From 305e2b7c55ffd24a156f5788388e6d4ed2daea14 Mon Sep 17 00:00:00 2001
From: root
Date: Mon, 17 Feb 2014 18:41:58 +0100
Subject: handles most of the database stuff
---
www/register.php | 79 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 79 insertions(+)
create mode 100644 www/register.php
(limited to 'www/register.php')
diff --git a/www/register.php b/www/register.php
new file mode 100644
index 0000000..53fb35c
--- /dev/null
+++ b/www/register.php
@@ -0,0 +1,79 @@
+query("SELECT status FROM user WHERE email='$safe_email';");
+ $test_status_arr = $test_status_db->fetchArray(SQLITE3_NUM);
+ $test_status_int = $test_status_arr[0];
+
+ $test_key_db = $db->query("SELECT key FROM user WHERE email='$safe_email';");
+ $test_key_arr = $test_key_db->fetchArray(SQLITE3_NUM);
+ $test_key = $test_key_arr[0];
+
+ if ($test_status_int != 0 || $email == "" || $test_key != $_POST["key"] || $test_key == ""){
+ header("Refresh: 0; /register?reason=prohibited");
+ exit;
+ } else {
+
+
+/*Generates the encrypted password and the database transactions*/
+
+ $salt = uniqid(mt_rand(), true);
+ $password = "$salt"."$cleartext_password";
+ $hash_password = md5($password);
+ for($i=0;$i<15000;$i++)
+ $hash_password = md5($hash_password);
+
+ if($db->exec("UPDATE user SET name='$safe_name', salt='$salt', password='$hash_password', status=1, invites=5 WHERE email='$safe_email';") && $db->exec("CREATE TABLE $safe_name (id INTEGER PRIMARY KEY, folder INTEGER, name TEXT, typ TEXT, public TEXT);") && $db->exec("INSERT INTO $safe_name (id, folder, name, typ, public) VALUES (NULL, 0, '/', 'FOLDER', 'HIDDEN');")
+ ){
+ $_SESSION["login"] = true;
+ $_SESSION["username"] = $name;
+ header("Refresh: 0; /?reason=registration");
+ } else {
+ header("Refresh: 0; /register?reason=database");
+ }
+ }
+} else {
+ foreach ($_GET as $name => $value) {
+ echo 'Name: ' . $name . ' Value: ' . $value . '
';
+ }
+
+echo "
+";
+}
--
cgit v1.2.3