function join($title)
{
global $log;
if ($this->login) {
$check = mysql_select_string("SELECT `username` FROM `joined` WHERE `username` = '" . mysql_rescue($this->name) . "' AND `event_title` = '" . mysql_rescue($title) . "'");
if ($check == false) {
$result = mysql_insert("INSERT INTO `joined` (`username`, `event_title`) VALUES('" . mysql_rescue($this->name) . "', '" . mysql_rescue($title) . "')");
$log .= '[ joined ' . $title . ' as ' . $this->name . ': ' . $result . '(' . mysql_error() . ') ]';
} else {
$log .= '[ already joined ' . $title . ' as ' . $this->name . ' ]';
}
} else {
$title = str_replace(' ', '_', $title);
$result = $this->set_cookie('joined', $title);
$log .= '[ joined ' . $title . ' in cookie ]';
}
return $result;
}
}
/*--- check username ---*/
$check = $user->check_username($registration['username']);
$loggedin = $registration['username'] == $user->name ? true : false;
if ($check == true && $loggedin == false) {
$errors['username'] = '******';
}
/*--- all ok? ---*/
if (empty($errors)) {
// save extra info
$registration['ip'] = $_SERVER['REMOTE_ADDR'];
$registration['time'] = date('c');
// generate code
do {
$payment_code = generate_payment_code();
} while (mysql_select_string("SELECT `payment_code` FROM `registers` WHERE `payment_code` = '" . mysql_rescue($payment_code) . "'"));
// save info
$insert = '';
foreach ($registration as $key => $val) {
// skip user/pass when logged in
if ($user->login && $key == 'username' || $user->login && $key == 'password') {
continue;
}
// save fields for query
$insert .= "`" . $key . "` = '" . mysql_rescue($val) . "',";
}
$insert .= "`payment_code` = '" . $payment_code . "'";
// already loggedin?
if ($user->login) {
// update account
$input = mysql_update("UPDATE `registers` SET " . $insert . " WHERE `username` = '" . mysql_rescue($user->name) . "'");
