$success_registration = 0;
if (isset($_POST['submit_btn'])) {
if ($_POST['submit_btn'] == "submit_val") {
$ch = new clean_and_hash();
$name = $ch->clean_all_tags($_POST['name']);
$email = $ch->clean_all_tags($_POST['email']);
$password = $ch->clean_all_tags($_POST['password']);
$c_password = $ch->clean_all_tags($_POST['c_password']);
if ($password != $c_password) {
header('location:signup.php?error=1');
}
$secure_pass = $ch->password_hash($email, $password);
$activation_id = $ch->get_activation_code($email);
$dbconn = new db_connection();
$prepare_statement = "SELECT * from " . user_profile . " where email = '" . $email . "' and reg_type='self'";
$result = $dbconn->query($prepare_statement);
$num_rows = $result->num_rows;
if ($num_rows == 0) {
// new users
$insert_statement = "INSERT into " . user_profile . " (email,password,name,activation_id) values ('" . $email . "','" . $secure_pass . "','" . $name . "','" . $activation_id . "')";
$insert_cmd = $dbconn->query($insert_statement);
if ($insert_cmd) {
$success_registration = 1;
} else {
$success_registration = 0;
}
} else {
// user already exists send back to login.php with some verify & userid
header('location:login.php?return=verify&user=' . $email);
//print "User already registered";
}
<?php
session_start();
header("Content-Type:application/json");
require_once '../cfg/common.php';
$dbconn = new db_connection();
$logged_user = $_SESSION['mms_logged_uid'];
$start = $_GET['start'];
$end = $_GET['end'];
$prepare_statement = "SELECT * from " . expense_details . " a, " . user_split_expense . " b where a.exp_id = b.exp_id and b.email='" . $logged_user . "'";
//echo $prepare_statement;
$result = $dbconn->query($prepare_statement);
$expense = array();
$num_rows = 0;
//start=2014-11-30&end=2015-01-11&timezone=UTC&_=1420015222023"
if ($result->num_rows > 0) {
while ($row = mysqli_fetch_assoc($result)) {
$expenseArray['id'] = $row['exp_id'];
$expenseArray['title'] = $row['expense_title'];
$expenseArray['description'] = $row['expense_desc'];
$expenseArray['amount'] = $row['expense_total'];
$expenseArray['start'] = $row['exp_date'];
$expenseArray['allDay'] = "1";
$expense[$num_rows] = $expenseArray;
$num_rows++;
}
}
echo json_encode($expense);
//exp_id,expense_title,expense_desc, expense_total,exp_owner,exp_date
require_once '../cfg/common.php';
require_once '../cfg/config.php';
$ch = new clean_and_hash();
$bill_title = $ch->clean_all_tags($_POST['bill_title']);
$bill_desc = $ch->clean_all_tags($_POST['bill_description']);
$bill_amount = $ch->clean_all_tags($_POST['bill_amount']);
$start_bill_day = $ch->clean_all_tags($_POST['start_bill_day']);
$date = new DateTime();
$unix_date = $date->getTimestamp();
$bill_id = sha1($_SESSION['mms_logged_uid'] . $unix_date);
$dbconn = new db_connection();
$success_addbill = -1;
$logged_user = $_SESSION['mms_logged_uid'];
$sum_of_all_shares = 0;
$insert_statement = "INSERT into " . expense_details . " (exp_id,expense_title,expense_desc, expense_total,exp_owner,exp_date) values ('" . $bill_id . "','" . $bill_title . "','" . $bill_desc . "'," . $bill_amount . ",'" . $logged_user . "','" . $start_bill_day . "')";
$insert_cmd = $dbconn->query($insert_statement);
if ($insert_cmd) {
$success_addbill = 1;
} else {
$success_addbill = 0;
}
if (isset($_POST['split_frens_check'])) {
$num_of_frens = 1;
$success_fren_add_share = 0;
$failure_fren_add_share = 0;
while (isset($_POST["name{$num_of_frens}"])) {
$fren_name = $ch->clean_all_tags($_POST["name{$num_of_frens}"]);
$fren_share = $ch->clean_all_tags($_POST["share{$num_of_frens}"]);
$sum_of_all_shares += $fren_share;
$insert_statement_fren = "INSERT into " . user_split_expense . " (email,exp_id,exp_share) values ('" . $fren_name . "','" . $bill_id . "'," . $fren_share . ")";
$insert_fren_share = $dbconn->query($insert_statement_fren);
