API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 20th, 2017
100
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 4.43 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. require_once(dirname(__FILE__).DIRECTORY_SEPARATOR.'include'.DIRECTORY_SEPARATOR.'bittorrent.php');
  3. require_once(INCL_DIR.'user_functions.php');
  4. require_once(INCL_DIR.'password_functions.php');
  5. dbconn();
  6. get_template();
  7.  
  8. $lang = load_language('global');
  9.  
  10. $res = mysql_query("SELECT COUNT(*) FROM users") or sqlerr(__FILE__, __LINE__);
  11. $arr = mysql_fetch_row($res);
  12. if ($arr[0] >= $TBDEV['maxusers'])  
  13. stderr($lang['stderr_errorhead'], sprintf($lang['stderr_ulimit'], $TBDEV['maxusers']));
  14.  
  15. if (!mkglobal("wantusername:wantpassword:passagain:email:invite"))
  16. die();
  17.  
  18. function validusername($username) {
  19. if ($username == "")
  20. return false;
  21. // The following characters are allowed in user names
  22. $allowedchars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
  23. for ($i = 0; $i < strlen($username); ++$i)
  24. if (strpos($allowedchars, $username[$i]) === false)
  25. return false;
  26. return true;
  27. }
  28.  
  29. if (empty($wantusername) || empty($wantpassword) || empty($email) || empty($invite))
  30. stderr("Don't leave any fields blank.");
  31.  
  32. if (strlen($wantusername) > 12)
  33. stderr("Sorry, username is too long (max is 12 chars)");
  34.  
  35. if ($wantpassword != $passagain)
  36. stderr("The passwords didn't match! Must've typoed. Try again.");
  37.  
  38. if (strlen($wantpassword) < 6)
  39. stderr("Sorry, password is too short (min is 6 chars)");
  40.  
  41. if (strlen($wantpassword) > 40)
  42. stderr("Sorry, password is too long (max is 40 chars)");
  43.  
  44. if ($wantpassword == $wantusername)
  45. stderr("Sorry, password cannot be same as user name.");
  46.  
  47. if (!validemail($email))
  48. stderr("That doesn't look like a valid email address.");
  49.  
  50. if (!validusername($wantusername))
  51. stderr("Invalid username.");
  52.  
  53. // make sure user agrees to everything...
  54. if ($_POST["rulesverify"] != "yes" || $_POST["faqverify"] != "yes" || $_POST["ageverify"] != "yes")
  55. stderr("Sorry, you're not qualified to become a member of this site.");
  56.  
  57. // check if email addy is already in use
  58. $a = (@mysql_fetch_row(@mysql_query('SELECT COUNT(*) FROM users WHERE email = ' . sqlesc($email)))) or die(mysql_error());
  59. if ($a[0] != 0)
  60. stderr('The e-mail address <b>' . htmlspecialchars($email) . '</b> is already in use.');
  61.  
  62. $select_inv = mysql_query('SELECT sender, receiver, status FROM invite_codes WHERE code = ' . sqlesc($invite)) or die(mysql_error());
  63. $rows = mysql_num_rows($select_inv);
  64. $assoc = mysql_fetch_assoc($select_inv);
  65.  
  66. if ($rows == 0)
  67. stderr("Invite not found.\nPlease request a invite from one of our members.");
  68.  
  69. if ($assoc["receiver"]!=0)
  70. stderr("Invite already taken.\nPlease request a new one from your inviter.");
  71.  
  72. $secret = mksecret();
  73.     $wantpasshash = make_passhash( $secret, md5($wantpassword) );
  74.     $editsecret = ( !$arr[0] ? "" : make_passhash_login_key() );
  75.    
  76.     $added = sqlesc(time());
  77.         $welcome = sqlesc("{$TBDEV['WELCOMEPM']}");
  78.         mysql_query("INSERT INTO messages (sender, receiver, msg, added) VALUES(0, $id, $welcome, $added)") or sqlerr(__FILE__, __LINE__);
  79.  
  80.  
  81. $new_user = mysql_query("INSERT INTO users (username, passhash, secret, editsecret, invitedby, email, ". (!$arr[0]?"class, ":"") ."added) VALUES (" .
  82. implode(",", array_map("sqlesc", array($wantusername, $wantpasshash, $secret, $editsecret, (int)$assoc['sender'], $email))).
  83. ", ". (!$arr[0]?UC_FOUNDER.", ":""). "'".  time() ."')");
  84. $message = "Welcome New {$TBDEV['site_name']} Member : - " . htmlspecialchars($wantusername) . "";
  85. if (!$new_user) {
  86. if (mysql_errno() == 1062)
  87. stderr("Username already exists!");
  88. stderr("borked");
  89. }
  90. //===send PM to inviter
  91. $sender = $assoc["sender"];
  92. $added = sqlesc(time());
  93. $msg = sqlesc("Hey there [you] ! \nIt seems that someone you invited to {$TBDEV['site_name']} has arrived ! :clap2: \n\n Please go to your [url={$TBDEV['baseurl']}/invite.php]Invite page[/url] to confirm them so they can log in.\n\ncheers\n");
  94. $subject = sqlesc("Someone you invited has arrived!");
  95. mysql_query("INSERT INTO messages (sender, subject, receiver, msg, added) VALUES (0, $subject, $sender, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  96. //////////////end/////////////////////
  97. $id = mysql_insert_id();
  98. mysql_query('UPDATE invite_codes SET receiver = ' . sqlesc($id) . ', status = "Confirmed" WHERE sender = ' . sqlesc((int)$assoc['sender']). ' AND code = ' . sqlesc($invite)) or sqlerr(__FILE__, __LINE__);
  99. autoshout($message);
  100. write_log('User account '.htmlspecialchars($wantusername).' was created!');
  101.  
  102. stderr('Signup successfull', 'Your inviter needs to confirm your account now!');
  103. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!