PHP登录系统代码编辑

I have implemented this login system on my website: http://tutorialzine.com/2009/10/cool-login-system-php-jquery/

I am new to php so my question is, when a user registers with a username and email address, how can display that username that choose in the email. Right now im only sending them their password.

Also, how can I check that when a user tries to sign up for an account, that email address they put in is not already used up for an account? Right now when you sign up for an account that already has a account before, the system just assigns that email address a new password and the old password doesn't work.

<?php

define('INCLUDE_CHECK',true);

require 'connect.php';
require 'functions.php';
// Those two files can be included only if INCLUDE_CHECK is defined


session_name('tzLogin');
// Starting the session

session_set_cookie_params(2*7*24*60*60);
// Making the cookie live for 2 weeks

session_start();

if($_SESSION['id'] && !isset($_COOKIE['tzRemember']) && !$_SESSION['rememberMe'])
{
    // If you are logged in, but you don't have the tzRemember cookie (browser restart)
    // and you have not checked the rememberMe checkbox:

    $_SESSION = array();
    session_destroy();

    // Destroy the session
}


if(isset($_GET['logoff']))
{
    $_SESSION = array();
    session_destroy();

    header("Location: DownloadLinks.php");
    exit;
}

if($_POST['submit']=='Login')
{
    // Checking whether the Login form has been submitted

    $err = array();
    // Will hold our errors


    if(!$_POST['username'] || !$_POST['password'])
        $err[] = 'All the fields must be filled in!';

    if(!count($err))
    {
        $_POST['username'] = mysql_real_escape_string($_POST['username']);
        $_POST['password'] = mysql_real_escape_string($_POST['password']);
        $_POST['rememberMe'] = (int)$_POST['rememberMe'];

        // Escaping all input data

        $row = mysql_fetch_assoc(mysql_query("SELECT id,usr FROM tz_members WHERE usr='{$_POST['username']}' AND pass='".md5($_POST['password'])."'"));

        if($row['usr'])
        {
            // If everything is OK login

            $_SESSION['usr']=$row['usr'];
            $_SESSION['id'] = $row['id'];
            $_SESSION['rememberMe'] = $_POST['rememberMe'];

            // Store some data in the session

            setcookie('tzRemember',$_POST['rememberMe']);
        }
        else $err[]='Wrong username and/or password!';
    }

    if($err)
    $_SESSION['msg']['login-err'] = implode('<br />',$err);
    // Save the error messages in the session

    header("Location: DownloadLinks.php");
    exit;
}
else if($_POST['submit']=='Register')
{
    // If the Register form has been submitted

    $err = array();

    if(strlen($_POST['username'])<4 || strlen($_POST['username'])>32)
    {
        $err[]='Your username must be between 3 and 32 characters!';
    }

    if(preg_match('/[^a-z0-9\-\_\.]+/i',$_POST['username']))
    {
        $err[]='Your username contains invalid characters!';
    }

    if(!checkEmail($_POST['email']))
    {
        $err[]='Your email is not valid!';
    }

    if(!count($err))
    {
        // If there are no errors

        $pass = substr(md5($_SERVER['REMOTE_ADDR'].microtime().rand(1,100000)),0,6);
        // Generate a random password

        $_POST['email'] = mysql_real_escape_string($_POST['email']);
        $_POST['username'] = mysql_real_escape_string($_POST['username']);
        // Escape the input data


        mysql_query("   INSERT INTO tz_members(usr,pass,email,regIP,dt)
                        VALUES(

                            '".$_POST['username']."',
                            '".md5($pass)."',
                            '".$_POST['email']."',
                            '".$_SERVER['REMOTE_ADDR']."',
                            NOW()

                        )");

        if(mysql_affected_rows($link)==1)
        {

         require_once "Mail.php";

 $from = "Mail <mail@mail.com>";
 $to = $_POST['email'];
 $subject = "Registration System- Your New Password";


 $body = "Thank you for registering 
 You username is: $usr $_SESSION[usr]
 Your password is: $pass 
 Please login with your registered email and password";

 $host = "mail.host.com";
 $username = "username";
 $password = "password";

 $headers = array ('From' => $from,
   'To' => $to,
   'Subject' => $subject);
 $smtp = Mail::factory('smtp',
   array ('host' => $host,
     'auth' => true,
     'username' => $username,
     'password' => $password));

 $mail = $smtp->send($to, $headers, $body);

        if (PEAR::isError($mail)) {
   echo("<p>" . $mail->getMessage() . "</p>");
  } else {
   $_SESSION['msg']['reg-success']='We sent you an email with your new password! Check your junk/spam too!';}

        }

        else $err[]='This username is already taken!';
    }

    if(count($err))
    {
        $_SESSION['msg']['reg-err'] = implode('<br />',$err);
    }   

    header("Location: DownloadLinks.php");
    exit;
}

$script = '';

if($_SESSION['msg'])
{
    // The script below shows the sliding panel on page load

    $script = '
    <script type="text/javascript">

        $(function(){

            $("div#panel").show();
            $("#toggle a").toggle();
        });

    </script>';

}
?>