#!/usr/bin/perl -wT use CGI qw(:standard); use CGI::Carp qw(warningsToBrowser fatalsToBrowser); use Email::Valid; use DBI; use strict; print header; print start_html("Registration Results"); my $dbh = DBI->connect( "dbi:mysql:usertable", "usertable", "jutedi2") or &dienice("Can't connect to db: $DBI::errstr"); my $username = param('username'); my $password = param('password'); my $realname = param('realname'); my $email = param('email'); # be sure the username is alphanumeric - no spaces or funny characters if ($username !~ /^\w{3,}$/) { &dienice("Please use an alphanumeric username at least 3 letters long, with no spaces."); } # be sure their real name isn't blank if ($realname eq "") { &dienice("Please enter your real name."); } # be sure the password isn't blank or shorter than 6 chars if (length($password) < 6) { &dienice("Please enter a password at least 6 characters long."); } # be sure they gave a valid e-mail address unless (Email::Valid->address($email)) { &dienice("Please enter a valid e-mail address."); } # check the db first and be sure the username isn't already registered my $sth = $dbh->prepare("select * from users where username = ?") or &dbdie; $sth->execute($username) or &dbdie; if (my $rec = $sth->fetchrow_hashref) { &dienice("The username `$username' is already in use. Please choose another."); } # we're going to encrypt the password first, then store the encrypted # version in the database. my $encpass = &encrypt($password); $sth = $dbh->prepare("insert into users values(?, ?, ?, ?, ?)") or &dbdie; $sth->execute($username, $encpass, "CURRENT", $realname, $email) or &dbdie; print qq(<p> You're now registered! Your username is <b>$username</b>, and your password is <b>$password</b>. Login <a href="secure2/">here</a>.</p>\n); print end_html; sub encrypt { my($plain) = @_; my(@salt) = ('a'..'z', 'A'..'Z', '0'..'9', '.', '/'); return crypt($plain, $salt[int(rand(@salt))] . $salt[int(rand(@salt))] ); } sub dienice { my($msg) = @_; print "<h2>Error</h2>\n"; print $msg; exit; } sub dbdie { my($package, $filename, $line) = caller; my($errmsg) = "Database error: $DBI::errstr<br> called from $package $filename line $line"; &dienice($errmsg); }