= 4){
//email unique?
$sql = "SELECT * FROM ".$usertable." WHERE username='$username'";
$result = mysqli_query($db, $sql);
$count = mysqli_num_rows($result);
if($count>0){
$username_already_in_use = 104;
}
}else{
$username_too_short = 104;
}
//email format check
$email_raw = $_REQUEST['email'];
if(preg_match('/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@([a-z0-9-]{2,3})+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/i', $email_raw))
{
$email = $email_raw;
}else{
$bad_email = 104;
}
if($require_email_unique) {
$sql="SELECT * FROM ".$usertable." WHERE email='$email'";
$result=mysqli_query($db, $sql);
$count=mysqli_num_rows($result);
if($count>0){
$email_already_in_use=104;
}
}
//Secure Password Format Checks
$password = $_POST['password'];
if($require_secure_password) {
$pw_clean = strip_tags(substr($password,0,32));
if (preg_match("/[A-Z]+[a-z]+[0-9]/", $pw_clean, $matches)) {
}else{
$pw_insecure = 104;
}
} else {
$pw_clean = $password;
}
if($username_already_in_use==104 OR $email_already_in_use==104 OR $pw_insecure==104 OR $bad_email==104 OR $username_too_short==104){
header(
"location:user_add_errors.php?pw_insecure=$pw_insecure&email_already_in_use=$email_already_in_use&username_already_in_use=$username_already_in_use&bad_email=$bad_email&username_too_short=$username_too_short"
."&email=$email&password=$password");
die();
}
//End Error Checks_________________________________________________________
//Encrypt Password
$encrypted_pw = md5($pw_clean);
$sql = "INSERT INTO ".$usertable."
(domain_id, username, md5_pass, lastname, firstname, email, phone, password_hint)
select max(domain_id)+1 domain_id
, '".mysqli_real_escape_string($username)."' username
, '".mysqli_real_escape_string($encrypted_pw)."' md5_pass
, '".mysqli_real_escape_string($lastname)."' lastname
, '".mysqli_real_escape_string($firstname)."' firstname
, '".mysqli_real_escape_string($email)."' email
, '".mysqli_real_escape_string($phone)."' phone
, '".mysqli_real_escape_string($password_hint)."' password_hint from ".$usertable.";";
// save the info to the database
$results = mysqli_query( $sql );
// print out the results
if( $results ) {
//
// Automatic login after registration
//
$ip_date = $_SERVER['REMOTE_ADDR']."_".date('Y-m');
$uin = md5($username.$encrypted_pw.$ip_date);
setcookie("uin", $uin, 0, "/");
?>
Your changes have been made sucessfully.
Back to login";
*/
}
else
{
die( "Trouble saving information to the database: " . mysqli_error() );
}
//email unique?
$sql="SELECT * FROM ".$usertable."";
$result=mysqli_query($db, $sql);
$count=mysqli_num_rows($result);
if($count==1){
$sql = "UPDATE `users` SET `permissions`='5' WHERE `email`='$email'";
// save the info to the database
$results = mysqli_query( $sql );
// print out the results
if( $results )
{ echo( "
Since this is the first user in the database we have configured the account with administrative privileges. Subsequent changes to permission levels can be made in the database. Thank you.
" );
}
else
{
die( "Trouble saving information to the database: " . mysqli_error() );
}
}
?>