· 6 years ago · May 24, 2019, 06:02 PM
1<?php
2include('../config.php');
3
4
5
6function filtruj($zmienna)
7{
8 if (strlen($_POST['haslo1']) > "20") {
9 header("location: ../error.php");
10 }
11 if (strlen($_POST['haslo1']) < "8") {
12 header("location: ../error.php");
13 }
14 if (strlen($_POST['haslo2']) > "20") {
15 header("location: ../error.php");
16 }
17 if (strlen($_POST['haslo2']) < "8") {
18 header("location: ../error.php");
19 }
20 if(get_magic_quotes_gpc())
21 $zmienna = stripslashes($zmienna); // usuwamy slashe
22 // usuwamy spacje, tagi html oraz niebezpieczne znaki
23 return mysql_real_escape_string(htmlspecialchars(trim($zmienna)));
24}
25
26
27
28///here new code
29if(isset($_POST['g-recaptcha-response'])){
30 $captcha=$_POST['g-recaptcha-response'];
31 }
32 if(!$captcha){
33 echo 'Pamiętaj, captcha jest obowiązkowa!';
34 exit;
35 }
36 $secretKey = "6Lft24oUAAAAALTgHGPnCIowykP1ex9LlEmeL2yR";
37 $ip = $_SERVER['REMOTE_ADDR'];
38 $response=file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$secretKey."&response=".$captcha);
39 $responseKeys = json_decode($response,true);
40 if(intval($responseKeys["success"]) !== 1) {
41 echo 'Error';
42 } else {
43
44$login = filtruj($_POST['login']);
45 $haslo1 = filtruj($_POST['haslo1']);
46 $haslo2 = filtruj($_POST['haslo2']);
47 $email = filtruj($_POST['email']);
48 $ip = filtruj($_SERVER['REMOTE_ADDR']);
49 $hash = md5( rand(0,1000) );
50 // sprawdzamy czy login nie jest już w bazie
51 if (mysql_num_rows(mysql_query("SELECT login FROM uzytkownicy WHERE login = '".$login."';")) == 0)
52 {
53 if (mysql_num_rows(mysql_query("SELECT email FROM uzytkownicy WHERE email = '".$email."';")) == 0)
54 {
55 if ($haslo1 == $haslo2) // sprawdzamy czy hasła takie same
56 {
57 mysql_query("INSERT INTO `uzytkownicy` (`login`, `haslo`, `email`, `rejestracja`, `logowanie`, `ip`, `hash`)
58 VALUES ('".$login."', '".crypt($haslo1, '$2y$07$usesomesillystringforsalt$')."', '".$email."', '".date('Y-m-d H:i:s')."', '".date('Y-m-d H:i:s')."', '".$ip."', '".$hash."');");
59
60
61
62 echo 'Konto utworzone';
63
64date_default_timezone_set('Etc/UTC');
65require './phpmail/PHPMailerAutoload.php';
66$mail = new PHPMailer;
67$mail->IsSMTP();
68$mail->Host = 'smtp.gmail.com'; // Which SMTP server to use.
69$mail->Port = 587; // Which port to use, 587 is the default port for TLS security.
70$mail->SMTPSecure = 'tls'; // Which security method to use. TLS is most secure.
71$mail->SMTPAuth = true; // Whether you need to login. This is almost always required.
72$mail->Username = "noreply.safemessenger@gmail.com"; // Your Gmail address.
73$mail->Password = "kolec567"; // Your Gmail login password or App Specific Password.
74
75
76$mail->setFrom('noreply.safemessenger@gmail.com', 'Safe Messenger'); // Set the sender of the message.
77$mail->addAddress($email); // Set the recipient of the message.
78$mail->Subject = 'Confirm your email address'; // The subject of the message.
79$mail->IsHTML(true);