diff options
| -rw-r--r-- | lib/config.php | 24 | ||||
| -rw-r--r-- | register.php | 12 |
2 files changed, 30 insertions, 6 deletions
diff --git a/lib/config.php b/lib/config.php new file mode 100644 index 0000000..2f150bb --- /dev/null +++ b/lib/config.php @@ -0,0 +1,24 @@ +<?php +error_reporting(E_ERROR | E_PARSE); + +$file_path = $_SERVER['DOCUMENT_ROOT'] . '/config.ini'; + +$c = parse_ini_file($file_path, true) ?: []; + +define('DB_URL', $c['database']['url'] ?? null); +define('DB_USER', $c['database']['user'] ?? null); +define('DB_PASS', $c['database']['pass'] ?? null); + +define('USERNAME_REGEX', $c['registration']['regex'] ?? '/^[a-zA-Z0-9_]+$/'); + +define('USERNAME_LENGTH', [ + intval($c['registration']['min_username_length']) ?: 8, + intval($c['registration']['max_username_length']) ?: 20, +]); +define('PASSWORD_LENGTH', intval($c['registration']['min_password_length']) ?: 8); +define('USERNAME_ID_RANGE', [ + intval($c['registration']['min_id_length']) ?: 0, + intval($c['registration']['max_id_length']) ?: PHP_INT_MAX +]); + +define('IS_JSON_REQUEST', isset($_SERVER['HTTP_ACCEPT']) && str_contains($_SERVER['HTTP_ACCEPT'], 'application/json'));
\ No newline at end of file diff --git a/register.php b/register.php index 8892679..2c32e64 100644 --- a/register.php +++ b/register.php @@ -14,18 +14,18 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') { $username = trim($username); - if (!preg_match('/^[a-zA-Z0-9_]+$/', $username)) { + if (!preg_match(USERNAME_REGEX, $username)) { exit(create_alert('/register.php', 400, 'Your username must contain only letters and numbers!', null)); } $username_len = strlen($username); - if ($username_len < 4 || $username_len > 20) { - exit(create_alert('/register.php', 400, 'Your username must be between 4 and 20 characters long', null)); + if ($username_len < USERNAME_LENGTH[0] || $username_len > USERNAME_LENGTH[1]) { + exit(create_alert('/register.php', 400, sprintf('Your username must be between %d and %d characters long', USERNAME_LENGTH[0], USERNAME_LENGTH[1]), null)); } - if (strlen($password) < 8) { - exit(create_alert('/register.php', 400, 'Your password must be at least 8 characters long', null)); + if (strlen($password) < PASSWORD_LENGTH) { + exit(create_alert('/register.php', 400, sprintf('Your password must be at least %d characters long', PASSWORD_LENGTH), null)); } $db = new PDO(DB_URL, DB_USER, DB_PASS); @@ -39,7 +39,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') { $userid = 0; do { - $userid = random_int(90_000_000_000_000_000, 99_000_000_000_000_000); + $userid = random_int(USERNAME_ID_RANGE[0], USERNAME_ID_RANGE[1]); $stmt = $db->prepare('SELECT username FROM users WHERE id = ?'); $stmt->execute([$userid]); } while ($stmt->rowCount() > 0); |