diff options
Diffstat (limited to 'include/register.php')
| -rw-r--r-- | include/register.php | 103 |
1 files changed, 75 insertions, 28 deletions
diff --git a/include/register.php b/include/register.php index 7f3266b..75ec309 100644 --- a/include/register.php +++ b/include/register.php @@ -6,7 +6,7 @@ if(!isset($HOST)) exit; /* new user wants to register */ -if(myisset("Rfullname","Remail","Rpassword","Rtimezone") ) +if(myisset("Rfullname","Remail","Rtimezone") ) { global $HOST,$INDEX; @@ -23,6 +23,13 @@ if(myisset("Rfullname","Remail","Rpassword","Rtimezone") ) echo "this email address is already used ?!<br />"; $ok=0; } + /* need either openid or password */ + if(!myisset('Rpassword') && !myisset('Ropenid')) + { + echo "I need either a Password or an Openid url.<br />"; + $ok=0; + } + /* check against robots */ $robots=0; /* at least one anti-robot question needs to be answered */ if(myisset('Robotproof0')) @@ -65,15 +72,34 @@ if(myisset("Rfullname","Remail","Rpassword","Rtimezone") ) echo "You answered the math question wrong. <br />\n"; $ok=0; } - /* everything ok, go ahead and create user */ if($ok) { - $r=DB_query("INSERT INTO User VALUES(NULL,".DB_quote_smart($_REQUEST["Rfullname"]). - ",".DB_quote_smart($_REQUEST["Remail"]). - ",".DB_quote_smart(md5($_REQUEST["Rpassword"])). - ",".DB_quote_smart($_REQUEST["Rtimezone"]).",NULL,NULL)"); - + if(myisset('Rpassword')) + { + $r=DB_query("INSERT INTO User VALUES(NULL,".DB_quote_smart($_REQUEST["Rfullname"]). + ",".DB_quote_smart($_REQUEST["Remail"]). + ",".DB_quote_smart(md5($_REQUEST["Rpassword"])). + ",".DB_quote_smart($_REQUEST["Rtimezone"]).",NULL,NULL)"); + } + else if(myisset('Ropenid')) + { + $password = $_REQUEST["Rfullname"].preg_replace('/([ ])/e', 'chr(rand(33,122))', ' '); + $r=DB_query("INSERT INTO User VALUES(NULL,".DB_quote_smart($_REQUEST["Rfullname"]). + ",".DB_quote_smart($_REQUEST["Remail"]). + ",".DB_quote_smart(md5($password)). + ",".DB_quote_smart($_REQUEST["Rtimezone"]).",NULL,NULL)"); + if($r) + { + include_once('openid.php'); + $myid = DB_get_userid('email',$_REQUEST['Remail']); + DB_AttachOpenID($_REQUEST['Ropenid'], $myid); + } + } + else + { + echo 'Error during registration, please contact '.$ADMIN_NAME.' at '.$ADMIN_EMAIL; + } if($r) { /* Set session, so that new user doesn't need to log in */ @@ -94,29 +120,50 @@ if(myisset("Rfullname","Remail","Rpassword","Rtimezone") ) else { /* No information for new user given, ouput a page for registration */ - echo "<p><br /><strong> IMPORTANT: passwords are going over the net as clear text, so pick an easy password. ". - "No need to pick anything complicated here ;)<br />"; + + /* check for openid information */ + $openid_url = ''; + $name = ''; + $email = ''; + if(myisset('openid_url')) + $openid_url = $_REQUEST['openid_url']; + if(myisset('openidname')) + $name = $_REQUEST['openidname']; + if(myisset('openidemail')) + $email = $_REQUEST['openidemail']; + + if($openid_url=='') + echo "<p><br /><strong> IMPORTANT: passwords are going over the net as clear text, so pick an easy password. ". + "No need to pick anything complicated here ;)<br />"; echo "N.B. Your email address will be exposed to other players whom you play games with. "; echo "<br /><br /></strong></p>"; - ?> - <form action="index.php?action=register" method="post"> - <fieldset> - <legend>Register</legend> - <table> - <tr> - <td><label for="Rfullname">Full name:</label></td> - <td><input type="text" id="Rfullname" name="Rfullname" size="20" maxlength="30" /> </td> - </tr><tr> - <td><label for="Remail">Email:</label></td> - <td><input type="text" id="Remail" name="Remail" size="20" maxlength="30" /></td> - </tr><tr> - <td><label for="Rpassword">Password(will be displayed in cleartext on the next page):</label></td> - <td><input type="password" id="Rpassword" name="Rpassword" size="20" maxlength="30" /></td> - </tr><tr> - <td><label for="Rtimezone">Timezone:</label></td> - <td> -<?php - output_select_timezone("Rtimezone"); + echo ' <form action="index.php?action=register" method="post">'; + echo ' <fieldset>'; + echo ' <legend>Register</legend>'; + echo ' <table>'; + echo ' <tr>'; + echo ' <td><label for="Rfullname">Full name:</label></td>'; + echo " <td><input type=\"text\" id=\"Rfullname\" name=\"Rfullname\" size=\"20\" maxlength=\"30\" value=\"$name\" /> </td>"; + echo ' </tr><tr>'; + echo ' <td><label for="Remail">Email:</label></td>'; + echo " <td><input type=\"text\" id=\"Remail\" name=\"Remail\" size=\"20\" maxlength=\"30\" value=\"$email\" /></td>"; + echo ' </tr><tr>'; + if($openid_url=='') + { + echo ' <td><label for="Rpassword">Password(will be displayed in cleartext on the next page):</label></td>'; + echo ' <td><input type="password" id="Rpassword" name="Rpassword" size="20" maxlength="30" /></td>'; + echo ' </tr><tr>'; + } + else + { + echo ' <td><label for="Ropenid">OpenId:</label></td>'; + echo ' <td><input type="text" id="Ropenid" name="Ropenid" size="20" maxlength="50" value="'.htmlentities($openid_url).'" /></td>'; + echo ' </tr><tr>'; + } + echo ' <td><label for="Rtimezone">Timezone:</label></td>'; + echo ' <td>'; + + output_select_timezone("Rtimezone"); ?> </td> </tr><tr> |