/** * Metoda zamienia znaki zapytania * na wartosci przekazane jako parametr metody * * @param String $value wartosc do wstawienia */ public function set_number($value) { if ($value === null) { $this->params[$this->idx++] = 'null'; return; } if (!Is_numeric($value)) { throw new Exception($value . ' is not a number'); } $this->params[$this->idx++] = "'" . $value . "'"; }
if (!empty($PostCode)) { if (!Is_numeric($PostCode) || strlen($PostCode) < 5) { $errors[] = 'Please provide a 5 digit postal (zip) code'; } } else { $errors[] = 'Please provide a 5 digit postal (zip) code'; } if (!empty($_POST['AddressType'])) { $AddressType = $_POST['AddressType']; } else { if ($_POST['AddressType'] == 0) { $errors[] = 'Please select an address type'; } } if (!empty($_POST['PhoneNumber'])) { if (!Is_numeric($PhoneNumber) || strlen($PhoneNumber) < 10) { $errors[] = 'Please provide a 10 digit phone number'; } } else { $errors[] = 'Please provide a 10 digit phone number'; } if (!empty($_POST['PhoneType'])) { $PhoneType = $_POST['PhoneType']; } else { if ($_POST['PhoneType'] == 0) { $errors[] = 'Please select a phone type'; } } if (empty($errors)) { // If everything's OK. //Escape all the strings for database insertion
$Address1 = $Address2; $Address2 = ''; } } if (empty($City)) { $errors[] = 'Please provide a city name'; } if (!empty($_POST['State'])) { $State = $_POST['State']; } else { if ($_POST['State'] == 0) { $errors[] = 'Please select a state'; } } if (!empty($PostCode)) { if (!Is_numeric($PostCode) || strlen($PostCode) < 5) { $errors[] = 'Please provide a 5 digit postal (zip) code'; } } else { $errors[] = 'Please provide a 5 digit postal (zip) code'; } if (!empty($_POST['AddressType'])) { $AddressType = $_POST['AddressType']; } else { if ($_POST['AddressType'] == 0) { $errors[] = 'Please select an address type'; } } if (isset($_POST['Primary'])) { $Primary = 1; }
$errors[] = 'Zip/postal codes should be formated as "#####".'; } if ($_POST['phone'] == '##########') { $phone = null; } elseif (Is_numeric($_POST['phone']) && strlen($_POST['phone']) == 10) { $phone = mysqli_real_escape_string($dbc, trim($_POST['phone'])); } else { $errors[] = 'Phone numbers should be formated "##########" and should ten digits long.'; } if (!empty($_POST['code'])) { $code = mysqli_real_escape_string($dbc, trim($_POST['code'])); } else { $code = null; } if (!empty($_POST['association'])) { if (Is_numeric($_POST['association'])) { $errors[] = 'Professional associations should not contain numbers.'; } else { $association = mysqli_real_escape_string($dbc, trim($_POST['association'])); } } else { $association = null; } $atype = $_POST['atype']; $ptype = $_POST['ptype']; if (empty($errors)) { // If everything's OK. // Add the user in the database... // Make the query: $q_users = "Call spEditorCreateUser('{$email}', '{$password}', '{$firstname}', '{$lastname}', '{$association}', '{$code}');"; // Run the query.