/**
 * Insert into the database an array for a new user
 * Assumes input has not been sanitised
 * Returns TRUE if succeeded
 * FALSE if otherwise
 */
function db_table_user_insert($conn, $table, $data)
{
    if ($conn->connect_error) {
        print "Something went wrong with the connection<br/>";
    }
    if (!(empty($table) && empty($data))) {
        $username = $data['username'];
        $fullname = $data['fullname'];
        $password = crypt($data['password'], $username);
        $sex = $data['sex'];
        $interest_1 = $data['interest-1'];
        $interest_2 = $data['interest-2'];
        $interest_3 = $data['interest-3'];
        $query = sanitize_MySQL($conn, "INSERT INTO {$table} VALUES ('{$username}', '{$fullname}', '{$password}', '{$sex}', '{$interest_1}', '{$interest_2}', '{$interest_3}')");
        $result = $conn->query($query);
        if (!$result) {
            die("Database access failed: " . $conn->error . "<br />");
        }
    }
}
Beispiel #2
0
 $table = 'users_sfu';
 $username = $_POST['username'];
 $fullname = $_POST['fullname'];
 $password_1 = $_POST['password_1'];
 $password_2 = $_POST['password_2'];
 $sex = $_POST['sex'];
 $interest_1 = $_POST['interest-1'];
 $interest_2 = $_POST['interest-2'];
 $interest_3 = $_POST['interest-3'];
 $fail = validate_username($username);
 $fail .= validate_password($password_1, $password_2);
 $fail .= validate_fullname($fullname);
 $fail .= validate_sex($sex);
 // No errors
 if ($fail === "") {
     $data = array("username" => sanitize_MySQL($conn, $username), "fullname" => sanitize_MySQL($conn, $fullname), "password" => sanitize_MySQL($conn, crypt($password_1, 'moneys')), "sex" => sanitize_MySQL($conn, $sex), "interest-1" => sanitize_MySQL($conn, $interest_1), "interest-2" => sanitize_MySQL($conn, $interest_2), "interest-3" => sanitize_MySQL($conn, $interest_3));
     /*
     // Mail isn't working
     $to = $username . '@sfu.ca';
     $subject = 'hi';
     $body = 'i am body';
     $headers = 'From: admin@jumpstart.ca';
     
     if (mail($to, $subject, $body, $headers)) {
       print 'mail sent';
     }
       
     else {
       print 'mail not sent';
     }
     */
Beispiel #3
0
    } else {
        setcookie('username', $username, time() - 2592000, '/');
        setcookie('password', $password, time() - 2592000, '/');
        setcookie('table', $table, time() - 2592000, '/');
    }
}
// Form was submitted
if (isset($_POST['email']) && isset($_POST['password'])) {
    $email = sanitize_MySQL($conn, $_POST['email']);
    $password = crypt(sanitize_MySQL($conn, $_POST['password']), 'moneys');
    // Encrypt password
    if (substr($email, -7) === '@sfu.ca') {
        $username = sanitize_MySQL($conn, substr($email, 0, -7));
        $table = 'users_sfu';
    } elseif (substr($email, -7) === '@ubc.ca') {
        $username = sanitize_MySQL($conn, substr($email, 0, -7));
        $table = 'users_ubc';
    } else {
        $username = NULL;
        $password = NULL;
        $table = NULL;
    }
    $result = db_table_user_read($conn, $table, $username, $password);
    if ($result) {
        setcookie('username', $username, NULL, '/');
        setcookie('password', $password, NULL, '/');
        setcookie('table', $table, NULL, '/');
        // redirect to the user's profile
        header("Location: profile.php");
        die;
    } else {