<?php
define('USER_LENGHT', 3); // Taille minimum du nom de compte
define('PASSWORD_LENGHT', 3); // Taille minimum du mot de passe
class Inscription
{
private $inscriptionId;
private $username;
private $password;
private $passwordRepeat;
private $cryptedPassword;
private $email;
private $inscriptionDate;
private $extension;
private $errorMsg;
private $error;
private $injection;
private function construct()
{
$this->inscriptionDate = date('Y-m-d H:i:s');
$this->error = false;
$this->errorMsg = '';
$this->injection = false;
$this->cryptedPassword = '';
}
private function verifyUsername()
{
if(strlen($this->username) <= USER_LENGHT)
{
$this->error = true;
$this->errorMsg .= '<script language="javascript">
alert("Erreur : Le nom d\'utilisateur choisit est trop court !");
document.location.href="inscription.php"
</script>';
}
$sqlUsername = doquery('SELECT COUNT(*) AS nombre FROM `account` WHERE username=\'' . $this->username.'\'', 0, "db_realmd", FALSE) or die('Erreur : '.mysql_error());
$datasUsername = mysql_fetch_assoc($sqlUsername);
if($datasUsername['nombre'] == 1)
{
$this->error = true;
$this->errorMsg .= '<script language="javascript">
alert("Erreur : Le nom d\'utilisateur choisit est déjà utilisé !");
document.location.href="inscription.php"
</script>';
}
$this->sqlDetect($this->username);
}
private function verifyPassword()
{
if(strlen($this->password) <= PASSWORD_LENGHT)
{
$this->error = true;
$this->errorMsg .= '<script language="javascript">
alert("Erreur : Le mot de passe choisi est trop court !");
document.location.href="inscription.php"
</script>';
}
if($this->password !== $this->passwordRepeat)
{
$this->error = true;
$this->errorMsg .= '<script language="javascript">
alert("Erreur : Les deux mots de passe ne sont pas identique !");
document.location.href="inscription.php"
</script>';
}
$this->sqlDetect($this->password);
}
private function verifyEmail()
{
if(!preg_match('#^[a-z0-9.-_]+@[a-z0-9.-_]{2,}\.[a-z]{2,4}$#', $this->email))
{
$this->error = true;
$this->errorMsg .= '<script language="javascript">
alert("Erreur : L\'adresse email n\'est pas correcte !");
document.location.href="inscription.php"
</script>';
}
$sqlEmail = doquery('SELECT COUNT(*) AS nombre FROM `account` WHERE email=\''.$this->email.'\'', 0, "db_realmd", FALSE) or die('Comparaison des emails : '.mysql_error());;
$datasEmail = mysql_fetch_assoc($sqlEmail);
if($datasEmail['nombre'] != 0)
{
$this->error = true;
$this->errorMsg .= '<script language="javascript">
alert("Erreur : Cette adresse email est déjà utilisé !");
document.location.href="inscription.php"
</script>';
}
$this->sqlDetect($this->email);
}
public function verifyAll()
{
$this->verifyUsername();
$this->verifyEmail();
$this->verifyPassword();
if(!$this->error)
{
$this->cryptedPassword = sha1(strtoupper($this->username).':'.strtoupper($this->password));
doquery('INSERT INTO account(username,
sha_pass_hash,
gmlevel,
email,
joindate,
last_ip,
expansion)
VALUES(\''.$this->username.'\',
\''.$this->cryptedPassword.'\',
0,
\''.$this->email.'\',
\''.$this->inscriptionDate.'\',
\''.$_SERVER['REMOTE_ADDR'].'\',
\''.$this->extension.'\')', 0, "db_realmd", FALSE) or die('Erreur : '.mysql_error());
echo '
<script language="javascript">
alert("Inscription terminée avec succès !");
document.location.href="index.php"
</script>';
}else
{
if($this->injection)
{
echo '
<script language="javascript">
alert("C\'est pas bien ça !");
document.location.href="index.php"
</script>';
}
else
{
echo '
<script language="javascript">
alert("Plusieurs erreurs ont été trouvée durant l\'inscription : '.$this->errorMsg.'");
document.location.href="inscription.php"
</script>';
}
}
}
private function sqlDetect($string)
{
if (preg_match('#INSERT|SELECT|UNION|FROM|WHERE|DELETE#', $string))
{
$this->error = true;
$this->errorMsg .= '<script language="javascript">
alert("Injection sql détectée !");
document.location.href="inscription.php"
</script>';
$this->injection = true;
}
}
public function setUsername($username)
{
$this->username = mysql_real_escape_string($username);
}
public function setPassword($password)
{
$this->password = mysql_real_escape_string($password);
}
public function setPasswordRepeat($password)
{
$this->passwordRepeat = mysql_real_escape_string($password);
}
public function setEmail($email)
{
$this->email = mysql_real_escape_string($email);
}
public function setExtension($extension)
{
$this->extension = $extension;
}
}
?>