<?php include "config/config.php"; include "include/function.php"; include "include/logincheck.php"; if (isset($_POST['submit'])) { $error = ""; if (!valid_mail($_POST['email'])) { $error .= "Email is already registered<br>"; } if (!valid_username($_POST['username'])) { $error .= "Username is already registered<br>"; } if ($error == "") { $form_data = array('usertype' => $_POST['usertype'], 'username' => $_POST['username'], 'email' => $_POST['email'], 'fname' => $_POST['fname'], 'lname' => $_POST['lname'], 'phone' => $_POST['phone'], 'password' => $_POST['password'], 'debut' => date("Y-m-d H:i:s")); InsertData(USER, $form_data); $id = mysql_insert_id(); log_add_user($id); email_add_user($id); header("location:add-user.php?addsuccess"); } } ?> <!DOCTYPE html> <!--[if IE 8]> <html lang="en" class="ie8 no-js"> <![endif]--> <!--[if IE 9]> <html lang="en" class="ie9 no-js"> <![endif]--> <!--[if !IE]><!--> <html lang="en" class="no-js"> <!--<![endif]--> <!-- BEGIN HEAD -->
$firstname = clean($_POST['firstname']); $name = clean($_POST['name']); $birthday = clean($_POST['birthday']); $adress = clean($_POST['adress']); $mail = clean($_POST['mail']); $choice = clean($_POST['bleu_choice']); $date_regex = '/(0[1-9]|[12][0-9]|3[01])[\\/.](0[1-9]|1[012])[\\/.](19|20)\\d\\d/'; // je réutilise les informations nettoyée en bonus, je vérifié que certaines informations ont une taille minimum if ($firstname == '' || strlen($firstname) < 2) { $errors['firstname'] = "<p>Il nous manque un <strong>prénom</strong> valable par ici</p>"; //si une erreur, je l'ajoute au tableau errors précédement crée. } if ($name == '' || strlen($name) < 2) { $errors['name'] = "<p>Et un petit <strong>nom</strong> pour accompagner ce joli prénom ?</p>"; } if ($mail == '' || !valid_mail($mail)) { $errors['mail'] = "<p>Mince, <strong>l'email</strong> que tu me propose ne me semble pas valide</p>"; } if ($birthday == '' || strlen($birthday) != 10) { $errors['birthday'] = "<p>Oh, une <strong>date anniversaire</strong> que nous pouvons retenir ?</p>"; } if (!preg_match($date_regex, $birthday)) { $errors['birthday'] = "<p>as-tu essayé le format jj / mm / aaaa ?</p>"; } if ($choice == '') { $errors['choice'] = "<p>Dis moi tout, pourquoi veux-tu nous rejoindre ?</p>"; } //SI mon tableau dispose d'une ou plusieurs entrée c'est qu'il y a des erreurs. if (!empty($errors)) { //dans le tableu session je lui crée un 'alias' errors dans lequel j'envoie mon tableau d'erreurs. $_SESSION['errors'] = $errors;
$cname = trim($_REQUEST['cname']); $icq = trim($_REQUEST['icq']); $mail = trim($_REQUEST['mail']); $msn = trim($_REQUEST['msn']); $site = trim($_REQUEST['site']); if (!$site) { $site = "http://"; } if ($name || $pass || $cname) { if (!valid_clan_abbrev($cabbrev)) { echo "Invalid clan abbreviation"; } else { if (!valid_clan_name($cname)) { echo "Invalid clan name"; } else { if (!valid_mail($mail)) { echo "Invalid email address"; } else { if (get_player($name)) { if ($player = get_player2($name, $pass)) { if ($clan = mysql_fetch_array(db_query(sprintf("select name, full_name from xwi_clans where name = '%s' or full_name = '%s'", addslashes($cabbrev), addslashes($cname))))) { printf("Clan %s (%s) already exists", $clan['name'], $clan['full_name']); } else { do { $cpass = new_security_code(); $results = db_query(sprintf("select count(*) from xwi_clans where pass = md5('%s')", $cpass)); $result = mysql_fetch_array($results); } while ($result['0']); db_query(sprintf("insert into xwi_clans (creator, leader, name, full_name, pass, icq, mail, msn, site, mtime, ctime) values (%d, %d, lcase('%s'), '%s', md5('%s'), %d, lcase('%s'), lcase('%s'), lcase('%s'), unix_timestamp(), unix_timestamp())", $player['pid'], $player['pid'], addslashes($cabbrev), addslashes($cname), $cpass, $icq, addslashes($mail), addslashes($msn), addslashes($site))); $cid = mysql_insert_id(); db_query(sprintf("update xwi_players set cid = %d, mtime = unix_timestamp() where pid = %d", $cid, $player['pid']));
public function save_mail() { $mail = $this->params->data['mail']; $check_mail = $this->User->find('count', array('conditions' => array('mail' => $mail))); // почтвый ящик используется в проекте if ($check_mail > 0) { $this->redirect(array('controller' => 'backoffice', 'action' => 'change_mail', '?' => array('result' => 'mail_exists'))); exit; } if (!valid_mail($mail)) { $this->redirect(array('controller' => 'backoffice', 'action' => 'change_mail', '?' => array('result' => 'wrong_mail'))); exit; } $this->User->id = $this->user_data["User"]["id"]; $this->User->save(array('mail' => $mail)); $this->redirect(array('controller' => 'backoffice', 'action' => 'change_mail', '?' => array('result' => 'mail_saved'))); exit; }
<?php include "../controller/headers.php"; $conn = db_connect(_DB_SERVER_, _DB_USER_, _DB_PASSWD_, _DB_NAME_); if (isset($_SESSION['id_customer']) && isset($_POST["mail"]) && valid_mail($_POST["mail"]) && isset($_POST["phone"]) && valid_phone($_POST["phone"]) && isset($_POST["address"]) && valid_address($_POST["address"]) && isset($_POST["delivery_address"]) && valid_address($_POST["delivery_address"]) && isset($_POST["shipping_address"]) && valid_address($_POST["shipping_address"]) && isset($_POST["postal"]) && valid_postal($_POST["postal"]) && isset($_POST["city"]) && valid_name($_POST["city"]) && isset($_POST["shipping_postal"]) && valid_postal($_POST["shipping_postal"]) && isset($_POST["shipping_city"]) && valid_name($_POST["shipping_city"]) && isset($_POST["delivery_postal"]) && valid_postal($_POST["delivery_postal"]) && isset($_POST["delivery_city"]) && valid_name($_POST["delivery_city"])) { $stmt = $conn->prepare("UPDATE gc_customers SET mail=:r_mail, phone=:r_phone, address=:r_address, \n\t\tdelivery_address=:r_delivery_address, shipping_address=:r_shipping_address, postal_code=:r_postal_code, city=:r_city, \n\t\tdelivery_postal_code=:r_delivery_postal_code, delivery_city=:r_delivery_city, \n\t\tshipping_postal_code=:r_shipping_postal_code, shipping_city=:r_shipping_city WHERE id_customer=:r_customer"); $stmt->execute(array('r_mail' => $_POST['mail'], 'r_phone' => $_POST['phone'], 'r_address' => $_POST['address'], 'r_delivery_address' => $_POST['delivery_address'], 'r_shipping_address' => $_POST['shipping_address'], 'r_postal_code' => $_POST['postal'], 'r_city' => $_POST['city'], 'r_delivery_postal_code' => $_POST['delivery_postal'], 'r_delivery_city' => $_POST['delivery_city'], 'r_shipping_postal_code' => $_POST['shipping_postal'], 'r_shipping_city' => $_POST['shipping_city'], 'r_customer' => $_SESSION['id_customer'])); $stmt->closeCursor(); } if (isset($_SESSION['id_customer']) && isset($_POST["firstname"]) && isset($_POST["lastname"]) && isset($_POST["card_type"]) && isset($_POST["card_number"]) && isset($_POST["cryptogram"]) && isset($_POST["expiring_date"])) { $stmt = $conn->prepare("UPDATE gc_cards SET firstname_customer=:r_firstname_card, lastname_customer=:r_lastname_card, \n\t\tcard_type=:r_card_type, card_number=:r_card_number, cryptogram=:r_cryptogram, expiring_date=:r_expiring_date\n\t\tWHERE id_customer=:r_customer"); $stmt->execute(array('r_firstname_card' => ucfirst(strtolower($_POST['firstname'])), 'r_lastname_card' => ucfirst(strtolower($_POST['lastname'])), 'r_card_type' => $_POST['card_type'], 'r_card_number' => $_POST['card_number'], 'r_cryptogram' => $_POST['cryptogram'], 'r_expiring_date' => $_POST['expiring_date'], 'r_customer' => $_SESSION['id_customer'])); $stmt->closeCursor(); } header('Location: ../view/account.php');
<?php include "../controller/headers.php"; $conn = db_connect(_DB_SERVER_, _DB_USER_, _DB_PASSWD_, _DB_NAME_); if (is_Not_Null($_POST["lastname"]) && valid_name($_POST["lastname"]) && is_Not_Null($_POST["firstname"]) && valid_name($_POST["firstname"]) && is_Not_Null($_POST["birthday"]) && valid_birthday($_POST["birthday"]) && is_Not_Null($_POST["phone"]) && valid_phone($_POST["phone"]) && is_Not_Null($_POST["address"]) && valid_address($_POST["address"]) && is_Not_Null($_POST["postal"]) && valid_postal($_POST["postal"]) && is_Not_Null($_POST["city"]) && valid_name($_POST["city"]) && is_Not_Null($_POST["email"]) && valid_mail($_POST["email"]) && is_Not_Null($_POST["pwd"]) && is_Not_Null($_POST["pwd2"]) && valid_pwd($_POST["pwd"], $_POST["pwd2"])) { $stmt3 = $conn->prepare("SELECT mail FROM gc_customers WHERE mail = :r_mail"); $stmt3->execute(array('r_mail' => $_POST['email'])); if ($stmt3->fetch() == false) { $stmt = $conn->prepare("INSERT INTO gc_customers (firstname_customer, lastname_customer, birthday, mail, \n\t\t\tphone, pwd, address ,delivery_address, shipping_address, postal_code, city, delivery_postal_code, delivery_city, shipping_postal_code, \n\t\t\tshipping_city) VALUES(:r_firstname, :r_lastname, :r_birthday, :r_mail, :r_phone, :r_pwd, :r_address, :r_address, :r_address, :r_postal, \n\t\t\t:r_city, :r_postal, :r_city, :r_postal, :r_city)"); $stmt->execute(array('r_lastname' => ucfirst(strtolower($_POST["lastname"])), 'r_firstname' => ucfirst(strtolower($_POST["firstname"])), 'r_birthday' => $_POST["birthday"], 'r_phone' => $_POST["phone"], 'r_address' => $_POST["address"], 'r_postal' => $_POST["postal"], 'r_city' => $_POST["city"], 'r_mail' => $_POST['email'], 'r_pwd' => md5($_POST['pwd']))); $stmt->closeCursor(); $stmt = $conn->prepare("SELECT id_customer, firstname_customer FROM gc_customers WHERE mail = :r_mail"); $stmt->execute(array('r_mail' => $_POST['email'])); $res = $stmt->fetch(); $stmt2 = $conn->prepare("INSERT INTO gc_cards (firstname_customer, lastname_customer, card_type, id_customer) \n\t\t\t\t\tVALUES('','','',:r_customer)"); $stmt2->execute(array('r_customer' => $res['id_customer'])); $_SESSION['id_customer'] = $res['id_customer']; $_SESSION['firstname_customer'] = $res['firstname_customer']; header('Location: ../view/index.php'); $stmt2->closeCursor(); $stmt->closeCursor(); } else { echo '<script>alert("' . utf8_decode("Ce compte existe déja!") . '")</script>'; header('Refresh: 0; URL=../view/login.php'); } } else { header('Location: ../view/login.php'); }