Пример #1
0
function register_form()
{
    global $LANG;
    if (\query\main::get_option('registrations') == 'opened') {
        $form = '<div class="register_form other_form">';
        if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['register_form']) && \site\utils::check_csrf($_POST['register_form']['csrf'], 'register_csrf')) {
            $pd = \site\utils::validate_user_data($_POST['register_form']);
            try {
                $session = \user\main::register($pd);
                $form .= '<div class="success">' . $LANG['register_success'] . '</div>';
                $form .= '<meta http-equiv="refresh" content="2; url=' . $GLOBALS['siteURL'] . '/setSession.php?session=' . $session . '">';
            } catch (Exception $e) {
                $form .= '<div class="error">' . $e->getMessage() . '</div>';
            }
        }
        $csrf = $_SESSION['register_csrf'] = \site\utils::str_random(12);
        $form .= '<form method="POST" action="#">
  <div class="form_field"><label for="register_form[username]">' . $LANG['form_name'] . ':</label> <div><input type="text" name="register_form[username]" id="register_form[username]" value="' . (isset($pd['username']) ? $pd['username'] : '') . '" required /></div></div>
  <div class="form_field"><label for="register_form[email]">' . $LANG['form_email'] . ':</label> <div><input type="email" name="register_form[email]" id="register_form[email]" value="' . (isset($pd['email']) ? $pd['email'] : '') . '" required /></div></div>
  <div class="form_field"><label for="register_form[password]">' . $LANG['form_password'] . ':</label> <div><input type="password" name="register_form[password]" id="register_form[password]" value="" required /></div></div>
  <div class="form_field"><label for="register_form[password2]">' . $LANG['form_password_again'] . ':</label> <div><input type="password" name="register_form[password2]" id="register_form[password2]" value="" required /></div></div>
  <input type="hidden" name="register_form[csrf]" value="' . $csrf . '" />
  <button>' . $LANG['register'] . '</button>
  </form>

  </div>';
        return $form;
    } else {
        return '<div class="info_form">' . $LANG['register_not_allowed'] . '</div>';
    }
}
Пример #2
0
<?php

if ($_SERVER['REQUEST_METHOD'] && isset($_POST['csrf']) == $_SESSION['csrf']['ajax_register']) {
    $response = array();
    $pd = \site\utils::validate_user_data($_POST['register']);
    try {
        $session = \user\main::register($pd);
        $response['state'] = 'success';
        $response['message'] = $LANG['register_success'];
        $response['session'] = $GLOBALS['siteURL'] . '/setSession.php?session=' . $session;
        unset($_SESSION['csrf']['ajax_register']);
    } catch (Exception $e) {
        $response['state'] = 'error';
        $response['message'] = $e->getMessage();
    }
    echo json_encode($response);
}