include_once "{$INCLUDE_PATH}/engine/sid.class.php"; include_once "{$INCLUDE_PATH}/engine/id.class.php"; include_once "{$INCLUDE_PATH}/engine/templates.php"; include_once "{$INCLUDE_PATH}/error.php"; global $rpgDB; $sid = new SId(); // Validate the profile name. $pname = $_POST['pname']; $err_dummy = array(); if (!is_valid_pname($pname, $err_dummy)) { __printFatalErr("Invalid profile name."); } // Validate the key. $key = $_POST['key']; $keygen = new Id(); if (!$keygen->ValidateId($key)) { __printFatalErr("Invalid key."); } // Validate the passwords. $pwd1 = $_POST['pwd1']; $pwd2 = $_POST['pwd2']; $err = array(); if ($pwd1 != $pwd2) { array_push($err, "Your passswords do not match."); } is_valid_password($pwd1, $err); is_valid_password($pwd2, $err); // Verify against the db. $_r = $rpgDB->query(sprintf("SELECT pname FROM %s WHERE pname = '%s' AND pwd_key = '%s'", $TABLE_USERS, addslashes($pname), addslashes($key))); if (!$_r) { __printFatalErr("Failed to query database.", __LINE__, __FILE__);