php session_start include_once main inc php include_once skin inc php

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
<?php
session_start();
include_once("main.inc.php");
include_once("skin.inc.php");
require_once("cfg.inc.php");
$template = new TEMPLATE($tpl7);
$xtra = new XTRA();
$title = register;
$menu = "<a href=\"index.php\">вернуться на сайт</a>";
$body = $xtra->get_regform();
if($_REQUEST["reg"] == "register")
{
if(($_REQUEST["password"] != NULL) and ($_REQUEST["password2"] != NULL) and ($_REQUEST["fname"] != NULL) and ($_REQUEST["lname"] != NULL) and ($_REQUEST["company"] != NULL) and ($_REQUEST["field"] != NULL) and ($_REQUEST["position"] != NULL) and ($_REQUEST["address"] != NULL) and ($_REQUEST["phone"] != NULL) and ($_REQUEST["mail"] != NULL))
{
$usr = "default";
$pwd = mysql_escape_string($_REQUEST["password"]);
$pwd2 = mysql_escape_string($_REQUEST["password2"]);
$fnm = mysql_escape_string($_REQUEST["fname"]);
$lnm = mysql_escape_string($_REQUEST["lname"]);
$comp = mysql_escape_string($_REQUEST["company"]);
$field = mysql_escape_string($_REQUEST["field"]);
$pos = mysql_escape_string($_REQUEST["position"]);
$adr = mysql_escape_string($_REQUEST["address"]);
$pho = mysql_escape_string($_REQUEST["phone"]);
$eml = mysql_escape_string($_REQUEST["mail"]);
$web = mysql_escape_string($_REQUEST["web"]);
//check password
if($pwd != $pwd2)
{
$body = "<p align=\"center\"><font color=#FFFFFF><b>пароль не совпадает</b></font></p>".$xtra->get_regform();
}
//check mail
elseif($xtra->check_email($eml) == false)
{
$body = "<p align=\"center\"><font color=#FFFFFF><b>неправильный email</b></font></p>".$xtra->get_regform();
}
else
{
$pwd2 = md5($pwd);
$acl = $usr.$pwd2;
if($web == NULL)
{
$web = "www.4p.am";
}
$ins = "insert into `dummy` (`id`, `username`, `password`, `fname`, `lname`, `company`, `field`, `position`, `address`, `phone`, `mail`, `web`, `accesslevel`, `status`, `page1`, `page2`, `page3`, `page4`) values (NULL, '".$usr."', '".$pwd2."', '".$fnm."', '".$lnm."', '".$comp."', '".$field."', '".$pos."', '".$adr."', '".$pho."', '".$eml."', '".$web."', '".$acl."', '0', 'special offer', 'storage', 'tracking', 'balance')";
$go = mysql_query($ins);
$body = "<p align=\"center\"><font color=#FFFFFF><b>Регистрация прошла успешно. В течении одного дня вам придет письмо с подтверждением.</b></font><br><br><a href=\"index.php\">вернуться на сайт</a></p>";
//inform admin via mail...
$rec = "admin@4p.am";
$name = "4p.am website";
$email = "admin@4p.am";
$header = "From: ". $name . " <" . $email . ">\r\n";
$subj = "new user";
$mes = "new user has registered at the site, here is his information: \n first name: ".$fnm." \n last name: ".$lnm." \n company: ".$comp." \n field of business: ".$field." \n position: ".$pos." \n address: ".$adr." \n phone: ".$pho." \n email: ".$eml;
ini_set('sendmail_from', 'me@domain.com');
mail($rec, $subj, $mes, $header);
}
}
else
{
$body = "<p align=\"center\"><font color=#FFFFFF><b>пожалуйста, заполните все обязательные поля</b></font></p>".$xtra->get_regform();
}
}
$content["title"]= $title;
$content["body"] = $body;
$content["menu"] = $menu;
$template->parse($content);
$template->show();
?>