API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 1st, 2017
110
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.75 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. require_once 'engine/init.php';
  3. logged_in_redirect();
  4. include 'layout/overall/header.php';
  5. require_once('config.countries.php');
  6.  
  7. if (empty($_POST) === false) {
  8. // $_POST['']
  9. $required_fields = array('username', 'password', 'password_again', 'email', 'selected');
  10. foreach($_POST as $key=>$value) {
  11. if (empty($value) && in_array($key, $required_fields) === true) {
  12. $errors[] = 'You need to fill in all fields.';
  13. break 1;
  14. }
  15. }
  16.  
  17. // check errors (= user exist, pass long enough
  18. if (empty($errors) === true) {
  19. /* Token used for cross site scripting security */
  20. if (!Token::isValid($_POST['token'])) {
  21. $errors[] = 'Token is invalid.';
  22. }
  23.  
  24. if ($config['use_captcha']) {
  25. $captcha = (isset($_POST['g-recaptcha-response'])) ? $_POST['g-recaptcha-response'] : false;
  26. if(!$captcha) {
  27. $errors[] = 'Please check the the captcha form.';
  28. } else {
  29. $secretKey = $config['captcha_secret_key'];
  30. $ip = $_SERVER['REMOTE_ADDR'];
  31. // curl start
  32. $curl_connection = curl_init("https://www.google.com/recaptcha/api/siteverify");
  33. $post_string = "secret=".$secretKey."&response=".$captcha."&remoteip=".$ip;
  34. curl_setopt($curl_connection, CURLOPT_CONNECTTIMEOUT, 5);
  35. curl_setopt($curl_connection, CURLOPT_RETURNTRANSFER, true);
  36. curl_setopt($curl_connection, CURLOPT_SSL_VERIFYPEER, false);
  37. curl_setopt($curl_connection, CURLOPT_FOLLOWLOCATION, 0);
  38. curl_setopt($curl_connection, CURLOPT_POSTFIELDS, $post_string);
  39. $response = curl_exec($curl_connection);
  40. curl_close($curl_connection);
  41. // Curl end
  42. $responseKeys = json_decode($response,true);
  43. if(intval($responseKeys["success"]) !== 1) {
  44. $errors[] = 'Captcha failed.';
  45. }
  46. }
  47. }
  48.  
  49. if (user_exist($_POST['username']) === true) {
  50. $errors[] = 'Sorry, that username already exist.';
  51. }
  52.  
  53. // Don't allow "default admin names in config.php" access to register.
  54. $isNoob = in_array(strtolower($_POST['username']), $config['page_admin_access']) ? true : false;
  55. if ($isNoob) {
  56. $errors[] = 'This account name is blocked for registration.';
  57. }
  58. if (preg_match("/^[a-zA-Z0-9]+$/", $_POST['username']) == false) {
  59. $errors[] = 'Your account name can only contain characters a-z, A-Z and 0-9.';
  60. }
  61. // name restriction
  62. $resname = explode(" ", $_POST['username']);
  63. foreach($resname as $res) {
  64. if(in_array(strtolower($res), $config['invalidNameTags'])) {
  65. $errors[] = 'Your username contains a restricted word.';
  66. }
  67. else if(strlen($res) == 1) {
  68. $errors[] = 'Too short words in your name.';
  69. }
  70. }
  71. if (strlen($_POST['username']) > 32) {
  72. $errors[] = 'Your account name must be less than 33 characters.';
  73. }
  74. // end name restriction
  75. if (strlen($_POST['password']) < 6) {
  76. $errors[] = 'Your password must be at least 6 characters.';
  77. }
  78. if (strlen($_POST['password']) > 100) {
  79. $errors[] = 'Your password must be less than 100 characters.';
  80. }
  81. if ($_POST['password'] !== $_POST['password_again']) {
  82. $errors[] = 'Your passwords do not match.';
  83. }
  84. if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === false) {
  85. $errors[] = 'A valid email address is required.';
  86. }
  87. if (user_email_exist($_POST['email']) === true) {
  88. $errors[] = 'That email address is already in use.';
  89. }
  90. if ($_POST['selected'] != 1) {
  91. $errors[] = 'You are only allowed to have an account if you accept the rules.';
  92. }
  93. if (validate_ip(getIP()) === false && $config['validate_IP'] === true) {
  94. $errors[] = 'Failed to recognize your IP address. (Not a valid IPv4 address).';
  95. }
  96. if (strlen($_POST['flag']) < 1) {
  97. $errors[] = 'Please choose country.';
  98. }
  99. }
  100. }
  101.  
  102. ?>
  103. <h1>Register Account</h1>
  104. <?php
  105. if (isset($_GET['success']) && empty($_GET['success'])) {
  106. if ($config['mailserver']['register']) {
  107. ?>
  108. <h1>Email authentication required</h1>
  109. <p>We have sent you an email with an activation link to your submitted email address.</p>
  110. <p>If you can't find the email within 5 minutes, check your <strong>junk/trash inbox (spam filter)</strong> as it may be mislocated there.</p>
  111. <?php
  112. } else echo 'Congratulations! Your account has been created. You may now login to create a character.';
  113. } elseif (isset($_GET['authenticate']) && empty($_GET['authenticate'])) {
  114. // Authenticate user, fetch user id and activation key
  115. $auid = (isset($_GET['u']) && (int)$_GET['u'] > 0) ? (int)$_GET['u'] : false;
  116. $akey = (isset($_GET['k']) && (int)$_GET['k'] > 0) ? (int)$_GET['k'] : false;
  117. // Find a match
  118. $user = mysql_select_single("SELECT `id`, `active` FROM `znote_accounts` WHERE `account_id`='$auid' AND `activekey`='$akey' LIMIT 1;");
  119. if ($user !== false) {
  120. $user = (int) $user['id'];
  121. $active = (int) $user['active'];
  122. // Enable the account to login
  123. if ($active == 0) {
  124. mysql_update("UPDATE `znote_accounts` SET `active`='1' WHERE `id`= $user LIMIT 1;");
  125. }
  126. echo '<h1>Congratulations!</h1> <p>Your account has been created. You may now login to create a character.</p>';
  127. } else {
  128. echo '<h1>Authentication failed</h1> <p>Either the activation link is wrong, or your account is already activated.</p>';
  129. }
  130. } else {
  131. if (empty($_POST) === false && empty($errors) === true) {
  132. if ($config['log_ip']) {
  133. znote_visitor_insert_detailed_data(1);
  134. }
  135.  
  136. //Register
  137. $register_data = array(
  138. 'name' => $_POST['username'],
  139. 'password' => $_POST['password'],
  140. 'email' => $_POST['email'],
  141. 'created' => time(),
  142. 'ip' => getIPLong(),
  143. 'flag' => $_POST['flag']
  144. );
  145.  
  146. user_create_account($register_data, $config['mailserver']);
  147. if (!$config['mailserver']['debug']) header('Location: register.php?success');
  148. exit();
  149. //End register
  150.  
  151. } else if (empty($errors) === false){
  152. echo '<font color="red"><b>';
  153. echo output_errors($errors);
  154. echo '</b></font>';
  155. }
  156. ?>
  157. <form action="" method="post">
  158. <ul>
  159. <li>
  160. Account Name:<br>
  161. <input type="text" name="username">
  162. </li>
  163. <li>
  164. Password:<br>
  165. <input type="password" name="password">
  166. </li>
  167. <li>
  168. Password again:<br>
  169. <input type="password" name="password_again">
  170. </li>
  171. <li>
  172. Email:<br>
  173. <input type="text" name="email">
  174. </li>
  175. <li>
  176. Country:<br>
  177. <select name="flag">
  178. <option value="">(Please choose)</option>
  179. <?php
  180. foreach(array('pl', 'se', 'br', 'us', 'gb', ) as $c)
  181. echo '<option value="' . $c . '">' . $config['countries'][$c] . '</option>';
  182.  
  183. echo '<option value="">----------</option>';
  184. foreach($config['countries'] as $code => $c)
  185. echo '<option value="' . $code . '">' . $c . '</option>';
  186. ?>
  187. </select>
  188. </li>
  189. <?php
  190. if ($config['use_captcha']) {
  191. ?>
  192. <li>
  193. <div class="g-recaptcha" data-sitekey="<?php echo $config['captcha_site_key']; ?>"></div>
  194. </li>
  195. <?php
  196. }
  197. ?>
  198. <li>
  199. <h2>Server Rules</h2>
  200. <p>The golden rule: Have fun.</p>
  201. <p>If you get pwn3d, don't hate the game.</p>
  202. <p>No <a href='http://en.wikipedia.org/wiki/Cheating_in_video_games' target="_blank">cheating</a> allowed.</p>
  203. <p>No <a href='http://en.wikipedia.org/wiki/Video_game_bot' target="_blank">botting</a> allowed.</p>
  204. <p>The staff can delete, ban, do whatever they want with your account and your <br>
  205. submitted information. (Including exposing and logging your IP).</p>
  206. </li>
  207. <li>
  208. Do you agree to follow the server rules?<br>
  209. <select name="selected">
  210. <option value="0">Umh...</option>
  211. <option value="1">Yes.</option>
  212. <option value="2">No.</option>
  213. </select>
  214. </li>
  215. <?php
  216. /* Form file */
  217. Token::create();
  218. ?>
  219. <li>
  220. <input type="submit" value="Create Account">
  221. </li>
  222. </ul>
  223. </form>
  224. <?php
  225. }
  226. include 'layout/overall/footer.php';
  227. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!