Exemplo n.º 1
0
 function join($title)
 {
     global $log;
     if ($this->login) {
         $check = mysql_select_string("SELECT `username` FROM `joined` WHERE `username` = '" . mysql_rescue($this->name) . "' AND `event_title` = '" . mysql_rescue($title) . "'");
         if ($check == false) {
             $result = mysql_insert("INSERT INTO `joined` (`username`, `event_title`) VALUES('" . mysql_rescue($this->name) . "', '" . mysql_rescue($title) . "')");
             $log .= '[ joined ' . $title . ' as ' . $this->name . ': ' . $result . '(' . mysql_error() . ') ]';
         } else {
             $log .= '[ already joined ' . $title . ' as ' . $this->name . ' ]';
         }
     } else {
         $title = str_replace(' ', '_', $title);
         $result = $this->set_cookie('joined', $title);
         $log .= '[ joined ' . $title . ' in cookie ]';
     }
     return $result;
 }
Exemplo n.º 2
0
 }
 /*--- check username ---*/
 $check = $user->check_username($registration['username']);
 $loggedin = $registration['username'] == $user->name ? true : false;
 if ($check == true && $loggedin == false) {
     $errors['username'] = '******';
 }
 /*--- all ok? ---*/
 if (empty($errors)) {
     // save extra info
     $registration['ip'] = $_SERVER['REMOTE_ADDR'];
     $registration['time'] = date('c');
     // generate code
     do {
         $payment_code = generate_payment_code();
     } while (mysql_select_string("SELECT `payment_code` FROM `registers` WHERE `payment_code` = '" . mysql_rescue($payment_code) . "'"));
     // save info
     $insert = '';
     foreach ($registration as $key => $val) {
         // skip user/pass when logged in
         if ($user->login && $key == 'username' || $user->login && $key == 'password') {
             continue;
         }
         // save fields for query
         $insert .= "`" . $key . "` = '" . mysql_rescue($val) . "',";
     }
     $insert .= "`payment_code` = '" . $payment_code . "'";
     // already loggedin?
     if ($user->login) {
         // update account
         $input = mysql_update("UPDATE `registers` SET " . $insert . " WHERE `username` = '" . mysql_rescue($user->name) . "'");