<%@ Language=JScript %>

<!--#include file="../includes/db.asp"-->
<!--#include file="../includes/email.asp"-->
<!--#include file="../functions/dates.asp"-->

<%
var username = prepSQL(Request.Form("username"));
var pwd = prepSQL(Request.Form("password"));
var email = prepSQL(Request.Form("email"));
var emailpublic = Request.Form("emailpublic");
if (emailpublic == "on")
	emailpublic = "1";
else
	emailpublic = "0";
var rating = 1000;

//Check if the username already exists
var rs = Server.CreateObject("adodb.recordset");
var sql = "SELECT username FROM [user] WHERE username = '" + username + "'";
rs.Open(sql, connStr);

if (rs.EOF || rs.BOF)
{
	rs.Close;
	
	sql = "SELECT id, username FROM [user] WHERE email = '" + email + "'";
	rs.Open(sql, connStr);
	
	if (!(rs.eof || rs.BOF))
	{
		if (String(rs("username")) == "null")
		//if there is a user registrered with this email address, but with no username yet, 
		// then register this user (the reason is that he has received a challenge)
		{
			var conn = Server.CreateObject("adodb.connection");
			conn.Open(connStr);
			var sql = "UPDATE [user] SET ";
			sql += "username = '" + username + "'";
			sql += ", pwd = '" + pwd + "'";
			sql += ", regdate = '" + getDate() + "'";
			sql += ", rating = " + rating;
			sql += ", emailpublic = " + emailpublic;
			sql += " WHERE id = " + rs("id");
			conn.Execute(sql);	
			
			rs.Close;
			Session("userid") = String(rs("id"))
			Response.Redirect("../user_registration2.asp");
		}
		else
		{
			Response.Redirect("../user_registration.asp?error=email&email=" + email + "&username=" + username);
		}
	
	}
	else
	{
		//Register the new user
		var conn = Server.CreateObject("adodb.connection");
		conn.Open(connStr);
		var sql = "INSERT INTO [user] (username, pwd, email, regDate, rating, emailpublic) VALUES (";
		sql += "'" + username + "'";
		sql += ", '" + pwd + "'";
		sql += ", '" + email + "'";
		sql += ", '" + getDate() + "'";
		sql += ", " + rating;
		sql += ", " + emailpublic;
		sql += ");"

		conn.Execute(sql);
		
		sql = "select @@IDENTITY as newid;";
		rsId = conn.Execute(sql);
		
		Session("userId") = String(rsId(0));
		Session("username") = username;
		rsId.close;
		
		rs.Close;
		
		//Send an email confirmation with username and password
		toaddress = email;
		toname = username;

		var title = "";
		var body = "";
	
		title = "Welcome to the ladder!";
		body = "Hi " + toname + "\n\n";
		body += "You have registered as a player at the Empire Deluxe Ladder with the following information.\n";
		body += "\n";
		body += "Username: " + username + "\n";
		body += "Password: " + pwd + "\n";
		body += "\n";
		body += "Now you can begin finding other players to play against.\n";
		body += "Good luck,\n";
		body += "\nThe Empire Deluxe Ladder\n";
		body += "www.givoni.com/empire/";
		sendEmail(toaddress, title, body);
		
		Response.Redirect("../user_registration2.asp");
	}
}
else
{
	Response.Redirect("../user_registration.asp?error=username&email=" + email);
}
%>