<?php// Include some stuffinclude("includes/functions.php");include("inclu

1. <?php
2. // Include some stuff
3. include("includes/functions.php");
4. include("includes/template.class.php");
5.  
6. // Connect to database
7. mysql_connect("localhost", "zepheusn_arcserv", "");
8. mysql_select_db("zepheusn_blabber");
9.  
10. // Begin page template
11. $page = new Template("template/register.php");
12.  
13. // Magic
14. if(!isset($_POST['submit'])) {
15.     $formSubmit = false;
16. }
17. else {
18.     $formSubmit = true;
19.     $errors = array();
20.    
21.     // Check to make sure there are no empty fields.
22.     if(!isset($_POST['username'])) {
23.         $errors[] = "No username entered";
24.     }
25.     else if(validate_input_alphanumeric($_POST['username'])) {
26.         $errors[] = "Username can only have numbers and letters";
27.     }
28.    
29.     if(!isset($_POST['password'])) {
30.         $errors[] = "No password entered";
31.     }
32.    
33.     if(!isset($_POST['passwordConfirm'])) {
34.         $errors[] = "Password must be confirmed";
35.     }
36.    
37.     if((isset($_POST['password']) && isset($_POST['passwordConfirm'])) && ($_POST['password'] != $_POST['passwordConfirm'])) {
38.         $errors[] = "Passwords do no match";
39.     }
40.    
41.     if(!isset($_POST['email'])) {
42.         $errors[] = "No e-mail entered";
43.     }
44.    
45.     if(!isset($_POST['dobDay'])) {
46.         $errors[] = "Date of birth requires day";
47.     }
48.    
49.     if(!isset($_POST['dobYear'])) {
50.         $errors[] = "Date of birth requires year";
51.     }
52.    
53.     // Check if username is taken
54.     $username = $_POST['username'];
55.         $usernameQuery = mysql_query(
56.                 "SELECT
57.                        `id`
58.                FROM
59.                        `account`
60.                WHERE
61.                        `username` = '" . mysql_real_escape_string($username) . "'"
62.         );
63.         if(mysql_num_rows($usernameQuery) != 0) {
64.                 $errors[] = "Username in use. Select another one";
65.         }
66.    
67.     if(count($errors) == 0) {
68.         // Generate salt
69.         for ($i = 0; $i < 20; $i++) {
70.             $salt = $salt . chr(rand(33, 126));
71.         }
72.        
73.         // Generate password
74.         $password = sha1($salt . $_POST['password'] . $salt);
75.        
76.         // Create query
77.         $query = "INSERT INTO `accounts` (
78.             `username`,
79.             `password`,
80.             `email`,
81.             `dateofbirth`,
82.             `lastip`,
83.             `salt`
84.         )
85.         VALUES (
86.             '" . mysql_real_escape_string($_POST['username']) . "',
87.             '" . $password . "',
88.             '" . mysql_real_escape_string($_POST['email']) . "',
89.             '" . intval($_POST['dobYear']) . "-" . intval($_POST['dobMonth']) . "-" . intval($_POST['dobDay']) . "',
90.             '" . $_SERVER['REMOTE_ADDR'] . "',
91.             '" . $salt . "'";
92.        
93.         // Create account
94.         $result = mysql_query($query);
95.        
96.         $page->set("result", $result);
97.     }
98.     else {
99.         $formSubmit = false;
100.         $page->set("errors", $errors);
101.     }
102. }
103. $page->set("formSubmit", $formSubmit);
104.  
105. echo $page->fetch();