Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require_once("config10.php");
- session_start();
- if(!empty($_POST["security"])){
- if($_SESSION["security"] != $_POST["security"]) { $errors[] = "Invalid input. Please try again."; }
- }
- $security = rand(10000, 100000);
- $_SESSION["security"] = $security;
- if(!empty($_POST["accountname"]) && !empty($_POST["password"]) && !empty($_POST["password2"]) && !empty($_POST["email"]) && $_POST["expansion"] != "" && !empty($_POST["security"])){
- $mysql_connect = mysqli_connect($mysql["host"], $mysql["username"], $mysql["password"]) or die("Unable to connect to the database.");
- mysqli_select_db($mysql_connect, $mysql["realmd"]) or die("Unable to select logon database.");
- $post_accountname = mysqli_real_escape_string($mysql_connect, trim(strtoupper($_POST["accountname"])));
- $post_password = mysqli_real_escape_string($mysql_connect, trim(strtoupper($_POST["password"])));
- $post_password_final = mysqli_real_escape_string($mysql_connect, SHA1("".$post_accountname.":".$post_password.""));
- $post_password2 = trim(strtoupper($_POST["password2"]));
- $post_email = mysqli_real_escape_string($mysql_connect, trim($_POST["email"]));
- $post_expansion = mysqli_real_escape_string($mysql_connect, trim($_POST["expansion"]));
- $check_account_query = mysqli_query($mysql_connect, "SELECT COUNT(*) FROM account WHERE username = '".$post_accountname."'");
- $check_account_results = mysqli_fetch_array($check_account_query);
- if($check_account_results[0]!=0){ $errors[] = "The requested account name is already in use. Please try again."; }
- if(strlen($post_accountname) < 3) { $errors[] = "The requested account name is to short. Please try again."; }
- if(strlen($post_accountname) > 32) { $errors[] = "The requested account name is to long. Please try again."; }
- if(strlen($post_password) < 6) { $errors[] = "The requested password is to short. Please try again."; }
- if(strlen($post_password) > 32) { $errors[] = "The requested password is to long. Please try again."; }
- if(strlen($post_email) > 64) { $errors[] = "The requested e-mail address is to long. Please try again."; }
- if(strlen($post_email) < 8) { $errors[] = "The requested e-mail address is to short. Please try again."; }
- if(!ereg("^[0-9a-zA-Z%]+$", $post_accountname)) { $errors[] = "Your account name can only contain letters or numbers. Please try again."; }
- if(!ereg("^[0-9a-zA-Z%]+$", $post_password)) { $errors[] = "Your password can only contain letters or numbers. Please try again."; }
- if(!ereg("^[0-2%]+$", $post_expansion)) { $errors[] = "Invalid input. Please try again."; }
- if(strlen($post_expansion) > 1) { $errors[] = "Invalid input. Please try again."; }
- if($post_accountname == $post_password) { $errors[] = "The passwords do not match. Please try again."; }
- if($post_password != $post_password2) { $errors[] = "The passwords do not match. Please try again."; }
- if(!is_array($errors)){
- mysqli_query($mysql_connect, "INSERT INTO account (username, sha_pass_hash, email, last_ip, expansion) VALUES ('".$post_accountname."', '".$post_password_final."', '".$post_email."', '".$_SERVER["REMOTE_ADDR"]."', '".$post_expansion."')") or die(mysqli_error($mysql_connect));
- $errors[] = 'You have successfully created the account: <font color="yellow">'.$post_accountname.'</font>.';
- }
- mysqli_close($mysql_connect);
- }
- function error_msg(){
- global $errors;
- if(is_array($errors)){
- foreach($errors as $msg){
- echo '<div class="errors">'.$msg.'</div>';
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement