Inscription aux Chroniques de Ierne

\n"; //print ">> $HTTP_POST_VARS[$elem]
\n"; } //else //print ">> $HTTP_POST_VARS[$elem]
\n"; } /* If the sender asked to be an author, we have extra variables to check. */ if($HTTP_POST_VARS["statut"] == "auteur") { foreach($listVarsAut as $elem) { if(!isset($HTTP_POST_VARS[$elem]) || strlen(trim($HTTP_POST_VARS[$elem])) == 0) { $errs = true; unset($$elem); // Will be detected in the principal.inc //print "Erreur: $elem is not set!
\n"; //print ">> $HTTP_POST_VARS[$elem]
\n"; } //else //print ">> $HTTP_POST_VARS[$elem]
\n"; } } /* Now we check the fields are filled with coherent values. This * is very dull since we need to check them individually * and a for() won't help us there. Yet. Fortunately we don't need to * check everything. Just names and emails mostly, plus the age of the * character. */ /* The name must be unique so we need to check in the database. */ $link = mysql_connect("rencade.raphit.net", "ierne", "dra34gon") or die("Impossible de se connecter à la base: " . mysql_error()); mysql_select_db("iernedata") or die("Impossible d'accéder à la base 'iernedata': " . mysql_error()); /* First we check the login name. To make sure there is no case weirdness * we only compare capitalized strings. If a nick already exists, we won't * accept it twice, since it's our primary key... */ $query = "SELECT ident FROM ierne_ml WHERE UPPER(ident) LIKE '" . strtoupper($HTTP_POST_VARS[pseudo]) . "'"; $result = mysql_query($query, $link) or die("SQL error while connecting to the database: " . mysql_error()); /* Thus we either have one line -- one match, if we had two it'd mean we have * two identical primary keys -- or nothing. */ if(mysql_fetch_row($result)) { /* We found one match, the name already exists. */ $errs = true; $GLOBALS[err_pseudo] = "Cet identifiant est déjà pris. Veuillez en choisir un différent."; } /* While we're connected, it won't hurt to check the character's name as well. */ if($HTTP_POST_VARS[statut] == "auteur") { $query = "SELECT nom FROM ierne_cheptel WHERE UPPER(nom) LIKE '" . strtoupper($HTTP_POST_VARS[perso_nom]) . "'"; $result = mysql_query($query, $link) or die("SQL error while connecting to the database to retrieve char_name: " . mysql_error()); if(mysql_fetch_row($result)) { /* We found one match, the name already exists. */ $errs = true; $GLOBALS[err_perso_nom] = "Ce personnage existe déjà. Veuillez trouver un autre nom."; } } /* We wand identifiers simple enough for our database */ if(!ereg("^[A-Za-z0-9_.-]+$", $HTTP_POST_VARS[pseudo])) { $errs = true; $GLOBALS[err_pseudo] = "Cet identifiant contient des caractères invalides. Utilisez majuscules, minuscules, chiffres, '_', '.' et '-'."; } /* The emails need to be in the right format (ident@domain.ext). */ if(isset($HTTP_POST_VARS[email])) if(!ereg("^[A-Za-z0-9_.-]+@[A-Za-z0-9_.-]+\.[A-Za-z0-9]+$", $HTTP_POST_VARS[email])) { $errs = true; $GLOBALS[err_email] = "Format incorrect. Veuillez utiliser le format 'identifiant@domaine.ext'."; } if(strlen($HTTP_POST_VARS[email1]) > 0) if(!eregi("^[A-Za-z0-9_.-]+@[A-Za-z0-9_.-]+\.[A-Za-z0-9]+$", $HTTP_POST_VARS[email1])) { $errs = true; $GLOBALS[err_email1] = "Format incorrect. Veuillez utiliser le format 'identifaint@domaine.ext'."; } /* Now we make sure the name of the character is * not in our database already. */ /* Then we check whether the age is a number */ if($HTTP_POST_VARS[statut] == "auteur" && !is_numeric($HTTP_POST_VARS[perso_age])) { $errs = true; $GLOBALS[err_perso_age] = "Entrez une valeur numérique ou 0 si cas particulier, merci."; } /* If the thing is clean, we actually keep the data and send the mail */ if(!$errs) { // print "Le formulaire est correct!
\n"; include("./register.inc.php"); /* once registered, nothing will stop us spamming the Council! * As Free doesn't allow the mail() function, we're going to * evaluate it on shinji, which will be much simpler. */ include("./mail.inc.php"); /* And once it's done, we display a dull little page to herd * the people back to the main website. Yay us! */ include("./bye.inc.php"); } else { /* If the thing is not clean, we enter (or stay in) the correction state. */ $state = "correct"; /* We clean our variables from escaping */ foreach($listAllVars as $elem) { $GLOBALS[$elem] = ereg_replace("\\\\", "", $HTTP_POST_VARS[$elem]); } foreach($listVarsAut as $elem) { $GLOBALS[$elem] = ereg_replace("\\\\", "", $HTTP_POST_VARS[$elem]); } $GLOBALS[notes] = ereg_replace("\\\\", "", $HTTP_POST_VARS[notes]); $GLOBALS[perso_notes] = ereg_replace("\\\\", "", $HTTP_POST_VARS[perso_notes]); /* Then we include the error functions and variables. */ include("./errors.inc.php"); /* And then we redisplay our main page with those new settings. */ include("./principal.inc.php"); } } /* The constants. */ $listRes = array("main", "verif"); $listState = array("input", "correct"); /* Here we're supposed to check the variables. */ if(!$res || !in_array($res, $listRes)) $res = "main"; if(!$state || !in_array($state, $listState)) $state = "input"; /* We call the relevant function. */ $res(); /* Brutal way to interrupt service while the DB is down */ // print "

Interruption de service environ 48 heures pour // maintenance. Merci de votre compréhension, et toutes // nos excuses.

"; // print "

Remise en service prévue jeudi 8 en journée

"; // print "

K'fen

"; ?>