-<!DOCTYPE html> -<html > -<head> -<meta charset="UTF-8"> -<title>Luna -

1. -<!DOCTYPE html>
2. -<html >
3. -<head>
4. -<meta charset="UTF-8">
5. -<title>Luna - Register</title>
6. -<link rel="stylesheet" href="css/style.css">
7. -</head>
8. -<body>
9. -
10. -<div class="overlay">
11. -<ul>
12. -<li><a href="index.php">Home</a></li>
13. -<li><a class="active" href="register.php">Register</a></li>
14. -<li><a href="play.php">Play</a></li>
15. -<li><a href="manager/index.php">Manager</a></li>
16. -<li><a href="commands.php">Commands</a></li>
17. -<li><a href="staff.php">Staff</a></li>
18. -<li><a href="contact.php">Contact Us</a></li>
19. -<li><a href="about.php">About Us</a></li>
20. -</ul>
21. -
22. -<div class="container">
23. -
24. -<?php
25. -
26. -require 'recaptcha/src/autoload.php';
27. -require 'config.php';
28. -
29. -function domain_exists($strEmail, $strRecord = 'MX'){
30. - list($strUser, $strDomain) = explode('@', $strEmail);
31. - return checkdnsrr($strDomain, $strRecord);
32. -}
33. -
34. -function sendError($strErr) {
35. - $strMsg = "<center><h2>Error: " . $strErr . "</h2></center>";
36. - die($strMsg);
37. -}
38. -
39. -$resDBCon= mysqli_connect($strDBHost, $strDBUser, $strDBPass, $strDBName) or sendError('Failed to connect to MySQL: ' . mysqli_connect_error());
40. -
41. -if (isset($_POST['submit'])) {
42. - $strUsername = $_POST['username'];
43. - $strPassword = $_POST['pass'];
44. - $strPasswordTwo = $_POST['passtwo'];
45. - $strColor = $_POST['color'];
46. - $strEmail = $_POST['email'];
47. - $intPin = $_POST['spin'];
48. -
49. - if (empty($strEmail) || empty($strUsername) || empty($strPassword) || empty($strPasswordTwo) || empty($strColor) || empty($intPin)) {
50. - sendError('One or more fields has not been completed, please complete them');
51. - }
52. -
53. - $strUsername = mysqli_real_escape_string($resDBCon, $strUsername);
54. - $strPassword = mysqli_real_escape_string($resDBCon, $strPassword);
55. - $strPasswordTwo = mysqli_real_escape_string($resDBCon, $strPasswordTwo);
56. - $strColor = mysqli_real_escape_string($resDBCon, $strColor);
57. - $strEmail = mysqli_real_escape_string($resDBCon, $strEmail);
58. - $intPin = mysqli_real_escape_string($resDBCon, $intPin);
59. -
60. - $strUsername = addslashes($strUsername);
61. - $strPassword = addslashes($strPassword);
62. - $strPasswordTwo = addslashes($strPasswordTwo);
63. - $strColor = addslashes($strColor);
64. - $strEmail = addslashes($strEmail);
65. - $intPin = addslashes($intPin);
66. -
67. - if (!filter_var($strEmail, FILTER_VALIDATE_EMAIL)) {
68. - sendError('Invalid email address! Please recheck your email');
69. - } elseif (!domain_exists($strEmail)) {
70. - sendError('Invalid domain for email address! Please use a valid domain');
71. - } elseif (!preg_match('/[^A-Za-z0-9]/', $strUsername)) {
72. - sendError('Invalid username! Please make sure the username is alphanumeric');
73. - } elseif (strlen($strUsername) > 10 || strlen($strUsername) <= 3) {
74. - sendError('Invalid username! Please make sure the username is not too long or too short');
75. - } elseif (strlen($strColor) > 6) {
76. - sendError('Invalid color! Please use a valid color');
77. - } elseif ($strPassword != $strPasswordTwo) {
78. - sendError('Password does not match! Please make sure the passwords match');
79. - } elseif (strlen($strPassword) > 15 || strlen($strPassword) < 5) {
80. - sendError('Password is either too long or too short');
81. - } elseif (strlen($strPasswordTwo) > 15 && strlen($strPasswordTwo) < 5) {
82. - sendError('Password Two is either too long or too short');
83. - } elseif (!(preg_match('/[A-Z]+/', $strPassword) && preg_match('/[a-z]+/', $strPassword) && preg_match('/[\d!$%^&]+/', $strPassword))) {
84. - sendError('Password needs to have one lowercase and uppercase letter, a number and a special character');
85. - } elseif (!preg_match('/^\d{6}$/', $intPin)) {
86. - sendError('Invalid pin number, pin must be 6 digits long');
87. - }
88. -
89. - $strColor = '0x' . $strColor;
90. -
91. - $arrExistUsers = mysqli_query($resDBCon, "SELECT username FROM users WHERE username = '$strUsername'");
92. - $intUsers = mysqli_num_rows($arrExistUsers);
93. -
94. - if ($intUsers != 0) {
95. - sendError('Username already exists, please try another name');
96. - }
97. -
98. - $arrExistEmails = mysqli_query($resDBCon, "SELECT email FROM users WHERE email = '$strEmail'");
99. - $intEmails = mysqli_num_rows($arrExistEmails);
100. -
101. - if ($intEmails != 0) {
102. - sendError('Email is already in use, please try another email');
103. - }
104. -
105. - $strIP = mysqli_real_escape_string($resDBCon, $_SERVER['REMOTE_ADDR']);
106. -
107. - $arrExistIPS = mysqli_query($resDBCon, "SELECT ipAddr FROM users WHERE ipAddr = '$strIP'");
108. - $intIPS = mysqli_num_rows($arrExistIPS);
109. -
110. - if ($intPS >= 2) {
111. - sendError('You cannot create more than two accounts using this IP');
112. - }
113. -
114. - $strMD5 = md5($strPassword);
115. -
116. - $recaptcha = new \ReCaptcha\ReCaptcha($strSecretKey);
117. - $resp = $recaptcha->verify($_POST['g-recaptcha-response'], $strIP);
118. -
119. - if (!$resp->isSuccess()) {
120. - sendError('You are a bot, get the fuck out');
121. - } else {
122. - $resQuery = mysqli_query($resDBCon, "INSERT INTO users (`username`, `nickname`, `email`, `password`, `colour`, `ipAddr`, `stamps`, `spin`) VALUES ('" . $strUsername . "', '" . $strUsername . "', '" . $strEmail . "', '" . $strMD5 . "', '" . $strColor . "', '" . $strIP . "', '31|7|33|8|32|35|34|36|290|358|448', '" . $intPin . "')");
123. - $intPID = mysqli_insert_id($resDBCon);
124. - mysqli_query($resDBCon, "INSERT INTO igloos (`ID`, `username`) VALUES ('" . $intPID . "', '" . $strUsername . "')");
125. - mysqli_query($resDBCon, "INSERT INTO postcards (`recepient`, `mailerID`, `mailerName`, `postcardType`) VALUES ('" . $intPID . "', '0', 'Luna', '125')");
126. - echo "<center><h2>You have successfully registered with Luna, $strUsername ! You may now login to the game :-)</h2></center>";
127. - }
128. -
129. -} else {
130. -
131. -?>
132. -
133. -<center>
134. -<form class="form" name="form" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
135. - <input type="text" name="username" maxlength="10" placeholder="Enter Your Username">
136. - <input type="text" name="email" maxlength="25" placeholder="Enter Your Email">
137. - <input type="password" name="pass" maxlength="15" placeholder="Enter Your Password">
138. - <input type="password" name="passtwo" maxlength="15" placeholder="Enter Your Password Again">
139. - <input type="password" name="spin" maxlength="6" placeholder="Enter Your Secret Pin">
140. - <label for="color">Penguin Color</label>
141. - <input class="jscolor" type="text" name="color" maxlength="6">
142. - <br><br>
143. - <div class="g-recaptcha" data-sitekey="<?php echo $strSiteKey; ?>"></div>
144. - <script type="text/javascript" src='https://www.google.com/recaptcha/api.js?hl=en'></script>
145. - <br>
146. - <input type="submit" id="login-button" name="submit" value="Sign Up">
147. -</form>
148. -</center>
149. -
150. -<?php
151. -}
152. -?>
153. -
154. -</div>
155. -<div class="footer">&copy; 2016-2017 Luna &#8482; All Rights Reserved</div>
156. -</div>
157. -</body>
158. -<script src='http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js'></script>
159. -<script src="js/jscolor.js"></script>
160. -<script src="js/index.js"></script>
161. -</html>