userinfo['userid']) { echo 'Sorry, you are already registered!'; exit; } if (!$bugsys->options['allownewreg']) { echo 'Sorry, we don\'t allow new registrations!'; exit; } // ################################################################### if (empty($_REQUEST['do'])) { foreach ($bugsys->datastore['language'] AS $value => $temp) { $label = $temp['title']; eval('$opts .= "' . $template->fetch('selectoption') . '";'); } eval('$template->flush("' . $template->fetch('register') . '");'); } // ################################################################### if ($_POST['do'] == 'insert') { sanitize(array('email' => STR_NOHTML, 'confirmemail' => STR_NOHTML, 'displayname' => STR_NOHTML, 'password' => STR, 'confirmpassword' => STR, 'showemail' => INT, 'languageid' => INT)); if ($bugsys->in['email'] != $bugsys->in['confirmemail']) { $errors[] = 'The emails you entered do not match.'; } if (!$bugsys->in['email']) { $errors[] = 'The password you specified was blank.'; } if ($bugsys->in['password'] != $bugsys->in['confirmpassword']) { $errors[] = 'The passwords you entered did not match.'; } if (!$bugsys->in['password']) { $errors[] = 'The password you specified was blank.'; } if (is_array($db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE email = '" . $bugsys->in['email'] . "'"))) { $errors[] = 'The specified email is already in use.'; } if (is_array($errors)) { echo implode('
', $errors); exit; } $salt = fetch_random_chars(15); if ($bugsys->options['verifyemail']) { $usergroupid = 3; } else { if ($bugsys->options['moderatenewusers']) { $usergroupid = 4; } else { $usergroupid = 2; } } $db->query(" INSERT INTO " . TABLE_PREFIX . "user (email, displayname, password, salt, authkey, showemail, languageid, usergroupid) VALUES ('" . $bugsys->in['email'] . "', '" . $bugsys->in['displayname'] . "', '" . md5(md5($bugsys->in['password']) . md5($salt)) . "', '$salt', '" . fetch_random_chars() . "', " . intval($bugsys->in['showemail']) . ", " . intval($bugsys->in['languageid']) . ", $usergroupid )" ); $userid = $db->insert_id(); // Verify email address if ($usergroupid == 3) { $activationid = fetch_random_chars(25); $db->query("INSERT INTO " . TABLE_PREFIX . "useractivation (userid, activator, dateline, usergroupid) VALUES ($userid, '$activationid', " . NOW . ", 2)"); mymail($bugsys->in['email'], 'Welcome to ' . $bugsys->options['trackertitle'], "Hi " . $bugsys->in['displayname'] . " you need to activate your account: http://devbox/bugtraq/register.php?do=activate&userid=" . $userid . "&activator=" . $activationid); echo 'You now need to activate your account via email.'; } else if ($usergroupid == 4 OR $usergroupid == 2) { if ($bugsys->options['sendwelcomemail']) { mymail($bugsys->in['email'], 'Welcome to ' . $bugsys->options['trackertitle'], "Hi " . $bugsys->in['displayname'] . " and welcome to the " . $bugsys->options['trackertitle'] . " bug tracker! Thanks for registering."); } if ($usergroupid == 4) { echo 'Your account is pending approval.'; } else { echo 'Registration complete!'; } } } // ################################################################### if ($_REQUEST['do'] == 'activate') { if ($useractivation = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "useractivation WHERE userid = " . intval($bugsys->in['userid']) . " AND activator = '" . $bugsys->in['activator'] . "'")) { $db->query("UPDATE " . TABLE_PREFIX . "user SET usergroupid = $useractivation[usergroupid] WHERE userid = " . intval($bugsys->in['userid'])); $db->query("DELETE FROM " . TABLE_PREFIX . "useractivation WHERE userid = " . intval($bugsys->in['userid'])); echo 'your account is now activated and you can now login'; } else { echo 'we could not match your registration string. please make sure you entered the correct url'; } } /*=====================================================================*\ || ################################################################### || # $HeadURL$ || # $Id$ || ################################################################### \*=====================================================================*/ ?>