Signups::create PHP Méthode

    public function create($userId, $ip, $hostname, $email, $emailLogHits, $ipHits, $warninLevel)
    {
        $sth = $this->db->prepare("INSERT INTO nyregg (userid, datum, ip, hostname, email, log_mail, log_ip, level) VALUES(?, NOW(), ?, ?, ?, ?, ?, ?)");
        $sth->bindParam(1, $userId, PDO::PARAM_INT);
        $sth->bindParam(2, $ip, PDO::PARAM_STR);
        $sth->bindParam(3, $hostname, PDO::PARAM_STR);
        $sth->bindParam(4, $email, PDO::PARAM_STR);
        $sth->bindParam(5, $emailLogHits, PDO::PARAM_INT);
        $sth->bindParam(6, $ipHits, PDO::PARAM_INT);
        $sth->bindParam(7, $warninLevel, PDO::PARAM_INT);
        $sth->execute();
    }

 public function create($postdata)
 {
     $sth = $this->db->prepare("SELECT * FROM invites WHERE secret = ?");
     $sth->bindParam(1, $postdata["inviteKey"], PDO::PARAM_STR);
     $sth->execute();
     $invite = $sth->fetch(PDO::FETCH_ASSOC);
     if (!$invite) {
         throw new Exception('Inbjudningskoden har utgått.', 412);
     }
     if (strlen($postdata["username"]) < 2) {
         throw new Exception('Användarnamnet är för kort', 411);
     }
     if (strlen($postdata["username"]) > 14) {
         throw new Exception('Användarnamnet är för långt', 411);
     }
     if (!preg_match('/^[a-z0-9][a-z0-9-_]+$/i', $postdata["username"])) {
         throw new Exception('Användarnamnet ska bestå av följande tecken: A-Z 0-9', 412);
     }
     if (!$this->usernameIsAvailable($postdata["username"])) {
         throw new Exception('Användarnamnet \'' . $postdata["username"] . '\' är upptaget', 409);
     }
     if (!preg_match('/^[\\w.-]+@([\\w.-]+\\.)+[a-z]{2,6}$/is', $postdata["email"])) {
         throw new Exception('Ogiltig e-postadress', 412);
     }
     if (!$this->emailIsAvailable($postdata["email"])) {
         throw new Exception('E-postadressen används redan på sidan', 409);
     }
     if (strlen($postdata["password"]) < 6) {
         throw new Exception('Lösenordet är för kort', 411);
     }
     if ($postdata["password"] != $postdata["passwordAgain"]) {
         throw new Exception('Lösenorden stämmer ej överrens', 412);
     }
     switch ($postdata["format"]) {
         case 0:
             $indexlist = '2, 6';
             // DVDR
             break;
         case 3:
             $indexlist = '11, 163';
             // 1080p
             break;
         default:
             $indexlist = '1, 141';
             // 720p
     }
     $age = (int) $postdata["age"];
     $gender = (int) $postdata["gender"];
     $sth = $this->db->query("SELECT id FROM news WHERE announce = 1 ORDER BY id DESC LIMIT 1");
     $res = $sth->fetch(PDO::FETCH_ASSOC);
     if (!$res) {
         $lastReadNews = 0;
     } else {
         $lastReadNews = $res["id"];
     }
     $added = date("Y-m-d H:i:s");
     $passhash = $this->hashPassword($postdata["password"], $added);
     $uploaded = 1073741824 * $this->gigabyteUploadedOnSignup;
     $leechEnd = date('Y-m-d H:i:s', time() + 86400);
     // 24h frree leech
     $sth = $this->db->prepare("INSERT INTO users (username, passhash, email, passkey, invited_by, indexlist, added, gender, alder, leechstart, uploaded, lastreadnews, last_access) VALUES(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, NOW())");
     $sth->bindParam(1, $postdata["username"], PDO::PARAM_STR);
     $sth->bindParam(2, $passhash, PDO::PARAM_STR);
     $sth->bindParam(3, strtolower($postdata["email"]), PDO::PARAM_STR);
     $sth->bindParam(4, md5(uniqid()), PDO::PARAM_STR);
     $sth->bindParam(5, $invite["userid"], PDO::PARAM_INT);
     $sth->bindParam(6, $indexlist, PDO::PARAM_INT);
     $sth->bindParam(7, $added, PDO::PARAM_STR);
     $sth->bindParam(8, $gender, PDO::PARAM_INT);
     $sth->bindParam(9, $age, PDO::PARAM_INT);
     $sth->bindParam(10, $leechEnd, PDO::PARAM_STR);
     $sth->bindParam(11, $uploaded, PDO::PARAM_INT);
     $sth->bindParam(12, $lastReadNews, PDO::PARAM_INT);
     $sth->execute();
     $userId = $this->db->lastInsertId();
     $mailbox = new Mailbox($this->db);
     $mailbox->sendSystemMessage($invite["userid"], "Inbjudan accepterad!", "Din inbjudan är accepterad och hen valde att registrera sig under namnet [url=/user/" . $userId . "/" . $postdata["username"] . "][b]" . $postdata["username"] . "[/b][/url].");
     // Security checks
     $ip = $_SERVER["REMOTE_ADDR"];
     $hostname = gethostbyaddr($ip);
     $sth = $this->db->query("SELECT COUNT(*) FROM iplog WHERE ip = '" . $ip . "'");
     $res = $sth->fetch();
     $iplogHits = $res[0];
     $sth = $this->db->query("SELECT COUNT(*) FROM inlogg WHERE ip = '" . $ip . "'");
     $res = $sth->fetch();
     $loginAttemptsHits = $res[0];
     $sth = $this->db->query("SELECT COUNT(*) FROM emaillog WHERE email = '" . $postdata["email"] . "' AND userid != " . $userId);
     $res = $sth->fetch();
     $emailLogHits = $res[0];
     $sth = $this->db->query("SELECT COUNT(*) FROM `inlogg` JOIN users ON inlogg.uid = users.id WHERE inlogg.ip = '" . $ip . "' AND enabled = 'no'");
     $res = $sth->fetch();
     $loginAttemptsWarningHits = $res[0];
     $sth = $this->db->query("SELECT COUNT(*) FROM `iplog` JOIN users ON iplog.userid = users.id WHERE iplog.ip = '" . $ip . "' AND enabled = 'no'");
     $res = $sth->fetch();
     $iplogWarningHits = $res[0];
     $ipHits = $iplogHits + $loginAttemptsHits;
     $warninLevel = $loginAttemptsWarningHits + $iplogWarningHits;
     $signups = new Signups($this->db, $this);
     $signups->create($userId, $ip, $hostname, $postdata["email"], $emailLogHits, $ipHits, $warninLevel);
     /* Zero means persistent invite url */
     if ($invite["userid"] != 0) {
         $this->db->query("DELETE FROM invites WHERE id = " . $invite["id"]);
     }
 }