Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require_once('recaptchalib.config.php');
- require_once('recaptchalib.php');
- require_once('db.config.php');
- $user_ip = $_SERVER['REMOTE_ADDR'];
- $username = isset($_POST['username']) ? mssql_escape_string(trim($_POST['username'])) : '';
- $password = isset($_POST['password']) ? mssql_escape_string(trim($_POST['password'])) : '';
- $password2 = isset($_POST['password2']) ? mssql_escape_string(trim($_POST['password2'])) : '';
- $admin = 0;
- $errors = array();
- $success = false;
- if(isset($_POST) && !empty($_POST)){
- require_once('db.php');
- // Validate user name.
- $result = @mssql_query("SELECT UserID FROM PS_UserData.dbo.Users_Master WHERE UserID = '{$username}'") or die('Failed to verify is the provided user named already exists.');
- if(empty($username)){
- $errors[] = 'Please provide a user name.';
- }else if(strlen($username) < 3 || strlen($username) > 16){
- $errors[] = 'User name must be between 3 and 16 characters in length.';
- }else if(ctype_alnum($username) === false){
- $errors[] = 'User name must consist of numbers and letters only.';
- }else if(mssql_num_rows($result)){
- $errors[] = 'User name already exists, please choose a different user name.';
- }
- // Validate user password.
- if(empty($password)){
- $errors[] = 'Please provide a password.';
- }else if(strlen($password) < 3 || strlen($password) > 20){
- $errors[] = 'Password must be between 3 and 20 characters in length.';
- }else if($password != $password2){
- $errors[] = 'Passwords do not match.';
- }
- // Validate reCAPTCHA. This is to prevent someone botting account creation.
- $response = recaptcha_check_answer($recaptcha_private_key,$_SERVER['REMOTE_ADDR'],$_POST['recaptcha_challenge_field'],$_POST['recaptcha_response_field']);
- if(!$response->is_valid){
- if($response->error == 'incorrect-captcha-sol'){
- $errors['recaptcha'] = 'Incorrect answer to reCAPTCHA';
- }else{
- $errors['recaptcha'] = $response->error;
- }
- }
- // Persist the new account to the database if no previous errors occured.
- if(count($errors) == 0){
- /* prepare the statement resource */
- $stmt=mssql_init("Create_Shaiya_Account", $conn);
- /* now bind the parameters to it */
- mssql_bind($stmt, "@UserID", $username, SQLVARCHAR, FALSE);
- mssql_bind($stmt, "@Pw", $password, SQLVARCHAR, FALSE);
- mssql_bind($stmt, "@Administrator", $admin, SQLINT4, FALSE);
- /* now execute the procedure */
- $result = mssql_execute($stmt);
- // Remove the @ symbol here to see what the SQL error message is when running the above query in $sql.
- if($result = @mssql_execute ($stmt)){
- $success = "Account {$username} successfully created!";
- }else{
- // This means the insert statement is probably not valid for your database. Fix the query or fix your database, your choice ;)
- $errors[] = 'Failed to create a new account, please try again later';
- }
- }
- }
- // Determine which view to show.
- if($success === false){
- require_once('register.view.php');
- }else{
- require_once('success.view.php');
- }
- ?>
Add Comment
Please, Sign In to add comment