PHP Login/Register form on the same page...

Hi there,

I have been searching everywhere to try and perfect this form. Originally I could register, but not update a user. Now I can update a user but not register. I cannot remember exactly what I changed to achieve that, but here’s the code I have now:

[code]

<?php //register new user if (isset($_POST['register'])) { $username = $_POST['username']; $pass1 = $_POST['pass1']; $pass2 = $_POST['pass2']; $admin = $_POST['admin']; if($pass1 != $pass2) echo "passwords not match"; if(strlen($username) > 30) echo "username too long"; $hash = hash('sha256', $pass1); $salt = createSalt(); $hash = hash('sha256', $salt . $hash); //sanitize username $username = mysql_real_escape_string($username); $query = "INSERT INTO users ( username, password, salt, admin ) VALUES ( '$username' , '$hash' , '$salt' , '$admin' );"; mysql_query($query) or die(mysql_error()); header('Location:index.php?p=users'); } //update existing user else if (isset($_POST['update'])) { $username = $_POST['username']; $pass1 = $_POST['pass1']; $pass2 = $_POST['pass2']; $delete = $_POST['delete']; if($delete == 1) { $query = "DELETE FROM users WHERE username='$username'"; mysql_query($query) or die(mysql_error()); } else if($pass1 != $pass2){ header('Location:index.php?p=users');} $hash = hash('sha256', $pass1); //creates a 3 character sequence $salt = createSalt(); $hash = hash('sha256', $salt . $hash); //sanitize username $username = mysql_real_escape_string($username); $query = "UPDATE users SET password='$hash', salt='$salt' WHERE username='$username'"; mysql_query($query); header('Location:index.php?p=users'); } ?>[/code]

Is anyone able to point out what I’m obviously forgetting?