codice:
<div id="left_wrapper"> <div class="header"> <h2><span><?php echo CMS_SERV_NAME; ?> //</span> Register</h2> </div> <div id="post_wrapper"> <div id="body"> <?php if(!$login) { $form = true; /*if(isset($_GET['v'])) { $vCode = $_GET['v']; $vCode = mysql_real_escape_string($vCode); if(!CheckSQL($vCode)) { echo '<meta http-equiv="refresh" content="0; url=index.php">'; exit(); } $sql0 = "SELECT name, passwd, mail FROM user_verify WHERE eCode = '".$vCode."'"; $q0 = mysql_query($sql0); if(mysql_num_rows($q0) != 0) { $dat0 = mysql_fetch_assoc($q0); $uName = $dat0['name']; mysql_real_escape_string($name) $uPW = $dat0['passwd']; mysql_real_escape_string($passwd) $uMail = $dat0['mail']; mysql_real_escape_string($mail) $sql0 = "DELETE FROM user_verify WHERE eCode = '".$vCode."'"; $q0 = mysql_query($sql0); $sql0 = "SELECT MAX(dwUserID) AS Result FROM TGLOBAL_GSP.dbo.TACCOUNT"; $q0 = odbc_exec($gcon, $sql0); $count0 = odbc_fetch_array($q0); $count = $count0['Result']; mysql_real_escape_string($Result) $date = date("Y-m-d H:i:s"); $sql = "INSERT INTO TGLOBAL_GSP.dbo.TACCOUNT(dwUserID, szUserID, szPasswd, bCheck, dFirstLogin, szMail) VALUES($count + 1, '".$uName."', '".$uPW."', '1', {ts'".$date."'}, '".$uMail."')"; $q = odbc_exec($gcon, $sql); echo '
Your account has been created! You can login now!
» Login</p>'; $form = false; } else { echo '
Please enter again the reCaptcha Code!
» Registration</p>'; $form = false; } }*/ if(isset($_POST['userbox'])) { $user = $_POST['userbox']; mysql_real_escape_string($userbox) $mail = $_POST['email']; mysql_real_escape_string($email) $pw = $_POST['password']; mysql_real_escape_string($password) $pw2 = $_POST['password2']; mysql_real_escape_string($password2) require_once('includes/recaptchalib.php'); $resp = recaptcha_check_answer (CMS_PRKEY, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); $user = mysql_real_escape_string($user); $mail = mysql_real_escape_string($mail); //$verifyCode = md5(sha1(sha1($user) . $mail . rand(0, 999) . sha1($mail . $user) . md5(sha1($mail . rand(0, 999)) . $pw))); if(check_mail($mail) && $pw == $pw2 && check_name($user) && strlen($user) < 21 && strlen($user) > 5 && $resp->is_valid) { $sql0 = "SELECT szUserID FROM TGLOBAL_GSP.dbo.TACCOUNT WHERE szUserID = ?"; $stmt0 = odbc_prepare($gcon, $sql0); $re0 = odbc_execute($stmt0, array($user)); $nFree = odbc_num_rows($stmt0); if($nFree == 0) { /*$sql = "INSERT INTO user_verify (Name, Passwd, Mail, eCode) VALUES ( '".$user."', '".$pw."', '".$mail."', '".$verifyCode."')"; $q = mysql_query($sql); $title = 'Account Created'; $msg = 'You have successfully registered on35.114.59.27:81/index.php\r\n Please click on the following link to complete the registration!\r\n\r\n http://37.114.59.27:81/register.php?v='.$verifyCode.'\r\n\r\nmfg The4thStory - Team'; $header = 'From: noreply@domain.com'; mail($mail, $title, $msg, $header); echo '
It has been sent to your email address to an confirmation email!
Please click on the registration link sent to your email to create the account. Please check also your Spam or Junked Files.
» Login</p>';*/ $sql0 = "SELECT MAX(dwUserID) AS Result FROM TGLOBAL_GSP.dbo.TACCOUNT"; $q0 = odbc_exec($gcon, $sql0) or die (odbc_error()); $count0 = odbc_fetch_array($q0); $count = $count0['Result']; $date = date("Y-m-d H:i:s"); $SuckThisEmail = $mail; $sql = "INSERT INTO TGLOBAL_GSP.dbo.TACCOUNT(dwUserID, szUserID, szPasswd, bCheck, dFirstLogin, dLastLogin, szMail) VALUES(? , ?, ?, '1', {ts'".$date."'}, {ts'".$date."'}, '$SuckThisEmail')"; $stmt = odbc_prepare($gcon, $sql); odbc_execute($stmt, array($count + 1, $user, $pw, $mail)); $password = $pw; $salt = getRandomID(); $password_salted = getDoubleSaltedHash($password, $salt); $ip = $_SERVER['REMOTE_ADDR']; $sql1 = "INSERT INTO wcf.wcf1_user (`username`, `email`, `password`, `salt`, `languageID`, `registrationDate`, `styleID`, `activationCode`, `registrationIpAddress`, `lastLostPasswordRequest`, `reactivationCode`, `lastUsernameChange`, `quitStarted`, `banned`, `banReason`, `rankID`, `activityPoints`, `avatarID`, `disableAvatar`, `disableAvatarReason`, `profileHits`, `enableSignatureSmilies`, `enableSignatureHtml`, `enableSignatureBBCodes`, `disableSignature`, `disableSignatureReason`, `pmTotalCount`, `pmUnreadCount`, `pmOutstandingNotifications`, `userOnlineGroupID`) VALUE ('".$user."', '".$mail."', '".$password_salted."', '".$salt."', '2', '".time()."', '0', '0', '".$ip."', '0', '0', '0', '0', '0', '', '0', '0', '0', '0', '', '0', '1', '0', '1', '0', '', '0', '0', '0', '3')"; $q1 = mysql_query($sql1); $sql0 = "SELECT userID FROM wcf.wcf1_user WHERE username = '".$user."'"; $q0 = mysql_query($sql0) or die (mysql_error()); $dat = mysql_fetch_assoc($q0); $userID = $dat['userID']; $sql00 = "INSERT INTO wcf.wcf1_user_to_groups (`userID`, `groupID`) VALUES ('".$userID."', '1')"; $q00 = mysql_query($sql00); $sql00 = "INSERT INTO wcf.wcf1_user_to_groups (`userID`, `groupID`) VALUES ('".$userID."', '3')"; $q00 = mysql_query($sql00); echo '
Your account has been sucessfuly created! You can now Login in the link below.
» Proceed to Login</p>'; $form = false; } else { $error = 'This username is already taken!!'; } } else { if(!check_mail($mail)) $error = 'The e-mail you entered is not valid!'; if($pw == $pw2) $error = 'The passwords doesn' t match!'; if(!check_name($user) || strlen($user) > 20 || strlen($user) < 6) $error = 'The user name must not contain special characters and must be 6-20 characters long!'; if(!$resp->is_valid) $error = 'The reCaptcha has not been solved properly!'; } } if($form) { echo '<h4>Create Account</h4>'; echo' <form action="register.php" method="post"> <label>Name (*required)</label> <input type="text" name="userbox" id="userbox" /> <label>E-mail (*required)</label> <input type="text" name="email" id="email" /> <label>Password (*required)</label> <input type="password" name="password" id="password" /> <label>Re-enter password (*required)</label> <input type="password" name="password2" id="password2" />
'; require_once('includes/recaptchalib.php'); echo recaptcha_get_html(CMS_PUKEY); echo '
<input type="submit" value="Submit and Create Account" class="read_more2" /> </form>'; if(isset($error)) { echo '
'.$error.'</p>'; } } } else { echo '
You can' t create an account, when you are logged in!
» Back to Homepage</p>'; } ?> </div> <div class="clear"></div> </div> </div>
Devo metterlo solo in register.php e login.php o anche negli altri form come contact.php?