Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require_once('lnc/recaptchalib.php');
- require_once('lnc/db.config.php');
- $user_ip = $_SERVER['REMOTE_ADDR'];
- $username = isset($_POST['username']) ? trim($_POST['username']) : '';
- $password = isset($_POST['password']) ? trim($_POST['password']) : '';
- $password2 = isset($_POST['password2']) ? trim($_POST['password2']) : '';
- $email = isset($_POST['email']) ? trim($_POST['email']) : '';
- $errors = array();
- $success = false;
- // Process the POST data.
- if(isset($_POST) && !empty($_POST)){
- // Validate user name.
- if(empty($username)){
- $errors[] = 'Please provide a user name.';
- }else if(strlen($username) < 3 || strlen($username) > 16){
- $errors[] = 'User name must be between 3 and 16 characters in length.';
- }else if(ctype_alnum($username) === false){
- $errors[] = 'User name must consist of numbers and letters only.';
- }else{
- // Check if username already exists in the database.
- $sql = 'SELECT szUserID FROM TACCOUNT WHERE szUserID = :szUserID';
- $qry = $tglob->prepare($sql);
- $qry->bindValue(':szUserID', $username);
- $res = $qry->execute();
- if(!$res){
- $errors[] = 'Failed to determine if this username already exists in the database.';
- }elseif($qry->fetch(PDO::FETCH_ASSOC)){
- $errors[] = 'User name already exists, please choose a different user name.';
- }
- }
- // Validate user password.
- if(empty($password)){
- $errors[] = 'Please provide a password.';
- }else if(strlen($password) < 3 || strlen($password) > 16){
- $errors[] = 'Password must be between 3 and 16 characters in length.';
- }else if($password != $password2){
- $errors[] = 'Passwords do not match.';
- }
- // Validate reCAPTCHA. This is to prevent someone botting account creation.
- $username;$password;$password2;$captcha;
- if(isset($_POST['username'])){
- $username=$_POST['username'];
- }
- if(isset($_POST['password'])){
- $password=$_POST['password'];
- }
- if(isset($_POST['password2'])){
- $password2=$_POST['password2'];
- }
- if(isset($_POST['email'])){
- $email=$_POST['email'];
- }
- if(isset($_POST['g-recaptcha-response'])){
- $captcha=$_POST['g-recaptcha-response'];
- }
- if(!$captcha){
- $errors[] = 'Failed captcha authentication.';
- }
- $response=file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=6LfjKRUUAAAAAG_yCxzZX1SnZd_HCjwFRpaFJ1-5&response=".$captcha."&remoteip=".$_SERVER['REMOTE_ADDR']);
- if($response==false)
- {
- $errors[] = 'Stop spamming our site!';
- }
- // Persist the new account to the database if no previous errors occured.
- if(count($errors) == 0){
- $password = ($password);
- $sql = 'INSERT INTO TACCOUNT
- (szUserID,szPasswd,bCheck,szEmail)
- VALUES (:szUserID, :szPasswd, :bCheck, :szEmail)';
- $qry = $tglob->prepare($sql);
- $qry->bindValue(':szUserID', $username);
- $qry->bindValue(':szPasswd', $password);
- $qry->bindValue(':bCheck', 1, PDO::PARAM_INT);
- $qry->bindValue(':szEmail', $email);
- $res = $qry->execute();
- if($res){
- $success = htmlentities("Account {$username} successfully created!");
- }else{
- // This means the insert statement is probably not valid for your database. Fix the query or fix your database, your choice ;)
- $errors[] = 'Failed to create a new account, please try again later';
- }
- }
- }
- // Determine which view to show.
- if($success === false){
- require_once('register.view.php');
- }else{
- require_once('success.view.php');
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement