include/register.php

   1 <?php
   2 /* make sure that we are not called from outside the scripts,
   3  * use a variable defined in config.php to check this
   4  */
   5 if(!isset($HOST))
   6   exit;
   7
   8 /* new user wants to register */
   9 if(myisset("Rfullname","Remail","Rpassword","Rtimezone") )
  10   {
  11     global $HOST,$INDEX;
  12
  13     /* is this name already in use/ */
  14     $ok=1;
  15     if(DB_get_userid('name',$_REQUEST['Rfullname']))
  16       {
  17         echo "please chose another name<br />";
  18         $ok=0;
  19       }
  20     /* check if email address is already used */
  21     if(DB_get_userid('email',$_REQUEST['Remail']))
  22       {
  23         echo "this email address is already used ?!<br />";
  24         $ok=0;
  25       }
  26     /* check against robots */
  27     $robots=0; /* at least one anti-robot question needs to be answered */
  28     if(myisset('Robotproof0'))
  29       {
  30         if($_REQUEST['Robotproof0']!=42)
  31           $ok=0;
  32         else
  33           $robot=1;
  34       }
  35     else if(myisset('Robotproof1'))
  36       {
  37         if($_REQUEST['Robotproof1']!=35)
  38           $ok=0;
  39         else
  40           $robot=1;
  41       }
  42     else if(myisset('Robotproof2'))
  43       {
  44         if($_REQUEST['Robotproof2']!=28)
  45           $ok=0;
  46         else
  47           $robot=1;
  48       }
  49     else if(myisset('Robotproof3'))
  50       {
  51         if($_REQUEST['Robotproof3']!=21)
  52           $ok=0;
  53         else
  54           $robot=1;
  55       }
  56     else if(myisset('Robotproof4'))
  57       {
  58         if($_REQUEST['Robotproof4']!=14)
  59           $ok=0;
  60         else
  61           $robot=1;
  62       }
  63     if($robot==0)
  64       {
  65         echo "You answered the math question wrong. <br />\n";
  66         $ok=0;
  67       }
  68
  69     /* everything ok, go ahead and create user */
  70     if($ok)
  71       {
  72         $r=DB_query("INSERT INTO User VALUES(NULL,".DB_quote_smart($_REQUEST["Rfullname"]).
  73                     ",".DB_quote_smart($_REQUEST["Remail"]).
  74                     ",".DB_quote_smart(md5($_REQUEST["Rpassword"])).
  75                     ",".DB_quote_smart($_REQUEST["Rtimezone"]).",NULL,NULL)");
  76
  77         if($r)
  78           {
  79             /* Set session, so that new user doesn't need to log in */
  80             $myname = DB_get_name('email',$_REQUEST['Remail']);
  81             $_SESSION["name"] = $myname;
  82
  83             echo " Welcome to e-DoKo, you are now registered, please visit the".
  84               " <a href=\"".$HOST.$INDEX."\">homepage</a> to continue.";
  85           }
  86         else
  87           echo " something went wrong, couldn't add you to the database, please contact $ADMIN_NAME at $ADMIN_EMAIL.";
  88       }
  89     else
  90       {
  91         echo "Couldn't register you. Please <a href=\"index.php?action=register\">try again</a>! </br />\n";
  92       }
  93   }
  94  else
  95    {
  96      /* No information for new user given, ouput a page for registration */
  97      echo "<p><br /><strong> IMPORTANT: passwords are going over the net as clear text, so pick an easy password. ".
  98        "No need to pick anything complicated here ;)<br />";
  99      echo "N.B. Your email address will be exposed to other players whom you play games with. ";
 100      echo "<br /><br /></strong></p>";
 101      ?>
 102         <form action="index.php?action=register" method="post">
 103           <fieldset>
 104             <legend>Register</legend>
 105              <table>
 106               <tr>
 107                <td><label for="Rfullname">Full name:</label></td>
 108                <td><input type="text" id="Rfullname" name="Rfullname" size="20" maxlength="30" /> </td>
 109               </tr><tr>
 110                <td><label for="Remail">Email:</label></td>
 111                <td><input type="text" id="Remail" name="Remail" size="20" maxlength="30" /></td>
 112               </tr><tr>
 113                <td><label for="Rpassword">Password(will be displayed in cleartext on the next page):</label></td>
 114                <td><input type="password" id="Rpassword" name="Rpassword" size="20" maxlength="30" /></td>
 115               </tr><tr>
 116                <td><label for="Rtimezone">Timezone:</label></td>
 117                <td>
 118 <?php
 119                output_select_timezone("Rtimezone");
 120 ?>
 121                </td>
 122               </tr><tr>
 123               </tr><tr>
 124 <?php
 125               /* random number to select robotproof question */
 126               $rand_number = mt_rand(0,3); /* to get numbers between 0 and 4  */
 127               $Robotproof = "Robotproof".$rand_number;
 128 ?>
 129                 <td><label for="Robotproof">Please answer this question: <?php echo output_robotproof($rand_number); ?></label></td>
 130 <?php
 131          echo "<td><input type=\"text\" id=\"$Robotproof\" name=\"$Robotproof\" size=\"20\" maxlength=\"30\" /></td>\n";
 132 ?>
 133               </tr><tr>
 134                <td colspan="2"> <input type="submit" value="register" /></td>
 135               </tr>
 136              </table>
 137           </fieldset>
 138         </form>
 139 <?php
 140    }
 141 ?>