// process the contact info, if any $isOk = false; if ($isContactInfo == 1) { if ($contactType == "email") { $isOk = verify_email($contactInfo); } if ($contactType == "phone") { $isOk = verify_phone($contactInfo); $contactInfo = $contactInfo['phone1'] . $contactInfo['phone2'] . $contactInfo['phone3']; } } else { $isContactInfo = 0; } // in case something nasty happened. // clean a bit: $all_fields = clean_fields($all_fields); extract($all_fields); // main validation check if (checkEmpties($all_fields)) { if (dateCheckValid($all_fields)) { if (dateCheckSensible($all_fields)) { if (check_for_dups($all_fields)) { if ($isContactInfo == 0 and $isOk == false or $isContactInfo == 1 and $isOk == true) { // debugger option if ($GLOBALS['debug'] == false) { // enter event to main table: $query_post = "INSERT INTO user_events \n\t\t\t\t\t\t\t(user_id, event_title, event_description, end_date, \n\t\t\t\t\t\t\tstart_date, date_created, public, is_contactable, contact_type, contact_info) \n\t\t\t\t\t\t\tVALUES (?, ?, ?, ?, ?, NOW(), 1, ?, ?, ?)"; $stm = $cxn->prepare($query_post); $stm->bind_param("issssiss", $uid, $name, $descrip, $end, $begin, $isContactInfo, $contactType, $contactInfo); $stm->execute(); $stm->close();
<?php // autoload class include 'autoload.php'; function clean_fields($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); return $data; } $users_vo->setUsername(clean_fields($_POST["username"])); $users_vo->setPassword(clean_fields($_POST["password"])); echo $users_dao->insert($users_vo);