Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // Include some stuff
- include("includes/functions.php");
- include("includes/template.class.php");
- // Connect to database
- mysql_connect("localhost", "zepheusn_arcserv", "");
- mysql_select_db("zepheusn_blabber");
- // Begin page template
- $page = new Template("template/register.php");
- // Magic
- if(!isset($_POST['submit'])) {
- $formSubmit = false;
- }
- else {
- $formSubmit = true;
- $errors = array();
- // Check to make sure there are no empty fields.
- if(!isset($_POST['username'])) {
- $errors[] = "No username entered";
- }
- else if(validate_input_alphanumeric($_POST['username'])) {
- $errors[] = "Username can only have numbers and letters";
- }
- if(!isset($_POST['password'])) {
- $errors[] = "No password entered";
- }
- if(!isset($_POST['passwordConfirm'])) {
- $errors[] = "Password must be confirmed";
- }
- if((isset($_POST['password']) && isset($_POST['passwordConfirm'])) && ($_POST['password'] != $_POST['passwordConfirm'])) {
- $errors[] = "Passwords do no match";
- }
- if(!isset($_POST['email'])) {
- $errors[] = "No e-mail entered";
- }
- if(!isset($_POST['dobDay'])) {
- $errors[] = "Date of birth requires day";
- }
- if(!isset($_POST['dobYear'])) {
- $errors[] = "Date of birth requires year";
- }
- // Check if username is taken
- $username = $_POST['username'];
- $usernameQuery = mysql_query(
- "SELECT
- `id`
- FROM
- `account`
- WHERE
- `username` = '" . mysql_real_escape_string($username) . "'"
- );
- if(mysql_num_rows($usernameQuery) != 0) {
- $errors[] = "Username in use. Select another one";
- }
- if(count($errors) == 0) {
- // Generate salt
- for ($i = 0; $i < 20; $i++) {
- $salt = $salt . chr(rand(33, 126));
- }
- // Generate password
- $password = sha1($salt . $_POST['password'] . $salt);
- // Create query
- $query = "INSERT INTO `accounts` (
- `username`,
- `password`,
- `email`,
- `dateofbirth`,
- `lastip`,
- `salt`
- )
- VALUES (
- '" . mysql_real_escape_string($_POST['username']) . "',
- '" . $password . "',
- '" . mysql_real_escape_string($_POST['email']) . "',
- '" . intval($_POST['dobYear']) . "-" . intval($_POST['dobMonth']) . "-" . intval($_POST['dobDay']) . "',
- '" . $_SERVER['REMOTE_ADDR'] . "',
- '" . $salt . "'";
- // Create account
- $result = mysql_query($query);
- $page->set("result", $result);
- }
- else {
- $formSubmit = false;
- $page->set("errors", $errors);
- }
- }
- $page->set("formSubmit", $formSubmit);
- echo $page->fetch();
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement