Location: PHPKode > projects > Protoforge > protoforge_v1.2/protoforge/registration_finish.php
<?php
require_once('config.inc.php');

try {
	if (!isset($_POST['username']) || empty($_POST['username'])) {
		throw new Exception('Username can not be empty');
	}
	if (!ctype_alnum($_POST['username'])) {
		throw new Exception( 'usr must be alphanumeric' );
	}
	if (!isset($_POST['email']) || empty($_POST['email'])) {
		throw new Exception('Email can not be empty.');
	}
	if (!isset($_POST['key']) || empty($_POST['key'])) {
		throw new Exception('Authentication Key can not be empty.');
	}
	if (!ctype_digit($_POST['key'])) {
		throw new Exception( 'num must be numeric' );
	}
	if (!isset($_POST['passwd1']) || empty($_POST['passwd1'])) {
		throw new Exception('Password can not be empty.');
	}
	if (preg_match("/\s/",trim($_POST['passwd1']))) {
		throw new Exception('Whitespace is not allowed in passwords.');
	}
	if (!isset($_POST['time_zone']) || empty($_POST['time_zone'])) {
		throw new Exception('A time zone must be specified');
	}
	if (!isset($_SERVER['REMOTE_ADDR'])) {
		throw new Exception('Your ip address can not be verified.');
	}

    if (require_once(PF_BASE.'connect.php'))
		$link = connect();

	$un = mysql_real_escape_string(trim($_POST['username']));
	$email = mysql_real_escape_string($_POST['email']);
	$passwd = mysql_real_escape_string(trim($_POST['passwd1']));
	$firstname = mysql_real_escape_string($_POST['firstname']);
	$lastname = mysql_real_escape_string($_POST['lastname']);
	$country_iso_id = mysql_real_escape_string($_POST['country_iso_id']);
	$time_zone = mysql_real_escape_string($_POST['time_zone']);
	$key = mysql_real_escape_string($_POST['key']);
	//$ip = $_SERVER['REMOTE_ADDR'];

	if (strlen($passwd) < 6 || strlen($passwd) > 32) {
		throw new Exception('Your password must be at least 6 characters and less than 32 characters.');
	}

} catch (Exception $e) {
	$pfutil = new PFUtil();
	$pfutil->error_page($e->getMessage());
}

require(PF_BASE.'Header.php');
?>
	<?php $titl = PF_SITENAME.' Registration Confirmation'; require(PF_BASE.'titl.php'); ?>

    <br/>
    <br/>
<?php

try {

	$query0 = 'SELECT AUTH_ID,CREATION_DATE,USERNAME,EMAIL FROM user_reg_auth';
    $query0 .=' WHERE USERNAME = \''.$un.'\' and key_value = '.$key;
     //.' and ip_num = "'.$ip.'"';
    //cho $query0.'<br/>';
    $result = mysql_query($query0);
    if (!$result) {
    	throw new Exception('Unable to select authentication information: ' . mysql_errno());
    }
	$row = mysql_fetch_assoc($result);
    if (mysql_num_rows($result) == 0) {  // No auth row in user_reg_auth table
		throw new Exception('<b>Registration information did not match.</b><br/>This login may already exist.<br/>Please try registering again.' );
    }

	$ins_query = 'INSERT INTO users ';
	$ins_query .='(USERNAME,EMAIL,PASSWORD,FIRSTNAME,LASTNAME,COUNTRY_ISO_ID,KARMA,ACTIVE,TIME_ZONE)';
	$ins_query .=' values (';
	$ins_query .='\''.$un.'\'';
	$ins_query .=',\''.$email.'\'';
	$ins_query .=',MD5(\''.$passwd.'\')';
	$ins_query .=',\''.$firstname.'\'';
	$ins_query .=',\''.$lastname.'\'';
	$ins_query .=',\''.$country_iso_id.'\'';
	$ins_query .=',0';
	$ins_query .=',1';
	$ins_query .=',\''.$time_zone.'\')';
	//echo $ins_query.'<br/>';

	mysql_query('start transaction');
	$ins_result = mysql_query($ins_query);
	if (!$ins_result) { mysql_query('rollback'); throw new Exception('Unable to insert user information: ' . mysql_errno()); }
	$del_query = 'DELETE FROM user_reg_auth WHERE AUTH_ID = '.$row['AUTH_ID'];
	//echo $del_query.'<br/>';
	$del_result = mysql_query($del_query);
	if (!$del_result) { mysql_query('rollback'); throw new Exception('Unable to delete user registration information: ' . mysql_errno()); }
	mysql_query('commit');
	//mysql_query('rollback');
?>
	  <center>
  <table width="60%" border="0" cellspacing="1" cellpadding="5">
    <tr class="form">
      <td class="form" align="center">
        Registration completed.
      </td>
    </tr>
    <tr class="form">
      <td class="form" align="center">
        Go to the
		<a class="form" href="login.php">
			login page</a>
		to login.
      </td>
    </tr>
  </table>
  </center>
<?php
} catch (Exception $e) {
	$pfutil = new PFUtil();
	$pfutil->error_page($e->getMessage());
}
include('Footer.php');
?>

Return current item: Protoforge