📄 signup.php
字号:
$birthday_year = $_POST['birthday_year'];
// IF BIRTHDAY FIELDS ARE BLANK, GIVE ERROR IF BIRTHDAY IS REQUIRED
// OTHERWISE, JUST SET BIRTHDAY TO CURRENT TIME
if($admin_info[field_birthday] == 3) {
if(!isset($birthday_month) OR $birthday_month == "") { echo $head; error(34); }
if(!isset($birthday_day) OR $birthday_day == "") { echo $head; error(34); }
if(!isset($birthday_year) OR $birthday_year == "") { echo $head; error(34); }
} else {
if(!isset($birthday_month) OR $birthday_month == "") { $birthday_month = cdate("n", time()); }
if(!isset($birthday_day) OR $birthday_day == "") { $birthday_day = cdate("j", time()); }
if(!isset($birthday_year) OR $birthday_year == "") { $birthday_year = cdate("Y", time()); }
}
$birthday = MakeTime("0", "0", "0", "$birthday_month", "$birthday_day", "$birthday_year");
// ERRORS
if(str_replace(" ", "", $display_name) == "" OR str_replace(" ", "", $title) == "" OR str_replace(" ", "", $description) == "" OR $wc_id == "") { echo $head; error(34); }
if($admin_info[field_website] == "3" & str_replace(" ", "", $website) == "") { echo $head; error(34); }
if($admin_info[field_screenname] == "3" & str_replace(" ", "", $screenname) == "") { echo $head; error(34); }
if($admin_info[field_gender] == "3" & str_replace(" ", "", $gender) == "") { echo $head; error(34); }
if($admin_info[field_birthday] == "3" & str_replace(" ", "", $birthday) == "") { echo $head; error(34); }
if($admin_info[field_city] == "3" & str_replace(" ", "", $city) == "") { echo $head; error(34); }
if($admin_info[field_state] == "3" & str_replace(" ", "", $state) == "") { echo $head; error(34); }
if($admin_info[field_country] == "3" & str_replace(" ", "", $country) == "") { echo $head; error(34); }
$custom_fields = mysql_query("SHOW COLUMNS FROM bhost_profile FROM `$mysql_database`");
$customfieldlist = "";
while($custom = mysql_fetch_assoc($custom_fields)) {
if($custom[Field] != "p_id" & $custom[Field] != "u_id") {
$custom_name = str_replace("_", " ", substr($custom[Field], 0, -2));
$custom_required = substr($custom[Field], -2);
$custom_field = $custom[Field];
$custom_field_value = str_replace("'", "'", stripslashes($_POST[$custom_field]));
$customfieldlist .= "<input type='hidden' name='$custom_field' value='$custom_field_value'>
";
if($custom_required == "_3" & str_replace(" ", "", $custom_field_value) == "") {
echo $head; error(34);
}
}
}
echo $head;
echo "
<table width='100%' cellpadding='0' cellspacing='0'>
<tr>
<td valign='top' class='box'>
<h2>$signup12</h2>
$signup13
<br>
<table cellpadding='0' cellpsacing='0'>
<form action='signup.php' method='POST'>
<tr><td>
";
$default_group = mysql_fetch_assoc(mysql_query("SELECT * FROM bhost_groups WHERE default_group='1' LIMIT 1"));
$template_array = explode(",", $default_group[templates]);
$tempcount = 0;
$templates = mysql_query("SELECT * FROM bhost_templates");
while($template = mysql_fetch_assoc($templates)) {
if(in_array($template[t_id], $template_array)) {
$tempcount++;
if($template[image] != "" AND $template[image] != "http://") {
$imageurl = $template[image];
// IF .. IS IN THE IMAGE URL
if(strstr($imageurl, "..") != false) {
$imagepath = realpath($imageurl);
if(!file_exists($imagepath)) { $imageurl = str_replace("..", ".", $imageurl); }
if(!file_exists(realpath($imageurl))) { $imageurl = "./images/noimage.gif"; }
}
$image = "<img src='$imageurl' border='0' style='border: 1px solid #AAAAAA; margin-top: 3px;'>";
} else {
$image = "<img src='./images/noimage.gif' border='0' style='border: 1px solid #AAAAAA; margin-top: 3px;'>";
}
$image = "<a href='example.php?t_id=$template[t_id]' target='_blank'>$image</a>";
echo "
<div style='float: left; padding: 5px; padding-top: 2px; background: #FFFFFF; border: 1px solid #666666; margin-top: 15px; margin-right: 15px;' valign='top' align='center'>$image<br>
<table cellpadding='0' cellspacing='0' style='margin-top: 5px;' align='left'>
<tr><td><input type='radio' name='template' value='$template[t_id]'"; if($tempcount == 1) { echo " CHECKED"; } echo "></td><td><b>$template[name]</b></td></tr>
</table>
</div>
";
}}
echo "
</td></tr></table>
<br>
<input type='submit' class='button' value='$signup14'>
<input type='hidden' name='task' value='step_four'>
<input type='hidden' name='username' value='$username'>
<input type='hidden' name='password1' value='$password1'>
<input type='hidden' name='fname' value='$fname'>
<input type='hidden' name='lname' value='$lname'>
<input type='hidden' name='email' value='$email'>
<input type='hidden' name='display_name' value='$display_name'>
<input type='hidden' name='title' value='$title'>
<input type='hidden' name='description' value='$description'>
<input type='hidden' name='wc_id' value='$wc_id'>
<input type='hidden' name='website' value='$website'>
<input type='hidden' name='screenname' value='$screenname'>
<input type='hidden' name='screenname_type' value='$screenname_type'>
<input type='hidden' name='gender' value='$gender'>
<input type='hidden' name='birthday_month' value='$birthday_month'>
<input type='hidden' name='birthday_day' value='$birthday_day'>
<input type='hidden' name='birthday_year' value='$birthday_year'>
<input type='hidden' name='city' value='$city'>
<input type='hidden' name='state' value='$state'>
<input type='hidden' name='country' value='$country'>
$customfieldlist
</form>
</td>
</tr>
</table>
";
echo $foot;
}
// STEP TWO
if($task == "step_two") {
$username = $_POST['username'];
$password1 = $_POST['password1'];
$password2 = $_POST['password2'];
$fname = str_replace("'", "'", $_POST['fname']);
$lname = str_replace("'", "'", $_POST['lname']);
$email = $_POST['email'];
// ERRORS
if($is_error2 != "yes") {
$is_error1 = "no";
$error1 = "";
if(preg_match("/[^a-z,A-Z,0-9]/", $password1)) {
$is_error1 = "yes";
$error1 = "$signup15";
}
if(preg_match("/[^a-z,A-Z,0-9]/", $username)) {
$is_error1 = "yes";
$error1 = "$signup16";
}
if($password1 != $password2) {
$is_error1 = "yes";
$error1 = "$signup17";
}
if(!preg_match("/^[-_.[:alnum:]]+@((([[:alnum:]]|[[:alnum:]][[:alnum:]-]*[[:alnum:]])\.)+(ad|ae|aero|af|ag|ai|al|am|an|ao|aq|ar|arpa|as|at|au|aw|az|ba|bb|bd|be|bf|bg|bh|bi|biz|bj|bm|bn|bo|br|bs|bt|bv|bw|by|bz|ca|cc|cd|cf|cg|ch|ci|ck|cl|cm|cn|co|com|coop|cr|cs|cu|cv|cx|cy|cz|de|dj|dk|dm|do|dz|ec|edu|ee|eg|eh|er|es|et|eu|fi|fj|fk|fm|fo|fr|ga|gb|gd|ge|gf|gh|gi|gl|gm|gn|gov|gp|gq|gr|gs|gt|gu|gw|gy|hk|hm|hn|hr|ht|hu|id|ie|il|in|info|int|io|iq|ir|is|it|jm|jo|jp|ke|kg|kh|ki|km|kn|kp|kr|kw|ky|kz|la|lb|lc|li|lk|lr|ls|lt|lu|lv|ly|ma|mc|md|mg|mh|mil|mk|ml|mm|mn|mo|mp|mq|mr|ms|mt|mu|museum|mv|mw|mx|my|mz|na|name|nc|ne|net|nf|ng|ni|nl|no|np|nr|nt|nu|nz|om|org|pa|pe|pf|pg|ph|pk|pl|pm|pn|pr|pro|ps|pt|pw|py|qa|re|ro|ru|rw|sa|sb|sc|sd|se|sg|sh|si|sj|sk|sl|sm|sn|so|sr|st|su|sv|sy|sz|tc|td|tf|tg|th|tj|tk|tm|tn|to|tp|tr|tt|tv|tw|tz|ua|ug|uk|um|us|uy|uz|va|vc|ve|vg|vi|vn|vu|wf|ws|ye|yt|yu|za|zm|zw)|(([0-9][0-9]?|[0-1][0-9][0-9]|[2][0-4][0-9]|[2][5][0-5])\.){3}([0-9][0-9]?|[0-1][0-9][0-9]|[2][0-4][0-9]|[2][5][0-5]))$/i", $email)) {
$is_error1 = "yes";
$error1 = "$signup18";
}
$duplicates = mysql_num_rows(mysql_query("SELECT * FROM bhost_users WHERE username='$username'"));
if($duplicates != 0) {
$is_error1 = "yes";
$error1 = "$signup19";
}
if(strlen($password1) < 4) {
$is_error1 = "yes";
$error1 = "$signup20";
}
if($username == "" | $email == "" | $password1 == "" | $password2 == "" | $fname == "" | $lname == "") {
$is_error1 = "yes";
$error1 = "$signup21";
}
// CHECK FOR DUPLICATE EMAIL
if($admin_info[signup_emaildupeok] == 0) {
$duplicates_emails = mysql_num_rows(mysql_query("SELECT * FROM bhost_users WHERE email='$email'"));
if($duplicates_emails != 0) {
$is_error1 = "yes";
$error1 = "$signup22";
}
}
// CHECK FOR VALID IMAGE CODE IF ALLOWED BY ADMIN AND GD IS ENABLED
if($admin_info[signup_image] == 1 AND function_exists('gd_info')) {
if($is_error1 != "yes") {
$codesent = $_POST['codesent'];
$code = $_POST['code'];
$code = strrev($code);
$code = preg_replace("([a-zA-Z])", "-", $code);
$number = explode("-", $code);
$nums = $number[0] / $number[6];
$nums .= $number[1] / $number[7];
$nums .= $number[2] / $number[8];
$nums .= $number[3] / $number[9];
$nums.= $number[4] / $number[10];
$nums .= $number[5] / $number[11];
if($codesent != $nums) {
$is_error1 = "yes";
$error1 = "$signup58";
}}}
// MAKE SURE USER ISN'T TRYING TO CREATE A USERNAME THAT IS RESERVED
if($is_error1 != "yes") {
if(is_dir($username) | $username == "interest") {
$is_error1 = "yes";
$error1 = "$signup64";
}
}
// IF TERMS AND CONDITIONS ARE ENABLED, CHECK FOR AGREEMENT
if($is_error1 != "yes") {
if($admin_info[signup_terms] == 1) {
$agree = $_POST['agree'];
if($agree != "yes") {
$is_error1 = "yes";
$error1 = "$signup56";
}}}
// CHECK IF USERNAME IS BANNED
if($is_error1 != "yes") {
$banned_usernames = explode(",", $admin_info[banned_usernames]);
if(in_array($username, $banned_usernames)) {
$is_error1 = "yes";
$error1 = "$signup61";
}
}
// CHECK IF EMAIL IS BANNED
if($is_error1 != "yes") {
$banned_emails = explode(",", $admin_info[banned_emails]);
if(in_array($email, $banned_emails)) {
$is_error1 = "yes";
$error1 = "$signup62";
}
}
// CHECK IF IP ADDRESS IS BANNED
if($is_error1 != "yes") {
$banned_ips = $admin_info['banned_ips'];
if($banned_ips != "") {
$myip = $_SERVER['REMOTE_ADDR'];
$banned_ip = explode(",", $banned_ips);
$total = count($banned_ip);
$count = 0;
while($count < $total) {
$set = explode(".", $banned_ip[$count]);
$myset = explode(".", $myip);
$c = 0;
$match = "";
while($c < 4) {
if($set[$c] == "*") { $match[$c] = 1; } else { if($set[$c] == $myset[$c]) { $match[$c] = 1; }}
$c++;
}
if($match[0] == 1 AND $match[1] == 1 AND $match[2] == 1 AND $match[3] == 1) {
$is_error1 = "yes";
$error1 = "$signup63";
}
$count++;
}}}
// CHECK IF EMAIL'S DOMAIN IS CORRECT
if($is_error1 != "yes") {
if($admin_info[signup_emaildomain] != "") {
$domain = str_replace("@", "", strstr($email, '@'));
if($domain != $admin_info[signup_emaildomain]) {
$is_error1 = "yes";
$error1 = "$signup66";
}}}
// ENCRYPT PASSWORDS FOR FORM
$password1 = base64_encode($password1);
if($is_error1 == "yes") { $task = "step_one"; }
}
if($task == "step_two") {
echo $head;
echo "
<table width='100%' cellpadding='0' cellspacing='0'>
<tr>
<td valign='top' class='box'>
<h2>$signup23</h2>
$signup24
<br><br>
<table cellpadding='3' cellspacing='0' style='margin-left: 10px;'>
<form action='signup.php' method='POST'>
<tr><td align='right'>$signup25*</td><td><input type='text' name='display_name' maxlength='100' size='30' value='$display_name' tabindex='1'>"; tip2("1"); echo "</td></tr>
<tr><td align='right'>$signup27*</td><td><input type='text' name='title' maxlength='250' size='60' value='$title' tabindex='2'>"; tip2("2"); echo "</td></tr>
<tr><td align='right' valign='top' style='padding-top: 7px;'>$signup29*</td><td><textarea name='description' rows='4' cols='60' tabindex='3'>$description</textarea></td></tr>
";
$categories = mysql_query("SELECT * FROM bhost_categories ORDER BY name");
if($admin_info[categories_on] == 1 & mysql_num_rows($categories) != 0) {
echo "
<tr><td align='right'>$signup65*</td>
<td><select name='wc_id'>
<option></option>
";
while($category_info = mysql_fetch_assoc($categories)) {
echo "<option value='$category_info[wc_id]'>$category_info[name]</option>";
}
echo "</td></tr>";
} else {
echo "<input type='hidden' name='wc_id' value='0'>";
}
if($admin_info[field_website] == 3 | $admin_info[field_website] == 2) {
echo "
<tr><td align='right'>$signup30"; if($admin_info[field_website] == "3") { echo "*"; } echo "</td><td><input type='text' class='text' name='website' value='$website' size='30' maxlength='250' value='http://' tabindex='4'>"; tip2("3"); echo "</td></tr>";
} else {
echo "<input type='hidden' name='website' value=''>";
}
if($admin_info[field_screenname] == 3 | $admin_info[field_screenname] == 2) {
echo "
<tr><td align='right'>$signup32"; if($admin_info[field_screenname] == "3") { echo "*"; } echo "</td><td><input type='text' class='text' name='screenname' value='$screenname' maxlength='100' size='18' tabindex='5'>
<select name='screenname_type' tabindex='6'>
<option value='AIM'"; if($screenname_type == "AIM") { echo " SELECTED"; } echo ">AIM</option>
<option value='ICQ'"; if($screenname_type == "ICQ") { echo " SELECTED"; } echo ">ICQ</option>
<option value='MSN'"; if($screenname_type == "MSN") { echo " SELECTED"; } echo ">MSN</option>
<option value='Yahoo!'"; if($screenname_type == "Yahoo!") { echo " SELECTED"; } echo ">Yahoo!</option>
</select>"; tip2("4"); echo "
</td></tr>
";
} else {
echo "
<input type='hidden' name='screenname' value=''>
<input type='hidden' name='screenname_type' value=''>
";
}
if($admin_info[field_gender] == 3 | $admin_info[field_gender] == 2) {
echo "
<tr><td align='right'>$signup34"; if($admin_info[field_gender] == "3") { echo "*"; } echo "</td><td>
<select name='gender' tabindex='7'>
<option></option>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -