Esempio n. 1
0
function checkCharacterLimit($x)
{
    // Checks if input is less than 50 characters
    if (!empty($x) && strlen($x) <= 50) {
        return 1;
    } else {
        return 0;
    }
}
// Flags to confirm if all necessary inputs are valid
$flag = array("username" => 0, "password" => 0, "salutation" => 0, "lname" => 0, "fname" => 0, "gender" => 0, "birthdate" => 0);
// Check character limit of each input, set flag to 1 if valid
$flag["username"] = checkCharacterLimit($username);
$flag["password"] = checkCharacterLimit($password);
$flag["lname"] = checkCharacterLimit($lname);
$flag["fname"] = checkCharacterLimit($fname);
if ($gender == '1' || $gender == '2') {
    $flag["gender"] = 1;
    if (!empty($salutation)) {
        if ($gender == '1' && $salutation >= 0 && $salutation < 5 || $gender == '2' && $salutation >= 5 && $salutation <= 10) {
            $flag["salutation"] = 1;
        }
    }
}
if (!empty($year) && !empty($month) && !empty($day) && preg_match("/^[0-9]+\$/", $year) && preg_match("/^[0-9]+\$/", $month) && preg_match("/^[0-9]+\$/", $day)) {
    // Check if birthdate is equal to or older than 18 years
    $birthdate_compare = date('Y-m-d', strtotime($year . "-" . $month . "-" . $day));
    $today = date('Y-m-d', strtotime("-18 years", time()));
    if ($today > $birthdate_compare) {
        $flag["birthdate"] = 1;
    }
Esempio n. 2
0
        return 1;
    } else {
        return 0;
    }
}
// Flags to confirm if all necessary inputs are valid
$flag = array("username" => 0, "password" => 0, "salutation" => 0, "lname" => 0, "fname" => 0, "gender" => 0, "birthdate" => 0);
// Check character limit of each input, set flag to 1 if valid
$flag["username"] = checkCharacterLimit($username);
$flag["password"] = checkCharacterLimit($password);
if (!empty($salutation)) {
    $flag["salutation"] = 1;
}
$flag["lname"] = checkCharacterLimit($lname);
$flag["fname"] = checkCharacterLimit($fname);
$flag["gender"] = checkCharacterLimit($gender);
if ($flag["gender"] && ($gender != 'M' && $gender != 'F')) {
    $flag["gender"] = 0;
}
if (!empty($year) && !empty($month) && !empty($day) && preg_match("/^[0-9]+\$/", $year) && preg_match("/^[0-9]+\$/", $month) && preg_match("/^[0-9]+\$/", $day)) {
    // Check if birthdate is equal to or older than 18 years
    $birthdate_compare = date('Y-m-d', strtotime($year . "-" . $month . "-" . $day));
    $today = date('Y-m-d', strtotime("-18 years", time()));
    if ($today > $birthdate_compare) {
        $flag["birthdate"] = 1;
    }
}
if (!in_array(0, $flag)) {
    $birthdate = date('Y-m-d', strtotime($year . "/" . $month . "/" . $day));
    // Connect to the Database
    include 'connect.php';
Esempio n. 3
0
        }
    }
}
if (!empty($year) && !empty($month) && !empty($day) && preg_match("/^[0-9]+\$/", $year) && preg_match("/^[0-9]+\$/", $month) && preg_match("/^[0-9]+\$/", $day)) {
    // Check if birthdate is equal to or older than 18 years
    $birthdate_compare = date('Y-m-d', strtotime($year . "-" . $month . "-" . $day));
    $today = date('Y-m-d', strtotime("-18 years", time()));
    if ($today > $birthdate_compare) {
        $flag["birthdate"] = 1;
    }
}
$flag["old_password"] = 1;
$flag["new_password"] = 1;
if (!empty($old_password) || !empty($new_password)) {
    $flag["old_password"] = checkCharacterLimit($old_password);
    $flag["new_password"] = checkCharacterLimit($new_password);
    $q = "SELECT username\n\t\t\tFROM user\n\t\t\tWHERE id=" . $_SESSION["user"] . " and password='******'";
    $result = mysqli_query($con, $q);
    if (mysqli_num_rows($result) == 0) {
        $flag["old_password"] = 0;
    }
}
if (!in_array(0, $flag)) {
    $birthdate = date('Y-m-d', strtotime($year . "/" . $month . "/" . $day));
    // mysqli_real_escape_string() allows quotation marks, apostrophes, and such to
    // be inputted without messing with the SQL statement
    $salutation = mysqli_real_escape_string($con, $salutation);
    $lname = mysqli_real_escape_string($con, $lname);
    $fname = mysqli_real_escape_string($con, $fname);
    $gender = mysqli_real_escape_string($con, $gender);
    $about = mysqli_real_escape_string($con, $about);