function filter_any_data($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); return $data; } //Connect to db $conn = mysqli_connect("localhost", "wasiq", "root123", "college_db_one"); if (!$conn) { die("Error connectiong to db."); } //Get session variables $id = filter_any_data($_SESSION["adminid"]); $username = filter_any_data($_SESSION["adminname"]); $password = filter_any_data($_SESSION["adminpassword"]); //Fire query to check if the session variables exist in db $sql = mysqli_query($conn, "SELECT * FROM admin WHERE username='******' AND password='******'"); //Count no of rows of result $rows = mysqli_num_rows($sql); if ($rows == 0) { //The session is forged. echo "Your record doesn't exist in the database."; exit; } else { //The session is valid } $queryList = $noRegs = $eventName = ""; if (isset($_GET['getdetails'])) { $event = $_GET['getdetails']; $sql = mysqli_query($conn, "SELECT name FROM tableid WHERE event = '{$event}'") or die(mysqli_error($conn));
//Function to filter inputs function filter_any_data($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); return $data; } $name = $email = $password = ""; $emailExists = ""; $comp_qt = "no"; if (isset($_POST['email']) && isset($_POST['username']) && isset($_POST['comp_qt']) && isset($_POST['password2'])) { $email = filter_any_data(strtolower($_POST['email'])); $name = filter_any_data($_POST['username']); $comp_qt = filter_any_data($_POST['comp_qt']); $password = filter_any_data($_POST['password2']); $conn = mysqli_connect("localhost", "root", "", "main_db"); if (!$conn) { die("connection to db failed."); } $sql = mysqli_query($conn, "SELECT * FROM user_info WHERE user_email = '{$email}'") or die("query error"); if (mysqli_num_rows($sql) > 0) { $emailExists = "Email already exists!"; $email = ""; } else { $sql = mysqli_query($conn, "INSERT INTO user_info (user_name,user_pass,user_email) VALUES ('{$name}','{$password}','{$email}')") or die("Insertion failed"); $id = mysqli_insert_id($conn); //die("Successful registration"); } } ?>
$inputArray = array(); for ($x = 0, $k = 0; $x < $count * 3; $x++) { $inputArray[$x++] = filter_any_data($_POST['name' . $pos[$k]]); $inputArray[$x++] = filter_any_data($_POST['phone' . $pos[$k]]); $inputArray[$x] = filter_any_data($_POST['email' . $pos[$k]]); $k++; } $tableName = $eventName . "id"; //echo $tableName; //0 = NonCont 1 = Cont $sql = mysqli_query($conn, "INSERT INTO {$tableName} (members,paid,grouptype) VALUES ({$count},null,'0')") or die(mysqli_error($conn) . " 1"); //1 $groupId = mysqli_insert_id($conn); //echo "$groupId"; //if(isset($_POST["cname"])) $cname = filter_any_data($_POST["cname"]); for ($x = 0, $t = 0; $x < $count; $x++) { $k = $inputArray[$t]; $j = $inputArray[$t + 1]; $l = $inputArray[$t + 2]; $sql = mysqli_query($conn, "INSERT INTO {$eventName} (groupid,fullname,phone,email,cname,id) \n\t\t\t\t\tVALUES ('{$groupId}','{$k}','{$j}','{$l}','{$cname}',null)") or die(mysqli_error($conn) . " 2"); //2 $t = $t + 3; } header("location: successfulregistration.php"); die; } ?> <!doctype html> <html> <head>
//echo " ".$count." "; for ($x = 0, $k = 0; $x < $max_participants; $x++) { //echo "x = ".$x." "; //echo "Count = ".count($pos)." "; if ($_POST["name" . ($x + 1)] != null && $_POST["name" . ($x + 1)] != "") { $pos[$k++] = $x + 1; } } $count = count($pos); //print_r($pos); //die("Count = ".$count); $inputArray = array(); for ($x = 0, $k = 0; $x < $count * 3; $x++) { $inputArray[$x++] = filter_any_data($_POST['name' . $pos[$k]]); $inputArray[$x++] = filter_any_data($_POST['phone' . $pos[$k]]); $inputArray[$x] = filter_any_data($_POST['email' . $pos[$k]]); $k++; } $tableName = $eventName . "id"; //echo $tableName; $sql = mysqli_query($conn, "INSERT INTO {$tableName} (members,paid,grouptype) VALUES ({$count},null,'1')") or die(mysqli_error($conn) . " 1"); //1 $groupId = mysqli_insert_id($conn); //echo "$groupId"; $cname = $_SESSION["collegename"]; //if(isset($_POST["cname"])) // $cname = filter_any_data($_POST["cname"]); for ($x = 0, $t = 0; $x < $count; $x++) { $k = $inputArray[$t]; $j = $inputArray[$t + 1]; $l = $inputArray[$t + 2];
} //Function to filter inputs function filter_any_data($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); return $data; } $conn = mysqli_connect("localhost", "wasiq", "root123", "college_db_one"); if (!$conn) { die("connection to db failed."); } if (isset($_POST['clid']) && isset($_POST['collegepassword'])) { $collegecode = filter_any_data($_POST['collegepassword']); $clid = filter_any_data($_POST['clid']); //$conn = mysqli_connect("localhost","wasiq","root123","college_db"); //if(!$conn){ // die("connection to db failed."); //} $sql = mysqli_query($conn, "SELECT * FROM collegecode WHERE password = '******' AND clid='{$clid}'") or die(mysqli_error($conn) . " 6"); //6 if (mysqli_num_rows($sql) == 0) { die("No College Found"); } else { $sql = mysqli_query($conn, "SELECT cname FROM collegecode WHERE password= '******' AND clid='{$clid}'") or die(mysqli_error($conn)); $temp = mysqli_fetch_row($sql); $college = $temp[0]; $hideModal = 1; $_SESSION['collegecode'] = $collegecode; $_SESSION['collegename'] = $college;