$email = mysql_real_escape_string($_POST["email"]); $firstname = mysql_real_escape_string($_POST["firstname"]); $lastname = mysql_real_escape_string($_POST["lastname"]); $phoneunclean = mysql_real_escape_string($_POST["phonenumber"]); $address1 = mysql_real_escape_string($_POST["addressline1"]); $address2 = mysql_real_escape_string($_POST["addressline2"]); $zipcode = mysql_real_escape_string($_POST["zipcode"]); // validate email address if (validEmail($email) != true) { apologize("Invalid email address"); } // clean phone $clean = phoneClean($phoneunclean); $phone = $clean[0]; // validate zip code if (validateUSAZip($zipcode) != true) { apologize("Invalid zip code"); } // once registered, remember user and redirect to myinfo.php if ($email != "") { // insert data into mysql table mysql_query("UPDATE login SET firstname='{$firstname}',lastname='{$lastname}',phonenumber='{$phone}',email='{$email}',addressline1='{$address1}',addressline2='{$address2}',zipcode={$zipcode} WHERE uid={$user}"); // redirect to portfolio redirect("myinfo.php"); } else { if ($email == "") { apologize("please enter an email"); } else { apologize("Invalid email"); } }
$firstname = mysql_real_escape_string($_POST["firstname"]); $lastname = mysql_real_escape_string($_POST["lastname"]); $phoneunclean = mysql_real_escape_string($_POST["phone"]); $address1 = mysql_real_escape_string($_POST["address1"]); $address2 = mysql_real_escape_string($_POST["address2"]); $zipcode = mysql_real_escape_string($_POST["zipcode"]); $password = md5("kingsalmon"); // validate email address if ($email != "email" && validEmail($email) != true) { apologize("Invalid email address"); } // clean phone $clean = phoneClean($phoneunclean); $phone = $clean[0]; // validate zip code if ($zipcode != "zip code" && validateUSAZip($zipcode) != true) { apologize("Invalid zip code"); } // if client id is 0, meaning new client, we need to add them first, then get their // uid, then put the reservation in the database if ($clientid == 0) { // insert data into mysql table mysql_query("INSERT INTO login (firstname, lastname, phonenumber, password, email, addressline1, addressline2, zipcode) VALUES('{$firstname}', '{$lastname}', '{$phone}', '{$password}', '{$email}', '{$address1}', '{$address2}', {$zipcode})"); // get the uid from the table and stuff it into clientid variable for database $sql = "SELECT uid,admin FROM login WHERE email='{$email}' AND password='******'"; $result = mysql_query($sql); $row = mysql_fetch_array($result); $clientid = $row["uid"]; } // how long is $bigtime? $biglength = count($bigtime);