Untitled

<?php
require_once('lnc/recaptchalib.php');
require_once('lnc/db.config.php');

$user_ip = $_SERVER['REMOTE_ADDR'];
$username = isset($_POST['username']) ? trim($_POST['username']) : '';
$password = isset($_POST['password']) ? trim($_POST['password']) : '';
$password2 = isset($_POST['password2']) ? trim($_POST['password2']) : '';
$email = isset($_POST['email']) ? trim($_POST['email']) : '';
$errors = array();
$success = false;

// Process the POST data.
if(isset($_POST) && !empty($_POST)){
	// Validate user name.
	if(empty($username)){
		$errors[] = 'Please provide a user name.';
	}else if(strlen($username) < 3 || strlen($username) > 16){
		$errors[] = 'User name must be between 3 and 16 characters in length.';
	}else if(ctype_alnum($username) === false){
		$errors[] = 'User name must consist of numbers and letters only.';
	}else{

		// Check if username already exists in the database.
		$sql = 'SELECT szUserID FROM TACCOUNT WHERE szUserID = :szUserID';
		$qry = $tglob->prepare($sql);
		$qry->bindValue(':szUserID', $username);
		$res = $qry->execute();
		if(!$res){
			$errors[] = 'Failed to determine if this username already exists in the database.';
		}elseif($qry->fetch(PDO::FETCH_ASSOC)){
			$errors[] = 'User name already exists, please choose a different user name.';
		}
	}

	// Validate user password.
	if(empty($password)){
		$errors[] = 'Please provide a password.';
	}else if(strlen($password) < 3 || strlen($password) > 16){
		$errors[] = 'Password must be between 3 and 16 characters in length.';
	}else if($password != $password2){
		$errors[] = 'Passwords do not match.';
	}

	// Validate reCAPTCHA.  This is to prevent someone botting account creation.
		$username;$password;$password2;$captcha;
        if(isset($_POST['username'])){
          $username=$_POST['username'];
        }
		if(isset($_POST['password'])){
          $password=$_POST['password'];
		}
		if(isset($_POST['password2'])){
          $password2=$_POST['password2'];
        }
		if(isset($_POST['email'])){
          $email=$_POST['email'];
        }
		if(isset($_POST['g-recaptcha-response'])){
          $captcha=$_POST['g-recaptcha-response'];
        }
        if(!$captcha){
          $errors[] = 'Failed captcha authentication.';
        }
        $response=file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=6LfjKRUUAAAAAG_yCxzZX1SnZd_HCjwFRpaFJ1-5&response=".$captcha."&remoteip=".$_SERVER['REMOTE_ADDR']);
        if($response==false)
        {
          $errors[] = 'Stop spamming our site!';
        }

	// Persist the new account to the database if no previous errors occured.
	if(count($errors) == 0){
		$password = ($password);
		$sql = 'INSERT INTO TACCOUNT
				(szUserID,szPasswd,bCheck,szEmail)
				VALUES (:szUserID, :szPasswd, :bCheck, :szEmail)';
		$qry = $tglob->prepare($sql);
		$qry->bindValue(':szUserID', $username);
		$qry->bindValue(':szPasswd', $password);
		$qry->bindValue(':bCheck', 1, PDO::PARAM_INT);
		$qry->bindValue(':szEmail', $email);
		$res = $qry->execute();
		if($res){
			$success = htmlentities("Account {$username} successfully created!");
		}else{
			// This means the insert statement is probably not valid for your database.  Fix the query or fix your database, your choice ;)
			$errors[] = 'Failed to create a new account, please try again later';
		}
	}
}
// Determine which view to show.
if($success === false){
	require_once('register.view.php');
}else{
	require_once('success.view.php');
}
?>