echo '<p><a href="registrationlist.php">RETURN TO REGISTRATION LIST</a></p>';
//SET VARIABLES WE WILL NEED LATER
$showform = 0;
$errormessage = "";
//ONCE WE HAVE PRESSED SUBMIT, DO SOMETHING....
if (isset($_POST['submit'])) {
$_GET['x'] = $_POST['x'];
//SET ALL POST VARIABLES
$FORMFIELD['first'] = htmlchars(cleanse($_POST['first']));
$FORMFIELD['mi'] = htmlchars(cleanse($_POST['mi']));
$FORMFIELD['last'] = htmlchars(cleanse($_POST['last']));
$FORMFIELD['email'] = strtolower(htmlchars(cleanse($_POST['email'])));
$FORMFIELD['username'] = strtolower(htmlchars(cleanse($_POST['username'])));
$FORMFIELD['gender'] = $_POST['gender'];
$FORMFIELD['status'] = $_POST['status'];
$FORMFIELD['bio'] = cleanse($_POST['bio']);
//check for empty fields
if ($FORMFIELD['first'] == "") {
$errormessage .= "<p>FIRST NAME IS MISSING.</p>";
}
if ($FORMFIELD['last'] == "") {
$errormessage .= "<p>LAST NAME IS MISSING.</p>";
}
if ($FORMFIELD['email'] == "") {
$errormessage .= "<p>EMAIL IS MISSING.</p>";
}
if ($FORMFIELD['username'] == "") {
$errormessage .= "<p>USERNAME IS MISSING.</p>";
}
if ($FORMFIELD['gender'] == "") {
$errormessage .= "<p>GENDER IS MISSING.</p>";
* Time: 7:02 PM
*/
$title = 'Email User Name';
$showform = 0;
include_once 'header.php';
include_once 'menu.php';
require_once 'connect.php';
require_once 'functions.inc.php';
$sendUser = "";
$to = $_POST['email'];
$subject = "Username";
$from = "*****@*****.**";
$message = "Your username is: ";
if (isset($_POST['submit'])) {
//CHECK IF EMAIL EXISTS
$FORMFIELD['email'] = strtolower(cleanse($_POST['email']));
//CHECK IF USER EXIST
try {
//echo 'In try SELECT';
$sql = 'SELECT email FROM registration WHERE email = :email';
$statement = $pdo->prepare($sql);
$statement->bindValue(':email', $FORMFIELD['email']);
$statement->execute();
$count = $statement->rowCount();
} catch (PDOException $e) {
echo 'Error getting information: ' . $e->getMessage();
exit;
}
if ($count != 1) {
echo 'That email <em>does not exist</em>';
} else {
<?php
$title = "Login";
include_once 'header.inc.php';
include_once 'menu.inc.php';
require_once 'connect.php';
require_once 'functions.inc.php';
$showform = 0;
$errormessage = "";
if (isset($_POST['submit'])) {
//CLEANSE DATA THE SAME AS THE REGISTRATION PAGE
$FORMFIELD['username'] = strtolower(htmlchars(cleanse($_POST['username'])));
$FORMFIELD['pwd'] = cleanse($_POST['pwd']);
//CHECKING FOR EMPTY FIELDS THE SAME AS THE REGISTRATION PAGE
if ($FORMFIELD['username'] == "") {
$errormessage .= "<p>USERNAME IS MISSING.</p>";
}
if ($FORMFIELD['pwd'] == "") {
$errormessage .= "<p>PASSWORD IS MISSING.</p>";
}
//display error
if ($errormessage != "") {
echo $errormessage;
} else {
//GET THE USERNAME AND SALT FROM THE DATABASE
try {
$sql = 'SELECT username, salt FROM registration WHERE username = :username';
$s = $pdo->prepare($sql);
$s->bindValue(':username', $FORMFIELD['username']);
$s->execute();
$count = $s->rowCount();
* Created by PhpStorm.
* User: Richard
* Date: 2/11/2015
* Time: 7:02 PM
*/
$title = "Password Reset";
$showform = 0;
$title = "Password Reset";
include_once 'header.php';
include_once 'menu.php';
require_once 'connect.php';
require_once 'functions.inc.php';
if (isset($_POST['submit'])) {
$FORMFIELD['secQ'] = cleanse($_POST['secQ']);
$FORMFIELD['secA'] = cleanse($_POST['secA']);
$FORMFIELD['userName'] = strtolower(cleanse($_POST['userName']));
//CHECK IF USER EXIST
try {
//echo 'In try SELECT';
$sql = 'SELECT userName FROM registration WHERE userName = :userName';
$statement = $pdo->prepare($sql);
$statement->bindValue(':userName', $FORMFIELD['userName']);
$statement->execute();
$count = $statement->rowCount();
} catch (PDOException $e) {
echo 'Error getting information: ' . $e->getMessage();
exit;
}
if ($count != 1) {
echo 'That user does not exist';
} else {
$FORMFIELD['middleName'] = htmlchars(cleanse($_POST['middleName']));
$FORMFIELD['lastName'] = htmlchars(cleanse($_POST['lastName']));
$FORMFIELD['userName'] = strtolower(cleanse($_POST['userName']));
$FORMFIELD['rank'] = htmlchars(cleanse($_POST['rank']));
$FORMFIELD['institution'] = htmlchars(cleanse($_POST['institution']));
$FORMFIELD['address1'] = htmlchars(cleanse($_POST['address1']));
$FORMFIELD['address2'] = htmlchars(cleanse($_POST['address2']));
$FORMFIELD['address3'] = htmlchars(cleanse($_POST['address3']));
$FORMFIELD['city'] = htmlchars(cleanse($_POST['city']));
$FORMFIELD['state'] = htmlchars(cleanse($_POST['state']));
$FORMFIELD['zip'] = htmlchars(cleanse($_POST['zip']));
$FORMFIELD['email'] = strtolower(cleanse($_POST['email']));
$FORMFIELD['telephone'] = htmlchars(cleanse($_POST['telephone']));
$FORMFIELD['secQ'] = htmlchars(cleanse($_POST['secQ']));
$FORMFIELD['secA'] = htmlchars(cleanse($_POST['secA']));
$FORMFIELD['membership'] = htmlchars(cleanse($_POST['membership']));
//Check telephone
if (!preg_match('/^[0-9]{10}$/', $FORMFIELD['telephone'])) {
$errormessage .= '<p>The telephone does not have the required format</p>';
}
//See if username has already been used
try {
$sql = 'SELECT * FROM registration WHERE userName = :userName AND ID != :ID';
$q = $pdo->prepare($sql);
$q->bindValue(':userName', $FORMFIELD['userName']);
$q->bindValue(':ID', $_POST['x']);
$q->execute();
$count = $q->rowCount();
} catch (PDOException $e) {
echo 'Error fetching users: ' . $e->getMessage();
exit;
}
//END ISSET USERID
//USER PRESSES SUBMIT
if (isset($_POST['submit'])) {
$FORMFIELD['userName'] = strtolower(htmlchars(cleanse($_POST['userName'])));
$FORMFIELD['password'] = cleanse($_POST['password']);
//CHECK IF ACCOUNT IS LOCKED
//IF IS NOT SET SET NUMBER OF LOGIN ATTEMPTS
if (!isset($_SESSION["attempts"])) {
$_SESSION["attempts"] = 0;
}
//IF USER IS ALLOWED TO LOGIN
if ($_SESSION["attempts"] < 5) {
//CLEANSE DATA THE SAME AS THE REGISTRATION PAGE
$FORMFIELD['userName'] = strtolower(htmlchars(cleanse($_POST['userName'])));
$FORMFIELD['password'] = cleanse($_POST['password']);
//Need to get the username and salt from table in database
try {
$sql = 'SELECT userName, salt FROM registration WHERE userName = :userName';
$statement = $pdo->prepare($sql);
$statement->bindValue(':userName', $FORMFIELD['userName']);
$statement->execute();
$count = $statement->rowCount();
} catch (PDOException $e) {
echo 'Error getting user: ' . $e->getMessage();
exit;
}
//CHECK IF USER EXISTS
if ($count < 1) {
echo "<p>That user does not exist.</p>";
} else {
if (!isset($_SESSION['userid'])) {
//go log in
$_SESSION['loginRedirect'] = 1;
header("Location: login.php");
exit;
} elseif (isset($_SESSION['userid']) && $_SESSION['usertype'] == 1) {
$showcontent = 1;
}
if ($showcontent == 1) {
echo '<p><a href="pagelist.php">RETURN TO PAGES LIST</a></p>';
$showform = 0;
$errormessage = "";
if (isset($_POST['submit'])) {
$_GET['x'] = $_POST['x'];
$FORMFIELD['title'] = htmlchars(cleanse($_POST['title']));
$FORMFIELD['details'] = cleanse($_POST['details']);
//check for empty fields
if ($FORMFIELD['title'] == "") {
$errormessage .= "<p> TITLE IS MISSING.</p>";
}
if ($FORMFIELD['details'] == "") {
$errormessage .= "<p> DETAILS IS MISSING.</p>";
}
try {
$sql = 'UPDATE pages_raroman SET
title= :title,
details= :details
WHERE ID = :ID';
$s = $pdo->prepare($sql);
$s->bindValue(':title', $FORMFIELD['title']);
// using data from form
require_once 'connect.php';
require_once 'functions.inc.php';
include_once 'menu.inc.php';
$showform = 0;
$errormessage = "";
if (isset($_POST['submit'])) {
$FORMFIELD['first'] = htmlchars(cleanse($_POST['first']));
$FORMFIELD['mi'] = htmlchars(cleanse($_POST['mi']));
$FORMFIELD['last'] = htmlchars(cleanse($_POST['last']));
$FORMFIELD['email'] = strtolower(cleanse($_POST['email']));
$FORMFIELD['username'] = strtolower(cleanse($_POST['username']));
$FORMFIELD['pwd'] = cleanse($_POST['pwd']);
$FORMFIELD['pwd2'] = cleanse($_POST['pwd2']);
$FORMFIELD['gender'] = $_POST['gender'];
$FORMFIELD['status'] = $_POST['status'];
$FORMFIELD['bio'] = htmlchars(cleanse($_POST['bio']));
//check for empty fields
if ($FORMFIELD['first'] == "") {
$errormessage .= "<p> FIRST NAME IS MISSING.</p>";
}
if ($FORMFIELD['last'] == "") {
$errormessage .= "<p> LAST NAME IS MISSING.</p>";
}
if ($FORMFIELD['email'] == "") {
$errormessage .= "<p> EMAIL IS MISSING.</p>";
}
if ($FORMFIELD['username'] == "") {
$errormessage .= "<p> USERNAME IS MISSING.</p>";
}
if ($FORMFIELD['pwd'] == "") {
$errormessage .= "<p> PASSWORD IS MISSING.</p>";
$row = $s->fetch();
$year = $row['theYear'];
//IF USER IS REGISTERED THEY CANNOT RE-REGISTER
if ($count > 1 && ($_SESSION['both'] = 2)) {
echo '<h4 class="heading1">You are already signed up for both the 2015 and 2016 conference. You cannot sign up again.</h>';
$showform = 1;
header("refresh:3;url=index.php");
}
}
//WHEN SUBMIT ADJUST THE PRICE
if (isset($_POST['submit'])) {
//VARIABLES USED LATER
$_SESSION['both'] = 0;
//USER CAN REGISTER
$FORMFIELD['year'] = htmlchars(cleanse($_POST['year']));
$FORMFIELD['guestName'] = htmlchars(cleanse($_POST['guestName']));
$_SESSION['year'] = $FORMFIELD['year'];
//REGULAR MEMBER CACLULATION
if ($_SESSION['membership'] == 'regular') {
$membership = 30;
if ($_POST['memberradio'] == 'member1') {
if ($_POST['radio1'] == 'radio1') {
if (isset($_POST['radio2'])) {
$value = $_POST['radio2'];
//echo "The value is: ".$value;
if ($value == 'radio4') {
$total = $regularRegPrice + $regularLunch + $membership;
$memberPrice = $regularRegPrice;
$lunchPrice = $regularLunch;
} else {
if ($value == 'radio5' || $value == 'radio6') {