Untitled

<?php
include('../config.php');


function filtruj($zmienna)
{
  	if (strlen($_POST['haslo1']) > "20") {
    	header("location: ../error.php");
	}
  	if (strlen($_POST['haslo1']) < "8") {
    	header("location: ../error.php");
	}
    if (strlen($_POST['haslo2']) > "20") {
    	header("location: ../error.php");
	}
  	if (strlen($_POST['haslo2']) < "8") {
    	header("location: ../error.php");
	}
    if(get_magic_quotes_gpc())
        $zmienna = stripslashes($zmienna); // usuwamy slashe
	// usuwamy spacje, tagi html oraz niebezpieczne znaki
    return mysql_real_escape_string(htmlspecialchars(trim($zmienna)));
}


///here new code
if(isset($_POST['g-recaptcha-response'])){
          $captcha=$_POST['g-recaptcha-response'];
        }
        if(!$captcha){
          echo 'Pamiętaj, captcha jest obowiązkowa!';
          exit;
        }
        $secretKey = "6Lft24oUAAAAALTgHGPnCIowykP1ex9LlEmeL2yR";
        $ip = $_SERVER['REMOTE_ADDR'];
        $response=file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$secretKey."&response=".$captcha);
        $responseKeys = json_decode($response,true);
        if(intval($responseKeys["success"]) !== 1) {
          echo 'Error';
        } else {

$login = filtruj($_POST['login']);
   $haslo1 = filtruj($_POST['haslo1']);
   $haslo2 = filtruj($_POST['haslo2']);
   $email = filtruj($_POST['email']);
   $ip = filtruj($_SERVER['REMOTE_ADDR']);
   $hash = md5( rand(0,1000) );
   // sprawdzamy czy login nie jest już w bazie
   if (mysql_num_rows(mysql_query("SELECT login FROM uzytkownicy WHERE login = '".$login."';")) == 0)
   {
     if (mysql_num_rows(mysql_query("SELECT email FROM uzytkownicy WHERE email = '".$email."';")) == 0)
     {
       if ($haslo1 == $haslo2) // sprawdzamy czy hasła takie same
      {
         mysql_query("INSERT INTO `uzytkownicy` (`login`, `haslo`, `email`, `rejestracja`, `logowanie`, `ip`, `hash`)
            VALUES ('".$login."', '".crypt($haslo1, '$2y$07$usesomesillystringforsalt$')."', '".$email."', '".date('Y-m-d H:i:s')."', '".date('Y-m-d H:i:s')."', '".$ip."', '".$hash."');");


         echo 'Konto utworzone';

date_default_timezone_set('Etc/UTC');
require './phpmail/PHPMailerAutoload.php';
$mail = new PHPMailer;
$mail->IsSMTP();
$mail->Host = 'smtp.gmail.com'; // Which SMTP server to use.
$mail->Port = 587; // Which port to use, 587 is the default port for TLS security.
$mail->SMTPSecure = 'tls'; // Which security method to use. TLS is most secure.
$mail->SMTPAuth = true; // Whether you need to login. This is almost always required.
$mail->Username = "noreply.safemessenger@gmail.com"; // Your Gmail address.
$mail->Password = "kolec567"; // Your Gmail login password or App Specific Password.


$mail->setFrom('noreply.safemessenger@gmail.com', 'Safe Messenger'); // Set the sender of the message.
$mail->addAddress($email); // Set the recipient of the message.
$mail->Subject = 'Confirm your email address'; // The subject of the message.
$mail->IsHTML(true);