<?php session_start(); require 'db.php'; require 'ProfanityFilter.php'; $workshopId = $_POST['workshopId']; $requestName = $_POST['requestName']; $requestSeat = $_POST['requestSeat']; if (ProfanityFilter::containsProfanity($requestName)) { echo 'profanity'; } else { $sth = $dbh->query("SELECT name, seat FROM slots WHERE workshopId='{$workshopId}' AND status=0 AND (name='{$requestName}' OR seat='{$requestSeat}')"); $sth->setFetchMode(PDO::FETCH_OBJ); $result = $sth->fetch(); $created = date("Y-m-d H:i:s"); $assisting = '0000-00-00 00:00:00'; $cancelled = '0000-00-00 00:00:00'; if (!$result) { $sth = $dbh->prepare("INSERT INTO slots (workshopId, name, seat, status, created, assisting, cancelled) VALUE (:workshopId, :requestName, :requestSeat, 0, :created, :assisting, :cancelled)"); $sth->bindParam(':workshopId', $workshopId); $sth->bindParam(':requestName', $requestName); $sth->bindParam(':requestSeat', $requestSeat); $sth->bindParam(':assisting', $assisting); $sth->bindParam(':created', $created); $sth->bindParam(':cancelled', $cancelled); $sth->execute(); $_SESSION['mySlotId'] = $dbh->lastInsertId(); } else { echo 'duplicate'; } }
<?php require 'ProfanityFilter.php'; $str = $_POST['str']; echo ProfanityFilter::containsProfanity($str);
$wrapStart = '<p class="full warn"><i class="ico-warning"></i>'; $wrapEnd = '</p>'; if (!empty($_POST['register-submit'])) { $username = $_POST['username']; $email = $_POST['email']; $password = $_POST['password']; $emailAgain = $_POST['email-again']; $passwordAgain = $_POST['password-again']; if (!empty($username) && !empty($email) && !empty($password) && !empty($emailAgain) && !empty($passwordAgain)) { if (preg_match('/^[a-zA-Z0-9]+$/', $username)) { if ($email === $emailAgain && $password === $passwordAgain) { $exists = $loginSystem->checkUserExists($email, $username); if ($exists) { echo $wrapStart . 'An account with this email/username already exists.' . $wrapEnd; } else { if (!ProfanityFilter::containsProfanity($username)) { $response = $loginSystem->createUser($email, $password, $username); echo $response; } else { echo $wrapStart . 'No profanity please.' . $wrapEnd; } } } else { echo $wrapStart . 'Email and/or password did not match. Please try again.' . $wrapEnd; } } else { echo $wrapStart . 'Username must be alphanumeric (a-z A-Z 0-9) with no spaces.' . $wrapEnd; } } else { echo $wrapStart . 'Please enter your email and password.' . $wrapEnd; }