require_once DOCROOT . 'include/config.php'; //collect users IP address $ip = $_SERVER['REMOTE_ADDR']; //cleanse the POST $dbFilter = new MysqlFilter(); $cPost = array(); foreach ($_POST as $key => $value) { $value = str_replace(",", "", $value); $cPost[$key] = $dbFilter->dbPrepare($value); } //set mandatory fields $newsletter_conf['mandatories'] = array("fname", "sname", "email-reg-news"); //set fields which must not contain numeric data $newsletter_conf['non_numeric'] = array("fname", "sname"); //First, lets make sure there are is no numeric data in the name fields $userValidate = UserDataValidator::getInstance($newsletter_conf['mandatories'], ''); if (!$userValidate->containsNumeric($cPost, $newsletter_conf['non_numeric'])) { //continue with processing //check mandatory information has been submitted if (FormValidator::checkMandatories($newsletter_conf['mandatories'], $cPost)) { //now check the email is a valid email //check email entered is a valid email $emailVerify = new EmailVerifier($cPost['email-reg-news']); if ($emailVerify->partVerify()) { //now we can check the entrant hasn't already entered //check for email already in database $sql = "SELECT count(*) FROM " . $newsletter_table . " where email='" . $cPost['email-reg-news'] . "'"; $qry = mysql_query($sql); $results = mysql_fetch_array($qry); $count = $results[0]; if ($count < 1) {
//collect users IP address $ip = $_SERVER['REMOTE_ADDR']; $source = 'online-form'; //cleanse the POST $dbFilter = new MysqlFilter(); $cPost = array(); foreach ($_POST as $key => $value) { $value = str_replace(",", "", $value); $cPost[$key] = $dbFilter->dbPrepare($value); } //set mandatory fields $prizedraw_conf['mandatories'] = array("fname", "sname", "email", "terms"); //set fields which must not contain numeric data $prizedraw_conf['non_numeric'] = array("fname", "sname"); //First, lets make sure there are is no numeric data in the name fields $userValidate = UserDataValidator::getInstance($prizedraw_conf['mandatories'], ''); if (!$userValidate->containsNumeric($cPost, $prizedraw_conf['non_numeric'])) { //continue with processing //check mandatory information has been submitted if (FormValidator::checkMandatories($prizedraw_conf['mandatories'], $cPost)) { //now check email and confirm email match if (FormValidator::fieldMatch($cPost['email'], $cPost['email_confirm'])) { //now check the email is a valid email //check email entered is a valid email $emailVerify = new EmailVerifier($cPost['email']); if ($emailVerify->partVerify()) { //now we can check the entrant hasn't already entered //check for email already in database $sql = "SELECT count(*) FROM " . $prizedraw_table . " where email='" . $cPost['email'] . "'"; $qry = mysql_query($sql); $results = mysql_fetch_array($qry);