%'****Response.Redirect("default.asp")
'**** Module: Registration
'**** Page: getAccountDD.asp
'**** Author: Stephen Takakuwa
'**** Date: July 6, 1998
'**** Description: This is the registration page.
'**** It can be reached from login.asp.
'**** It contains links to default.asp
'**** getAccount.asp (on FORM submit)
'**** login.asp.
'**** This page allows users to set discussion prefrences
'**** -- changed filename to avoid cacheing bug - alb
'**** Revisions:
%>
<%
function EscSingleQuotes (temp)
EscSingleQuotes = Replace(temp,"'","''")
end function
function ConvertAngleBrackets (temp)
temp2 = Replace(temp,"<","<")
ConvertAngleBrackets=Replace(temp2,">",">")
end function
%>
<%
Dim errorString
if Request.QueryString("FormMode")="" then
Response.Redirect "default.asp"
end if
Set smarty = openDB()
'**** on form submit
if Request.QueryString("FormMode") = "submit" then
userName=Request.Form("USER_NAME")
email=Request.Form("EMAIL")
'****Exception handling here
'****Check username < 3 characters
if (len(userName) < 3) then
errorString=errorString+"
Your username must be more than 3 or more characters in length. Try typing a longer username.
"
end if
'****Check username > 12 characters
if (len(userName) > 32) then
errorString=errorString+"Your username must be less than 32 or fewer characters in length. You shouldn't have been able to do that...quit trying to hack the system.
"
end if
'****Check for weird characters in username
er=1
for i = 1 to Len(userName)
if Asc(Mid(userName, i, 1)) = 39 OR Asc(Mid(userName, i, 1)) =96 OR Asc(Mid(userName, i, 1)) =34 OR Asc(Mid(userName, i, 1)) =60 OR Asc(Mid(userName, i, 1)) =62 OR Asc(Mid(userName, i, 1)) =32 OR Asc(Mid(userName, i, 1)) = 45 then
er = 0
exit for
end if
next
if (er=0) then
errorString=errorString+"Your username contains characters that are not supported.
"
end if
'**** Check email
DIM at, dot, theDomain
at ="@"
dot="."
if inStr(email, at)=false or inStr(email,dot)=false then
errorString=errorString+"Please check your email address and make sure it's in the form 'your.name@your.host.com\'.
"
end if
'**********************THIS CODE IS NEW***********************
'**specifically look for daveyd accounts!!!!!!!!!!!!!!!!!!!!!!
'**this change has not been source safed!!!!!!!!!!!!!!!!!!!!!!
emailArray = split (email,"@")
if ltrim(rtrim(emailArray(1)))="www.daveyd.com" OR ltrim(rtrim(emailArray(1)))="daveyd.com" then
errorString=errorString+"You may not register with a daveyd.com account."
end if
'**** If no other errors to this point, is the username already taken?
if (strComp(errorString,"")=0) then
sqlstr = "SELECT USERNAME FROM PERSONAL_INFO WHERE LOWER(USERNAME)='"&LCase(userName)&"'"
Set record = smarty.Execute(sqlstr)
if (not(record.BOF AND record.EOF)) then
errorString=errorString+"Sorry, the username "&userName&" is already taken...please try another.
"
end if
sqlstr = "SELECT EMAIL FROM PERSONAL_INFO WHERE LOWER(EMAIL)='"&LCase(email)&"'"
Set record = smarty.Execute(sqlstr)
if (not(record.BOF AND record.EOF)) then
errorString=errorString+"Sorry, the email address "&email&" is already in use...please try another.
"
end if
record.close
end if
'**** If no duplication of username, put new user into database,
'**** assign and record random password,
'**** assign session variable, redirect to login
if (strComp(errorString,"")=0) then
currentDate=Date()
currentTime=Time()
MD9password="FISHY"
sqlstr="INSERT INTO PERSONAL_INFO (USERNAME, LAST_NAME, PASSWORD, EMAIL, ACCOUNT_CREATED, "
sqlstr=sqlstr+"LAST_LOGIN, ACCESS_LEVEL, TOAD_STATUS) VALUES "
sqlstr=sqlstr+"('"&userName&"','"&userName&"','"&MD9password&"','"&email&"','"¤tDate&" "¤tTime&"','"¤tDate&" "¤tTime&"',250,0)"
smarty.Execute(sqlstr)
sqlstr="SELECT USER_ID FROM PERSONAL_INFO WHERE LOWER(EMAIL)='"&LCase(email)&"'"
Set record = smarty.Execute(sqlstr)
if (record.BOF and record.EOF) then
'****errrrrrror
else
userID = record("USER_ID")
end if
MD9password="FISHY"
password=""
num=62
for j = 1 to 10
randomize second(Time())
i=rnd()
pass = int(i*num)
if pass>=36 and pass<62 then'**** 97-122
pass=pass+61
elseif pass>=10 and pass<36 then '**** 65-90
pass=pass+55
elseif pass>=0 AND pass<10 then '**** 48-57
pass=pass+48
end if
password=password+Chr(pass)
next
'**** This scrambles the password for saving in the personal_info table
'**** The random start character is seeded with the userID number
temp=cStr(userID)
start=int(Mid(temp,Len(temp),1))+1
do while start>Len(password)
start=start-Len(password)
loop
MD9password=""
for i = start to Len(password)
MD9password=MD9password&Len(Asc(Mid(password,i,1)))&Asc(Mid(password,i,1))
next
for i = 1 to start-1
MD9password=MD9password+cStr(Len(Asc(Mid(password,i,1))))+cStr(Asc(Mid(password,i,1)))
next
'**** End of password scramble
smarty.Execute("UPDATE PERSONAL_INFO SET PASSWORD='"&MD9password&"' WHERE USER_ID="&userID)
'**** Default permissions assigned to PUBLIC newsgroups and
'**** to PUBLIC discussions
'**** Add to newsgroup X, read and write permissions
sqlstr="SELECT NEWSGROUP_ID FROM NEWSGROUPS WHERE GROUP_TYPE='PUBLIC'"
Set record= smarty.Execute(sqlstr)
Do while NOT(record.EOF)
sqlstr = "INSERT INTO PERMISSIONS (USER_ID, NEWSGROUP_ID, READR, WRITE) VALUES ("&userID&", "&record("NEWSGROUP_ID")&", 1, 1)"
smarty.Execute sqlstr
record.MoveNext
Loop
'**** Subscribe to all PUBLIC discussions
sqlstr="SELECT DISCUSSION_ID FROM DISCUSSIONS WHERE GROUP_TYPE='PUBLIC'"
Set record= smarty.Execute(sqlstr)
Do while NOT(record.EOF)
sqlstr ="INSERT INTO DISCUSSION_USERS (USER_ID, DISCUSSION_ID) VALUES ("&userID&","&record("DISCUSSION_ID")&")"
smarty.Execute sqlstr
record.MoveNext
Loop
'**** Prevent read messages in profile
sqlstr ="INSERT INTO PRIVACY_USERS (USER_ID, PRIVACY_ID) VALUES ("&userID&",8)"
smarty.Execute sqlstr
'**** Add to general users group to enable chat
sqlstr ="DELETE USER_GROUP_USERS WHERE USER_ID="&userID
smarty.Execute sqlstr
sqlstr ="INSERT INTO USER_GROUP_USERS (USER_ID, USER_GROUP_ID) VALUES ("&userID&",1)"
smarty.Execute sqlstr
'**** Email to user
'**** revised to pull from sys email table instead of embedding the copy in this asp file - alb
set EMrecord = smarty.Execute("SELECT SENDER,REPLY_TO,BODY,GREETING,SUBJECT FROM SYS_EMAIL WHERE EMAIL_FUNCTION='reg'")
if NOT (EMrecord.EOF AND EMrecord.BOF) then
sender = EMrecord("SENDER")
replyString = EMrecord("REPLY_TO")
body = EMrecord("BODY")
body = EscSingleQuotes(body)
bodyString = EMrecord("GREETING")
bodyString = EscSingleQuotes(bodyString)
subjectString = EMrecord("SUBJECT")
'*** add goodies to the body of the email
bodyString = bodyString&chr(13)&chr(10)&" UserName: "&userName&chr(13)&chr(10)
bodyString = bodyString+" Password: "&password&chr(13)&chr(10)
bodyString = bodyString+" Registered Email Address: "&email&chr(13)&chr(10)
bodyString = bodyString&body
senderString = sender&chr(13)&chr(10)&"X-Info-Broker: "&Application("WEB_HOST_NAME")&chr(13)&chr(10)
else
error = "Contact your administrator. The system wide email settings have not been entered."
end if
sqlstr="INSERT INTO EMAIL (USER_ID, SUBJECT, FROM_LINE, TO_LINE, REPLY_TO, STATUS, BODY) VALUES "
sqlstr=sqlstr+"("&userID&",'"&subjectString&"','"&sender&"','"&email&"','"&replyString&"','QUEUED','"&bodyString&"')"
smarty.Execute(sqlstr)
'**** done, so close connections and forward to login
record.close
closeDB(smarty)
Set record = Nothing
Response.Redirect"login.asp?FormMode=loginSent"
end if
end if
%>
Register Here
<% nav_bar_public() %>

eLine SmartConf(TM) System (v1.0)
<%
if (Request.QueryString("FormMode")="submit") then
Response.Write("Oops! A few problems were found with the information you entered:
")
Response.Write("")
Response.Write("Please try re-entering you information below.
")
end if
%>
If you're a new user, register here:
If you've already registered and have a username and password, enter through the login page.