<?phpfunction Error($Error){ echo "<center><b><span style='color:#FFFFFF;'

1. <?php
2. function Error($Error)
3. {
4. echo "<center><b><span style='color:#FFFFFF;'>" . $Error . "</span></b></center>";
5. }
6. function ConnectMysql()
7. {
8. include('functions/configs.php');
9. $link=mysql_connect("" . $mysql_host . "","" . $mysql_user . "","" . $mysql_pass . "");
10.  
11. if(!$link) {
12. echo "Cannot connect to database!";
13. }else{
14. mysql_select_db("". $mysql_db . "",$link);
15. }
16. }
17.  
18. function register()
19. {
20. include('functions/configs.php');
21.  
22. if($core == 1) {
23. $flags = 2;
24. ConnectMysql();
25. $user_chars = "#[^a-zA-Z0-9_\-]#";
26.  
27. if ((empty($_POST["user"]))||(empty($_POST["password"])) ) {
28. echo "<script type='text/javascript'>window.alert('You have not filled in username/password!')</script><meta http-equiv=\"refresh\" content=\"0;URL=register.php\" />";
29. }
30.  
31. } else {
32. $username = strtoupper($_POST["user"]);
33. $password = strtoupper($_POST["password"]);
34. if (strlen($username) < 3) {
35. echo "<script type='text/javascript'>window.alert('Entered username is too short.')</script><meta http-equiv=\"refresh\" content=\"0;URL=register.php\" />";
36. exit();
37. };
38. if (strlen($username) > 25) {
39. echo "<script type='text/javascript'>window.alert('Entered username is too long.')</script><meta http-equiv=\"refresh\" content=\"0;URL=register.php\" />";
40. exit();
41. };
42. if (strlen($password) < 3) {
43. echo "<script type='text/javascript'>window.alert('Entered password is too short.')</script><meta http-equiv=\"refresh\" content=\"0;URL=register.php\" />";
44. exit();
45. };
46. if (strlen($password) > 25) {
47. echo "<script type='text/javascript'>window.alert('Entered password is too long.')</script><meta http-equiv=\"refresh\" content=\"0;URL=register.php\" />";
48. exit();
49. };
50. if (preg_match($user_chars,$username)) {
51. echo "<script type='text/javascript'>window.alert('Entered username contains illegal characters.')</script><meta http-equiv=\"refresh\" content=\"0;URL=register.php\" />";
52. exit();
53. };
54. if (preg_match($user_chars,$password)) {
55. echo "<script type='text/javascript'>window.alert('Entered password contains illegal characters.')</script><meta http-equiv=\"refresh\" content=\"0;URL=register.php\" />";
56. exit();
57. };
58. $username = mysql_real_escape_string($username);
59. $password = mysql_real_escape_string($password);
60. $qry = mysql_query("SELECT username FROM account WHERE username = '" . $username . "'");
61. if (!$qry) {
62. echo "<script type='text/javascript'>window.alert('Error querying database, try again later.')</script><meta http-equiv=\"refresh\" content=\"0;URL=register.php\" />";
63. exit();
64. };
65. if ($existing_username = mysql_fetch_assoc($qry)) {
66. foreach ($existing_username as $key => $value) {
67. $existing_username = $value;
68. };
69. };
70. $existing_username = strtoupper($existing_username);
71. if ($existing_username == strtoupper($_POST['user'])) {
72. echo "<script type='text/javascript'>window.alert('Sorry, that username is already taken.')</script><meta http-equiv=\"refresh\" content=\"0;URL=register.php\" />";
73. exit();
74. };
75. unset($qry);
76. $sha_pass_hash = sha1(strtoupper($username) . ":" . strtoupper($password));
77. $register_sql = "INSERT INTO account (username, sha_pass_hash, expansion) VALUES ('" . $username . "','" . $sha_pass_hash . "','" . $flags . "')";
78. $qry = mysql_query($register_sql);
79. if (!$qry) {
80. echo "<script type='text/javascript'>window.alert('Error creating account.')</script><meta http-equiv=\"refresh\" content=\"0;URL=register.php\" />";
81. exit();
82. };
83. echo "<script type='text/javascript'>window.alert('Account successfully created!')</script><meta http-equiv=\"refresh\" content=\"0;URL=register.php\" />";
84. };
85.  
86. }
87. ?>