if ($name == '') {
$error_msg .= "Please enter your name.";
}
$movie_name = $_POST['movie_name'];
$email = $_POST['txtemail'];
//email id
$email = DoSecure($email);
if ($email == '') {
$error_msg .= "Please enter your email.";
}
if (!ereg("[0-9a-z]([-_.]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-z]", $email)) {
$error_msg .= "Please enter a valid email." . "";
}
$hour = $_POST['cmbhour'];
//hour
$hour = DoSecure($hour);
if ($hour == '') {
$error_msg .= "Please select movie alert time.";
}
$mscheduleid = $_POST['mscheduleid'];
//movie schedule id
$arriving_time = $_POST['arivingtime'];
//arriving time
$sending_time = date('Y-m-d H:i:s', strtotime($arriving_time . "- {$hour} hour"));
//submit alertme table
if ($error_msg == '') {
$sql = "INSERT INTO alertme (name,email,movie_id,sending_time,alert_hour,ipaddress,user_agent,adding_date) VALUES('{$name}','{$email}','{$mscheduleid}','{$sending_time}','{$hour}','{$ipaddress}','{$user_agent}','{$date}')";
$result = mysql_query($sql);
$row_effected = (int) $result;
if ($row_effected > 0) {
$sucees_msg = '<div class="popup">';
$message .= "<span class=\"successmsg\">Thank You for your time. we will contact you soon.</span>";
break;
case 2:
$message .= "<span class=\"errormsg\">" . $error_msg . "</span>";
break;
}
?>
<?php
if ($_GET['a'] == 'n') {
$InsertCheck = 3;
}
if (isset($_POST['btnSubmit1']) && !empty($_POST['txtEmail1'])) {
$InsertData['txtName1'] = DoSecure($_POST['txtName1']);
$InsertData['txtEmail1'] = DoSecure($_POST['txtEmail1']);
$InsertData['txtCable'] = DoSecure($_POST['txtCable']) != 'Cable Operator :' ? DoSecure($_POST['txtCable']) : '';
$InsertData['userIPAddress'] = $_SERVER["REMOTE_ADDR"];
$InsertData['addDate'] = DateFormatDB(date("Y-m-d H:i:s"));
$InsertData['VerificationCode'] = date('YmdHis') . rand('10000', '99999');
///////////////////////////////////////////Server side validation for Newsletter/////////////////////////////////////
$error_msg1 = '';
if ($InsertData['txtName1'] == 'Name :' || $InsertData['txtName1'] == '') {
$error_msg1 .= "Please enter your name.<br>";
}
if ($InsertData['txtEmail1'] == 'Email :' || $InsertData['txtEmail1'] == '') {
$error_msg1 .= "Please enter your email.<br>";
}
if (!ereg("[0-9a-z]([-_.]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-z]", $InsertData['txtEmail1'])) {
$error_msg1 .= "Please enter a valid email" . "<br>";
}
$isusernameactive = mysql_num_rows(mysql_query("SELECT * FROM f_newsletter WHERE userEmail='" . $InsertData['txtEmail1'] . "' AND isDeleted=0 AND Verified=1"));
<?php
include "config.php";
$searchtext = DoSecure(addslashes($_REQUEST['search_name']));
include "mainheader.php";
?>
<body>
<div id="wrapper">
<?php
include_once "header.php";
?>
<div id="block_schedule_header" class="clearfix movie_title">
<div class="container clearfix font_content font_block_header shows_font special_font title_block">
<div class="movie_title">Search Results for "<?php
echo $_REQUEST['search_name'];
?>
"</div>
<div class="glow glow_position"></div>
</div>
</div>
<div class="block_container" style="min-height: 200px;">
<?php
$split_stemmed = split(" ", $searchtext);
$sql_search = "SELECT DISTINCT * FROM (((SELECT DISTINCT *,1 as relevance\n\t\t\t\t\tFROM b_movies\n\t\t\t\t\tWHERE Title LIKE '%{$searchtext}%'\n\t\t\t\t\tand Status=1 )) \n\t\t\t\t\tUNION ((SELECT DISTINCT *,2 as relevance\n\t\t\t\t\tFROM b_movies\n\t\t\t\t\tWHERE (Title LIKE '%{$searchtext}%' OR Starring LIKE '%{$searchtext}%' OR DirectedBy LIKE '%{$searchtext}%')\n\t\t\t\t\tand Status=1 )) \n\t\t\t\t\tUNION ";
$sql_search .= "(SELECT DISTINCT *,3 as relevance FROM b_movies WHERE (";
while (list($key, $val) = each($split_stemmed)) {
if ($val != " " and strlen($val) > 0) {
$sql_search .= "(Title LIKE '%{$val}%' OR Starring LIKE '%{$val}%' OR DirectedBy LIKE '%{$val}%') OR";
}
}
<?php
include "config.php";
include "mainheader.php";
?>
<body>
<div id="wrapper">
<?php
include_once "header.php";
if ($_SERVER['REQUEST_METHOD'] == 'GET') {
$InsertData['email'] = DoSecure($_GET['email']);
$InsertData['verificationcode'] = DoSecure($_GET['vcode']);
///////////////////////////////////////////Server side validation /////////////////////////////////////
$error_msg = '';
if ($InsertData['email'] == '') {
$error_msg .= "Email missing.<br>";
}
if ($InsertData['verificationcode'] == '') {
$error_msg .= "Verification code missing.<br>";
}
if ($error_msg == '') {
$ins_sql = "Select * from f_newsletter where userEmail='" . $InsertData['email'] . "' and md5(VerificationCode)='" . $InsertData['verificationcode'] . "' and isDeleted=0 and Verified=0";
//echo $ins_sql;
$res_ins = mysql_query($ins_sql);
if (mysql_num_rows($res_ins) == 1) {
$VerificationCheck = 1;
$upd_sql = "Update f_newsletter set Verified=1, VerificationFromIP='" . $_SERVER["REMOTE_ADDR"] . "', VerifiedOnDate='" . DateFormatDB(date("Y-m-d H:i:s")) . "' where userEmail='" . $InsertData['email'] . "' and md5(VerificationCode)='" . $InsertData['verificationcode'] . "'";
$res_sql = mysql_query($upd_sql);
if (mysql_affected_rows()) {
include "verificationsuccessemail.php";
}