/www/register.php
PHP | 434 lines | 335 code | 50 blank | 49 comment | 59 complexity | b76f0b8086afddb3b3fe4cc8f4d4feac MD5 | raw file
Possible License(s): MIT
- <?php
- //"If-None-Match: \"2083529129\""
- //curl_setopt($ch, CURLOPT_HTTPHEADER, array("If-Modified-Since: ".gmdate('D, d M Y H:i:s \G\M\T',time()+60*60*60*60)));
- //if(isset($_REQUEST["pf_ssap"])){}
- Include('./vars.php');
- If(IsSet($_REQUEST['pf_ssap']))
- {
- //phpinfo();exit;
- ForEach(Array('pf_nigol', 'pf_ssap', 'pf_dname', 'pf_email') AS $K)
- {
- SetType($_REQUEST[$K], 'string');
- $_REQUEST[$K] = Trim($_REQUEST[$K]);
- }
-
- $_REQUEST['pf_nigol'] = StrToLower($_REQUEST['pf_nigol']);
- $mail = Trim(PregTrim(SubStr($_REQUEST['pf_email'], 0, 255)));
-
- If($_REQUEST['pf_nigol'] == 'guest' || StrLen($_REQUEST['pf_nigol']) < 6 || StrLen($_REQUEST['pf_nigol']) > 30 || StrLen($mail) < 6 || StrLen($mail) > 100 ||
- StrLen($_REQUEST['pf_dname']) < 3 || StrLen($_REQUEST['pf_dname']) > 30 || StrLen($_REQUEST['pf_ssap']) != 32 || Preg_Match('#[^0-9a-f]#', $_REQUEST['pf_ssap']) ||
- Preg_Match('#\W#', $_REQUEST['pf_nigol']) || Preg_Match('#[^\w ?-??-?*()@&$:.,+-]#', $_REQUEST['pf_dname']) ||
- !Preg_Match("/^[a-z0-9._-]{1,20}@(([a-z0-9-]+\.)+(com|net|org|mil|edu|gov|arpa|info|biz|inc|name|[a-z]{2})|[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})$/is", $mail)
- ){
- If(DEBUG)
- {
- echo '<br>1 ';
- Var_Dump(StrLen($_REQUEST['pf_nigol']) < 6);
- echo '<br>2 ';
- Var_Dump(StrLen($_REQUEST['pf_nigol']) > 30);
- echo '<br>3 ';
- Var_Dump(StrLen($mail) < 6 || StrLen($mail) > 100);
- echo '<br>4 ';
- Var_Dump(StrLen($_REQUEST['pf_dname']) < 3);
- echo '<br>5 ';
- Var_Dump(StrLen($_REQUEST['pf_dname']) > 30);
- echo '<br>6 ';
- Var_Dump(StrLen($_REQUEST['pf_ssap']) != 32);
- echo '<br>7 ';
- Var_Dump(Preg_Match('#[0-9a-f]#', $_REQUEST['pf_ssap']));
- echo '<br>8 ';
- Var_Dump(Preg_Match('#\W#', $_REQUEST['pf_nigol']));
- echo '<br>9 ';
- Var_Dump(Preg_Match('#[^\w ?-??-?*()@&$:.,+-]#', $_REQUEST['pf_dname']));
- echo '<br>10 ';
- Var_Dump(!Preg_Match("/^[a-z0-9._-]{1,20}@(([a-z0-9-]+\.)+(com|net|org|mil|edu|gov|arpa|info|biz|inc|name|[a-z]{2})|[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})$/is", $mail));
- EXIT;
- }
- //???????????? ? ??? ?????? ?????? ????? ?????????? ?????. ???? ???? ???? ?????, ?? ??? ??????? ?????????????? ????? ??? ??????????? ????? ??? ??? ??????? ?????? ?????? ?????
- Header('Location: http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
- EXIT;
- }
-
- //-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
- //-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
-
- $ResExt = CheckFile($_FILES['pf_file'], '???????', 'png|jpg|bmp');
- If($ResExt)
- {
- Include(PrivateFolder . 'scripts/SQLiteDB.php');
-
- $DName = SQLite_Escape_String($_REQUEST['pf_dname']);
- $Login = SQLite_Escape_String($_REQUEST['pf_nigol']);
-
- $Result = CheckQueryOkEx("SELECT login FROM tbl_users WHERE login = '" . $Login . "' OR like(displayname, '" . $DName . "');", DB_UNBUF);
- If($Result && ($Result = SQLite_Fetch_Single($Result)))
- {
- If($Result == StrToLower($_REQUEST['pf_nigol']))
- {
- $ERRORS[] = '???????????? ? ????? ??????? ??? ??????????. ?????????? ?????????? ?????? ?????.';
- }
- Else
- {
- $ERRORS[] = '???????????? ? ????? ????? ??? ??????????. ?????????? ?????????? ?????? ??? ??? ??????????? ? ????.';
- }
- }
- Else
- {
- UnSet($Result);
- $Pass = SQLite_Escape_String($_REQUEST['pf_ssap']);
- $Email = SQLite_Escape_String($mail);
- $Avatar = $ResExt == -1 ? 0 : 1;
- $Salt = '';
- For($i = 0; $i <= 5; $i++)
- {
- $Salt .= Chr(Rand(0,1) ? Rand(97,122) : Rand(65,90));
- }
- If(CheckQueryOkEx("
- INSERT INTO tbl_users (gid, avatar, banreasonid, passwd, salt, email, login, displayname)
- VALUES (100, " . $Avatar . ", 0, MD5WithSalt('" . $Pass . "', '" . $Salt . "'), '" . $Salt . "', '" . $Email . "', '" . $Login . "', '" . $DName . "');",
- DB_EXEC)
- ){
- If($Avatar)
- {
- ReName($_FILES['pf_file']['tmp_name'], './img/avatar/' . SQLite_Last_Insert_Rowid($DB) . '-1.png');
- }
- SQLite_Close($DB);
- Header('Location: http://' . $_SERVER['HTTP_HOST'] . '/RegOk.html');
- EXIT;
- }
- }
- SQLite_Close($DB);
- }
-
- //-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
- //-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
- }
- Function CheckFile(&$File, $name, $Ext)
- {
- GLOBAL $ERRORS;
-
- SetType($File['size'], 'integer');
- SetType($File['error'], 'integer');
- SetType($File['name'], 'string');
- SetType($File['tmp_name'], 'string');
-
- If(Empty($File['name']) && $File['size'] == 0)
- {
- Return -1;
- }
-
- SWITCH($File['error'])
- {
- Case 0: Break; // no errors
-
- Case 4:
- $ERRORS[] = '?? ?????? ??????? ???? ' . $name . ' ??? ????????, ?????????? ????????? ??????? ????? ?????? ???? ??? ????????.';
- Break;
-
- Case 1: Case 2:
- $ERRORS[] = ('??????????? ???? ???? ' . $name . ' ??????? ???????? ???????, ? ????????? ? ??????? ??????????? ?? ?????? ??????????? ?????? ?? ??????????? ????????? ????? ??????? ?????.');
- Break;
-
- DEFAULT:
- $ERRORS[] = ('?? ????? ???????? ????? ' . $name . ' ????????? ?????????????? ?????? (code: ' . $File['error'] .
- '). ?????????? ????????? ? ?????????????? ????? ??? ?????????? ???? ???????? ??????? ?? ??? ??????.'
- );
- }
- If($File['error'] == 0)
- {
- $FileExt = False;
-
- If($File['size'] == 0 || Empty($File['name']) || !Is_Uploaded_File($File['tmp_name']))
- {
- $ERRORS[] = '?? ????? ???????? ????? ????????? ?????????????? ??????. ?????????? ????????? ? ?????????????? ????? ??? ?????????? ???? ????????.';
- Return False;
- }
- ElseIf(!Preg_Match('#\.(' . $Ext . ')$#i', $File['name'], $FileExt))
- {
- $ERRORS[] = '??????????? ???? ???? ' . $name . ' ?? ???????? ?????? ?????????? ???????. ?????????? ?????????? ?????? ??????????? ??????? ??????: jpg, png, bmp.';
- Return False;
- }
- Else
- {
- $FileExt = StrToLower($FileExt[1]);
- }
- If($FileExt == 'bmp' || $FileExt == 'jpg' || $FileExt == 'png')
- {
- If(!ConvertImageDimensions($File, $FileExt))
- {
- Return False;
- }
- }
- Return $FileExt;
- }
- Return False;
- }
- Function ConvertImageDimensions(&$File, &$FileExt)
- {
- GLOBAL $ERRORS;
-
- //Array ( [0] => 2592 [1] => 1552 [2] => 2 [3] => width="2592" height="1552" [bits] => 8 [channels] => 3 [mime] => image/jpeg )
- //Array ( [0] => 379 [1] => 474 [2] => 3 [3] => width="379" height="474" [bits] => 8 [mime] => image/png )
- //Array ( [0] => 1680 [1] => 1050 [2] => 6 [3] => width="1680" height="1050" [bits] => 24 [mime] => image/bmp )
- $ImageInfo = GetImageSize($File['tmp_name']);
- If(!$ImageInfo)
- {
- $ERRORS[] = '??????????? ???? ???? ??????? ????????? ???? ?? ???????? ?????? ??????? ???????. ?????????? ?????????? ????????? ?????? ???? ??? ????????????????? ?????? ? ??????????? ?????????.';
- Return False;
- }
- ElseIf(!(($ImageInfo[2] == 2 && $FileExt == 'jpg') || ($ImageInfo[2] == 3 && $FileExt == 'png') || ($ImageInfo[2] == 6 && $FileExt == 'bmp')))
- {
- $ERRORS[] = ('??????????? ???? ???? ??????? ?? ???????? ????????? ??????? BMP, JPG ??? PNG. ?????????? ??????????? ??????????????? ?????? ???????????' .
- ' ? ???? ?? ???? ????????, ??????? ?????????????? ????? ? ?????? ?????????? ?? ??????? :)'
- );
- Return False;
- }
- // ???? ??????? ??????????? ?????? ??? AvatarImageWidth ? AvatarImageHeight ?? ??? ?????? ?????????? ?? ??????? "???????", ????????? ??? ? ????????
- ElseIf($ImageInfo[0] > AvatarImageWidth || $ImageInfo[1] > AvatarImageHeight || $FileExt != 'png')
- {
- Rename($File['tmp_name'], $File['tmp_name'] . '.' . $FileExt);
- $File['tmp_name'] = $File['tmp_name'] . '.' . $FileExt;
- $tmp = ($ImageInfo[0] > AvatarImageWidth || $ImageInfo[1] > AvatarImageHeight) ? (AvatarImageWidth . 'x' . AvatarImageHeight) : ($ImageInfo[0] . 'x' . $ImageInfo[1]);
- $DstExt = 'png';
- Exec('convert ' . EscapeShellArg($File['tmp_name']) . ' +profile "*" -size ' . $tmp . ' -quality 75 -geometry ' . $tmp . ' ' . EscapeShellArg($File['tmp_name'] . '.' . $DstExt));
- UnLink($File['tmp_name']);
- $File['tmp_name'] .= '.' . $DstExt;
- $FileExt = $DstExt;
- // ???????????? ?????? ?? ???????????
- If(!Is_File($File['tmp_name']))
- {
- $ERRORS[] = '??? ????????? ??????? ?? ??????? ????????? ??????, ?????????? ????????? ? ?????????????? ????? ??? ?????????? ???? ????????.';
- Return False;
- }
- }
- Return True;
- }
- /*
- Function MyExec($cmd)
- {
- If(PHP_OS != 'WINNT')
- {
- Return Exec($cmd);
- }
-
- STATIC $StreamsDesc;
- If(!$StreamsDesc)
- {
- $StreamsDesc = Array(
- 0 => Array("pipe", "r"),
- 1 => Array("pipe", "w"),
- 2 => Array("pipe", "w")
- );
- }
-
- $Result = '';
- $Handle = Proc_Open('%ComSpec%', $StreamsDesc, $Streams);
- If(Is_Resource($Handle))
- {
- FWrite($Streams[0], 'set MAGICK_HOME=' . WinImagicPath . ' && cd ' . DirName($_FILES['pf_file']['tmp_name']) . ' && ' . WinImagicPath . Str_Replace('\\', '/', $cmd) . "\r\n");
- FClose($Streams[0]);
- $Result = IConv('cp866', 'cp1251//TRANSLIT', Stream_Get_Contents($Streams[1]));
- $Result .= IConv('cp866', 'cp1251//TRANSLIT', Stream_Get_Contents($Streams[2]));
- FClose($Streams[1]);
- FClose($Streams[2]);
- Proc_Close($Handle);
- UnSet($Streams);
- }
- Echo $Result;
- }*/
- Function PregTrim($str)
- {
- Return Preg_Replace("/[^\x20-\xFF]/", '', @StrVal($str));
- }
- Function UHSC($text)
- {
- $text = Preg_Replace('/&(?!#[0-9]+;)/si', '&', $text);
- Return Str_Replace(Array('<', '>', '"'), Array('<', '>', '"'), $text);
- }
- Function EchoInput($Name, $Def = '', $MLen = 30)
- {
- Echo '<input type="text" maxlength="' . $MLen . '" id="' . $Name . '" value="' . (IsSet($_REQUEST[$Name]) ? UHSC(SubStr(Trim($_REQUEST[$Name]), 0, $MLen)) : '') . '">';
- }
- ?>
- <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
- <HTML>
- <HEAD>
- <META content="text/html; charset=windows-1251" http-equiv=Content-Type>
- <META content=no-cache http-equiv=Pragma>
- <META content=-1 http-equiv=Expires>
- <META content=no-cache http-equiv=Cache-Control>
- <LINK rel=stylesheet type=text/css href="/css/SimpleSkin.css">
- <script type="text/javascript" src="/js/admin.js" ></script>
- <script>
- //<!--
- function submitform()
- {
- var login = trim11(fetch_object('pf_nigol').value).toLowerCase();
- var passwd = trim11(fetch_object('pf_passwd').value);
- var passwd2 = trim11(fetch_object('pf_passwd2').value);
- var dname = trim11(fetch_object('pf_dname').value);
- var email = trim11(fetch_object('pf_email').value);
-
- if(passwd != passwd2)
- {
- alert('????????? ?????? ?? ?????????! ?????????? ????????? ?????? ? ?????????? ?????.');
- return;
- }
-
- if(passwd.length < 6)
- {
- alert('????????? ?????? ??????? ????????. ?????? ?????? ????????? ?? ????? 6 ????????.');
- return;
- }
-
- if(login == 'guest')
- {
- alert('????????? ????? ???????????? ??????. ?????? ????? ?????????????? ??? ????????? ????.');
- return;
- }
-
- if(login.length < 6)
- {
- alert('????????? ????? ??????? ????????. ????? ?????? ????????? ?? ????? 6 ????????.');
- return;
- }
-
- if(login.length > 30)
- {
- alert('????????? ????? ??????? ???????. ????? ?????? ????????? ?? ????? 30 ????????.');
- return;
- }
-
- if(login.search(new RegExp('\\W', "g")) != -1)
- {
- alert('????????? ????? ???????? ??????????? ???????. ????? ?? ?????? ????????? ??????? ???????? ????? ???? ?????????? ????????, ???? ? ????? ???????????? "_".');
- return;
- }
-
- if(dname.length < 3)
- {
- alert('????????? ??? ??? ??????????? ??????? ????????. ?? ?????? ????????? ?? ????? 3 ????????.');
- return;
- }
-
- if(dname.length > 30)
- {
- alert('????????? ??? ??? ??????????? ??????? ???????. ?? ?????? ????????? ?? ????? 30 ????????.');
- return;
- }
-
- if(dname.search(new RegExp('[^\\w ?-??-?*()@&$:.,+-]', "g")) != -1)
- {
- alert('????????? ??? ??? ??????????? ??????? ???????. ?? ?????? ????????? ?? ????? 30 ????????.');
- return;
- }
-
- if(email.length < 6)
- {
- alert('?????????? ??????? ?????????? email.');
- return;
- }
-
- if(email.length > 100)
- {
- alert('?????????? ??????? ?????????? email, ???????????? ????? ?? ????? ????????? 100 ????????.');
- return;
- }
- if(!checkmail(email))
- {
- alert('??????????, ??????? ???? ????????? e-mail');
- return;
- }
-
- AddFieldToForm('pf_nigol', login);
- AddFieldToForm('pf_ssap', MD5(passwd));
- AddFieldToForm('pf_dname', dname);
- AddFieldToForm('pf_email', email);
- fetch_object('postform').submit();
- }
-
- function checkmail(value)
- {
- reg = /[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?/;
- if(!value.match(reg))
- {
- return false;
- }
- return true;
- }
-
- function AddFieldToForm(name, value)
- {
- var theForm = fetch_object('postform');
- var newOption = document.createElement("input");
- newOption.name = name;
- newOption.type = "text";
- newOption.value = value;
- theForm.appendChild(newOption);
- }
- //-->
- </script>
- <META name=GENERATOR content="MSHTML 9.00.8112.16434">
- </HEAD>
- <BODY oncontextmenu="return false;" style="padding: 50px 50px 50px;">
- <a name="top" />
- <TABLE class="textj">
- <?php If(IsSet($ERRORS) && Count($ERRORS)){ ?>
- <tr><td class="tbighed" style="background-color: #9c6670; ;">?? ????? ??????????? ????????? ??????:</td></tr>
- <tr><td><div style="padding: 20px 10px 10px 50px;"><ol>
- <?php
- ForEach($ERRORS AS $Err)
- {
- Echo '<li>' . $Err . '</li>';
- }
- ?>
- </ol></div></td></tr>
- <tr><td> </td></tr>
- <tr><td> </td></tr>
- <?php } ?>
- <tr><td class="tbighed">??????????? ? DSProChat</td></tr>
-
- <tr><td> </td></tr>
- <tr><td>????? ??? ?????:</td></tr>
- <tr><td><?php EchoInput('pf_nigol'); ?></td></tr>
-
- <tr><td> </td></tr>
- <tr><td>??????:</td></tr>
- <tr><td><input type="password" maxlength="50" id="pf_passwd"></td></tr>
-
- <tr><td> </td></tr>
- <tr><td>?????? ??? ???:</td></tr>
- <tr><td><input type="password" maxlength="50" id="pf_passwd2"></td></tr>
-
- <tr><td> </td></tr>
- <tr><td>E-mail:</td></tr>
- <tr><td><?php EchoInput('pf_email', '', 100); ?></td></tr>
-
- <tr><td> </td></tr>
- <tr><td>??? ??? ??????? ????? ???????????? ? ????:</td></tr>
- <tr><td><?php EchoInput('pf_dname'); ?></td></tr>
-
- <tr><td> </td></tr>
- <tr><td>??????? (?????? ????? ????????: jpg, png, bmp):</td></tr>
- <tr><td><form id="postform" enctype="multipart/form-data" method="post"><input type="hidden" name="MAX_FILE_SIZE" value="800000"><input style="width: 100%" name="pf_file" type="file" style="width:99%;" /></form></td></tr>
-
- <tr><td> </td></tr>
- <tr><td> </td></tr>
- <tr><td><input type="submit" style="height: 40px" onClick="submitform();"></td></tr>
-
- </TABLE>
- </BODY>
- </HTML>