<?php
include "config/config.php";
include "include/function.php";
include "include/logincheck.php";
if (isset($_POST['submit'])) {
$error = "";
if (!valid_mail($_POST['email'])) {
$error .= "Email is already registered<br>";
}
if (!valid_username($_POST['username'])) {
$error .= "Username is already registered<br>";
}
if ($error == "") {
$form_data = array('usertype' => $_POST['usertype'], 'username' => $_POST['username'], 'email' => $_POST['email'], 'fname' => $_POST['fname'], 'lname' => $_POST['lname'], 'phone' => $_POST['phone'], 'password' => $_POST['password'], 'debut' => date("Y-m-d H:i:s"));
InsertData(USER, $form_data);
$id = mysql_insert_id();
log_add_user($id);
email_add_user($id);
header("location:add-user.php?addsuccess");
}
}
?>
<!DOCTYPE html>
<!--[if IE 8]> <html lang="en" class="ie8 no-js"> <![endif]-->
<!--[if IE 9]> <html lang="en" class="ie9 no-js"> <![endif]-->
<!--[if !IE]><!-->
<html lang="en" class="no-js">
<!--<![endif]-->
<!-- BEGIN HEAD -->
$firstname = clean($_POST['firstname']);
$name = clean($_POST['name']);
$birthday = clean($_POST['birthday']);
$adress = clean($_POST['adress']);
$mail = clean($_POST['mail']);
$choice = clean($_POST['bleu_choice']);
$date_regex = '/(0[1-9]|[12][0-9]|3[01])[\\/.](0[1-9]|1[012])[\\/.](19|20)\\d\\d/';
// je réutilise les informations nettoyée en bonus, je vérifié que certaines informations ont une taille minimum
if ($firstname == '' || strlen($firstname) < 2) {
$errors['firstname'] = "<p>Il nous manque un <strong>prénom</strong> valable par ici</p>";
//si une erreur, je l'ajoute au tableau errors précédement crée.
}
if ($name == '' || strlen($name) < 2) {
$errors['name'] = "<p>Et un petit <strong>nom</strong> pour accompagner ce joli prénom ?</p>";
}
if ($mail == '' || !valid_mail($mail)) {
$errors['mail'] = "<p>Mince, <strong>l'email</strong> que tu me propose ne me semble pas valide</p>";
}
if ($birthday == '' || strlen($birthday) != 10) {
$errors['birthday'] = "<p>Oh, une <strong>date anniversaire</strong> que nous pouvons retenir ?</p>";
}
if (!preg_match($date_regex, $birthday)) {
$errors['birthday'] = "<p>as-tu essayé le format jj / mm / aaaa ?</p>";
}
if ($choice == '') {
$errors['choice'] = "<p>Dis moi tout, pourquoi veux-tu nous rejoindre ?</p>";
}
//SI mon tableau dispose d'une ou plusieurs entrée c'est qu'il y a des erreurs.
if (!empty($errors)) {
//dans le tableu session je lui crée un 'alias' errors dans lequel j'envoie mon tableau d'erreurs.
$_SESSION['errors'] = $errors;
$cname = trim($_REQUEST['cname']);
$icq = trim($_REQUEST['icq']);
$mail = trim($_REQUEST['mail']);
$msn = trim($_REQUEST['msn']);
$site = trim($_REQUEST['site']);
if (!$site) {
$site = "http://";
}
if ($name || $pass || $cname) {
if (!valid_clan_abbrev($cabbrev)) {
echo "Invalid clan abbreviation";
} else {
if (!valid_clan_name($cname)) {
echo "Invalid clan name";
} else {
if (!valid_mail($mail)) {
echo "Invalid email address";
} else {
if (get_player($name)) {
if ($player = get_player2($name, $pass)) {
if ($clan = mysql_fetch_array(db_query(sprintf("select name, full_name from xwi_clans where name = '%s' or full_name = '%s'", addslashes($cabbrev), addslashes($cname))))) {
printf("Clan %s (%s) already exists", $clan['name'], $clan['full_name']);
} else {
do {
$cpass = new_security_code();
$results = db_query(sprintf("select count(*) from xwi_clans where pass = md5('%s')", $cpass));
$result = mysql_fetch_array($results);
} while ($result['0']);
db_query(sprintf("insert into xwi_clans (creator, leader, name, full_name, pass, icq, mail, msn, site, mtime, ctime) values (%d, %d, lcase('%s'), '%s', md5('%s'), %d, lcase('%s'), lcase('%s'), lcase('%s'), unix_timestamp(), unix_timestamp())", $player['pid'], $player['pid'], addslashes($cabbrev), addslashes($cname), $cpass, $icq, addslashes($mail), addslashes($msn), addslashes($site)));
$cid = mysql_insert_id();
db_query(sprintf("update xwi_players set cid = %d, mtime = unix_timestamp() where pid = %d", $cid, $player['pid']));
public function save_mail()
{
$mail = $this->params->data['mail'];
$check_mail = $this->User->find('count', array('conditions' => array('mail' => $mail)));
// почтвый ящик используется в проекте
if ($check_mail > 0) {
$this->redirect(array('controller' => 'backoffice', 'action' => 'change_mail', '?' => array('result' => 'mail_exists')));
exit;
}
if (!valid_mail($mail)) {
$this->redirect(array('controller' => 'backoffice', 'action' => 'change_mail', '?' => array('result' => 'wrong_mail')));
exit;
}
$this->User->id = $this->user_data["User"]["id"];
$this->User->save(array('mail' => $mail));
$this->redirect(array('controller' => 'backoffice', 'action' => 'change_mail', '?' => array('result' => 'mail_saved')));
exit;
}
<?php
include "../controller/headers.php";
$conn = db_connect(_DB_SERVER_, _DB_USER_, _DB_PASSWD_, _DB_NAME_);
if (isset($_SESSION['id_customer']) && isset($_POST["mail"]) && valid_mail($_POST["mail"]) && isset($_POST["phone"]) && valid_phone($_POST["phone"]) && isset($_POST["address"]) && valid_address($_POST["address"]) && isset($_POST["delivery_address"]) && valid_address($_POST["delivery_address"]) && isset($_POST["shipping_address"]) && valid_address($_POST["shipping_address"]) && isset($_POST["postal"]) && valid_postal($_POST["postal"]) && isset($_POST["city"]) && valid_name($_POST["city"]) && isset($_POST["shipping_postal"]) && valid_postal($_POST["shipping_postal"]) && isset($_POST["shipping_city"]) && valid_name($_POST["shipping_city"]) && isset($_POST["delivery_postal"]) && valid_postal($_POST["delivery_postal"]) && isset($_POST["delivery_city"]) && valid_name($_POST["delivery_city"])) {
$stmt = $conn->prepare("UPDATE gc_customers SET mail=:r_mail, phone=:r_phone, address=:r_address, \n\t\tdelivery_address=:r_delivery_address, shipping_address=:r_shipping_address, postal_code=:r_postal_code, city=:r_city, \n\t\tdelivery_postal_code=:r_delivery_postal_code, delivery_city=:r_delivery_city, \n\t\tshipping_postal_code=:r_shipping_postal_code, shipping_city=:r_shipping_city WHERE id_customer=:r_customer");
$stmt->execute(array('r_mail' => $_POST['mail'], 'r_phone' => $_POST['phone'], 'r_address' => $_POST['address'], 'r_delivery_address' => $_POST['delivery_address'], 'r_shipping_address' => $_POST['shipping_address'], 'r_postal_code' => $_POST['postal'], 'r_city' => $_POST['city'], 'r_delivery_postal_code' => $_POST['delivery_postal'], 'r_delivery_city' => $_POST['delivery_city'], 'r_shipping_postal_code' => $_POST['shipping_postal'], 'r_shipping_city' => $_POST['shipping_city'], 'r_customer' => $_SESSION['id_customer']));
$stmt->closeCursor();
}
if (isset($_SESSION['id_customer']) && isset($_POST["firstname"]) && isset($_POST["lastname"]) && isset($_POST["card_type"]) && isset($_POST["card_number"]) && isset($_POST["cryptogram"]) && isset($_POST["expiring_date"])) {
$stmt = $conn->prepare("UPDATE gc_cards SET firstname_customer=:r_firstname_card, lastname_customer=:r_lastname_card, \n\t\tcard_type=:r_card_type, card_number=:r_card_number, cryptogram=:r_cryptogram, expiring_date=:r_expiring_date\n\t\tWHERE id_customer=:r_customer");
$stmt->execute(array('r_firstname_card' => ucfirst(strtolower($_POST['firstname'])), 'r_lastname_card' => ucfirst(strtolower($_POST['lastname'])), 'r_card_type' => $_POST['card_type'], 'r_card_number' => $_POST['card_number'], 'r_cryptogram' => $_POST['cryptogram'], 'r_expiring_date' => $_POST['expiring_date'], 'r_customer' => $_SESSION['id_customer']));
$stmt->closeCursor();
}
header('Location: ../view/account.php');
<?php
include "../controller/headers.php";
$conn = db_connect(_DB_SERVER_, _DB_USER_, _DB_PASSWD_, _DB_NAME_);
if (is_Not_Null($_POST["lastname"]) && valid_name($_POST["lastname"]) && is_Not_Null($_POST["firstname"]) && valid_name($_POST["firstname"]) && is_Not_Null($_POST["birthday"]) && valid_birthday($_POST["birthday"]) && is_Not_Null($_POST["phone"]) && valid_phone($_POST["phone"]) && is_Not_Null($_POST["address"]) && valid_address($_POST["address"]) && is_Not_Null($_POST["postal"]) && valid_postal($_POST["postal"]) && is_Not_Null($_POST["city"]) && valid_name($_POST["city"]) && is_Not_Null($_POST["email"]) && valid_mail($_POST["email"]) && is_Not_Null($_POST["pwd"]) && is_Not_Null($_POST["pwd2"]) && valid_pwd($_POST["pwd"], $_POST["pwd2"])) {
$stmt3 = $conn->prepare("SELECT mail FROM gc_customers WHERE mail = :r_mail");
$stmt3->execute(array('r_mail' => $_POST['email']));
if ($stmt3->fetch() == false) {
$stmt = $conn->prepare("INSERT INTO gc_customers (firstname_customer, lastname_customer, birthday, mail, \n\t\t\tphone, pwd, address ,delivery_address, shipping_address, postal_code, city, delivery_postal_code, delivery_city, shipping_postal_code, \n\t\t\tshipping_city) VALUES(:r_firstname, :r_lastname, :r_birthday, :r_mail, :r_phone, :r_pwd, :r_address, :r_address, :r_address, :r_postal, \n\t\t\t:r_city, :r_postal, :r_city, :r_postal, :r_city)");
$stmt->execute(array('r_lastname' => ucfirst(strtolower($_POST["lastname"])), 'r_firstname' => ucfirst(strtolower($_POST["firstname"])), 'r_birthday' => $_POST["birthday"], 'r_phone' => $_POST["phone"], 'r_address' => $_POST["address"], 'r_postal' => $_POST["postal"], 'r_city' => $_POST["city"], 'r_mail' => $_POST['email'], 'r_pwd' => md5($_POST['pwd'])));
$stmt->closeCursor();
$stmt = $conn->prepare("SELECT id_customer, firstname_customer FROM gc_customers WHERE mail = :r_mail");
$stmt->execute(array('r_mail' => $_POST['email']));
$res = $stmt->fetch();
$stmt2 = $conn->prepare("INSERT INTO gc_cards (firstname_customer, lastname_customer, card_type, id_customer) \n\t\t\t\t\tVALUES('','','',:r_customer)");
$stmt2->execute(array('r_customer' => $res['id_customer']));
$_SESSION['id_customer'] = $res['id_customer'];
$_SESSION['firstname_customer'] = $res['firstname_customer'];
header('Location: ../view/index.php');
$stmt2->closeCursor();
$stmt->closeCursor();
} else {
echo '<script>alert("' . utf8_decode("Ce compte existe déja!") . '")</script>';
header('Refresh: 0; URL=../view/login.php');
}
} else {
header('Location: ../view/login.php');
}
