<?phpinclude("db.conf.php");function error_s ($text) { echo("<p style=\

1. <?php
2. include("db.conf.php");
3. function error_s ($text) {
4. echo("<p style=\"background-color:black;color:yellow;font-family:verdana;\">" . $text);
5. echo("
6.  
7. <a style=\"color:orange;\" href=\"index.php?option=com_content&view=category&layout=blog&id=2&Itemid=5\">Go back...</a></p>");
8. };
9.  
10. $user_chars = "#[^a-zA-Z0-9_\-]#";
11. $email_chars = "/^[^0-9][A-z0-9_]+([.][A-z0-9_]+)*[@][A-z0-9_]+([.][A-z0-9_]+)*[.][A-z]{2,4}$/";
12.  
13. $con = @mysql_connect($ip, $user, $pass);
14. if (!$con) {
15. error_s("Unable to connect to database: " . mysql_error());
16. };
17.  
18. if (!empty($_POST)) {
19. if ((empty($_POST["username"]))||(empty($_POST["password"]))||(empty($_POST["email"]))||(empty($_POST["expansion"])) ) {
20. error_s("You did not enter all the required information.");
21. exit();
22. } else {
23. $username = strtoupper($_POST["username"]);
24. $password = strtoupper($_POST["password"]);
25. $email = strtoupper($_POST["email"]);
26. $expansion = $_POST["expansion"];
27. if (strlen($username) < 5) {
28. error_s("Username too short.");
29. exit();
30. };
31. if (strlen($username) > 14) {
32. error_s("Username too long.");
33. exit();
34. };
35. if (strlen($password) < 8) {
36. error_s("Password too short.");
37. exit();
38. };
39. if (strlen($password) > 12) {
40. error_s("Password too long.");
41. exit();
42. };
43. if (strlen($email) < 4) {
44. error_s("Email was too short.");
45. exit();
46. };
47. if (strlen($email) > 255) {
48. error_s("Email was too long.");
49. exit();
50. };
51. if (preg_match($user_chars,$username)) {
52. error_s("Username contained illegal characters.");
53. exit();
54. };
55. if (preg_match($user_chars,$password)) {
56. error_s("Password contained illegal characters.");
57. exit();
58. };
59. if (!preg_match($email_chars,$email)) {
60. error_s("Email was in an incorrect format.");
61. exit();
62. };
63. $username = mysql_real_escape_string($username);
64. $password = mysql_real_escape_string($password);
65. $email = mysql_real_escape_string($email);
66. $qry = @mysql_query("select username from " . mysql_real_escape_string($r_db) . ".account where username = '" . $username . "'", $con);
67. if (!$qry) {
68. error_s("Error querying database: " . mysql_error());
69. };
70. if ($existing_username = mysql_fetch_assoc($qry)) {
71. foreach ($existing_username as $key => $value) {
72. $existing_username = $value;
73. };
74. };
75. $existing_username = strtoupper($existing_username);
76. if ($existing_username == strtoupper($_POST['username'])) {
77. error_s("That username is already taken.");
78. exit();
79. };
80. unset($qry);
81. $qry = @mysql_query("select email from " . mysql_real_escape_string($r_db) . ".account where email = '" . $email . "'", $con);
82. if (!$qry) {
83. error_s("Error querying database: " . mysql_error());
84. };
85. if ($existing_email = mysql_fetch_assoc($qry)) {
86. foreach ($existing_email as $key => $value) {
87. $existing_email = $value;
88. };
89. };
90. if ($existing_email == $_POST['email']) {
91. error_s("That email is already in use.");
92. exit();
93. };
94. unset($qry);
95. $sha_pass_hash = sha1(strtoupper($username) . ":" . strtoupper($password));
96. $register_sql = "insert into " . mysql_real_escape_string($r_db) . ".account (username, sha_pass_hash, email, expansion) values (upper('" . $username . "'),'" . $sha_pass_hash . "','" . $email . "','" . $expansion . "')";
97. $qry = @mysql_query($register_sql, $con);
98. if (!$qry) {
99. error_s("Error creating account: " . mysql_error());
100. };
101. echo("Account successfully created.");
102. exit();
103. };
104. };
105.  
106. ?>