\n";
}
function createAccount($login,$pw,$displayed_name,$email)
{
$query = "INSERT INTO `games` (`gameidlogin`,`displayed_name`,`password`,`email`,`hidden`) VALUES ('$login','$displayed_name','$pw','$email','clientid ')";
mysql_query($query) or
die ("error: account creation: ".mysql_error());
}
function highscoreTableExists($login)
{
$exists = mysql_query("SELECT 1 FROM $login LIMIT 0");
if ($exists) return true;
return false;
}
function accountExists($login)
{
$query="SELECT gameidlogin FROM games WHERE gameidlogin='$login'";
$result = mysql_query($query) or
die ("error: account excistence check: ".mysql_error());
if (mysql_num_rows($result) > 0)
return true;
else
return false;
}
function deleteAccount($login)
{
$query = "DELETE FROM `games` WHERE gameidlogin='$login'";
mysql_query($query) or
die ("error: deleting account: ".mysql_error());
if(highscoreTableExists($login))
{
$query = "DROP TABLE `$login`";
mysql_query($query) or
die ("error: dropping higscore table: ".mysql_error());
}
}
function isValidEmail($email)
{
return eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email);
}
function inputOk($login,$pw,$pw2,$gamename,$email)
{
$error="";
if($login=="")
$error.="Empty login/game-id not allowed!
";
else if($login!= ereg_replace("[^A-Za-z0-9_]","",$login))
$error.="'$login' is not allowed as a login/game-id because of invalid characters! (allowed: A-Za-z0-9_)
";
if($login=="games")
$error.="'games' is not allowed as a login/game-id!
";
if($login=="serverlist")
$error.="'serverlist' is not allowed as a login/game-id!
";
if($gamename=="")
$error.="Empty gamename not allowed!
";
if(!isValidEmail($email))
$error.="E-mail invalid: $email!
";
if($pw=="")
$error.="Empty password not allowed!
";
if($pw2!=$pw)
$error.="Password mismatch!
(Password should be equal to password2.)
";
if($error!="")
{
echo "
$error
";
return false;
}
else
{
return true;
}
}
//session management
if (isset($_SESSION['login']))
{
$login = $_SESSION['login'];
}
else
{
$login = "";
}
if (isset($_SESSION['loggedin']))
{
$loggedin = $_SESSION['loggedin'];
}
else
{
$loggedin = false;
}
if(isset($_REQUEST["logout"]))
{
logout();
$login="";
}
if(isset($_REQUEST["submit"])) $submit = $_REQUEST["submit"]; else $submit="";
if($submit !="") //$submit is equal to "login" or "create"
{
if(isset($_REQUEST["login"])) $login = $_REQUEST["login"]; else $login=$login;
if(isset($_REQUEST["pw"])) $pw = $_REQUEST["pw"]; else $pw="";
if($submit=="create") //if $submit is equal to "create" we need to get the rest of the form data...
{
if(isset($_REQUEST["pw2"])) $pw2 = $_REQUEST["pw2"]; else $pw2="";
if(isset($_REQUEST["gamename"])) $gamename = $_REQUEST["gamename"]; else $gamename="";
if(isset($_REQUEST["mail"])) $mail = $_REQUEST["mail"]; else $mail="";
if(inputOk($login,$pw,$pw2,$gamename,$email))
{
if(!accountExists($login))
{
createAccount($login,$pw,$gamename,$email);
}
else
{
echo "Account already in use! Please chose another unique game identifier!
";
}
}
}
}
if (!$loggedin && $login && $pw)
$loggedin = loginAllowed($login,$pw);
if($loggedin && isset($_REQUEST["deleteaccount"]))
{
logout();
deleteAccount($login);
$login="";
echo "Account has been deleted!...
";
}
if ($loggedin)
{
include ("admin.php");
}
else
{
include ("loginform.php");
$login = "";
}
//session management
$_SESSION['login']=$login;
$_SESSION['loggedin']=$loggedin;
include("disconnect.php");
?>