joeroberts |
22nd April 2010 18:20 |
try this one
PHP Code:
<? require_once("include/bittorrent.php"); require_once("include/phpbb2Bridge.php");
$id = 0 + $HTTP_GET_VARS["id"]; $md5 = $HTTP_GET_VARS["secret"]; if (!$id) httperr();
dbconn();
$res = mysql_query("SELECT COUNT(*) FROM users") or sqlerr(__FILE__, __LINE__); $arr = mysql_fetch_row($res); if ($arr[0] >= $invites) stderr("Error", "Sorry, user limit reached. Please try again later.");
$res = mysql_query("SELECT editsecret,email, status FROM users WHERE id = $id"); $row = mysql_fetch_array($res);
if (!$row) httperr();
if ($row["status"] != "pending") { header("Refresh: 0; url=ok.php?type=confirmed"); exit(); }
$email = $row["email"];
$sec = hash_pad($row["editsecret"]); if ($md5 != md5($sec)) httperr(); if (empty($wantusername) || empty($wantpassword)) //bark("Don't leave any fields blank."); if (!mkglobal("wantusername:wantpassword:passagain:country")) die();
function bark($msg) { stdhead(); stdmsg("Signup failed!", $msg); stdfoot(); exit; }
function validusername($username) { if ($username == "") return false;
// The following characters are allowed in user names $allowedchars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
for ($i = 0; $i < strlen($username); ++$i) if (strpos($allowedchars, $username[$i]) === false) return false;
return true; }
function isportopen($port) { global $HTTP_SERVER_VARS; $sd = @fsockopen($HTTP_SERVER_VARS["REMOTE_ADDR"], $port, $errno, $errstr, 1); if ($sd) { fclose($sd); return true; } else return false; }
if (empty($country)) bark("You must select a country.");
if (strlen($wantusername) > 12) bark("Sorry, username is too long (max is 12 chars)");
if ($wantpassword != $passagain) bark("The passwords didn't match! Must've typoed. Try again.");
if (strlen($wantpassword) < 6) bark("Sorry, password is too short (min is 6 chars)");
if (strlen($wantpassword) > 40) bark("Sorry, password is too long (max is 40 chars)");
if ($wantpassword == $wantusername) bark("Sorry, password cannot be same as user name.");
if (!validusername($wantusername)) bark("Invalid username.");
// make sure user agrees to everything... if ($HTTP_POST_VARS["rulesverify"] != "yes" || $HTTP_POST_VARS["faqverify"] != "yes" || $HTTP_POST_VARS["ageverify"] != "yes") stderr("Signup failed", "Sorry, you're not qualified to become a member of this site.");
$secret = mksecret(); $wantpasshash = md5($secret . $wantpassword . $secret);
$ret = mysql_query("UPDATE users SET username='$wantusername', passhash='$wantpasshash', status='confirmed', editsecret='', secret='$secret', country='$country' WHERE id=$id"); $newid = mysql_insert_id(); if (!$ret) { if (mysql_errno() == 1062) bark("Username already exists!"); bark("Database Update Failed"); } insert_phpBB2user($wantusername, md5($wantpassword), $id, $email); login_phpBB2user($wantusername, md5($wantpassword), TRUE);
logincookie($id, $wantpasshash);
header("Refresh: 0; url=ok.php?type=confirm");
?>
|