$success_registration = 0; if (isset($_POST['submit_btn'])) { if ($_POST['submit_btn'] == "submit_val") { $ch = new clean_and_hash(); $name = $ch->clean_all_tags($_POST['name']); $email = $ch->clean_all_tags($_POST['email']); $password = $ch->clean_all_tags($_POST['password']); $c_password = $ch->clean_all_tags($_POST['c_password']); if ($password != $c_password) { header('location:signup.php?error=1'); } $secure_pass = $ch->password_hash($email, $password); $activation_id = $ch->get_activation_code($email); $dbconn = new db_connection(); $prepare_statement = "SELECT * from " . user_profile . " where email = '" . $email . "' and reg_type='self'"; $result = $dbconn->query($prepare_statement); $num_rows = $result->num_rows; if ($num_rows == 0) { // new users $insert_statement = "INSERT into " . user_profile . " (email,password,name,activation_id) values ('" . $email . "','" . $secure_pass . "','" . $name . "','" . $activation_id . "')"; $insert_cmd = $dbconn->query($insert_statement); if ($insert_cmd) { $success_registration = 1; } else { $success_registration = 0; } } else { // user already exists send back to login.php with some verify & userid header('location:login.php?return=verify&user=' . $email); //print "User already registered"; }
<?php session_start(); header("Content-Type:application/json"); require_once '../cfg/common.php'; $dbconn = new db_connection(); $logged_user = $_SESSION['mms_logged_uid']; $start = $_GET['start']; $end = $_GET['end']; $prepare_statement = "SELECT * from " . expense_details . " a, " . user_split_expense . " b where a.exp_id = b.exp_id and b.email='" . $logged_user . "'"; //echo $prepare_statement; $result = $dbconn->query($prepare_statement); $expense = array(); $num_rows = 0; //start=2014-11-30&end=2015-01-11&timezone=UTC&_=1420015222023" if ($result->num_rows > 0) { while ($row = mysqli_fetch_assoc($result)) { $expenseArray['id'] = $row['exp_id']; $expenseArray['title'] = $row['expense_title']; $expenseArray['description'] = $row['expense_desc']; $expenseArray['amount'] = $row['expense_total']; $expenseArray['start'] = $row['exp_date']; $expenseArray['allDay'] = "1"; $expense[$num_rows] = $expenseArray; $num_rows++; } } echo json_encode($expense); //exp_id,expense_title,expense_desc, expense_total,exp_owner,exp_date
require_once '../cfg/common.php'; require_once '../cfg/config.php'; $ch = new clean_and_hash(); $bill_title = $ch->clean_all_tags($_POST['bill_title']); $bill_desc = $ch->clean_all_tags($_POST['bill_description']); $bill_amount = $ch->clean_all_tags($_POST['bill_amount']); $start_bill_day = $ch->clean_all_tags($_POST['start_bill_day']); $date = new DateTime(); $unix_date = $date->getTimestamp(); $bill_id = sha1($_SESSION['mms_logged_uid'] . $unix_date); $dbconn = new db_connection(); $success_addbill = -1; $logged_user = $_SESSION['mms_logged_uid']; $sum_of_all_shares = 0; $insert_statement = "INSERT into " . expense_details . " (exp_id,expense_title,expense_desc, expense_total,exp_owner,exp_date) values ('" . $bill_id . "','" . $bill_title . "','" . $bill_desc . "'," . $bill_amount . ",'" . $logged_user . "','" . $start_bill_day . "')"; $insert_cmd = $dbconn->query($insert_statement); if ($insert_cmd) { $success_addbill = 1; } else { $success_addbill = 0; } if (isset($_POST['split_frens_check'])) { $num_of_frens = 1; $success_fren_add_share = 0; $failure_fren_add_share = 0; while (isset($_POST["name{$num_of_frens}"])) { $fren_name = $ch->clean_all_tags($_POST["name{$num_of_frens}"]); $fren_share = $ch->clean_all_tags($_POST["share{$num_of_frens}"]); $sum_of_all_shares += $fren_share; $insert_statement_fren = "INSERT into " . user_split_expense . " (email,exp_id,exp_share) values ('" . $fren_name . "','" . $bill_id . "'," . $fren_share . ")"; $insert_fren_share = $dbconn->query($insert_statement_fren);