Code: Select all
<?php
if(basename($_SERVER[PHP_SELF])=="do_reg.inc.php")
{
header("Location: /index.php");
exit;
}
//check input for errors
$login_length = strlen($_POST['login']);
$pass_length = strlen($_POST['pass1']);
$login = $_POST['login'];
$pass1 = $_POST['pass1'];
$pass2 = $_POST['pass2'];
$email = $_POST['email'];
$displayname = $_POST['displayname'];
$agreestoterms = $_POST['agreestoterms'];
if(empty($login)) {
echo "You did not enter a Username! Please <a href=\"javascript:history.go(-1);\">Try again.</a>";
include("include/footer.inc.php");
exit;
}
if(empty($pass1)) {
echo "You did not enter a password! Please <a href=\"javascript:history.go(-1);\">Try again.</a>";
include("include/footer.inc.php");
exit;
}
if(empty($pass2)) {
echo "You did not verify your password! Please <a href=\"javascript:history.go(-1);\">Try again.</a>";
include("include/footer.inc.php");
exit;
}
if("$pass1" != "$pass2") {
echo "Your passwords do not match! Please <a href=\"javascript:history.go(-1);\">Try again.</a>";
include("include/footer.inc.php");
exit;
}
if(empty($email)) {
echo "You did not enter your email! Please <a href=\"javascript:history.go(-1);\">Try again.</a>";
include("include/footer.inc.php");
exit;
}
if(empty($displayname)) {
echo "You did not enter your Display Name! Please <a href=\"javascript:history.go(-1);\">Try again.</a>";
include("include/footer.inc.php");
exit;
}
if(empty($agreestoterms)) {
echo "You must agree to terms of service to register! Please <a href=\"javascript:history.go(-1);\">Try again.</a>";
include("include/footer.inc.php");
exit;
}
if($login_length < 3) {
echo "Your Username must be at least 3 characters long. Please <a href=\"javascript:history.go(-1);\">Try again.</a>";
include("include/footer.inc.php");
exit;
}
if($pass_length < 3) {
echo "Your password must be at least 3 characters long. Please <a href=\"javascript:history.go(-1);\">Try again.</a>";
include("include/footer.inc.php");
exit;
}
if(ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@([a-zA-Z0-9-]+\.)+([a-zA-Z]{2,3})$", $email)) {
$okmail="1";
}
if($okmail != "1") {
echo "Your email address is not properly formatted! Please <a href=\"javascript:history.go(-1);\">Try again.</a>";
include("include/footer.inc.php");
exit;
}
if (ereg("^[a-zA-Z0-9]+$",$login)) {
$oklogin="1";
}
if($oklogin != "1") {
echo "Your Username can contain only letters and numbers! Please <a href=\"javascript:history.go(-1);\">Try again.</a>";
include("include/footer.inc.php");
exit;
}
if (ereg("^[a-zA-Z0-9]+$",$pass1)) {
$okpass="1";
}
if($okpass != "1") {
echo "Your password can contain only letters and numbers! Please <a href=\"javascript:history.go(-1);\">Try again.</a>";
include("include/footer.inc.php");
exit;
}
if (ereg("^[a-zA-Z0-9]+$",$displayname)) {
$okdisplay="1";
}
if($okdisplay != "1") {
echo "Your Display Name can contain only letters and numbers! Please <a href=\"javascript:history.go(-1);\">Try again.</a>";
include("include/footer.inc.php");
exit;
}
$connection = @mysql_connect("$db_host", "$db_user", "$db_pass") or die("Couldn't connect.");
$db = @mysql_select_db($db_name, $connection) or die("Couldn't select database.");
$checkl = "SELECT * FROM $tbl_members WHERE login = \"$login\"";
$check_l = @mysql_query($checkl,$connection) or die("Couldn't execute login check query.");
while ($row = mysql_fetch_array($check_l)) {
$ch_login = $row['login'];
}
if(isset($ch_login)) {
echo "The Username <b>$ch_login</b> is taken. Please <a href=\"javascript:history.go(-1);\">Try again.</a>";
include("include/footer.inc.php");
exit;
}
$check2 = "SELECT * FROM $tbl_restricted WHERE r_login = \"$login\"";
$check_2 = @mysql_query($check2,$connection) or die("Couldn't execute login check query.");
while ($row = mysql_fetch_array($check_2)) {
$r_login = $row['r_login'];
}
if(isset($r_login)) {
echo "The Username <b>$r_login</b> is reserved. Please <a href=\"javascript:history.go(-1);\">Try again.</a>";
include("include/footer.inc.php");
exit;
}
$checke = "SELECT * FROM $tbl_members WHERE email = \"$email\"";
$check_e = @mysql_query($checke,$connection) or die("Couldn't execute email check query.");
while ($row = mysql_fetch_array($check_e)) {
$ch_email = $row['email'];
}
if(isset($ch_email)) {
echo "There is already an account with that email address.<br><br><a href=\"forgot.php\">Retrieve Login information.</a>";
include("include/footer.inc.php");
exit;
}
if(empty($newsletter)) $newsletter = "no";
//input is ok, register new member!
$ipaddr = $_SERVER['REMOTE_ADDR'];
$sql = "INSERT INTO $tbl_members (login, enabled, password, email, displayname, newsletter, ipaddr)
VALUES (\"$login\", \"$autoenable\", \"$pass1\", \"$email\", \"$displayname\", \"$newsletter\", \"$ipaddr\")";
$result = @mysql_query($sql,$connection) or die("<b>A fatal MySQL error occured</b>.\n<br />Query: " . $query . "<br />\nError: (" . mysql_errno() . ") " . mysql_error());
if($mailonnew == "yes") {
$to = "$site_email";
$subject = "New $sitename Member!";
$from_mail = "$adminemail";
$message = "Dear Admin,\n\n";
$message .= "You have a new member with the login: $login.\n\n";
$message .= "$siteurl";
$headers = "From: $from_mail\r\n";
$headers .= "Reply-To: $from_mail\r\n";
$headers .= "X-Mailer: phpProfiles";
mail($to, $subject, $message, $headers);
}
include("include/welcome_msg.inc.php");
include("include/reg_success.inc.php");
?>Thanks,
Des