userinfo['userid'])
{
echo 'Sorry, you are already registered!';
exit;
}
if (!$bugsys->options['allownewreg'])
{
echo 'Sorry, we don\'t allow new registrations!';
exit;
}
// ###################################################################
if (empty($_REQUEST['do']))
{
foreach ($bugsys->datastore['language'] AS $languageid => $language)
{
$opts .= "";
}
echo <<
Email:
Confirm Email:
Display Name:
Password:
Confirm Password:
Show My Email Publicly: Yes
Language:
EOF;
}
// ###################################################################
if ($_POST['do'] == 'insert')
{
sanitize(array('email' => STR_NOHTML, 'confirmemail' => STR_NOHTML, 'displayname' => STR_NOHTML, 'password' => STR, 'confirmpassword' => STR, 'showemail' => INT, 'languageid' => INT));
if ($vars['email'] != $vars['confirmemail'])
{
$errors[] = 'The emails you entered do not match.';
}
if (!$vars['email'])
{
$errors[] = 'The password you specified was blank.';
}
if ($vars['password'] != $vars['confirmpassword'])
{
$errors[] = 'The passwords you entered did not match.';
}
if (!$vars['password'])
{
$errors[] = 'The password you specified was blank.';
}
if (is_array($DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE email = '" . addslasheslike($vars['email']) . "'")))
{
$errors[] = 'The specified email is already in use.';
}
if (is_array($errors))
{
echo implode('
', $errors);
exit;
}
$salt = fetch_random_chars(15);
if ($bugsys->options['verifyemail'])
{
$usergroupid = 3;
}
else
{
if ($bugsys->options['moderatenewusers'])
{
$usergroupid = 4;
}
else
{
$usergroupid = 2;
}
}
$DB_sql->query("
INSERT INTO " . TABLE_PREFIX . "user
(email, displayname, password, salt, authkey, showemail, languageid, usergroupid)
VALUES
('" . addslasheslike($vars['email']) . "',
'" . addslasheslike($vars['displayname']) . "',
'" . md5(md5($vars['password']) . md5($salt)) . "',
'$salt',
'" . fetch_random_chars() . "',
$vars[showemail],
$vars[languageid],
$usergroupid
)"
);
$userid = $DB_sql->insert_id();
// Verify email address
if ($usergroupid == 3)
{
$activationid = fetch_random_chars(25);
$DB_sql->query("INSERT INTO " . TABLE_PREFIX . "useractivation (userid, activator, dateline, usergroupid) VALUES ($userid, '$activationid', " . NOW . ", 2)");
mymail(addslasheslike($vars['email']), 'Welcome to ' . $bugsys->options['trackertitle'], "Hi " . addslasheslike($vars['displayname']) . " you need to activate your account: http://devbox/bugtraq/register.php?do=activate&userid=" . $userid . "&activator=" . $activationid);
echo 'You now need to activate your account via email.';
}
else if ($usergroupid == 4 OR $usergroupid == 2)
{
if ($bugsys->options['sendwelcomemail'])
{
mymail(addslasheslike($vars['email']), 'Welcome to ' . $bugsys->options['trackertitle'], "Hi " . addslasheslike($vars['displayname']) . " and welcome to the " . $bugsys->options['trackertitle'] . " bug tracker! Thanks for registering.");
}
if ($usergroupid == 4)
{
echo 'Your account is pending approval.';
}
else
{
echo 'Registration complete!';
}
}
}
// ###################################################################
if ($_REQUEST['do'] == 'activate')
{
sanitize(array('userid' => INT, 'activator' => STR));
if ($useractivation = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "useractivation WHERE userid = $vars[userid] AND activator = '" . addslasheslike($vars['activator']) . "'"))
{
$DB_sql->query("UPDATE " . TABLE_PREFIX . "user SET usergroupid = $useractivation[usergroupid] WHERE userid = $vars[userid]");
$DB_sql->query("DELETE FROM " . TABLE_PREFIX . "useractivation WHERE userid = $vars[userid]");
echo 'your account is now activated and you can now login';
}
else
{
echo 'we could not match your registration string. please make sure you entered the correct url';
}
}
/*=====================================================================*\
|| ###################################################################
|| # $HeadURL$
|| # $Id$
|| ###################################################################
\*=====================================================================*/
?>