Файл: msconfig/msreg.php
Строк: 103
<?php
if(isset($_POST['sex']) && isset($_POST['nick']) && isset($_POST['password']) && isset($_POST['password2']) && isset($_POST['phone']) && isset($_POST['email'])){
$sex = my_esc($_POST['sex']);
$nick = my_esc($_POST['nick']);
$password = my_esc($_POST['password']);
$password2 = my_esc($_POST['password2']);
$phone = num($_POST['phone']);
$email = my_esc($_POST['email']);
if(empty($password2)){
$text = 'Вы не ввели Павтор пароля';
$_SESSION['msg'] = $text;
header("Location: ../Link:ILinkListener-Registration;");
exit;
}elseif(empty($password)){
$text = 'Вы не ввели Пароль';
$_SESSION['msg'] = $text;
header("Location: ../Link:ILinkListener-Registration;");
exit;
}elseif (!empty($password2) && $password != $password2){
$text = 'Пароли не совпадают';
$_SESSION['msg'] = $text;
header("Location: ../Link:ILinkListener-Registration;");
exit;
}elseif (!empty($password) && (strlen($password) < 6 || strlen($password) > 64)){
$text = 'Пароль должен содержать от 6 до 64 символов';
$_SESSION['msg'] = $text;
header("Location: ../Link:ILinkListener-Registration;");
exit;
}elseif(mysql_result(mysql_query("SELECT COUNT(*) FROM `ms_user` WHERE `name` = '".$nick."' LIMIT 1"),0)!=0){
$text = "Это Имя уже зарегистрировано. Выберите другой!";
$_SESSION['msg'] = $text;
header("Location: ../Link:ILinkListener-Registration;");
exit;
}elseif (!preg_match('#^([a-z1-9_])+$#ui', $nick))
{
$text = "Ник может содержать только знаки латинского алфавита и цифры(кроме 0)";
$_SESSION['msg'] = $text;
header("Location: ../Link:ILinkListener-Registration;");
exit;
}else{
$mspass = encrypt($password);
mysql_query("INSERT INTO `ms_user` SET `userpass` = '".$password."', `sex` = '".$sex."', `life` = '".num(100)."', `timegeneration` = '".time()."', `attack` = '".num(10)."', `date_last` = '".$time."', `time` = '".($time+259200)."', `name` = '".$nick."', `pass` = '".$mspass."'");
$msid = mysql_insert_id();
$mslogin = 'id'.$msid;
mysql_query("UPDATE `ms_user` SET `login` = '".$mslogin."' WHERE `id` = '".$msid."' LIMIT 1");
mysql_query("INSERT INTO `ms_battle` SET `user` = '".num($msid)."', `level` = '".num(1)."'");
setcookie('id', $msid, time() + 60 * 60 * 24 * 365);
setcookie('pass', $mspass, time() + 60 * 60 * 24 * 365);
$text = "Регистрация прошла успешно!";
$_SESSION['msg'] = $text;
header("Location: ../");
exit;
}
}
echo '<br /><div class="content">
<img src="/img/pattern-left.png" width="48" height="18" alt="" />
<span>Регистрация</span>
<img src="/img/pattern-right.png" width="48" height="18" alt="" />
</div>
<form action="" class="mt4 center" id="id1" method="post">
<label>
Ник (Max: 15)<br/>
<input type="text" value="" name="nick" maxlength="16" minlength="2">
</label>
<br/>
<label>
Пол<br/>
<select name="sex">
<option selected="selected" value="m">Мужской</option>
<option value="f">Женский</option>
</select>
</label>
<br/>
<label>
Пароль<br/>
<input type="password" value="" name="password">
</label>
<br/>
<label>
Повтор пароля<br/>
<input type="password" value="" name="password2">
</label>
<br/>
<label>
Телефон <span class="minor">(не обязательно)</span> <br/>
<input type="text" value="" name="phone" maxlength="16" minlength="6">
</label>
<br/>
<label>
E-Mail <span class="minor">(не обязательно)</span> <br/>
<input type="text" value="" name="email" maxlength="32" minlength="4">
</label>
<input class="btni" type="submit" value="Зарегистрироваться">
</form>
<div class="btm">
<div class="btm1"><div class="clb-gold"><div class="crt-gold">
<a class="btnl center" href="../">В начало</a>
</div></div></div>
</div>
<div>
</div>';
?>