Contributions by Keith Gable This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. In addition to being restricted by the GNU General Public License, Essence Engine may not be sold, rented, sublicensed, or leased; you are not permitted to generate revenue with the Essence Engine source code. You may, however, use Essence Engine to run a website that generates revenue via other means. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA $Id$ */ // Register // Register a new account $pagetitle = "Register an Account"; $skipspam = true; include("mainheader.php"); if ($_POST["doreg"]) { // Check username if (!$_POST["username"]) { sysmsg("Error: You must supply a username."); $error = true; } elseif (!ctype_alnum($_POST["username"])) { sysmsg("Error: Usernames must be letters and numbers only."); $error = true; } // Check email if ((!$_POST["email"]) || (!$_POST["emailconf"]) || ($_POST["email"] != $_POST["emailconf"])) { sysmsg("Error: You must supply an e-mail address, and it must be the same in both boxes."); $error = true; } elseif (!preg_match("/[a-zA-Z0-9.\\-_]+@[a-zA-Z0-9.\\-]+\\.[a-zA-Z0-9]{2,4}/",$_POST["email"])) { sysmsg("Error: You must supply a valid e-mail address."); $error = true; } // Check password if ((!$_POST["password"]) || (!$_POST["passconf"]) || ($_POST["password"] !== $_POST["passconf"])) { sysmsg("Error: You must supply a password, and it must be the same in both boxes."); $error = true; } elseif (strlen($_POST["password"]) < 6) { sysmsg("Error: Your password must be at least 6 characters long."); $error = true; } if (!$error) { // Escape strings $newuser = mysql_escape_string(strtolower($_POST["username"])); $newpass = md5($_POST["password"]); $newemail = mysql_escape_string($_POST["email"]); if ($_POST["dispname"]) $newname = mysql_escape_string($_POST["dispname"]); else $newname = $newuser; // Check for dupes $result1 = mysql_query("SELECT username FROM users WHERE username='$newuser'", $db); if (mysql_affected_rows() > 0) { sysmsg("Error: A user already exists with this username. Please try another."); $error = true; } $result2 = mysql_query("SELECT email FROM users WHERE email='$newemail'", $db); if (mysql_affected_rows() > 0) { sysmsg("Error: A user already exists with this e-mail address. Please use another or contact an Administrator."); $error = true; } if (!$error) { // Add the user to the database $result = mysql_query( "INSERT INTO users SET username='$newuser'," . "password='$newpass', email='$newemail', " . "dispname='$newname', usertype=1, " . "lastip='" . $_SERVER["REMOTE_ADDR"] . "', " . "useragent='" . $_SERVER["HTTP_USER_AGENT"] . "', " . "lastvisit=UNIX_TIMESTAMP(), signuptime=UNIX_TIMESTAMP()", $db); if (mysql_errno()) sysmsg("Error registering account: " . mysql_error()); else { $result = mysql_query("INSERT INTO profiles SET username='$newuser', lastupdate=UNIX_TIMESTAMP()", $db); if (mysql_errno()) { $result = mysql_query("DELETE FROM users WHERE username='$newuser' LIMIT 1", $db); sysmsg("Error registering account: " . mysql_error()); } else { // Send the email $confirm = md5($newuser . $newpass . "exorealm76785"); $mailsubject = "Welcome to ".safetext($sitetitle); $mailheaders = "From: ".safetext($sitetitle)." Accounts <".$_SERVER['SERVER_ADMIN'].">\r\n" . "User-Agent: PHP/" . phpversion() . "\r\n"; $mailbody = " Hello from ".safetext($sitetitle)."! Someone has registered for an account on ".safetext($sitetitle)." using the e-mail address $newemail. If it wasn't you, then feel free to ignore this message. To complete your registration, please go to this address: http://".$_SERVER['HTTP_HOST']."/register.php?confirm=$confirm When you get there, just log in using the username and password you provided. If you have any questions, just contact a staff member. You can find them on the Profiles page, by clicking the link on the left side. Welcome to the Realm, and we hope you enjoy your time! -".safetext($sitetitle)." Staff "; $mailbody = wordwrap($mailbody); if (!mail($newemail, $mailsubject, $mailbody, $mailheaders)) { sysmsg("Error sending registration e-mail!"); } else { sysmsg("Registration successful!"); sendlocation("thanks.php"); } } } } } } include("themeheader.php"); if ($_GET["confirm"]) { ?>

Thank you for coming to activate your account. Last thing you need to do is log in here, and you can start using your new account immediately!

Fill out this form to register for an account on . If you have any questions, feel free to e-mail a staff member. You can find them on the Profiles page.

A couple of notes:

Make sure you have read and agree to abide by the Code of Conduct and Terms of Service before registering.
The username must be made up of letters, numbers...
Make sure your password is at least 6 characters long.
If you don't enter a display name, your username will be used.
After you submit this form, you will be sent an e-mail with a verification link. Follow the instructions in that e-mail to complete your registration.
You can change any of this information later, except for your username.