Hello, I have this registration script in php... and was recently compromised. I was hoping for some help in identifying any potential security issues that would allow a person to get userid, email, and password hash's from it.
<?php
define('NO_INCLUDE', 1);
$phpEx = "php";
$php_root_path = "./";
include($php_root_path . 'includes/common.'.$phpEx);
if ( isset($HTTP_POST_VARS['mode']) )
$mode = $HTTP_POST_VARS['mode'];
elseif ( isset($HTTP_GET_VARS['mode']) )
$mode = $HTTP_GET_VARS['mode'];
else $mode = 'register';
function show_coppa()
{
global $template, $php_root_path, $phpEx;
$template->set_filenames(array(
'body' => 'agreement_body.tpl')
);
$template->pparse('body');
}
$error = FALSE;
$error_msg = '';
$page_title = ( $mode == 'register' ) ? "Register" : "Activate";
session_start();
if ( $mode == 'activate' )
{
if( ( isset($HTTP_POST_VARS['activate']) || isset($HTTP_GET_VARS['activate']) ) && !$_SESSION['logged_in'] )
{
$username = isset($HTTP_POST_VARS['StrUserID']) ? $HTTP_POST_VARS['StrUserID'] : '';
$password = isset($HTTP_POST_VARS['password']) ? $HTTP_POST_VARS['password'] : '';
$activation_code = isset($HTTP_POST_VARS['activation_code']) ? $HTTP_POST_VARS['activation_code'] : $HTTP_GET_VARS['act_code'];
$sql = "SELECT JID, StrUserID, password, Name, Email, sex, certificate_num, address, postcode, phone, mobile, regtime, reg_ip, activation_code FROM TB_User_Info WHERE StrUserID = '" . $username . "'";
if ( !($result = $db_account->sql_query($sql)) )
{
die('Error in obtaining user data');
}
if( $row = $db_account->sql_fetchrow($result) )
{
if( md5($password) == $row['password'] )
{
if( $activation_code == $row['activation_code'] )
{
if($row['certificate_num'] != "") $row['certificate_num'] = "'".$row['certificate_num']."'"; else $row['certificate_num'] = "NULL";
if($row['address'] != "") $row['address'] = "'".$row['address']."'"; else $row['address'] = "NULL";
if($row['postcode'] != "") $row['postcode'] = "'".$row['postcode']."'"; else $row['postcode'] = "NULL";
if($row['phone'] != "") $row['phone'] = "'".$row['phone']."'"; else $row['phone'] = "NULL";
if($row['mobile'] != "") $row['mobile'] = "'".$row['mobile']."'"; else $row['mobile'] = "NULL";
$sql = "INSERT INTO TB_User (StrUserID, password, Status, GMrank, Name, Email, sex, certificate_num, address, postcode, phone, mobile, regtime, reg_ip, Time_log, sec_primary, sec_content)
VALUES ('" . $row['StrUserID'] . "', '" . $row['password'] . "', '1', '0', '" . $row['Name'] . "', '" . $row['Email'] . "', '" . $row['sex'] . "', " . $row['certificate_num'] . ", " . $row['address'] . ", " . $row['postcode'] . ", " . $row['phone'] . ", " . $row['mobile'] . ", '" . $row['regtime'] . "', '" . $row['reg_ip'] . "', NULL, '3', '3') ";
if ( !($result = $db_account->sql_query($sql)) )
{
die('Could not insert data into users table<br />'.$sql);
}
else
{
$message = 'Congratulations!!! Your account has successfuly been activated!<br /><br />You are now logged into the website and you can use your account information to login to any of our servers!<br /><br />Now would be a good time to visit our <a href="viewforum.php?f=12">Introduction & Recruitment Section</a> on our Community page and introduce yourself!<br /><br />We hope you enjoy your time with us at Silkroad Universe!';
$sql = "DELETE FROM TB_User_Info WHERE JID = ".$row['JID'];
if ( !($result = $db_account->sql_query($sql)) )
{
die('Could not delete temp activation data');
}
$sql = "SELECT JID, StrUserID, Name, Email, Status, sec_content FROM TB_User WHERE StrUserID = '" . $row['StrUserID'] . "'";
if ( !($result = $db_account->sql_query($sql)) )
{
die('Error in obtaining user data');
}
$new_user = $db_account->sql_fetchrow($result);
$_SESSION['JID'] = $new_user['JID'];
$_SESSION['StrUserID'] = $new_user['StrUserID'];
$_SESSION['Name'] = $new_user['Name'];
$_SESSION['Email'] = $new_user['Email'];
$_SESSION['Status'] = $new_user['Status'];
$_SESSION['sec_content'] = $new_user['sec_content'];
$_SESSION['session_id'] = session_id();
$_SESSION['tracking_topics'] = array();
$_SESSION['tracking_forums'] = array();
$_SESSION['last_visit'] = ($_SESSION['last_pagevisit']+10800)<=time()?time():$_SESSION['last_visit'];
$_SESSION['last_pagevisit'] = time();
$_SESSION['logged_in'] = TRUE;
}
$message = $message . '<br /><br />' . sprintf('Click %sHere%s to return to the Index', '<a href="index.'.$phpEx.'">', '</a>');
include($php_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'message_body.tpl')
);
$template->assign_vars(array(
'MESSAGE_TITLE' => "Registration Successful",
'MESSAGE_TEXT' => $message)
);
$template->pparse('body');
include($php_root_path . 'includes/page_footer.'.$phpEx);
}
else
{
$message_title = 'Your activation code did not match our records.';
}
}
else
{
$message_title = 'You have specified an incorrect password.';
}
}
else
{
$message_title = 'You have specified an incorrect username.';
}
$page_title = "Activation Error";
include($php_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'message_body.tpl')
);
if( isset($HTTP_POST_VARS['redirect']) )
$redir = '&redirect='.$HTTP_POST_VARS['redirect'];
else
$redir = '';
$message_text = sprintf('Click %sHere%s to try again', '<a href="register.'.$phpEx.'?mode=activate'.$redir.'">', '</a>') . '<br /><br />'
. sprintf('Click %sHere%s to return to the Index', '<a href="index.'.$phpEx.'">', '</a>');
$template->assign_vars(array(
'MESSAGE_TITLE' => $message_title,
'MESSAGE_TEXT' => $message_text)
);
$template->pparse('body');
include($php_root_path . 'includes/page_footer.'.$phpEx);
}
else
{
if ( empty($_SESSION['logged_in']) )
{
include($php_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'activate_body.tpl')
);
if( isset($HTTP_POST_VARS['act_code']) || isset($HTTP_GET_VARS['act_code']) )
{
$activation_code = isset($HTTP_GET_VARS['act_code']) ? $HTTP_GET_VARS['act_code'] : $HTTP_POST_VARS['act_code'];
$s_hidden_fields = '<input type="hidden" name="activation_code" value="' . $activation_code . '" />';
}
else
{
$template->assign_block_vars('switch_enter_activation_code', array());
}
if( isset($HTTP_POST_VARS['redirect']) || isset($HTTP_GET_VARS['redirect']) )
{
$forward_page = isset($HTTP_GET_VARS['redirect']) ? $HTTP_GET_VARS['redirect'] : $HTTP_POST_VARS['redirect'];
$s_hidden_fields .= '<input type="hidden" name="redirect" value="' . $forward_page . '" />';
}
$template->assign_vars(array(
'S_HIDDEN_FIELDS' => $s_hidden_fields)
);
$template->pparse('body');
include($php_root_path . 'includes/page_footer.'.$phpEx);
}
else
{
$page_title = "Activation Error";
include($php_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'message_body.tpl')
);
if( isset($HTTP_POST_VARS['redirect']) )
$redir = '&redirect='.$HTTP_POST_VARS['redirect'];
else
$redir = '';
$message_title = 'You must log out to activate your account';
$message_text = sprintf('Click %sHere%s to log out', '<a href="login.'.$phpEx.'?logout=true'.$redir.'">', '</a>') . '<br /><br />'
. sprintf('Click %sHere%s to return to the Index', '<a href="index.'.$phpEx.'">', '</a>');
$template->assign_vars(array(
'MESSAGE_TITLE' => $message_title,
'MESSAGE_TEXT' => $message_text)
);
$template->pparse('body');
include($php_root_path . 'includes/page_footer.'.$phpEx);
}
}
}
elseif ( $mode == 'resend' )
{
if( isset($HTTP_POST_VARS['resend']) || isset($HTTP_GET_VARS['resend']) )
{
$user_email = isset($HTTP_POST_VARS['user_email']) ? $HTTP_POST_VARS['user_email'] : '';
$sql = "SELECT JID, StrUserID, Email, activation_code FROM TB_User_Info WHERE StrUserID = '" . $user_email . "' OR Email = '" . $user_email . "'";
if ( !($result = $db_account->sql_query($sql)) )
{
die('Error in obtaining user data');
}
if( $row = $db_account->sql_fetchrow($result) )
{
$message = 'Your activation code has been resent to the account email you specified.';
include($php_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer(true);
$emailer->from('no-reply@sro-underground.com');
$emailer->replyto('no-reply@sro-underground.com');
$emailer->use_template('user_welcome_inactive');
$emailer->email_address($row['Email']);
$emailer->set_subject('Resend Activation');
$emailer->assign_vars(array(
'USERNAME' => $row['StrUserID'],
'PASSWORD' => '************',
'ACTIVATION_CODE' => $row['activation_code'],
'U_ACTIVATE' => $server_addr . $server_script . 'register.php?mode=activate&act_code=' . $row['activation_code'])
);
$emailer->send();
$emailer->reset();
$message = $message . sprintf('Click %sHere%s to manually enter your activation code', '<a href="register.'.$phpEx.'?mode=activate">', '</a>') . '<br /><br />';
$message = $message . '<br /><br />' . sprintf('Click %sHere%s to return to the Index', '<a href="index.'.$phpEx.'">', '</a>');
include($php_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'message_body.tpl')
);
$template->assign_vars(array(
'MESSAGE_TITLE' => "Activation Resend Successful",
'MESSAGE_TEXT' => $message)
);
$template->pparse('body');
include($php_root_path . 'includes/page_footer.'.$phpEx);
}
else
{
$message_title = 'You have specified an incorrect username or email.';
}
$page_title = "Resend Activation Error";
include($php_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'message_body.tpl')
);
if( isset($HTTP_POST_VARS['redirect']) )
$redir = '&redirect='.$HTTP_POST_VARS['redirect'];
else
$redir = '';
$message_text = sprintf('Click %sHere%s to try again', '<a href="register.'.$phpEx.'?mode=activate'.$redir.'">', '</a>') . '<br /><br />'
. sprintf('Click %sHere%s to return to the Index', '<a href="index.'.$phpEx.'">', '</a>');
$template->assign_vars(array(
'MESSAGE_TITLE' => $message_title,
'MESSAGE_TEXT' => $message_text)
);
$template->pparse('body');
include($php_root_path . 'includes/page_footer.'.$phpEx);
}
else
{
include($php_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'activate_resend.tpl')
);
if( isset($HTTP_POST_VARS['redirect']) || isset($HTTP_GET_VARS['redirect']) )
{
$forward_page = isset($HTTP_GET_VARS['redirect']) ? $HTTP_GET_VARS['redirect'] : $HTTP_POST_VARS['redirect'];
$s_hidden_fields .= '<input type="hidden" name="redirect" value="' . $forward_page . '" />';
}
$template->assign_vars(array(
'S_HIDDEN_FIELDS' => $s_hidden_fields)
);
$template->pparse('body');
include($php_root_path . 'includes/page_footer.'.$phpEx);
}
}
elseif ( $mode == 'bademail' )
{
if( isset($HTTP_POST_VARS['bademail']) || isset($HTTP_GET_VARS['bademail']) )
{
$Email = isset($HTTP_POST_VARS['Email']) ? $HTTP_POST_VARS['Email'] : '';
$Email_new = isset($HTTP_POST_VARS['Email_new']) ? $HTTP_POST_VARS['Email_new'] : '';
$Email_con = isset($HTTP_POST_VARS['Email_con']) ? $HTTP_POST_VARS['Email_con'] : '';
$username = isset($HTTP_POST_VARS['StrUserID']) ? $HTTP_POST_VARS['StrUserID'] : '';
$password = isset($HTTP_POST_VARS['password']) ? $HTTP_POST_VARS['password'] : '';
$sql = "SELECT JID, StrUserID, Name, Email, password, activation_code
FROM TB_User_Info WHERE StrUserID = '" . $username . "'";
if ( !($result = $db_account->sql_query($sql)) )
{
die('Error in obtaining user data');
}
if( $row = $db_account->sql_fetchrow($result) )
{
if( md5($password) == $row['password'] )
{
if( $Email == $row['Email'] && $Email_new == $Email_con )
{
$sql = "SELECT Email FROM TB_User WHERE Email = '" . $Email . "' UNION ALL SELECT Email FROM TB_User_Info WHERE Email = '" . $Email . "'";
if ( !($result = $db_account->sql_query($sql)) )
{
die('Error in obtaining email data');
}
if( $row = $db_account->sql_fetchrow($result) )
{
$message_title = 'The new email you entered is taken, please enter a new email.';
}
else
{
$message = 'Your activation code has been resent to the new email you specified and your old email has been updated.';
$sql = "SELECT JID, StrUserID, Name, Email, password, activation_code
FROM TB_User_Info WHERE StrUserID = '" . $username . "'";
$sql = "UPDATE TB_User_Info SET Email = '".$Email_new."' WHERE StrUserID = '".$username."' AND Email = '".$Email."' AND password = '".md5($password)."'";
if ( !($result = $db_account->sql_query($sql)) )
{
die('Error in updating user data');
}
include($php_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer(true);
$emailer->from('no-reply@sro-underground.com');
$emailer->replyto('no-reply@sro-underground.com');
$emailer->use_template('user_welcome_inactive');
$emailer->email_address($Email_new);
$emailer->set_subject('Resend Activation');
$emailer->assign_vars(array(
'USERNAME' => $row['StrUserID'],
'PASSWORD' => '************',
'ACTIVATION_CODE' => $row['activation_code'],
'U_ACTIVATE' => $server_addr . $server_script . 'register.php?mode=activate&act_code=' . $row['activation_code'])
);
$emailer->send();
$emailer->reset();
$message = $message . sprintf('Click %sHere%s to manually enter your activation code', '<a href="register.'.$phpEx.'?mode=activate">', '</a>') . '<br /><br />';
$message = $message . '<br /><br />' . sprintf('Click %sHere%s to return to the Index', '<a href="index.'.$phpEx.'">', '</a>');
include($php_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'message_body.tpl')
);
$template->assign_vars(array(
'MESSAGE_TITLE' => "Activation Resend Successful",
'MESSAGE_TEXT' => $message)
);
$template->pparse('body');
include($php_root_path . 'includes/page_footer.'.$phpEx);
}
}
else
{
$message_title = 'The old email you entered does not match the one we have on record, or your new emails did not match.';
}
}
else
{
$message_title = 'You have specified an incorrect password, or your account has been blocked.';
}
}
else
{
$message_title = 'You have specified an incorrect user name, or that account does not exist.';
}
$page_title = "Update Activation Error";
include($php_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'message_body.tpl')
);
if( isset($HTTP_POST_VARS['redirect']) )
$redir = '&redirect='.$HTTP_POST_VARS['redirect'];
else
$redir = '';
$message_text = sprintf('Click %sHere%s to try again', '<a href="register.'.$phpEx.'?mode=bademail'.$redir.'">', '</a>') . '<br /><br />'
. sprintf('Click %sHere%s to return to the Index', '<a href="index.'.$phpEx.'">', '</a>');
$template->assign_vars(array(
'MESSAGE_TITLE' => $message_title,
'MESSAGE_TEXT' => $message_text)
);
$template->pparse('body');
include($php_root_path . 'includes/page_footer.'.$phpEx);
}
else
{
include($php_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'activate_bademail.tpl')
);
if( isset($HTTP_POST_VARS['redirect']) || isset($HTTP_GET_VARS['redirect']) )
{
$forward_page = isset($HTTP_GET_VARS['redirect']) ? $HTTP_GET_VARS['redirect'] : $HTTP_POST_VARS['redirect'];
$s_hidden_fields .= '<input type="hidden" name="redirect" value="' . $forward_page . '" />';
}
$template->assign_vars(array(
'S_HIDDEN_FIELDS' => $s_hidden_fields)
);
$template->pparse('body');
include($php_root_path . 'includes/page_footer.'.$phpEx);
}
}
if ( $mode == 'register' && !isset($HTTP_POST_VARS['agreed']) && !isset($HTTP_GET_VARS['agreed']) )
{
include($php_root_path . 'includes/page_header.'.$phpEx);
show_coppa();
include($php_root_path . 'includes/page_footer.'.$phpEx);
}
$coppa = ( empty($HTTP_POST_VARS['coppa']) && empty($HTTP_GET_VARS['coppa']) ) ? 0 : TRUE;
if ($mode == 'register')
{
$username = ( !empty($HTTP_POST_VARS['StrUserID']) ) ? $HTTP_POST_VARS['StrUserID'] : '';
$password = ( !empty($HTTP_POST_VARS['password']) ) ? $HTTP_POST_VARS['password'] : '';
$password_confirm = ( !empty($HTTP_POST_VARS['password_confirm']) ) ? $HTTP_POST_VARS['password_confirm'] : '';
$Email = ( !empty($HTTP_POST_VARS['Email']) ) ? $HTTP_POST_VARS['Email'] : '';
$Email_confirm = ( !empty($HTTP_POST_VARS['Email_confirm']) ) ? $HTTP_POST_VARS['Email_confirm'] : '';
$Name = ( !empty($HTTP_POST_VARS['Name']) ) ? $HTTP_POST_VARS['Name'] : '';
$sex = ( !empty($HTTP_POST_VARS['sex']) ) ? $HTTP_POST_VARS['sex'] : '';
$certificate_num = ( !empty($HTTP_POST_VARS['certificate_num']) ) ? $HTTP_POST_VARS['certificate_num'] : "NULL";
$address = ( !empty($HTTP_POST_VARS['address']) ) ? $HTTP_POST_VARS['address'] : "NULL";
$postcode = ( !empty($HTTP_POST_VARS['postcode']) ) ? $HTTP_POST_VARS['postcode'] : "NULL";
$phone = ( !empty($HTTP_POST_VARS['phone']) ) ? $HTTP_POST_VARS['phone'] : "NULL";
$mobile = ( !empty($HTTP_POST_VARS['mobile']) ) ? $HTTP_POST_VARS['mobile'] : "NULL";
}
if ($mode == 'register' && $_SESSION['logged_in'] && $username == $_SESSION['StrUserID'])
{
die("That username has already been taken");
}
if ( isset($HTTP_POST_VARS['submit']) && $registration_enabled )
{
if ( $mode == 'register' )
{
if ( getenv("REMOTE_ADDR") == "84.25.0.224" || getenv("REMOTE_ADDR") == "95.154.230.191" || getenv("REMOTE_ADDR") == "66.90.101.217" || strpos("tunay", strtolower($Email)) != false || strpos("tunay", strtolower($Name)) != false )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . 'You have been banned from this website.';
}
}
$passwd_sql = '';
if ( $mode == 'register' )
{
if ( empty($username) || empty($password) || empty($password_confirm) || empty($Email) || empty($Email_confirm) || empty($Name) )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . 'You must fill in all the required fields.';
}
}
$passwd_sql = '';
if ( !empty($password) && !empty($password_confirm) )
{
if ( $password != $password_confirm )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . 'The passwords you entered did not match.';
}
elseif ( strlen($password_confirm) < 6 )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . 'Your password must be no less than 6 characters.';
}
elseif ( strlen($password_confirm) > 32 )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . 'Your password must be no more than 32 characters.';
}
elseif(!ctype_alnum($password))
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . 'Your password should be characters and numbers only.';
}
else
{
if ( !$error )
{
$password = md5($password);
$passwd_sql = "password = '$password', ";
}
}
}
else if ( ( empty($password) && !empty($password_confirm) ) || ( !empty($password) && empty($password_confirm) ) )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . 'The passwords you entered did not match.';
}
$username_sql = ''; $email_sql = '';
if ( $mode == 'register' )
{
if ( empty($username) )
{
$error = TRUE;
}
else if ( $username != $_SESSION['StrUserID'] || $mode == 'register')
{
$sql = "SELECT StrUserID FROM TB_User WHERE StrUserID = '" . $username . "' UNION ALL SELECT StrUserID FROM TB_User_Info WHERE StrUserID = '" . $username . "'";
if ( !($result = $db_account->sql_query($sql)) )
{
die('Error in obtaining username data');
}
if( $row = $db_account->sql_fetchrow($result) )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . 'Please pick another username, that username has already been taken.';
}
elseif ( strlen($username) < 6 )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . 'Your username must be no less than 6 characters.';
}
elseif ( strlen($username) > 32 )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . 'Your username must be no more than 32 characters.';
}
elseif(!ctype_alnum($username))
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . 'Your username should be characters and numbers only.';
}
if (!$error)
{
$username_sql = "StrUserID = '" . $username . "', ";
}
}
if ( empty($Email) || empty($Email_confirm) )
{
$error = TRUE;
}
elseif ( $Email != $_SESSION['Email'] || $mode == 'register' )
{
$sql = "SELECT Email FROM TB_User WHERE Email = '" . $Email . "' UNION ALL SELECT Email FROM TB_User_Info WHERE Email = '" . $Email . "'";
if ( !($result = $db_account->sql_query($sql)) )
{
die('Error in obtaining email data');
}
if( $row = $db_account->sql_fetchrow($result) )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . 'Please use another email, that email has already been taken.';
}
elseif(!filter_var($Email, FILTER_VALIDATE_EMAIL) || !filter_var($Email_confirm, FILTER_VALIDATE_EMAIL))
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . 'The email you entered is not a valid format.';
}
elseif( $Email != $Email_confirm )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . 'The emails you entered did not match.';
}
elseif( strpos($Email, '@walla.com') )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . 'invalid email address.';
}
if (!$error)
{
$email_sql = "Email = '" . $Email . "', ";
}
}
if ( $mode == 'register' )
{
$sql = "SELECT COUNT(reg_ip) AS Cnt FROM TB_User WHERE reg_ip = '" . getenv("REMOTE_ADDR") . "' UNION ALL SELECT COUNT(reg_ip) AS Cnt FROM TB_User_Info WHERE reg_ip = '" . getenv("REMOTE_ADDR") . "'";
if ( !($result = $db_account->sql_query($sql)) )
{
die('Error in obtaining reg_ip data');
}
$row = $db_account->sql_fetchrow($result);
if( $row['Cnt'] > 2 )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . 'The account limit has been reached for this IP address.';
}
}
if ( empty($Name) )
{
$error = TRUE;
}
elseif ( $Name != $_SESSION['Name'] || $mode == 'register' )
{
if(substr_count($Name, ' ') > 1)
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . 'Your display name can contain only 1 space.';
}
if(!ctype_alnum(str_replace(' ','x', $Name)))
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . 'Your display name should be characters and numbers only.';
}
if (!$error)
{
$name_sql = "Name = '" . $Name . "', ";
}
}
}
if ( !$error )
{
if($email_activation_enabled && $mode == 'register')
{
$sql = "SELECT MAX(JID) AS total
FROM TB_User_Info";
if ( !($result = $db_account->sql_query($sql)) )
{
die('Could not obtain next user_id information');
}
$row = $db_account->sql_fetchrow($result);
$user_id = $row['total'] + 1;
$activation_code = sha1("" . getenv("REMOTE_ADDR") . $Email . "");
if($certificate_num != "NULL") $certificate_num = "'".$certificate_num."'";
if($address != "NULL") $address = "'".$address."'";
if($postcode != "NULL") $postcode = "'".$postcode."'";
if($phone != "NULL") $phone = "'".$phone."'";
if($mobile != "NULL") $mobile = "'".$mobile."'";
$sql = "INSERT INTO TB_User_Info (JID, StrUserID, password, Name, Email, sex, certificate_num, address, postcode, phone, mobile, regtime, reg_ip, activation_code)
VALUES ('" . $user_id . "', '" . $username . "', '" . $password . "', '" . $Name . "', '" . $Email . "', '" . $sex . "', " . $certificate_num . ", " . $address . ", " . $postcode . ", " . $phone . ", " . $mobile . ", GETDATE(), '" . getenv("REMOTE_ADDR") . "', '" . $activation_code . "') ";
if ( !($result = $db_account->sql_query($sql)) )
{
die('Could not insert data into temp users table<br /><br />' . $sql);
}
$message = 'Your account has been created. However, this site requires account activation. An activation key has been sent to the e-mail address you provided.<br />Please check your e-mail for further information';
include($php_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer(true);
$emailer->from('no-reply@sro-underground.com');
$emailer->replyto('no-reply@sro-underground.com');
$emailer->use_template('user_welcome_inactive');
$emailer->email_address($Email);
$emailer->set_subject('Welcome to Silkroad Underground');
$emailer->assign_vars(array(
'USERNAME' => $username,
'PASSWORD' => $password_confirm,
'ACTIVATION_CODE' => $activation_code,
'U_ACTIVATE' => $server_addr . $server_script . 'register.php?mode=activate&act_code=' . $activation_code)
);
$emailer->send();
$emailer->reset();
}
elseif ($mode == 'register')
{
if($certificate_num != "NULL") $certificate_num = "'".$certificate_num."'";
if($address != "NULL") $address = "'".$address."'";
if($postcode != "NULL") $postcode = "'".$postcode."'";
if($phone != "NULL") $phone = "'".$phone."'";
if($mobile != "NULL") $mobile = "'".$mobile."'";
$sql = "INSERT INTO TB_User (StrUserID, password, Status,GMrank,Name,Email,sex,certificate_num,address,postcode,phone,mobile ,regtime,reg_ip,sec_primary,sec_content,AccPlayTime,LatestUpdateTime_ToPlayTime)
VALUES ('" . $username . "', '" . $password . "', 1, 0, '" . $Name . "', '" . $Email . "', '" . $sex . "', " . $certificate_num . ", " . $address . ", " . $postcode . ", " . $phone . ", " . $mobile . ", GETDATE(), '" . getenv("REMOTE_ADDR") . "', 3, 3, 0, 0) ";
if ( !($result = $db_account->sql_query($sql)) )
{
die('Could not insert data into users table<br /><br />' . $sql);
}
$message = 'Your account has been created.';
}
$message = $message . '<br /><br />' . sprintf('Click %sHere%s to return to the Index', '<a href="index.'.$phpEx.'">', '</a>');
include($php_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'message_body.tpl')
);
$template->assign_vars(array(
'MESSAGE_TITLE' => "Registration Successful",
'MESSAGE_TEXT' => $message)
);
$template->pparse('body');
include($php_root_path . 'includes/page_footer.'.$phpEx);
}
}
if ( $error )
{
$password = '';
$password_confirm = '';
}
if ( $registration_enabled )
{
include($php_root_path . 'includes/page_header.'.$phpEx);
if ( !isset($coppa) )
{
$coppa = FALSE;
}
$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
if ( $error )
{
$template->set_filenames(array(
'reg_header' => 'error_body.tpl')
);
$template->assign_vars(array(
'ERROR_MESSAGE' => $error_msg)
);
$template->assign_var_from_handle('ERROR_BOX', 'reg_header');
}
$template->set_filenames(array(
'body' => 'register_body.tpl')
);
$template->assign_vars(array(
'USERNAME' => isset($username) ? $username : '',
'PASSWORD' => isset($password) ? $password : '',
'PASSWORD_CONFIRM' => isset($password_confirm) ? $password_confirm : '',
'NAME' => isset($Name) ? $Name : '',
'EMAIL' => isset($Email) ? $Email : '',
'EMAIL_CONFIRM' => isset($Email_confirm) ? $Email_confirm : '',
'SEX_M' => ( $sex=="M" ) ? '<option value="M" selected="selected">Male</option>' : '<option value="M">Male</option>',
'SEX_F' => ( $sex=="F" ) ? '<option value="F" selected="selected">Female</option>' : '<option value="F">Female</option>',
'ADDRESS' => $address!="NULL" ? $address : '',
'POSTCODE' => $postcode!="NULL" ? $postcode : '',
'PHONE' => $phone!="NULL" ? $phone : '',
'MOBILE' => $mobile!="NULL" ? $mobile : '',
'S_HIDDEN_FIELDS' => $s_hidden_fields)
);
$template->pparse('body');
include($php_root_path . 'includes/page_footer.'.$phpEx);
}
else
{
$message = '<br /><br />' . sprintf('Click %sHere%s to return to the Index<br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br />', '<a href="index.'.$phpEx.'">', '</a>');
include($php_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'message_body.tpl')
);
$template->assign_vars(array(
'MESSAGE_TITLE' => "Registration is Closed",
'MESSAGE_TEXT' => $message)
);
$template->pparse('body');
include($php_root_path . 'includes/page_footer.'.$phpEx);
}
?>
