Parašė ToNi· 2012 Spa. 31 16:10:34
#3
Šiaip turiu tokį daiktą, tik nelabi graziai atvizduoja:
<?php
/*-------------------------------------------------------+
| <span style="border-bottom: 1px dotted black;">PHP</span>-Fusion Content Management System
| Copyright (C) 2002 - 2011 Nick Jones
| <a href='http://www.php-fusion.co.uk/' target='_blank'><span style='color:005C5B'>http://www.php-fusion.co.uk/</span></a>
+--------------------------------------------------------+
| Filename: register.php
| Author: Hans Kristian Flaatten {Starefossen}
+--------------------------------------------------------+
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at <a href='http://www.gnu.org/licenses/agpl.html.' target='_blank'><span style='color:005C5B'>www.gnu.org/licenses/agpl.html.</span></a> Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
require_once "maincore.php";
require_once THEMES."templates/header.php";
require_once CLASSES."UserFields.class.php";
require_once CLASSES."UserFieldsInput.class.php";
include LOCALE.LOCALESET."user_fields.php";
// start: secure code by phpfusion-freak.dk
if (file_exists(LOCALE.LOCALESET."register_security.php")) {
include LOCALE.LOCALESET."register_security.php";
} else {
include LOCALE."Lithuanian/register_security.php";
}
// end: secure code by phpfusion-freak.dk
if (iMEMBER || !$settings['enable_registration']) { redirect("index.php"); }
$errors = array();
if (isset($_GET['email']) && isset($_GET['code'])) {
if (!preg_check("/^[-0-9A-Z_\.]{1,50}@([-0-9A-Z_\.]+\.){1,50}([0-9A-Z]){2,4}$/i", $_GET['email'])) {
redirect("register.php?error=activate");
}
if (!preg_check("/^[0-9a-z]{40}$/", $_GET['code'])) { redirect("register.php?error=activate"); }
$result = dbquery(
"SELECT user_info FROM ".DB_NEW_USERS."
WHERE user_code='".$_GET['code']."' AND user_email='".$_GET['email']."'
LIMIT 1"
);
// start: secure code by phpfusion-freak.dk
$secure_con = isset($_POST['user_secure_con']) ? stripinput(trim($_POST['user_secure_con'])) : "";
$secure_num = isset($_POST['user_secure_zahl']) ? stripinput(trim($_POST['user_secure_zahl'])) : "";
if($secure_con == "" || $secure_num == "" || !isNum($secure_num)) {
$error .= $locale['secure_error1']."<br>\n";
}
elseif (strtolower($locale['secure_res'][$secure_num]) != strtolower($secure_con)) {
$error .= $locale['secure_error2']."<br>\n";
}
// end: secure code by phpfusion-freak.dk
if (dbrows($result)) {
add_to_title($locale['global_200'].$locale['u155']);
// getmequick at gmail dot com
// <a href='http://www.php.net/manual/en/function.unserialize.php#71270' target='_blank'><span style='color:005C5B'>http://www.php.net/manual/en/fun....php#71270</span></a>
function unserializeFix($var) {
$var = preg_replace('!s:(\d+):"(.*?)";!e', "'s:'.strlen('$2').':\"$2\";'", $var);
return unserialize($var);
}
$data = dbarray($result);
$user_info = unserializeFix(stripslashes($data['user_info']));
$result = dbquery("INSERT INTO ".DB_USERS." (".$user_info['user_field_fields'].") VALUES (".$user_info['user_field_inputs'].")");
$result = dbquery("DELETE FROM ".DB_NEW_USERS." WHERE user_code='".$_GET['code']."' LIMIT 1");
opentable($locale['u155']);
if ($settings['admin_activation'] == "1") {
echo "<div style='text-align:center'><br />\n".$locale['u171']."<br /><br />\n".$locale['u162']."<br /><br />\n</div>\n";
} else {
echo "<div style='text-align:center'><br />\n".$locale['u171']."<br /><br />\n".$locale['u161']."<br /><br />\n</div>\n";
}
closetable();
} else {
redirect("index.php");
}
} elseif (isset($_POST['register'])) {
$userInput = new UserFieldsInput();
$userInput->validation = $settings['display_validation'];
$userInput->emailVerification = $settings['email_verification'];
$userInput->adminActivation = $settings['admin_activation'];
$userInput->skipCurrentPass = true;
$userInput->registration = true;
$userInput->saveInsert();
$userInput->displayMessages();
$errors = $userInput->getErrorsArray();
unset($userInput);
}
// start: secure code by phpfusion-freak.dk
srand ((double)microtime()*1000000);
$zahl = rand(1, 5);
echo "<tr>
<td class='tbl'>".$locale['secure_101'].":<span style='color:#ff0000'>*</span><br>".$locale['secure_ask'][$zahl]."</td>
<td class='tbl'><input type='text' name='user_secure_con' maxlength='100' class='textbox' style='width:200px;'></td>
</tr>\n
<input type='hidden' name='user_secure_zahl' value='".$zahl."'>\n";
unset($zahl);
// end: secure code by phpfusion-freak.dk
if ((!isset($_POST['register']) && !isset($_GET['code'])) || (isset($_POST['register']) && count($errors) > 0)) {
opentable($locale['u101']);
$userFields = new UserFields();
$userFields->postName = "register";
$userFields->postValue = $locale['u101'];
$userFields->displayValidation = $settings['display_validation'];
$userFields->displayTerms = $settings['enable_terms'];
$userFields->showAdminPass = false;
$userFields->showAvatarInput = false;
$userFields->skipCurrentPass = true;
$userFields->registration = true;
$userFields->errorsArray = $errors;
$userFields->displayInput();
closetable();
}
require_once THEMES."templates/footer.php";
?>
Redagavo ToNi· 2012 Spa. 31 16:10:36