- // Write user data to table
- if (EXT_IS_ACTIVE("country")) {
- // Save with new selectable country code
- $countryRow = "country_code";
- $countryData = bigintval($_POST['country_code']);
- } else {
- // Old way with enterable two-char-code
- $countryRow = "country";
- $countryData = addslashes(substr($_POST['cntry'], 0, 2));
- }
-
- //////////////////////////////
- // Create user's account... //
- //////////////////////////////
- //
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_data (gender, surname, family, street_nr,%s, zip, city, email, birth_day, birth_month, birth_year, password, max_mails, receive_mails, refid, status, user_hash, REMOTE_ADDR, joined, last_update".$ADD1.")
-VALUES ('%s','%s','%s','%s','%s',%s,'%s','%s',%s, %s,%s,'%s',%s, %s,'%s','UNCONFIRMED','%s','%s', UNIX_TIMESTAMP(), UNIX_TIMESTAMP()".$ADD2.")",
- array(
- $countryRow,
- SQL_ESCAPE(substr($_POST['gender'], 0, 1)),
- SQL_ESCAPE($_POST['surname']),
- SQL_ESCAPE($_POST['family_name']),
- SQL_ESCAPE($_POST['street_nr']),
- $countryData,
- bigintval($_POST['zip']),
- SQL_ESCAPE($_POST['city']),
- SQL_ESCAPE($_POST['addy']),
- bigintval($_POST['day']),
- bigintval($_POST['month']),
- bigintval($_POST['year']),
- generateHash($_POST['pass1']),
- bigintval($_POST['max_mails']),
- bigintval($_POST['max_mails']),
- bigintval($_POST['refid']),
- $hash,
- GET_REMOTE_ADDR(),
- ), __FILE__, __LINE__);
-
- // Get his userid
- $userid = SQL_INSERTID();
-
- // Did this work?
- if ($userid == 0) {
- // Something bad happened!
- LOAD_TEMPLATE("admin_settings_saved", false, USER_NOT_REGISTERED);
- return;
- } // END - if
-
- // Is the refback extension there?
- if (EXT_IS_ACTIVE("refback")) {
- // Update refback table
- UPDATE_REFBACK_TABLE($userid);
- } // END - if
-
- // Write his welcome-points
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_user_points WHERE userid=%s AND ref_depth=0 LIMIT 1",
- array(bigintval($userid)), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 0) {
- // Add only when the line was not found (maybe some more secure?)
- $locked = "points";
- if ($_CONFIG['ref_payout'] > 0) $locked = "locked_points"; // Pay him later. First he has to confirm some mails!
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_user_points (userid, ref_depth, ".$locked.") VALUES(%s,0,'%s')",
- array(bigintval($userid), $_CONFIG['points_register']), __FILE__, __LINE__);