Some registration cleanups.

git-svn-id: http://svn.automattic.com/wordpress/trunk@1309 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2004-05-18 20:54:58 +00:00 · 2004-05-18 20:54:58 +00:00 · d9636d1744
parent 734b04d4a9
commit d9636d1744
1 changed files with 12 additions and 16 deletions
--- a/wp-register.php
+++ b/wp-register.php
@ -1,5 +1,5 @@
 <?php
-require(dirname(__FILE__) . '/wp-config.php');
+require('./wp-config.php');
 function add_magic_quotes($array) {
 	foreach ($array as $k => $v) {
@ -42,10 +42,6 @@ switch($action) {
 case 'register':
 	function filter($value)	{
 		return ereg('^[a-zA-Z0-9\_-\|]+$',$value);
 	}
 	$user_login = $_POST['user_login'];
 	$pass1 = $_POST['pass1'];
 	$pass2 = $_POST['pass2'];
@ -81,19 +77,19 @@ case 'register':
 	}
 	$user_ip = $_SERVER['REMOTE_ADDR'] ;
 	$user_domain = gethostbyaddr($_SERVER['REMOTE_ADDR'] );
 	$user_browser = addslashes($_SERVER['HTTP_USER_AGENT']);
-	$user_login = addslashes($user_login);
+	$user_browser = $wpdb->escape($_SERVER['HTTP_USER_AGENT']);
-	$pass1 = addslashes($pass1);
+
-	$user_nickname = addslashes($user_nickname);
+	$user_login = $wpdb->escape($user_login);
 	$pass1 = $wpdb->escape($pass1);
 	$user_nickname = $wpdb->escape($user_nickname);
 	$now = gmdate('Y-m-d H:i:s');
 	$new_users_can_blog = get_settings('new_users_can_blog');
 	$result = $wpdb->query("INSERT INTO $tableusers 
-		(user_login, user_pass, user_nickname, user_email, user_ip, user_domain, user_browser, dateYMDhour, user_level, user_idmode)
+		(user_login, user_pass, user_nickname, user_email, user_ip, user_browser, dateYMDhour, user_level, user_idmode)
 	VALUES 
-		('$user_login', MD5('$pass1'), '$user_nickname', '$user_email', '$user_ip', '$user_domain', '$user_browser', '$now', '$new_users_can_blog', 'nickname')");
+		('$user_login', MD5('$pass1'), '$user_nickname', '$user_email', '$user_ip', '$user_browser', '$now', '$new_users_can_blog', 'nickname')");
 	if ($result == false) {
 		die (sprintf(__('<strong>ERROR</strong>: Couldn&#8217;t register you... please contact the <a href="mailto:%s">webmaster</a> !'), get_settings('admin_email')));
@ -112,7 +108,7 @@ case 'register':
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-        <title><?php _e('WordPress &raquo; Registration Complete') ?></title>
+        <title>WordPress &raquo; <?php _e('Registration Complete') ?></title>
 	<meta http-equiv="Content-Type" content="text/html; charset=<?php echo get_settings('blog_charset'); ?>" />	
 	<link rel="stylesheet" href="wp-admin/wp-admin.css" type="text/css" />
 </head>
@ -140,7 +136,7 @@ case 'disabled':
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-	<title><?php _e('WordPress &raquo; Registration Currently Disabled') ?></title>
+	<title>WordPress &raquo; <?php _e('Registration Currently Disabled') ?></title>
 	<meta http-equiv="Content-Type" content="text/html; charset=<?php echo get_settings('blog_charset'); ?>">
 	<link rel="stylesheet" href="wp-admin/wp-admin.css" type="text/css">
 </head>
@ -166,7 +162,7 @@ default:
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-	<title><?php _e('WordPress &raquo; Registration Form') ?></title>
+	<title>WordPress &raquo; <?php _e('Registration Form') ?></title>
 	<meta http-equiv="Content-Type" content="text/html; charset=<?php echo get_settings('blog_charset'); ?>" />
 	<link rel="stylesheet" href="wp-admin/wp-admin.css" type="text/css" />
 </head>
@ -192,4 +188,4 @@ default:
 break;
 }
-?>
+?>