-
Notifications
You must be signed in to change notification settings - Fork 3
/
reg.php
132 lines (119 loc) · 3.62 KB
/
reg.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
<?php
require("header.html");
require("./functions.php");
$allow_to_reg = true;
session_start();
if(isset($_SESSION['preTime']))
{
if(time()-$_SESSION['preTime'] <mt_rand(4,6))
{
echo "访问太频繁,请至少5秒后再试试!";
exit;
}
}
$_SESSION['preTime'] = time();
$ip = get_user_ip();
if($allow_to_reg && isset($_POST['reg']) )
{
$name =safePost('name');
$pass1 =safePost('pass1');
$pass2 =safePost('pass2');
$code =safePost('code');
$email =safePost('email');
$schoolnumber = safePost('schoolnumber');
if ($schoolnumber=='') {
echo "学号!";
exit;
}
if($pass1 != $pass2)
echo "两次输入密码不一致!";
else if($pass1 =='')
echo "空密码是什么心态!";
else
{
DB::query("SELECT * FROM invite_code WHERE code=%s AND valid=1",$code);
$counter = DB::count();
if($counter == 0)
{
echo "邀请码无效,请重试!";
exit;
}
$dbc =newDbc();
$query = "SELECT count(*) FROM user where name ='".$name."'";
$result = mysqli_query($dbc,$query);
$row = mysqli_fetch_row($result);
$count = $row[0];
if($count >0 )
{
echo "用户已存在";
exit;
}
/*
//外网不适用,由于可能出现多个用户共用一个出口ip
$query = "SELECT count(*) FROM user where ip ='".$ip."'";
$result = mysqli_query($dbc,$query);
$row = mysqli_fetch_row($result);
$count = $row[0];
if($count >0 )
{
echo $ip."已经注册过账户! ";
exit;
}
*/
$query = "select count(*) from user";
$result =mysqli_query($dbc,$query);
$row =mysqli_fetch_row($result);
$number = $row[0];
if($number == 0)
$query = "INSERT INTO user (name,nickname,number,password,ip,email,coin,checkdays,admin,addInfo) values ('".$name."','".$name."','".$schoolnumber."','".sha1($pass1)."','".$ip."','".$email."','100','0','1','1')";
else
$query = "INSERT INTO user (name,nickname,number,password,ip,email,coin,checkdays) values ('".$name."','".$name."','".$schoolnumber."','".sha1($pass1)."','".$ip."','".$email."','100','0')";
$sub = mysqli_query($dbc,$query);
DB::update("invite_code",array(
'valid'=>0,
'user'=>$name,
'time'=>time()
),"code=%s",$code);
if($sub)
{
addMessage("grace","新用户 ".$name." ".$schoolnumber." ".$ip." ".$email);
echo "ok!";
echo"
<a href='/'>马上登录看看</a>
";
}
else
echo "failed!";
}
exit;
}
else
?>
<div class="container">
<br />
<div class="span4 well">
<h3> <a href="http://sysucs.org">SYSUCS</a> 注册</h3>
<?php
if(!$allow_to_reg)
echo "<div class='alert'>已关闭,有需要请联系管理员 [email protected] </div>";
?>
<form method="post">
<input name="reg" value="1" type="hidden" />
<p>用户名</p>
<div class='alert alert-info'>请使用有意义的用户名 </div>
<input id="name" name="name" type="text" />
<p>Email</p>
<input name="email" type="email" />
<p>学号</p>
<input name="schoolnumber" type="text" />
<p>密码</p>
<input id="pass1" name="pass1" type="password" />
<p>确认密码</p>
<input id="pass2" name="pass2" type="password" />
<p>邀请码</p>
<input name="code" type="text" value='<?php echo safeGet('code')?>'/>
<br />
<input type="submit" value="submit" class="btn btn-primary" /'>
<br />
</form>
</div>