PageRenderTime 674ms CodeModel.GetById 29ms RepoModel.GetById 0ms app.codeStats 0ms

/banned/newuser.php

http://globalban-spanish.googlecode.com/
PHP | 227 lines | 156 code | 27 blank | 44 comment | 56 complexity | 8dd96f60c20428da86133c147a5e5aae MD5 | raw file
    

  1. <?php
    2. 

  2. /*
    3. 

  3.     This file is part of GlobalBan.
    4. 

    5. 

  5.     Written by Stefan Jonasson <soynuts@unbuinc.net>
    6. 

  6.     Copyright 2008 Stefan Jonasson
    7. 

  7.     
    8. 

  8.     GlobalBan is free software: you can redistribute it and/or modify
    9. 

  9.     it under the terms of the GNU General Public License as published by
    10. 

  10.     the Free Software Foundation, either version 3 of the License, or
    11. 

  11.     (at your option) any later version.
    12. 

    13. 

  13.     GlobalBan is distributed in the hope that it will be useful,
    14. 

  14.     but WITHOUT ANY WARRANTY; without even the implied warranty of
    15. 

  15.     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    16. 

  16.     GNU General Public License for more details.
    17. 

    18. 

  18.     You should have received a copy of the GNU General Public License
    19. 

  19.     along with GlobalBan.  If not, see <http://www.gnu.org/licenses/>.
    20. 

  20. */
    21. 

  21. 

  22. include_once(ROOTDIR."/include/database/class.UserQueries.php");
    23. 

  23. // User specific queries
    24. 

  24. $userQueries = new UserQueries();
    25. 

  25. 

  26. // Make variables empty
    27. 

  27. $username = "";
    28. 

  28. $email = "";
    29. 

  29. $vemail = "";
    30. 

  30. $password = "";
    31. 

  31. $vpassword = "";
    32. 

  32. $steamId = "";
    33. 

  33. 

  34. $lan_file = ROOTDIR.'/languages/'.$LANGUAGE.'/lan_newuser.php';
    35. 

  35. include(file_exists($lan_file) ? $lan_file : ROOTDIR."/languages/English/lan_newuser.php");
    36. 

  36. 

  37. $nopost = true; // Flag of whether the form was submitted yet
    38. 

  38. if(isset($_POST['nopost'])) {
    39. 

  39. 	$nopost = $_POST['nopost'];
    40. 

  40. }
    41. 

  41. 

  42. // Boolean values of whether post values are valid
    43. 

  43. $valid = array("username"=>false,
    44. 

  44.         "steamId"=>false,
    45. 

  45. 				"email"=>false,
    46. 

  46. 				"vemail"=>false,
    47. 

  47. 				"password"=>false,
    48. 

  48. 				"vpassword"=>false,
    49. 

  49.         "userCode"=>false);
    50. 

  50. 

  51. /**
    52. 

  52.  * Post Data from form
    53. 

  53.  */ 
    54. 

  54. 

  55. // User name
    56. 

  56. if(isset($_POST['username'])) {
    57. 

  57. 	$username = $_POST['username'];
    58. 

  58. 	if(!$userQueries->usernameExist($username) && !empty($username)) {
    59. 

  59. 		$valid['username'] = true;
    60. 

  60. 	}
    61. 

  61. }
    62. 

  62. 

  63. // Steam ID
    64. 

  64. if(isset($_POST['steamId'])) {
    65. 

  65. 	$steamId = $_POST['steamId'];
    66. 

  66. 	if(!empty($steamId)) {
    67. 

  67. 	 if(preg_match("/^STEAM_[01]:[01]:\d{0,10}$/", $steamId)) {
    68. 

  68. 		  $valid['steamId'] = true;
    69. 

  69. 		}
    70. 

  70. 	}
    71. 

  71. }
    72. 

  72. 

  73. 

  74. if(isset($_POST['email'])) {
    75. 

  75. 	$email = $_POST['email'];
    76. 

  76. 	
    77. 

  77. 	// take a given email address and split it into the username and domain.
    78. 

  78. 	//list($userName, $mailDomain) = split("@", $email);
    79. 

  79. 	// Check if the dns is valid
    80. 

  80. 	//if(checkdnsrr($mailDomain, "MX")) {
    81. 

  81. 	//	$valid['email'] = true;
    82. 

  82. 	//}
    83. 

  83. 	// Simplified version that does not do dns validation
    84. 

  84. 	if(!$userQueries->emailExist($email) && !empty($email)) {
    85. 

  85. 		if(preg_match("/^[A-Z0-9._%-]+@[A-Z0-9._%-]+\.[A-Z]{2,6}$/i", $email)) {
    86. 

  86. 			$valid['email'] = true;
    87. 

  87. 		}
    88. 

  88. 	}
    89. 

  89. }
    90. 

  90. if(isset($_POST['vemail'])) {
    91. 

  91. 	$vemail = $_POST['vemail'];
    92. 

  92. 	// Check if it matches the email address
    93. 

  93. 	if($vemail == $email) {
    94. 

  94. 		$valid['vemail'] = true;
    95. 

  95. 	}
    96. 

  96. }
    97. 

  97. 

  98. 

  99. if(isset($_POST['password'])) {
    100. 

  100. 	$password = $_POST['password'];
    101. 

  101. 	
    102. 

  102. 	// Must have atleast 1 alphanumeric and at least 1 number and be a length of at least 6
    103. 

  103. 	$regex = "/^\w*(?=\w*\d)(?=\w*[a-zA-Z])\w*$/";
    104. 

  104. 	
    105. 

  105. 	if(strlen($password) > 5 && preg_match($regex,$password)) {
    106. 

  106. 		$valid['password'] = true;
    107. 

  107. 	}
    108. 

  108. }
    109. 

  109. if(isset($_POST['vpassword'])) {
    110. 

  110. 	$vpassword = $_POST['vpassword'];
    111. 

  111. 	// Check if it matches the first password
    112. 

  112. 	if($vpassword == $password) {
    113. 

  113. 		$valid['vpassword'] = true;
    114. 

  114. 	}
    115. 

  115. }
    116. 

  116. 

  117. // User name
    118. 

  118. if(isset($_POST['userCode'])) {
    119. 

  119. 	$code = $_POST['userCode'];
    120. 

  120. 	
    121. 

  121.   if(!empty($code)) {
    122. 

  122.   	if($config->createUserCode == $code || $config->createSuperCode == $code) {
    123. 

  123.       $valid['userCode'] = true;
    124. 

  124.     }
    125. 

  125.   }
    126. 

  126. }
    127. 

  127. 

  128. // Redirect if everything works
    129. 

  129. if($valid['username'] && $valid['email'] && $valid['vemail'] && $valid['password'] && $valid['steamId'] && $valid['userCode']) {
    130. 

  130.   // Always add the user as a member
    131. 

  131. 	if($userQueries->addUser($username, $password, 4, $steamId, $email)) {
    132. 

  132. 	
    133. 

  133.     // Email the user
    134. 

  134.     $subject = $config->siteName." ".$LAN_NEWUSER_025." ".$LAN_NEWUSER_026;
    135. 

  135. 

  136.     $body = "<html><body>";
    137. 

  137.     $body .= $LAN_NEWUSER_022.": ".$username;
    138. 

  138.     $body .= "\n\n";
    139. 

  139. 

  140.     $body .= "\n\n";
    141. 

  141.     $body .= "<p>".$LAN_NEWUSER_023."</p>";
    142. 

  142.     $body .= "</body></html>";
    143. 

  143. 

  144.     // To send HTML mail, the Content-type header must be set
    145. 

  145.     $headers  = "MIME-Version: 1.0" . "\r\n";
    146. 

  146.     $headers .= "Content-type: text/html; charset=utf-8" . "\r\n";
    147. 

  147.     // Additional headers
    148. 

  148.     $headers .= "From: ".$config->siteName." ".$LAN_NEWUSER_025." <".$config->emailFromHeader.">\r\n";
    149. 

  149. 

  150.     // Send an email message to those that wish to recieve a notice of a newly added ban
    151. 

  151.     mail($email, $subject, $body, $headers);
    152. 

  152. 	
    153. 

  153. 		header("Location: index.php?page=login&created=1"); // Requires ob_start and ob_flush to do header re-direct
    154. 

  154. 	} else {
    155. 

  155. 		header("Location: index.php?page=newuser&error=1");
    156. 

  156. 	}
    157. 

  157. }
    158. 

  158. 

  159. if($_GET['error'] == 1) {
    160. 

  160.   echo "<h5>".$LAN_NEWUSER_002."</h5>";
    161. 

  161. }
    162. 

  162. 

  163. ?>
    164. 

  164. <div class="tborder">
    165. 

  165.   <div id="tableHead">
    166. 

  166.     <div><b><?php echo $LAN_NEWUSER_001; ?></b></div>
    167. 

  167.   </div>
    168. 

  168.   <form action="index.php?page=newuser" method="post" id="form">
    169. 

  169.   	<table class="bordercolor" width="100%" cellspacing="1" cellpadding="5" border="0" style="margin-top: 1px;">
    170. 

  170.   		<tr>
    171. 

  171.   			<td class="rowColor1">*<?php echo $LAN_NEWUSER_003; ?>:</td>
    172. 

  172.   			<td class="rowColor1"><input type="text" name="username" value="<?php echo $username?>" size="40" maxlength="40" />
    173. 

  173.   			<?php if(!$valid['username'] && !$nopost) { ?><span class="error"><?php echo $LAN_NEWUSER_004; ?></span><?php } ?></td>
    174. 

  174.   		</tr>
    175. 

  175.   		<tr>
    176. 

  176.   			<td class="rowColor2">*<?php echo $LAN_NEWUSER_005; ?>:</td>			
    177. 

  177.   			<td class="rowColor2"><input name="steamId" id="steamdId" type="text" value="<?php echo $steamId?>" size="25" maxlength="25"/> (<?php echo $LAN_NEWUSER_006; ?>)
    178. 

  178.   			<?php if(!$valid['steamId'] && !$nopost) { ?><span class="error"><?php echo $LAN_NEWUSER_007; ?></span><?php } ?></td>
    179. 

  179.   		</tr>
    180. 

  180.   		<tr>
    181. 

  181.   			<td class="rowColor1">**<?php echo $LAN_NEWUSER_008; ?>:</td>
    182. 

  182.   			<td class="rowColor1"><input type="password" name="password" value="" size="25" maxlength="25"/>
    183. 

  183.   			<?php if(!$valid['password'] && !$nopost) { ?><span class="error"><?php echo $LAN_NEWUSER_009; ?></span><?php } ?></td>
    184. 

  184.   		</tr>
    185. 

  185.   		<tr>
    186. 

  186.   			<td class="rowColor2">**<?php echo $LAN_NEWUSER_010; ?>:</td>
    187. 

  187.   			<td class="rowColor2"><input type="password" name="vpassword" value="" size="25" maxlength="25"/>
    188. 

  188.   			<?php if(!$valid['vpassword'] && !empty($password) && !$nopost) { ?><span class="error"><?php echo $LAN_NEWUSER_011; ?></span><?php } ?></td>
    189. 

  189.   		</tr>
    190. 

  190.   		<tr>
    191. 

  191.   			<td class="rowColor1">*<?php echo $LAN_NEWUSER_012; ?>:</td>
    192. 

  192.   			<td class="rowColor1"><input type="text" name="email" value="<?php if(!empty($email)) { echo $email; } ?>" size="60" maxlength="80" />
    193. 

  193.   			<?php if(!$valid['email'] && !$nopost) { ?><span class="error"><?php echo $LAN_NEWUSER_013; ?></span><?php } ?></td>
    194. 

  194.   		</tr>
    195. 

  195.   		<tr>
    196. 

  196.   			<td class="rowColor2">*<?php echo $LAN_NEWUSER_014; ?>:</td>
    197. 

  197.   			<td class="rowColor2"><input type="text" name="vemail" value=""  size="60" maxlength="80" />
    198. 

  198.   			<?php if(!$valid['vemail'] && !empty($email) && !$nopost) { ?><span class="error"><?php echo $LAN_NEWUSER_015; ?></span><?php } ?></td>
    199. 

  199.   		</tr>
    200. 

  200.   		<tr>
    201. 

  201.   			<td class="rowColor1">*<?php echo $LAN_NEWUSER_016; ?>:</td>
    202. 

  202.   			<td class="rowColor1"><input type="password" name="userCode" value="" />
    203. 

  203.   			<?php
    204. 

  204. 			if(isset($_POST['submit']))
    205. 

  205. 			{
    206. 

  206. 				if((!$valid['userCode'] && !empty($code) && !$nopost) || empty($code))
    207. 

  207. 				{?>
    208. 

  208. 					<span class="error"><?php echo $LAN_NEWUSER_017; ?> </span><?php
    209. 

  209. 				}?></td>
    210. 

  210. 			<?php
    211. 

  211. 			}
    212. 

  212. 			?>
    213. 

  213.   		</tr>
    214. 

  214.   		<tr>			
    215. 

  215.   			<td align="left" colspan="3" class="rowColor2">
    216. 

  216.   				<input type="hidden" name="nopost" value="0" />
    217. 

  217.   				<input type="reset" value="<?php echo $LAN_NEWUSER_021; ?>" class="button" />&nbsp;
    218. 

  218.   				<input type="submit" value="<?php echo $LAN_NEWUSER_018; ?>" class="button" /></td>
    219. 

  219.   		</tr>
    220. 

  220.   	</table>
    221. 

  221.   </form>
    222. 

  222. </div>
    223. 

  223. <h5>
    224. 

  224. * <?php echo $LAN_NEWUSER_019; ?><br />
    225. 

  225. ** <?php echo $LAN_NEWUSER_020; ?>
    226. 

  226. </h5>
    227. 

  227. 

  228.