Untitled

<?php
/***************************************************************************
 *                                index.php
 *                            -------------------
 *   Project              : PingueCMS
 *   Begin                : April 23, 2009
 *   Copyright            : (C) 2009 Robert Herman ( maverfax@gmail.com )
 *
 ***************************************************************************/

#Check for index
if( !defined( "IPC_LOADED" ) ) die ( "File Protected" );

#Register Script!
function register() {
    if(isset($_SESSION)) {
      if(isset($_SESSION['ulogged_in']) && $_SESSION['ulogged_in'] === true) return "<font color='red'><b>You are logged in!</b></font>";
    }
    if(isset($_POST['do_register'])) {
        if(strlen($_POST['login']) < 2) return "<font color='red'><b>Your username must be longer than 2 characters</b></font>";
        if(strlen($_POST['password']) < 2) return "<font color='red'><b>Your password must be longer than 2 characters</b></font>";
        if(strlen($_POST['login']) > 30) return "<font color='red'><b>Your username must be shorter than 30 characters</b></font>";
        if(strlen($_POST['password']) > 30) return "<font color='red'><b>Your password must be shorter than 30 characters</b></font>";
        if(isset($_POST['confirm'])) {
            if($_POST['password'] != $_POST['confirm']) return "<font color='red'><b>The passwords must match!</b></font><br />";
        }
        if(strlen($_POST['login']) > 2 && strlen($_POST['password']) > 2) {
            if(isset($_POST['confirm'])) {
                if($_POST['password'] != $_POST['confirm'])
                    return "<font color='red'><b>The passwords must match!</b></font><br />";
            }
        }
        #Checker based of Yaart's
        function check($string) {
            $string = preg_match('/[^a-zA-Z0-9.-_]/', $string);
            return (intval($string) === 0) ? false : true;
        }
        if (check($_POST['login'])) return "<font color='red'><b>Your account name contains invalid characters</b></font><br />";
        if (check($_POST['password'])) return "<font color='red'><b>Your password contains invalid characters</b></font><br />";
        $email = substr($_POST['email'], 0, strpos($_POST['email'], "@"));
        $host = substr($_POST['email'], strpos($_POST['email'], "@") + 1);
        if (check($email) || check($host)) return "<font color='red'><b>Your email contains invalid characters</b></font><br />";

        $pattern_email='^([a-zA-Z0-9._-]+)@((\[[0-9a-zA-Z]{1,3}\.[0-9a-zA-Z]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$';
        if (!@ereg($pattern_email, $_POST['email'])) return "<font color='red'><b>Your email contains invalid characters</b></font><br />";

        global $ucp, $host, $user, $pass, $db, $_POST;
        $ip =  (getenv('HTTP_X_FORWARDED_FOR')) ? getenv('HTTP_X_FORWARDED_FOR') : getenv('REMOTE_ADDR');
        $username = mysql_real_escape_string($_POST['login']);
        $password = mysql_real_escape_string($_POST['password']);
        $mail = mysql_real_escape_string($_POST['email']);
        $encrypted = $ucp->get_pass($username, $password);
        $account = new mysql;
        $account->connect($host['realm'], $user['realm'], $pass['realm'], true, $db['accounts']);
        $query = $account->query(get_register($username, $mail));
        if($account->num_rows() > 0) return "<font color='red'><b>That username/email is already taken!</b></font>";
        $account->query(insert_register($username, $password, $encrypted, $ip, $mail));
            return "<font color='green'><b>Your account has successfully been created!</b></font>";
    }
    return ' ';
}
$register = register();
$tmp->set_var('register', $register);
$tmp->add_file('ucp/register');
?>