changeset 2 | a8a21e1c7afa |
parent 0 | f9ffdbd96607 |
1:8f6143115bf5 | 2:a8a21e1c7afa |
---|---|
21 MA 02111-1307 USA |
21 MA 02111-1307 USA |
22 |
22 |
23 ************************************************************************/ |
23 ************************************************************************/ |
24 |
24 |
25 |
25 |
26 define('PUN_ROOT', './'); |
26 //define('PUN_ROOT', './'); |
27 require PUN_ROOT.'include/common.php'; |
27 //require PUN_ROOT.'include/common.php'; |
28 |
|
29 global $pun_db, $pun_user, $pun_config, $lang_common; |
|
30 |
|
28 |
31 |
29 |
32 |
30 // If we are logged in, we shouldn't be here |
33 // If we are logged in, we shouldn't be here |
31 if (!$pun_user['is_guest']) |
34 if (!$pun_user['is_guest']) |
32 { |
35 { |
44 message($lang_register['No new regs']); |
47 message($lang_register['No new regs']); |
45 |
48 |
46 |
49 |
47 // User pressed the cancel button |
50 // User pressed the cancel button |
48 if (isset($_GET['cancel'])) |
51 if (isset($_GET['cancel'])) |
49 redirect('index.php', $lang_register['Reg cancel redirect']); |
52 pun_redirect('index.php', $lang_register['Reg cancel redirect']); |
50 |
53 |
51 |
54 |
52 else if ($pun_config['o_rules'] == '1' && !isset($_GET['agree']) && !isset($_POST['form_sent'])) |
55 else if ($pun_config['o_rules'] == '1' && !isset($_GET['agree']) && !isset($_POST['form_sent'])) |
53 { |
56 { |
54 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_register['Register']; |
57 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_register['Register']; |
78 |
81 |
79 |
82 |
80 else if (isset($_POST['form_sent'])) |
83 else if (isset($_POST['form_sent'])) |
81 { |
84 { |
82 // Check that someone from this IP didn't register a user within the last hour (DoS prevention) |
85 // Check that someone from this IP didn't register a user within the last hour (DoS prevention) |
83 $result = $db->query('SELECT 1 FROM '.$db->prefix.'users WHERE registration_ip=\''.get_remote_address().'\' AND registered>'.(time() - 3600)) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); |
86 $result = $pun_db->query('SELECT 1 FROM '.$pun_db->prefix.'users WHERE registration_ip=\''.get_remote_address().'\' AND registered>'.(time() - 3600)) or error('Unable to fetch user info', __FILE__, __LINE__, $pun_db->error()); |
84 |
87 |
85 if ($db->num_rows($result)) |
88 if ($pun_db->num_rows($result)) |
86 message('A new user was registered with the same IP address as you within the last hour. To prevent registration flooding, at least an hour has to pass between registrations from the same IP. Sorry for the inconvenience.'); |
89 message('A new user was registered with the same IP address as you within the last hour. To prevent registration flooding, at least an hour has to pass between registrations from the same IP. Sorry for the inconvenience.'); |
87 |
90 |
88 |
91 |
89 $username = pun_trim($_POST['req_username']); |
92 $username = pun_trim($_POST['req_username']); |
90 $email1 = strtolower(trim($_POST['req_email1'])); |
93 $email1 = strtolower(trim($_POST['req_email1'])); |
130 if (censor_words($username) != $username) |
133 if (censor_words($username) != $username) |
131 message($lang_register['Username censor']); |
134 message($lang_register['Username censor']); |
132 } |
135 } |
133 |
136 |
134 // Check that the username (or a too similar username) is not already registered |
137 // Check that the username (or a too similar username) is not already registered |
135 $result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE UPPER(username)=UPPER(\''.$db->escape($username).'\') OR UPPER(username)=UPPER(\''.$db->escape(preg_replace('/[^\w]/', '', $username)).'\')') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); |
138 $result = $pun_db->query('SELECT username FROM '.$pun_db->prefix.'users WHERE UPPER(username)=UPPER(\''.$pun_db->escape($username).'\') OR UPPER(username)=UPPER(\''.$pun_db->escape(preg_replace('/[^\w]/', '', $username)).'\')') or error('Unable to fetch user info', __FILE__, __LINE__, $pun_db->error()); |
136 |
139 |
137 if ($db->num_rows($result)) |
140 if ($pun_db->num_rows($result)) |
138 { |
141 { |
139 $busy = $db->result($result); |
142 $busy = $pun_db->result($result); |
140 message($lang_register['Username dupe 1'].' '.pun_htmlspecialchars($busy).'. '.$lang_register['Username dupe 2']); |
143 message($lang_register['Username dupe 1'].' '.pun_htmlspecialchars($busy).'. '.$lang_register['Username dupe 2']); |
141 } |
144 } |
142 |
145 |
143 |
146 |
144 // Validate e-mail |
147 // Validate e-mail |
161 $banned_email = false; |
164 $banned_email = false; |
162 |
165 |
163 // Check if someone else already has registered with that e-mail address |
166 // Check if someone else already has registered with that e-mail address |
164 $dupe_list = array(); |
167 $dupe_list = array(); |
165 |
168 |
166 $result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE email=\''.$email1.'\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); |
169 $result = $pun_db->query('SELECT username FROM '.$pun_db->prefix.'users WHERE email=\''.$email1.'\'') or error('Unable to fetch user info', __FILE__, __LINE__, $pun_db->error()); |
167 if ($db->num_rows($result)) |
170 if ($pun_db->num_rows($result)) |
168 { |
171 { |
169 if ($pun_config['p_allow_dupe_email'] == '0') |
172 if ($pun_config['p_allow_dupe_email'] == '0') |
170 message($lang_prof_reg['Dupe e-mail']); |
173 message($lang_prof_reg['Dupe e-mail']); |
171 |
174 |
172 while ($cur_dupe = $db->fetch_assoc($result)) |
175 while ($cur_dupe = $pun_db->fetch_assoc($result)) |
173 $dupe_list[] = $cur_dupe['username']; |
176 $dupe_list[] = $cur_dupe['username']; |
174 } |
177 } |
175 |
178 |
176 // Make sure we got a valid language string |
179 // Make sure we got a valid language string |
177 if (isset($_POST['language'])) |
180 if (isset($_POST['language'])) |
194 |
197 |
195 $intial_group_id = ($pun_config['o_regs_verify'] == '0') ? $pun_config['o_default_user_group'] : PUN_UNVERIFIED; |
198 $intial_group_id = ($pun_config['o_regs_verify'] == '0') ? $pun_config['o_default_user_group'] : PUN_UNVERIFIED; |
196 $password_hash = pun_hash($password1); |
199 $password_hash = pun_hash($password1); |
197 |
200 |
198 // Add the user |
201 // Add the user |
199 $db->query('INSERT INTO '.$db->prefix.'users (username, group_id, password, email, email_setting, save_pass, timezone, language, style, registered, registration_ip, last_visit) VALUES(\''.$db->escape($username).'\', '.$intial_group_id.', \''.$password_hash.'\', \''.$email1.'\', '.$email_setting.', '.$save_pass.', '.$timezone.' , \''.$db->escape($language).'\', \''.$pun_config['o_default_style'].'\', '.$now.', \''.get_remote_address().'\', '.$now.')') or error('Unable to create user', __FILE__, __LINE__, $db->error()); |
202 $pun_db->query('INSERT INTO '.$pun_db->prefix.'users (username, group_id, password, email, email_setting, save_pass, timezone, language, style, registered, registration_ip, last_visit) VALUES(\''.$pun_db->escape($username).'\', '.$intial_group_id.', \''.$password_hash.'\', \''.$email1.'\', '.$email_setting.', '.$save_pass.', '.$timezone.' , \''.$pun_db->escape($language).'\', \''.$pun_config['o_default_style'].'\', '.$now.', \''.get_remote_address().'\', '.$now.')') or error('Unable to create user', __FILE__, __LINE__, $pun_db->error()); |
200 $new_uid = $db->insert_id(); |
203 $new_uid = $pun_db->insert_id(); |
201 |
204 |
202 |
205 |
203 // If we previously found out that the e-mail was banned |
206 // If we previously found out that the e-mail was banned |
204 if ($banned_email && $pun_config['o_mailing_list'] != '') |
207 if ($banned_email && $pun_config['o_mailing_list'] != '') |
205 { |
208 { |
250 message($lang_register['Reg e-mail'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.', true); |
253 message($lang_register['Reg e-mail'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.', true); |
251 } |
254 } |
252 |
255 |
253 pun_setcookie($new_uid, $password_hash, ($save_pass != '0') ? $now + 31536000 : 0); |
256 pun_setcookie($new_uid, $password_hash, ($save_pass != '0') ? $now + 31536000 : 0); |
254 |
257 |
255 redirect('index.php', $lang_register['Reg complete']); |
258 pun_redirect('index.php', $lang_register['Reg complete']); |
256 } |
259 } |
257 |
260 |
258 |
261 |
259 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_register['Register']; |
262 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_register['Register']; |
260 $required_fields = array('req_username' => $lang_common['Username'], 'req_password1' => $lang_common['Password'], 'req_password2' => $lang_prof_reg['Confirm pass'], 'req_email1' => $lang_common['E-mail'], 'req_email2' => $lang_common['E-mail'].' 2'); |
263 $required_fields = array('req_username' => $lang_common['Username'], 'req_password1' => $lang_common['Password'], 'req_password2' => $lang_prof_reg['Confirm pass'], 'req_email1' => $lang_common['E-mail'], 'req_email2' => $lang_common['E-mail'].' 2'); |