Пример #1
0
 } elseif (strlen($_POST["username"]) < 4) {
     $usernameError = "<div class='errormessage'>keep it 4-16 characters</div>";
     $_SESSION["newusername"] = $_POST["username"];
 } else {
     $username = test_input($_POST["username"]);
     $_SESSION["newusername"] = $_POST["username"];
 }
 //---check blanks---//
 if (isset($username) && isset($_SESSION["email"]) && isset($_SESSION["invitation"])) {
     //---check duplicates---//
     $email = $_SESSION["email"];
     $result = mysql_query("SELECT * FROM users WHERE email = '{$email}'") or die(mysql_error());
     $row = mysql_fetch_array($result);
     if ($row['userid'] > 0) {
         $emailError = "<div class='errormessage'>this email is taken</div>";
     } elseif (speciallist($username) == "error") {
         $usernameError = "<div class='errormessage'>name already taken</div>";
     } elseif ($usercount > 100) {
         $usernameError = "<div class='errormessage'>the sharewaves beta is at capacity</div>";
         $emailError = "<div class='errormessage'>the sharewaves beta is at capacity</div>";
     } else {
         $newpassword = $_SESSION["invitation"];
         $salt = substr(str_shuffle(str_repeat('0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', mt_rand(1, 16))), 0, 16);
         $saltedpassword = $newpassword . $salt;
         $hashedpassword = sha1($saltedpassword);
         $strSQL1 = "INSERT INTO users(username, email, password, salt, subscription) VALUES('{$username}','{$email}','{$hashedpassword}','{$salt}','08dMTWRFSU')";
         mysql_query($strSQL1) or die(mysql_error());
         //---session info---//
         $result = mysql_query("SELECT * FROM users WHERE email = '{$email}'") or die(mysql_error());
         $row = mysql_fetch_array($result);
         $signupid = $row['userid'];
Пример #2
0
         } else {
             $U = "";
         }
     }
 }
 //---check blanks---//
 if (!($newsitename == '') && !($newurl == '')) {
     $slashsitename = addslashes($newsitename);
     //---key validation---//
     $validateurl = validator($newurl);
     $sitecontents = @file_get_contents($validateurl);
     if (strpos($newurl, $_SESSION['validatekey']) !== FALSE) {
         $validateError = "<div class='alert alert-danger' role='alert' style='text-align: center'>url cannot contain the validation key</div>";
     } elseif (strpos($sitecontents, $_SESSION['validatekey']) === FALSE && $myid != 01) {
         $validateError = "<div class='alert alert-danger' role='alert' style='text-align: center'>we couldn't find the validation key</div>";
     } elseif (speciallist($slashsitename) == "error") {
         $sitenameError = "<div class='errormessage'>name already taken</div>";
     } else {
         $strSQL1 = "SELECT * FROM masters WHERE url = '{$newurl}' ";
         $rs = mysql_query($strSQL1) or die(mysql_error());
         $row = mysql_fetch_array($rs);
         if ($row['owner'] > 0) {
             $urlError = "<div class='errormessage'>site already claimed</div>";
         } elseif ($row['siteid'] > 0) {
             $newsiteid = $row['siteid'];
             $strSQL2 = "UPDATE masters SET owner=('{$myid}') WHERE siteid ='{$newsiteid}' ";
             mysql_query($strSQL2) or die(mysql_error());
             $strSQL3 = "UPDATE masters SET url=('{$newurl}') WHERE siteid = '{$newsiteid}' ";
             mysql_query($strSQL3) or die(mysql_error());
             $strSQL4 = "UPDATE masters SET sitename=('{$slashsitename}') WHERE siteid = '{$newsiteid}' ";
             mysql_query($strSQL4) or die(mysql_error());
Пример #3
0
 } else {
     $newshowemail = "";
 }
 //---validate username---//
 if (!empty($_POST["username"])) {
     if (!preg_match("/^[a-zA-Z0-9]*\$/", $_POST["username"])) {
         $usernameError = "<div class='errormessage'>only include letters & numbers</div>";
     } elseif (preg_match("/^[0-9]*\$/", $_POST["username"])) {
         $usernameError = "<div class='errormessage'>include letters too</div>";
     } elseif (strlen($_POST["username"]) > 16) {
         $usernameError = "<div class='errormessage'>keep it 4-16 characters</div>";
     } elseif (strlen($_POST["username"]) < 4) {
         $usernameError = "<div class='errormessage'>keep it 4-16 characters</div>";
     } elseif ($_POST["username"] == $myname) {
         $usernameError = "";
     } elseif (speciallist($_POST["username"]) == "error") {
         $usernameError = "<div class='errormessage'>name already taken</div>";
     } else {
         $newusername = $_POST["username"];
     }
 }
 //---validate email---//
 if (!empty($_POST["email"]) && isset($_SESSION["sentemail"])) {
     $_SESSION["more"] = "";
     if (!filter_var($_POST["email"], FILTER_VALIDATE_EMAIL)) {
         $emailError = "<div class='errormessage'>please enter a valid email</div>";
     } elseif ($_POST["email"] != $_SESSION["sentemail"]) {
         $validateError = "<div class='errormessage'>different email? validate again.</div>";
     } else {
         $newemailattempt = $_POST["email"];
         $result = mysql_query("SELECT * FROM users WHERE email = '{$newemailattempt}' ") or die(mysql_error());