<?php
define("_encryptionMethod","sha1");
define("_encryptionSaltPosition","before");
define("_encryptionEnableSalting",1);
define("_encryptionEncryptBeforeSalting",1);
function getDoubleSaltedHash($value, $salt) {
return encrypt($salt . getSaltedHash($value, $salt));
}
function encrypt($value) {
switch (_encryptionMethod) {
case 'sha1': return sha1($value);
case 'md5': return md5($value);
case 'crc32': return crc32($value);
case 'crypt': return crypt($value);
}
return sha1($value);
}
function getSaltedHash($value, $salt) {
if (_encryptionEnableSalting) {
$hash = '';
// salt
if (_encryptionSaltPosition == 'before') {
$hash .= $salt;
}
// value
if (_encryptionEncryptBeforeSalting) {
$hash .= encrypt($value);
}
else {
$hash .= $value;
}
// salt
if (_encryptionSaltPosition == 'after') {
$hash .= $salt;
}
return encrypt($hash);
}
else {
return encrypt($value);
}
}
function getHash($value) {
return sha1($value);
}
function getRandomID() {
return getHash(microtime() . uniqid(mt_rand(), true));
}
session_start();
include("includes/config.php");
include("includes/head.php");
?>
<!--********************************************* Main start *********************************************-->
<!-- Full page wrapper Start -->
<!-- Left wrapper Start -->
<div id="left_wrapper">
<div class="header">
<h2><span><?php echo CMS_SERV_NAME; ?> //</span> REGISTER</h2>
</div>
<div id="post_wrapper">
<!-- Body Start -->
<div id="body">
<?php
if(!$login)
{
$form = true;
/*if(isset($_GET['v']))
{
$vCode = $_GET['v'];
$vCode = mysql_real_escape_string($vCode);
if(!CheckSQL($vCode))
{
echo '<meta http-equiv="refresh" content="0; url=index.php">';
exit();
}
$sql0 = "SELECT name, passwd, mail FROM user_verify WHERE eCode = '".$vCode."'";
$q0 = mysql_query($sql0);
if(mysql_num_rows($q0) != 0)
{
$dat0 = mysql_fetch_assoc($q0);
$uName = $dat0['name'];
$uPW = $dat0['passwd'];
$uMail = $dat0['mail'];
$sql0 = "DELETE FROM user_verify WHERE eCode = '".$vCode."'";
$q0 = mysql_query($sql0);
$sql0 = "SELECT MAX(dwUserID) AS Result FROM TGLOBAL_GSP.dbo.TACCOUNT";
$q0 = odbc_exec($gcon, $sql0);
$count0 = odbc_fetch_array($q0);
$count = $count0['Result'];
$date = date("Y-m-d H:i:s");
$sql = "INSERT INTO TGLOBAL_GSP.dbo.TACCOUNT(dwUserID, szUserID, szPasswd, bCheck, dFirstLogin, szMail)
VALUES($count + 1, '".$uName."', '".$uPW."', '1', {ts'".$date."'}, '".$uMail."')";
$q = odbc_exec($gcon, $sql);
echo '<p>Dein Account wurde erfolgreich erstellt! Du kannst dich nun einloggen.<br /><a href="./login.php">» Zum Login</a></p>';
$form = false;
}
else
{
echo '<p>Der Verifikationscode ist ungültig!<br /><a href="./register.php">» Zur Registration</a></p>';
$form = false;
}
}*/
if(isset($_POST['userbox']))
{
$user = $_POST['userbox'];
$mail = $_POST['email'];
$pw = $_POST['password'];
$pw2 = $_POST['password2'];
require_once('includes/recaptchalib.php');
$resp = recaptcha_check_answer (CMS_PRKEY,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
$user = mysql_real_escape_string($user);
$mail = mysql_real_escape_string($mail);
//$verifyCode = md5(sha1(sha1($user) . $mail . rand(0, 999) . sha1($mail . $user) . md5(sha1($mail . rand(0, 999)) . $pw)));
if(check_mail($mail) && $pw == $pw2 && check_name($user) && strlen($user) < 21 && strlen($user) > 5 && $resp->is_valid)
{
//$pw = md5($pw);
$sql0 = "SELECT szUserID FROM TGLOBAL_GSP.dbo.TACCOUNT WHERE szUserID = '".$user."'";
$q0 = odbc_exec($ms_con, $sql0);
$nFree = odbc_num_rows($q0);
if($nFree == 0)
{
/*$sql = "INSERT INTO user_verify (Name, Passwd, Mail, eCode) VALUES (
'".$user."', '".$pw."', '".$mail."', '".$verifyCode."')";
$q = mysql_query($sql);
$title = 'The4thStory - Account erstellen';
$msg = 'Du hast dich auf <a href="#">The4thStory</a> registriert!\r\n
Bitte klicke auf den nachfolgenden Link, um die Registrierung abzuschließen!\r\n\r\n
<a href="http://localhost/register.php?v='.$verifyCode.'">http://localhost/register.php?v='.$verifyCode.'</a>\r\n\r\nmfg The4thStory - Team';
$header = 'From:
';
mail($mail, $title, $msg, $header);
echo '<p>Es wurde eine eMail an deine eMail-Adresse geschickt!<br />
Bitte klicke auf den Link in der eMail um den Account zu erstellen.<br /><br />
<a href="./login.php">» Zum Login</a></p>';*/
$sql0 = "SELECT MAX(dwUserID) AS Result FROM TGLOBAL_GSP.dbo.TACCOUNT";
$q0 = odbc_exec($ms_con, $sql0);
$count0 = odbc_fetch_array($q0);
$count = $count0['Result'];
$date = date("Y-m-d H:i:s");
/*$sql = "INSERT INTO TGLOBAL_GSP.dbo.TACCOUNT(dwUserID, szUserID, szPasswd, bCheck, dFirstLogin, szMail)
VALUES($count + 1, '".$user."', '".$pw."', '1', {ts'".$date."'}, '".$mail."')";
$q = odbc_exec($gcon, $sql);*/
$sql = "INSERT INTO TGLOBAL_GSP.dbo.TACCOUNT(dwUserID, szUserID, szPasswd, bCheck, dFirstLogin, szMail)
VALUES(?, ?, ?, '1', {ts'".$date."'}, ?)";
$stmt = odbc_prepare($ms_con, $sql);
odbc_execute($stmt, array($count + 1, $user, $pw, $mail));
/*$password = $pw;
$salt = getRandomID();
$password_salted = getDoubleSaltedHash($password, $salt);
$ip = $_SERVER['REMOTE_ADDR'];
$sql1 = "INSERT INTO wcf.wcf2_user (`username`, `email`, `password`, `salt`, `languageID`,
`registrationDate`, `styleID`, `activationCode`, `registrationIpAddress`, `lastLostPasswordRequest`,
`reactivationCode`, `lastUsernameChange`, `quitStarted`, `banned`,
`banReason`, `rankID`, `activityPoints`, `avatarID`, `disableAvatar`, `disableAvatarReason`,
`profileHits`, `enableSignatureSmilies`, `enableSignatureHtml`,
`enableSignatureBBCodes`, `disableSignature`, `disableSignatureReason`,
`pmTotalCount`, `pmUnreadCount`, `pmOutstandingNotifications`, `userOnlineGroupID`)
VALUE ('".$user."', '".$mail."', '".$password_salted."', '".$salt."', '2', '".time()."', '0', '0', '".$ip."', '0',
'0', '0', '0', '0', '', '0', '0', '0', '0', '', '0', '1', '0', '1', '0', '', '0', '0', '0', '3')";
$q1 = mysql_query($sql1);
$sql0 = "SELECT userID FROM wcf.wcf2_user WHERE username = '".$user."'";
$q0 = mysql_query($sql0);
$dat = mysql_fetch_assoc($q0);
$userID = $dat['userID'];
$sql00 = "INSERT INTO wcf.wcf2_user_to_groups ('userID', 'groupID') VALUES
('".$userID."', '1')";
$q00 = mysql_query($sql00);
$sql00 = "INSERT INTO wcf.wcf2_user_to_groups ('userID', 'groupID') VALUES
('".$userID."', '3')";
$q00 = mysql_query($sql00);*/
echo '<p>Dein Account wurde erfolgreich erstellt! Du kannst dich nun einloggen.<br /><a href="./login.php">» Zum Login</a></p>';
$form = false;
}
else
{
$error = 'Der Benutzername ist bereits vergeben!';
}
}
else
{
$error = 'Das Passwort, die eMail-Adresse oder der Benutzername waren nicht korrekt!';
}
}
if($form)
{
echo '<h4>Registrieren</h4>';
echo'
<form action="register.php" method="post">
<label>Name <small><em>(required)</em></small></label>
<input type="text" name="userbox" id="userbox" />
<label>eMail-Adresse <small><em>(required)</em></small></label>
<input type="text" name="email" id="email" />
<label>Passwort <small><em>(required)</em></small></label>
<input type="password" name="password" id="password" />
<label>Password wiederholen <small><em>(required)</em></small></label>
<input type="password" name="password2" id="password2" /><br /><br />';
require_once('includes/recaptchalib.php');
echo recaptcha_get_html(CMS_PUKEY);
echo '<br /><input type="submit" value="Account anlegen" class="read_more2" />
</form>';
if(isset($error))
{
echo '<br /><p>'.$error.'</p>';
}
}
}
else
{
echo '<p>Du kannst keinen Account erstellen, da du eingeloggt bist!<br /><a href="./index.php">» Zurück zur Startseite</a></p>';
}
?>
</div>
<!-- Body end -->
<div class="clear"></div>
</div>
</div>
<!-- Full page wrapper end -->
<!-- Right wrapper Start -->
<div id="right_wrapper">
<div id="search">
<input type="text" onblur="if(this.value =='') this.value='search'" onfocus="if (this.value == 'search') this.value=''" value="search" name="s" class="required" id="s" />
<input type="button" />
</div>
<div class="categories">
<div class="header"><a href="#">Links</a></div>
<ul>
<li> <a href="./index.php">Zur Startseite</a> </li>
<li> <a href="./login.php">Zum Login</a> </li>
<li> <a href="./rules.php">Regeln lesen</a> </li>
</ul>
</div>
<!-- Right wrapper end -->
<!--</div>
<div class="clear"></div>
</div>-->
</div>
<div class="bottom_shadow"></div>
<!--********************************************* Main end *********************************************-->
<?php
include("includes/foot.php");
?>
Das ist unser register.
This is from syntaxfehler.
