Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?
- require_once("include/bittorrent.php");
- dbconn();
- set_time_limit(0);
- ignore_user_abort(1);
- if (!mkglobal("wantusername:wantpassword:passagain:email:language:invitekod"))
- httperr();
- function bark($msg) {
- stdhead();
- stdmsg("Failed!", $msg);
- stdfoot();
- exit;
- }
- function validinvitekod($kod)
- {
- $o = mysql_query("SELECT * FROM invites WHERE secret = '$kod';") or sqlerr(__FILE__, __LINE__);
- $b = mysql_num_rows($o);
- if($b == 1)
- return True;
- else
- return False;
- }
- $eh = sqlesc($wantusername);
- $count = mysql_query("SELECT * FROM users WHERE username = $eh;") or sqlerr(__FILE__, __LINE__);
- if(mysql_num_rows($count)>0)
- {
- stderr("Error","Username taken.");
- }
- function validusername($username)
- {
- if ($username == "")
- return false;
- // The following characters are allowed in user names
- $allowedchars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
- for ($i = 0; $i < strlen($username); ++$i)
- if (strpos($allowedchars, $username[$i]) === false)
- return false;
- return true;
- }
- function validatepass($pass)
- {
- //if((ctype_digit($pass) || ctype_alpha($pass)) && strlen($pass) <7)
- //bark("The password must contain both letters and digits.");
- if($pass == 'abc123')
- bark("Oh please... abc123 is the worst password ever.");
- if($pass == 'hejsan')
- bark("Oh please... hejsan is the worst password ever.");
- if($pass == '123456')
- bark("Oh please... 123456 is the worst password ever.");
- if($pass == 'password')
- bark("Oh please... password is the worst password ever.");
- if($pass == 'qwerty')
- bark("Oh please... qwerty is the worst password ever.");
- if($pass == 'hejhej')
- bark("Oh please... hejhej is the worst password ever.");
- if($pass == 'bajskorv')
- bark("Oh please... bajskorv is the worst password ever.");
- if($pass == 'kalle')
- bark("Oh please... kalle is the worst password ever.");
- if($pass == 'general')
- bark("Oh please... general is the worst password ever.");
- if (strlen($pass) < 6)
- bark("Password too short (atleast 6 chars)");
- if (strlen($pass) > 20)
- bark("Password too long (maximum 20 chars)");
- return true;
- }
- function isportopen($port)
- {
- global $HTTP_SERVER_VARS;
- $sd = @fsockopen($HTTP_SERVER_VARS["REMOTE_ADDR"], $port, $errno, $errstr, 1);
- if ($sd)
- {
- fclose($sd);
- return true;
- }
- else
- return false;
- }
- /*
- function isproxy()
- {
- $ports = array(80, 88, 1075, 1080, 1180, 1182, 2282, 3128, 3332, 5490, 6588, 7033, 7441, 8000, 8080, 8085, 8090, 8095, 8100, 8105, 8110, 8888, 22788);
- for ($i = 0; $i < count($ports); ++$i)
- if (isportopen($ports[$i])) return true;
- return false;
- }
- */
- if (empty($wantusername) || empty($wantpassword) || empty($email))
- bark("Dont leave any fields blank.");
- if (strlen($wantusername) > 12)
- bark("Username too long. (Max 12 chars)");
- if ($wantpassword != $passagain)
- bark("Password missmatch.");
- if ($wantpassword == $wantusername)
- bark("The password cant be the same as the username.");
- if (!validusername($wantusername))
- bark("Invalid username");
- if (!validatepass($wantpassword))
- bark("Pick another password...");
- if (!validinvitekod($invitekod))
- bark("Bad invitecode.");
- if (!validemail($email))
- bark("That doesn't look like a valid email address.");
- // make sure user agrees to everything...
- $a = (@mysql_fetch_row(@mysql_query("select count(*) from users where email='$email'"))) or die(mysql_error());
- if ($a[0] != 0)
- bark("The e-mail address $email is already in use.");
- $wantpasshash = "temp";
- $gender = 0+$_POST["gender"];
- $alder = 0+$_POST["alder"];
- $b = mysql_query("SELECT * FROM invites WHERE secret = '$invitekod';") or sqlerr(__FILE__, __LINE__);
- $oo = mysql_fetch_array($b);
- $inv = $oo[userid];
- $ip = $_SERVER["REMOTE_ADDR"];
- $passkey = md5($CURUSER['username'].get_date_time().$CURUSER['passhash']);
- //$ret = mysql_query("INSERT INTO users (username, passhash, email, passkey, invited_by, added, last_access,byttpass) VALUES (" .implode(",", array_map("sqlesc", array($wantusername, $wantpasshash, $email, $passkey, $inv))) .",'" . get_date_time() . "','" . get_date_time() . "',1)");
- $ret = mysql_query("INSERT INTO users (username, passhash, email, passkey, invited_by, language, added, last_access, ip, gender, alder) VALUES (" .implode(",", array_map("sqlesc", array($wantusername, $wantpasshash, $email, $passkey, $inv, $language))) .",'" . get_date_time() . "','" . get_date_time() . "', '$ip', $gender, $alder)");
- if (!$ret) {
- if (mysql_errno() == 1062)
- bark("MySQL fel i skapning av kontot!");
- bark("Fel?");
- }
- $uid = mysql_insert_id();
- $msg = sqlesc("The invite sent to {$email} is accepted and he/she choosed [url=/userdetails.php?id={$uid}][b]{$wantusername}[/b][/url] as username.");
- $dt = sqlesc(get_date_time());
- mysql_query("INSERT INTO messages (sender, receiver, added, msg, subject) VALUES(1, $inv, $dt, $msg, 'Invite accepted')") or sqlerr(__FILE__, __LINE__);
- $ro = mysql_fetch_array(mysql_query("SELECT added FROM users WHERE id = $uid LIMIT 1"));
- $nyhash = md5(md5($wantpassword.$ro["added"])."korvspad1".$wantpassword);
- mysql_query("UPDATE users SET passhash = '$nyhash' WHERE id = $uid LIMIT 1;") or sqlerr(__FILE__, __LINE__);
- // Ny-Regg-Koll
- $ip = $_SERVER["REMOTE_ADDR"];
- $iplog = mysql_query("SELECT COUNT(*) FROM iplog WHERE ip = '$ip'") or sqlerr(__FILE__, __LINE__);
- $iplog = mysql_fetch_array($iplog);
- $host = gethostbyaddr($ip);
- $regg = mysql_query("SELECT COUNT(*) FROM inlogg WHERE ip = '$ip'");
- $regg = mysql_fetch_array($regg);
- $ilog = $iplog[0] + $regg[0];
- $level1 = mysql_num_rows(mysql_query("SELECT enabled FROM `inlogg` JOIN users on inlogg.uid = users.id WHERE inlogg.ip = '$ip' AND enabled = 'no'"));
- $level2 = mysql_num_rows(mysql_query("SELECT enabled FROM `iplog` JOIN users on iplog.userid = users.id WHERE iplog.ip = '$ip' AND enabled = 'no'"));
- if( ($level1+$level2) > 0 )
- $level = 1;
- else
- $level = 0;
- mysql_query("INSERT INTO nyregg(userid, datum, ip, hostname, email, log_mail, log_ip, level) VALUES($uid, '".get_date_time()."', '$ip', '$host', '$email', 0, $ilog, $level)") or sqlerr(__FILE__, __LINE__);
- // Regg-koll-slut
- mysql_query("DELETE FROM invites WHERE secret = '$invitekod';") or sqlerr(__FILE__, __LINE__);
- $passh = md5($HTTP_SERVER_VARS["REMOTE_ADDR"].$nyhash."hejsan".$HTTP_SERVER_VARS["REMOTE_ADDR"]);
- logincookie($uid, $passh);
- header("Refresh: 0; url=faq.php");
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement