<?php
// INCLUDED INSIDE "/USER/INDEX.PHP"
$sql = "SELECT * FROM `users`\n\t\t\t\tWHERE `username` = '{$user}'";
$query = $conn->query($sql);
$row = $query->fetch_assoc();
// Set up location array
$location = array($row['user_city'], $row['user_state'], $row['user_country']);
$loc = array();
// Class calls
$clean = new cleanInput();
#$img = new imageManipulate;
// Parse Array with only elements that exist
foreach ($location as $locate) {
if (empty($locate)) {
continue;
}
if ($locate == "United States") {
$locate = "U.S.";
}
$loc[] .= $locate;
}
// Edited $location
$userLocation = $s->strpLast($loc);
$memSince = date("M j, Y", $row['user_created']);
$userName = ucwords($row['user_name']);
$month = $clean->numToMonth(substr($row['user_birthday'], 0, 2));
$day = substr($row['user_birthday'], 2, 2);
$year = substr($row['user_birthday'], 4, 4);
// If User has bithday entered
if ($row['user_birthday']) {
<?php
require "../includes/config/config.php";
$errors = array();
// If User Submitted Register Form
if (isset($_POST['registerSubmit'])) {
// create sanitizing class
$clean = new cleanInput();
$register = array();
$register[0] = $_POST['username'];
$register[1] = $_POST['password'];
$register[2] = $_POST['confirmPass'];
$register[3] = $_POST['email'];
$register[4] = time();
$register[5] = $clean->randString(40);
$register[6] = SALT . $_POST['username'] . SALT;
// Check username and email
$sql = "SELECT `username`, `user_email` FROM `users` \n\t\t\t\t\tWHERE `username` = '{$register['0']}' or `user_email` = '{$register['3']}'";
$query = $conn->query($sql);
if ($query->num_rows > 0) {
$row = $query->fetch_assoc();
if ($register[0] == $row['username'] && $register[3] == $row['user_email']) {
header("Location: " . BASE_URI . "index.php?e=4");
exit;
} elseif ($register[0] == $row['username']) {
header("Location: " . BASE_URI . "index.php?e=2");
exit;
} elseif ($register[3] == $row['user_email']) {
header("Location: " . BASE_URI . "index.php?e=3");
exit;
}
<?php
require "../includes/header.php";
if (isset($_GET['search'])) {
$camel = new camelCaseSplit();
$q = new siteSearch();
$clean = new cleanInput();
$search[] = array("bands" => array("band_name", "band_id", "band_image"), "albums" => array("album_name", "album_id", "album_image"));
$searchTerm = $camel->camelCase("break", $_GET['search']);
$clean->arrayView($search);
$result = $q->sqlQuery($search, $searchTerm);
$query = $conn->query($result);
echo $result . "<br>";
while ($row = $query->fetch_assoc()) {
$val = $zepp->zeppCode("zepp", "symbol", $row['name']);
echo $val . " - " . $row['type'];
}
#echo $searchTerm;
} else {
echo "Search";
}
<?php
require "../includes/config/config.php";
if (isset($_POST['loginSubmit'])) {
$login = array();
$login[0] = $_POST['username'];
$login[1] = $_POST['password'];
$clean = new cleanInput();
for ($i = 0; $i < count($login); $i++) {
$login[$i] = $clean->sanitize($login[$i]);
}
$pass = sha1($login[1]);
$sql = "SELECT `user_id`, `username`, `user_password`, `user_active`, `user_access` \n\t\t\t\t\tFROM `users` \n\t\t\t\t\tWHERE `username` = '{$login['0']}' AND `user_password` = '{$pass}'";
$query = $conn->query($sql);
$num_rows = $query->num_rows;
$row = $query->fetch_assoc();
// If there is an exact match
// Login user and go to page
if ($num_rows == 1) {
$active = $row['user_active'];
$access = $row['user_access'];
$_SESSION['username'] = $row['username'];
$_SESSION['user_id'] = $row['user_id'];
$_SESSION['access'] = $access;
$_SESSION['active'] = $active;
$_SESSION['loggedIn'] = true;
$cookie->createUserCookies();
$sql = "UPDATE users \n\t\t\t\t\t\tSET user_cookie = '" . sha1(SALT . isset($_SESSION['username']) . SALT) . "' \n\t\t\t\t\t\tWHERE username = '******'username'] . "'";
$query = $conn->query($sql);
header("Location: " . BASE_URI . "user/" . $login[0]);
exit;
