/** * Validate the form * * @param array $dirty reference to unverified $_POST * @param object smarty template * @param string $form the name of the form being validated * @return bool */ static function formValidate(&$dirty, $tpl, $form = null) { if (!isset($form)) { $form = self::$form; } if (!empty($dirty) && SmartyValidate::is_registered_form($form)) { // Check token if (!empty($dirty['token'])) { if (!in_array($dirty['token'], $_SESSION['_sux0r_tokens'])) { return false; } } unset($dirty['token']); // Validate self::connect($tpl); if (self::is_valid($dirty, $form)) { SmartyValidate::disconnect(true); return true; } } return false; }
SmartyValidate::register_validator('v_email', 'email', 'isEmail'); SmartyValidate::register_validator('v_password', 'password', 'notEmpty'); SmartyValidate::register_validator('v_confirm_password', 'password:confirm_password', 'isEqual'); $smarty->display('add.tpl'); } else { SmartyValidate::connect($smarty); // validate after a POST if (SmartyValidate::is_valid($_POST)) { // no errors, done with SmartyValidate if (array_key_exists('submit', $_POST)) { //var_dump($_POST); exit; $_SESSION['firstname'] = $_POST['firstname']; $_SESSION['lastname'] = $_POST['lastname']; $_SESSION['mobile_number'] = $_POST['mobile_number']; $_SESSION['email'] = $_POST['email']; $_SESSION['password'] = $_POST['password']; $_SESSION['group'] = $_POST['role']; $obj->insertAuditTrail($_SESSION['login'], 'ADD_USER', $_SESSION['firstname'] . ' ' . $_SESSION['lastname'] . ' added as user'); } SmartyValidate::disconnect(); header("Location: controllers/regprocess.php"); } else { $smarty->assign('title', 'mHealth Admin Registration'); $smarty->assign('topic', 'Admin Registration Failed'); $smarty->assign('view', $view); $smarty->assign('category', $category); // error, redraw the form $smarty->assign($_POST); $smarty->display('add.tpl'); } }
function index() { session_start(); global $db, $prefix; include "header.php"; $tpl = new Template(); smartyValidate::connect($tpl, empty($_POST)); SmartyValidate::register_form('fare_search'); //set $origin = intval($_REQUEST["origin"]); $destination = intval($_REQUEST["destination"]); if ($_POST["departure"]) { $departure = tounixdate($_POST["departure"]); } else { $departure = $_GET["departure"]; } $faretype = intval($_REQUEST["faretype"]); $class = intval($_REQUEST["class"]); $airline = intval($_REQUEST["airline"]); $tpl->assign("origin", $origin); $tpl->assign("destination", $destination); $tpl->assign("class", $class); $tpl->assign("faretype", $faretype); //fare type $qtype = $db->query("SELECT * FROM travel_faretype"); while (list($type_id, $type_name) = $db->fetch_row($qtype)) { $type_opt[$type_id] = $type_name; } //Origin $qorigin = $db->query("SELECT origin_id,origin_name FROM travel_origin ORDER BY origin_name ASC "); $origin_opt = array(); while (list($origin_id, $origin_name) = $db->fetch_row($qorigin)) { $origin_opt[$origin_id] = $origin_name; } //Destination $qdestination = $db->query("SELECT destination_id,destination_name FROM travel_destination JOIN\r\n\t{$prefix}_fares ON destination_id=fare_destination\r\n\tORDER BY destination_name ASC"); $destination_opt = array(); while (list($destination_id, $destination_name) = $db->fetch_array($qdestination)) { $destination_opt[$destination_id] = $destination_name; } // Airlines $qairline = $db->query("SELECT airline_id,airline_name FROM travel_airline"); $airline_opt = array(); while (list($airline_id, $airline_name) = $db->fetch_array($qairline)) { $airline_opt[$airline_id] = $airline_name; } // Class $qclass = $db->query("SELECT class_id,class_name FROM travel_class"); $class_opt = array(); while (list($class_id, $class_name) = $db->fetch_array($qclass)) { $class_opt[$class_id] = $class_name; } if (!isset($_GET[page]) && empty($_POST)) { $tpl->assign("origin_opt", $origin_opt); $tpl->assign("destination_opt", $destination_opt); $tpl->assign("airline_opt", $airline_opt); $tpl->assign("class_opt", $class_opt); $tpl->assign("type_opt", $type_opt); $tpl->assign("lang", $lang); $tpl->display("search/search.tpl"); } else { if (SmartyValidate::is_valid($_POST)) { // no errors, done with SmartyValidate $tpl->assign($_POST); $tpl->assign("origin_opt", $origin_opt); $tpl->assign("destination_opt", $destination_opt); $tpl->assign("airline_opt", $airline_opt); $tpl->assign("class_opt", $class_opt); $tpl->assign("type_opt", $type_opt); $tpl->assign("lang", $lang); $tpl->display("search/search.tpl"); SmartyValidate::disconnect(); $origin = intval($_REQUEST["origin"]); $destination = intval($_REQUEST["destination"]); if ($_POST["departure"]) { $departure = tounixdate($_POST["departure"]); } else { $departure = $_GET["departure"]; } $faretype = intval($_REQUEST["faretype"]); $class = intval($_REQUEST["class"]); $airline = intval($_REQUEST["airline"]); //goto("index.php?m=search&op=search&origin=$origin&destination=$destination&departure=$departure&faretype=$faretype&class=$class&airline=$airline","Processing"); $faretype = intval($_REQUEST["faretype"]); $class = intval($_REQUEST["class"]); $airline = intval($_REQUEST["airline"]); $query = "SELECT * FROM " . $prefix . "_fares," . $prefix . "_fares_origin\r\n\t\t\tWHERE fare_id= fares_fare AND fares_origin ={$origin} \tAND fare_destination='{$destination}'"; if (!empty($faretype)) { $query .= " AND fare_type={$faretype}"; } if (!empty($class)) { $query .= " AND fare_class={$class}"; } if (!empty($airline)) { $query .= " AND fare_airline={$airline}"; } if (!empty($departure)) { $query .= " AND {$departure} BETWEEN fare_dept_start AND fare_dept_end"; } $qsearch = $db->query($query); $num_record = $db->row_count($qsearch); if ($num_record < 1) { $tpl->assign("norecord", "norecord"); $tpl->assign("lang", $lang); $tpl->display("search/search_result.tpl"); include "footer.php"; exit; } if (isset($_GET['page'])) { $page = intval($_GET['page']); } else { $page = 1; } $currentpage = $page; $perpage = 10; $start = ($page - 1) * $perpage; $pages = ceil($num_record / $perpage); $starting_no = $start + 1; if ($num_record - $start < $perpage) { $end_count = $num_record; } elseif ($num_record - $start >= $perpage) { $end_count = $start + $perpage; } if ($pages > 1) { $page_link = makepagelink("index.php?m=search&origin={$origin}&destination={$destination}&departure={$departure}&class={$class}&faretype={$faretype}&airline={$airline}", $page, $pages); } else { $page_link = ""; } $result = $db->query("{$query} AND fare_active=1 ORDER BY fare_adultfare ASC limit {$start},{$perpage}"); while ($row = $db->fetch_array($result)) { $indexx = $row[fare_id]; $info[$indexx] = $row; $info[$indexx]["airline"] = getrow("airline_name", "travel_airline", "airline_id", "{$row['fare_airline']}"); } $originName = getrow("origin_name", "" . $prefix . "_origin", "origin_id", "{$origin}"); $destinationName = getrow("destination_name", "" . $prefix . "_destination", "destination_id", "{$destination}"); $tpl->assign("lang", $lang); $tpl->assign("fareinfo", $info); $tpl->assign("found", $num_record); $tpl->assign("destinationName", $destinationName); $tpl->assign("originName", $originName); $tpl->assign("page_link", $page_link); $tpl->assign("end_count", $end_count); $tpl->assign("starting_no", $starting_no); $tpl->assign("currentpage", "{$currentpage}/{$pages}"); $tpl->display("search/search_result.tpl"); } else { $tpl->assign("origin_opt", $origin_opt); $tpl->assign("destination_opt", $destination_opt); $tpl->assign("airline_opt", $airline_opt); $tpl->assign("class_opt", $class_opt); $tpl->assign("type_opt", $type_opt); $tpl->assign("lang", $lang); $tpl->assign($_POST); $tpl->display("search/search.tpl"); } } include "footer.php"; }