<?php
session_start();
require 'db.php';
require 'ProfanityFilter.php';
$workshopId = $_POST['workshopId'];
$requestName = $_POST['requestName'];
$requestSeat = $_POST['requestSeat'];
if (ProfanityFilter::containsProfanity($requestName)) {
echo 'profanity';
} else {
$sth = $dbh->query("SELECT name, seat FROM slots WHERE workshopId='{$workshopId}' AND status=0 AND (name='{$requestName}' OR seat='{$requestSeat}')");
$sth->setFetchMode(PDO::FETCH_OBJ);
$result = $sth->fetch();
$created = date("Y-m-d H:i:s");
$assisting = '0000-00-00 00:00:00';
$cancelled = '0000-00-00 00:00:00';
if (!$result) {
$sth = $dbh->prepare("INSERT INTO slots (workshopId, name, seat, status, created, assisting, cancelled) VALUE (:workshopId, :requestName, :requestSeat, 0, :created, :assisting, :cancelled)");
$sth->bindParam(':workshopId', $workshopId);
$sth->bindParam(':requestName', $requestName);
$sth->bindParam(':requestSeat', $requestSeat);
$sth->bindParam(':assisting', $assisting);
$sth->bindParam(':created', $created);
$sth->bindParam(':cancelled', $cancelled);
$sth->execute();
$_SESSION['mySlotId'] = $dbh->lastInsertId();
} else {
echo 'duplicate';
}
}
<?php require 'ProfanityFilter.php'; $str = $_POST['str']; echo ProfanityFilter::containsProfanity($str);
$wrapStart = '<p class="full warn"><i class="ico-warning"></i>';
$wrapEnd = '</p>';
if (!empty($_POST['register-submit'])) {
$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password'];
$emailAgain = $_POST['email-again'];
$passwordAgain = $_POST['password-again'];
if (!empty($username) && !empty($email) && !empty($password) && !empty($emailAgain) && !empty($passwordAgain)) {
if (preg_match('/^[a-zA-Z0-9]+$/', $username)) {
if ($email === $emailAgain && $password === $passwordAgain) {
$exists = $loginSystem->checkUserExists($email, $username);
if ($exists) {
echo $wrapStart . 'An account with this email/username already exists.' . $wrapEnd;
} else {
if (!ProfanityFilter::containsProfanity($username)) {
$response = $loginSystem->createUser($email, $password, $username);
echo $response;
} else {
echo $wrapStart . 'No profanity please.' . $wrapEnd;
}
}
} else {
echo $wrapStart . 'Email and/or password did not match. Please try again.' . $wrapEnd;
}
} else {
echo $wrapStart . 'Username must be alphanumeric (a-z A-Z 0-9) with no spaces.' . $wrapEnd;
}
} else {
echo $wrapStart . 'Please enter your email and password.' . $wrapEnd;
}
