X-Git-Url: http://git.harvie.cz/?a=blobdiff_plain;f=wwwroot%2Finc%2Feventz%2Fregister.inc;h=9ea7fe7bf3ab5a733bfa06e2367e3d5c57639ea8;hb=41b53a981f7bab0ca17e16fddb72d868311f9ba9;hp=93665b5458cccb63fa3419dcea13e0240787f051;hpb=eb27b2a093b4b67a892a32b4cc51c7219333e8f7;p=mirrors%2FKyberia-bloodline.git diff --git a/wwwroot/inc/eventz/register.inc b/wwwroot/inc/eventz/register.inc index 93665b5..9ea7fe7 100644 --- a/wwwroot/inc/eventz/register.inc +++ b/wwwroot/inc/eventz/register.inc @@ -2,13 +2,13 @@ function register() { global $db, $error; - $guild_id = mysql_real_escape_string(strip_tags(trim($_POST['guild_id']))); - $content = mysql_real_escape_string(strip_tags(trim($_POST['reg_content']))); - $email = mysql_real_escape_string(strip_tags(trim($_POST['reg_email']))); - $login = mysql_real_escape_string(strip_tags(trim($_POST['reg_login']))); - $xmpp = mysql_real_escape_string(strtolower(strip_tags(trim($_POST['reg_login'])))); - $pass = mysql_real_escape_string($_POST['reg_pass']); - $pass2 = mysql_real_escape_string($_POST['reg_pass2']); + $guild_id = db_escape_string(strip_tags(trim($_POST['guild_id']))); + $content = db_escape_string(strip_tags(trim($_POST['reg_content']))); + $email = db_escape_string(strip_tags(trim($_POST['reg_email']))); + $login = db_escape_string(strip_tags(trim($_POST['reg_login']))); + $xmpp = db_escape_string(strtolower(strip_tags(trim($_POST['reg_login'])))); + $pass = db_escape_string($_POST['reg_pass']); + $pass2 = db_escape_string($_POST['reg_pass2']); if (empty($login)) { $error = 'please enter your nick name'; @@ -54,6 +54,7 @@ function register() { // XXX hard-coded $params['node_parent'] = UNVERIFIED_REGISTRATIONS_NODE; // registrations_noverified forum $params['node_name'] = 'request for access'; + $params['node_creator']=UBIK_ID; $params['flag'] = 'registration'; $user_id = nodes::addNode($params); @@ -61,17 +62,17 @@ function register() { //puttin in the guild node is realized only after email verification //nodes::putNode($user_id,$guild_id); - $q = sprintf('update nodes set node_system_access = "private" where node_id = %d', $user_id); + $q = sprintf('update nodes set node_system_access = "private",node_creator=%d where node_id = %d', $user_id,$user_id); $db->update($q); - $pass = md5($pass); - $vercode = substr( md5( uniqid( rand() ) ), rand(0, 7), 23); - $q = sprintf('insert into users set password = "%s", user_id = %d, - header_id = 2091520, login = "%s", email = "%s", - hash = "%s", xmpp="%s, guild_id="%s""', - $pass, $user_id, $login, $email, $vercode, $xmpp, $guild_id); - $db->query($q); // XXX rewrite - $emailtext = sprintf( + $pass = md5($pass); + $vercode = substr( md5( uniqid( rand() ) ), rand(0, 7), 23); + $q = sprintf('insert into users set password = "%s", user_id = %d, + header_id = 2091520, login = "%s", email = "%s", + hash = "%s", xmpp="%s", guild_id="%s"', + $pass, $user_id, $login, $email, $vercode, $xmpp, $guild_id); + $db->query($q); // XXX rewrite + $emailtext = sprintf( 'Vitaj %s! Prave som sa s radostou dozvedel, ze si vyplnil(a) registracny formular na stranke '.SYSTEM_URL.' a chces sa stat clenom tejto komunity.