</head> <body> <?php if (!empty(protect($_POST['email']))) { $email = protect($_POST['email']); $pass = protect($_POST['password']); $error = 0; function nullchk($string) { global $error; if (empty($string)) { $error++; } } nullchk($email); nullchk($pass); //Hash password $pass = hashword($pass, $hash); if ($error === 0) { $logsql = "SELECT *\n\t\t\tFROM tbl_members\n\t\t\tWHERE\n\t\t\temail = '{$email}'\n\t\t\tAND\n\t\t\tpassword = '******'\n\t\t\t"; $logqry = mysql_query($logsql); while ($log = mysql_fetch_assoc($logqry)) { $_SESSION['user'] = $log; header('Location: ./usr.php'); } } else { echo 'errors'; } } $page = 'Login'; include_once './include/header.php';
$mob = protect($_POST['mob']); $email = protect($_POST['email']); $errors = 0; $txterror = ''; function nullchk($string, $item) { global $errors; if (empty($string)) { $errors++; $txterror .= '<p class="error">No ' . $item . ' value was detected. Please try again.</p>'; } } nullchk($fname, 'First Name'); nullchk($sname, 'Surname'); nullchk($orga, 'Organisation'); nullchk($email, 'Email Address'); if ($errors === 0) { $sqlerror = 0; $emailchk = "SELECT *\n FROM tbl_contacts\n WHERE\n email = '{$email}'\n "; $emailchkqry = mysql_query($emailchk); while ($emailchkres = mysql_fetch_assoc($emailchkqry)) { $sqlerror++; } if ($sqlerror === 0) { $user = $_SESSION['user']['id']; $date = date("G:i:s j/m/Y"); $addsql = "INSERT INTO tbl_contacts\n (\n firstname,\n surname,\n organisation,\n role,\n tel,\n mob,\n email,\n user,\n date\n ) VALUES (\n '{$fname}',\n '{$sname}',\n '{$orga}',\n '{$role}',\n '{$tel}',\n '{$mob}',\n '{$email}',\n '{$user}',\n '{$date}'\n )"; //echo $addsql; if (mysql_query($addsql)) { echo '<p class="success">The contact has been added to the site.</p>'; } else {