Файл: new_fanland/registration.php
Строк: 170
<?php
###########################
# Данная версия скрипта принадлежит #
# LiraS aka Артур Лукин Иванович #
# Вносить свои изменения крайне #
# запрещенно! #
###########################
require("db.php");
require "cfg.php";
function first()
{
echo "<form action="registration.php?id=rega&v=$_GET[v]" method="post">";
echo "<div class="main"><div class="in">Имя Императора:<br/>";
echo "<input type="text" name="nick" maxlength="30"/><br/>";
echo "Пароль:<br/>";
echo "<input type="password" name="pass" maxlength="30"/><br/>";
echo "Пароль(повторите):<br/>";
echo "<input type="password" name="repass" maxlength="30"/><br/>";
echo "Империя:<br/>";
echo "<input type="text" name="country" maxlength="50"/><br/>";
echo "E-mail(вводится один раз!):<br/>";
echo "<input type="text" name="email"><br/>";
echo "<input type="submit" value="Регистрация" class="ibutton"><br/>";
echo "--------";
echo "<br/><a href="index.php?v=$_GET[v]">На главную</a>";
}
function registruoja()
{
$pass = $_POST[pass];
$_POST['nick'] = addslashes("$_POST[nick]");
$_POST['nick'] = htmlspecialchars($_POST['nick']);
$_POST['pass'] = addslashes("$_POST[pass]");
$_POST['pass'] = htmlspecialchars($_POST['pass']);
$_POST['country'] = addslashes("$_POST[country]");
$_POST['country'] = htmlspecialchars("$_POST[country]");
$_POST['repass'] = addslashes("$_POST[repass]");
$_POST['repass'] = htmlspecialchars($_POST['repass']);
$_POST['email'] = addslashes("$_POST[email]");
$_POST['email'] = htmlspecialchars($_POST['email']);
$tkr = mysql_num_rows(mysql_query("SELECT usr FROM users WHERE usr LIKE '$_POST[nick]'"));
$c_tkr = mysql_num_rows(mysql_query("SELECT country FROM users WHERE country LIKE '$_POST[country]'"));
if (ereg_replace("[A-za-z0-9]+", "", $_POST['nick']) || ereg_replace("[A-za-z0-9]+", "", $_POST['country']) || ereg_replace("[A-za-z0-9]+", "", $_POST['pass']) || ereg_replace("[A-za-z0-9]+", "", $_POST['repass']))
{
echo "<div class="main"><div class="in">";
echo "Используете неразрешимые символы!!<br/>";
echo "-------<br/>";
echo "<a href="registration.php?v=$_GET[v]">Назад</a>";
}
elseif (ereg("/[0-9a-z_]+@[0-9a-z_^.]", "", $_POST['email']))
{
echo "<div class="main"><div class="in">";
echo "Не правильно введен e-mail!<br/>";
echo "-------<br/>";
echo "<a href="registration.php?v=$_GET[v]">Назад</a>";
}
elseif (strlen($_POST['nick'])<4)
{
echo "<div class="main"><div class="in">";
echo "За маленький ник!<br/>";
echo "-------<br/>";
echo "<a href="registration.php?v=$_GET[v]">Назад</a>";
}
elseif(strlen($_POST['pass'])<5)
{
echo "<div class="main"><div class="in">";
echo "За маленький пароль!<br/>";
echo "-------<br/>";
echo "<a href="registration.php?v=$_GET[v]">Назад</a>";
}
elseif (strlen($_POST['nick'])>30)
{
echo "<div class="main"><div class="in">";
echo "За большой ник!";
echo "-------<br/>";
echo "<a href="registration.php?v=$_GET[v]">Назад</a>";
}
elseif (strlen($_POST['pass'])>50)
{
echo "<div class="main"><div class="in">";
echo "За большой пароль!";
echo "-------<br/>";
echo "<a href="registration.php?v=$_GET[v]">Назад</a>";
}
elseif ( $c_tkr == 0 && $tkr == 0 && $_POST['nick'] != "" && $_POST['country'] != "" && $_POST['pass'] != "" && $_POST['repass'] != "" && $_POST['pass'] == $_POST['repass'])
{
$text = "Поздравляем!n Вы успешно зарегистрировалисьв онлайн игре FaNLanD!n Ваши данные:n Император: $_POST[nick] n Пароль: $_POST[pass] n
--------n С уважением Администрация игры FaNLanD";
$subject="Регистрация в онлайн игре!";
$text= iconv('utf-8', 'windows-1251', $text);;
$subject= iconv('utf-8', 'windows-1251', $subject);
$headers = "MIME-Version: 1.0rn"."Content-type: text/plain; charset=Windows-1251rnFrom: no-reply@fanland.rurnReply-To: no_reply@fanland.rurnX-Mailer: PHP/".phpversion();
@mail(email, $subject, $text, $headers);
$_POST['pass'] = md5($_POST['pass']);
$country = iconv("utf-8","windows-1251",$_POST['country']);
mysql_query("INSERT INTO users SET usr = '$_POST[nick]', pwd = '$_POST[pass]', email = '$_POST[email]', country = '$country', vek = '1'");
$s = mysql_fetch_array(mysql_query("SELECT id FROM users WHERE usr = '$_POST[nick]'"));
$id = strip_tags($s['id']);
$time = time();
$t = 60*60*10;
$tim = $time+$t;
mysql_query("INSERT INTO people SET u_id = '$id', workers = '15'");
mysql_query("INSERT INTO zdanija SET u_id = '$id', g_centr = '1', dom = '2'");
mysql_query("INSERT INTO finans SET u_id = '$id', dreiki = '500', edreiki = '0'");
mysql_query("INSERT INTO settings SET u_id = '$id'");
mysql_query("INSERT INTO u_info SET u_id = '$id'");
mysql_query("INSERT INTO resurs SET u_id = '$id'");
mysql_query("INSERT INTO `nalog` SET `u_id` = '$id', `eda` = '$tim', `dreiki` = '$tim'");
mysql_query("INSERT INTO land SET u_id = '$id', plotas = '500'");
mysql_query("INSERT INTO parametres SET u_id = '$id', opit = '0', opitall = '200', level = '0'");
echo "<div class="main"><div class="in">";
echo "Поздравляем, вы успешно зарегистрировались в игре!<br/>";
echo "-------<br/>";
echo "<a href="index.php?v=$_GET[v]">Пройти к авторизации</a>";
}
elseif($_POST['nick'] == "" || $_POST['country'] == "")
{
echo "<div class="main"><div class="in">";
echo "Вы оставили пустое поле!<br/>";
echo "-------<br/>";
echo "<a href="registration.php?v=$_GET[v]">Назад</a>";
}
elseif($_POST['pass'] == "")
{
echo "<div class="main"><div class="in">";
echo "Вы оставили пустое поле!<br/>";
echo "-------<br/>";
echo "<a href="registration.php?v=$_GET[v]">Назад</a>";
}
elseif($_POST['repass'] == "")
{
echo "<div class="main"><div class="in">";
echo "Вы оставили пустое поле<br/>";
echo "-------<br/>";
echo "<a href="registration.php?v=$_GET[v]">Назад</a>";
}
elseif($_POST['pass'] != $_POST['repass'])
{
echo "<div class="main"><div class="in">";
echo "Пароли не совпадают!<br/>";
echo "-------<br/>";
echo "<a href="registration.php?v=$_GET[v]">Назад</a>";
}
elseif($tkr > 0)
{
echo "<div class="main"><div class="in">";
echo "Такой ник уже есть!<br/>";
echo "-------<br/>";
echo "<a href="registration.php?v=$_GET[v]">Назад</a>";
}
elseif($c_tkr > 0)
{
echo "<div class="main"><div class="in">";
echo "Такой ник уже есть!<br/>";
echo "-------<br/>";
echo "<a href="registration.php?v=$_GET[v]">Назад</a>";
}
}
$db_connection = mysql_connect($db_host, $db_user, $db_pass);
mysql_select_db($db_table, $db_connection);
mysql_query('set charset utf-8');
mysql_query('SET NAMES cp1251');
mysql_query('set character_set_client="utf-8"');
mysql_query('set character_set_connection="utf-8"');
mysql_query('set character_set_result="utf-8"');
$online = mysql_num_rows(mysql_query("SELECT * FROM online WHERE laikas > '$timeout'"));
$year = date("Y.m.d");
$times = date("H:i");
$vremechko = "$year $times";
$subt = file_get_contents("max_on.dat");
$max = explode("|", $subt);
$max_onl = $max[0];
$max_on_time = $max[1];
if ($online >= $max_onl)
{
$fp55 = fopen("max_on.dat", 'w');
fwrite($fp55, "$online|$vremechko|");
fclose($fp55);
}
$set['title']='Регистрация';
head();
title ();
if($_GET[id] == "")
{first();}
elseif($_GET[id] == "rega")
{registruoja();}
foot();
mysql_close($db_connection);
?>