API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 10th, 2017
96
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.13 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. function Error($Error)
  3. {
  4. echo "<center><b><span style='color:#00FFFF;'>" . $Error . "</span></b></center>";
  5. }
  6. function ConnectMysql()
  7. {
  8. include("configs.php");
  9. $link=mysql_connect("" . $mysql_host . "","" . $mysql_user . "","" . $mysql_pass . "");
  10.  
  11. if(!$link) {
  12. echo "Cannot connect to database!";
  13. }else{
  14. mysql_select_db("". $mysql_db . "",$link);
  15. }
  16. }
  17.  
  18. function register()
  19. {
  20. include('configs.php');
  21.  
  22. if($core == 1) {
  23. if(isset($_POST['flags'])) {
  24. if($_POST['flags'] == "0") {
  25. $flags = "0";
  26. }elseif($_POST['flags'] == "8") {
  27. $flags = "1";
  28. }elseif($_POST['flags'] == "24") {
  29. $flags = "2";
  30. }
  31. }else{ echo '<script type="text/javascript">window.location = "index.php?error=Please select an expansion.";</script>'; exit(); }
  32. ConnectMysql();
  33. $user_chars = "#[^a-zA-Z0-9_\-]#";
  34.  
  35. if ((empty($_POST["user"]))||(empty($_POST["password"])) ) {
  36. echo '<script type="text/javascript">window.location = "index.php?error=You did not enter all the required information.";</script>';
  37. } else {
  38. $username = strtoupper($_POST["user"]);
  39. $password = strtoupper($_POST["password"]);
  40. if (strlen($username) < 3) {
  41. echo '<script type="text/javascript">window.location = "index.php?error=Username too short.";</script>';
  42. exit();
  43. };
  44. if (strlen($username) > 30) {
  45. echo '<script type="text/javascript">window.location = "index.php?error=Username too long.";</script>';
  46. exit();
  47. };
  48. if (strlen($password) < 3) {
  49. echo '<script type="text/javascript">window.location = "index.php?error=Password too short.";</script>';
  50. exit();
  51. };
  52. if (strlen($password) > 30) {
  53. echo '<script type="text/javascript">window.location = "index.php?error=Password too long.";</script>';
  54. exit();
  55. };
  56. if (preg_match($user_chars,$username)) {
  57. echo '<script type="text/javascript">window.location = "index.php?error=Username contained illegal characters.";</script>';
  58. exit();
  59. };
  60. if (preg_match($user_chars,$password)) {
  61. echo '<script type="text/javascript">window.location = "index.php?error=Password contained illegal characters.";</script>';
  62. exit();
  63. };
  64. $username = mysql_real_escape_string($username);
  65. $password = mysql_real_escape_string($password);
  66. $qry = mysql_query("SELECT username FROM account WHERE username = '" . $username . "'");
  67. if (!$qry) {
  68. echo '<script type="text/javascript">window.location = "index.php?error=Error querying database.";</script>';
  69. exit();
  70. };
  71. if ($existing_username = mysql_fetch_assoc($qry)) {
  72. foreach ($existing_username as $key => $value) {
  73. $existing_username = $value;
  74. };
  75. };
  76. $existing_username = strtoupper($existing_username);
  77. if ($existing_username == strtoupper($_POST['user'])) {
  78. echo '<script type="text/javascript">window.location = "index.php?error=That username is already taken.";</script>';
  79. exit();
  80. };
  81. unset($qry);
  82. $sha_pass_hash = sha1(strtoupper($username) . ":" . strtoupper($password));
  83. $register_sql = "INSERT INTO account (username, sha_pass_hash, expansion) VALUES ('" . $username . "','" . $sha_pass_hash . "','" . $flags . "')";
  84. $qry = mysql_query($register_sql);
  85. if (!$qry) {
  86. echo '<script type="text/javascript">window.location = "index.php?error=Error creating account.";</script>';
  87. exit();
  88. };
  89. echo '<br /><br /><br /><br /><br /><br /><center><span style="color:#00FFFF;">Account successfully created.<br /></span></center>';
  90. };
  91.  
  92. }elseif($core == 2) {
  93.  
  94. if(isset($_POST['flags'])) { $flags = "" . $_POST['flags'] . ""; }else{ echo '<script type="text/javascript">window.location = "index.php?error=Please select an expansion.";</script>'; exit(); }
  95. ConnectMysql();
  96. $user_chars = "#[^a-zA-Z0-9_\-]#";
  97.  
  98. if ((empty($_POST["user"]))||(empty($_POST["password"])) ) {
  99. echo '<script type="text/javascript">window.location = "index.php?error=You did not enter all the required information.";</script>';
  100. } else {
  101. $username = strtoupper($_POST["user"]);
  102. $password = strtoupper($_POST["password"]);
  103. if (strlen($username) < 3) {
  104. echo '<script type="text/javascript">window.location = "index.php?error=Username too short.";</script>';
  105. exit();
  106. };
  107. if (strlen($username) > 30) {
  108. echo '<script type="text/javascript">window.location = "index.php?error=Username too long.";</script>';
  109. exit();
  110. };
  111. if (strlen($password) < 3) {
  112. echo '<script type="text/javascript">window.location = "index.php?error=Password too short.";</script>';
  113. exit();
  114. };
  115. if (strlen($password) > 30) {
  116. echo '<script type="text/javascript">window.location = "index.php?error=Password too long.";</script>';
  117. exit();
  118. };
  119. if (preg_match($user_chars,$username)) {
  120. echo '<script type="text/javascript">window.location = "index.php?error=Username contained illegal characters.";</script>';
  121. exit();
  122. };
  123. if (preg_match($user_chars,$password)) {
  124. echo '<script type="text/javascript">window.location = "index.php?error=Password contained illegal characters.";</script>';
  125. exit();
  126. };
  127. $username = mysql_real_escape_string($username);
  128. $password = mysql_real_escape_string($password);
  129. $qry = mysql_query("SELECT login FROM accounts WHERE login = '" . $username . "'");
  130. if (!$qry) {
  131. echo '<script type="text/javascript">window.location = "index.php?error=Error querying database.";</script>';
  132. exit();
  133. };
  134. if ($existing_username = mysql_fetch_assoc($qry)) {
  135. foreach ($existing_username as $key => $value) {
  136. $existing_username = $value;
  137. };
  138. };
  139. $existing_username = strtoupper($existing_username);
  140. if ($existing_username == strtoupper($_POST['user'])) {
  141. echo '<script type="text/javascript">window.location = "index.php?error=That username is already taken.";</script>';
  142. exit();
  143. };
  144. unset($qry);
  145. $register_sql = "INSERT INTO accounts (login, password, flags) VALUES ('" . $username . "','" . $password . "','" . $flags . "')";
  146. $qry = mysql_query($register_sql);
  147. if (!$qry) {
  148. echo '<script type="text/javascript">window.location = "index.php?error=Error creating account.";</script>';
  149. exit();
  150. };
  151. echo '<br /><br /><br /><br /><br /><br /><center><span style="color:#00FFFF;">Account successfully created.<br /></span></center>';
  152. };
  153. }
  154. }
  155. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!