$email = $_POST['email']; } else { $email = ""; } if (isset($_POST['password1'])) { $password1 = $_POST['password1']; } else { $password1 = ""; } if (isset($_POST['password2'])) { $password2 = $_POST['password2']; } else { $password2 = ""; } if (isset($_POST['submit'])) { if (!$user->is_valid_token($_POST['token'])) { err_not_found('Invalid token'); } if (!empty($name)) { $name = striptag($name, $no_tags); $name = trim($name); /* Filter out bad characters. Do the & first to catch SGML entities */ $name = preg_replace("/&/", "&#" . ord('&') . ";", $name); $name = preg_replace("/</", "<", $name); $name = preg_replace("/>/", ">", $name); if (!empty($name)) { $user->name($name); } } if (!empty($email)) { $email = trim($email);