} elseif (strlen($_POST["username"]) < 4) { $usernameError = "<div class='errormessage'>keep it 4-16 characters</div>"; $_SESSION["newusername"] = $_POST["username"]; } else { $username = test_input($_POST["username"]); $_SESSION["newusername"] = $_POST["username"]; } //---check blanks---// if (isset($username) && isset($_SESSION["email"]) && isset($_SESSION["invitation"])) { //---check duplicates---// $email = $_SESSION["email"]; $result = mysql_query("SELECT * FROM users WHERE email = '{$email}'") or die(mysql_error()); $row = mysql_fetch_array($result); if ($row['userid'] > 0) { $emailError = "<div class='errormessage'>this email is taken</div>"; } elseif (speciallist($username) == "error") { $usernameError = "<div class='errormessage'>name already taken</div>"; } elseif ($usercount > 100) { $usernameError = "<div class='errormessage'>the sharewaves beta is at capacity</div>"; $emailError = "<div class='errormessage'>the sharewaves beta is at capacity</div>"; } else { $newpassword = $_SESSION["invitation"]; $salt = substr(str_shuffle(str_repeat('0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', mt_rand(1, 16))), 0, 16); $saltedpassword = $newpassword . $salt; $hashedpassword = sha1($saltedpassword); $strSQL1 = "INSERT INTO users(username, email, password, salt, subscription) VALUES('{$username}','{$email}','{$hashedpassword}','{$salt}','08dMTWRFSU')"; mysql_query($strSQL1) or die(mysql_error()); //---session info---// $result = mysql_query("SELECT * FROM users WHERE email = '{$email}'") or die(mysql_error()); $row = mysql_fetch_array($result); $signupid = $row['userid'];
} else { $U = ""; } } } //---check blanks---// if (!($newsitename == '') && !($newurl == '')) { $slashsitename = addslashes($newsitename); //---key validation---// $validateurl = validator($newurl); $sitecontents = @file_get_contents($validateurl); if (strpos($newurl, $_SESSION['validatekey']) !== FALSE) { $validateError = "<div class='alert alert-danger' role='alert' style='text-align: center'>url cannot contain the validation key</div>"; } elseif (strpos($sitecontents, $_SESSION['validatekey']) === FALSE && $myid != 01) { $validateError = "<div class='alert alert-danger' role='alert' style='text-align: center'>we couldn't find the validation key</div>"; } elseif (speciallist($slashsitename) == "error") { $sitenameError = "<div class='errormessage'>name already taken</div>"; } else { $strSQL1 = "SELECT * FROM masters WHERE url = '{$newurl}' "; $rs = mysql_query($strSQL1) or die(mysql_error()); $row = mysql_fetch_array($rs); if ($row['owner'] > 0) { $urlError = "<div class='errormessage'>site already claimed</div>"; } elseif ($row['siteid'] > 0) { $newsiteid = $row['siteid']; $strSQL2 = "UPDATE masters SET owner=('{$myid}') WHERE siteid ='{$newsiteid}' "; mysql_query($strSQL2) or die(mysql_error()); $strSQL3 = "UPDATE masters SET url=('{$newurl}') WHERE siteid = '{$newsiteid}' "; mysql_query($strSQL3) or die(mysql_error()); $strSQL4 = "UPDATE masters SET sitename=('{$slashsitename}') WHERE siteid = '{$newsiteid}' "; mysql_query($strSQL4) or die(mysql_error());
} else { $newshowemail = ""; } //---validate username---// if (!empty($_POST["username"])) { if (!preg_match("/^[a-zA-Z0-9]*\$/", $_POST["username"])) { $usernameError = "<div class='errormessage'>only include letters & numbers</div>"; } elseif (preg_match("/^[0-9]*\$/", $_POST["username"])) { $usernameError = "<div class='errormessage'>include letters too</div>"; } elseif (strlen($_POST["username"]) > 16) { $usernameError = "<div class='errormessage'>keep it 4-16 characters</div>"; } elseif (strlen($_POST["username"]) < 4) { $usernameError = "<div class='errormessage'>keep it 4-16 characters</div>"; } elseif ($_POST["username"] == $myname) { $usernameError = ""; } elseif (speciallist($_POST["username"]) == "error") { $usernameError = "<div class='errormessage'>name already taken</div>"; } else { $newusername = $_POST["username"]; } } //---validate email---// if (!empty($_POST["email"]) && isset($_SESSION["sentemail"])) { $_SESSION["more"] = ""; if (!filter_var($_POST["email"], FILTER_VALIDATE_EMAIL)) { $emailError = "<div class='errormessage'>please enter a valid email</div>"; } elseif ($_POST["email"] != $_SESSION["sentemail"]) { $validateError = "<div class='errormessage'>different email? validate again.</div>"; } else { $newemailattempt = $_POST["email"]; $result = mysql_query("SELECT * FROM users WHERE email = '{$newemailattempt}' ") or die(mysql_error());