Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include "config.php";
- $tbc = 2;
- $database_encoding = 'CP1251';
- $auth = mysql_connect("$dbip:$dbport", "$dblogin", "$dbpass", True);
- mysql_selectdb("$rdb", $auth);
- $world = mysql_connect("$dbip:$dbport", "$dblogin", "$dbpass", True);
- mysql_selectdb("$mdb", $world);
- $characters = mysql_connect("$dbip:$dbport", "$dblogin", "$dbpass", True);
- mysql_selectdb("$cdb", $characters);
- echo "
- <script type=\"text/javascript\">
- function isAlphaNumeric(value)
- {
- if (value.match(/^[a-zA-Z0-9_]+$/))
- return true;
- return false;
- }
- function checkform(f)
- {
- if (f.account.value == \"\")
- {
- alert(\"Введите логин\");
- return false;
- }
- if (!isAlphaNumeric(f.account.value))
- {
- alert(\"Запрещенные символы в логине\");
- return false;
- }
- if (f.password.value==\"\")
- {
- alert(\"Введите пароль\");
- return false;
- }
- if (!isAlphaNumeric(f.password.value))
- {
- alert(\"Запрещенные символы в пароле\");
- return false;
- }
- if (f.password2.value==\"\")
- {
- alert(\"Вы не ввели повтор пароля\");
- return false;
- }
- if (f.password.value != f.password2.value)
- {
- alert(\"Пароли не совпадают\");
- return false;
- }
- if (f.email.value==\"\")
- {
- alert(\"Вы не ввели e-mail\");
- return false;
- }
- }
- </script>";
- echo "
- <font color=#00CC00>
- </font><br><br>
- <center>
- <form method=post action=reg.php onsubmit=\"return checkform(this)\">
- <table>
- <tr>
- <td><font color=grey>Имя аккаунта:</font></td>
- <td><input type=text name=account maxlength=20></td>
- </tr>
- <tr>
- <td><font color=grey>Пароль:</font></td>
- <td><input type=password name=password maxlength=20></td>
- </tr>
- <tr>
- <td><font color=grey>Пароль ещё раз:</font></td>
- <td><input type=password name=password2 maxlength=20></td>
- </tr>
- <tr>
- <td><font color=grey>Почта:</font></td>
- <td><input type=text name=email maxlength=32></td><br>
- </tr>
- <tr>
- <td colspan=2 style=\"text-align: center;\"><br><input type=submit value=Зарегистрироваться></td>
- </tr>
- </table>
- </form></center>";
- if (isset($_POST['account'])) {
- if ($_POST['account'] && strlen($_POST['account'])<=20 && strlen($_POST['account'])>=3 && strlen($_POST['password'])>=3 && $_POST['password'] && $_POST['password2'] && $_POST['password']==$_POST['password2']) {
- if (!eregi("^[a-zA-Z0-9_]+$", $_POST['account']))
- die ("<p>Error: SQL-Injection</p>";
- if (!eregi("^[a-zA-Z0-9_]+$", $_POST['password']))
- die ("<p>Error: SQL-Injection</p>";
- $pass = ($_POST['password']);
- $username = ($_POST['account']);
- $result = mysql_query("SELECT * FROM account WHERE username='".$_POST['account']."' AND sha_pass_hash='$pass'", $auth);
- if (mysql_num_rows($result) != 0) {
- echo "<center><p><font color=#CC0000><b>Такой аккаунт уже есть!</b></font></p></center>";
- } else {
- if (!mysql_query("INSERT INTO account (username, sha_pass_hash, gmlevel, email, expansion) VALUES ('$username', SHA1(CONCAT(UPPER('$username'),':',UPPER('$pass'))), 0, '".$_POST['email']."', $tbc)", $auth)) {echo "<center><p><font color=#CC0000><b>Ошибка</b></font></p></center>";} else {echo "<center><p><font color=#00CC00><b>Аккаунт успешно зарегестрирован!</b></font></p></center>";}
- }
- } else {
- echo "<center><p><font color=#CC0000><b>Проверьте правильность ввода!</b></font></p></center>";
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement