<?php
define
('ROOT','./');
require_once(
ROOT.'common.php');
$sitename "Register";
$breadcrumbs ' -> <a href="'.ROOT.'register.php">Register</a>'// Defines the page title for the browser
require_once(ROOT.'include/header.php');
?>
<div class="left">
<?php
if ($_POST['formsent'] == '1')
{
    
$username $_POST['username'];
    
$password $_POST['pw'];
    
$password2 $_POST['pw2'];
    
$email $_POST['email'];
    
$fname $_POST['fname'];
    
$lname $_POST['lname'];
    
$city $_POST['city'];
    
$state $_POST['state'];
    
$zip $_POST['zip'];
    
$gender $_POST['gender'];

    if(!
eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$"$email))
    {
        
badrequest("The e-mail was not valid. Please click the back button on your browser and try again.");
    }
    else
    {
        if(!
eregi("[0-9]"$zip))
        {
            
badrequest("Your zip code was not valid, please try again.");
        }
        else
        {
            if (
strlen($zip) != 5)
            {
                
badrequest("Your zip code was not valid, please try again.");
            }
            else
            {
                if (
strlen($state) != 2)
                {
                    
badrequest("Your state is invalid. Please enter your two digit state code.");
                }
                else
                {
                    if (
$password != $password2)
                    {
                        
badrequest("The passwords were not the same. Please click back and try again.");
                    }
                    else
                    {
                        if((
strlen($username) < 3) || (strlen($username) > 19))
                        {
                            
badrequest("Your username must be between 3 and 20 characters");
                        }
                        else
                        {
                            if(
strlen($email) > 29)
                            {
                                
badrequest("Your email must be less than 30 characters");
                            }
                            else
                            {
                                if (
$fname == "" || $lname == "")
                                {
                                    
badrequest("You must enter a first and last name.");
                                }
                                else
                                {
                                    if(
$gender != ("male" || "female"))
                                    {
                                        
badrequest("You must be a male or female.");
                                    }
                                    else
                                    {
                                        if((
strlen($fname) > 20) || (strlen($lname) > 20))
                                        {
                                            
badrequest("Your first and last name must be less than 20 characters.");
                                        }
                                        else
                                        {
                                            if(
$username == $password)
                                            {
                                                
badrequest("Your password can not be the same as your username");
                                            }
                                            else
                                            {
                                                if (
$city =="" || $state == "" || $zip == "")
                                                {
                                                        
badrequest("You must enter a city, state, and zip code. ");
                                                }
                                                else
                                                {
                                                    
$username $db->escape($username);
                                                    
$result$db->query("SELECT * from `users` WHERE username='" $username "'");
                                                    if (
mysql_num_rows($result) != 0)
                                                    {
                                                        
badrequest("That Username is already being used. Please try a different username.");
                                                    }
                                                    else
                                                    {
                                                        
$email $db->escape($email);
                                                        
$result $db->query("SELECT * from `users` WHERE email='" $email "'");
                                                        if (
mysql_num_rows($result) != 0)
                                                        {
                                                            
badrequest("There is already an account associated with that e-mail address.");
                                                        }
                                                        else
                                                        {
                                                            
$username $db->escape($username);
                                                            
$password md5($password);
                                                            
$email $db->escape($email);

                                                            
$fname $db->escape($fname);
                                                            
$lname $db->escape($lname);
                                                            
$city $db->escape($city);
                                                            
$state $db->escape($state);
                                                            
$zip $db->escape($zip);
                                                            
$gender $db->escape($gender);

                                                            
$ip $_SERVER['REMOTE_ADDR'];
                                                            
$subject "Image Space Registration";
                                                            
$from "eli@powerwd.net";
                                                            
$headers "From: $from";
                                                            
$message "
    Thank you for registering an account on Image Space. \n
    Your account gives you the ability to upload your images into competitions. In your profile you can even post personal news, and information about your images.\n \n
    Your login information is as follows:
    Username: "
.$username."
    Password: "
.$password2."\n
    Thank you,
    Image Space Staff"
;
                                                            
$sql "INSERT INTO `users` (`username`, `password`, `email`, `registered`, `shortdescr`, `city`, `state`, `zip`, `firstname`, `lastname`, `gender`) VALUES ('".$username."', '".$password."', '".$email."', now(), 'New Member', '".$city."', '".$state."', '".$zip."', '".$fname."', '".$lname."', '".$gender."');";
                                                            
$db->query($sql) or exit(mysql_error());
                                                            
mail($email,$subject,$message,$headers);
                                                            echo 
"<h2>Registration Complete</h2><p>Congratulations! You have now registered an account on Image Space. You will recieve an e-mail in the next 10 minutes (usually instantly) with your username and password.</p>";
                                                        }
                                                    }
                                                }
                                            }
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
            }
        }
    }
}
else
{
?>

    <fieldset>
        <legend>Register</legend>
        <span>
            Use this form to register an account. Registering an account is free and gives you access to upload images and start your competitions.<br /><br />
            <form action="register.php" method="post">
                <input type="hidden" name="formsent" value="1" />
                <hr />
                <center><b><u>Account Information:</u></b></center><br />
                <b>Username</b>:<br /><input type="text" name="username" size="20" /><br />
                <b>Password</b>:<br /><input type="password" name="pw" size="20" /><br />
                <b>Password Again</b>:<br /><input type="password" name="pw2" size="20" /><br />
                <b>Email</b>:<br /><input type="text" name="email" size="20" /><br />
                <hr />
                <center><b><u>Search Information:</u></b></center><br />
                <b>First Name:</b><input type="text" name="fname" size="20" /><br />
                <b>Last Name:</b><input type="text" name="lname" size="20" /><br />
                <b>City</b>:<br /><input type="text" name="city" size="20" /><br />
                <b>State</b>:<br /><input type="text" name="state" size="2" /><br />
                <b>Zip Code</b>:<br /><input type="text" name="zip" size="20" /><br />
                <hr />
                <center><b><u>Gender:</u></b></center><br />
                <input type="radio" name="gender" value="male">Male<br />
                <input type="radio" name="gender" value="female">Female<br />
                <hr />
                <input type="submit" value="Register" />
            </form>
        </span>
    </fieldset>
<?php
}?>
</div><?php
require_once(ROOT.'include/rightboxes.php');
require_once(
ROOT.'include/footer.php');
?>