aboutsummaryrefslogtreecommitdiff
path: root/www/functions/func_register.php
diff options
context:
space:
mode:
Diffstat (limited to 'www/functions/func_register.php')
-rwxr-xr-xwww/functions/func_register.php61
1 files changed, 0 insertions, 61 deletions
diff --git a/www/functions/func_register.php b/www/functions/func_register.php
deleted file mode 100755
index da804d4..0000000
--- a/www/functions/func_register.php
+++ /dev/null
@@ -1,61 +0,0 @@
-<?php
-function register($db){
-
- $name = $_POST["name"];
- $cleartext_password = $_POST["pswd"];
- $second_password = $_POST["2ndpswd"];
- $email = $_POST["email"];
-
- /* checking for empty password etc. */
-
- if(($cleartext_password != $second_password) || !isset($_POST["pswd"]) || !isset($_POST["2ndpswd"]) || $cleartext_password == "" || empty($_POST["pswd"]) || empty($_POST["2ndpswd"])){
- return REGISTER_PASSWORD;
- }
-
- if(!empty($email)){
- if(!preg_match("/[^.+@.+]/", $email)){
- return REGISTER_EMAIL;
- }
- } else {
- $email = "";
- }
-
- $safe_name = SQLite3::escapeString(htmlentities($name));
- $safe_email = SQLite3::escapeString(htmlentities($email));
-
- /*Checks the validation of the registration attempt*/
-
- $doubleusername_db = $db->query("SELECT 1 FROM user WHERE name='" . $safe_name . "';");
- $doubleusername_ar = $doubleusername_db->fetchArray(SQLITE3_NUM);
-
- if($doubleusername_ar[0] == 1){
- return REGISTER_USERNAME;
- }
-
- /*Generates the encrypted password and the database transaction*/
-
- $pepper = file_get_contents("../database/pepper.txt");
- $password = $cleartext_password . $pepper;
-
- $hash_password = password_hash($password, PASSWORD_DEFAULT);
-
- if($db->exec("
- BEGIN TRANSACTION;
- INSERT INTO user (id, name, password, email, status, register) VALUES (NULL, '".$safe_name."', '".$hash_password."', '".$safe_email."', 1, (SELECT strftime('%s', 'now')));
- INSERT INTO log (id, user, login) VALUES (NULL, (SELECT id FROM user WHERE name='" . $safe_name. "'), (SELECT strftime('%s', 'now')));
- COMMIT;")
- ){
-
- $userid = user_id($db, $safe_name);
-
- $_SESSION["login"] = true;
- $_SESSION["username"] = $safe_name;
- $_SESSION["userid"] = $userid;
-
- return REGISTER_SUCCESSFULL;
-
- } else {
- return REGISTER_DATABASE;
- }
-
-}