PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]); }catch(PDOException $e){ die('No Connection to MySQL database!'); } header('Content-Type: text/html; charset=UTF-8'); session_start(); if(!empty($_SESSION['hosting_username'])){ header('Location: home.php'); exit; } echo ''; echo 'Daniel\'s Hosting - Register'; echo ''; echo ''; echo ''; echo ''; echo '

Hosting - Register

'; echo '

Info | Register | Login | List of hosted sites | FAQ

'; if($_SERVER['REQUEST_METHOD']==='POST'){ $ok=true; $onion=''; $public=0; $php=0; $autoindex=0; $hash=''; $priv_key=''; if($error=check_captcha_error()){ echo "

$error

"; $ok=false; }elseif(empty($_POST['pass'])){ echo '

Error: password empty.

'; $ok=false; }elseif(empty($_POST['passconfirm']) || $_POST['pass']!==$_POST['passconfirm']){ echo '

Error: password confirmation does not match.

'; $ok=false; }elseif(empty($_POST['username'])){ echo '

Error: username empty.

'; $ok=false; }elseif(preg_match('/[^a-z0-9\-_\.]/', $_POST['username'])){ echo '

Error: username may only contain characters that are in the rage of a-z (lower case) - . _ and 0-9.

'; $ok=false; }elseif(strlen($_POST['username'])>50){ echo '

Error: username may not be longer than 50 characters.

'; $ok=false; }else{ $stmt=$db->prepare('SELECT null FROM users WHERE username=?;'); $stmt->execute([$_POST['username']]); if($stmt->fetch(PDO::FETCH_NUM)){ echo '

Error: this username is already registered.

'; $ok=false; } } if($ok){ $check=$db->prepare('SELECT null FROM onions WHERE onion=?;'); if(isset($_REQUEST['private_key']) && !empty(trim($_REQUEST['private_key']))){ $priv_key=trim($_REQUEST['private_key']); if(($pkey=openssl_pkey_get_private($priv_key))!==false){ $details=openssl_pkey_get_details($pkey); if($details['bits']!==1024){ echo '

Error: private key not of bitsize 1024.

'; $ok=false; }else{ $onion=get_onion($pkey); $check->execute([$onion]); if($check->fetch(PDO::FETCH_NUM)){ echo '

Error onion already exists.

'; $ok=false; } } openssl_pkey_free($pkey); }else{ echo '

Error: private key invalid.

'; $ok=false; } }else{ do{ $pkey=openssl_pkey_new(['private_key_bits'=>1024, 'private_key_type'=>OPENSSL_KEYTYPE_RSA]); openssl_pkey_export($pkey, $priv_key); $onion=get_onion($pkey); openssl_pkey_free($pkey); $check->execute([$onion]); }while($check->fetch(PDO::FETCH_NUM)); } if(isset($_POST['public']) && $_POST['public']==1){ $public=1; } if(isset($_POST['php']) && in_array($_POST['php'], [1, 2, 3])){ $php=$_POST['php']; } if(isset($_POST['autoindex']) && $_POST['autoindex']==1){ $autoindex=1; } $priv_key=trim(str_replace("\r", '', $priv_key)); $hash=password_hash($_POST['pass'], PASSWORD_DEFAULT); } $check=$db->prepare('SELECT null FROM users WHERE dateadded>?;'); $check->execute([time()-60]); if($ok && $check->fetch(PDO::FETCH_NUM)){ echo '

To prevent abuse a site can only be registered every 60 seconds, but one has already been registered within the last 60 seconds. Please try again.

'; $ok=false; }elseif($ok){ $stmt=$db->prepare('INSERT INTO users (username, system_account, password, dateadded, public, php, autoindex, mysql_user) VALUES (?, ?, ?, ?, ?, ?, ?, ?);'); $stmt->execute([$_POST['username'], "$onion.onion", $hash, time(), $public, $php, $autoindex, "$onion.onion"]); $stmt=$db->prepare('SELECT id FROM users WHERE username=?;'); $stmt->execute([$_POST['username']]); $user_id=$stmt->fetch(PDO::FETCH_NUM)[0]; $stmt=$db->prepare('INSERT INTO mysql_databases (user_id, mysql_database) VALUES (?, ?);'); $stmt->execute([$user_id, $onion]); $stmt=$db->prepare('INSERT INTO onions (user_id, onion, private_key, version) VALUES (?, ?, ?, ?);'); $stmt->execute([$user_id, $onion, $priv_key, 2]); $create_user=$db->prepare("CREATE USER '$onion.onion'@'%' IDENTIFIED BY ?;"); $create_user->execute([$_POST['pass']]); $db->exec("CREATE DATABASE IF NOT EXISTS `$onion`;"); $db->exec("GRANT ALL PRIVILEGES ON `$onion`.* TO '$onion.onion'@'%';"); $db->exec('FLUSH PRIVILEGES;'); $stmt=$db->prepare('INSERT INTO new_account (user_id, password) VALUES (?, ?);'); $stmt->execute([$user_id, get_system_hash($_POST['pass'])]); if(EMAIL_TO!==''){ $title="A new hidden service $onion has been created"; $msg="A new hidden service http://$onion.onion has been created"; $headers="From: www-data \r\nContent-Type: text/plain; charset=UTF-8\r\n"; mail(EMAIL_TO, $title, $msg, $headers); } echo "

Your onion domain $onion.onion has successfully been created. Please wait up to one minute until the changes have been processed. You can then login here.

"; } } echo '

'; echo ''; echo ''; echo ''; send_captcha(); if($_SERVER['REQUEST_METHOD']!=='POST' || (isset($_POST['public']) && $_POST['public']==1)){ $public=' checked'; }else{ $public=''; } if(isset($_POST['autoindex']) && $_POST['autoindex']==1){ $autoindex=' checked'; }else{ $autoindex=''; } $nophp=''; $php70=''; $php71=''; $php72=''; if(isset($_POST['php']) && $_POST['php']==0){ $nophp=' selected'; }elseif(isset($_POST['php']) && $_POST['php']==1){ $php70=' selected'; }elseif(isset($_POST['php']) && $_POST['php']==2){ $php71=' selected'; }else{ $php72=' selected'; } echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; echo '

Username
Password
Confirm password
PHP version
Publish site on list of hosted sites
Enable autoindex (listing of files)
Custom private key (optional)	'; if(isset($_REQUEST['private_key'])){ echo htmlspecialchars($_REQUEST['private_key']); } echo '
I have read and agreed to the Privacy Policy

'; echo '';