2024-01-02 03:55:23 +01:00
|
|
|
<?php session_start();
|
|
|
|
include "config.php";
|
|
|
|
include "core.php";
|
|
|
|
|
|
|
|
if (!$publicAccountCreation) {
|
|
|
|
header("Location: /");
|
|
|
|
die();
|
|
|
|
}
|
|
|
|
|
|
|
|
if (isset($_REQUEST['username']) && isset($_REQUEST['password'])) {
|
|
|
|
$Username = htmlspecialchars($_REQUEST['username']);
|
|
|
|
$Password = generatePassword(htmlspecialchars($_REQUEST['password']));
|
|
|
|
|
|
|
|
if (htmlspecialchars($_REQUEST['password']) != htmlspecialchars($_REQUEST['cpassword'])) {
|
|
|
|
header("Location: register.php?e=mismatch");
|
|
|
|
die();
|
|
|
|
}
|
|
|
|
|
2024-02-05 21:12:45 +01:00
|
|
|
if ($storeAgent || $storeAgent == "true") $userAgent = getUserAgent();
|
|
|
|
if ($storeCreated || $storeCreated == "true") $Created = date($dateFormat);
|
|
|
|
if ($storeLastUsage || $storeLastUsage == "true") $lastUsed = date($dateFormat);
|
|
|
|
if ($storeIP || $storeIP == "true") $ip = getIPAddress();
|
|
|
|
|
2024-01-02 03:55:23 +01:00
|
|
|
// check if a user by the same name already exists
|
2024-02-05 21:12:45 +01:00
|
|
|
$ipAddresses = 0;
|
2024-01-02 03:55:23 +01:00
|
|
|
$Database = createTables($sqlDB);
|
|
|
|
$DatabaseQuery = $Database->query('SELECT * FROM users');
|
|
|
|
while ($line = $DatabaseQuery->fetchArray()) {
|
2024-02-05 21:12:45 +01:00
|
|
|
if ($storeIP || $storeIP == "true") {
|
|
|
|
if ($line['ip'] == $ip) {
|
|
|
|
$ipAddresses++;
|
|
|
|
}
|
|
|
|
}
|
2024-01-02 03:55:23 +01:00
|
|
|
if ($line['username'] == "$Username" && $Username != "" && $line['username'] != "") {
|
|
|
|
header("Location: register.php?e=exists");
|
|
|
|
die();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2024-02-05 21:12:45 +01:00
|
|
|
if ($storeIP || $storeIP == "true") {
|
|
|
|
if ($ipAddresses > $maxAccountsPerIP) {
|
|
|
|
header("Location: register.php?e=limit");
|
|
|
|
die();
|
|
|
|
}
|
|
|
|
}
|
2024-01-02 03:55:23 +01:00
|
|
|
|
2024-02-05 22:27:22 +01:00
|
|
|
$Key = hash('sha256', rand());
|
|
|
|
|
|
|
|
$Database->exec("INSERT INTO users(username, password, usertype, primaryadmin, numberofcomments, lastused, created, ip, useragent, key) VALUES('$Username', '$Password', '1', '0', '0', '$lastUsed', '$Created', '$ip', '$userAgent', '$Key')");
|
2024-01-02 03:55:23 +01:00
|
|
|
|
|
|
|
header("Location: login.php");
|
|
|
|
die();
|
|
|
|
} else {
|
|
|
|
$html = "";
|
|
|
|
|
|
|
|
$html = printHeader($html, 0);
|
|
|
|
|
|
|
|
$html .= "\t\t\t<h1 id='registerHeader'>Welcome to $instanceName</h1>\n";
|
|
|
|
$html .= "\t\t\t\t<p>To create an account, enter your desired user name and password.</p>\n";
|
2024-02-27 17:39:43 +01:00
|
|
|
$html .= "\t\t\t\t<form method=\"POST\" action=\"register.php\">\n";
|
2024-01-02 03:55:23 +01:00
|
|
|
$html .= "\t\t\t\t\t<input type=\"text\" name=\"username\" placeholder=\"Username\">\n";
|
|
|
|
$html .= "\t\t\t\t\t<input type=\"password\" name=\"password\" placeholder=\"Password\">\n";
|
|
|
|
$html .= "\t\t\t\t\t<input type=\"password\" name=\"cpassword\" placeholder=\"Confirm password\">\n";
|
|
|
|
if (isset($Redirect)) $html .= "\t\t\t\t\t<input type=\"hidden\" name=\"redir\" value=\"$Redirect\">\n";
|
|
|
|
$html .= "\t\t\t\t\t<input type=\"submit\" value=\"Create account\">\n";
|
|
|
|
$html .= "\t\t\t\t</form>\n";
|
|
|
|
|
|
|
|
if (isset($_REQUEST['e']) && htmlspecialchars($_REQUEST['e']) == "exists") {
|
|
|
|
session_unset();
|
|
|
|
session_destroy();
|
|
|
|
|
|
|
|
$html .= "\t\t\t\t<p class=\"error\">An account by this name already exists.</p>\n";
|
|
|
|
} else if (isset($_REQUEST['e']) && htmlspecialchars($_REQUEST['e']) == "mismatch") {
|
|
|
|
session_unset();
|
|
|
|
session_destroy();
|
|
|
|
|
|
|
|
$html .= "\t\t\t\t<p class=\"error\">The two passwords do not match.</p>\n";
|
2024-02-05 21:16:41 +01:00
|
|
|
} else if (isset($_REQUEST['e']) && htmlspecialchars($_REQUEST['e']) == "limit") {
|
|
|
|
session_unset();
|
|
|
|
session_destroy();
|
|
|
|
|
2024-02-05 21:17:39 +01:00
|
|
|
$html .= "\t\t\t\t<p class=\"error\">Calm down. You've created too many accounts.</p>\n";
|
2024-01-02 03:55:23 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
$html = printFooter($html);
|
|
|
|
|
|
|
|
print "$html";
|
|
|
|
}
|
|
|
|
?>
|