Code:
<?php
// **********************************************************************
// Rusnak PHP Adoptables Script
// Copyright 2009 Brandon Rusnak
// For help and support: http://www.rusnakweb.com/forum/
//
// Redistribution prohibited without written permission
// **********************************************************************
// Wake the sleeping giant
// **********************************************************************
// Basic Configuration Info
// **********************************************************************
include("inc/functions.php");
include("inc/config.php");
include("lang/lang.php");
$themeurl = grabanysetting("themeurl");
// **********************************************************************
// Define our top links by calling getlinks()
// **********************************************************************
$links = getlinks();
// **********************************************************************
// Define our ads by calling getads()
// **********************************************************************
$ads = getads("register");
// **********************************************************************
// Grab any dynamic article content from the content table
// **********************************************************************
$pagecontent = getsitecontent("index");
$article_title = $pagecontent[title];
$article_content = $pagecontent[content];
$article_content = nl2br($article_content);
// **********************************************************************
// Grab any settings that we will need for the current page from the DB
// **********************************************************************
$browsertitle = grabanysetting("browsertitle");
$sitename = grabanysetting("sitename");
$slogan = grabanysetting("slogan");
// **********************************************************************
// Check and see if the user is logged in to the site
// **********************************************************************
$loginstatus = logincheck();
$isloggedin = $loginstatus[loginstatus];
$loggedinname = $loginstatus[username];
// **********************************************************************
// End Prepwork - Output the page to the user
// **********************************************************************
if($isloggedin == "yes"){
$article_title = "You already have an account";
$article_content = "You already have an account, thus there is no need for you to register a new one.";
}
else{
//Grab the post data from the form
$username = $_POST["username"];
$pass1 = $_POST["pass1"];
$pass2 = $_POST["pass2"];
$email = $_POST["email"];
$tos = $_POST["tos"];
$hidden = $_POST["hidden"];
$spam = $_POST["spam"];
//Protect the database
$username = preg_replace("/[^a-zA-Z0-9\\040.]/", "", $username);
$username = secure($username);
$pass1 = secure($pass1);
$pass2 = secure($pass2);
$email = preg_replace("/[^a-zA-Z0-9@._-]/", "", $email);
$email = secure($email);
$tos = preg_replace("/[^a-zA-Z0-9s]/", "", $tos);
$hidden = preg_replace("/[^a-zA-Z0-9s]/", "", $hidden);
$spam = secure($spam);
if($hidden != "goregister"){
//The form was not submitted, so we are showing the signup page...
$article_title = $regnew;
$article_content = $regnewexplain."<br><form name='form1' method='post' action='register.php'>
<p>Username: <input name='username' type='text' id='username' maxlength='20'></p>
<p>Your username may be up to 20 characters long and may only contain letters, numbers and spaces. </p>
<p>Password: <input name='pass1' type='password' id='pass1' maxlength='20'></p>
<p>Your password may be up to 20 characters long and may contain letters, numbers, spaces and special characters. The use of a special character, such as * or ! is recommended for increased security. </p>
<p>Confirm Password: <input name='pass2' type='password' id='pass2' maxlength='20'></p>
<p>Email Address: <input name='email' type='text' id='email'></p>
<p><input name='tos' type='checkbox' id='tos' value='yes'> I agree to the <a href='tos.php' target='_blank'>Terms of Service</a>.
<input name='hidden' type='hidden' id='hidden' value='goregister'></p>
<p>Please enter the number after fifteen. <input name='spam' type='text' id='spam' value='I am a spammer!'></p>
<p><input type='submit' name='Submit' value='Register'>
</p></form>";
}
else{
//We are attempting to register the user...
//First MD5 hash the passwords:
$pass1 = md5($pass1);
$pass2 = md5($pass2);
//Next check that the email does not already exist...
$flag1 = 0;
$query = "SELECT * FROM ".$prefix."users WHERE email = '$email'";
$result = @mysql_query($query);
$num1 = @mysql_numrows($result);
if($num1 > 0){
$flag1 = 1;
}
//Next check that the username does not already exist...
$flag = 0;
$query = "SELECT * FROM ".$prefix."users WHERE username = '$username'";
$result = @mysql_query($query);
$num = @mysql_numrows($result);
if($num > 0){
$flag = 1;
}
//Now we verify that the email address is a valid email address...
$emailisvalid = "no";
if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) {
$emailisvalid = "yes";
}
//First check that something required was not left blank...
if($username == "" or $pass1 == "" or $pass2 == "" or $email == ""){
$article_title = "Error";
$article_content = $regblank;
}
else if($pass1 != $pass2){
//Passwords do not match
$article_title = "Your passwords do not match";
$article_content = $passnomatch;
}
else if($tos != "yes"){
//User did not agree to TOS
$article_title = "Terms of Service Error";
$article_content = $notos;
}
else if($flag1 > 0){
//email already exists
$article_title = "Multiple Accounts is not permitted on this website.";
$article_content = $emailexists;
}
else if($flag > 0){
//Username already exists
$article_title = "Your username already exists";
$article_content = $userexists;
}
else if($emailisvalid != "yes"){
//Email address is not valid or is a fake
$article_title = "Email address is not valid";
$article_content = $emailinvalid;
}
else if($spam != "16"){
$article_title = "You entered the wrong number";
$article_content = "Please correct it and try again.";
}
else{
//All checks are done, actually create the user's account on the database
$date = date('Y-m-d');
mysql_query("INSERT INTO ".$prefix."users VALUES ('', '$username', '$pass1','$email','3','1', '$date', '0','','','','','')");
//Now that we have created the user, let's log them in...
$status = dologin($username, $pass1);
if($status != "success"){
$article_title = "Something is Wrong!";
$article_content = "Something is very, very wrong. Please contact Slix about this error.";
}
else{
//We are registered and logged in...
$article_title = $titleregsuccess;
$article_content = $regsuccess."".$username."".$regsuccess2;
//Reflect our changes in the sidebar...
$sidebar = "<b><u>Welcome ".$username."</u></b>:<br><a href='account.php'>Go to My Account</a><br><a href='adopt.php'>Adopt Some Pets</a>";
}
}
}
}
// **********************************************************************
// Begin Template Definition
// **********************************************************************
//Define our current theme
$file = $themeurl;
// Do the template changes and echo the ready template
$template = file_get_contents($file);
$template = replace(':ARTICLETITLE:',$article_title,$template);
$template = replace(':ARTICLECONTENT:',$article_content,$template);
$template = replace(':ARTICLEDATE:',$article_date,$template);
$template = replace(':BROWSERTITLE:',$browsertitle,$template);
$template = replace(':SITENAME:',$sitename,$template);
//Define our links
$template = replace(':LINKSBAR:',$links,$template);
//Get the content for the side bar...
if($sidebar == ""){
$sidebar = getsidebar();
}
$template = replace(':SIDEFEED:',$sidebar,$template);
//Get the ad content...
$template = replace(':ADS:',$ads,$template);
//Get the slogan info
$template = replace(':SLOGAN:',$slogan,$template);
echo $template;
// **********************************************************************
// End Template Definition
// **********************************************************************
?>