/**
* function to process a town
* @param: $town
* @param: $country
*/
function processTown($town,$country) {
	global $datetime,$user;

	//a townID is usually what is submitted in the $town variable
	if(!getTown($town)) {
		$query=0;
		$query=mysqlquery("select distinct town from vl_countries where (lower(town)=lower('$town') or townID='$town') and lower(country)=lower('$country')");
		//if no town but country exists
		if(!mysqlnumrows($query) && getCountryID($country)) {
			//process a townID
			$tquery=0;
			$tquery=mysqlquery("select max(townID) maxID from vl_countries");
			$townID=0;
			$townID=mysqlresult($tquery,0,'maxID')+1;
	
			mysqlquery("insert into vl_countries 
						(countryID,country,townID,town,phonecode,created,createdby) 
						values 
						('".getCountryID($country)."','$country','$townID','$town','".getPhoneCode($country)."','$datetime','$user')");

			return $townID;
		}
	}
}
Esempio n. 2
0
}
if (isset($_POST['val'])) {
    if ($siteUser->isLoggedIn() == false) {
        return;
    }
    if ($_POST['val'] == "cpupdate") {
        if (isset($_POST['change']) && $_POST['change'] === "name") {
            if (isset($_POST["data"])) {
                $name_check = validateName($_POST['data']);
                if ($name_check === true) {
                    $stmt = $mysql->prepare("UPDATE users SET name = ? WHERE user_id = {$siteUser->getUserId()}  ");
                    $stmt->bind_param("s", $_POST['data']);
                    $stmt->execute();
                    echo "Your name has been updated.";
                } else {
                    echo $name_check;
                }
            }
        } elseif (isset($_POST['change']) && $_POST['change'] === "country") {
            $id = getCountryID($_POST['data'], $mysql);
            if ($id != null) {
                $mysql->query("UPDATE users SET country_id = '" . $id . "' WHERE user_id = {$siteUser->getUserId()} ");
                echo "Country Updated.";
            } else {
                echo "Invalid country";
            }
        } else {
            echo "Invalid data change request.";
        }
    }
}
Esempio n. 3
0
                    echo json_encode($result);
                    return;
                }
            }
        }
    }
}
if (strlen($_POST['title']) < 5) {
    array_push($errors, "Title must be at least 5 characters long.");
} else {
    if (strlen($_POST['title']) > 50) {
        array_push($errors, "Title can be maximum 50 characters long.");
    }
}
$countryId = -1;
if (($countryId = getCountryID($_POST['country'], $mysql)) == null) {
    array_push($errors, "Invalid country.");
}
if (strlen($_POST['description']) < 5) {
    array_push($errors, "Description must be at least 10 characters long.");
} else {
    if (strlen($_POST['description']) > 1000) {
        array_push($errors, "Description can be maximum 1000 characters long.");
    }
}
$rearrayedPictureFILES = rearrayFiles($_FILES['picture']);
$mainPicture = $_FILES['main_picture'];
if ($mainPicture['name'] != "") {
    $output = validateUploadedImageFile($mainPicture);
    if ($output !== true) {
        array_push($errors, "{$mainPicture['name']} - {$output}");
Esempio n. 4
0
 function register($username, $password, $cppassword, $name, $country)
 {
     if (empty($username)) {
         $this->registrationResult .= "Username field is required.<br>";
     } else {
         if (strlen($username) < 3) {
             $this->registrationResult .= "Username must be at least 6 characters long.<br>";
         } else {
             if (strlen($username) > 50) {
                 $this->registrationResult .= "Username can be maximum 50 characters long.<br>";
             } else {
                 if ($this->sql->selectUser($username)) {
                     $this->registrationResult .= "Username is already taken<br>";
                 }
             }
         }
     }
     if (empty($password)) {
         $this->registrationResult .= "Password field is required.\n";
     } else {
         if (strlen($password) < 6) {
             $this->registrationResult .= "Password must be at least 6 characters long.<br>";
         } else {
             if (strlen($password) > 50) {
                 $this->registrationResult .= "Password cannot be longer than 50 characters.<br>";
             }
         }
     }
     if (!preg_match("/^[a-zA-Z1-9]*\$/", $username)) {
         $this->registrationResult .= "Username can only contain letters and digits.";
     }
     if ($password != $cppassword) {
         $this->registrationResult .= "Passwords do not match.";
     }
     //echo "<script type='text/javascript'>alert('".$this->registrationResult."');</script>";
     if ($this->registrationResult != '') {
         //echo "<script type='text/javascript'>alert('yo');</script>";
         return 0;
     }
     $hash = password_hash($password . $this->salt, PASSWORD_DEFAULT);
     $name = polish($name);
     $country = polish($country);
     $country = $this->sql->getMysqli()->real_escape_string($country);
     if ($id = getCountryID($country, $this->sql) == null) {
         $this->registrationResult .= "An error occurred. Please try again later.";
         return 0;
     }
     $this->sql->query("INSERT INTO users (username, password, name, country_id)\n                           VALUES ('" . $username . "', '" . $hash . "','" . $name . "', " . (int) $id . ")");
 }
Esempio n. 5
0
 public static function register($username, $password, $cppassword, $name, $country, $mySQL)
 {
     $username = htmlentities($username);
     $name = htmlentities($name);
     $country = htmlentities($country);
     $registrationResult = array();
     if (empty($username)) {
         array_push($registrationResult, "Username field is required.");
     } else {
         if (strlen($username) < 3) {
             array_push($registrationResult, "Username must be at least 6 characters long.");
         } else {
             if (strlen($username) > 50) {
                 array_push($registrationResult, "Username can be maximum 50 characters long.");
             } else {
                 if ($mySQL->selectUser($username)) {
                     array_push($registrationResult, "Username is already taken");
                 } else {
                     if (!preg_match("/^[a-zA-Z1-9]*\$/", $username)) {
                         array_push($registrationResult, "Username can only contain letters and digits.");
                     }
                 }
             }
         }
     }
     if (empty($password)) {
         array_push($registrationResult, "Password field is required.");
     } else {
         if (strlen($password) < 6) {
             array_push($registrationResult, "Password must be at least 6 characters long.");
         } else {
             if (strlen($password) > 50) {
                 array_push($registrationResult, "Password cannot be longer than 50 characters.");
             }
         }
     }
     if ($password != $cppassword) {
         array_push($registrationResult, "Passwords do not match.");
     }
     $name_check = validateName($name);
     if ($name_check !== true) {
         array_push($registrationResult, $name_check);
     }
     if (!empty($registrationResult)) {
         return $registrationResult;
     }
     $hash = password_hash($password . SiteUser::$salt, PASSWORD_DEFAULT);
     if (($id = getCountryID($country, $mySQL)) == null) {
         array_push($registrationResult, "An error occurred. Please try again later.");
         return $registrationResult;
     }
     $type = "Reader";
     $stmt = $mySQL->prepare("INSERT INTO users (username, password, name, country_id, type) VALUES (?,?,?,?,?)");
     $stmt->bind_param("sssis", $username, $hash, $name, $id, $type);
     $stmt->execute();
     return true;
 }