please help

[Security]

i got this error when i try to sign up : Signup failed! borked

i need help

[Ginno]

i had the same problem but it worked after another try

[Edgein]

i've had the same problem

with al little creation in the take signup and it works greath

this is my takesignup.php

in the settings panel i've got verrification by e-mail

takesignup.php

Code:

<?php
require_once("include/bittorrent.php");

registration_check("normal");
FLogin::failedloginscheck ("Signup");
HANDLE::cur_user_check () ;
function bark($msg) {
	stdhead();
	stdmsg("Signup Failed! (See Below)", $msg,false);
	stdfoot();
	exit;
}

if ($iv == "yes")
	check_code ($_POST['imagehash'], $_POST['imagestring']);	
	
function validusername($username)
{
	if ($username == "")
	  return false;

	// The following characters are allowed in user names
	$allowedchars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";

	for ($i = 0; $i < strlen($username); ++$i)
	  if (strpos($allowedchars, $username[$i]) === false)
	    return false;

	return true;
}

function isportopen($port)
{
	$sd = @fsockopen($_SERVER["REMOTE_ADDR"], $port, $errno, $errstr, 1);
	if ($sd)
	{
		fclose($sd);
		return true;
	}
	else
		return false;
}

function isproxy()
{
	$ports = array(80, 88, 1075, 1080, 1180, 1182, 2282, 3128, 3332, 5490, 6588, 7033, 7441, 8000, 8080, 8085, 8090, 8095, 8100, 8105, 8110, 8888, 22788);
	for ($i = 0; $i < count($ports); ++$i)
		if (isportopen($ports[$i])) return true;
	return false;
}

if (!mkglobal("wantusername:wantpassword:passagain:email:hintanswer:passhint:birthday"))
	die();
if(empty($birthday)) bark("Birthday cannot be empty");
$email = htmlspecialchars(trim($email));
$email = safe_email($email);
if (!check_email($email))
	bark("Invalid email address!");
	
if(EmailBanned($email))
    bark("This email address banned!");
	
$country = $_POST["country"];
	int_check($country);

$gender =  htmlspecialchars(trim($_POST["gender"])); 
$allowed_genders = array("Male","Female","male","female");
if (!in_array($gender, $allowed_genders, true))
	bark("Invalid Gender!");
	
if (empty($wantusername) || empty($wantpassword) || empty($email) || empty($country) || empty($gender) || empty($hintanswer) || empty($passhint))
	bark("Don't leave any fields blank.");
	
$hintanswer 	= trim ( htmlspecialchars ( $hintanswer ) ) ;
$passhint 		= trim ( htmlspecialchars ( $passhint ) ) ;

if (strlen($hintanswer) < 6)
	bark("Sorry, Hintanswer is too short (min is 6 chars)");
	
if (strlen($wantusername) > 12)
	bark("Sorry, username is too long (max is 12 chars)");

if ($wantpassword != $passagain)
	bark("The passwords didn't match! Must've typoed. Try again.");

if (strlen($wantpassword) < 6)
	bark("Sorry, password is too short (min is 6 chars)");

if (strlen($wantpassword) > 40)
	bark("Sorry, password is too long (max is 40 chars)");

if ($wantpassword == $wantusername)
	bark("Sorry, password cannot be same as user name.");
if(_ref_sys_ == 'yes'):
$referrer = 0;
  if (((!empty ($_POST['referrer']) AND validusername ($_POST['referrer']))))
  {
    ($r_query = mysql_query ('SELECT id FROM users WHERE enabled = \'yes\' AND username = ' . sqlesc ($_POST['referrer'])) OR sqlerr (__FILE__, 274));
    if (0 < mysql_num_rows ($r_query))
    {
      $referrer = mysql_result ($r_query, 0, 'id');
    }
  }
  endif;

if (!validemail($email))
	bark("That doesn't look like a valid email address.");

if (!validusername($wantusername))
	bark("Invalid username.");
	
// make sure user agrees to everything...
if ($_POST["rulesverify"] != "yes" || $_POST["faqverify"] != "yes" || $_POST["ageverify"] != "yes")
	stderr("Signup failed", "Sorry, you're not qualified to become a member of this site.");

// check if email addy is already in use
$a = (@mysql_fetch_row(@sql_query("select count(*) from users where email='".mysql_real_escape_string($email)."'"))) or sqlerr(__FILE__, __LINE__);
if ($a[0] != 0)
  bark("The e-mail address $email is already in use.");
  
/*
// do simple proxy check
if (isproxy())
	bark("You appear to be connecting through a proxy server. Your organization or ISP may use a transparent caching HTTP proxy. Please try and access the site on <a href=".$BASEURL.":81/signup.php>port 81</a> (this should bypass the proxy server). <p><b>Note:</b> if you run an Internet-accessible web server on the local machine you need to shut it down until the sign-up is complete.");

$res = sql_query("SELECT COUNT(*) FROM users") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_row($res);
*/

$secret = mksecret();
$uploaded = 5368709120;
$downloaded = 1073741824;

$wantpasshash = md5($secret . $wantpassword . $secret);
$editsecret = ($verification == 'admin' ? '' : mksecret());

$ret = sql_query("INSERT INTO users (downloaded,uploaded,username, passhash, secret, editsecret, email, country, gender, hintanswer, passhint, status, class, invites, added, birthday) VALUES (" .
		implode(",", array_map("sqlesc", array($downloaded, $uploaded, $wantusername, $wantpasshash, $secret, $editsecret, $email, $country, $gender, $hintanswer, $passhint, 'pending'))).
		", 0, '$invite_count', '". get_date_time() ."','".$birthday."')");

if (!$ret) {
	if (mysql_errno() == 1062)
		bark("Username already exists!");
	bark("Sorry, mysql error. Please contact the administrator about this error.");
}

$id = mysql_insert_id();
if(_ref_sys_ == 'yes'):
if ((0 < $id AND 0 < $referrer))
  {
    $credit = 107374182;
    (mysql_query ('' . 'UPDATE users SET uploaded = uploaded + ' . $credit . ' WHERE id = \'' . $referrer . '\'') OR sqlerr (__FILE__, 300));
  }
  endif;
$dt = sqlesc(get_date_time());
$subject = sqlesc("Welcome to $SITENAME!");
$msg = sqlesc("Congratulations ".htmlspecialchars($wantusername).",\n\nYou are now a member of $SITENAME,\nWe would like to take this opportunity to say hello and welcome to $SITENAME!\n\nPlease be sure to read the Rules: ($DEFAULTBASEURL/rules.php) and the Faq: ($DEFAULTBASEURL/faq.php#dl8)\n and be sure to stop by the Forums: ($DEFAULTBASEURL/forums.php) and say Hello!\n\nEnjoy your Stay.\nThe Staff of $SITENAME ");
sql_query("INSERT INTO messages (sender, receiver, subject, added, msg, poster) VALUES(0, $id, $subject, $dt, $msg, 0)") or sqlerr(__FILE__, __LINE__);
if(duty('userbot')):
$cntry = sql_query("SELECT name FROM countries WHERE id = '$country' LIMIT 1");
$cntry = mysql_fetch_assoc($cntry);
add_shout("Welcome our latest user: $wantusername ($cntry[name])");
endif;
//write_log("User account $id ($wantusername) was created");

$psecret = md5($editsecret);
$ip = IP::getip() ;
$usern = htmlspecialchars($wantusername);
$body = <<<EOD
Hi $usern,

You have requested a new user account on $SITENAME and you have
specified this address ($email) as user contact.

If you did not do this, please ignore this email. The person who entered your
email address had the IP address $ip. Please do not reply.

To confirm your user registration, you have to follow this link:

$DEFAULTBASEURL/confirm.php?id=$id&secret=$psecret

After you do this, you will be able to use your new account. If you fail to
do this, you account will be deleted within a few days. We urge you to read
the RULES and FAQ before you start using $SITENAME.

Please Note: If you did not register for $SITENAME, please forward this email to $REPORTMAIL

------
Yours,
The $SITENAME Team.
EOD;
	
if ($verification == 'automatic'){
	stdhead();
	stdmsg("Finish signup!", "Please click <a href=\"$DEFAULTBASEURL/confirm.php?id=$id&secret=$psecret\">here</a> to finish signup, thanks!",false);
	stdfoot();
	exit;
	
}elseif ($verification == 'admin')
	header("Location: $DEFAULTBASEURL/ok.php?type=adminactivate");
else {
	sent_mail($email,$SITENAME,$SITEEMAIL,"$SITENAME user registration confirmation",$body,"signup",false);             
	header("Location: $DEFAULTBASEURL/ok.php?type=signup&email=" . urlencode($email));
}
?>

grtzzzz Edgein

[Dragan3591]

Interesting..