function checkCharacterLimit($x) { // Checks if input is less than 50 characters if (!empty($x) && strlen($x) <= 50) { return 1; } else { return 0; } } // Flags to confirm if all necessary inputs are valid $flag = array("username" => 0, "password" => 0, "salutation" => 0, "lname" => 0, "fname" => 0, "gender" => 0, "birthdate" => 0); // Check character limit of each input, set flag to 1 if valid $flag["username"] = checkCharacterLimit($username); $flag["password"] = checkCharacterLimit($password); $flag["lname"] = checkCharacterLimit($lname); $flag["fname"] = checkCharacterLimit($fname); if ($gender == '1' || $gender == '2') { $flag["gender"] = 1; if (!empty($salutation)) { if ($gender == '1' && $salutation >= 0 && $salutation < 5 || $gender == '2' && $salutation >= 5 && $salutation <= 10) { $flag["salutation"] = 1; } } } if (!empty($year) && !empty($month) && !empty($day) && preg_match("/^[0-9]+\$/", $year) && preg_match("/^[0-9]+\$/", $month) && preg_match("/^[0-9]+\$/", $day)) { // Check if birthdate is equal to or older than 18 years $birthdate_compare = date('Y-m-d', strtotime($year . "-" . $month . "-" . $day)); $today = date('Y-m-d', strtotime("-18 years", time())); if ($today > $birthdate_compare) { $flag["birthdate"] = 1; }
return 1; } else { return 0; } } // Flags to confirm if all necessary inputs are valid $flag = array("username" => 0, "password" => 0, "salutation" => 0, "lname" => 0, "fname" => 0, "gender" => 0, "birthdate" => 0); // Check character limit of each input, set flag to 1 if valid $flag["username"] = checkCharacterLimit($username); $flag["password"] = checkCharacterLimit($password); if (!empty($salutation)) { $flag["salutation"] = 1; } $flag["lname"] = checkCharacterLimit($lname); $flag["fname"] = checkCharacterLimit($fname); $flag["gender"] = checkCharacterLimit($gender); if ($flag["gender"] && ($gender != 'M' && $gender != 'F')) { $flag["gender"] = 0; } if (!empty($year) && !empty($month) && !empty($day) && preg_match("/^[0-9]+\$/", $year) && preg_match("/^[0-9]+\$/", $month) && preg_match("/^[0-9]+\$/", $day)) { // Check if birthdate is equal to or older than 18 years $birthdate_compare = date('Y-m-d', strtotime($year . "-" . $month . "-" . $day)); $today = date('Y-m-d', strtotime("-18 years", time())); if ($today > $birthdate_compare) { $flag["birthdate"] = 1; } } if (!in_array(0, $flag)) { $birthdate = date('Y-m-d', strtotime($year . "/" . $month . "/" . $day)); // Connect to the Database include 'connect.php';
} } } if (!empty($year) && !empty($month) && !empty($day) && preg_match("/^[0-9]+\$/", $year) && preg_match("/^[0-9]+\$/", $month) && preg_match("/^[0-9]+\$/", $day)) { // Check if birthdate is equal to or older than 18 years $birthdate_compare = date('Y-m-d', strtotime($year . "-" . $month . "-" . $day)); $today = date('Y-m-d', strtotime("-18 years", time())); if ($today > $birthdate_compare) { $flag["birthdate"] = 1; } } $flag["old_password"] = 1; $flag["new_password"] = 1; if (!empty($old_password) || !empty($new_password)) { $flag["old_password"] = checkCharacterLimit($old_password); $flag["new_password"] = checkCharacterLimit($new_password); $q = "SELECT username\n\t\t\tFROM user\n\t\t\tWHERE id=" . $_SESSION["user"] . " and password='******'"; $result = mysqli_query($con, $q); if (mysqli_num_rows($result) == 0) { $flag["old_password"] = 0; } } if (!in_array(0, $flag)) { $birthdate = date('Y-m-d', strtotime($year . "/" . $month . "/" . $day)); // mysqli_real_escape_string() allows quotation marks, apostrophes, and such to // be inputted without messing with the SQL statement $salutation = mysqli_real_escape_string($con, $salutation); $lname = mysqli_real_escape_string($con, $lname); $fname = mysqli_real_escape_string($con, $fname); $gender = mysqli_real_escape_string($con, $gender); $about = mysqli_real_escape_string($con, $about);