From 29477e67ede12347b153e2255325327374e1b073 Mon Sep 17 00:00:00 2001 From: ilotterytea Date: Tue, 9 Dec 2025 01:43:12 +0500 Subject: feat: new configuration --- account/register.php | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) (limited to 'account/register.php') diff --git a/account/register.php b/account/register.php index 76dc27c..59ea886 100644 --- a/account/register.php +++ b/account/register.php @@ -7,7 +7,7 @@ if (authorize_user()) { exit; } -if (!ACCOUNT_REGISTRATION_ENABLE) { +if (!CONFIG['account']['registration']) { generate_alert("/404.php", "Account registration is disabled", 403); exit; } @@ -24,23 +24,23 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { $username = $_POST["username"]; $username_length = strlen($username); - if (ACCOUNT_USERNAME_LENGTH[0] > $username_length || $username_length > ACCOUNT_USERNAME_LENGTH[1]) { - generate_alert("/account/register.php", sprintf("Username must be between %d-%d characters long", ACCOUNT_USERNAME_LENGTH[0], ACCOUNT_USERNAME_LENGTH[1])); + if (CONFIG['account']['minusernamelength'] > $username_length || $username_length > CONFIG['account']['maxusernamelength']) { + generate_alert("/account/register.php", sprintf("Username must be between %d-%d characters long", CONFIG['account']['minusernamelength'], CONFIG['account']['maxusernamelength'])); exit; } - if (!preg_match(ACCOUNT_USERNAME_REGEX, $username)) { + if (!preg_match(CONFIG['account']['regex'], $username)) { generate_alert("/account/register.php", "Bad username"); exit; } $password = $_POST["password"]; - if (ACCOUNT_PASSWORD_MIN_LENGTH > strlen($password)) { - generate_alert("/account/register.php", "Password must be at least " . ACCOUNT_PASSWORD_MIN_LENGTH . " characters"); + if (CONFIG['account']['minpasswordlength'] > strlen($password)) { + generate_alert("/account/register.php", "Password must be at least " . CONFIG['account']['minpasswordlength'] . " characters"); exit; } - $db = new PDO(DB_URL, DB_USER, DB_PASS); + $db = new PDO(CONFIG['database']['url'], CONFIG['database']['user'], CONFIG['database']['pass']); $stmt = $db->prepare("SELECT id FROM users WHERE username = ?"); $stmt->execute([$username]); @@ -50,7 +50,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { exit; } - $secret_key = generate_random_string(ACCOUNT_SECRET_KEY_LENGTH); + $secret_key = generate_random_string(CONFIG['account']['secretkeylength']); $password = password_hash($password, PASSWORD_DEFAULT); $id = bin2hex(random_bytes(16)); @@ -58,7 +58,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { $stmt = $db->prepare("INSERT INTO users(id, username, password, secret_key) VALUES (?, ?, ?, ?)"); $stmt->execute([$id, $username, $password, $secret_key]); - setcookie("secret_key", $secret_key, time() + ACCOUNT_COOKIE_MAX_LIFETIME, "/"); + setcookie("secret_key", $secret_key, time() + CONFIG['account']['maxcookielifetime'], "/"); header("Location: /account"); exit; } @@ -67,7 +67,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { - Register an account - <?php echo INSTANCE_NAME ?> + Register an account - <?php echo CONFIG['instance']['name'] ?> @@ -81,7 +81,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
-

Register an account in

+

Register an account in

@@ -98,7 +98,8 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {

- Since doesn't require email and password reset via email is + Since doesn't require email and password reset via + email is not supported, please remember your passwords!

-- cgit v1.2.3