summaryrefslogtreecommitdiff
path: root/registration.php
blob: 8a5c49eb780fea0924b67c51eac9750b68ea197f (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
<?php
	require_once('includes/libs/libmysql.php');
	require_once('includes/models/account.php');
	require_once('recaptcha-php/recaptchalib.php');

	require_once('recaptcha-php/keys.php');

	$enable_captcha = true;  // modify this in production

	$showform = true;

	if (isset($_POST['register']) && $_POST['register'] == "true")
	{
		$showform = false;
		$err = "";
		$acc = new TMWAccount();
		$acc->setUsername($_POST['username']);
		$acc->setPassword($_POST['password1']);
		$acc->setEMail($_POST['email']);
		$acc->setGender($_POST['gender']);

		$val = $acc->validate();
		if (is_array($val))
		{
			foreach( $val as $error)
			{
				$err .= $error . "<br />";
			}
			$showform = true;
		}

		if ($_POST['password2'] != $_POST['password1'])
		{
			$err .= "The given passwords don't match!"; $showform = true;
		}

		if (TMWAccount::existsUsername( $_POST['username'] ))
		{
			$err .= "The username is in use!"; $showform = true;
		}

		if ($enable_captcha)
		{
			// check captcha
			$resp = recaptcha_check_answer ($privatekey, $_SERVER["REMOTE_ADDR"],
				$_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);

			if (!$resp->is_valid)
			{
				$err .= "The captcha was incorrect!"; $showform = true;
			}
		}

		if (!$showform)
		{
			// create the account
			if (!$acc->storeAccount())
			{
				$err = "The was an unknown error while storing your new account";
				$showform = true;
			}
		}
	}
	if ($showform)
	{
	    include("includes/common.php");
    	placeHeader("Registration");

?>
<p>With this form you can register for a new account.</p>

<p>Note that you also need to <a href="downloads.php">download Manaplus</a>, The Mana World's official client, and run it to log in and play.</p>

<p><i>We will never give your email to someone else or send you spam! Its only purpose is to be able to send you back whether account creation succeeded. Also your email is important to send you a new password if you forgot yours (<a href="https://forums.themanaworld.org/viewtopic.php?f=3&t=17737">further information).</a></i></p>

<p style="background-color: #ede2da; padding: 5px; border: 1px solid
#9f9894; border-radius: 10px;"><i>Security warning:</i> Do not use the same username and password on
two different servers. The server admins can read all of them in clear text and
nothing stops them from trying them on other servers. It happened a lot in the
past that users of the official server got "hacked" because they ignored this
important precaution.</p>

<form action="registration.php" method="post">

	<input type="hidden" name="register" value="true" />
	<table>
		<?php if (isset($err))
		{
			echo "<tr><td colspan=\"2\" style=\"border: 1px solid red; color: red;\">" .
				$err . "</td></tr>";
		}
		?>
		<tr>
			<td>Username:</td>
			<td><input type="text" size="20" name="username" /></td>
		</tr>
		<tr>
			<td>Password:</td>
			<td><input type="password" size="20" name="password1" /></td>
		</tr>
		<tr>
			<td>Retype password:</td>
			<td><input type="password" size="20" name="password2" /></td>
		</tr>
		<tr>
			<td>EMail:</td>
			<td><input type="text" size="30" name="email" /></td>
		</tr>
		<tr>
			<td>Gender:</td>
      <td>
       <select name="gender">
         <option value="0" selected></option>
         <option value="1">Male</option>
         <option value="2">Female</option>
       </select>
      </td>
		</tr>
		<tr>
			<td colspan="2">
				<?php echo recaptcha_get_html($publickey); ?>
			</td>
		</tr>
		<tr>
			<td colspan="2" style="text-align:right">
				<input type="submit" value="Register" />
			</td>
		</tr>
	</table>
</form>


<?php

	placeFooter();
	} // end of showform
	else
	{
	include("includes/email.php");
    $mail_to = $_POST['email'];
    $boundary = uniqid('np');
    $subject = "The Mana World Registration";
    $headers = "From: Accounts <passwords@themanaworld.org>\r\nReply-To: Accounts <passwords@themanaworld.org>\r\n";
    $data .= "== Account Created ==\n";
    $data .= "  Welcome to The Mana World! Your account should now be enabled. If you have any problems with your login contact The Mana World via the Support (live) or Forums (maybe a delay) for help. Game tips & walkthroughs are available on the Wiki. Our Forums are a great place to ask for advice and discuss possible changes. News is available in the client or on the Home Site.
        Godspeed Adventurer,
            The Mana World\n";
    $message = getEmailTemplate($data);
    $headers .= $message[0];

    //mail($mail_to,$subject,$message[1],$headers);

    header("Location: /thank_you.php");
    }
?>