Executing Code upto insert users:
<?php
require('session.php');
require('encrypt.php');
require('mail.php');
$username = $_POST['user_name'];
$password = rand(10000, 99999);
$name = $_POST['name'];
$password = encrypt($password, 'ganesh');
$email = $_POST['email'];
$terms = $_POST['terms'];
$address = $_POST['address'];
$mobile = $_POST['mobile'];
$dob = $_POST['birth_year'] . '-' . $_POST['birth_month'] . '-' . $_POST['birth_day'];
$ip = $_SERVER['REMOTE_ADDR'];
$url = $_SERVER['HTTP_HOST'];
$url_length = strlen($url);
if (substr($url, 0, 4) == 'www.') {
$url_length = $url_length - 4;
$url = substr($url, 4, $url_length);
}
$msg = '';
if (($username == '' || strlen($username) < 3)) {
$msg = 'Username must contain atleast 3 characters';
return 1;
}
if (preg_match('/[\s|\n|\t|*|&|~|!|@|#|$|%|^|&|*|(|)|-|_|+|=|.|,|<|>|?|"|;|`|:|\[|\]|\/|\']/', $username)) {
$msg = 'Username should not contain special characters';
return 1;
}
if (($name == '' || strlen($name) < 5)) {
$msg = 'Name should contain atleast 5 characters';
return 1;
}
if (!preg_match('/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/', $email)) {
$msg = 'Enter a valid email format!';
return 1;
}
if ((($mobile == '' || strlen($mobile) < 10) || 10 < strlen($mobile))) {
$msg = 'Enter a valid 10 digit mobile number';
return 1;
}
if (!is_numeric($mobile)) {
$msg = 'Enter a valid 10 digit mobile number';
return 1;
}
if ($terms != 'yes') {
$msg = 'Please Accept Terms and Conditions';
return 1;
}
$query = '' . 'select id,username,email,mobile from users where mobile=\'' . $mobile . '\' or email=\'' . $email . '\'';
if (!($result = mysql_query($query))) {
exit(mysql_error());
(bool) true;
}
$numrows = mysql_num_rows($result);
if (0 < $numrows) {
if ($row = mysql_fetch_array($result)) {
if ($row[2] == $email) {
if ($row[3] == $mobile) {
$msg = '' . $mobile . ' and ' . $email . ' are already registered with us.';
}
$msg = '' . $email . ' is already registered with us';
}
$msg = '' . $mobile . ' is already registered with us';
}
} else {
$username_query = '' . 'select id from users where username=\'' . $username . '\' and url=\'' . $url . '\'';
if (!($username_result = mysql_query($username_query))) {
exit(mysql_error());
(bool) true;
}
if (mysql_num_rows($username_result) == 1) {
$msg = 'Username already exists!! Please select a different username.';
return 1;
}
$q = '' . 'insert into users (`username`,`password`,`url`,`name`,`email`,`address`,`mobile`,`ip`,`dob`) values (\'' . $username . '\',\'' . $password . '\',\'' . $url . '\',\'' . $name . '\',\'' . $email . '\',\'' . $address . '\',\'' . $mobile . '\',\'' . $ip . '\',\'' . $dob . '\')';
Not Executing Code :
if (!($r = mysql_query($q))) {
exit(mysql_error());
(bool) true;
}
$userid = mysql_insert_id();
if (mysql_affected_rows() == 1) {
$rQ = '' . 'select userid from resellers where url=\'' . $url . '\'';
if (!($rR = mysql_query($rQ))) {
exit(mysql_error());
(bool) true;
}
if ($rRow = mysql_fetch_array($rR)) {
$reseller_id = $rRow[0];
$credit = '5';
$cr_query = '' . 'select credit,valuation,valuation_criteria from user_details where userid=\'' . $reseller_id . '\'';
if (!($cr_result = mysql_query($cr_query))) {
exit(mysql_error());
(bool) true;
}
$cr_row = mysql_fetch_array($cr_result);
$valuation = $cr_row[1];
$valuation_criteria = $cr_row[2];
$reseller_credit = $cr_row[0] - 5;
if (0 <= $reseller_credit) {
$uc_query = '' . 'update user_details set credit=\'' . $reseller_credit . '\' where userid=\'' . $reseller_id . '\'';
if (!($uc_result = mysql_query($uc_query))) {
exit(mysql_error());
(bool) true;
}
} else {
$credit = 4;
}
$ud_query = '' . 'insert into user_details(`userid`,`reseller_id`,`credit`,`valuation`,`valuation_criteria`) values (\'' . $userid . '\',\'' . $reseller_id . '\',\'' . $credit . '\',\'' . $valuation . '\',\'' . $valuation_criteria . '\')';
mysql_query($ud_query);
if (mysql_affected_rows() == 1) {
$subject = 'New User Registration';
$sent_password = decrypt($password, 'smspanel');
$message = '' . 'You have registered at ' . $url . ' <br>Username = ' . $username . ' <br> Password = ' . $sent_password . ' <br> URL = ' . $url;
$senderID = '' . 'info <info@' . $url . '>';
$m = new email($subject, $message, $senderID, $email);
$m->send();
$rq = '' . 'select routeID from users where id=' . $userid;
if (!($rr = mysql_query($rq))) {
exit(mysql_error());
(bool) true;
}
$ra = mysql_fetch_array($rr);
$routeID = $ra[0];
$sender_id = 'SMSPAN';
$message_content = '' . 'Dear ' . $name . ', Your account with Username: ' . $username . ' and Password: ' . $sent_password . ' is successfully created. Please login at URL: ' . $url . '.';
$job_q = '' . 'Insert into jobs(`userid`,`total_messages`,`message`,`sender_id`,`routeID`,`status`,`queue_id`) values (\'1\',\'1\',\'' . $message_content . '\',\'' . $sender_id . '\',\'' . $routeID . '\',\'InProgress\',\'900\')';
if (!($job_r = mysql_query($job_q))) {
exit(mysql_error());
(bool) true;
}
$job_id = mysql_insert_id();
$create_q = 'CREATE TABLE IF NOT EXISTS `' . $job_id . '` (
`id` int(11) NOT NULL auto_increment,
`mobile` bigint(20) NOT NULL,
`routeID` int(11) NOT NULL,
`status` varchar(20) NOT NULL default \'Sent\', `handler` varchar(20) NOT NULL,
PRIMARY KEY (`id`)
) ';
if (!(mysql_query($create_q))) {
exit(mysql_error());
(bool) true;
}
$values = '' . '(\'' . $routeID . '\',\'' . $mobile . '\',\'Sent\')';
$m_query = 'Insert into `' . $job_id . ('' . '` (`routeID`,`mobile`,`status`) values ' . $values);
mysql_query($m_query);
$un_q = '' . 'insert into user_numbers(`number`) values(\'' . $mobile . '\')';
mysql_query($un_q);
echo ' <meta http-equiv="refresh" content="0; url=thanks.php?msg=register" />
';
}
}
}
}
?>
it's not throwing any error message, how to fix this issue?