Просмотр файла katrinka.ru/user_new.php

Размер файла: 6.75Kb
<?php
#  exit;
  include 'config.php';
  include 'guestbook/mylib.php';
  session_start();
  if (isset($_SESSION['id'])) { header("Location: /"); exit; }
  header("Content-type: text/vnd.wap.wml");

  $login=substr(htmlspecialchars(trim($_POST['login']),ENT_QUOTES), 0, 20);
  $email=substr(strtolower(htmlspecialchars(trim($_POST['email']),ENT_QUOTES)), 0, 30);
  $icq=substr(htmlspecialchars(trim($_POST['icq']),ENT_QUOTES), 0, 10);
  $name=rmvbadch(substr(htmlspecialchars(trim($_POST['name']),ENT_QUOTES), 0, 60));
  $day=$_POST['day'];
  $month=$_POST['month'];
  $year=$_POST['year'];
  $operator=rmvbadch(substr(htmlspecialchars(trim($_POST['operator']),ENT_QUOTES), 0, 40));
  $fr=rmvbadch(substr(htmlspecialchars(trim($_POST['fr']),ENT_QUOTES), 0, 100));
  $website=rmvbadch(substr(htmlspecialchars(trim($_POST['website']),ENT_QUOTES), 0, 50));
  $wap=rmvbadch(substr(htmlspecialchars(trim($_POST['wap']),ENT_QUOTES), 0, 50));
  $phonenum=rmvbadch(substr(htmlspecialchars(trim($_POST['phonenum']),ENT_QUOTES), 0, 25));
  $phonemodel=rmvbadch(substr(htmlspecialchars(trim($_POST['phonemodel']),ENT_QUOTES), 0, 40));
  $info=rmvbadch(substr(htmlspecialchars(trim($_POST['info']),ENT_QUOTES), 0, 600));
  $job=rmvbadch(substr(htmlspecialchars(trim($_POST['job']),ENT_QUOTES), 0, 100));
  $agent=$_SERVER['HTTP_USER_AGENT'];
  $addr=$_SERVER['REMOTE_ADDR'];
  if ($agent=='Nokia7250/1.0 (3.12) Profile/MIDP-1.0 Configuration/CLDC-1.0') exit;
  if ($agent=='Nokia7250/1.0 (3.62) Profile/MIDP-1.0 Configuration/CLDC-1.0') exit;
  if ($agent=='Nokia7210/1.0 (4.18) Profile/MIDP-1.0 Configuration/CLDC-1.0') exit;
  if ($agent=='Nokia7210/1.0 (3.09) Profile/MIDP-1.0 Configuration/CLDC-1.0') exit;
  if ($agent=='Nokia6100/1.0 (05.16) Profile/MIDP-1.0 Configuration/CLDC-1.0') exit;
  if ($agent=='SonyEricssonT68/R201A') exit;
#  $lang=$_POST['lang'];
  if ($year < 1940) $year=1940; if ($year > 2000) $year=2000;
  $bdate=sprintf("%s-%s-%s", $year,$month,$day);
  if ($icq=='') $icq=0;
  $login=iconv("UTF-8","KOI8-R", $login);
  if (strlen($login)>10) $login='';
	else $login=iconv("KOI8-R","UTF-8", $login);

if (($login=='')||($name=='')||($operator=='')||($fr=='')||($phonemodel=='')||($email=='')) {
	wmlhd();
	print "<p align=\"center\">Sorry, you MUST complete ALL REQUIRED fields</p>\n";
	print "</card>\n</wml>";
	exit;
}

if (($day==1)&&($month==1)&&($year==1960)) {
	wmlhd();
	print "<p align=\"center\">Sorry, you MUST complete ALL REQUIRED fields</p>\n";
	print "</card>\n</wml>";
	exit;
}

if (!test_chars($login)) {
	wmlhd();
	print "<p align=\"center\">Invalid chars in login...</p>\n";
	print "</card>\n</wml>";
	exit;
}

if ($email!='') {
	$chemail = explode('@',$email);
	$mailhost = $chemail[1];
	$mailhost=$mailhost.".";
	if (getmxrr($mailhost, $mxhosts) == FALSE && gethostbyname($mailhost) == $mailhost) {
		wmlhd();
		print "<p align=\"center\">".$mailhost." is not a valid e-mail host.</p>\n";
		print "</card>\n</wml>";
		exit;
	}
	if ($chemail[1]=='katrinka.ru') {
		wmlhd();
		print "<p align=\"center\">Email at katrinka.ru ? :D</p>\n";
		print "</card>\n</wml>";
		exit;
	}
}

if (!($conn=pg_connect("host=$dbhost port=$dbport dbname=$dbname user=$dbuser password=$dbpass"))) {
	wmlhd();
	print "<p align=\"center\">Error connecting to database</p>\n";
	print "</card>\n</wml>";
	exit;
}

$res=pg_query($conn,"select id from users where login='$login';");
if (pg_numrows($res)) {
	wmlhd();
	print "<p align=\"center\">Sorry, user ".uconv($login)." already exists</p>\n";
	print "</card>\n</wml>";
	pg_close($conn);
	exit;
}

	$res=pg_query($conn,"select id from users where email='$email';");
	if (pg_numrows($res)) {
		wmlhd();
		print "<p align=\"center\">Sorry, user with email ".uconv($email)." already exists</p>\n";
		print "</card>\n</wml>";
		pg_close($conn);
		exit;
	}

	$pass=rand(10000,99999);


$ntime=time();
pg_query($conn,"begin;");
$res=pg_query($conn,"insert into users (login,passwd,email,name,bday,operator,fr,phonenum,web,info,dreg,phonemod,icq,wap,lastact,job) values ('$login','$pass','$email','$name','$bdate','$operator','$fr','$phonenum','$website','$info','now','$phonemodel','$icq','$wap','$ntime','$job');");
pg_query($conn,"update site_var set v_num=v_num+1 where id=2;");
pg_query($conn,"end;");

mail($email,"Registration at wap.katrinka.ru","Thank you for registering at wap.katrinka.ru!\nYour password is: ".$pass."\nYou can change it in your profile.","From: [email protected]");

if (!$res) {
	wmlhd();
	print "<p align=\"center\">Error adding user</p>\n";
	print "</card>\n</wml>";
	pg_close($conn);
	exit;
}
?>
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.2//EN" "http://www.wapforum.org/DTD/wml_1.2.dtd">
<wml>
<?php if ($lang=='eng') { ?>
<card id="RegOk" title="Thanks!" ontimer="http://wap.katrinka.ru/index.php?lang=eng">
<timer value="200"/>
<p>Thank you for registering! We are taking you back to main page...<br/>
Your password is mailed to you!</p>
</card>
</wml> 
<?php } else { ?>
<card id="RegOk" title="&#x0421;&#x043F;&#x0430;&#x0441;&#x0438;&#x0431;&#x043E;!" ontimer="http://wap.katrinka.ru/index.php">
<timer value="200"/>
<p>&#x0421;&#x043F;&#x0430;&#x0441;&#x0438;&#x0431;&#x043E; &#x0437;&#x0430; &#x0440;&#x0435;&#x0433;&#x0438;&#x0441;&#x0442;&#x0440;&#x0430;&#x0446;&#x0438;&#x044E;! &#x041C;&#x044B; &#x0432;&#x043E;&#x0437;&#x0432;&#x0440;&#x0430;&#x0449;&#x0430;&#x0435;&#x043C; &#x0412;&#x0430;&#x0441; &#x043D;&#x0430; &#x0433;&#x043B;&#x0430;&#x0432;&#x043D;&#x0443;&#x044E;...<br/>
&#x0412;&#x0430;&#x0448; &#x043F;&#x0430;&#x0440;&#x043E;&#x043B;&#x044C; &#x043E;&#x0442;&#x043F;&#x0440;&#x0430;&#x0432;&#x043B;&#x0435;&#x043D; &#x043D;&#x0430; &#x0412;&#x0430;&#x0448; e-mail &#x0430;&#x0434;&#x0440;&#x0435;&#x0441;, &#x0443;&#x043A;&#x0430;&#x0437;&#x0430;&#x043D;&#x043D;&#x044B;&#x0439; &#x043F;&#x0440;&#x0438; &#x0440;&#x0435;&#x0433;&#x0438;&#x0441;&#x0442;&#x0440;&#x0430;&#x0446;&#x0438;&#x0438;.
</p>
</card>
</wml> 
<?php }
#pg_query($conn,"SET CLIENT_ENCODING TO 'KOI8';");
#$res=pg_query($conn,"select login,passwd,email,name,operator,fr,phonenum,web,info,phonemod from users where id=(select max(id) from users);");

#$login=pg_result($res,0,0);
#$pass=pg_result($res,0,1);
#$email=pg_result($res,0,2);
#$name=pg_result($res,0,3);
#$operator=pg_result($res,0,4);
#$fr=pg_result($res,0,5);
#$phonenum=pg_result($res,0,6);
#$website=pg_result($res,0,7);
#$info=pg_result($res,0,8);
#$phonemodel=pg_result($res,0,9);

pg_close($conn);
#mail("[email protected], [email protected]", "оПЧЩК РПМШЪПЧБФЕМШ WAP УБКФБ", "Login: $login\nPassword: $pass\nName: $name\nдБФБ ТПЦДЕОЙС: $day.$month.$year\nOperator: $operator\nFrom: $fr\nWebsite: $website\nPhone number: $phonenum\nPhone model: $phonemodel\nInfo: $info\nE-mail: $email\nHost: ".gethostbyaddr($addr)." [$addr]\nAgent: $agent\n","From: WAP УБКФ <[email protected]>\nContent-Type: text/plain; charset=KOI8-r");
?>