<%'****Response.Redirect("default.asp") '**** Module: Registration '**** Page: getAccountDD.asp '**** Author: Stephen Takakuwa '**** Date: July 6, 1998 '**** Description: This is the registration page. '**** It can be reached from login.asp. '**** It contains links to default.asp '**** getAccount.asp (on FORM submit) '**** login.asp. '**** This page allows users to set discussion prefrences '**** -- changed filename to avoid cacheing bug - alb '**** Revisions: %> <% function EscSingleQuotes (temp) EscSingleQuotes = Replace(temp,"'","''") end function function ConvertAngleBrackets (temp) temp2 = Replace(temp,"<","<") ConvertAngleBrackets=Replace(temp2,">",">") end function %> <% Dim errorString if Request.QueryString("FormMode")="" then Response.Redirect "default.asp" end if Set smarty = openDB() '**** on form submit if Request.QueryString("FormMode") = "submit" then userName=Request.Form("USER_NAME") email=Request.Form("EMAIL") '****Exception handling here '****Check username < 3 characters if (len(userName) < 3) then errorString=errorString+"
  • Your username must be more than 3 or more characters in length. Try typing a longer username.
    " end if '****Check username > 12 characters if (len(userName) > 32) then errorString=errorString+"
  • Your username must be less than 32 or fewer characters in length. You shouldn't have been able to do that...quit trying to hack the system.
    " end if '****Check for weird characters in username er=1 for i = 1 to Len(userName) if Asc(Mid(userName, i, 1)) = 39 OR Asc(Mid(userName, i, 1)) =96 OR Asc(Mid(userName, i, 1)) =34 OR Asc(Mid(userName, i, 1)) =60 OR Asc(Mid(userName, i, 1)) =62 OR Asc(Mid(userName, i, 1)) =32 OR Asc(Mid(userName, i, 1)) = 45 then er = 0 exit for end if next if (er=0) then errorString=errorString+"
  • Your username contains characters that are not supported.
    " end if '**** Check email DIM at, dot, theDomain at ="@" dot="." if inStr(email, at)=false or inStr(email,dot)=false then errorString=errorString+"
  • Please check your email address and make sure it's in the form 'your.name@your.host.com\'.
    " end if '**********************THIS CODE IS NEW*********************** '**specifically look for daveyd accounts!!!!!!!!!!!!!!!!!!!!!! '**this change has not been source safed!!!!!!!!!!!!!!!!!!!!!! emailArray = split (email,"@") if ltrim(rtrim(emailArray(1)))="www.daveyd.com" OR ltrim(rtrim(emailArray(1)))="daveyd.com" then errorString=errorString+"
  • You may not register with a daveyd.com account." end if '**** If no other errors to this point, is the username already taken? if (strComp(errorString,"")=0) then sqlstr = "SELECT USERNAME FROM PERSONAL_INFO WHERE LOWER(USERNAME)='"&LCase(userName)&"'" Set record = smarty.Execute(sqlstr) if (not(record.BOF AND record.EOF)) then errorString=errorString+"
  • Sorry, the username "&userName&" is already taken...please try another.
    " end if sqlstr = "SELECT EMAIL FROM PERSONAL_INFO WHERE LOWER(EMAIL)='"&LCase(email)&"'" Set record = smarty.Execute(sqlstr) if (not(record.BOF AND record.EOF)) then errorString=errorString+"
  • Sorry, the email address "&email&" is already in use...please try another.
    " end if record.close end if '**** If no duplication of username, put new user into database, '**** assign and record random password, '**** assign session variable, redirect to login if (strComp(errorString,"")=0) then currentDate=Date() currentTime=Time() MD9password="FISHY" sqlstr="INSERT INTO PERSONAL_INFO (USERNAME, LAST_NAME, PASSWORD, EMAIL, ACCOUNT_CREATED, " sqlstr=sqlstr+"LAST_LOGIN, ACCESS_LEVEL, TOAD_STATUS) VALUES " sqlstr=sqlstr+"('"&userName&"','"&userName&"','"&MD9password&"','"&email&"','"¤tDate&" "¤tTime&"','"¤tDate&" "¤tTime&"',250,0)" smarty.Execute(sqlstr) sqlstr="SELECT USER_ID FROM PERSONAL_INFO WHERE LOWER(EMAIL)='"&LCase(email)&"'" Set record = smarty.Execute(sqlstr) if (record.BOF and record.EOF) then '****errrrrrror else userID = record("USER_ID") end if MD9password="FISHY" password="" num=62 for j = 1 to 10 randomize second(Time()) i=rnd() pass = int(i*num) if pass>=36 and pass<62 then'**** 97-122 pass=pass+61 elseif pass>=10 and pass<36 then '**** 65-90 pass=pass+55 elseif pass>=0 AND pass<10 then '**** 48-57 pass=pass+48 end if password=password+Chr(pass) next '**** This scrambles the password for saving in the personal_info table '**** The random start character is seeded with the userID number temp=cStr(userID) start=int(Mid(temp,Len(temp),1))+1 do while start>Len(password) start=start-Len(password) loop MD9password="" for i = start to Len(password) MD9password=MD9password&Len(Asc(Mid(password,i,1)))&Asc(Mid(password,i,1)) next for i = 1 to start-1 MD9password=MD9password+cStr(Len(Asc(Mid(password,i,1))))+cStr(Asc(Mid(password,i,1))) next '**** End of password scramble smarty.Execute("UPDATE PERSONAL_INFO SET PASSWORD='"&MD9password&"' WHERE USER_ID="&userID) '**** Default permissions assigned to PUBLIC newsgroups and '**** to PUBLIC discussions '**** Add to newsgroup X, read and write permissions sqlstr="SELECT NEWSGROUP_ID FROM NEWSGROUPS WHERE GROUP_TYPE='PUBLIC'" Set record= smarty.Execute(sqlstr) Do while NOT(record.EOF) sqlstr = "INSERT INTO PERMISSIONS (USER_ID, NEWSGROUP_ID, READR, WRITE) VALUES ("&userID&", "&record("NEWSGROUP_ID")&", 1, 1)" smarty.Execute sqlstr record.MoveNext Loop '**** Subscribe to all PUBLIC discussions sqlstr="SELECT DISCUSSION_ID FROM DISCUSSIONS WHERE GROUP_TYPE='PUBLIC'" Set record= smarty.Execute(sqlstr) Do while NOT(record.EOF) sqlstr ="INSERT INTO DISCUSSION_USERS (USER_ID, DISCUSSION_ID) VALUES ("&userID&","&record("DISCUSSION_ID")&")" smarty.Execute sqlstr record.MoveNext Loop '**** Prevent read messages in profile sqlstr ="INSERT INTO PRIVACY_USERS (USER_ID, PRIVACY_ID) VALUES ("&userID&",8)" smarty.Execute sqlstr '**** Add to general users group to enable chat sqlstr ="DELETE USER_GROUP_USERS WHERE USER_ID="&userID smarty.Execute sqlstr sqlstr ="INSERT INTO USER_GROUP_USERS (USER_ID, USER_GROUP_ID) VALUES ("&userID&",1)" smarty.Execute sqlstr '**** Email to user '**** revised to pull from sys email table instead of embedding the copy in this asp file - alb set EMrecord = smarty.Execute("SELECT SENDER,REPLY_TO,BODY,GREETING,SUBJECT FROM SYS_EMAIL WHERE EMAIL_FUNCTION='reg'") if NOT (EMrecord.EOF AND EMrecord.BOF) then sender = EMrecord("SENDER") replyString = EMrecord("REPLY_TO") body = EMrecord("BODY") body = EscSingleQuotes(body) bodyString = EMrecord("GREETING") bodyString = EscSingleQuotes(bodyString) subjectString = EMrecord("SUBJECT") '*** add goodies to the body of the email bodyString = bodyString&chr(13)&chr(10)&" UserName: "&userName&chr(13)&chr(10) bodyString = bodyString+" Password: "&password&chr(13)&chr(10) bodyString = bodyString+" Registered Email Address: "&email&chr(13)&chr(10) bodyString = bodyString&body senderString = sender&chr(13)&chr(10)&"X-Info-Broker: "&Application("WEB_HOST_NAME")&chr(13)&chr(10) else error = "Contact your administrator. The system wide email settings have not been entered." end if sqlstr="INSERT INTO EMAIL (USER_ID, SUBJECT, FROM_LINE, TO_LINE, REPLY_TO, STATUS, BODY) VALUES " sqlstr=sqlstr+"("&userID&",'"&subjectString&"','"&sender&"','"&email&"','"&replyString&"','QUEUED','"&bodyString&"')" smarty.Execute(sqlstr) '**** done, so close connections and forward to login record.close closeDB(smarty) Set record = Nothing Response.Redirect"login.asp?FormMode=loginSent" end if end if %> Register Here <% nav_bar_public() %>

    eLine SmartConf(TM) System (v1.0)
    <% if (Request.QueryString("FormMode")="submit") then Response.Write("Oops! A few problems were found with the information you entered:
    ") Response.Write("") Response.Write("Please try re-entering you information below.


    ") end if %>
    If you're a new user, register here:
    Characters that are not permitted in
    user names include < > ' " - space

    Desired Username:
    Email:
    If you've already registered and have a username and password, enter through the login page.
    <% closeDB(smarty) %>