1 files changed, 89 insertions, 0 deletions

diff --git a/lib/ui.lib.php b/lib/ui.lib.php
index de906ed3..1f1665d6 100644
--- a/lib/ui.lib.php
+++ b/lib/ui.lib.php
@@ -1103,5 +1103,94 @@ function show_genre_pulldown ($name,$selected='',$size=1,$width=0,$style='') {
 
 } // show_genre_pulldown
 
+function username_exists($check_user){
+
+	$check_user = sql_escape($check_user);
+
+	$sql = "SELECT * FROM user WHERE username='$check_user'";
+	$db_results = mysql_query($sql, dbh());
+ 
+	if ($r = mysql_fetch_assoc($db_results)) {
+		return true;
+	}
+	else {
+		return false;
+	}
+} // username_exists
+
+/**
+ * new_user
+ * FIXME: This needs to be done right... I don't know how right is
+ * but my guess is this isn't it, so anyway this just creates a new user
+ * this should really use the built in functions rather than creating
+ * a new one
+ */
+function new_user($username, $fullname, $email, $password) {
+
+	/* First lets clean up the fields... */
+	$username       = sql_escape($username);
+	$fullname       = sql_escape($fullname);
+	$email          = sql_escape($email);
+	$access         = '5';
+	if(conf('auto_user')){
+        	$access='25';
+	}
+
+	/* Check to see if the user exists... */
+	//FIXME: Use the error class 
+	if(username_exists($username)){
+	        return false;
+	}
+
+	/* Uhh let's not auto-pass through in this fashion FIXME */
+	else {
+		/* Apparently it's a new user, now insert the user into the database*/
+		$sql = "INSERT INTO user (username, fullname, email, password, access) VALUES" .
+			" ('$username','$fullname','$email',PASSWORD('$password'),'$access')";
+		$db_results = mysql_query($sql, dbh());
+		show_template('style');
+		show_confirmation('Registration Complete','You have registered succesfully','/login.php');
+	}
+
+	return true;
+ 
+} // new_user
+
+/**
+ * good_email
+ * Don't get me started... I'm sure the indenting is still wrong on this
+ * it shouldn't be named this, it should be documented, yea this needs
+ * some serious MOJO work
+ */
+function good_email($email) {
+	// First check that there's one @ symbol, and that the lengths are good
+	if (!ereg("^[^@]{1,64}@[^@]{1,255}$", $email)) {
+		// Email invalid because wrong number of characters in one section, or wrong number of @ symbols.
+		return false;
+	}
+
+	// Split it into sections
+	$email_array = explode("@", $email);
+	$local_array = explode(".", $email_array[0]);
+	for ($i = 0; $i < sizeof($local_array); $i++) {
+		if (!ereg("^(([A-Za-z0-9!#$%&'*+/=?^_`{|}~-][A-Za-z0-9!#$%&'*+/=?^_`{|}~\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))$", $local_array[$i])) {
+				return false;
+			}
+		}
+	if (!ereg("^\[?[0-9\.]+\]?$", $email_array[1])) { // Check if domain is IP. If not, it should be valid domain name
+		$domain_array = explode(".", $email_array[1]);
+		if (sizeof($domain_array) < 2) {
+			return false; // Not enough parts to domain
+		}
+		for ($i = 0; $i < sizeof($domain_array); $i++) {
+			if (!ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))$", $domain_array[$i])) {
+				return false;
+			}
+		}
+	}
+	return true;
+} //good_email
+
+
 
 ?>