Файл: modules/register/ajax.php
Строк: 57
<?
if($CONFIG['uid']!=0) die('Access denied.');
if(!$_POST['email'] || !$_POST['name'] || !$_POST['lastname'] || !$_POST['password'] || !$_POST['password2'] || !$_POST['login'] || !$_POST['seckey']){
$errors[] = 'fillin';
} else {
if($_POST['password']!=$_POST['password2']){
$errors[] = 'password';
$errors[] = 'password2';
}
if(filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)){
$email = mysql_real_escape_string($_POST['email']);
} else {
$errors[] = 'email1';
}
$q = mysql_query("SELECT * FROM users WHERE email = '$email';");
if(mysql_num_rows($q)!=0){
$errors[] = 'email2';
}
$login = mysql_real_escape_string($_POST['login']);
$q = mysql_query("SELECT * FROM users WHERE login = '$login';");
if(mysql_num_rows($q)!=0){
$errors[] = 'login';
}
if(!preg_match("#^[a-zA-Z][a-zA-Z0-9][a-zA-Z0-9_@!]*$#",$_POST['login'])){
$errors[] = 'login';
}
if(strlen($_POST['login'])>15 || strlen($_POST['login'])<5){
$errors[] = 'login2';
}
if(!preg_match("#^[Ёёа-яА-Яa-zA-Z]*$#u",$_POST['name'])){
$errors[] = 'name';
}
if(!preg_match("#^[Ёёа-яА-Яa-zA-Z]*$#u",$_POST['lastname'])){
$errors[] = 'lastname';
}
if(!captcha::check($_POST['seckey'])){
$errors[] = 'captcha';
}
$pass = mysql_real_escape_string(md5(md5($_POST['password'])));
$name = mysql_real_escape_string($_POST['name']);
$lastname = mysql_real_escape_string($_POST['lastname']);
$bday = mysql_real_escape_string($_POST['birth']['day']);
$bmonth = mysql_real_escape_string($_POST['birth']['month']);
$byear = mysql_real_escape_string($_POST['birth']['year']);
}
if(is_array($errors)){
echo Ajax::Responce($errors);
} else {
$referer = 0;
if($_SESSION['referal']) $referer = $_SESSION['referal'];
if($referer!=0) mysql_query("UPDATE `users` SET `balance` = balance+100 WHERE `id` = '$referer'"); //даём 100 баллов
mysql_query("INSERT INTO `users` (`id`, `email`, `password`, `name`, `lastname`, `login`, `bday`, `bmonth`, `byear`, `referer`) VALUES ('', '$email', '$pass', '$name', '$lastname', '$login', '$bday', '$bmonth', '$byear', '$referer');");
echo Ajax::Responce(array('ok'));
$Confirm = new Confirm();
$Confirm->SendMail($_POST['email'],$_POST['login'],$_POST['name']);
}