<?php
/**
* PHP versions 4 and 5
*
* LICENSE: This source file is subject to version 3.0 of the PHP license
* that is available through the world-wide-web at the following URI:
* http://www.php.net/license. If you did not receive a copy of
* the PHP License and are unable to obtain it through the web, please
* send a note to hide@address.com so we can mail you a copy immediately.
*
* @package QuickTalk forum
* @author Philippe Vandenberghe <hide@address.com>
* @copyright 2008-2012 The PHP Group
* @version 2.5 build:20100924
*/
session_start();
require_once('bin/qtf_init.php');
if ( !$oVIP->CanView('V0') ) HtmlPage(10);
// INITIALISE
include('bin/qt_lib_smtp.php');
include(GetLang().'qtf_reg.php');
$oVIP->selfurl = 'qtf_form_reg.php';
$oVIP->selfname = $L['Register'];
$strTitle = '';
$strMail = '';
$strNewpwd = '';
$strConpwd = '';
$strConmail = '';
$strParentmail = '';
$strChild = '0';
// --------
// SUBMITTED
// --------
if ( isset($_POST['ok']) )
{
// pre-check code
if ( empty($_POST['mail']) ) $error=$L['Email'].S.$L['E_invalid'];
if ( empty($_POST['title']) ) $error=$L['Username'].S.$L['E_invalid'];
if ( $_SESSION[QT]['register_safe']!='none' )
{
if ( trim($_POST['code'])=='' ) $error = $L['Type_code'].S.$L['E_invalid'];
if ( strlen($_POST['code'])!=6 ) $error = $L['Type_code'].S.$L['E_invalid'];
}
// check name
if ( empty($error) )
{
if ( get_magic_quotes_gpc() ) $_POST['title'] = stripslashes($_POST['title']);
$_POST['title'] = QTconv($_POST['title'],'U');
if ( !QTislogin($_POST['title']) ) $error=$L['Username'].S.$L['E_invalid'];
if ( empty($error) )
{
$oDB->Query('SELECT count(id) as countid FROM '.TABUSER.' WHERE name="'.$_POST['title'].'"');
$row = $oDB->Getrow();
if ($row['countid']!=0) $error=$L['Username'].S.$L['E_already_used'];
}
}
// check mail
if ( empty($error) )
{
$_POST['mail'] = trim($_POST['mail']);
if (!QTismail($_POST['mail'])) $error=$L['Email'].S.$L['E_invalid'];
}
// check parentmail
if ( empty($error) ) {
if ( $_SESSION[QT]['register_coppa']=='1' && isset($_POST['child']) ) {
if ( $_POST['child']=='1' ) {
$strChild='2'; //child without parent agreement
$_POST['parentmail'] = trim($_POST['parentmail']);
if ( !QTismail($_POST['parentmail']) ) $error=$L['Parent_mail'].S.$L['E_invalid'];
}}}
if ( !isset($_POST['parentmail']) ) $_POST['parentmail'] = '';
// check password
if ( empty($error) && $_SESSION[QT]['register_mode']=='direct' )
{
if ( get_magic_quotes_gpc() ) $_POST['pwd'] = stripslashes($_POST['pwd']);
$_POST['pwd'] = QTconv($_POST['pwd'],'U');
if ( !QTispassword($_POST['pwd']) ) $error = $L['Password'].S.$L['E_invalid'];
if ( get_magic_quotes_gpc() ) $_POST['conpwd'] = stripslashes($_POST['conpwd']);
$_POST['conpwd'] = QTconv($_POST['conpwd'],'U');
if ( !QTispassword($_POST['conpwd']) ) $error = $L['Password'].S.$L['E_invalid'];
}
// check code
if ( empty($error) )
{
if ( $_SESSION[QT]['register_safe']!='none' )
{
$strCode = strtoupper(strip_tags(trim($_POST['code'])));
if ($strCode=='') $error = $L['Type_code'];
if ( $_SESSION['textcolor'] <> sha1($strCode) ) $error = $L['Type_code'];
}
}
// check code
if ( empty($error) )
{
if ( $_SESSION[QT]['register_safe']!='none' )
{
$strCode = strtoupper(strip_tags(trim($_POST['code'])));
if ( $strCode=='' ) $error = $L['Type_code'].S.$L['E_invalid'];
if ( $_SESSION['textcolor']!=sha1($strCode) ) $error = $L['Type_code'].S.$L['E_invalid'];
}
}
// check secret_a
if ( empty($error) )
{
if ( get_magic_quotes_gpc() ) $_POST['secret_q'] = stripslashes($_POST['secret_q']);
if ( get_magic_quotes_gpc() ) $_POST['secret_a'] = stripslashes($_POST['secret_a']);
$_POST['secret_q'] = QTconv($_POST['secret_q'],'3');
$_POST['secret_a'] = QTconv($_POST['secret_a'],'3');
if ( empty($_POST['secret_a']) ) $error=$L['Secret_question'].S.$L['E_invalid'];
}
// --------
// register user
// --------
if ( empty($error) )
{
// email code
if ( $_SESSION[QT]['register_mode']=='email' ) $_POST['pwd'] = 'QT'.rand(0,9).rand(0,9).rand(0,9).rand(0,9);
$id = $oDB->Nextid(TABUSER);
$strBirth = $_POST['y']*10000+$_POST['m']*100+$_POST['d'];
$oDB->Query( 'INSERT INTO '.TABUSER.' (id,name,pwd,closed,role,mail,firstdate,lastdate,birthday,numpost,children,parentmail,picture,secret_q,secret_a) VALUES ('.$id.',"'.$_POST['title'].'","'.sha1($_POST['pwd']).'","0","U","'.$_POST['mail'].'","'.date('Ymd His').'","'.date('Ymd His').'","'.$strBirth.'",0,"'.$strChild.'","'.$_POST['parentmail'].'","0","'.$_POST['secret_q'].'","'.$_POST['secret_a'].'")' );
// send email
$strSubject='Welcome';
$strMessage="Please find here after your login and password to access the board {$_SESSION[QT]['site_name']}.\nLogin: %s\nPassword: %s";
$strFile = GetLang().'mail_registred.php';
if ( file_exists($strFile) ) include($strFile);
$strMessage = sprintf($strMessage,$_POST['title'],$_POST['pwd']);
QTmail($_POST['mail'],QTconv($strSubject,'-4'),QTconv($strMessage,'-4'),QTF_HTML_CHAR);
// parent mail
if ( $_SESSION[QT]['register_coppa']=='1' && $strChild!='0' )
{
$strSubject='Welcome';
$strMessage="We inform you that your children has registered on the forum {$_SESSION[QT]['site_name']}.\nLogin: %s\nPassword: %s\nYour agreement is required to activate this account.";
$strFile = GetLang().'mail_registred_coppa.php';
if ( file_exists($strFile) ) include($strFile);
$strMessage = sprintf($strMessage,$_POST['title'],$_POST['pwd']);
QTmail($_POST['parentmail'],QTconv($strSubject,'-4'),QTconv($strMessage,'-4'),QTF_HTML_CHAR);
}
// END MESSAGE
if ( $_SESSION[QT]['register_mode']=='email' )
{
$oVIP->exiturl = 'qtf_index.php';
$oVIP->exitname = ObjTrans('index','i',$_SESSION[QT]['index_name']);
}
else
{
$L['Reg_mail'] = S;
$oVIP->exiturl = 'qtf_login.php?dfltname='.urlencode($_POST['title']);
$oVIP->exitname = $L['Login'];
}
$oVIP->EndMessage(NULL,'<h2>'.$L['Register_completed'].'</h2><p>'.$L['Reg_mail'].'</p>',$_SESSION[QT]['skin_dir'],0);
}
}
$intY = 1970;
$intM = 1;
$intD = 1;
if ( isset($_POST['y']) ) $intY = intval($_POST['y']);
if ( isset($_POST['m']) ) $intM = intval($_POST['m']);
if ( isset($_POST['d']) ) $intD = intval($_POST['d']);
if ( isset($_GET['y']) ) $intY = intval($_GET['y']);
if ( isset($_GET['m']) ) $intM = intval($_GET['m']);
if ( isset($_GET['d']) ) $intD = intval($_GET['d']);
$intMajor = ($intY+13)*10000+$intM*100+$intD;
if ( intval(date('Ymd',strtotime('now')))>$intMajor ) { $strChild='0'; } else { $strChild='1'; }
// --------
// HTML START
// --------
$oVIP->arrCss[] = 'qtf_main2.css';
$strHeadScript = '
<script type="text/javascript" src="bin/qt_jquery.js"></script>
<script type="text/javascript">
<!--
function ValidateForm(theForm)
{
if (theForm.title.value.length==0) { alert(qtHtmldecode("'.$L['E_mandatory'].': '.$L['Choose_name'].'")); return false; }
if (theForm.mail.value.length==0) { alert(qtHtmldecode("'.$L['E_mandatory'].': '.$L['Your_mail'].'")); return false; }
if (theForm.code.value.length==0) { alert(qtHtmldecode("'.$L['E_mandatory'].': '.$L['Security'].'")); return false; }
if (theForm.secret_a.value.length==0) { alert(qtHtmldecode("'.$L['E_mandatory'].': '.$L['Secret_question'].'")); return false; }
if (theForm.code.value=="QT") { alert(qtHtmldecode("'.$L['E_mandatory'].': '.$L['Security'].'")); return false; }
return null;
}
function MinChar(strField,strValue)
{
if ( strValue.length>0 && strValue.length<4 )
{
document.getElementById(strField+"_err").innerHTML="'.$L['E_min_4_char'].'<br/>";
return null;
}
else
{
document.getElementById(strField+"_err").innerHTML="";
return null;
}
}
$(function() {
$("#title").blur(function() {
$.post("qtf_j_exists.php",
{f:"name",v:$("#title").val(),e1:"'.$L['E_min_4_char'].'",e2:"'.$L['E_already_used'].'"},
function(data) { if ( data.length>0 ) document.getElementById("title_err").innerHTML=data; });
});
});
-->
</script>
';
$bJava=true;
include('qtf_p_header.php');
// DEFAULT VALUE RECOVERY (na)
if ( !isset($_POST['title']) ) $_POST['title']='';
if ( !isset($_POST['pwd']) ) $_POST['pwd']='';
if ( !isset($_POST['conpwd']) ) $_POST['conpwd']='';
if ( !isset($_POST['mail']) ) $_POST['mail']='';
if ( !isset($_POST['parentmail']) ) $_POST['parentmail']='';
if ( $_SESSION[QT]['register_safe']=='text' )
{
$keycode = 'QT'.rand(0,9).rand(0,9).rand(0,9).rand(0,9);
$_SESSION['textcolor'] = sha1($keycode);
}
if ( $_SESSION[QT]['register_coppa']=='1' && $strChild!='0' )
{
echo '<div class="scrollmessage">';
$strFile = GetLang().'sys_rules_coppa.txt';
if ( file_exists($strFile) ) { include($strFile); } else { echo 'Missing file:<br/>'.$strFile; }
echo '</div>';
}
HtmlMsg(0,'620px','login_header',$oVIP->selfname);
echo '<form method="post" action="',Href(),'" onsubmit="return ValidateForm(this);">
<table class="hidden" cellspacing="0" summary="registration">
<tr class="hidden">
<td class="hidden" style="width: 370px;"><div id="login">
<fieldset class="fs_register">
<legend>',$L['Username'],'</legend>
<span class="small">',$L['Choose_name'],'</span> <input type="text" id="title" name="title" size="20" maxlength="24" value="',$_POST['title'],'" onfocus="document.getElementById(\'title_err\').innerHTML=\'\';"/><br/><span id="title_err" class="error"></span></p>
</fieldset>
';
echo '<fieldset class="fs_register">
<legend>',$L['Password'],'</legend>
';
if ( $_SESSION[QT]['register_mode']=='direct' )
{
echo '<span class="small">',$L['Choose_password'],'</span> <input type="password" id="pwd" name="pwd" size="20" maxlength="24" value="',$_POST['pwd'],'" onblur="MinChar(this.name,this.value)"/><br/><span id="pwd_err" class="error"></span>',N;
echo '<span class="small">',$L['Confirm_password'],'</span> <input type="password" id="conpwd" name="conpwd" size="20" maxlength="24" value="',$_POST['conpwd'],'" onblur="MinChar(this.name,this.value)"/><br/><span id="conpwd_err" class="error"></span>',N;
}
else
{
echo '<span class="small">',$L['Password_by_mail'],'</span><br/>',N;
}
echo '</fieldset>
';
echo '<fieldset class="fs_register">
<legend>',$L['Email'],'</legend>
<span class="small">',$L['Your_mail'],'</span> <input type="text" id="mail" name="mail" size="30" maxlength="64" value="',$_POST['mail'],'"/><br/>
';
if ( $_SESSION[QT]['register_coppa']=='1' && $strChild!='0' ) echo ' <span class="small">',$L['Parent_mail'],'</span> <input type="text" id="parentmail" name="parentmail" size="30" maxlength="64" value="',$_POST['parentmail'],'"/><br/>',N;
echo '</fieldset>
';
echo '<fieldset class="fs_register">
<legend>',$L['Secret_question'],'</legend>
<select id="secret_q" name="secret_q">',QTasTag($L['Secret_q'],$_POST['secret_q']),'</select><br/>
<input type="text" id="secret_a" name="secret_a" size="32" maxlength="255" value="',$_POST['secret_a'],'"/>
<br/><span class="small">',$L['H_Secret_question'],'</span></fieldset>
';
echo '<fieldset class="fs_register">
<legend>',$L['Security'],'</legend>
';
if ( $_SESSION[QT]['register_safe']=='image' ) echo '<img width="100" height="35" src="admin/qtf_icode.php" alt="security" style="text-align:right"/> <input type="text" name="code" size="8" maxlength="8" value="QT"/><br/><span class="small">',$L['Type_code'],'</span>',N;
if ( $_SESSION[QT]['register_safe']=='text' ) echo $keycode,' <input type="text" id="code" name="code" size="8" maxlength="8" value="QT"/><br/><span class="small">',$L['Type_code'],'</span>',N;
echo '</fieldset>
';
echo '<input type="hidden" name="register_mode" value="',$_SESSION[QT]['register_mode'],'"/>
<input type="hidden" name="register_safe" value="',$_SESSION[QT]['register_safe'],'"/>
<input type="hidden" name="child" value="',$strChild,'"/>
<input type="hidden" name="y" value="',$intY,'"/>
<input type="hidden" name="m" value="',$intM,'"/>
<input type="hidden" name="d" value="',$intD,'"/>
',(!empty($error) ? '<p class="error">'.$error.'</p>' : ''),'
<input type="submit" name="ok" value="',$L['Register'],'"/>
</div></td>
<td class="hidden" style="width:20px;"> </td>
<td class="hidden"><span class="small">',$L['Reg_help'],'</span></td>
</tr>
</table>
</form>
';
HtmlMsg(1);
// HTML END
include('qtf_p_footer.php');
?>