2 files changed, 21 insertions, 14 deletions

diff --git a/www/functions/func_register.php b/www/functions/func_register.php
index b848866..cc2b8a3 100755
--- a/www/functions/func_register.php
+++ b/www/functions/func_register.php
@@ -46,6 +46,12 @@ function register($db){
 		return REGISTER_USERNAME;
 	}
 
+	# check for key words
+	if($name == "login" || $name == "logout" || $name == "register" || $name == "invite" || $name == "user" || $name == "download" || $name == "password_recover" || $name == "banned" || $name == "httperror" || $name == "robots.txt" || $name == "favicon.ico" || $name == "static"){
+		return REGISTER_USERNAME;
+	}
+	
+
         $id_db = $db->query("SELECT id FROM user WHERE email='" . $safe_email . "';");
         $id_ar = $id_db->fetchArray(SQLITE3_NUM);
         $id = $id_ar[0];
diff --git a/www/functions/func_upload.php b/www/functions/func_upload.php
index f4f9b82..6f39ad3 100755
--- a/www/functions/func_upload.php
+++ b/www/functions/func_upload.php
@@ -175,18 +175,19 @@ function upload($path){
 
 //not used atm
 
-//function web_upload($db){
-//	$url = $_POST["url"]; 
+function web_upload($db){
+	$url = $_POST["url"]; 
 //	if(!preg_match("/^((https?|ftp)?://|www\.|ftp\.)?([-a-z0-9+&@#/%?=~_|!:,.;]+\.)+[a-z]{2}[a-z]*/i", $url)){
-//		echo "no hyperlink";
-//		return false;
-//	}
-//	if(!preg_match("/^[a-zA-Z]+://", $url){
-//		$url = "http://".$url;
-//	}
-//	$file = file_get_contents($url);
-//	if(!$file){
-//		echo "Couldn't download ".$url;
-//		return false;
-//	}
-//}
+	if(!preg_match("/^((https?|ftp)://|www\.|ftp\.)([-a-z0-9+&@#/%?=~_|!:,.;]+\.)+[a-z]{2}[a-z]*/i", $url)){
+		echo "no hyperlink";
+		return false;
+	}
+	if(!preg_match("/^[a-zA-Z]+://", $url){
+		$url = "http://".$url;
+	}
+	$file = file_get_contents($url);
+	if(!$file){
+		echo "Couldn't download ".$url;
+		return false;
+	}
+}