Skip to content

Instantly share code, notes, and snippets.

@netmatistic

netmatistic/register.php Secret

Last active March 22, 2017 11:35
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save netmatistic/d2116fcd303992220aa25290860103af to your computer and use it in GitHub Desktop.
Save netmatistic/d2116fcd303992220aa25290860103af to your computer and use it in GitHub Desktop.
Download ZIP
Raw
register.php
<?php
// 1 - $salt = '0x' . md5($login . $password);
// 2 - $salt = base64_encode(md5($login . $password, true));
define('ENCODE_TYPE', 1);
define('GOLD', true);
$gold_count = "10000";
$mysql_host = "127.0.0.1";
$mysql_username = "mysql";
$mysql_password = "mysql";
$mysql_database = "pw";
$recaptcha_key = "6LcDHRkUAAAAABhB-jxSs8uhY3DTKzNPU0U8ts3z";
$recaptcha_secret_key = "6LcDHRkUAAAAAPPhmKzp6ESxLRRULnX7SCh7MJ2O";
$validation_config = ['login' => ['preg_match' => '/[^0-9A-Za-z]/', 'min_length' => '3', 'max_length' => '32'],
'password' => ['preg_match' => '/[^0-9A-Za-z]/', 'min_length' => '3', 'max_length' => '32'],
'repeat_password' => ['preg_match' => '/[^0-9A-Za-z]/', 'min_length' => '3', 'max_length' => '32'],
'email' => ['min_length' => '3', 'max_length' => '32'],];
$view_success = false;
try {
$db = new PDO("mysql:host=$mysql_host;dbname=$mysql_database", $mysql_username, $mysql_password);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
echo $e->getMessage();
}
if (isset($_POST['register'])) {
$register = $_POST['register'];
foreach ($register as $key => $row) {
$row = trim($row);
if (empty($row)) {
$errors[$key] = "Поле обязательно к заполнению.";
continue;
}
if (strlen($row) < $validation_config[$key]['min_length']) {
$errors[$key] = "Длина поля должна быть минимум {$validation_config[$key]['min_length']} символов.";
continue;
}
if (strlen($row) > $validation_config[$key]['max_length']) {
$errors[$key] = "Длина поля должна быть максимум {$validation_config[$key]['max_length']} символов.";
continue;
}
if ($key != 'email' && preg_match($validation_config[$key]['preg_match'], $row)) {
$errors[$key] = "В поле содержатся недоступстимые символы.";
continue;
}
if ($key == 'email' && !filter_var($row, FILTER_VALIDATE_EMAIL)) {
$errors[$key] = "Неверный Email адрес.";
continue;
}
if ($key == 'login') {
$stmt = $db->prepare("SELECT 1 FROM users WHERE name=?");
$stmt->execute([$row]);
if ($stmt->fetchColumn()) {
$errors[$key] = "Логин уже используется.";
continue;
}
}
if ($key == 'email') {
$stmt = $db->prepare("SELECT 1 FROM users WHERE email=?");
$stmt->execute([$row]);
if ($stmt->fetchColumn()) {
$errors[$key] = "Email уже используется.";
continue;
}
}
}
if (sizeof($errors) == 0) {
$url = "https://www.google.com/recaptcha/api/siteverify?secret=$recaptcha_secret_key&response="
. (array_key_exists('g-recaptcha-response', $_POST) ? $_POST["g-recaptcha-response"] : '')
. '&remoteip=' . $_SERVER['REMOTE_ADDR'];
$response = json_decode(file_get_contents($url), true);
if ($response['success'] == true) {
$create = $db->prepare("call adduser(?, ?, '0','0', '0', '0', ?, '0', '0', '0', '0', '0', '0', '0', '0', ?, '0')");
$create->execute([$register['login'], password($register['login'], $register['password']), $register['email'], $_SERVER["REMOTE_ADDR"]]);
if (GOLD) {
$get_user_id = $db->prepare("SELECT ID FROM users WHERE name=?");
$get_user_id->execute([$register['login']]);
$user_id = $get_user_id->fetchColumn();
$create = $db->prepare("call usecash(?,1,0,1,0,?,1,@error)");
$create->execute([$user_id, $gold_count . '00']);
}
$view_success = true;
} else {
$recaptcha_error = "Повторите попытку.";
}
}
}
function password($login, $password)
{
switch (ENCODE_TYPE) {
case 1:
$salt = '0x' . md5($login . $password);
break;
case 2:
$salt = base64_encode(md5($login . $password, true));
break;
default:
$salt = '0x' . md5($login . $password);
break;
}
return $salt;
}
function get_value($input)
{
if (isset($_POST['register'][$input])) {
return $_POST['register'][$input];
} else {
return false;
}
}
function error($text)
{
if (isset($text)) {
return "<p class='text text-danger'>" . $text . "</p>";
} else {
return false;
}
}
?>
<!DOCTYPE html>
<html lang="ru">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<meta name="description" content="Регистрация">
<meta name="author" content="netmagic">
<title>Регистрация</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/css/bootstrap.min.css"
integrity="sha384-rwoIResjU2yc3z8GV/NPeZWAv56rSmLldC3R/AZzGRnGxQQKnKkoFVhFQhNUwEyJ" crossorigin="anonymous">
<script src='https://www.google.com/recaptcha/api.js'></script>
<style>
.box {
padding: 15px;
margin-top: 10px;
background-color: rgba(0, 0, 0, 0.05);
border: rgba(0, 0, 0, 0.1) 1px solid;
border-top: transparent 3px solid;
border-radius: 3px;
-moz-border-radius: 3px;
-webkit-border-radius: 3px;
}
.box .box-title {
margin-bottom: 20px;
border-bottom: rgba(0, 0, 0, 0.1) 1px solid;
text-align: center;
}
</style>
<body>
<div class="container-fluid">
<div class="col-md-4 offset-md-4">
<div class="box">
<div class="box-title">
<h3>Регистрация</h3>
</div>
<?php if (!$view_success): ?>
<form name="register[]" action="register.php" method="post" accept-charset="utf-8">
<div class="form-group">
<label>Логин</label>
<input name="register[login]" type="text" value="<?php echo get_value('login'); ?>"
class="form-control">
<small class="form-text text-muted">Логин аккаунта
от <?php echo $validation_config['login']['min_length']; ?>
до <?php echo $validation_config['login']['max_length']; ?> символов.
</small>
<?php echo error($errors['login']); ?>
</div>
<div class="form-group">
<label>Пароль</label>
<input name="register[password]" type="password" value="<?php echo get_value('password'); ?>"
class="form-control">
<?php echo error($errors['password']); ?>
</div>
<div class="form-group">
<label>Email</label>
<input name="register[email]" type="email" value="<?php echo get_value('email'); ?>"
class="form-control">
<small class="form-text text-muted">Email адресс используйется для восстановления пароля.
</small>
<?php echo error($errors['email']); ?>
</div>
<div class="form-group">
<div class="g-recaptcha" data-sitekey="<?php echo $recaptcha_key; ?>"></div>
<?php echo error($recaptcha_error); ?>
</div>
<button type="submit" class="btn btn-success">Создать аккаунт</button>
</form>
<?php else: ?>
<div class="alert alert-success" role="alert">
<p><strong>Регистрация</strong> успешно завершена!</p>
<p>Ваш логин: <?php echo get_value('login'); ?></p>
<p>Ваш пароль: <?php echo get_value('password'); ?></p>
</div>
<?php endif; ?>
</div>
</div>
</div>
</body>
</html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment