\n"; } // turn off strict mysql error checking for: STRICT_ALL_TABLES mysqlStrictMode(false); // disable Mysql strict errors for when a field isn't defined below (can be caused when fields are added later) // add record if (!@$errorsAndAlerts) { mysql_query("INSERT INTO `{$TABLE_PREFIX}comments` SET content = '".mysql_real_escape_string( $_REQUEST['content'] )."', rel_item = '".mysql_real_escape_string( $_REQUEST['rel_item'] )."', rel_module = '".mysql_real_escape_string( $_REQUEST['rel_module'] )."', author = '".mysql_real_escape_string( $_REQUEST['author'] )."', createdDate = NOW(), updatedDate = NOW(), createdByUserNum = '0', updatedByUserNum = '0'") or die("MySQL Error Creating Record:
\n". htmlspecialchars(mysql_error()) . "\n"); $recordNum = mysql_insert_id(); // display thanks message and clear form $errorsAndAlerts = "Thanks! Your comment has been added below."; $_REQUEST = array(); } } ?> 'comments', )); ?> \n"; } if (!@$_REQUEST['email']) { $errorsAndAlerts .= "You must enter your email!
\n"; } else if(!isValidEmail(@$_REQUEST['email'])) { $errorsAndAlerts .= "Please enter a valid email (example: user@example.com)
\n"; } if (!@$_REQUEST['username']) { $errorsAndAlerts .= "You must choose a username!
\n"; } // check for duplicate usernames and emails if (!$errorsAndAlerts) { $count = mysql_select_count_from('accounts', "`username` = '".mysql_escape(@$_REQUEST['username'])."'"); if ($count > 0 && @$_REQUEST['username']) { $errorsAndAlerts .= "That username is already in use, please choose another!
\n"; } $count = mysql_select_count_from('accounts', "'".mysql_escape($_REQUEST['email'])."' IN (email, username)"); if ($count > 0) { $errorsAndAlerts .= "That email is already in use, please choose another!
\n"; } } // turn off strict mysql error checking for: STRICT_ALL_TABLES mysqlStrictMode(false); // disable Mysql strict errors for when a field isn't defined below (can be caused when fields are added later) // add user if (!$errorsAndAlerts) { $_REQUEST['password'] = substr(md5(uniqid(rand(), true)), 15); // example output: c5560251ef0b3eef9 mysql_query("INSERT INTO `{$TABLE_PREFIX}accounts` SET fullname = '".mysql_escape( $_REQUEST['fullname'] )."', email = '".mysql_escape( $_REQUEST['email'] )."', username = '".mysql_escape( $_REQUEST['username'] )."', password = '".mysql_escape( $_REQUEST['password'] )."', disabled = '0', isAdmin = '0', expiresDate = '0000-00-00 00:00:00', neverExpires = '1', createdDate = NOW(), updatedDate = NOW(), createdByUserNum = '0', updatedByUserNum = '0'") or die("MySQL Error Creating Record:
\n". htmlspecialchars(mysql_error()) . "\n"); $userNum = mysql_insert_id(); // create accesslist entry // replace '_sample' with the table you want the user to access // replace '6' with the access level they should have: 0=none, 6=author, 9=editor // replace '1' with the max listings they are allowed mysql_query("INSERT INTO `{$TABLE_PREFIX}_accesslist` (userNum, tableName, accessLevel, maxRecords, randomSaveId) VALUES ($userNum, 'all', '1', NULL, '1234567890'), ($userNum, '_sample', '6', 1, '1234567890'), ($userNum, '_sample', '6', 1, '1234567890'), ($userNum, '_sample', '6', 1, '1234567890'), ($userNum, '_sample', '6', 1, '1234567890'), ($userNum, '_sample', '6', 1, '1234567890'), ($userNum, '_sample', '6', 1, '1234567890')") or die("MySQL Error Creating Access List:
\n". htmlspecialchars(mysql_error()) . "\n"); // _websiteLogin_sendSignupMessage(); $errorsAndAlerts = "Thanks, We've created an account for you and emailed you your password.

\n"; $errorsAndAlerts .= "If you don't receive an email from us within a few minutes check your spam filter for messages from {$SETTINGS['adminEmail']}

\n"; $errorsAndAlerts .= "Click here to login."; $_REQUEST = array(); // clear form values $showSignupForm = false; } } ?>