mira así es como tengo el código

<?php
require("includes/logincheck.php");
require("config.php");
require("includes/extrasettings.php");
require("includes/cspuseroptions.php");
require("includes/functions.php");
require("includes/settings.php");

$userexists = "false";
$nouserpass = "false";
$clearfields = "false";
$createpassword = "false";
$profileid = "";
$username = "";
$password = "";
$displayname = "";
$usrgroup = "";
$email = "";
$comment = "";

$conn = @mysql_connect($dbhost,$dbuser,$dbpass) or die ("Error connecting to database");
mysql_select_db($dbname, $conn);
$sql = mysql_query("SELECT * FROM cmum_settings WHERE id='1'");
$line=mysql_fetch_array($sql);
$autoloaddef = $line["autoloaddef"];
if ($autoloaddef == "1") {
$usedefaults = "true";
} else {
$usedefaults = "false";
}
mysql_close($conn);

if (isset($_POST["badduser"]) and $_POST["badduser"] == "Agregar") {
$username = "";
$password = "";
$displayname = "";
$profiles = "";
$email = "";
$comment = "";
$creditos= "";

if (!isset($_POST["profiles"])) {
$profiles = "N;";
} else {
$profiles = serialize($_POST["profiles"]);
}

$username = trim(stripslashes($_POST["username"]));
$password = trim(stripslashes($_POST["password"]));
$displayname = trim($_POST["displayname"]);
$email = trim($_POST["email"]);
$creditos= trim($_POST["creditos"]);
$comment = $_POST["comment"];
$username = replacechars($username);
$password = replacechars($password);
$displayname = replacechars($displayname);
$email = replacechars($email);
$creditos = replacechars($creditos);
$comment = replacechars($comment);

if ($username == "" or $password == "") {
$nouserpass = "true";
} else {
$nouserpass = "false";

$conn = @mysql_connect($dbhost,$dbuser,$dbpass) or die ("Error connecting to database");
mysql_select_db($dbname, $conn);
$sql = mysql_query("SELECT * FROM cmum_udb WHERE name='".$username."'");
$sql2 = mysql_query("SELECT * FROM cmum_dealer WHERE username='".$_SESSION["loginuser"]."'");
$rowcheck = mysql_num_rows($sql);
if($rowcheck == 1){
$userexists = "true";
mysql_close($conn);
} else {
$userexists = "false";
mysql_query("INSERT INTO cmum_udb (name,password,displayname,profiles,maxconnections ,admin,enabled,mapexclude,debug,comment,email,adde d,addfin,addedby,changed,changedby) VALUES ('".$username."','".$password."','".$displayname." ','".$profiles."','1','false','true','true','true' ,'".$comment."','".$email."','".date("Y-m-d")."','".date("Y-m-d", strtotime("+1 Months"))."','".$_SESSION["loginuser"]."','','')") or die ("Error creating user");
mysql_query("UPDATE cmum_dealer SET creditos= creditos - '".$creditos."' WHERE username='".$_SESSION["loginuser"]."'") or die ("Error editing admin user");
mysql_close($conn);
mysql_close($conn);
header("Location: controlpanel.php?action=add&user=".$username);
}
}
}

if (isset($_POST["badduser"]) and $_POST["badduser"] == "Limpiar") {
$userexists = "false";
$nouserpass = "false";
$usedefaults = "false";
$clearfields = "true";
$profileid = "";
$username = "";
$password = "";
$displayname = "";
$email = "";
$comment = "";
}
function RandomString($length=8,$uc=TRUE,$n=TRUE)
{
$source = 'abcdefghijklmnopqrstuvwxyz';
if($uc==1) $source .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
if($n==1) $source .= '1234567890';
if($length>0){
$rstr = "";
$source = str_split($source,1);
for($i=1; $i<=$length; $i++){
mt_srand((double)microtime() * 1000000);
$num = mt_rand(1,count($source));
$rstr .= $source[$num-1];
}

}
return $rstr;
}
?>