function insert($qr) { $link = DbConnection(); $res = mysql_query($qr); DbDisconnect($link); return $res; }
<?php include "lib/company_info.php"; if ($DBHandle) { DbDisconnect($DBHandle); } ?> <br> </body> </html>
function register($Email, $Pass, $CPass, $Fname, $Lname, $Ulevel) { $link = DbConnection(); //Start session session_start(); //Array to store validation errors $errmsg_arr = array(); //Validation error flag $errflag = false; //Sanitize the POST values $fname = clean($Fname); $lname = clean($Lname); $login = clean($Email); $password = clean($Pass); $cpassword = clean($CPass); $ulevel = clean($Ulevel); //Input Validations if ($ulevel == '') { $errmsg_arr[] = 'User level missing'; $errflag = true; } if ($login == '') { $errmsg_arr[] = 'Email address missing'; $errflag = true; } if ($password == '') { $errmsg_arr[] = 'Password missing'; $errflag = true; } if ($cpassword == '') { $errmsg_arr[] = 'Confirm password missing'; $errflag = true; } if (strcmp($password, $cpassword) != 0) { $errmsg_arr[] = 'Passwords do not match'; $errflag = true; } //Check for duplicate login ID if ($login != '') { $qry = "SELECT * FROM logon WHERE useremail='{$login}'"; $result = mysql_query($qry); if ($result) { if (mysql_num_rows($result) > 0) { $errmsg_arr[] = 'E-mail ID already in use'; $errflag = true; } @mysql_free_result($result); } else { die("Query failed"); } } DbDisconnect($link); //If there are input validations, redirect back to the registration form if ($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; session_write_close(); header("location: register-form.php"); exit; } $link = DbConnection(); //Create INSERT query $qry = "INSERT INTO logon(firstname,lastname,useremail,userlevel,password) VALUES('{$fname}','{$lname}','{$login}','{$ulevel}','" . md5($password) . "')"; $result = @mysql_query($qry); //Check whether the query was successful or not if ($result) { header("location: register-success.php"); DbDisconnect($link); exit; } else { DbDisconnect($link); die("Query failed"); } }