Example #1
0
<?php

$currDir = dirname(__FILE__);
include "{$currDir}/defaultLang.php";
include "{$currDir}/language.php";
include "{$currDir}/lib.php";
include_once "{$currDir}/header.php";
$adminConfig = config('adminConfig');
if (!($cg = sqlValue("select count(1) from membership_groups where allowSignup=1"))) {
    $noSignup = true;
    echo error_message($Translation['sign up disabled']);
    exit;
}
if ($_POST['signUp'] != '') {
    // receive data
    $memberID = is_allowed_username($_POST['newUsername']);
    $email = isEmail($_POST['email']);
    $password = $_POST['password'];
    $confirmPassword = $_POST['confirmPassword'];
    $groupID = intval($_POST['groupID']);
    $custom1 = makeSafe($_POST['custom1']);
    $custom2 = makeSafe($_POST['custom2']);
    $custom3 = makeSafe($_POST['custom3']);
    $custom4 = makeSafe($_POST['custom4']);
    // validate data
    if (!$memberID) {
        echo error_message($Translation['username invalid']);
        exit;
    }
    if (strlen($password) < 4 || trim($password) != $password) {
        echo error_message($Translation['password invalid']);
<?php

ob_start();
?>
<center>

<?php 
$currDir = dirname(__FILE__);
include "{$currDir}/defaultLang.php";
include "{$currDir}/language.php";
include "{$currDir}/lib.php";
$username = is_allowed_username($_GET['memberID']);
if ($username) {
    echo "<b>" . str_replace("<MemberID>", $username, $Translation['user available']) . "</b><!-- AVAILABLE -->";
} else {
    echo "<b>" . str_replace("<MemberID>", strip_tags($_GET['memberID']), $Translation['username invalid']) . "</b><!-- NOT AVAILABLE -->";
}
?>

<br><br><input type="button" value="Close" onClick="window.close();">
</center>
     $memberID = is_allowed_username($_POST['memberID']);
     if (!$memberID) {
         echo "<div class=\"alert alert-danger\">Error: Username already exists or is invalid. Make sure you provide a username containing 4 to 20 valid characters.</div>";
         include "{$currDir}/incFooter.php";
     }
     // add member
     sql("INSERT INTO `membership_users` set memberID='{$memberID}', passMD5='" . md5($password) . "', email='{$email}', signupDate='" . @date('Y-m-d') . "', groupID='{$groupID}', isBanned='{$isBanned}', isApproved='{$isApproved}', custom1='{$custom1}', custom2='{$custom2}', custom3='{$custom3}', custom4='{$custom4}', comments='{$comments}'", $eo);
     if ($isApproved) {
         notifyMemberApproval($memberID);
     }
 } else {
     // old member
     // make sure new member username, if applicable, is valid
     $memberID = makeSafe(strtolower($_POST['memberID']));
     if ($oldMemberID != $memberID) {
         $memberID = is_allowed_username($_POST['memberID']);
     }
     if (!$memberID) {
         echo "<div class=\"alert alert-danger\">Error: Username already exists or is invalid. Make sure you provide a username containing 4 to 20 valid characters.</div>";
         include "{$currDir}/incFooter.php";
     }
     // anonymousMember?
     if ($anonMemberID == $memberID) {
         $password = '';
         $email = '';
         $groupID = sqlValue("select groupID from membership_groups where name='" . $adminConfig['anonymousGroup'] . "'");
         $isApproved = 1;
     }
     // get current approval state
     $oldIsApproved = sqlValue("select isApproved from membership_users where lcase(memberID)='{$memberID}'");
     // update member