· 5 years ago · Jul 01, 2020, 01:52 PM
1<?php
2include("bl_Common.php");
3$link = dbConnect();
4
5$name = safe($_POST['name']);
6$nick = safe($_POST['nick']);
7$password = safe($_POST['password']);
8$kills = safe($_POST['kills']);
9$deaths = safe($_POST['deaths']);
10$score = safe($_POST['score']);
11$coins = safe($_POST['coins']);
12$email = $_POST['email'];
13$mIP = $_POST['uIP'];
14$hash = safe($_POST['hash']);
15$multiemail = safe($_POST['multiemail']);
16$emailVerification = safe($_POST['emailVerification']);
17
18if (isset($email)) {
19$email = stripslashes($email);
20$email = mysqli_real_escape_string($link, $email);
21}
22$name = stripslashes($name);
23$name = mysqli_real_escape_string($link, $name);
24$nick = stripslashes($nick);
25$nick = mysqli_real_escape_string($link, $nick);
26$password = stripslashes($password);
27$password = mysqli_real_escape_string($link, $password);
28$mIP = stripslashes($mIP);
29$mIP = mysqli_real_escape_string($link, $mIP);
30$coins = stripslashes($coins);
31$coins = mysqli_real_escape_string($link, $coins);
32
33
34if (isset($email)) {
35 if ($multiemail == "0" && $emailVerification == "0") {
36 $emailcount = mysqli_query($link, "SELECT * FROM MyGameDB WHERE email='$email'");
37 if (mysqli_num_rows($emailcount) != 0) {
38 die("005"); //already exist email
39 }
40 }
41}
42
43$real_hash = md5($name . $password . $secretKey);
44if ($real_hash == $hash) {
45 $check = mysqli_query($link, "SELECT * FROM MyGameDB WHERE name='$name'");
46 $numrows = mysqli_num_rows($check);
47
48 if ($numrows == 0) {
49
50 $check2 = mysqli_query($link, "SELECT * FROM MyGameDB WHERE nick='$nick'");
51 $numrows2 = mysqli_num_rows($check2);
52 if ($numrows2 == 0) {
53
54 $password = md5($password);
55 $random_hash = md5(uniqid(rand()));
56
57 $ins = mysqli_query($link, "INSERT INTO `MyGameDB` (`name` , `nick` , `password` , `uIP`, `email`, `verify`, `active`, `coins`, `meta` ) VALUES ('" . $name . "' , '" . $nick . "' , '" . $password . "' , '" . $mIP . "', '" . $email . "', '" . $random_hash . "', '" . $emailVerification . "', '" . $coins . "', '""') ") or die(mysqli_error($link));
58
59 if ($ins) {
60 if ($emailVerification == "0") {
61 //send verification email
62 $to = $email;
63 $subject = "Activation Code For " . $GameName;
64 $from = $emailFrom;
65 $body = 'Hi ' . $name . '<br/>Your Account has been create, to sign in please verify your email.<br/> <br/> Please Click On This link or paste in your browser: <a href="' . $base_url . 'Activation.php?code=' . $random_hash . '">' . $base_url . 'Activation.php?=' . $random_hash . '</a> to activate your account.';
66 $headers = "From:" . $from . "\r\n";
67 $headers .= "Reply-To: " . $from . "\r\n";
68 $headers .= "MIME-Version: 1.0\r\n";
69 $headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";
70 $sendemail = mail($to, $subject, $body, $headers);
71
72 if ($sendemail) {
73 die("success");
74 } else {
75 die("006"); //email not send
76 }
77 } else {
78 die("success");
79 }
80 } else {
81 die("Query Error: " . mysqli_error($link));
82 }
83 } else {
84 die("008"); //user nick name exist
85 }
86 } else {
87 die("003"); //user exist
88 }
89} else {
90 die("You don't have permission for this");
91}
92mysqli_close($link);
93?>