Changeset 19 for minimanager/register.php

Timestamp:

Aug 13, 2007, 9:05:34 PM (17 years ago)

Author:

george

Message:

Aktualizace MaNGOS Minimanageru na verzi 0.1.4a.

File:

• minimanager/register.php (modified) (12 diffs)

minimanager/register.php

@@ -10 +10 @@
  require_once("header.php");
 
-
 //#####################################################################################################
 // DO REGISTER
@@ -18 +17 @@
                 $send_mail_on_creation, $create_acc_locked, $from_mail, $mailer_type, $smtp_cfg, $title;
 
- if (empty($_COOKIE['terms']) || ($_COOKIE['terms']) != 'i_do') redirect("register.php?err=13");
-
- //make sure all got by post
  if ( empty($_POST['pass']) || empty($_POST['email']) || empty($_POST['username']) ) {
    redirect("register.php?err=1");
@@ -54 +50 @@
  }
  
-        $mysql = new MySQL;
-        $mysql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
-        
-        $user_name = $mysql->quote_smart(trim($_POST['username']));
-        $pass = $mysql->quote_smart($_POST['pass']);
-        $pass1 = $mysql->quote_smart($_POST['pass1']);
+        $sql = new SQL;
+        $sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
+        
+        $user_name = $sql->quote_smart(trim($_POST['username']));
+        $pass = $sql->quote_smart($_POST['pass']);
+        $pass1 = $sql->quote_smart($_POST['pass1']);
 
         //make sure username/pass at least 4 chars long and less than max
         if ((strlen($user_name) < 4) || (strlen($user_name) > 15)){
-                $mysql->close();
+                $sql->close();
         redirect("register.php?err=5");
         }
@@ -71 +67 @@
         //make sure it doesnt contain non english chars.
         if (!alphabetic($user_name)) {
-                $mysql->close();
+                $sql->close();
         redirect("register.php?err=6");
         }
 
         //make sure the mail is valid mail format
-        $mail = $mysql->quote_smart(trim($_POST['email']));
+        $mail = $sql->quote_smart(trim($_POST['email']));
         if ((!is_email($mail))||(strlen($mail)  > 224)) {
-                        $mysql->close();
+                        $sql->close();
                 redirect("register.php?err=7");
                 }
@@ -84 +80 @@
         $per_ip = ($limit_acc_per_ip) ? "OR last_ip='$last_ip'" : "";
 
-        $result = $mysql->query("SELECT ip FROM ip_banned WHERE ip = '$last_ip'");
+        $result = $sql->query("SELECT ip FROM ip_banned WHERE ip = '$last_ip'");
         //IP is in ban list
-        if ($mysql->num_rows($result)){
-                        $mysql->close();
+        if ($sql->num_rows($result)){
+                        $sql->close();
                 redirect("register.php?err=8&usr=$last_ip");
         }
 
-        $result = $mysql->query("SELECT username,email FROM account WHERE username='$user_name' OR email='$mail' $per_ip");
+        $result = $sql->query("SELECT username,email FROM account WHERE username='$user_name' OR email='$mail' $per_ip");
 
         //there is already someone with same user/mail
-        if ($mysql->num_rows($result)){
-                        $mysql->close();
+        if ($sql->num_rows($result)){
+                        $sql->close();
                 redirect("register.php?err=3&usr=$user_name");
         } else {
-                $tbc = (isset($_POST['tbc'])) ? $mysql->quote_smart($_POST['tbc']) : 0;
-
-                $result = $mysql->query("INSERT INTO account (username,I,gmlevel,email, joindate,last_ip,failed_logins,locked,last_login,online,tbc) 
+                $tbc = (isset($_POST['tbc'])) ? $sql->quote_smart($_POST['tbc']) : 0;
+
+                $result = $sql->query("INSERT INTO account (username,I,gmlevel,email, joindate,last_ip,failed_logins,locked,last_login,online,tbc) 
                                 VALUES ('$user_name','$pass',0,'$mail',current_date(),'$last_ip',0,$create_acc_locked,NULL,0,$tbc)");
-                $mysql->close();
+                $sql->close();
                 
                 setcookie ("terms", "", time() - 3600);
 
                 if ($send_mail_on_creation){
-                        require_once("scripts/class.phpmailer.php");
+                        require_once("scripts/mailer/class.phpmailer.php");
                         $mailer = new PHPMailer();
                         $mailer->Mailer = $mailer_type;
@@ -166 +162 @@
                         }
                 }
+                answerbox.btn_ok='{$lang_register['i_agree']}';
+                answerbox.btn_cancel='{$lang_register['i_dont_agree']}';
+                answerbox.btn_icon='';
         </script>
-
         <fieldset style=\"width: 550px;\">
         <legend>{$lang_register['create_acc']}</legend>
@@ -205 +203 @@
         <tr><td colspan=\"2\"><hr /></td></tr>
         <tr>
-         <td colspan=\"2\">{$lang_register['read_terms']} : <a href=\"javascript:popUp('terms.php?action=terms')\">{$lang_register['terms']}</a></td>
+         <td colspan=\"2\">{$lang_register['read_terms']}.</td>
         </tr>
         <tr><td colspan=\"2\"><hr / ></td></tr>
         <tr><td>";
-                makebutton($lang_register['create_acc_button'], "javascript:do_submit_data()",150);
+                
+        $terms = "<textarea rows=\'18\' cols=\'80\' readonly=\'readonly\'>";
+        $fp = fopen("mail_templates/terms.tpl", 'r') or die (error("Couldn't Open terms.tpl File!"));
+        while (!feof($fp)) $terms .= fgets($fp, 1024);
+        fclose($fp);
+        $terms .= "</textarea>";
+
+                makebutton($lang_register['create_acc_button'], "javascript:answerBox('{$lang_register['terms']}<br />$terms', 'javascript:do_submit_data()')",150);
 $output .= "</td><td>";
-                makebutton($lang_global['back'], "javascript:window.history.back()", 328);
+                makebutton($lang_global['back'], "login.php", 328);
  $output .= "</td></tr>
     </table>
@@ -258 +263 @@
  if ( empty($_POST['username']) || empty($_POST['email']) ) redirect("register.php?action=pass_recovery&err=1");
 
- $mysql = new MySQL;
- $mysql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
-        
- $user_name = $mysql->quote_smart(trim($_POST['username']));
- $email_addr = $mysql->quote_smart($_POST['email']);
-
- $result = $mysql->query("SELECT I FROM account WHERE username = '$user_name' AND email = '$email_addr'");
-
- if ($mysql->num_rows($result) == 1){
-
-        require_once("scripts/class.phpmailer.php");
+ $sql = new SQL;
+ $sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
+        
+ $user_name = $sql->quote_smart(trim($_POST['username']));
+ $email_addr = $sql->quote_smart($_POST['email']);
+
+ $result = $sql->query("SELECT I FROM account WHERE username = '$user_name' AND email = '$email_addr'");
+
+ if ($sql->num_rows($result) == 1){
+
+        require_once("scripts/mailer/class.phpmailer.php");
         $mail = new PHPMailer();
         $mail->Mailer = $mailer_type;
@@ -292 +297 @@
         $body = str_replace("<password>", substr(sha1(strtoupper($user_name)),0,7), $body);
         $body = str_replace("<activate_link>",
-                $_SERVER['HTTP_HOST']."/register.php?action=do_pass_activate&amp;h=".$mysql->result($result, 0, 'I')."&amp;p=".substr(sha1(strtoupper($user_name)),0,7), $body);
+                $_SERVER['HTTP_HOST']."/register.php?action=do_pass_activate&amp;h=".$sql->result($result, 0, 'I')."&amp;p=".substr(sha1(strtoupper($user_name)),0,7), $body);
         $body = str_replace("<base_url>", $_SERVER['HTTP_HOST'], $body);
 
@@ -323 +328 @@
  if ( empty($_GET['h']) || empty($_GET['p']) ) redirect("register.php?action=pass_recovery&err=1");
 
- $mysql = new MySQL;
- $mysql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
-
- $pass = $mysql->quote_smart(trim($_GET['p']));
- $hash = $mysql->quote_smart($_GET['h']);
-
- $result = $mysql->query("SELECT id,username FROM account WHERE I = '$hash'");
-
- if ($mysql->num_rows($result) == 1){
-        $username = $mysql->result($result, 0, 'username');
-        $id = $mysql->result($result, 0, 'id');
-        if (substr(sha1(strtoupper($mysql->result($result, 0, 'username'))),0,7) == $pass){
-                $mysql->query("UPDATE account SET I=SHA1(CONCAT(UPPER('$username'),':',UPPER('$pass'))) WHERE id = '$id'");
+ $sql = new SQL;
+ $sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
+
+ $pass = $sql->quote_smart(trim($_GET['p']));
+ $hash = $sql->quote_smart($_GET['h']);
+
+ $result = $sql->query("SELECT id,username FROM account WHERE I = '$hash'");
+
+ if ($sql->num_rows($result) == 1){
+        $username = $sql->result($result, 0, 'username');
+        $id = $sql->result($result, 0, 'id');
+        if (substr(sha1(strtoupper($sql->result($result, 0, 'username'))),0,7) == $pass){
+                $sql->query("UPDATE account SET I=SHA1(CONCAT(UPPER('$username'),':',UPPER('$pass'))) WHERE id = '$id'");
                 redirect("login.php");
                 }
@@ -348 +353 @@
 // MAIN
 //#####################################################################################################
-$output .= "<script type=\"text/javascript\">
-function popUp(URL) {
-        m_window = window.open(URL, 'm_window', 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=700,height=400');
-        m_window.moveTo(100,100);
-}
-</script>";
-
 $err = (isset($_GET['err'])) ? $_GET['err'] : NULL;
 
@@ -398 +396 @@
    $output .= "<h1><font class=\"error\">{$lang_register['recovery_mail_sent']}</font></h1>";
    break;
-case 13: 
-   $output .= "<h1><font class=\"error\">{$lang_register['error_terms']}</font></h1>";
-   break;
 default:
    $output .= "<h1><font class=\"error\">{$lang_register['fill_all_fields']}</font></h1>";