<?php $username = null; $server_name = $_SERVER['PHP_SELF']; $new_password = null; ?> <?php // -begin lost if (isset($_POST['submit'])) { $email = $_POST['email']; $required_fields = array("email"); validate_presences($required_fields); validate_email("email"); if (empty($errors)) { } $found_admin = find_admin_by_email($email); if ($found_admin) { // do not execute on localhost (db connection) if ($server_name != $server_local) { $username = $found_admin['username']; $new_password = substr(md5(rand()), 0, 7); $id = $found_admin['id']; $hashed_password = password_encrypt($new_password); $query = "UPDATE admins SET "; $query .= "username = '******', "; $query .= "hashed_password = '******' "; $query .= "WHERE id = {$id} ";
// var_dump($_POST); foreach ($_POST as $key => $value) { $temp = is_array($value) ? $value : trim($value); if (empty($temp) && in_array($key, $required_fields)) { // $missing[] = $key; ${$key} = ''; } elseif (in_array($key, $expected)) { ${$key} = $temp; } } if (isset($pseudo)) { $type_transport = type_transport($pseudo); } $aller_retour = "AllerSimple"; validate_presences($required_fields); validate_presences($warning_fields, true); validate_chauffeur_by_name($chauffeur); // validation_pseudo_clients($pseudo); // validate_pseudo($pseudo,$pseudo_autres,$nom_patient,true); // validate_pseudo_bon_no($pseudo,$bon_no,true); if (isset($chauffeur)) { validate_chauffeur_by_name($chauffeur); } if (isset($pseudo)) { validation_pseudo_clients($pseudo); } if (isset($pseudo) && isset($pseudo_autres) && isset($nom_patient)) { validate_pseudo($pseudo, $pseudo_autres, $nom_patient, true); } if (isset($pseudo) && isset($bon_no)) { validate_pseudo_bon_no($pseudo, $bon_no, true);
/** Form processing for the feedback form */ function process_feedback_form() { global $errors; $required_fields = array("stars", "comment", "title"); validate_presences($required_fields); $fields_with_max_lengths = array("title" => 20); validate_max_lengths($fields_with_max_lengths); if (empty($errors)) { leaveFeedback(); } }
function check_event_add() { if (isset($_POST['add'])) { // User is adding an event. global $connection; global $errors; // Determine add target. $query = "SELECT * FROM events"; $response = mysqli_query($connection, $query); $addtarget = (int) mysqli_num_rows($response) + 1; // Validate data. $required_fields = array("event_name{$addtarget}", "event_location{$addtarget}", "event_datetime{$addtarget}", "event_description{$addtarget}"); validate_presences($required_fields); foreach ($required_fields as $value) { $_POST[$value] = mysql_prep($_POST[$value]); } // Update Database with new data. if (empty($errors)) { $query = "INSERT INTO events ("; $query .= " name, location, description, datetime"; $query .= ") VALUES ("; $query .= " '{$_POST["event_name" . $addtarget]}', \n\t\t\t \t\t\t'{$_POST["event_location" . $addtarget]}', \n\t\t\t \t\t\t'{$_POST["event_description" . $addtarget]}', \n\t\t\t \t\t\t'{$_POST["event_datetime" . $addtarget]}'"; $query .= ")"; $result = mysqli_query($connection, $query); confirm_query($result); $_SESSION["message"] = "Event added!"; } else { $_SESSION["message"] = "Event add failed! Try again?"; } redirect_to("index.php?redirect=events"); } }