Oriol Nieto oriol -at- nyu -dot- edu MARL, NYU --> <?php require 'utils.php'; // Establish DB connection $con = create_connection(); // Sanitize strings before inserting into dataset $first_name = sanitize_str($con, $_POST['first_name']); $last_name = sanitize_str($con, $_POST['last_name']); $email = sanitize_str($con, $_POST['email']); $music_training = sanitize_str($con, $_POST['music_training']); $comments = sanitize_str($con, $_POST['comments']); // Update Subject update_subject($con, $first_name, $last_name, $email, $music_training, $comments, $_POST['subjectID']); // Send email $email_message = "You have a new result!"; $headers = 'From: ' . $first_name . "\r\n" . 'Reply-To: oriol@nyu.edu' . "\r\n" . 'X-Mailer: PHP/' . phpversion(); @mail("*****@*****.**", "Boundaries Experiment", $email_message, $headers); // Close DB connection mysqli_close($con); ?> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <title>::: Section Boundaries Experiment :::</title> <meta name="keywords" content="" />
<?php header('Content-type: application/json'); # Expected inputs (these should map to $_GET indices) $data = ['name' => '', 'email' => '', 'message' => '']; $errors = array(); # Collect and sanitize inputs foreach ($data as $input => $val) { if (isset($_GET[$input])) { $data[$input] = trim(sanitize_str($_GET[$input], FILTER_SANITIZE_EMAIL)); } else { $data[$input] = ''; } } # Validate the inputs if (strlen($data['name']) == 0) { $errors['name'] = "You must enter a name."; } if (strlen($data['name']) < 2) { $errors['name'] = "Your name must be at least 2 characters."; } if (!filter_var($data['email'], FILTER_VALIDATE_EMAIL) || strlen($data['email']) === 0) { $errors['email'] = "Please enter a valid email address."; } if (strlen($data['message']) == 0) { $errors['message'] = "You must enter a message."; } else { if (strlen($data['message']) < 25) { $errors['message'] = "Your name must be at least 25 characters."; } }