spaces, numbers, and letters
$accounttype = ereg_replace("[^a-z]", "", $_POST['accounttype']); // filter everything but lowercase letters
$email = stripslashes($_POST['emailsu']);
$email = strip_tags($email);
$email = mysql_real_escape_string($email);
$password = ereg_replace("[^A-Za-z0-9]", "", $_POST['passwordsu']); // filter everything but numbers and letters
// Check to see if the user filled all fields with
// the "Required"(*) symbol next to them in the join form
// and print out to them what they have forgotten to put in
if((!$username) || (!$email) || (!$password)){

$errorMsg = "You did not submit the following required information!<br /><br />";
if(!$username){
$errorMsg .= "--- User Name";
} else if(!$email){
$errorMsg .= "--- Email Address";
} else if(!$password){
$errorMsg .= "--- Password";
}
} else {
// Database duplicate Fields Check
$sql_username_check = mysql_query("SELECT id FROM members_now WHERE username='$username' LIMIT 1");
$sql_email_check = mysql_query("SELECT id FROM members_now WHERE email='$email' LIMIT 1");
$username_check = mysql_num_rows($sql_username_check);
$email_check = mysql_num_rows($sql_email_check);
if ($username_check > 0){
$errorMsg = "<u>ERROR:</u><br />Your User Name is already in use inside our system. Please try another.";
} else if ($email_check > 0){
$errorMsg = "<u>ERROR:</u><br />Your Email address is already in use inside our system. Please try another.";
} else {
// Add MD5 Hash to the password variable
$hashedPass = md5($password);
// Add user info into the database table, claim your fields then values
$sql = mysql_query("INSERT INTO members_now (username, country, state, city, email, password, signupdate, phone, address)
VALUES('$username','$country','$state','$city','$email','$hashedPass', now(), '$phone', '$address')") or die (mysql_error());
// Get the inserted ID here to use in the activation email
$id = mysql_insert_id();
// Create directory(folder) to hold each user files(pics, MP3s, etc.)
mkdir("memberFiles/$id", 777);
// Change this to your site admin email
$from = "info@tommynow.com";
$subject = "New TommyNow User";
//Begin HTML Email Message where you need to change the activation URL inside
$message = '<html>
<body>
New User ' . $username . '<br />
' . $phone . '<br />
' . $address . '<br />
' . $city . '<br />
' . $state . '<br />
' . $email . '<br />
<br /><br />
You must complete this step to activate this account.
<br /><br />
Please click here to activate now &gt;&gt;
<a href="http://www.Tommynow.com/activation.php?id=' . $id . '">
ACTIVATE NOW</a>
<br /><br />
Thanks!
</body>
</html>';
// end of message
$headers = "From: $from\r\n";
$headers .= "Content-type: text/html\r\n";

// Finally send the activation email to the member
mail($email, $subject, $message, $headers);
// Then print a message to the browser for the joiner
print "<br /><font size='+2' color: '#18EE77' >Thank You $username for signing up to be a member of Tommynow.com. <p>Check your email for account activation.<br /> Thanks Again!</p></font> </td>
</tr>
</table>
<p>&nbsp;</p><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br />
</div>
</table></td>
</tr>
</table> <br /><br /><br /><br /><br /></td>
<td><br /></td>
</tr>
<tr> </tr>
</table></div><table width='100%' border='0' align='center'>
<tr>
<td>
<div align='center'>
<br />
<br /><br />
<font size='+5'>Copyright &copy;2012-TommNow.com&nbsp; &nbsp;&nbsp; | &nbsp;&nbsp;
<!-- Please do not remove Core link -->
Powered By: </font><a href='http://www.TommyNow.com' target='_blank'>TommyNow.com</a>
<!-- End Please do not remove Core link -->
</div>
</td>
</tr>
</table>
</body>
</html>";
exit(); // Exit so the form and page does not display, just this success message
} // Close else after database duplicate field value checks
} // Close else after missing vars check
} //Close if $_POST
?>