<?require_once("include/bittorrent.php");hit_start();dbconn();$r

1. <?
2.  
3. require_once("include/bittorrent.php");
4.  
5. hit_start();
6.  
7. dbconn();
8.  
9. $res = mysql_query("SELECT COUNT(*) FROM users") or sqlerr(__FILE__, __LINE__);
10. $arr = mysql_fetch_row($res);
11. if ($arr[0] >= $maxusers)
12. stderr("Error", "Sorry, user limit reached. Please try again later.");
13.  
14. if (!mkglobal("wantusername:wantpassword:passagain:email"))
15. die();
16.  
17. function bark($msg) {
18. stdhead();
19. stdmsg("Signup failed!", $msg);
20. stdfoot();
21. exit;
22. }
23.  
24. function validusername($username)
25. {
26. if ($username == "")
27. return false;
28.  
29. // The following characters are allowed in user names
30. $allowedchars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_-";
31.  
32. for ($i = 0; $i < strlen($username); ++$i)
33. if (strpos($allowedchars, $username[$i]) === false)
34. return false;
35.  
36. return true;
37. }
38.  
39. function isportopen($port)
40. {
41. global $HTTP_SERVER_VARS;
42. $sd = @fsockopen($HTTP_SERVER_VARS["REMOTE_ADDR"], $port, $errno, $errstr, 1);
43. if ($sd)
44. {
45. fclose($sd);
46. return true;
47. }
48. else
49. return false;
50. }
51.  
52. function bannedemail($email)
53. {
54. if (strtoLower(substr($email,-12)) == "@dodgeit.com") return true;
55. if (strtoLower(substr($email,-15)) == "@mailinator.com") return true;
56. if (strtoLower(substr($email,-16)) == "@spamgourmet.com") return true;
57. if (strtoLower(substr($email,-12)) == "@spambob.com") return true;
58. return false;
59. }
60.  
61.  
62. /*
63. function isproxy()
64. {
65. $ports = array(80, 88, 1075, 1080, 1180, 1182, 2282, 3128, 3332, 5490, 6588, 7033, 7441, 8000, 8080, 8085, 8090, 8095, 8100, 8105, 8110, 8888, 22788);
66. for ($i = 0; $i < count($ports); ++$i)
67. if (isportopen($ports[$i])) return true;
68. return false;
69. }
70. */
71. $gender = $_POST["gender"];
72. $country = $_POST["country"];
73. $age = $_POST["age"];
74. if (empty($wantusername) || empty($wantpassword) || empty($email) || empty($country) || empty($gender) || empty($age))
75. bark("You Forgot To Enter A Required Field.");
76.  
77. if (strlen($wantusername) > 12)
78. bark("Sorry, username is too long (max is 12 chars)");
79.  
80. if ($wantpassword != $passagain)
81. bark("The passwords didn't match! Must've typoed. Try again.");
82.  
83. if (strlen($wantpassword) < 4)
84. bark("Sorry, password is too short (min is 4 chars)");
85.  
86. if (strlen($wantpassword) > 40)
87. bark("Sorry, password is too long (max is 40 chars)");
88.  
89. if ($wantpassword == $wantusername)
90. bark("Sorry, password cannot be same as user name.");
91.  
92. if (!validemail($email))
93. bark("That doesn't look like a valid email address.");
94.  
95. if (bannedemail($email))
96. bark("Please use a real email address.");
97.  
98. if (!validusername($wantusername))
99. bark("Invalid username.");
100.  
101. // make sure user agrees to everything...
102. if ($HTTP_POST_VARS["rulesverify"] != "yes" || $HTTP_POST_VARS["faqverify"] != "yes" || $HTTP_POST_VARS["ageverify"] != "yes")
103. stderr("Signup failed", "Sorry, you're not qualified to become a member of this site.");
104.  
105. // check if email addy is already in use
106. $a = (@mysql_fetch_row(@mysql_query("select count(*) from users where email='$email'"))) or die(mysql_error());
107. if ($a[0] != 0)
108. bark("The e-mail address $email is already in use.");
109.  
110. hit_count();
111.  
112. $secret = mksecret();
113. $wantpasshash = md5($secret . $wantpassword . $secret);
114. $editsecret = mksecret();
115.  
116. $ret = mysql_query("INSERT INTO users (username, passhash, secret, editsecret, email, gender, age, ip, country, status, added, last_check) VALUES (" .
117. implode(",", array_map("sqlesc", array($wantusername, $wantpasshash, $secret, $editsecret, $email, $gender, $age, $ip, $country, 'pending'))) .
118. ",'" . get_date_time() . "','" . get_date_time() . "')");
119.  
120. if (!$ret) {
121. if (mysql_errno() == 1062)
122. bark("Username already exists!");
123. bark("borked");
124. }
125.  
126. $id = mysql_insert_id();
127.  
128. //write_log("User account $id ($wantusername) was created");
129.  
130. $psecret = md5($editsecret);
131.  
132. $body = <<<EOD
133. You have requested a new user account on $SITENAME and you have
134. specified this address ($email) as user contact.
135.  
136. If you did not do this, please ignore this email. The person who entered your
137. email address had the IP address {$_SERVER["REMOTE_ADDR"]}. Please do not reply.
138.  
139. To confirm your user registration, you have to follow this link:
140.  
141. $DEFAULTBASEURL/confirm.php?id=$id&secret=$psecret
142.  
143. After you do this, you will be able to use your new account. If you fail to
144. do this, you account will be deleted within a few days. We urge you to read
145. the RULES and FAQ before you start using dvdr-core.
146. EOD;
147. mail($email, "$SITENAME user registration confirmation", $body, "From: $SITEEMAIL", "-f$SITEEMAIL");
148.  
149. header("Refresh: 0; url=ok.php?type=signup&email=" . urlencode($email));
150.  
151. hit_end();
152.  
153. ?>