<?php

// here is the code that connects to the database. Note that the username
// and password are "hard-coded".

$username="php"; /* Your MySQL username/password goes here! */
$password="php";
$database="dbintro";

mysql_connect(localhost,$username,$password);
@mysql_select_db($database) or die( "Unable to select database");

// try to create a new record from the submission
$firstname = mysql_real_escape_string($_REQUEST['firstname']);
$lastname =  mysql_real_escape_string($_REQUEST['lastname']);
$username =  mysql_real_escape_string($_REQUEST['username']);
$password= mysql_real_escape_string($_REQUEST['password']);

if ($firstname && $lastname && $username && $password) {

  // here we define the SQL command
  $query = "SELECT * FROM people WHERE Username='$username'";

  // submit the query to the database
  $res=mysql_query($query);

  // make sure it worked!
  if (!$res) {
	mysql_error();
	exit;
  }

  // find out how many records we got
  $num = mysql_numrows($res);
  if ($num>0) {
	echo "<h3>That username is already taken</h3>\n";
	exit;
  }

  // Create the record
  $query = "INSERT INTO people SET FirstName='$firstname', LastName='$lastname', Username='$username', Password='$password'";
  $res = mysql_query($query);
  if (! $res) {
	echo mysql_error();
	exit;
  } else {
	echo "<h3>Account Created</h3>\n";
	$_SESSION['username']=$username;
  }
}
?>

<form>
<table border=0>
<tr> 
  <td>First Name:</td>
  <td><input type=text name=firstname></td>
</tr>

<tr> 
  <td>Last Name:</td>
  <td><input type=text name=lastname></td>
</tr>

<tr> 
  <td>Username:</td>
  <td><input type=text name=username></td>
</tr>

<tr> 
  <td>Password:</td>
  <td><input type=password name=password></td>
</tr>

<tr> 
  <td colspan=2>
   <input type=submit value="Create my account">
  </td>
</tr>
</table>
</form>