View Single Post
  #99  
Old 04-04-2010, 01:08 PM
cubber
Discordant
 
Join Date: Apr 2006
Posts: 374
Default

Here is an Account Creation web front end tool I wrote for the SVN Loginserver. It can be added to a server webpage to allow users to create accounts, it then emails the server admin the new account information.

It consists of 2 files eqreg.php and insert.php

Note: Make sure to change the mysql server info and email address in insert.php before using.

eqreg.php

Code:
<!-- EQEMu SVN Loginserver PHP Account Registration Page - By: Cubber -->

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict/EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>EQEmu SVN Loginserver Account Registration Page</title>

<meta name="description" content="EQEmulator SVN Loginserver Account Registration Page.">

</head>

<body>

                        <h1>EQ Registration Form</h1>
                        <p>Please fill out the form below to create a new account.</p>
                        <br />
                                
                                        <form method="post" action="insert.php">
                                        Username: <i>(Max 16 chars)</i><br />
                                                <input name="username" type="text" id="username" maxlength="16" />
                                        <br /><br />
                                        Password: <i>(Max 16 chars)</i><br />
                                                <input name="pw" type="password" id="pw" maxlength="16" />
                                        <br /><br />
                                        Email:<br />
                                                <input name="email" type="text" id="email" maxlength="50" />
                                        <br /><br />
                                        <br />    
                                                <input name="Submit" type="submit" value="Create Account" />
                                        </form>
                                        <br />
                                                        
                                
</body>
</html>

insert.php

Code:
<!-- EQEMu SVN Loginserver PHP Account Registration Page - By: Cubber -->

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict/EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>>EQEmu SVN Loginserver Account Registration Page</title>

<meta name="description" content="EQEmulator SVN Loginserver Account Registration Page.">

<head>

<body>

                                <p>                             
                                <?php

                                        $DB_ADDY = "localhost"; //address:port for the MySQL server
                                        $DB_USER = "eqemu"; //username to login to MySQL with
                                        $DB_PASS = "eqemu"; //password to login to MySQL with
                                        $DB_DB = "peq"; //database name to use "peq" for default installation
                                        $user = $_POST['username'];
                                        $pass = $_POST['pw'];
                                        $acct_email = $_POST['email'];
                                        $sendto = "youremail@something.com";
                                        $subject = "New EQEmu Account Created";
                                        $message = "A new account has been created on the EQEmu Server.  Account details: - email: $acct_email\n - username: $user\n - password: $pass\n";
                                        
                                        
                                        function error_s($text) {
                                        echo("<p>" . $text);
                                        };      

                                        $user_chars = "#[^a-zA-Z0-9_\-]#";
                                        $email_chars = "/^[^0-9][A-z0-9_]+([.][A-z0-9_]+)*[@][A-z0-9_]+([.][A-z0-9_]+)*[.][A-z]{2,4}$/";

                                        if ( !isset($_POST['username']) || !isset($_POST['pw']) || !isset($_POST['email']) )
                                        {
                                        echo "User/Pass/Email not passed.";
                                        return;
                                        }

                                        $con = @mysql_connect($DB_ADDY, $DB_USER, $DB_PASS);
                                        if (!$con) {
                                        error_s("Unable to connect to database: " . mysql_error());
                                        };

                                        if (!empty($_POST)) {
                                        if ((empty($_POST["username"]))||(empty($_POST["pw"]))||(empty($_POST["email"])) ) {
                                                error_s("You did not enter all the required information.");
                                                                exit();
                                        } else {

                                                $username = ($_POST["username"]);
                                                $pw = ($_POST["pw"]);
                                                $email = ($_POST["email"]);
                                                if (strlen($username) < 5) {
                                                        error_s("Username too short.");
                                                        exit();
                                                };
                                                if (strlen($username) > 16) {
                                                        error_s("Username too long.");
                                                        exit();
                                                };
                                                if (strlen($pw) < 6) {
                                                        error_s("Password too short.");
                                                        exit();
                                                };
                                                if (strlen($pw) > 16) {
                                                        error_s("Password too long.");
                                                        exit();
                                                };
                                                if (strlen($email) < 10) {
                                                        error_s("Email was too short.");
                                                       exit();
                                                };
                                                if (strlen($email) > 50) {
                                                        error_s("Email was too long.");
                                                        exit();
                                                };
                                                if (preg_match($user_chars,$username)) {
                                                        error_s("Username contained illegal characters.");
                                                        exit();
                                                };
                                                if (preg_match($user_chars,$pw)) {
                                                        error_s("Password contained illegal characters.");
                                                        exit();
                                                };
                                                if (!preg_match($email_chars,$email)) {
                                                        error_s("Email was in an incorrect format.");
                                                        exit();
                                                };
                                                
                                                $username = mysql_real_escape_string($username);
                                                $pw = mysql_real_escape_string($pw);
                                                $email = mysql_real_escape_string($email);
                                                $qry = @mysql_query("select AccountName from " . mysql_real_escape_string($DB_DB) . ".tblLoginServerAccounts where AccountName = '" . $username . "'", $con);
                                                                if (!$qry) {
                                                                        error_s("Error querying database: " . mysql_error());
                                                                };
                                               if ($existing_username = mysql_fetch_assoc($qry)) {
                                                        foreach ($existing_username as $key => $value) {
                                                                $existing_username = $value;
                                                        };
                                                };
                                                $existing_username = ($existing_username);
                                                if ($existing_username == ($_POST['username'])) {
                                                       error_s("That username is already taken.  Click <a href=eqreg.php>here</a> and try again.");
                                                        exit();
                                                };
                                                                unset($qry);

                                                $sha_pass_hash = sha1(($pw));
                                                $register_sql = "insert into " . mysql_real_escape_string($DB_DB) . ".tblLoginServerAccounts (AccountName,AccountPassword,AccountEmail) values ('" . $username . "','" . $sha_pass_hash . "','" . $email . "')";
                                                $qry = @mysql_query($register_sql, $con);
                                                                if (!$qry) {
                                                                        error_s("Error creating account: " . mysql_error());
                                                                };
                                                mail($sendto, $subject, $message);
                                               echo("Your account was successfully created!");
                                                                exit();
                                       };
                                } else {
                                        echo($page);
                                };

                        ?>
                        </p>


</body>
</html>

I also added captcha to the version I use on my website, I use an opensource captcha called securimage, you can find it here http://www.phpcaptcha.org/

It works rather well and is easily incorporated into the page. I did not put it into the posted code because I figured I would leave it very simple so that folks could customize it as they see fit.

Enjoy!
Reply With Quote