<?php
/* vim: set expandtab tabstop=4 shiftwidth=4: */
// +----------------------------------------------------------------------+
// | PHP version 4 |
// +----------------------------------------------------------------------+
// | Copyright (c) 1997-2002 The PHP Group |
// +----------------------------------------------------------------------+
// | This source file is subject to version 2.0 of the PHP license, |
// | that is bundled with this package in the file LICENSE, and is |
// | available through the world-wide-web at |
// | http://www.php.net/license/2_02.txt. |
// | If you did not receive a copy of the PHP license and are unable to |
// | obtain it through the world-wide-web, please send a note to |
// | hide@address.com so we can mail you a copy immediately. |
// +----------------------------------------------------------------------+
// | Authors: Byrne Reese <byrne at majordojo dot com |
// +----------------------------------------------------------------------+
//
// $Id: newaccount.php,v 1.2 2003/06/06 05:32:11 byrnereese Exp $
require_once("users.inc");
if (isset($_POST['submit'])) {
connect_to_users_db();
if ($_REQUEST['password'] != $_REQUEST['password2']) { $errors .= "The passwords you entered do not match<br>"; }
if (strlen($_REQUEST['password']) < 4) { $errors .= "Your password must be greater than 3 characters<br>"; }
if (strlen($_REQUEST['email']) == 0) { $errors .= "You must enter an email address<br>"; }
$sql = "SELECT userId FROM $USERS_DB.Users WHERE email='".$_REQUEST['email']."'";
$query = mysql_query($sql);
if ($query && (mysql_num_rows($query) > 0)) {
$errors .= "That email address already is in use<br>";
}
if (isset($errors)) {
show_error($errors,$PHP_USERS_HEADER_FILE,$PHP_USERS_FOOTER_FILE);
}
$department = $_POST[$_POST['dept_type']."_department"];
$sql = "
INSERT INTO $USERS_DB.Users
(email,status,password,createdDate)
VALUES ('".mysql_escape_string($_POST['email'])."','unconfirmed','".mysql_escape_string($_POST['password'])."',NOW())";
mysql_query($sql) or die("Error in query: $sql - ".mysql_error());
$user_id = mysql_insert_id();
$sql = "INSERT INTO $USERS_DB.Profiles (userId) VALUES ($user_id)";
mysql_query($sql) or die("Error in query: $sql - ".mysql_error());
$token = time() . "::$user_id";
$sql = "INSERT INTO $USERS_DB.login_tokens (userId,token) VALUES ($user_id,'".mysql_escape_string($token)."')";
mysql_query($sql) or die("Error in query: $sql - ".mysql_error());
send_confirmation($email,$token);
$returnto = "emailconfirmation.php";
Header("Location: ".$_REQUEST['returnto']);
exit;
}
include $PHP_USERS_HEADER_FILE;
?>
<form action="<?php echo $_SERVER{'SCRIPT_NAME'}?>" method="post">
<?php
if (isset($_REQUEST['returnto'])) {
echo "<input type=hidden name=\"returnto\" value=\"".$_REQUEST['returnto']."\">";
}
?>
<p>
<table cellpadding="2" cellspacing="0" border="0" width="100%">
<tr>
<td colspan="2" width="33%">
<b>1. Account Details</b>
<hr noshade="noshade" size="1" width="100%" />
<span class="formDesc">The fields below help to define the basic information about a user's account.<br /><br /></span>
</td>
</tr>
<tr>
<td align="right"><b>Email:</b></td>
<td><input type="text" name="email" size="30" /></td>
</tr>
<tr>
<td align="right"><b>Password:</b></td>
<td><input type="password" size="30" name="password" /></td>
</tr>
<tr>
<td align="right"><b>Confirm Password:</b></td>
<td><input type="password" size="30" name="password2" /></td>
</tr>
<tr>
<td colspan=2> </td>
</tr>
<tr>
<td align="right"></td>
<td><input type="submit" name="submit" value="Register" /></td>
</tr>
</table>
</p>
</form>
<?php
include $PHP_USERS_FOOTER_FILE;
?>