require_once DOCROOT . 'include/config.php';
//collect users IP address
$ip = $_SERVER['REMOTE_ADDR'];
//cleanse the POST
$dbFilter = new MysqlFilter();
$cPost = array();
foreach ($_POST as $key => $value) {
$value = str_replace(",", "", $value);
$cPost[$key] = $dbFilter->dbPrepare($value);
}
//set mandatory fields
$newsletter_conf['mandatories'] = array("fname", "sname", "email-reg-news");
//set fields which must not contain numeric data
$newsletter_conf['non_numeric'] = array("fname", "sname");
//First, lets make sure there are is no numeric data in the name fields
$userValidate = UserDataValidator::getInstance($newsletter_conf['mandatories'], '');
if (!$userValidate->containsNumeric($cPost, $newsletter_conf['non_numeric'])) {
//continue with processing
//check mandatory information has been submitted
if (FormValidator::checkMandatories($newsletter_conf['mandatories'], $cPost)) {
//now check the email is a valid email
//check email entered is a valid email
$emailVerify = new EmailVerifier($cPost['email-reg-news']);
if ($emailVerify->partVerify()) {
//now we can check the entrant hasn't already entered
//check for email already in database
$sql = "SELECT count(*) FROM " . $newsletter_table . " where email='" . $cPost['email-reg-news'] . "'";
$qry = mysql_query($sql);
$results = mysql_fetch_array($qry);
$count = $results[0];
if ($count < 1) {
//collect users IP address
$ip = $_SERVER['REMOTE_ADDR'];
$source = 'online-form';
//cleanse the POST
$dbFilter = new MysqlFilter();
$cPost = array();
foreach ($_POST as $key => $value) {
$value = str_replace(",", "", $value);
$cPost[$key] = $dbFilter->dbPrepare($value);
}
//set mandatory fields
$prizedraw_conf['mandatories'] = array("fname", "sname", "email", "terms");
//set fields which must not contain numeric data
$prizedraw_conf['non_numeric'] = array("fname", "sname");
//First, lets make sure there are is no numeric data in the name fields
$userValidate = UserDataValidator::getInstance($prizedraw_conf['mandatories'], '');
if (!$userValidate->containsNumeric($cPost, $prizedraw_conf['non_numeric'])) {
//continue with processing
//check mandatory information has been submitted
if (FormValidator::checkMandatories($prizedraw_conf['mandatories'], $cPost)) {
//now check email and confirm email match
if (FormValidator::fieldMatch($cPost['email'], $cPost['email_confirm'])) {
//now check the email is a valid email
//check email entered is a valid email
$emailVerify = new EmailVerifier($cPost['email']);
if ($emailVerify->partVerify()) {
//now we can check the entrant hasn't already entered
//check for email already in database
$sql = "SELECT count(*) FROM " . $prizedraw_table . " where email='" . $cPost['email'] . "'";
$qry = mysql_query($sql);
$results = mysql_fetch_array($qry);
