loadCodes(); if ($vImage->checkCode()) { dbconn(); $res = mysql_query("SELECT COUNT(*) FROM users") or sqlerr(__FILE__, __LINE__); $arr = mysql_fetch_row($res); if ($arr[0] >= $maxusers) stderr( _("Error"), "Sorry, user limit reached. Please try again later."); if (!mkglobal("wantusername:wantpassword:passagain:email")) die(); function bark($msg) { stdhead(); stdmsg("Signup failed!", $msg); stdfoot(); exit; } function validusername($username) { if ($username == "") return false; // The following characters are allowed in user names $allowedchars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; for ($i = 0; $i < strlen($username); ++$i) if (strpos($allowedchars, $username[$i]) === false) return false; return true; } function isportopen($port) { $sd = @fsockopen($_SERVER["REMOTE_ADDR"], $port, $errno, $errstr, 1); if ($sd) { fclose($sd); return true; } else return false; } /* function isproxy() { $ports = array(80, 88, 1075, 1080, 1180, 1182, 2282, 3128, 3332, 5490, 6588, 7033, 7441, 8000, 8080, 8085, 8090, 8095, 8100, 8105, 8110, 8888, 22788); for ($i = 0; $i < count($ports); ++$i) if (isportopen($ports[$i])) return true; return false; } */ $gender = $_POST["gender"]; $age = $_POST["age"]; if(strlen($age) > 2) bark("Wrong age!"); if(strlen($age) >= 1){ if(!is_valid_id($age)) bark("Wrong age!");} $website = unesc($_POST["website"]); if (empty($wantusername) || empty($wantpassword) || empty($email) || empty($gender)) bark("Don't leave any fields blank."); if (strlen($wantusername) > 12) bark("Sorry, username is too long (max is 12 chars)"); if ($wantpassword != $passagain) bark("The passwords didn't match! Must've typoed. Try again."); if (strlen($wantpassword) < 6) bark("Sorry, password is too short (min is 6 chars)"); if (strlen($wantpassword) > 40) bark("Sorry, password is too long (max is 40 chars)"); if ($wantpassword == $wantusername) bark("Sorry, password cannot be same as user name."); if (!validemail($email)) bark("That doesn't look like a valid email address."); if (strlen($website) > 40) bark("Sorry, website url is too long (max is 40 chars)"); if (!validusername($wantusername)) bark("Invalid username."); // make sure user agrees to everything... if ($_POST["rulesverify"] != "yes" || $_POST["faqverify"] != "yes" || $_POST["ageverify"] != "yes") stderr("Signup failed", "Sorry, you're not qualified to become a member of this site."); // check if email addy is already in use $a = (@mysql_fetch_row(@mysql_query("select count(*) from users where email='$email'"))) or die(mysql_error()); if ($a[0] != 0) bark("The e-mail address $email is already in use."); // check if ip addy is already in use $a = (@mysql_fetch_row(@mysql_query("select count(*) from users where ip='" . $_SERVER['REMOTE_ADDR'] . "'"))) or die(mysql_error()); if ($a[0] != 0) bark("The ip " . $_SERVER['REMOTE_ADDR'] . " is already in use."); $secret = mksecret(); $wantpasshash = md5($secret . $wantpassword . $secret); $editsecret = mksecret(); $passkey= md5($wantusername.get_date_time().$wantpasshash); $ret = mysql_query("INSERT INTO users (username, passhash, secret, editsecret, email, gender, age, website, passkey, status, added, invitedate, last_check, inverted_added) VALUES (" .implode(",", array_map("sqlesc", array($wantusername, $wantpasshash, $secret, $editsecret, $email, $gender, $age, $website, $passkey, 'pending')) ).", NOW(), NOW(), NOW(), 4294967295 - UNIX_TIMESTAMP(added) )"); if (!$ret) { if (mysql_errno() == 1062) bark(_("Username already exists!")); bark("borked"); } $id = mysql_insert_id(); //write_log("User account $id ($wantusername) was created"); $psecret = md5($editsecret); $body = <<"); echo _("Please press back and try again"); } ?>