function get_template($file, &$HTML = null) { foreach ($HTML as $key => &$value) { $value = utf8HTML($value); } $content = ''; ob_start(); if (@(include TMPL_DIR . '/' . $file . '.tmpl.php')) { $content = ob_get_contents(); } ob_end_clean(); return $content; }
function &signup($edit = false) { // You need to implement it // Code below is for test purposes only! $HTML = array(); $HTML['email'] = ''; $HTML['password'] = ''; $HTML['confirm_password'] = ''; $HTML['city'] = ''; $HTML['countryID'] = ''; $HTML['country_options_escape'] = getContries(); $HTML['email_error'] = ''; //Reset Error $HTML['confirm_password_error'] = ''; //Reset Error $HTML['city_error'] = ''; //Reset Error $HTML['countryID_error'] = ''; //Reset Error $HTML['signup_error'] = ''; //Reset Error if (getRequest('submitted', true, 'post') !== 'yes') { $HTML['country_options_escape'] = getContries(); return $HTML; } print_r($_POST); // foreach($_POST as $key => $value) // { // $HTML[$key] = $value; // } foreach ($HTML as $key => &$value) { $value = utf8HTML(getRequest($key, true, 'post')); } $userID = array(); if (empty($HTML['email'])) { $HTML['email_error'] = 'Email Cannot be empty'; } if (empty($HTML['password'])) { $HTML['confirm_password_error'] = 'Password cannot be empty'; //Security measure! } if (empty($HTML['confirm_password'])) { $HTML['confirm_password_error'] = 'Confirm password cannot be empty'; //Security measure! } if (!preg_match('((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[@#$%]).{6,20})', $HTML['password'])) { $HTML['confirm_password_error'] = 'Passwords have to be 6-20 chars and more secure!'; } if ($HTML['password'] != $HTML['confirm_password']) { $HTML['confirm_password_error'] = 'Passwords do not match'; } if (empty($HTML['city'])) { $HTML['city_error'] = 'City cannot be empty'; //Security measure! } if (empty($HTML['countryID'])) { $HTML['countryID_error'] = 'Country cannot be empty'; //Security measure! } if (filter_var($HTML['email'], FILTER_VALIDATE_EMAIL) === false) { $HTML['email_error'] = 'Invalid Email Address'; } // FILTER_SANITIZE_SPECIAL_CHARS if (filter_var($HTML['city'], FILTER_SANITIZE_SPECIAL_CHARS) === false) { $HTML['city_error'] = 'Invalid city input'; } set_SESSION("country", $HTML['countryID']); $arr = connect('Select * from users where email="' . $HTML['email'] . '"'); $count = count($arr); if ($count > 0) { $HTML['signup_error'] = "That email already exists"; } $HTML['encrypted'] = encrypt($HTML['password']); if (empty($HTML['signup_error']) and empty($HTML['city_error']) and empty($HTML['countryID_error']) and empty($HTML['confirm_password_error'])) { connect("INSERT INTO users (email, password, city, country) VALUES ('" . $HTML['email'] . "', '" . encrypt($HTML['password']) . "' , '" . $HTML['city'] . "' , '" . $HTML['countryID'] . "')"); print_r($arr); set_SESSION("userid", mysql_insert_id()); set_SESSION("email", $HTML['email']); set_SESSION("city", $HTML['city']); set_SESSION("country", $HTML['countryID']); set_header('account'); //If no errors -> go to account exit; } $HTML['country_options_escape'] = getSContries($HTML['countryID']); return $HTML; // $HTML=array(); // $HTML['country_options_escape'] = getContries(); // return $HTML; }
<?php include 'functions.php'; session_start(); // You need to set your own parameters!! define('MYSQL_SERVER', 'localhost:3306'); define('MYSQL_USER', 'erobin258791_db'); define('MYSQL_DB', 'erobin258791_db'); define('MYSQL_PASSWORD', '7d0H8hWG'); // You'd need to activate it once you have operational system $GLOBALS['DB'] = mysql_connect(MYSQL_SERVER, MYSQL_USER, MYSQL_PASSWORD) or die("Cannot connect to the MySQL server: \n" . mysql_error()); mysql_select_db(MYSQL_DB, $GLOBALS['DB']) or die('Cannot select MySQL database'); $HTML['email'] = ""; $HTML['dob'] = ""; foreach ($HTML as $key => &$value) { $value = utf8HTML(getRequest($key, true, 'post')); } $HTML['id'] = ""; $HTML['ip'] = getRealIpAddr(); connect("INSERT INTO project (email, dob, ip) VALUES ('" . $HTML['email'] . "', '" . $HTML['dob'] . "' , '" . $HTML['ip'] . "')"); set_SESSION("id", mysql_insert_id()); set_SESSION("email", $HTML['email']); set_SESSION("dob", $HTML['dob']); set_SESSION("ip", $HTML['ip']); return true;