setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$error = '';
$success = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
$password = filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING);
$pgp_key = filter_input(INPUT_POST, 'pgp_key', FILTER_SANITIZE_STRING);
if ($username && $password) {
if (strlen($username) > 50 || strlen($password) < 8 || !preg_match('/^[a-zA-Z0-9_]+$/', $username)) {
$error = 'Invalid data';
} else if (strlen($pgp_key) > 4096) {
$error = 'PGP key is too long';
} else {
$stmt = $db->prepare('SELECT COUNT(*) FROM banned_usernames WHERE username = ?');
$stmt->execute([$username]);
if ($stmt->fetchColumn() > 0) {
$error = 'This username is not allowed';
} else {
$stmt = $db->prepare('SELECT COUNT(*) FROM registrations WHERE created_at > DATE_SUB(NOW(), INTERVAL 1 HOUR)');
$stmt->execute();
$count = $stmt->fetchColumn();
if ($count >= 20) {
$error = 'Registration limit exceeded';
} else {
try {
$stmt = $db->prepare('INSERT INTO users (username, password, pgp_key, login_attempts, last_attempt) VALUES (?, ?, ?, 0, NOW())');
$stmt->execute([
$username,
password_hash($password, PASSWORD_DEFAULT, ['cost' => 12]),
$pgp_key
]);
$stmt = $db->prepare('INSERT INTO registrations () VALUES ()');
$stmt->execute();
$success = 'Registration successful';
} catch (PDOException $e) {
$error = 'Username already exists';
}
}
}
}
}
}
?>
Text0Nly - Registration
Registration
Back to chat