require '../utility/common.php'; require '../utility/htmlcommon.php'; logged_out(); validate_key(); $params = validate_params('POST', array('email', 'first_name', 'last_name', 'username', 'password', 'password_conf'), array(FILTER_VALIDATE_EMAIL, 0, 0, 0, 0, 0), array(FILTER_SANITIZE_EMAIL, 0, 0, 0, 0, 0)); if (!$params || $params['password'] !== $params['password_conf']) { error('Two passwords didn\'t match', 'newaccount.php'); } /*$regex = '/^.+@(uw\\.edu|u\\.washington\\.edu)\$/'; if(!preg_match($regex, $params['email'])) { header('Location: login.php?error=regexnomatch'); die(); }*/ $params['password'] = password_hash($params['password'], PASSWORD_BCRYPT); $key = new SecureKey($params['username']); $insert_db = connect('insert'); $stmt = dbexec($insert_db, 'INSERT IGNORE INTO users (email, first_name, last_name, username, password, last_update, activation_key) VALUES (?, ?, ?, ?, ?, ?, ?)', array($params['email'], $params['first_name'], $params['last_name'], $params['username'], $params['password'], 0, $key->get_key()), array(PDO::PARAM_STR, PDO::PARAM_STR, PDO::PARAM_STR, PDO::PARAM_STR, PDO::PARAM_STR, PDO::PARAM_INT, PDO::PARAM_STR)); $last_id = $insert_db->lastInsertId(); $stmt = $insert_db->prepare('INSERT INTO group_users (user_id, group_id) VALUES (?, ?)'); $stmt->bindParam(1, $last_id, PDO::PARAM_INT); $stmt->bindParam(2, $group_id); $group_id = GROUP_ROOT; $stmt->execute(); //for the alpha //$group_id = CLASSMATCHES_ROOT; //$stmt->execute(); $message = 'Thank you for registering for an account with us here at Classmatches. To help ensure security for our website, we have sent you this email with a confirmation key. Follow this url to activate your account!
function form_security_gen() { $securekey = new SecureKey(); ?> <input type="hidden" name="formkey" value=<?php echo htmlspecialchars($securekey->get_key()); ?> /> <input type="hidden" name="keytime" value=<?php echo time(); ?> /> <?php }