The script first checks to see if the form has been submitted:

if(isset($_POST['key'])){

If the form has been submitted, then the form data is filtered. The process of filtering starts by checking to see if the submitted form data actually contains any values:

//NEED TO CHECK IF FIELDS ARE FILLED IN

if( empty($_POST['name']) && (empty($_POST['email']))){

print "Please enter your username and email.";

$comb="Please enter your username and email.";

}

First the username and email is checked to see if they contain any values, then the passwords are tested to see if they contain any values:

if( empty($_POST['pw1']) && (empty($_POST['pw2']))){

print "Please enter your password.";

$pw="Please enter your password.";

}

Next, the type of data is tested. We expect only string values for the name, password and email values:

//check that the username and password is string

if( is_numeric($_POST['name']) && (is_numeric($_POST['pw1']))){

print "Please enter a valid username and password.";

$errmsg=" Please enter a valid username and password.";

$error=true;

}

We test the confirmation password to see if it contains a string or integer:  

if( is_numeric($_POST['pw2'])){

print "Please enter a valid confirmation password.";

$errmsg=" Please enter a valid confirmation password.";

$error=true;

}

We then test the email address to see if it has the correct format, and then set the error values accordingly:

//Check if email address has correct format

if(!eregi("^[a-z0-9]+[a-z0-9_-]*(.[a-z0-9_-]+)*@[a-z0-9_-]+(.[a-z0-9_-]+)*.(

[a-z]+){2,}$", $_POST['email'])) {

$errmsg=" Please enter a valid email address.";

$error=true;

}

Using the $error variable, we check to see if everything checks out okay:

if(!$error){

Then we transfer the form variables to shorter variable names:

$name=$_POST['name'];

$email=$_POST['email'];

$pw1=$_POST['pw1'];

$pw2=$_POST['pw2'];