Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- class Registration extends PDO {
- private $config = [
- 'Host' => '127.0.0.1',
- 'Database' => 'houdini',
- 'User' => 'root',
- 'Pass' => '',
- ];
- public function __construct(){
- parent::__construct('mysql:host='. $this->config['Host'] . ';dbname=' . $this->config['Database'], $this->config['User'], $this->config['Pass']);
- }
- public function encryptPassword($password, $md5 = true) {
- if($md5 !== false) {
- $password = md5($password);
- }
- $hash = substr($password, 16, 16) . substr($password, 0, 16);
- return $hash;
- }
- public function sendError($errorType, $message){
- switch($errorType){
- case "success":
- $error = "<div class=\"alert alert-success\">{$message}</div>";
- break;
- case "error":
- $error = "<div class=\"alert alert-danger\">{$message}</div>";
- break;
- }
- return $error;
- }
- public function getLoginHash($password, $staticKey) {
- $hash = $this->encryptPassword($password, false);
- $hash .= $staticKey;
- $hash .= 'Y(02.>\'H}t":E1';
- $hash = $this->encryptPassword($hash);
- $hash = password_hash($hash, PASSWORD_DEFAULT, [ 'cost' => 12 ]);
- return $hash;
- }
- public function addUser($username, $email, $password, $color){
- $hashedPassword = strtoupper(md5($password));
- $staticKey = 'e4a2dbcca10a7246817a83cd';
- $fancyPassword = $this->getLoginHash($hashedPassword, $staticKey);
- $strQuery = "INSERT INTO penguins (ID, Username, Nickname, Password, LoginKey, Email, RegistrationDate, LastPaycheck, Color, Inventory, Igloos, Floors, Furniture, Stamps, Buddies, Ignore) VALUES (NULL, :username, :username, :password, '', :email, :TimeDate, '', :color, '', '1', '', '', '7', '', '')";
- $insertUser = $this->prepare($strQuery);
- $insertUser->bindValue(":username", $username);
- $insertUser->bindValue(":email", $email);
- $insertUser->bindValue(":TimeDate", time());
- $insertUser->bindValue(":password", $fancyPassword);
- $insertUser->bindValue(":color", $color);
- $insertUser->execute();
- $insertUser->closeCursor();
- $penguinId = $this->lastInsertId();
- $this->addActiveIgloo($penguinId);
- $this->addColors($penguinId);
- return $penguinId;
- }
- private function addColors($penguinId) {
- $insertStatement = $this->prepare("UPDATE `penguins` SET `Inventory` = '%14%1%2%3%4%5%6%7%8%9%10%11%12%13%15' WHERE ID = :Penguin;");
- $insertStatement->bindValue(":Penguin", $penguinId);
- $insertStatement->execute();
- $insertStatement->closeCursor();
- }
- private function addActiveIgloo($penguinId) {
- $insertStatement = $this->prepare("INSERT INTO `igloos` (`ID`, `Owner`, `Furniture`) VALUES (NULL, :Owner, '');");
- $insertStatement->bindValue(":Owner", $penguinId);
- $insertStatement->execute();
- $insertStatement->closeCursor();
- $iglooId = $this->lastInsertId();
- $setActiveIgloo = $this->prepare("UPDATE `penguins` SET `Igloo` = :Igloo WHERE ID = :Penguin;");
- $setActiveIgloo->bindValue(":Igloo", $iglooId);
- $setActiveIgloo->bindValue(":Penguin", $penguinId);
- $setActiveIgloo->execute();
- $setActiveIgloo->closeCursor();
- }
- public function getID($penguinId){
- $strQuery = 'SELECT ID FROM penguins WHERE ID = :ID';
- $getID = $this->prepare($strQuery);
- $getID->bindValue(':ID', $penguinId);
- $getID->execute();
- $idExists = $getID->rowCount() > 0;
- return $idExists;
- }
- public function usernameExists($username){
- $strQuery = 'SELECT Username FROM penguins WHERE Username = :username';
- $checkUsername = $this->prepare($strQuery);
- $checkUsername->bindValue(':username', $username);
- $checkUsername->execute();
- $usernameExists = $checkUsername->rowCount() > 0;
- return $usernameExists;
- }
- public function EmailExists($email){
- $strQuery = 'SELECT Email FROM penguins WHERE Email = :email';
- $checkEmail = $this->prepare($strQuery);
- $checkEmail->bindValue(':email', $email);
- $checkEmail->execute();
- $emailExists = $checkEmail->rowCount() > 0;
- return $emailExists;
- }
- }
- $db = new Registration();
- if(isset($_POST) && !empty($_POST)){
- if(isset($_POST["username"],$_POST["email"], $_POST["password"], $_POST["repassword"], $_POST["penguinColor"], $_POST["g-recaptcha-response"]) && !empty($_POST["username"]) && !empty($_POST["email"]) && !empty($_POST["password"]) && !empty($_POST["repassword"]) && !empty($_POST["penguinColor"]) && !empty($_POST["g-recaptcha-response"])){
- $strUsername = $_POST["username"];
- $strEmail = $_POST["email"];
- $strPassword = $_POST["password"];
- $strRePassword = $_POST["repassword"];
- $intColor = $_POST["penguinColor"];
- $strCaptcha = $_POST["g-recaptcha-response"];
- $intIP = $_SERVER['REMOTE_ADDR'];
- $strSecretKey = '6LcJnSwUAAAAANvxqWMD83s_xpn12awpQ7-QOlxx';
- $strResponse = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$strSecretKey."&response=".$strCaptcha."&remoteip=".$intIP);
- $strResponseKeys = json_decode($strResponse, true);
- $censor = new CensorWords;
- $cen = $censor->censorString($strUsername);
- if($db->usernameExists($strUsername)){
- $error = $db->sendError('error', 'There was an error!');
- }
- //elseif(in_array($strUsername, $strBadNames)){
- elseif(count($cen['matched']) > 0){
- $strBad = "";
- foreach ($cen['matched'] as $bad) {
- $strBad .= "$bad ";
- }
- $error = $db->sendError('error', 'This username is not allowed: ' . $strBad);
- }
- elseif($db->emailExists($strEmail)){
- $error = $db->sendError('error', 'There was an error!');
- }
- elseif(strlen($strUsername) == 0){
- $error = sendError('error', 'You need to provide a name for your penguin.');
- }
- elseif(strlen($strUsername) < 4 || strlen($strUsername) > 21){
- $error = $db->sendError('error', 'Your penguin name is either too short or too long.');
- }
- elseif(preg_match_all("/[0-9]/", $strUsername) > 21){
- $error = $db->sendError('error', 'Your penguin name can only contain 21 numbers.');
- }
- elseif(!preg_match("/[A-z]/i", $strUsername)){
- $error = $db->sendError('error', 'Penguin names must contain at least 1 letter.');
- }
- elseif(preg_match('/[^a-z0-9\s]/i', $strUsername)){
- $error = $db->sendError('error', 'That username is not allowed.');
- }
- elseif(!filter_var($strEmail, FILTER_VALIDATE_EMAIL)){
- $error = $db->sendError('error', 'Your email isn\'t valid.');
- }
- elseif(strlen($strPassword) < 4) {
- $error = $db->sendError('error', "Your password is too short!");
- }
- elseif($strPassword != $strRePassword){
- $error = $db->sendError('error', "Passwords do not match!");
- }
- elseif(!$strCaptcha){
- $error = $db->sendError('error', 'Please fill out the captcha.');
- die();
- }
- /*elseif(intval($strResponseKeys["success"]) !== 1) {
- $error = $db->sendError('error', 'Invalid validation!');
- }*/
- if(empty($error)){
- $db->addUser($strUsername, $strEmail, $strPassword, $intColor);
- echo '<script language="javascript">';
- echo 'window.onload = function () {';
- echo 'swal("Well done!", "You have successfully registered!", "success")';
- echo '};';
- echo '</script>';
- }
- } else
- {
- $error = $db->sendError('error', "Please complete all the fields.");
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement