sibtracker/system/ajax/registration.php

73 lines
4.3 KiB
PHP
Raw Permalink Normal View History

2019-05-18 13:46:03 +08:00
<?php
@error_reporting(7);
@ini_set('display_errors', true);
@ini_set('html_errors', false);
define('DATALIFEENGINE', true);
define( 'ROOT_DIR', substr( dirname( __FILE__ ), 0, -12 ) );
define( 'SYSTEM_DIR', ROOT_DIR . '/system' );
include SYSTEM_DIR.'/data/config.php';
require_once SYSTEM_DIR.'/classes/mysql.php';
require_once SYSTEM_DIR.'/data/dbconfig.php';
require_once SYSTEM_DIR . '/modules/functions.php';
include_once ROOT_DIR.'/language/'.$config['langs'].'/website.lng';
$config['charset'] = ($lang['charset'] != '') ? $lang['charset'] : $config['charset'];
require_once SYSTEM_DIR.'/modules/functions.php';
require_once SYSTEM_DIR.'/classes/parse.class.php';
$parse = new ParseFilter();
function check_name($name)
{
global $lang, $db, $banned_info;
$stop = '';
if (strlen($name) > 20){$stop .= $lang['reg_err_3'];}
if (preg_match("/[\||\'|\<|\>|\[|\]|\"|\!|\?|\$|\@|\/|\\\|\&\~\*\{\+]/",$name)){$stop .= $lang['reg_err_4'];}
if (empty($name)){$stop .= $lang['reg_err_7'];}
if (strpos( strtolower ($name) , '.php' ) !== false) {$stop .= $lang['reg_err_4'];}
if (count($banned_info['name'])) foreach($banned_info['name'] as $banned){
$banned['name'] = str_replace( '\*', '.*' , preg_quote($banned['name'], "#") );
if ( $banned['name'] AND preg_match( "#^{$banned['name']}$#i", $name ) ) {
if ($banned['descr']) {$lang['reg_err_21'] = str_replace("{descr}", $lang['reg_err_22'], $lang['reg_err_21']); $lang['reg_err_21'] = str_replace("{descr}", $banned['descr'], $lang['reg_err_21']);
} else $lang['reg_err_21'] = str_replace("{descr}", "", $lang['reg_err_21']);
$stop .= $lang['reg_err_21'];
}}
if (!$stop){
$replace_word = array ('e' => '[e<><65>]', 'r' => '[r<>]', 't' => '[t<>]', 'y' => '[y<>]','u' => '[u<>]','i' => '[i1l!]','o' => '[o<>0]','p' => '[p<>]','a' => '[a<>]','s' => '[s5]','w' => 'w','q' => 'q','d' => 'd','f' => 'f','g' => '[g<>]','h' => '[h<>]','j' => 'j','k' => '[k<>]','l' => '[l1i!]','z' => 'z','x' => '[x<>%]','c' => '[c<>]','v' => '[vu<76>]','b' => '[b<><62>]','n' => '[n<><6E>]','m' => '[m<>]','<27>' => '[<5B><>u]','<27>' => '<27>','<27>' => '[<5B>y]','<27>' => '[<5B>e<EFBFBD>]','<27>' => '[<5B>h]','<27>' => '[<5B>r]','<27>' => '[<5B>w<EFBFBD>]','<27>' => '[<5B>w<EFBFBD>]','<27>' => '[<5B>3<EFBFBD>]','<27>' => '[<5B>x%]','<27>' => '[<5B><>]','<27>' => '<27>','<27>' => '(<28>|<7C>[i1l!]?)','<27>' => '[<5B>b]','<27>' => '[<5B>a]','<27>' => '[<5B>n]','<27>' => '[<5B>p]','<27>' => '[<5B>o0]','<27>' => '[<5B>n]','<27>' => '<27>','<27>' => '<27>','<27>' => '[<5B>3<EFBFBD>]','<27>' => '[<5B>]','<27>' => '[<5B>4]','<27>' => '[<5B>c]','<27>' => '[<5B>m]','<27>' => '[<5B>u<EFBFBD>]','<27>' => '[<5B>t]','<27>' => '[<5B>b]','<27>' => '[<5B>6]','<27>' => '(<28>|[!1il][o<>0])','<27>' => '[<5B><>e]','1' => '[1il!]','2' => '2','3' => '[3<><33>]','4' => '[4<>]','5' => '[5s]','6' => '[6<>]','7' => '7','8' => '8','9' => '9','0' => '[0<>o]','_' => '_','#' => '#','%' => '[%x]','^' => '[^~]','(' => '[(]',')' => '[)]','=' => '=','.' => '[.]','-' => '-','[' => '[\[]');
$name=strtolower($name);
$search_name=strtr($name, $replace_word);
$db->query ("SELECT name FROM " . USERPREFIX . "_users WHERE LOWER(name) REGEXP '[[:<:]]{$search_name}[[:>:]]' OR name = '$name'");
if ($db->num_rows() > 0){$stop .= $lang['reg_err_20'];}
}
if (!$stop) return false; else return $stop;
}
$banned_info = $cache->get ("banned");
if (!is_array($banned_info)) {$banned_info = array ();
$db->query("SELECT * FROM " . USERPREFIX . "_banned");
while($row = $db->get_row()){
if ($row['users_id']) {$banned_info['users_id'][$row['users_id']] = array('users_id' => $row['users_id'], 'descr' => stripslashes($row['descr']), 'date' => $row['date']);
} else {if (count(explode(".", $row['ip'])) == 4) $banned_info['ip'][$row['ip']] = array('ip' => $row['ip'], 'descr' => stripslashes($row['descr']), 'date' => $row['date']);
elseif (strpos( $row['ip'], "@" ) !== false) $banned_info['email'][$row['ip']] = array('email' => $row['ip'], 'descr' => stripslashes($row['descr']), 'date' => $row['date']);
else $banned_info['name'][$row['ip']] = array('name' => $row['ip'], 'descr' => stripslashes($row['descr']), 'date' => $row['date']);
}}
$cache->set ("banned", $banned_info);
$db->free();
}
$name = $db->safesql(trim(htmlspecialchars($parse->process(convert_unicode($_POST['name'], $config['charset'])))));
$name = preg_replace('#\s+#i', ' ', $name);
$allow = check_name($name);
if (!$allow)$buffer = "<font color=\"green\">".$lang['reg_ok_ajax']."</font>";
else $buffer = "<font color=\"red\">".$allow."</font>";
@header("Content-type: text/html; charset=".$config['charset']);
echo $buffer;
?>