1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
128:
129:
130:
131:
132:
133:
134:
135:
136:
137:
138:
139:
140:
141:
142:
143:
144:
145:
146:
147:
148:
149:
150:
151:
152:
153:
154:
155:
156:
157:
158:
159:
160:
161:
162:
163:
164:
165:
166:
167:
168:
169:
170:
171:
172:
173:
174:
175:
176:
177:
178:
179:
180:
181:
182:
183:
184:
185:
186:
187:
188:
189:
190:
191:
192:
193:
194:
195:
196:
197:
198:
199:
200:
201:
202:
203:
204:
205:
206:
207:
208:
209:
210:
211:
212:
213:
214:
215:
216:
217:
218:
219:
220:
221:
222:
223:
224:
225:
226:
227:
228:
229:
230:
231:
232:
233:
234:
235:
236:
237:
238:
239:
240:
241:
242:
243:
244:
245:
246:
247:
|
<?php
$filename="register.php";
require("./global.php");
if(isset($_REQUEST['action']) && $_REQUEST['action']=="activation") {
if(isset($_REQUEST['usrid']) && isset($_REQUEST['a'])) {
$result=$db->query_first("SELECT userid, activation FROM bb".$n."_users WHERE userid='".intval($_REQUEST['usrid'])."'");
if(!$result['userid']) eval("error(\"".$tpl->get("error_usernotexist")."\");");
if($result['activation']==1) eval("error(\"".$tpl->get("error_accountalreadyactive")."\");");
if($result['activation']!=intval($_REQUEST['a'])) eval("error(\"".$tpl->get("error_falseactivationcode")."\");");
$db->query("UPDATE bb".$n."_users SET activation=1 WHERE userid='$result[userid]'");
eval("redirect(\"".$tpl->get("redirect_accountactive")."\",\"index.php?sid=$session[hash]\",10);");
}
else eval("\$tpl->output(\"".$tpl->get("register_activation")."\");");
exit();
}
if($wbbuserdata['userid']!=0) access_error();
if($allowregister!=1) eval("error(\"".$tpl->get("error_register_disabled")."\");");
if($showdisclaimer==1 && $_POST['disclaimer']!="viewed") {
eval("\$tpl->output(\"".$tpl->get("register_disclaimer")."\");");
exit();
}
else {
if(isset($_POST['disclaimer'])) $disclaimer = $_POST['disclaimer'];
$group = $db->query_first("SELECT * FROM bb".$n."_groups WHERE default_group = 2");
if(isset($_POST['send'])) {
if(is_array($_POST['field'])) $field = trim_array($_POST['field']);
if(isset($_POST['r_email'])) $r_email = trim($_POST['r_email']);
if(isset($_POST['r_homepage'])) $r_homepage = trim($_POST['r_homepage']);
if(isset($_POST['r_icq'])) $r_icq = trim($_POST['r_icq']);
if(isset($_POST['r_aim'])) $r_aim = trim($_POST['r_aim']);
if(isset($_POST['r_yim'])) $r_yim = trim($_POST['r_yim']);
if(isset($_POST['r_msn'])) $r_msn = trim($_POST['r_msn']);
if(isset($_POST['r_werber'])) $r_werber = trim($_POST['r_werber']);
if(isset($_POST['r_day'])) $r_day = trim($_POST['r_day']);
if(isset($_POST['r_month'])) $r_month = trim($_POST['r_month']);
if(isset($_POST['r_year'])) $r_year = trim($_POST['r_year']);
if(isset($_POST['r_gender'])) $r_gender = trim($_POST['r_gender']);
if(isset($_POST['r_usertext'])) $r_usertext = trim($_POST['r_usertext']);
if(isset($_POST['r_username'])) $r_username = trim($_POST['r_username']);
if(isset($_POST['r_password'])) $r_password = trim($_POST['r_password']);
if(isset($_POST['r_confirmpassword'])) $r_confirmpassword = trim($_POST['r_confirmpassword']);
if(isset($_POST['r_signature'])) $r_signature = trim($_POST['r_signature']);
if(isset($_POST['r_invisible'])) $r_invisible = $_POST['r_invisible'];
if(isset($_POST['r_nosessionhash'])) $r_nosessionhash = $_POST['r_nosessionhash'];
if(isset($_POST['r_usecookies'])) $r_usecookies = $_POST['r_usecookies'];
if(isset($_POST['r_admincanemail'])) $r_admincanemail = $_POST['r_admincanemail'];
if(isset($_POST['r_showemail'])) $r_showemail = $_POST['r_showemail'];
if(isset($_POST['r_usercanemail'])) $r_usercanemail = $_POST['r_usercanemail'];
if(isset($_POST['r_emailnotify'])) $r_emailnotify = $_POST['r_emailnotify'];
if(isset($_POST['r_receivepm'])) $r_receivepm = $_POST['r_receivepm'];
if(isset($_POST['r_emailonpm'])) $r_emailonpm = $_POST['r_emailonpm'];
if(isset($_POST['r_pmpopup'])) $r_pmpopup = $_POST['r_pmpopup'];
if(isset($_POST['r_showsignatures'])) $r_showsignatures = $_POST['r_showsignatures'];
if(isset($_POST['r_showavatars'])) $r_showavatars = $_POST['r_showavatars'];
if(isset($_POST['r_showimages'])) $r_showimages = $_POST['r_showimages'];
if(isset($_POST['r_daysprune'])) $r_daysprune = $_POST['r_daysprune'];
if(isset($_POST['r_umaxposts'])) $r_umaxposts = $_POST['r_umaxposts'];
if(isset($_POST['r_styleid'])) $r_styleid = $_POST['r_styleid'];
$r_username=preg_replace("/\s{2,}/"," ",$r_username);
$error="";
$userfield_error=0;
$fieldvalues="";
$result = $db->query("SELECT profilefieldid, required FROM bb".$n."_profilefields ORDER BY profilefieldid ASC");
while($row=$db->fetch_array($result)) {
if($row['required']==1 && !$field[$row['profilefieldid']]) {
$userfield_error=1;
break;
}
$fieldvalues.=",'".addslashes(htmlspecialchars($field[$row['profilefieldid']]))."'";
}
if($userfield_error==1 || !$r_username || !$r_email || ($emailverifymode!=3 && (!$r_password || !$r_confirmpassword))) eval ("\$error .= \"".$tpl->get("register_error1")."\";");
if($emailverifymode!=3 && $r_password!=$r_confirmpassword) eval ("\$error .= \"".$tpl->get("register_error2")."\";");
if(!verify_username($r_username)) eval ("\$error .= \"".$tpl->get("register_error3")."\";");
if(!verify_email($r_email)) eval ("\$error .= \"".$tpl->get("register_error4")."\";");
if(strlen($r_signature)>$group['maxsiglength']) eval ("\$error .= \"".$tpl->get("register_error5")."\";");
if($group['maxsigimage']!=-1 && substr_count(strtolower($r_signature),"[img]")>$group['maxsigimage']) eval ("\$error .= \"".$tpl->get("register_error6")."\";");
if(strlen($r_usertext)>$group['maxusertextlength']) eval ("\$error .= \"".$tpl->get("register_error7")."\";");
if($error) eval ("\$register_error .= \"".$tpl->get("register_error")."\";");
else {
if($emailverifymode==3) $r_password=password_generate();
if($emailverifymode==1 || $emailverifymode==2) $activation=code_generate();
else $activation=1;
if($r_homepage && !preg_match("/[a-zA-Z]:\/\//si", $r_homepage)) $r_homepage = "http://".$r_homepage;
if($r_day && $r_month && $r_year) $birthday=ifelse(strlen($r_year)==4,$r_year,ifelse(strlen($r_year)==2,"19$r_year","0000"))."-".ifelse($r_month<10,"0$r_month",$r_month)."-".ifelse($r_day<10,"0$r_day",$r_day);
else $birthday = "0000-00-00";
$groupid = $group['groupid'];
$rankid = $db->query_first("SELECT rankid FROM bb".$n."_ranks WHERE groupid IN ('0','$groupid') AND needposts='0' AND gender IN ('0','".intval($r_gender)."') ORDER BY gender DESC",1);
//Guthaben-Hack BEGIN
$guthaben_hack=$db->query_first("SELECT reg_onoff, reg_wert, werber_wert, werber_onoff FROM bb".$n."_guthaben_config");
If ($guthaben_hack['reg_onoff']==1){
$reg_on=",guthaben";
$reg_wert=", '".intval($guthaben_hack[reg_wert])."'";
}
//Guthaben Hack END
$db->query("INSERT INTO bb".$n."_users (userid,username,password,email,groupid,rankid,regdate,lastvisit,lastactivity,usertext,signature,icq,aim,yim,msn,homepage,birthday,gender,showemail,admincanemail,usercanemail,invisible,usecookies,styleid,activation,daysprune,timezoneoffset,dateformat,timeformat,emailnotify,receivepm,emailonpm,pmpopup,umaxposts,showsignatures,showavatars,showimages,nosessionhash $reg_on)
VALUES (NULL,'".addslashes(htmlspecialchars($r_username))."','".md5($r_password)."','".addslashes(htmlspecialchars($r_email))."','$groupid','$rankid[rankid]','".time()."','".time()."','".time()."','".addslashes(htmlspecialchars($r_usertext))."','".addslashes($r_signature)."','".intval($r_icq)."','".addslashes(htmlspecialchars($r_aim))."','".addslashes(htmlspecialchars($r_yim))."','".addslashes(htmlspecialchars($r_msn))."','".addslashes(htmlspecialchars($r_homepage))."','".addslashes(htmlspecialchars($birthday))."','".intval($r_gender)."','".intval($r_showemail)."','".intval($r_admincanemail)."','".intval($r_usercanemail)."','".intval($r_invisible)."','".intval($r_usecookies)."','".intval($r_styleid)."','".intval($activation)."','".intval($r_daysprune)."','".addslashes($default_timezoneoffset)."','".addslashes(htmlspecialchars($dateformat))."','".addslashes(htmlspecialchars($timeformat))."','".intval($r_emailnotify)."','".intval($r_receivepm)."','".intval($r_emailonpm)."','".intval($r_pmpopup)."','".intval($r_umaxposts)."','".intval($r_showsignatures)."','".intval($r_showavatars)."','".intval($r_showimages)."','".intval($r_nosessionhash)."'".$reg_wert.")");
$insertid = $db->insert_id();
//Guthaben-Hack BEGIN
$guthaben_hack=$db->query_first("SELECT reg_onoff, reg_wert FROM bb".$n."_guthaben_config");
If ($guthaben_hack['reg_onoff']==1){
$db->query("INSERT INTO bb".$n."_guthaben_konto (userid,begruendung,wieviel,date) VALUES ($insertid, 'Registrierung', '$guthaben_hack[reg_wert]','".time()."')");
}
//Guthaben Hack END
$db->query("INSERT INTO bb".$n."_userfields VALUES (".$insertid.$fieldvalues.")");
//Guthaben-Hack BEGIN
If (isset($r_werber){
$db->query("INSERT INTO bb".$n."_guthaben_werber (werberid,userid) VALUES ('".intval($r_werber)."',$insertid)");
$db->query("UPDATE bb".$n."_users SET guthaben=guthaben+200 WHERE userid='$r_werber'");
}
//Guthaben Hack END
if($regnotify==1) {
eval ("\$subject = \"".$tpl->get("ms_regnotify")."\";");
eval ("\$content = \"".$tpl->get("mt_regnotify")."\";");
mailer($webmastermail,$subject,$content);
}
$r_username=htmlspecialchars($r_username);
$r_email=htmlspecialchars($r_email);
if($r_nosessionhash==1) $session['hash']="";
if($emailverifymode==0) {
if($r_usecookies==1) {
bbcookie("wbb_userid","$insertid",time()+3600*24*365);
bbcookie("wbb_userpassword",md5($r_password),time()+3600*24*365);
}
$db->query("UPDATE bb".$n."_sessions SET userid = '".$insertid."' WHERE hash = '$sid'");
header("Location: index.php?sid=$session[hash]");
exit();
}
if($emailverifymode==1) {
eval ("\$subject = \"".$tpl->get("register_mail1_subject")."\";");
eval ("\$content = \"".$tpl->get("register_mail1_content")."\";");
mailer($r_email,$subject,$content);
eval("redirect(\"".$tpl->get("redirect_register1")."\",\"index.php?sid=$session[hash]\",20);");
}
if($emailverifymode==2) {
eval("redirect(\"".$tpl->get("redirect_register2")."\",\"index.php?sid=$session[hash]\",20);");
}
if($emailverifymode==3) {
eval ("\$subject = \"".$tpl->get("register_mail3_subject")."\";");
eval ("\$content = \"".$tpl->get("register_mail3_content")."\";");
mailer($r_email,$subject,$content);
eval("redirect(\"".$tpl->get("redirect_register3")."\",\"index.php?sid=$session[hash]\",20);");
}
}
}
else {
$r_invisible=$default_register_invisible;
$r_nosessionhash=$default_register_nosessionhash;
$r_usecookies=$default_register_usecookies;
$r_admincanemail=$default_register_admincanemail;
$r_showemail=1-$default_register_showemail;
$r_usercanemail=$default_register_usercanemail;
$r_emailnotify=$default_register_emailnotify;
$r_receivepm=$default_register_receivepm;
$r_emailonpm=$default_register_emailonpm;
$r_pmpopup=$default_register_pmpopup;
$r_showsignatures=$default_register_showsignatures;
$r_showavatars=$default_register_showavatars;
$r_showimages=$default_register_showimages;
}
for($i=1;$i<=31;$i++) $day_options.=makeoption($i,$i,$r_day);
for($i=1;$i<=12;$i++) $month_options.=makeoption($i,getmonth($i),$r_month);
if(isset($r_gender)) $gender[$r_gender]=" selected";
if(isset($r_invisible)) $invisible[$r_invisible]=" selected";
if(isset($r_nosessionhash)) $nosessionhash[$r_nosessionhash]=" selected";
if(isset($r_usecookies)) $usecookies[$r_usecookies]=" selected";
if(isset($r_admincanemail)) $admincanemail[$r_admincanemail]=" selected";
if(isset($r_showemail)) $showemail[$r_showemail]=" selected";
if(isset($r_usercanemail)) $usercanemail[$r_usercanemail]=" selected";
if(isset($r_emailnotify)) $emailnotify[$r_emailnotify]=" selected";
if(isset($r_receivepm)) $receivepm[$r_receivepm]=" selected";
if(isset($r_emailonpm)) $emailonpm[$r_emailonpm]=" selected";
if(isset($r_pmpopup)) $spmpopup[$r_pmpopup]=" selected";
if(isset($r_showsignatures)) $showsignatures[$r_showsignatures]=" selected";
if(isset($r_showavatars)) $showavatars[$r_showavatars]=" selected";
if(isset($r_showimages)) $showimages[$r_showimages]=" selected";
if(isset($r_daysprune)) $sdaysprune[$r_daysprune]=" selected";
if(isset($r_umaxposts)) $sumaxposts[$r_umaxposts]=" selected";
$timezones = explode("\n", $tpl->get("timezones"));
for($i=0;$i<count($timezones);$i++) {
$parts = explode("|", trim($timezones[$i]));
$timezone_options .= makeoption($parts[0],"(GMT".ifelse($parts[1]," ".$parts[1],"").") $parts[2]",$default_timezoneoffset);
}
$z=1;
$y=ifelse($emailverifymode!=3,0,1);
$result=$db->query("SELECT * FROM bb".$n."_profilefields ORDER BY fieldorder ASC");
while($row=$db->fetch_array($result)) {
$field_value=$field[$row['profilefieldid']];
if($row[required]==1) {
$tdbgcolor=getone($y,"{tablecolora}","{tablecolorb}");
$tdid=getone($y,"tablea","tableb");
eval ("\$profilefields_required .= \"".$tpl->get("register_userfield")."\";");
$y++;
}
else {
$tdbgcolor=getone($z,"{tablecolora}","{tablecolorb}");
$tdid=getone($z,"tablea","tableb");
eval ("\$profilefields .= \"".$tpl->get("register_userfield")."\";");
$z++;
}
}
$result = $db->query("SELECT styleid, stylename FROM bb".$n."_styles WHERE default_style = 0 ORDER BY stylename ASC");
while($row=$db->fetch_array($result)) $style_options.=makeoption($row['styleid'],$row['stylename'],$r_styleid);
$guthaben=$db->query_first("SELECT werber_onoff FROM bb".$n."_guthaben_config");
If ($guthaben['werber_onoff']==1){
eval ("\$register_werbeid .= \"".$tpl->get("register_werber")."\";");
}
if($emailverifymode!=3) eval ("\$register_password .= \"".$tpl->get("register_password")."\";");
eval ("\$note .= \"".$tpl->get("note_html_".ifelse($allowsightml==0,"not_")."allow")."\";");
eval ("\$note .= \"".$tpl->get("note_bbcode_".ifelse($allowsigbbcode==0,"not_")."allow")."\";");
eval ("\$note .= \"".$tpl->get("note_smilies_".ifelse($allowsigsmilies==0,"not_")."allow")."\";");
eval ("\$note .= \"".$tpl->get("note_images_".ifelse($maxsigimage==0,"not_")."allow")."\";");
if(!$r_icq) $r_icq="";
if($r_year=="0000") $r_year="";
eval("\$tpl->output(\"".$tpl->get("register")."\");");
}
?>
|
