Просмотр файла registration/go.php

Размер файла: 3.27Kb
<?php
session_start();
include $_SERVER['DOCUMENT_ROOT'].'/includes/start.php';

$login=check($_POST['login']); $password=check($_POST['password']); $repassword=check($_POST['repassword']); $sex=check($_POST['sex']);

$imgrand=$_POST['imgrand'];

if($imgrand==""){

header ("Location: /registration/?empty_captcha"); exit;

}

if ($imgrand!=$_SESSION['rand']){

header ("Location: /registration/?error_captcha"); exit;

}


if(strlen($login)<3){

header ("Location: /registration/?login_small_error"); exit;

}

if(strlen($password)<6){

header ("Location: /registration/?password_small_error"); exit;

}

if(eregi("[^a-zA-Z0-9\_-]",$login)){

header ("Location: /registration/?login_er_error"); exit;

}
if(eregi("[^a-zA-Z0-9\_-]",$password)){

header ("Location: /registration/?password_er_error"); exit;

}
if(eregi("[^a-zA-Z0-9\_-]",$repassword)){

header ("Location: /registration/?repassword_er_error"); exit;

}

if(empty($login)){

header ("Location: /registration/?empty_login"); exit;

}
if(empty($password)){

header ("Location: /registration/?empty_password"); exit;

}
if(empty($repassword)){

header ("Location: /registration/?empty_repassword"); exit;

}
if($password!==$repassword){

header ("Location: /registration/?error_passwords"); exit;

}

$ip=$_SERVER['REMOTE_ADDR'];

$floodstime=3600;

function CheckIP(){

global $floodstime;

$flag= false;	

$fs= filesize('../data/flood.dat');

$f= fopen('../data/flood.dat', 'r');

flock($f, LOCK_SH);

$arr= @unserialize(fread($f, $fs));

flock($f, LOCK_UN);

fclose($f);

$IP= $_SERVER['REMOTE_ADDR'];

$t= time();

if (isset($arr)){

foreach ($arr as $k=>$v)

if ($v<$t) unset($arr[$k]);

}else $arr= array ();

if(!isset($arr[$IP])){

$arr[$IP]= $t + $floodstime;	

$flag= false;

}else{

$arr[$IP]= $t + $floodstime;	

$flag= true;

}


$f= fopen('../data/flood.dat', 'a+');	

flock($f, LOCK_EX);

ftruncate($f, 0);

@fwrite($f, serialize($arr));

fflush($f);

flock($f, LOCK_UN);

fclose($f);

return $flag;

}

if(CheckIP()){

header ("Location: /registration/?flood"); exit;

}

$users['db'] = mysql_fetch_array(mysql_query("SELECT * FROM users WHERE login='$login'"));
if($users['db']!=''){

header ("Location: /registration/?error_login"); exit;

}

$users = mysql_result(mysql_query("SELECT count(*) FROM `users`"), 0);
$id = mysql_insert_id();
$user_agent = $_SERVER['HTTP_USER_AGENT'];
$ip = $_SERVER['REMOTE_ADDR'];

$mtime=time();
mysql_query("INSERT INTO `users`(`id`,`login`,`password`,`sex`,`status`,`ip`,`user_agent`,`room`,`rtime`,`clogin`,`ctext`,`avatar`,`posts`,`points`,`credits`,`rating`,`name`,`surename`,`country`,`city`,`birthday`,`dreg`,`about`,`clan`,`love`,`op`)
VALUES ('$id','$login','$password','$sex','1','$ip','$user_agent','1','$mtime','1','1','0','0','0','0','0','','','','','','','','','','0')");
$text = '<font color=#000080>В чате появился новенький!</font> <font color=#FF0000>Встречаем <font color="black"><u>'.$login.'</u></font> !!!</font>';
mysql_query( "Insert into msg set id=0, rm='1', from_id='1', for_id='', text='".$text."', type='welMSG', time='".date("H:i:s")."'" );
$_SESSION['rand']='';
header ("Location: /?go=index&amp;reg_ok"); exit;

?>