function database_add_user($username, $password, $picture, $phone)
{
global $mysqli;
// Sanitize the variables you passed in
$username = sanitize_input($username);
$password = sanitize_input($password);
// NOTE: Add another variable to be sanitized here:
$phone = sanitize_input($phone);
// Hash the password so that it is not stored in the database as plain text
$password = create_hash($password);
// Process the picture for putting it in the database
$picture = process_picture($picture);
// NOTE: modify this query to also include the newfield
// Insert the new user into the database
$q1 = "INSERT INTO users (username, password, picture, phone)";
$q2 = "VALUES ('{$username}','{$password}','{$picture}', '{$phone}')";
$q = $q1 . $q2;
$userID = 0;
if (isUsernameTaken($username) == false) {
// Add the user to the database
mysqli_query($mysqli, $q);
// Set this userID as logged in
$userID = mysqli_insert_id($mysqli);
set_user_logged_in($userID, $password);
}
return $userID;
}
switch ($cmd) {
case 'login':
output_header();
form_login();
output_footer();
break;
case 'process_login':
output_header();
process_login();
output_footer();
break;
case 'publish':
output_header();
form_publish();
output_footer();
break;
case 'create_album':
output_header();
create_album();
output_footer();
break;
case 'add_picture':
process_picture();
break;
case 'send_reg':
send_reg_file();
break;
default:
display_instructions();
}
// switch
