break; } if ($tsocial !== '') { if (strpos(' ' . $tsocial, 'http://' . $socheck) || strpos(' ' . $tsocial, 'https://' . $socheck) || strpos(' ' . $tsocial, 'http://www.' . $socheck) || strpos(' ' . $tsocial, 'https://www.' . $socheck)) { return $tsocial; } else { return 'bad'; } } else { return ''; } } $facebook = validLink($facebook, 'facebook'); $youtube = validLink($youtube, 'youtube'); $linkedin = validLink($linkedin, 'linkedin'); $google = validLink($google, 'google'); $instagram = validLink($instagram, 'instagram'); $flickr = validLink($flickr, 'flickr'); $tumblr = validLink($tumblr, 'tumblr'); $pinterest = validLink($pinterest, 'pinterest'); $twitter = validLink($twitter, 'twitter'); if ($facebook == 'bad' || $youtube == 'bad' || $linkedin == 'bad' || $google == 'bad' || $instagram == 'bad' || $flickr == 'bad' || $tumblr == 'bad' || $pinterest == 'bad' || $twitter == 'bad') { $soerror = 1; } if ($soerror < 1) { $mysqli->query("UPDATE users SET facebook = '{$facebook}', youtube = '{$youtube}', linkedin = '{$linkedin}'\r\n\t\t, google = '{$google}', instagram = '{$instagram}', flickr = '{$flickr}', tumblr = '{$tumblr}', pinterest = '{$pinterest}', twitter = '{$twitter}' WHERE user_name = '{$me}'"); echo 1; } else { echo 2; } }
<?php include "config.php"; include "functions.php"; websiteHeader(); ?> <body> <div class="reset-container"> <?php if (!empty($_GET['email']) && !empty($_GET['resetHash'])) { $email = mysql_escape_string($_GET['email']); //Further SQL Inject prevention. $resetHash = mysql_escape_string($_GET['resetHash']); if (validLink($email, $resetHash)) { ?> <div class="reset-form"> <span>Please enter a new password</span> <form method="post" action="resetpassword.php" name="resetForm" id="resetForm"> <!-- Reset Form --> <input type="password" name="passwordOne" id="passwordOne" placeholder="NEW PASSWORD" /> <input type="password" name="passwordTwo" id="passwordTwo" placeholder="CONFIRM PASSWORD" /> <input type="hidden" name="email" value="<?php echo $email; ?> " /> <input type="hidden" name="resetHash" value="<?php echo $resetHash; ?> " />