signup

<center>
<body bgcolor="#ECE9E0">
<?php
session_start();

require_once( 'inc/config.inc.php' );

error_reporting(E_ALL & ~E_NOTICE);

$url = $_SERVER["HTTP_HOST"];
$domain = (empty($domain))? $_SERVER["HTTP_HOST"] : $domain;
$domain = (substr($domain,0,4) == "www.")? strstr($domain, ".") : $domain;

// Protect database entries and use MD5 encryption
$strName    = (isset($_POST['name']))? addslashes( $_POST['name'] ) : '';
$strUser    = (isset($_POST['user']))? addslashes( $_POST['user'] ) : '';
$strKey     = (isset($_POST['code']))? addslashes( $_POST['code'] ) : '';
$strEmail2  = (isset($_POST['email2']))? addslashes( $_POST['email2'] ) : '';


$strDomain  = addslashes( "$domain" );
$strPass1   = (isset($_POST['pass1']))? addslashes( $_POST['pass1'] ) : '';

//Connect to database using information from above
$open = mysql_connect($mysql_host, $mysql_user, $mysql_pass);
$select = mysql_select_db($mysql_db);

if (!$open || !$select)
{
  echo "Unable to open database, contact your administrator!";
} else {
  echo "<fieldset style=\"width:420px;font-size:12px;\"><legend style=\"font-size:30px;color:blue;width:100px;\">$form_title</legend>";


  if ( isset($_POST['submit']) &&  $_POST['submit'] == 'create account' ){
   if( $_SESSION['security_code'] == $_POST['security_code'] && !empty($_SESSION['security_code'] ) ) {
    $domain_res = mysql_query("SELECT * FROM `hm_domains` WHERE `domainname` = '{$strDomain}' LIMIT 1");
      if (!$domain_res)
      {
        die('Error while selecting data: ' . mysql_error());
       }
      $domain_info = mysql_fetch_array($domain_res, MYSQL_ASSOC);


    //Check to see if email account exists, if not process signup
    $account_res = mysql_query("SELECT * FROM `hm_accounts` WHERE `accountaddress` = '{$strUser}@$strDomain' LIMIT 1");
    $v1 = mysql_num_rows($account_res);

    If ($v1 >= 1)
    {
       echo "A subscriber with this email already exists!<br><br>Please <a href=\"javascript:history.go(-1)\">click here</a> to reset.";
       return false;
    } else {
      if ( !$_POST['pass1'] || !$_POST['pass2'] )
      {
         echo "You did not enter both passwords!<br><br>Please <a href=\"javascript:history.go(-1)\">click here</a> to reset.";
      }
      elseif ( $_POST['pass1'] != $_POST['pass2'] )
      {
         echo "The passwords entered do not match!<br><br>Please <a href=\"javascript:history.go(-1)\">click here</a> to reset.";
      } else {
         $domain_id = $domain_info['domainid'];
         $account_pass = ($encryption == 2)? md5( $strPass1 ) : $strPass1;

         $account_add = mysql_query("INSERT INTO `hm_accounts` (`accountdomainid`,`accountaddress`,`accountpassword`,`accountactive`,`accountisad`,`accountmaxsize`,`accountpwencryption`,`code`,`email2`) VALUES ('$domain_id','$strUser@$strDomain','$account_pass','$admin_default_activate','$accountisad','$account_max','$encryption','$strKey','$strEmail2')");

// Find the accountid for the newly created account based off of domain id and account address
$query = mysql_query("SELECT accountid FROM hm_accounts
WHERE accountdomainid='$domain_id' AND accountaddress='$strUser@$strDomain'") or die(mysql_error());
$col = mysql_fetch_array($query);
$account_info = $col ['accountid'];

// Match folderaccountid with accountid
$folderaccountid = $account_info;
$folderparentid = '-1';
$folderissubscribed = '1';
$foldercurrentuid = '1';

// Build IMAP Folders
  $imapfolders_add = mysql_query("
   INSERT INTO hm_imapfolders (folderaccountid, folderparentid, foldername, folderissubscribed,foldercurrentuid)
      SELECT '$folderaccountid', '$folderparentid', 'INBOX', '$folderissubscribed', '$foldercurrentuid'
   UNION ALL
      SELECT '$folderaccountid', '$folderparentid', 'Sent', '$folderissubscribed', '$foldercurrentuid'
   UNION ALL
      SELECT '$folderaccountid', '$folderparentid', 'Trash', '$folderissubscribed', '$foldercurrentuid'
   UNION ALL
      SELECT '$folderaccountid', '$folderparentid', 'Junk', '$folderissubscribed', '$foldercurrentuid'
      ");
      }
    }

    if (!$account_add)
      {
        die('<br><br>Database error, unable to add account. Please contact your administrator!<br> ' . mysql_error());
       }

    If ($admin_default_activate == 0)
   {
     echo "<div style=\"font-size:14px;color:red;\"><b>Your account has been created but <b>requires activation</b> by administration.";
      echo "Once your application has been approved, you will receive a confirmation message.</div><br><br>";
    } else {
      echo "<div style=\"font-size:14px;color:red;\"><b>Your account has been created and is ready for use!</b><br>";
      echo "<b>Username</b>:<i> $strUser@$strDomain</i><br>";
      if ( !empty($serv_webmail_url) ) echo "<b>Webmail URL</b>: <a href=\"$serv_webmail_url\">www.$strDomain/</a></div><br>";


      $subject = "Welcome To $strDomain Email!";
      $message = "This is confirmation that your account has been created. You may now login to your account and start using it.";

      mail("{$_POST['user']}@$strDomain", "$subject", "$message", "From: $admin_email"); //Send welcome message
    }

    if ($admin_default_activate == 0 && $admin_notify == 1)
    {
      $admin_mail_subject = "Account Requires Activation!";
      $admin_mail_message = "The email account {$_POST['user']}@$strDomain has been created by {$_POST['name']} and requires administration activation!\r\n\r\nPlease login to the admin control panel to verIfy and activate user account.\r\n\r\n";
      mail($admin_email, "$admin_mail_subject", "$admin_mail_message", "From: $admin_email");
    }
    elseif ($admin_default_activate == 1 && $admin_notify == 1)
    {
      $admin_mail_subject = "New Account Created!";
      $admin_mail_message = "{$_POST['user']}@$strDomain has been created by {$_POST['name']}!";
      mail($admin_email, "$admin_mail_subject", "$admin_mail_message", "From: $admin_email");

    }
    unset($_SESSION['security_code']);
  } else {
        // Insert your code for showing an error message here
        echo "<div style=\"font-size:13px;color:red;\"><b>Sorry, you have provided an invalid security code <br>Please <a href=\"javascript:history.go(-1)\">click here</a> to reset.</b></div>";
   }
 }
}
   //Email account signup page
  echo "<form action=\"\" method=\"POST\">
 <table style=\"font-size:14px;color:#535353;\"><tr>
  <td width=\"100\"><b>Full Name:</b></td><td width=\"220\"><input type=\"text\" name=\"name\" size=\"18\"> </td></tr><tr>
      <td><b>E-Mail:</td><td><input type=\"text\" name=\"user\" size=\"18\"><b><font color=red>@".$domain."</font></b> </td></tr><tr>
      <td><b>Password:</td><td><input type=\"password\" name=\"pass1\" size=\"18\"> </td></tr><tr>
      <td><b>Password:</td><td><input type=\"password\" name=\"pass2\" size=\"18\"> (For Confirmation)</td></tr>
      <td><b><font color=red>Backup Email</font>:</td><td><input type=\"text\" name=\"email2\" size=\"18\"> (To Receive Reset Link)</td></tr>
      <td><b><font color=red>Secret Word/Code</font>:</td><td><input type=\"password\" name=\"code\" size=\"18\"> (If you forget password)</td></tr>

      <tr><td>&nbsp;</td><td align=\"left\"><br />";
  echo "<img src=\"CaptchaSecurityImages.php?width=150&height=35&characters=7\" /></td>
        </tr><tr><td><label for=\"security_code\"><b>Security Code: </b></label></td><td><input id=\"security_code\" name=\"security_code\" type=\"text\" /><br /></td>
     </tr><br><br><tr><td colspan=\"2\" align=\"center\"><input type=\"image\" src=\"button.png\" name=\"submit\" value=\"create account\" ></td></tr></table> </fieldset>
   </form>";


  ?>

</center></body>