PHP Code:
<?php
// CONFIG
$_Config['Debug'] = true;
$_Config['SQL']['Host'] = 'sql';
$_Config['SQL']['User'] = 'sa';
$_Config['SQL']['Pass'] = 'sa pw';
$_Config['SQL']['Database'] = 'OdinAccounts';
$_Config['SQL_Error_Display'] = true;
if (isset($_POST['reg']))
{
function ValidE( $email ){
return filter_var( $email, FILTER_VALIDATE_EMAIL );
}
function generateSalt()
{
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$randomString = '';
for ($i = 0; $i < 10; $i++)
{
$randomString .= $characters[rand(0, strlen($characters) - 1)];
}
return $randomString;
}
class ES_Database
{
public $conn = NULL;
private $query = NULL;
private $sql_resource = NULL;
public $query_count = 0;
private $query_parameters = array();
private $_Config = NULL;
//Construct
public function ES_Database()
{
global $_Config;
$this->_Config = $_Config;
//$this->Connect($db);
}
public function Connect($db)
{
//Build the connection array
$conn_array = array( "UID" => $this->_Config['SQL']['User'] , "PWD" => $this->_Config['SQL']['Pass'] , "Database" => $db );
//Connect or die
$this->conn = sqlsrv_connect( $this->_Config['SQL']['Host'] , $conn_array ) or $this->OnDBError();
}
public function OnDBError()
{
if( $this->_Config['SQL_Error_Display'] )
{
$k = (array) sqlsrv_errors();
foreach( $k as $error => $message )
{
echo "[$error] " . $message[2] . "<br>" ;
}
}
}
public function query( $sql , $type = 0 )
{
if( $type == 0 )
{
$type = array( "Scrollable" => 'forward' );
}
elseif( $type == 1 )
{
$type = array( "Scrollable" => 'static' );
}
elseif( $type == 2 )
{
$type = array( "Scrollable" => 'dynamic' );
}
elseif( $type == 3 )
{
$type = array( "Scrollable" => 'keyset' );
}
elseif( $type == 4 )
{
$type = array( "Scrollable" => 'buffered' );
}
$this->query = $sql;
$this->sql_resource = sqlsrv_query( $this->conn , $this->query , array() , $type );
if( ! $this->sql_resource )
{
$this->OnDbError();
}
$this->query_count++;
}
public function fetchResult()
{
if( $this->sql_resource )
{
sqlsrv_fetch( $this->sql_resource );
$k = sqlsrv_get_field( $this->sql_resource , 0 );
$this->Free();
return $k;
}
else
{
if( $this->_Config['SQL_Error_Display'] )
{
echo "There is nothing to fetch or there was an error with your query. - " , __FUNCTION__ ;
}
}
$this->sql_resource = NULL;
}
public function fetchAssoc()
{
if( $this->sql_resource )
{
$r = Array();
$count = 0;
$stop = false;
/*$k = sqlsrv_fetch_array( $this->sql_resource );
$this->Free();
return $k;*/
while (!$stop)
{
$row = sqlsrv_fetch_array($this->sql_resource);
if ($row === false) die("Account has been registered.");
$stop = !$row;
if (!$stop) $r[$count] = $row;
$count++;
}
return $r;
}
else
{
if( $this->_Config['SQL_Error_Display'] )
{
echo "There is nothing to fetch or there was an error with your query. - " , __FUNCTION__ ;
}
}
$this->sql_resource = NULL;
}
public function fetchObject($silent = false)
{
if( $this->sql_resource )
{
$k = sqlsrv_fetch_object( $this->sql_resource );
$this->Free();
return $k;
}
else
{
if( $this->_Config['SQL_Error_Display'] )
{
if (!$silent)
echo "There is nothing to fetch or an error with your query. - " , __FUNCTION__;
}
}
$this->sql_resource = NULL;
}
public function prepare( $sql , array $parameters )
{
$this->query = $sql;
$this->query_parameters = $parameters;
$arr = array();
foreach( $this->query_parameters as $key => $value )
{
$arr[$key] = &$this->query_parameters[$key];
}
$this->sql_resource = sqlsrv_prepare( $this->conn , $this->query , $arr );
$this->query_count++;
if( ! $this->sql_resource )
{
if( $this->_Config['SQL_Error_Display'] )
{
echo "Prepared statement failed, check your query.";
}
}
}
public function execute()
{
if( $this->sql_resource )
{
return sqlsrv_execute( $this->sql_resource );
}
else
{
if( $this->_Config['SQL_Error_Display'] )
{
echo "There is nothing to execute or an error with your prepared statement.";
}
}
}
public function prepareAndFetch( $sql , array $parameters , $type = 0 )
{
$this->prepare( $sql , $parameters );
$this->execute();
if( $type == 0 )
{
return $this->fetchAssoc();
}
elseif( $type == 1 )
{
return $this->fetchResult();
}
elseif( $type == 2 )
{
return $this->fetchObject();
}
}
public function prepareAndExecute( $sql , array $parameters , $type = 0 )
{
$this->prepare( $sql , $parameters );
$this->execute();
}
public function queryAndFetch( $sql , $type = 0 , $pquery = false , $parameters = NULL )
{
if( $pquery == false )
{
$this->query( $sql );
}
else
{
$this->pquery( $sql , $parameters );
}
if( $type == 0 )
{
return $this->fetchAssoc();
}
elseif( $type == 1 )
{
return $this->fetchResult();
}
elseif( $type == 2 )
{
return $this->fetchObject();
}
}
public function NumRows()
{
if( $this->sql_resource )
{
return sqlsrv_num_rows( $this->sql_resource );
}
else
{
if( $this->_Config['SQL_Error_Display'] )
{
echo "There is no query set or an error with your query. - " , __FUNCTION__;
}
}
}
public function pquery( $sql , array $parameters , $type = 0 )
{
if( $type == 1 )
{
$type = array( "Scrollable" => 'forward' );
}
elseif( $type == 2 )
{
$type = array( "Scrollable" => 'static' );
}
elseif( $type == 3 )
{
$type = array( "Scrollable" => 'dynamic' );
}
elseif( $type == 4 )
{
$type = array( "Scrollable" => 'keyset' );
}
elseif( $type == 5 )
{
$type = array( "Scrollable" => 'buffered' );
}
else
{
unset( $type );
}
$this->query = $sql;
if( isset( $type ) )
{
$this->sql_resource = sqlsrv_query( $this->conn , $this->query , $parameters , $type );
}
else
{
$this->sql_resource = sqlsrv_query( $this->conn , $this->query , $parameters );
}
if( ! $this->sql_resource )
{
if( $this->_Config['SQL_Error_Display'] )
{
echo "Query Failed";
}
}
$this->query_count++;
}
public function HasRows()
{
if( $this->sql_resource )
{
return sqlsrv_has_rows( $this->sql_resource );
}
else
{
if( $this->_Config['SQL_Error_Display'] )
{
echo "There is no query set or an error with your query. - " , __FUNCTION__;
}
}
}
public function RowsAffected()
{
if( $this->sql_resource )
{
return sqlsrv_rows_affected( $this->sql_resource );
}
else
{
if( $this->_Config['SQL_Error_Display'] )
{
echo "There is no query set or an error with your query.";
}
}
}
public function Free()
{
$this->query = NULL;
$this->query_parameters = array();
if( $this->sql_resource )
{
sqlsrv_free_stmt( $this->sql_resource );
}
}
public function Disconnect()
{
( $this->conn == NULL ) ? NULL : sqlsrv_close( $this->conn );
}
public function Escape( $str )
{
$str = str_replace( "'", "''", $str );
return trim( $str );
}
}
function error($s)
{
echo $s;
exit;
}
if (!isset($_POST['user']) || !isset($_POST['pass']) || !isset($_POST['email']))
{
}
$sUser = $_POST['user'];
$sPass = $_POST['pass'];
$sEmail = $_POST['email'];
if (!ctype_alnum($sUser))
{
error("Invalid Username. Alpha-Numeric characters only.");
}
if (!ctype_alnum($sPass))
{
error("Invalid Password. Alpha-Numeric characters only.");
}
if (!ValidE($sEmail))
{
error("Invalid Username. Alpha-Numeric characters only.");
}
if (strlen($sUser) <= 3)
{
error("Invalid Username. Must be atleast 4 characters.");
}
if (strlen($sPass) <= 3)
{
error("Invalid Password. Must be atleast 4 characters.");
}
$DB = new ES_Database();
$DB->connect($_Config['SQL']['Database']);
$TopUserArray = $DB->queryAndFetch("SELECT TOP 1 * FROM tAccounts ORDER BY nEMID DESC", 0, true, array());
$UserExistArray = $DB->queryAndFetch("SELECT * FROM tAccounts WHERE sUsername = ?", 0, true, array($sUser));
if (count($TopUserArray) == 0)
{
$nID = 1;
}
else
{
$nID = $TopUserArray[0]['nEMID'];
}
if(count($UserExistArray) > 0)
{
error("Username already taken, please try again.");
die();
}
$nID = intval($nID) + 1;
$sSalt = generateSalt();
$sSafePass = MD5(MD5($sPass) . $sSalt);
$sIP = $_SERVER['REMOTE_ADDR'];
$params = array( $nID , $sUser , $sPass , $sSalt , $sEmail, $sIP );
$sql = "INSERT INTO tAccounts([nEMID],[sUsername],[sUserPass],[sUserPassSalt],[sEmail],[nAuthID],[sIP],[dDate],[sRID]) VALUES ( ? , ? , ? , ? , ? , 1 , ? , CURRENT_TIMESTAMP, '-' );";
$DB->queryAndFetch($sql, 0, true, $params);
die("Your account has been created!");
exit;
}
?>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Infinite War Online - Account Creation</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<style type="text/css">
*{margin:0;padding:0;}body{padding-top:00px;font:11px "Lucida Grande",Verdana,Arial,"Bitstream Vera Sans",sans-serif;}form{margin-left:8px;border:1px #000000;padding:16px 16px 40px 16px;font-weight:normal;-moz-border-radius:11px;-khtml-border-radius:11px;-webkit-border-radius:11px;border-radius:5px;background:#fff;border:1px solid #e5e5e5;-moz-box-shadow:rgba(200,200,200,1) 0 4px 18px;-webkit-box-shadow:rgba(200,200,200,1) 0 4px 18px;-khtml-box-shadow:rgba(200,200,200,1) 0 4px 18px;box-shadow:rgba(200,200,200,1) 0 4px 18px;}form .forgetmenot{font-weight:normal;float:left;margin-bottom:0;}.button-primary{font-family:"Lucida Grande",Verdana,Arial,"Bitstream Vera Sans",sans-serif;padding:3px 10px;border:none;font-size:12px;border-width:1px;border-style:solid;-moz-border-radius:11px;-khtml-border-radius:11px;-webkit-border-radius:11px;border-radius:11px;cursor:pointer;text-decoration:none;margin-top:-3px;}#login form p{margin-bottom:0;}label{color:#777;font-size:13px;}form .forgetmenot label{font-size:11px;line-height:19px;}form .submit,.alignright{float:right;}form p{margin-bottom:24px;}h1 #nav{text-shadow:rgba(255,255,255,1) 0 1px 0;}#backtoblog{position:absolute;top:0;left:0;border-bottom:#c6c6c6 1px solid;background:#d9d9d9;background:-moz-linear-gradient(bottom,#d7d7d7,#e4e4e4);background:-webkit-gradient(linear,left bottom,left top,from(#d7d7d7),to(#e4e4e4));height:30px;width:100%;}#backtoblog a{text-decoration:none;display:block;padding:8px 0 0 15px;}#login{width:320px;margin:0em auto;}#login_error,.message{margin:0 0 16px 8px;border-width:1px;border-style:solid;padding:0px;-moz-border-radius:3px;-khtml-border-radius:3px;-webkit-border-radius:3px;border-radius:3px;}#nav{margin:0 0 0 8px;padding:16px;}#user_pass,#user_login,#user_email{font-size:12px;width:97%;padding:3px;margin-top:2px;margin-right:6px;margin-bottom:16px;border:1px solid #e5e5e5;background:#fbfbfb;}input{color:#555;}.clear{clear:both;}
</style>
<body background="">
<center>
<table border="0" width="50%" style="background:transparent;">
<tr>
<td>
<center>
<Br>
<div id="login">
<form name="loginform" id="loginform" action="#" method="post">
<div id="registerform">
<b><font color="black">Account Creation</b></font><br><br>
<p></p>
<p>
<label>Username:
<input type="text" name="user" id="user" class="input" value="" /></label><br><br><br>
</p>
<p>
<label>Password:
<input type="password" name="pass" id="pass" class="input" value="" /></label><br><br>
</p>
<p>
<label> Email:
<input type="text" name="email" id="email" class="input" value="" /></label>
</p>
<p><br><br></p>
<p class="submit">
<input type="button" id="GoBtn" class="button-primary" onClick="doSignup()" value="Create Account" tabindex="100" />
</p>
</div></form><br><br><script language = "javascript">
function doSignup()
{
user = document.getElementById("user").value;
pass = document.getElementById("pass").value;
email = document.getElementById("email").value;
xUrl = "?r=" + Math.floor(Math.random()*132165321);
document.getElementById("registerform").innerHTML = "<br><br><center><img src='https://secure.extrinsicstudio.com/res/img/loader.gif'><br><br>";
if (window.XMLHttpRequest)
{
xmlhttp=new XMLHttpRequest();
}
else
{
xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
}
xmlhttp.onreadystatechange=function()
{
if (xmlhttp.readyState==4 && xmlhttp.status==200)
{
setTimeout("ShowResponse(xmlhttp.responseText)",2000);
}
}
xmlhttp.open("POST", xUrl, true);
xmlhttp.setRequestHeader("Content-type","application/x-www-form-urlencoded");
xmlhttp.send("reg=1&user=" + user + "&pass=" + pass + "&email=" + email);
if (navigator.userAgent.indexOf("Firefox") != -1)
{
setTimeout("ShowResponse(xmlhttp.responseText)",2000);
}
}
function ResetForm(u)
{
window.location = window.location;
}
function ShowResponse(ResponseText)
{
alert(ResponseText);
window.location = window.location;
}
</script>
</div>
</body>
</html>
