function doPlayerSignUp($login, $password, $password2, $fullname, $email, $country, $platform, $gametype, $blurb, $showemail, $showblurb, $occ, $sig, $interests, $website, $icq, $aim, $yim, $mimn, $confirm, $confirmCode, $confirmVersion)
{
global $cfg_email_from_address;
global $cfg_email_signup_subject;
global $cfg_winbolodb;
global $userdata;
if ($confirmVersion != "1.16") {
return "You answered the version number question wrong.";
}
$login = strip_tags($login);
$login = trim($login);
$login = stripslashes($login);
$login = chop($login);
if (strlen($login) == 0) {
return "Missing name.";
}
$llogin = strtolower($login);
if ($llogin == "john" || $llogin == "postmaster" || $llogin == "webmaster" || $llogin == "root" || $llogin == "non winbolo.net particip" || $llogin == "dns" || ${$llogin} == "default" || $llogin == "MAILER-DAEMON") {
return "Sorry, you can't have that name :)";
}
if (strstr($llogin, " ") != FALSE) {
return "Sorry, WinBolo.net player names can no longer contain spaces.";
}
$password = stripslashes($password);
$password2 = stripslashes($password2);
$fullname = stripslashes($fullname);
$email = stripslashes($email);
$country = stripslashes($country);
$platform = stripslashes($platform);
$gametype = stripslashes($gametype);
$blurb = stripslashes($blurb);
$showemail = stripslashes($showemail);
$showblurb = stripslashes($showblurb);
$occ = stripslashes($occ);
$sig = stripslashes($sig);
$interests = stripslashes($interests);
$aim = stripslashes($aim);
$yim = stripslashes($yim);
$mimn = stripslashes($mimn);
if (trim($login) == "" || trim($email) == "" || trim($fullname) == "" || trim($password) == "") {
return "Missing required information";
}
if ($password != $password2) {
return "Passwords do not match";
}
$checkEmail = strstr($email, "@");
if ($checkEmail == null) {
return "This does not look like a valid email address. Please try again.";
}
if (!ereg(".+\\@.+\\..+", $email) || !ereg("^[a-zA-Z0-9_@.-]+\$", $email)) {
return "Your email address is not valid.";
}
#Check lengths of stuff
if (strlen($login) > 32) {
return "Your login is too long. Please choose another";
}
if (strlen($password) > 32) {
return "Your password is too long. Please choose another";
}
if (strlen($email) > 255) {
return "Your email address is too long. Do you have another you could use?";
}
if (strlen($fullname) > 255) {
return "Your Full Name is too long. Maybe you could abbreviate it?";
}
if (doesPlayerExist($login) == true) {
return "Login in use. Please select another";
}
if (stristr($login, "'") != false || stristr($login, "\"") != false || stristr($login, "\\") != false) {
return "Sorry, player names can not contain \\ or ' or \" in them.";
}
#
# Test confirmation code
#
$confirm = strip_tags($confirm);
$confirm = htmlspecialchars($confirm);
$confirm = trim($confirm);
if (!preg_match('/^[A-Za-z0-9]+$/', $confirm)) {
$confirm = '';
}
if (strlen($confirm) == 0) {
return "Missing confirmation code";
}
$confirm = mysql_escape_string($confirm);
$sql = "SELECT code FROM confirm WHERE confirm_id = '{$confirm}' AND session_id = '" . $userdata['session_id'] . "'";
$r = mysql_query($sql);
if (!$r) {
return "Missing confirmation code";
}
$confirmCode = trim($confirmCode);
if (mysql_result($r, 0, "code") != $confirmCode || strlen($confirmCode) == 0) {
mysql_free_result($r);
return "Incorrect confirmation code";
}
mysql_free_result($r);
$sql = "DELETE FROM confirm WHERE confirm_id = '{$confirm}' AND session_id = '" . $userdata['session_id'] . "'";
mysql_query($sql);
#
# Done confirm check... continue on all good
#
$id = storeForumNames($cfg_winbolodb, $login, $password, $email, $sig, $occ, $country, $website, $icq, $aim, $yim, $mimn, "", $showemail, $gametype);
if ($id < 0) {
return "Database error";
}
$sql = "insert into view_player (id, view_count) values ({$id}, 0)";
if (!mysql_query($sql)) {
return "Database error";
}
$sql = "insert into stats_player (pid, tourn_score, strict_score, locked) values ({$id}, 1600, 1600, 'F')";
if (!mysql_query($sql)) {
return "Database error";
}
$blurb = trim($blurb);
$blurb = normalize_whitespace($blurb);
$blurb = chop($blurb);
$blurb = mysql_escape_string($blurb);
$regip = mysql_escape_string(getenv("REMOTE_ADDR"));
$sql = "update users set user_blurb = '{$blurb}', user_viewblurb = {$showblurb}, user_registerip = '{$regip}' where user_id = {$id}";
if (!mysql_query($sql)) {
return "Database error";
} else {
$message = "Hi " . $fullname . ",\n\nWelcome to WinBolo.net!\n\nPlease keep this email for your personal records.\n\nWinbolo.net is a real time Winbolo game tracking and player statistics website. If you have any questions or problems please take a look at the Help pages and then try asking your questions in the forum.\n\nFor help with using Winbolo.net with your Winbolo client, see the howto page at http://www.winbolo.net/howtowbn.php\n\n";
$message .= "Your account information is as follows:\n";
$message .= "--------------------------------------\n";
$message .= "Username: {$login}\n";
$message .= "Password: {$password}\n\n";
$message .= "If you lose of forget your password you can request a new password by visiting WinBolo.net and going to the login/signup page.";
$message .= "\r\n\n\n--------------------\nThanks and Welcome.\nWinbolo.net";
mail($email, $cfg_email_signup_subject, $message, "From: {$cfg_email_from_address}");
}
return "OK";
}
<?php
include_once "GCM_Loader.php";
$db = new BaseDB();
$gameName = $_REQUEST['gameName'];
if (isset($_REQUEST['email'])) {
$email = $_REQUEST['email'];
} else {
$email = '';
}
$gcmRegistrationId = $_REQUEST['gcmRegistrationId'];
$clanID = $_REQUEST['clanID'];
$retArray = array();
// Does player exist in the table
$exist = doesPlayerExist($gameName, $clanID);
$playerID = getPlayerID($gameName, $clanID);
if ($playerID === null) {
echo json_encode([$retArray = array("responseOK" => false, "responseMessage" => "No such player")]);
goto EndOfFile;
}
if ($exist === true) {
// Update the existing record
$sql = "\n UPDATE gcm_users\n SET email = '{$email}', gcm_regid = '{$gcmRegistrationId}'\n WHERE game_name = '{$gameName}'\n ";
$result = $db->dbQuery($sql);
if ($result == false) {
echo json_encode([$retArray = array("responseOK" => false, "responseMessage" => dbGetErrorMsg())]);
} else {
echo json_encode(array($retArray = array("responseOK" => true, "responseMessage" => 'Record Updated Successfully')));
}
} else {
// Create a new record
