mhmcr /register.php

Language PHP Lines 71
MD5 Hash 5f051a808da3d4c574f70bdf42c9ad25 Estimated Cost $1,285 (why?)
Repository https://bitbucket.org/mhell/mhmcr.git View Raw File View Project SPDX
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
<?php
	header('Content-Type: text/html;charset=UTF-8');
	require_once('system.php');
	
	if (!$_POST) {
		//Page generation
		
		$static = array();
		$ql = mysql_query("SELECT `name`,`url` FROM ".$db['tables']['static']." ORDER BY `id` DESC;");
		while ($entry = mysql_fetch_assoc($ql))
		{
			if ($entry['url']!='main')
				$static[] = $entry;
		}
		
		$opts = array();
		$ql = mysql_query("SELECT * FROM ".$db['tables']['data'].";");
		while ($entry = mysql_fetch_assoc($ql))
		{
			$opts[$entry['property']] = $entry['value'];
		}
		
		include_once $config['style_dir'].'register.html';
	} else {
		//Checking input
		$email = $_POST['email'];
		$pass = $_POST['pass'];
		$pass2 = $_POST['pass2'];
		$login = $_POST['login'];
		
		$flags = array('pass'=>false,'email'=>false,'login'=>false,'captcha'=>false,'hit'=>false,'canreg'=>false);
		
		if (!preg_match("/^(?=.{1,30}$)[a-zA-Z][a-zA-Z0-9]*$/",$login)) {
			$flags['hit'] = true;
			$flags['login'] = true;
		}
		
		if (!CanRegister()) {
			$flags['hit'] = true;
			$flags['canreg'] = true;
		}
		
		if (!filter_var($email,FILTER_VALIDATE_EMAIL)) {
			$flags['hit'] = true;
			$flags['email'] = true;
		}
		
		if (strlen($pass)<6 or $pass!=$pass2) {
			$flags['hit'] = true;
			$flags['pass'] = true;
		}
		
		if (empty($_SESSION['captcha']) || trim(strtolower($_POST['captcha'])) != $_SESSION['captcha']) {
			$flags['hit'] = true;
			$flags['captcha'] = true;
		}
		
		//Checking done
		if (!$flags['hit']) {
			include_once('inc/pass.inc.php');
			$hash = createPass($pass);
			$login = mysql_real_escape_string($login);
			$email = mysql_real_escape_string($email);
			mysql_query("INSERT INTO ".$db['tables']['users']." (".$db['users']['username'].",".$db['users']['password'].",".$db['users']['ip'].") VALUES('".$login."','".$hash."','".GetRealIp()."');");
			if ($ipban = mgetOpt('ip-ban') && $ipban) {
				mysql_query("INSERT INTO ".$db['tables']['users']." (IP,time_start,ban_until) VALUES ('".$_SERVER['REMOTE_ADDR']."',NOW(),NOW()+INTERVAL ".$ipban." HOUR);");
			}
			Header('Location: '.mgetOpt('url-base')."?reg=ok");
		}
	}
?>
Back to Top