prepare("INSERT INTO users (login,email,password_hash,salt,avatar_path,role,invite_id) VALUES (?,?,?,?,?,?,?)"); $role = "newbie"; $s->bind_param("sssssss", $login, $email, $pwd_hash, $salt, $avatar_path, $role, $invite_id); return $s->execute() !== false; } if (ThisFileIsRequested(__FILE__)) { require_once("../_json.php"); // Dirty hack for debugging purposes. Will be removed later if ($Config["debug"]) $_POST = $_REQUEST; // If registration turned off if (!$Config["registration"]["active"]) { ReturnJSONError($Err_DP_RegClosed, "registrations are closed"); } // If user is logged in, then we should not allow creation of account if ($LOGGED_IN) ReturnJSONError($Err_DP_AlreadyLoggedIn, "you are already logged in"); // If we have some POST data if (isset($_POST["login"]) && isset($_POST["password"])) { $login = $_POST["login"]; $password = $_POST["password"]; $email = null; $invite = null; // If password is too weak if (strlen($password) < 8) ReturnJSONError($Err_RDP_InvalidArgs, "password too weak"); // If we need email but it isnt supplied if ($Config["registration"]["need_email"] && !isset($_POST["email"])) { ReturnJSONError($Err_RDP_InvalidArgs, "email is necessary"); } elseif (isset($_POST["email"])) { // Validation of email if (!filter_var($_POST["email"], FILTER_VALIDATE_EMAIL)) ReturnJSONError($Err_RDP_InvalidArgs, "email is invalid"); $email = $_POST["email"]; } // If we need invite but it isnt supplied if ($Config["registration"]["need_invite"] && !isset($_POST["invite_id"])) { ReturnJSONError($Err_RDP_InvalidArgs, "registrations are invite-only"); } elseif (isset($_POST["invite_id"])) { // TODO: check invite and reject if it invalid //$invite = $_POST["invite_id"]; } // Check login and password for pattern match $preg_str = "/[^" . $Config["registration"]["allowed_syms"] . "]/"; if (preg_match($preg_str, $login) || preg_match($preg_str, $password)) { ReturnJSONError($Err_RDP_InvalidArgs, "only allowed symbols are: " . $Config["registration"]["allowed_syms"]); } // Check if login already exists if (User_LoginExist($login)) ReturnJSONError($Err_RDP_InvalidArgs, "login already exists"); // Create account $result = User_Create($login, $password, $email, $invite); ReturnJSONData(["success" => $result]); } else { // Not enough arguments ReturnJSONError($Err_RDP_InvalidArgs, "not enough or no arguments were supplied"); } } ?>