Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php /* UE Accounts Signup Process */
- require_once('inc/core.php');
- accounts_start(false);
- /* PasswordHash */
- require('inc/passwordhash.php');
- /* Get Values */
- $fullname = filter_magic_quotes(mysql_real_escape_string($_POST['fullname']));
- $username = filter_magic_quotes(mysql_real_escape_string($_POST['username']));
- $password = filter_magic_quotes(mysql_real_escape_string($_POST['password']));
- $email = filter_magic_quotes(mysql_real_escape_string($_POST['email']));
- if ($_POST["request"] != "ajax") {
- if ($_POST['email_public'] != "") { $email_public_array = $_POST['email_public'];
- foreach ($email_public_array as $row) { $email_public = "true"; }
- } else {
- $email_public = "false";
- }
- } else { $email_public = $_POST["email_public"]; }
- $ip = $_SERVER['REMOTE_ADDR'];
- $checkusername = mysql_query("SELECT username FROM users WHERE username = '".$username."'");
- $checkemail = mysql_query("SELECT email FROM users WHERE email = '".$email."'");
- $validatedusername = preg_replace("/[^a-zA-Z0-9_-]/", "", $username);
- if ($username == $validatedusername) { $validusername = true; }
- else { $validusername = false; }
- $activationkey = uniqid(rand(),true);
- $date = date("Y-m-d H:i:s");
- $uid = sha1(uniqid(rand(),true));
- /* Hash Password */
- $hasher = new PasswordHash(8, FALSE);
- $hash = $hasher->HashPassword($password);
- /* Error Messages */
- if (strlen($password) > 72) { echo '<p>Please keep your password under 72 characters. <a href="'.$base_url.'/signup/">Try again</a>.</p>'; }
- if (strlen($hash) < 20) { echo '<p>Unexpected error, please check your password. <a href="'.$base_url.'/signup/">Try again</a>.</p>'; unset($hasher); }
- if (filter_email($email) == false) { echo '<p>Please enter a valid email. <a href="'.$base_url.'/signup/">Try again</a>.</p>'; }
- if ($fullname == "") { echo '<p>Please fill out the full name field. <a href="'.$base_url.'/signup/">Try again</a>.</p>'; }
- if ($username == "") { echo '<p>Please fill out the username field. <a href="'.$base_url.'/signup/">Try again</a>.</p>'; }
- if ($password == "") { echo '<p>Please fill out the password field. <a href="'.$base_url.'/signup/">Try again</a>.</p>'; }
- if ($email == "") { echo '<p>Please fill out the email field. <a href="'.$base_url.'/signup/">Try again</a>.</p>'; }
- /* Create Account */
- if (($fullname != "") && ($username != "") && (strlen($hash) >= 20) && (strlen($password) <= 72) && ($email != "") && (filter_email($email) == true)) {
- if (mysql_num_rows($checkusername) == 1) { echo '<p>Sorry, that username already exists. <a href="'.$base_url.'/signup/">Try again</a>.</p>'; }
- else if (mysql_num_rows($checkemail) == 1) { echo '<p>Sorry, that email is already in use. <a href="'.$base_url.'/signup/">Try again</a>.</p>'; }
- else if ($validusername == false) { echo '<p>Please make sure your username contains no spaces or weird characters (dashes and underscores allowed). <a href="'.$base_url.'/signup/">Try again</a>.</p>'; }
- else { $signupquery = mysql_query("INSERT INTO users (uid, fullname, username, password, email, email_public, ip, signupday, activationkey) VALUES('".$uid."', '".$fullname."', '".$username."', '".$hash."', '".$email."', '".$email_public."', '". $ip."', '".$date."', '".$activationkey."')");
- if ($signupquery) {
- mail_signup_activation($email, $activationkey);
- if ($_POST["request"] != "ajax") {
- header('Location: '.$base_url.'/login?user=new');
- } else {
- echo "success:$username";
- }
- } else { echo '<p>Sorry, an unknown error occured. <a href="'.$base_url.'/signup/">Try again</a>.</p>'; }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement