wMan |
21st February 2009 21:13 |
also some code for cleanup or forums to announce new threads or posts for forums/shoutbox thx :coffee:
PHP Code:
<?
require_once("include/bittorrent.php"); require_once("include/phpbb2Bridge.php");
$res = mysql_query("SELECT COUNT(*) FROM users") or sqlerr(__FILE__, __LINE__); $arr = mysql_fetch_row($res); if ($arr[0] >= $maxusers) stderr("Error", "Sorry, user limit reached. Please try again later.");
if (!mkglobal("wantusername:wantpassword:passagain:email:country")) die();
function bark($msg) { stdhead(); stdmsg("Signup failed!", $msg); stdfoot(); exit; }
function validusername($username) { if ($username == "") return false;
// The following characters are allowed in user names $allowedchars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
for ($i = 0; $i < strlen($username); ++$i) if (strpos($allowedchars, $username[$i]) === false) return false;
return true; }
function isportopen($port) { $sd = @fsockopen($_SERVER["REMOTE_ADDR"], $port, $errno, $errstr, 1); if ($sd) { fclose($sd); return true; } else return false; } /* function isproxy() { $ports = array(80, 88, 1075, 1080, 1180, 1182, 2282, 3128, 3332, 5490, 6588, 7033, 7441, 8000, 8080, 8085, 8090, 8095, 8100, 8105, 8110, 8888, 22788); for ($i = 0; $i < count($ports); ++$i) if (isportopen($ports[$i])) return true; return false; } */ $year = $_POST["year"]; $month = $_POST["month"]; $day = $_POST["day"]; $birthday = date("$year.$month.$day");
if ($year == '0000') bark("Please set your birthday year.");
if ($month == '00') bark("Please set your birthday month.");
if ($day == '00') bark("Please set your birthday day.");
if (empty($country)) bark("You must select a country.");
if (empty($wantusername) || empty($wantpassword) || empty($email)) bark("Don't leave any fields blank.");
if (strlen($wantusername) > 12) bark("Sorry, username is too long (max is 12 chars)");
if ($wantpassword != $passagain) bark("The passwords didn't match! Must've typoed. Try again.");
if (strlen($wantpassword) < 6) bark("Sorry, password is too short (min is 6 chars)");
if (strlen($wantpassword) > 40) bark("Sorry, password is too long (max is 40 chars)");
if ($wantpassword == $wantusername) bark("Sorry, password cannot be same as user name.");
if (!validemail($email)) bark("That doesn't look like a valid email address.");
if(EmailBanned($email)) bark("This email address is banned!");
if (!validusername($wantusername)) bark("Invalid username.");
// make sure user agrees to everything... if ($_POST["rulesverify"] != "yes" || $_POST["faqverify"] != "yes" || $_POST["ageverify"] != "yes") stderr("Signup failed", "Sorry, you're not qualified to become a member of this site.");
// check if email addy is already in use $a = (@mysql_fetch_row(@mysql_query("select count(*) from users where email='$email'"))) or die(mysql_error()); if ($a[0] != 0) bark("The e-mail address $email is already in use.");
/* // do simple proxy check if (isproxy()) bark("You appear to be connecting through a proxy server. Your organization or ISP may use a transparent caching HTTP proxy. Please try and access the site on <a href=http://torrentbits.org:81/signup.php>port 81</a> (this should bypass the proxy server). <p><b>Note:</b> if you run an Internet-accessible web server on the local machine you need to shut it down until the sign-up is complete."); */
$secret = mksecret(); $wantpasshash = md5($secret . $wantpassword . $secret); $editsecret = (!$arr[0]?"": ENA_EMAIL_CONFIRM?mksecret():"");
$ret = mysql_query("INSERT INTO users (username, passhash, secret, editsecret, email, birthday, country, status, ". (!$arr[0]?"class, ":"") ."added) VALUES (" . implode(",", array_map("sqlesc", array($wantusername, $wantpasshash, $secret, $editsecret, $email, $birthday, $country, (!$arr[0] || !ENA_EMAIL_CONFIRM?'confirmed':'pending')))). ", ". (!$arr[0]?UC_SYSOP.", ":""). "'". get_date_time() ."')");
if (!$ret) { if (mysql_errno() == 1062) bark("Username already exists!"); bark("borked"); }
$id = mysql_insert_id();
//write_log("User account $id ($wantusername) was created");
$psecret = md5($editsecret);
$body = <<<EOD You have requested a new user account on $SITENAME and you have specified this address ($email) as user contact.
If you did not do this, please ignore this email. The person who entered your email address had the IP address {$_SERVER["REMOTE_ADDR"]}. Please do not reply.
To confirm your user registration, you have to follow this link:
$DEFAULTBASEURL/confirm.php?id=$id&secret=$psecret
After you do this, you will be able to use your new account. If you fail to do this, you account will be deleted within a few days. We urge you to read the RULES and FAQ before you start using torrentbits. EOD;
if (!$arr[0]) //sysop { logincookie($id, $wantpasshash); header("Refresh: 0; url=ok.php?type=sysop"); die(); }
insert_phpBB2user($wantusername, md5($wantpassword), $id, $email, 0);
if (ENA_EMAIL_CONFIRM) { mail($email, "$SITENAME user registration confirmation", $body, "From: $SITEEMAIL", "-f$SITEEMAIL"); } else { logincookie($id, $wantpasshash); activate_and_login_phpBB2user($wantusername); }
header("Refresh: 0; url=ok.php?type=". (!$arr[0]?"sysop": ENA_EMAIL_CONFIRM ? ("signup&email=" . urlencode($email)):"confirm"));
$text = ":hi: [color=green]TO OUR NEWEST MEMBER[/color]".htmlspecialchars($wantusername)." WE HOPE YOU ENJOY YOUR STAY"; $userid = 12; $username = SYSTEM; //$date=time(); $date=time()-3600; mysql_query("INSERT INTO shoutbox (id, userid, username, date, text) VALUES ('id'," . sqlesc($userid) . ", " . sqlesc($username) . ", $date, " . sqlesc($text) . ")") or sqlerr(__FILE__, __LINE__); $added = sqlesc(get_date_time()); header("Refresh: 0; url=ok.php?type=". (!$arr[0]?"sysop": ENA_EMAIL_CONFIRM ? ("signup&email=" . urlencode($email)):"confirm")); ?>
on line 175
take this takesignup :drink:and make new user call it SYSTEM and put id in
|