$password = $_POST['password'];
$success = 0;
//Check DB Version
$expectedDBVersion = $_POST['DBVersion'];
if (!CheckDBVersion($expectedDBVersion)) {
//Invalid DB Version
print "Success={$success}&Error='Invalid DB version'";
return;
}
//Check if username is being used already
if (AccountExists($username) != 0) {
print "Success={$success}&Error='Username already in use'";
return;
}
//Login
$userID = CreateNewAccount($username, $password);
if ($userID == -1) {
print "Success={$success}&Error='Unable to create new user'";
return;
}
//There will never be an existing session for a new user, no sense in even checking for it
$sessionID = CreateNewSession($userID);
if ($sessionID == 0) {
print "Success={$success}&Error='Could not acquire session'";
return;
}
if (!InitSession($userID, $sessionID)) {
print "Success={$success}&Error='Could not init session'";
return;
}
//We have a session, return it
function FindOrCreateAccount()
{
global $ACCOUNTS_PER_IP;
// no account cookie, create a new account or use existing one for IP.
$sql = GetSQL();
$xip = GetIPHex();
$result = $sql->safequery("LOCK TABLE Accounts WRITE");
$result = $sql->safequery("SELECT id, password, page, lastreply, lastcompose FROM Accounts WHERE ip=x'{$xip}'");
if ($result->num_rows < $ACCOUNTS_PER_IP) {
// create new account
return CreateNewAccount($sql, $xip);
} else {
// use existing account
$choices = array();
while ($row = $result->fetch_assoc()) {
$choices[] = $row;
}
// this should be above the last loop, but im not sure if it's safe to
// read a result after another command is executed.
$sql->safequery('UNLOCK TABLES');
$index = mt_rand(0, count($choices) - 1);
$account = Account::FromAssoc($choices[$index]);
setcookie('account', $account->id, time() + 60 * 60 * 24 * 30, $GLOBALS['apath']);
setcookie('password', $account->password, time() + 60 * 60 * 24 * 30, $GLOBALS['apath']);
return $account;
}
}
