Code:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Arcadia Test Server</title>
<?php
require("conf.php");
if ($registration ==0){
?>
<h1>Registrations closed</h1>
</div>
</div>
<?php
exit;
}
if(isset($_SERVER['HTTP_REFERER'])
&& $_SERVER['HTTP_REFERER']!=''
&& substr($_SERVER['HTTP_REFERER'], 7, strlen($_SERVER['SERVER_NAME'])) != $_SERVER['SERVER_NAME'])
{
$_POST = array();
$_GET = array();
}
function connect(){
require("conf.php");
$db = $Auth_db;
$connect = mssql_connect($sql_host, $sql_user, $sql_password);
if (!$connect) {echo 'connection error'; exit;}
mssql_select_db($db, $connect) or die("Couldn't open database $db");
return $connect;
}
$do = $_POST['do'];
switch($do){
case "register":
$data_array = &$_POST;
$array_char = array("'","/","\\","*",":","!","?",".", "&", "%", "ù","^", "$", "=","¨","}","{","(",")","~","#","[","]","ç","à","é","€","§",";","¤","°","£","`","<",">");
$username = $data_array['name'];
$username = str_replace($array_char, "", $username);
$email = $data_array['email'];
$email = str_replace($array_char, "", $email);
$password = $data_array['pwd'];
$password = str_replace($array_char, "", $password);
$passwordconf = $data_array['pwdconf'];
$passwordconf = str_replace($array_char, "", $passwordconf);
$combine_password = $md5_key.$password;
$converted_password = md5($combine_password);
if ($password != $passwordconf){
echo "<span style=\"color:red\">Passwords don't match !</br><a href=\"javascript:refreshpage()\">Back</a></span>";
exit;
}
if (strlen($username) <= 5){
echo "<span style=\"color:red\">You need 5 characters at least in your account name</br><a href=\"javascript:refreshpage()\">Back</a></span>";
exit;
}
if (strlen($password) <= 6){
echo "<span style=\"color:red\">You need 5 characters at least in your account password</br><a href=\"javascript:refreshpage()\">Back</a></span>";
exit;
}
if (strstr ($username, " ") !== False){
echo "<span style=\"color:red\">You need to use alpha/numeric characters! </br><a href=\"javascript:refreshpage()\">Back</a></span>";
exit;
}
if (strstr ($password, " ") !== False){
echo "<span style=\"color:red\">You need to use alpha/numeric characters! </br><a href=\"javascript:refreshpage()\">Back</a></span>";
exit;
}
$db = connect();
$query_check ="SELECT login_name from Accounts WHERE login_name='$username'";
$query = "INSERT Accounts( login_name,password,block,withdraw_remain_time,age ,auth_ok,pcbang,last_login_server_idx,event_code,result,email ) VALUES('$username','$converted_password',0,0,18,1,1,1,0,1,'$email')";
$query_total = mssql_query("SELECT count(account_id) FROM Accounts");
$results_check = mssql_query($query_check);
$results_total = mssql_fetch_row($query_total);
$result_total = $results_total['0'];
if ($result_total >= $max_accounts){
echo "<span style=\"color:red\">Max accounts limit has been reached, sorry..</br><a href=\"javascript:refreshpage()\">Back</a></span>";
exit;
}
while ($row_check = mssql_fetch_array($results_check)){
$check_username = $row_check['login_name'];
}
if ($check_username == $username){
echo "<span style=\"color:red\">Account already exist!</br><a href=\"javascript:refreshpage()\">Back</a></span>";
exit;
}
else
$results = mssql_query($query);
echo "Success, you can now download the launcher</br><a href=\"launcher.exe\">Here</a>, <br />and <a href=\"client.zip\">Client Here</a>";
break;
}
?>
<link rel="stylesheet" type="text/css" media="screen" href="style.css" />
<script type="text/javascript" src="http://code.jquery.com/jquery-latest.js"></script>
<script type="text/javascript">
function refreshpage()
{
setTimeout("location.reload(true);",20);
}
$(document).ready( function ()
{
$("#register").submit( function()
{ // à la soumission du formulaire
$.ajax(
{ // fonction permettant de faire de lajax
type: "POST", // methode de transmission des données au fichier php
url: "index.php", // url du fichier php
data: "do=register&"+"name="+$("#name").val()+"&pwd="+$("#pwd").val()+"&pwdconf="+$("#pwdconf").val(),// données à transmettre
success: function(msg)
{ // si lappel a bien fonctionné
if (msg)
{
$("div#connexion").hide().fadeIn(1200).html(msg);
}
else
{
$("div#erreur").hide().fadeIn(1200).fadeOut(5200).html("<p style=\"color:red\"><img src=\"../client/help/img/error.png\" width=\"20px\" heigth=\"20px\"/> An error occured</p></br>");
}
}
});
return false; // permet de rester sur la même page à la soumission du formulaire
});
});
$(document).ready(function()
{
$("#loadpage").fadeIn(920);
});
</script>
</head>
<body>
<div id="loadpage" style="display:none">
<noscript><div id="loadpage"></div></noscript>
<div style="text-align: center; width: 100%; margin-top: 150px;">
<p>
<img src="logo.png" alt="Arcadia Dev"><br /><h2>NCarbon for Arcadia Dev</h2><br /><br />
</p>
<div id="connexion">
<form name="register" id="register" action="#" class="main_form"><!-- Form begin -->
<div class="main_form">
<label for="name">Username</label>
<div class="div_textbox">
<input type="text" name="name" id="name" /><!-- Login Value -->
</div>
</div>
<div class="main_form">
<label for="pwd">Password</label>
<div class="div_textbox"><!-- Password Field -->
<input type="password" name="pwd" id="pwd" />
</div>
</div>
<div class="main_form">
<label for="pwdconf">Confirm password</label>
<div class="div_textbox">
<input type="password" name="pwdconf" id="pwdconf" /></br>
</div>
</div>
<div class="main_form">
<label for="email">email</label>
<div class="div_textbox">
<input type="text" name="email" id="email" />
</div>
</div>
<div class="clear"></div>
<p style="text-align: center; margin: auto; margin-top: 10px;">
<!-- Submit Button -->
<input type="submit" value="Create Account" style="margin: auto;" />
</p>
</form><!-- End of form -->
</div></br>
<div id="erreur"></div><!-- span qui contiendra les éventuels messages derreur -->
<span id="confirmMsg"></span>
</div></div><i>Don't use special char in your password or username, it will be deleted by our internal security system</i></br>
heyho ,