<center><h3>New account</h3></center>
<form name=signup method=post action=<?=$HTTP_SERVER_VARS['PHP_SELF']?>>
<table width=400>
<tr>
<td align=right>
Username:
</td>
<td>
<input type=text name=username maxlength=16>
</td>
</tr>
<tr>
<td align=right>
E-mail address:
</td>
<td>
<input type=text name=email maxlength=32>
</td>
</tr>
<tr>
<td align=right>
Password:
</td>
<td>
<input type=password name=password maxlength=16>
</td>
</tr>
<tr>
<td align=right>
Confirm password:
</td>
<td>
<input type=password name=password2 maxlength=16>
<input type=hidden name=referer_id value=<?=$referer_id?>>
</td>
</tr>
<tr>
<td align=right>
Newsletter:
</td>
<td>
<input type=checkbox name=newsletter>
</td>
</tr>
<tr>
<td>
</td>
<td>
<input type=submit value="Sign up!">
</td>
</table>
</form>
<?
}
else if ($password==$password2 && $email && $username && $password)
{
$email=strtolower($email);
$link = mysql_connect($dbhost, $dbuser, $dbpassword)
or die("Could not connect: " . mysql_error());
mysql_select_db($dbname);
$sSQL="select * from t_Users where s_Username=\"".stripjunk($username)."\" or s_Email=\"".stripjunk($email)."\"";
$results=mysql_query($sSQL);
if(mysql_num_rows($results)>0)
{
echo "$signup_error";
}
else
{
$randnum=rand(0,32768);
$sSQL="select * from t_Users";
$results=mysql_query($sSQL);
if(mysql_num_rows($results)==0){$b_Admin=1;$n_Credits=100000000;}
else {$b_Admin=0;$n_Credits=0;}
if($newsletter=="on")$b_Newsletter=1;
else $b_Newsletter=0;
if(!$referer_id)$referer_id=1;
// Referral Fraud Prevention Methods
// a) Ip Method
$q = "select logged_ip from t_Users where n_ID='$referer_id'";
$v = mysql_query($q);
$vrow = mysql_fetch_array($v);
$referer_ip = $vrow[0];
$present_ip = $_SERVER['REMOTE_ADDR'];
// b) Cookie Method
$cookie_referral_id = $_COOKIE['user_referral'];
// Check for Fraud Prevention in the following IF statement....
if (($referer_ip == $present_ip) OR ($cookie_referral_id == $referer_id))
{
// This shows the user trying to signup duplicate accounts to increase his referrals..
if ($referral_test == 1){
include "refer.php";
}else{
echo "$referal_error";
}
}
else
{
$sSQL="insert into t_Users(n_RefererID, b_Admin, s_Username, s_Password, n_Credits, s_Email, n_Views, n_Clicks, n_Rand, b_Activated, b_Newsletter,logged_ip) values(".stripjunk($referer_id).", ".stripjunk($b_Admin).", \"".stripjunk($username)."\", \"".stripjunk($password)."\", ".stripjunk($join_credits).", \"".stripjunk($email)."\", 0, 0, ".stripjunk($randnum).", 0, ".stripjunk($b_Newsletter).",\"".stripjunk($present_ip)."\")";
mysql_query($sSQL) or die("Error: ".mysql_error());
$sSQL="select n_ID from t_Users where s_Username=\"".stripjunk($username)."\"";
$results=mysql_query($sSQL);
list($NID)=mysql_fetch_row($results);
// $sSQL="update t_Users set n_RefererID=n_RefererID+".stripjunk($referral_credits)." where n_ID=".stripjunk($NID);
// mysql_query($sSQL);
$welcomeemailbody=str_replace("_username_", $username, $welcomeemailbody);
$welcomeemailbody=str_replace("_password_", $password, $welcomeemailbody);
$welcomeemailbody=str_replace("_id_", $NID, $welcomeemailbody);
$welcomeemailbody=str_replace("_rand_", $randnum, $welcomeemailbody);
mail("$email", "$welcomeemailsubject", "$welcomeemailbody", "From: $namefrom <$adminemail>\n\r");
echo "Signup complete - a welcome email containing your login details has been sent to <b>".stripjunk($email)."</b>, please click the link in the email to activate your account.";
}
}
mysql_close();
}
else
{
if($username=="")
echo "$no_username";
elseif($password=="")
echo "$no_password";
elseif($email=="")
echo "$no_email";
elseif($password!=$password2)
echo "$passwords_nomatch";
}
?>