// look if name already exists:
$name_result = mysql_query("SELECT user_name FROM " . $db_settings['userdata_table'] . " WHERE lower(user_name) = '" . mysql_real_escape_string(my_strtolower($ar_username, $lang['charset'])) . "'", $connid) or raise_error('database_error', mysql_error());
if (mysql_num_rows($name_result) > 0) {
$errors[] = 'user_name_already_exists';
}
mysql_free_result($name_result);
if (!preg_match(EMAIL_PATTERN, $ar_email)) {
$errors[] = 'error_email_wrong';
}
if (($ar_pw == "" or $ar_pw_conf == "") && !isset($ar_send_userdata)) {
$errors[] = 'error_send_userdata';
}
if (my_strlen($ar_username, $lang['charset']) > $settings['name_maxlength']) {
$errors[] = $lang['name_marking'] . " " . $lang['error_input_too_long'];
}
$too_long_word = too_long_word($ar_username, $settings['name_word_maxlength']);
if ($too_long_word) {
$errors[] = 'error_word_too_long';
}
if ($ar_pw_conf != $ar_pw) {
$errors[] = 'error_pw_conf_wrong';
}
}
// save user if no errors:
if (empty($errors)) {
// generate password if not specified:
if ($ar_pw == '') {
if ($settings['min_pw_length'] < 8) {
$pwl = 8;
} else {
$pwl = $settings['min_pw_length'];
if ($too_long_word) {
$errors[] = 'error_word_too_long';
}
}
$profile_check = html_format(stripslashes($profile));
$profile_check = strip_tags($profile_check);
if (empty($too_long_word)) {
$too_long_word = too_long_word($profile_check, $settings['text_word_maxlength']);
if ($too_long_word) {
$errors[] = 'error_word_too_long';
}
}
$signature_check = signature_format(stripslashes($signature));
$signature_check = strip_tags($signature_check);
if (empty($too_long_word)) {
$too_long_word = too_long_word($signature_check, $settings['text_word_maxlength']);
if ($too_long_word) {
$errors[] = 'error_word_too_long';
}
}
if (isset($errors)) {
$result = mysql_query("SELECT user_name, user_email FROM " . $db_settings['userdata_table'] . " WHERE user_id = " . $id . " LIMIT 1", $connid) or raise_error('database_error', mysql_error());
$row = mysql_fetch_array($result);
mysql_free_result($result);
$smarty->assign('errors', $errors);
if (isset($too_long_word)) {
$smarty->assign('word', $too_long_word);
}
$smarty->assign('user_name', htmlspecialchars(stripslashes($row['user_name'])));
$smarty->assign('user_email', htmlspecialchars(stripslashes($row['user_email'])));
$smarty->assign('email_contact', $email_contact);
$errors[] = 'error_password_too_short';
}
// password and repeatet Password equal?
if ($reg_pw != $reg_pw_conf) {
$errors[] = 'error_pw_conf_wrong';
}
// name too long?
if (my_strlen($new_user_name, $lang['charset']) > $settings['username_maxlength']) {
$errors[] = 'error_name_too_long';
}
// e-mail address too long?
if (my_strlen($new_user_email, $lang['charset']) > $settings['email_maxlength']) {
$errors[] = 'error_email_too_long';
}
// word in username too long?
$too_long_word = too_long_word($new_user_name, $settings['name_word_maxlength']);
if ($too_long_word) {
$errors[] = 'error_word_too_long';
}
// look if name already exists:
$name_result = mysql_query("SELECT user_name FROM " . $db_settings['userdata_table'] . " WHERE lower(user_name) = '" . mysql_real_escape_string(my_strtolower($new_user_name, $lang['charset'])) . "'", $connid) or raise_error('database_error', mysql_error());
if (mysql_num_rows($name_result) > 0) {
$errors[] = 'user_name_already_exists';
}
mysql_free_result($name_result);
// look, if e-mail already exists:
$email_result = mysql_query("SELECT user_email FROM " . $db_settings['userdata_table'] . " WHERE lower(user_email) = '" . mysql_real_escape_string(my_strtolower($new_user_email, $lang['charset'])) . "'", $connid) or raise_error('database_error', mysql_error());
if (mysql_num_rows($email_result) > 0) {
$errors[] = 'error_email_alr_exists';
}
mysql_free_result($email_result);
$errors[] = 'error_word_too_long';
}
}
if (empty($too_long_word)) {
$too_long_word = too_long_word(stripslashes($subject), $settings['subject_word_maxlength']);
if ($too_long_word) {
$errors[] = 'error_word_too_long';
}
}
// format text and hide allowed tags:
$check_text = html_format(stripslashes($text));
// hide <pre>...</pre> from checking (code):
$check_text = preg_replace("#\\<pre\\>(.+?)\\</pre\\>#is", "", $check_text);
$check_text = strip_tags($check_text);
if (empty($too_long_word)) {
$too_long_word = too_long_word($check_text, $settings['text_word_maxlength']);
if ($too_long_word) {
$errors[] = 'error_word_too_long';
}
}
}
// category check:
if ($id == 0 && $categories != false && empty($categories[$p_category])) {
$errors[] = 'error_invalid_category';
}
// CAPTCHA check:
if (empty($errors) && isset($_POST['save_entry']) && empty($_SESSION[$settings['session_prefix'] . 'user_id']) && $settings['captcha_posting'] > 0) {
if ($settings['captcha_posting'] == 2) {
if (empty($_SESSION['captcha_session']) || empty($_POST['captcha_code']) || $captcha->check_captcha($_SESSION['captcha_session'], $_POST['captcha_code']) != true) {
$errors[] = 'captcha_check_failed';
}