function login($form, $url)
{
global $path;
$objResponse = new xajaxResponse();
if ($form["user_name"] && $form["user_password"]) {
$user = mysql_query("SELECT pk_user_id, user_name, user_rating FROM md_user WHERE user_name = '{$form['user_name']}' AND user_password = '******'user_password']}'");
if (mysql_num_rows($user)) {
$info = mysql_fetch_array($user);
$_SESSION["md_userid"] = $info[pk_user_id];
$_SESSION["md_username"] = $info[user_name];
$_SESSION["md_rating"] = $info[user_rating];
$output = printLogin($form["page"]);
$menu = printMenu($form["page"]);
$objResponse->assign("login", "innerHTML", $output);
$objResponse->assign("menu_holder", "innerHTML", $menu);
$objResponse->redirect($url);
} else {
$error = errormess("Wrong details", "white");
$output = printLogin($page, $error, $form);
$objResponse->assign("blackscreen", "style.display", "none");
$objResponse->assign("login", "innerHTML", $output);
}
} else {
$error = errormess("Fill in all fields", "white");
$output = printLogin($page, $error, $form);
$objResponse->assign("login", "innerHTML", $output);
}
return $objResponse;
}
include "generatepack.php";
include "session_mysql.php";
include "functions.php";
include "include/kortparm_functions.php";
if ($_POST["action"] == "draft_pack_of_the_day") {
if (!$_POST["chosen_card"]) {
$errormess = errormess("Choose a card");
} else {
if ($_SESSION["md_userid"]) {
$voted_before = mysql_num_rows(mysql_query("SELECT fk_card_id FROM md_vote WHERE fk_user_id = {$_SESSION['md_userid']} AND fk_pack_id = {$_POST['pack_id']}"));
} else {
$voted_before = mysql_num_rows(mysql_query("SELECT fk_card_id FROM md_vote WHERE vote_ip = '{$_SERVER['REMOTE_ADDR']}' AND fk_pack_id = {$_POST['pack_id']}"));
}
echo $apas;
if ($voted_before) {
$errormess = errormess("You have already voted") . "<br /><br />";
} else {
mysql_query("INSERT INTO md_vote (fk_card_id, fk_pack_id, vote_ip, fk_user_id) VALUES ('{$_POST['chosen_card']}','{$_POST['pack_id']}','{$_SERVER['REMOTE_ADDR']}','{$_SESSION['md_userid']}')");
}
}
}
echo printHeader("MagicDraft", "home");
?>
<div id="content">
<div id="left">
<?php
if (!$_SESSION[md_userid]) {
?>
<div class="box olive" id="welcome_box">
<img src="<?php
echo $path;
$error["user_city"] = errormess("Enter your city");
}
if (!$_POST["user_email"]) {
$error["user_email"] = errormess("Enter your email");
} elseif (!preg_match('/^[_a-z0-9-]+(?:\\.[_a-z0-9-]+)*@(?:[-a-z0-9-]+\\.)+(?:[a-z]{2,7})$/i', $_POST["user_email"])) {
$error["user_email"] = errormess("Wrong email format");
}
if (!$_POST["user_password"]) {
$error["user_password"] = errormess("Choose a password");
} elseif (!$_POST["user_password2"]) {
$error["user_password"] = errormess("Confirm your password");
} elseif ($_POST["user_password2"] != $_POST["user_password"]) {
$error["user_password"] = errormess("Passwords does not match");
}
if ($_POST["user_dci"] && !preg_match("/^[0-9]+\$/", $_POST["user_dci"])) {
$error["user_dci"] = errormess("Only numbers");
}
if (!count($error)) {
$code = "asdfijv" . rand(1, 100);
mysql_query("INSERT INTO md_user (user_name, user_password, user_email, user_dci, user_country, user_city, user_code)\n\t\tVALUES ('" . addslashes($_POST[user_name]) . "','{$_POST['user_password']}','{$_POST['user_email']}','{$_POST['user_dci']}','" . strtolower($_POST[user_country]) . "','" . addslashes($_POST[user_city]) . "','{$code}')");
$id = mysql_insert_id();
$message = "Welcome to MagicDraft!\n\t\t\nYour account has been created. To be able to login and start drafting you first need to activate the account by clicking on this link:\n{$path}/register/?activate=" . $id . "&code=" . $code . "\n\nWelcome!";
mail($_POST["user_email"], "MagicDraft - Your account has been created", $message, "From: MagicDraft <*****@*****.**>\n" . "Reply-To: mail@magicdraft.net\n" . "X-Sender: mail@magicdraft.net\n" . "Return-Path: mail@magicdraft.net");
$registered = true;
}
} elseif ($_GET["activate"] && $_GET["code"]) {
mysql_query("UPDATE md_user SET user_active = 1 WHERE pk_user_id = '{$_GET['username']}' AND code = '{$_GET['code']}'");
$activated = true;
}
echo printHeader("MagicDraft - Register", "register");
?>