run_hook('register_begin'); $session->page_begin('Register', FALSE); if($session->userdata['uid']!=0){ header('Location:https://'.$config['domain'].'/'.$config['path'].'usercp.php'); } if($config['registring']==0){ $core->message('Accouterstellung abgeschaltet','Zur Zeit wurde die Accounterstellung deaktiviert.',TRUE,$config['path'].'/index.php',5); } if (isset($_COOKIE[$config["cookiename"] . "_rid"])){ $result = $db->query("SELECT `id` FROM `" . $config['prefix'] . "banned_ips` WHERE `ip` = '".$db->escape($session->ip)."'"); if ($db->num_rows ($result) <= 0){ $db->query("INSERT INTO `" . $config['prefix'] . "banned_ips` (`ip`,`date`,`reason`) VALUES ('".$session->ip."','".time()."','Autoban - Matched Cookie')"); } $core->message('Gebannt','Es scheint als wäre deine IP aktulle von der Accounterstellung ausgeschlossen.
Wenn du denkst dies sei ein Fehler bitte sende uns eine E-Mail.',TRUE,$config['path'].'/index.php',5); } $result = $db->query("SELECT `id` FROM `" . $config['prefix'] . "banned_ips` WHERE `ip` = '".$db->escape($session->ip)."'"); if ($db->num_rows ($result) > 0){ $row=$db->fetch_object($result); $id=$row->id; $session->setcookie($config['cookiename'] . '_rid', $id , time() + 60 * 60 * 24 * 365, $config['path'],$config['domain']); $core->message('Gebannt','Es scheint als wäre deine IP aktulle von der Accounterstellung ausgeschlossen.
Wenn du denkst dies sei ein Fehler bitte sende uns eine E-Mail.',TRUE,$config['path'].'/index.php',5); } /*if($_GET['activate']!=""){ if($_GET['regstring']!=""){ $riresult = $db->query("SELECT r.`id` FROM `" . $config['prefix'] . "register` r WHERE r.`regstring` = '".$db->escape($_GET['regstring'])."' AND r.`ip` = '".$db->escape($_SERVER['REMOTE_ADDR'])."'") or die ($db->error()); if ($db->num_rows ($riresult) <= 0){ //$db->query("DELETE FROM `" . $config['prefix'] . "register` WHERE `regstring` = '".$db->escape($_GET['regstring'])."' OR `ip` = '".$db->escape($_SERVER['REMOTE_ADDR'])."'"); $core->message('Sorry','The request you have made is invalid.',TRUE,$config['path'].'/index.php',5); } }else{ $db->query("DELETE FROM `" . $config['prefix'] . "register` WHERE `ip` = '".$db->escape($_SERVER['REMOTE_ADDR'])."'"); $core->message('Sorry','The request you have made is invalid.',TRUE,$config['path'].'/index.php',5); } }*/ if(isset($_POST['submit']) && $_POST['openid']!='' && isset($_POST['openid'])){ $username=$session->sanitize_username($_POST['username']); $vusername=$session->verify_username($username); if($vusername!==TRUE){ $emsg.=''.$vusername.'
'; } if($config['captcha']!=0){ if(!$captcha->validate($_POST)){ $emsg.='Das Captcha is ungültig!
'; } } if(!preg_match('/^(?!(?:(?:\x22?\x5C[\x00-\x7E]\x22?)|(?:\x22?[^\x5C\x22]\x22?)){255,})(?!(?:(?:\x22?\x5C[\x00-\x7E]\x22?)|(?:\x22?[^\x5C\x22]\x22?)){65,}@)(?:(?:[\x21\x23-\x27\x2A\x2B\x2D\x2F-\x39\x3D\x3F\x5E-\x7E]+)|(?:\x22(?:[\x01-\x08\x0B\x0C\x0E-\x1F\x21\x23-\x5B\x5D-\x7F]|(?:\x5C[\x00-\x7F]))*\x22))(?:\.(?:(?:[\x21\x23-\x27\x2A\x2B\x2D\x2F-\x39\x3D\x3F\x5E-\x7E]+)|(?:\x22(?:[\x01-\x08\x0B\x0C\x0E-\x1F\x21\x23-\x5B\x5D-\x7F]|(?:\x5C[\x00-\x7F]))*\x22)))*@(?:(?:(?!.*[^.]{64,})(?:(?:(?:xn--)?[a-z0-9]+(?:-[a-z0-9]+)*\.){1,126}){1,}(?:(?:[a-z][a-z0-9]*)|(?:(?:xn--)[a-z0-9]+))(?:-[a-z0-9]+)*)|(?:\[(?:(?:IPv6:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){7})|(?:(?!(?:.*[a-f0-9][:\]]){7,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?::(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?)))|(?:(?:IPv6:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){5}:)|(?:(?!(?:.*[a-f0-9]:){5,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3})?::(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3}:)?)))?(?:(?:25[0-5])|(?:2[0-4][0-9])|(?:1[0-9]{2})|(?:[1-9]?[0-9]))(?:\.(?:(?:25[0-5])|(?:2[0-4][0-9])|(?:1[0-9]{2})|(?:[1-9]?[0-9]))){3}))\]))$/iD',$_POST['email'])){ $emsg.='E-Mail ungültig!
'; } $result = $db->query("SELECT `uid` FROM `" . $config['prefix'] . "users` WHERE `username` LIKE '".$db->escape($username)."' LIMIT 1"); if ($db->num_rows ($result) > 0){ $emsg.='Dieser Nickname ist bereits vergeben!
'; } $result = $db->query("SELECT `uid` FROM `" . $config['prefix'] . "users` WHERE `email` LIKE '".$db->escape($_POST['email'])."' LIMIT 1"); if ($db->num_rows ($result) > 0){ $emsg.='Diese E-Mail ist bereits registriert!
'; } if(!$emsg){ // Secure Posted Data $active=0; $key=$session->generate_Key(50); $active=1; $result = $db->query("INSERT INTO `" . $config['prefix'] . "users` (`username`,`openid_identity`,`realname`,`loginkey`,`email`,`active`,`gender`,`from`,`since`,`birthday`) VALUES ('".$db->escape($username)."','".$db->escape($_POST['openid'])."','".$db->escape($_POST['realname'])."', '".$key."', '".$db->escape($_POST['email'])."', '".$active."','".$db->escape($_POST['gender'])."','".$db->escape($_POST['from'])."','".time()."','".strtotime($db->escape($_POST['birthday']))."')"); $uid=$db->last_id(); $sdata=array('uid'=>$uid,'username'=>$db->escape($username),'openid_identity'=>$db->escape($_POST['openid']),'email'=>$db->escape($_POST['email']),'realname'=>$db->escape($_POST['realname']),'gender'=>$db->escape($_POST['gender']),'from'=>$db->escape($_POST['from']),'birthday'=>strtotime($db->escape($_POST['birthday']))); $plugin->run_hook('register_openid_end',array('sdata'=>$sdata)); $cookiedata['uid'] = $uid; $cookiedata['loginkey'] = $key; $cookiedata = base64_encode($cookiedata['uid'] .'_'. $cookiedata['loginkey']); if(isset($_POST['remember']) && $_POST['remember']){ $session->setcookie($config['cookiename'] . '_base', $cookiedata, time() + 60 * 60 * 24 * 365, $config['path'],$config['domain']); }else{ $session->setcookie($config['cookiename'] . '_base', $cookiedata, 0, $config['path'],$config['domain']); } $db->query("DELETE FROM `" . $config['prefix'] . "sessions` WHERE `ip`='".$db->escape($_SERVER['REMOTE_ADDR'])."'"); $pdata=array('remember'=>$_POST['remember'],'uid'=>$data['uid'],'domain'=>$config['domain']); $plugin->run_hook('register_openid_login',array('pdata'=>$pdata)); $core->redirect_message('Logged in','You have been successfully logged-in and will be redirected shortly.',TRUE,$config['path'].'/index.php',3); }else{ $tpl->assign('emsg',$emsg); $tpl->assign('captcha',$captcha->getCaptcha()); $tpl->assign('openid',$config['use_openid']); $tpl->assign('identity',$_POST['openid']); $tpl->assign('data',$_POST); $content=$tpl->fetch('register.tpl'); $core->make_page($content); } } $emsg=false; If(isset($_POST['submit'])){ /*if($_GET['regstring']!=""){ $riresult = $db->query("SELECT r.`id` FROM `" . $config['prefix'] . "register` r WHERE r.`regstring` = '".$db->escape($_GET['regstring'])."' AND r.`ip` = '".$db->escape($_SERVER['REMOTE_ADDR'])."'") or die ($db->error()); if ($db->num_rows ($riresult) <= 0){ //$db->query("DELETE FROM `" . $config['prefix'] . "register` WHERE `regstring` = '".$db->escape($_GET['regstring'])."' OR `ip` = '".$db->escape($_SERVER['REMOTE_ADDR'])."'"); $core->message('Sorry','The request you have made is invalid.',TRUE,$config['path'].'/index.php',5); } }else{ $db->query("DELETE FROM `" . $config['prefix'] . "register` WHERE `ip` = '".$db->escape($_SERVER['REMOTE_ADDR'])."'"); $core->message('Sorry','The request you have made is invalid.',TRUE,$config['path'].'/index.php',5); }*/ $username=$session->sanitize_username($_POST['username']); $vusername=$session->verify_username($username); if($vusername!==TRUE){ $emsg.=''.$vusername.'
'; } if(!isset($_POST['agreed']) || $_POST['agreed']==''){ $emsg.='Du musst den Nutzungsbedingungen zustimmen!
'; } if(!isset($_POST['birthday']) || $_POST['birthday']==''){ $emsg.='Du musst dein Geburtsdatum angeben!
'; }else{ $birthday = strtotime($_POST['birthday']); // check // 31536000 is the number of seconds in a 365 days year. if(time() - $birthday < 16 * 31536000) { $emsg.='Du musst leider mindestens 16 Jahre alt sein.
'; } } if(!isset($_POST['password']) || $_POST['password']==''){ $emsg.='Du musst ein Passwort vergeben!
'; }elseif($_POST['password']!=$_POST['cpassword']){ $emsg.='Deine Passwörter stimmen nicht überein!
'; }elseif(strlen($_POST['password'])<6){ $emsg.='Dein Passwort ist zu kurz, es muss mindestens 6 Zeichen lang sein.
'; } if($config['captcha']!=0){ if(!$captcha->validate($_POST)){ $emsg.='Das Captcha is ungültig!
'; } } if(!preg_match('/^(?!(?:(?:\x22?\x5C[\x00-\x7E]\x22?)|(?:\x22?[^\x5C\x22]\x22?)){255,})(?!(?:(?:\x22?\x5C[\x00-\x7E]\x22?)|(?:\x22?[^\x5C\x22]\x22?)){65,}@)(?:(?:[\x21\x23-\x27\x2A\x2B\x2D\x2F-\x39\x3D\x3F\x5E-\x7E]+)|(?:\x22(?:[\x01-\x08\x0B\x0C\x0E-\x1F\x21\x23-\x5B\x5D-\x7F]|(?:\x5C[\x00-\x7F]))*\x22))(?:\.(?:(?:[\x21\x23-\x27\x2A\x2B\x2D\x2F-\x39\x3D\x3F\x5E-\x7E]+)|(?:\x22(?:[\x01-\x08\x0B\x0C\x0E-\x1F\x21\x23-\x5B\x5D-\x7F]|(?:\x5C[\x00-\x7F]))*\x22)))*@(?:(?:(?!.*[^.]{64,})(?:(?:(?:xn--)?[a-z0-9]+(?:-[a-z0-9]+)*\.){1,126}){1,}(?:(?:[a-z][a-z0-9]*)|(?:(?:xn--)[a-z0-9]+))(?:-[a-z0-9]+)*)|(?:\[(?:(?:IPv6:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){7})|(?:(?!(?:.*[a-f0-9][:\]]){7,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?::(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?)))|(?:(?:IPv6:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){5}:)|(?:(?!(?:.*[a-f0-9]:){5,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3})?::(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3}:)?)))?(?:(?:25[0-5])|(?:2[0-4][0-9])|(?:1[0-9]{2})|(?:[1-9]?[0-9]))(?:\.(?:(?:25[0-5])|(?:2[0-4][0-9])|(?:1[0-9]{2})|(?:[1-9]?[0-9]))){3}))\]))$/iD',$_POST['email'])){ $emsg.='Invalid E-Mail!
'; } $result = $db->query("SELECT `uid` FROM `" . $config['prefix'] . "users` WHERE `username` LIKE '".$db->escape($username)."' LIMIT 1"); if ($db->num_rows ($result) > 0){ $emsg.='Dieser Nickname ist bereits vergeben!
'; } $result = $db->query("SELECT `uid` FROM `" . $config['prefix'] . "users` WHERE `email` LIKE '".$db->escape($_POST['email'])."' LIMIT 1"); if ($db->num_rows ($result) > 0){ $emsg.='Diese E-Mail ist bereits registriert!
'; } if(!$emsg){ // Secure Posted Data $salt = $session->generate_Key(6); $pass =hash('sha256',$db->escape($salt.$_POST['password'])); if($config['activation']=='mail'){ $key=$session->generate_Key(10); $mail=new mail(); $mail->set_header('From',$config['sitetitle'].' <'.$config['siteemail'].'>'); $tpl->assign('username',$username); $tpl->assign('sitename',$config['sitetitle']); $tpl->assign('url','https://'.$config['domain'].'/'.$config['path'].'register.php?activate='.urlencode($username).'&key='.$key); $mailbody=$tpl->fetch('register_mail.tpl'); $mail->bodytext($mailbody); $mail->sendmail($username.' <'.$_POST['email'].'>','Dein Account auf '.$config['sitetitle']); $active=0; }else{ $key=$session->generate_Key(50); $active=1; } $result = $db->query("INSERT INTO `" . $config['prefix'] . "users` (`username`,`realname`,`password`,`salt`,`loginkey`,`email`,`active`,`gender`,`from`,`since`,`birthday`) VALUES ('".$db->escape($username)."','".$db->escape($_POST['realname'])."','".$pass."','".$salt."','".$key."', '".$db->escape($_POST['email'])."', '".$active."','".$db->escape($_POST['gender'])."','".$db->escape($_POST['from'])."','".time()."','".strtotime($db->escape($_POST['birthday']))."')"); $uid=$db->last_id(); $sdata=array('uid'=>$uid,'username'=>$db->escape($username),'salt'=>$salt,'pwd_md5'=>hash('md5',$_POST['password']),'pwd_sha2'=>$pass,'email'=>$db->escape($_POST['email']),'realname'=>$db->escape($_POST['realname']),'gender'=>$db->escape($_POST['gender']),'from'=>$db->escape($_POST['from']),'birthday'=>strtotime($db->escape($_POST['birthday']))); $plugin->run_hook('register_end',array('sdata'=>$sdata)); $db->query("DELETE FROM `" . $config['prefix'] . "register` WHERE `regstring` = '".$db->escape($_GET['regstring'])."' OR `ip` = '".$db->escape($_SERVER['REMOTE_ADDR'])."'"); if($active==0){ $core->message('Erfolg','Dein Account wurde erstellt und wir haben Dir eine E-Mail gesendet.
Folge den Anweisungen in der E-Mail um deinen Account freizuschalten.',TRUE,$config['path'].'/index.php',3); }else{ $core->message('Erfolg','Dein Account wurde erstellt und du kannst dich nun einloggen.',TRUE,$config['path'].'/index.php',3); } } }elseif(isset($_GET['activate'])){ $result = $db->query("SELECT `uid` FROM `" . $config['prefix'] . "users` WHERE `username` LIKE '".$db->escape($_GET['activate'])."' AND `loginkey`='".$db->escape($_GET['key'])."' AND `active`=0 LIMIT 1"); if ($db->num_rows ($result) <= 0){ $core->message('Fehler','Dieser Account ist entweder bereits freigeschaltet oder irgendwas ist schiefgelaufen.',TRUE,$config['path'].'/index.php',3); }else{ $key=$session->generate_Key(50); $db->query("UPDATE `" . $config['prefix'] . "users` SET `loginkey`='".$key."',`active`=1 WHERE `username` LIKE '".$db->escape($_GET['activate'])."' AND `loginkey`='".$db->escape($_GET['key'])."' AND `active`=0 LIMIT 1"); $core->message('Danke','Dein Account wurde aktiviert! Du kannst dich nun einloggen.',TRUE,$config['path'].'/index.php',3); } } $meta=' '; $dcap = $captcha->getCaptcha(); $tpl->assign('path','//'.$config['domain'].'/'.$config['path']); $tpl->assign('emsg',$emsg); $tpl->assign('regstring',$_GET['regstring']); $tpl->assign('captcha',$dcap); $tpl->assign('sid',md5(uniqid(time()))); $tpl->assign('data',$_POST); $content=$tpl->fetch('register.tpl'); $core->make_page($content); ?>