} switch ($action) { case 'reset': // Reset values for variables $first_name = ''; $last_name = ''; $password = ''; $email = ''; // Load view include 'register.php'; break; case 'register': // Copy form values to local variables $first_name = trim(filter_input(INPUT_POST, 'first_name')); $last_name = trim(filter_input(INPUT_POST, 'last_name')); $password = trim(filter_input(INPUT_POST, 'password')); $email = trim(filter_input(INPUT_POST, 'email')); // Validate form data $validate->text('first_name', $first_name); $validate->text('last_name', $last_name); $validate->password('password', $password); $validate->email('email', $email); add_admin($first_name, $last_name, $email, $password); // Load appropriate view based on hasErrors if ($fields->hasErrors()) { include 'register.php'; } else { include 'success.php'; } break; }
$fields->addField('password'); switch ($action) { case 'view_login': // Clear login data $email = ''; $password = ''; $password_message = ''; include 'account_login.php'; break; case 'login': // Get username/password $email = filter_input(INPUT_POST, 'email'); $password = filter_input(INPUT_POST, 'password'); // Validate user data $validate->email('email', $email); $validate->text('password', $password, true, 6, 30); // If validation errors, redisplay Login page and exit controller if ($fields->hasErrors()) { include 'admin/account/account_login.php'; break; } // Check database - if valid username/password, log in if (is_valid_admin_login($email, $password)) { $_SESSION['admin'] = get_admin_by_email($email); } else { $password_message = 'Login failed. Invalid email or password.'; include 'admin/account/account_login.php'; break; } // Display Admin Menu page redirect('..');
$ship_line1 = filter_input(INPUT_POST, 'ship_line1'); $ship_line2 = filter_input(INPUT_POST, 'ship_line2'); $ship_city = filter_input(INPUT_POST, 'ship_city'); $ship_state = filter_input(INPUT_POST, 'ship_state'); $ship_zip = filter_input(INPUT_POST, 'ship_zip'); $ship_phone = filter_input(INPUT_POST, 'ship_phone'); $use_shipping = isset($_POST['use_shipping']); $bill_line1 = filter_input(INPUT_POST, 'bill_line1'); $bill_line2 = filter_input(INPUT_POST, 'bill_line2'); $bill_city = filter_input(INPUT_POST, 'bill_city'); $bill_state = filter_input(INPUT_POST, 'bill_state'); $bill_zip = filter_input(INPUT_POST, 'bill_zip'); $bill_phone = filter_input(INPUT_POST, 'bill_phone'); // Validate user data $validate->email('email', $email); $validate->text('password_1', $password_1, true, 6, 30); $validate->text('password_2', $password_2, true, 6, 30); $validate->text('first_name', $first_name); $validate->text('last_name', $last_name); $validate->text('ship_line1', $ship_line1); $validate->text('ship_line2', $ship_line2, false); $validate->text('ship_city', $ship_city); $validate->text('ship_state', $ship_state); $validate->text('ship_zip', $ship_zip); $validate->text('ship_phone', $ship_phone, false); if (!$use_shipping) { $validate->text('bill_line1', $bill_line1); $validate->text('bill_line2', $bill_line2, false); $validate->text('bill_city', $bill_city); $validate->text('bill_state', $bill_state); $validate->text('bill_zip', $bill_zip);
<?php // Run Permissions require SYS_PATH . "/controller/includes/admin_perm.php"; // Make sure that only management or higher is allowed if (Me::$clearance < 7) { header("Location: /admin"); exit; } if (Form::submitted("email-send-admin")) { Validate::email($_POST['email']); Validate::input("Subject", $_POST['title'], 1, 22); Validate::text("Message", $_POST['message'], 1, 3500); if (Validate::pass()) { Email_Send::standard($_POST['email'], $_POST['title'], $_POST['message']); Alert::saveSuccess("Email Sent", "You have successfully sent an email to " . $_POST['email']); header("Location: /admin/Email/Email List"); exit; } } // Run Header require SYS_PATH . "/controller/includes/admin_header.php"; echo ' <form action="/admin/Email/Send Email" method="post">' . Form::prepare("email-send-admin") . ' <p>Email: <input type="text" name="email" value="" /></p> <p>Subject: <input type="text" name="title" value="" maxlength="22" /></p> <p>Message: <textarea name="message"></textarea></p> <p><input type="submit" name="submit" value="Send Email" /></p> </form>'; // Display the Footer require SYS_PATH . "/controller/includes/admin_footer.php";
$firstName = trim(filter_input(INPUT_POST, 'first_name')); $lastName = trim(filter_input(INPUT_POST, 'last_name')); $address = trim(filter_input(INPUT_POST, 'address')); $city = trim(filter_input(INPUT_POST, 'city')); $state = filter_input(INPUT_POST, 'state'); $zip = filter_input(INPUT_POST, 'zip'); $phone = filter_input(INPUT_POST, 'phone'); $cardType = filter_input(INPUT_POST, 'card_type'); $cardNumber = filter_input(INPUT_POST, 'card_number'); $cardDigits = preg_replace('/[^[:digit:]]/', '', $cardNumber); $expDate = filter_input(INPUT_POST, 'exp_date'); // Validate form data $validate->email('email', $email); $validate->password('password', $password); $validate->verify('verify', $password, $verify); $validate->text('first_name', $firstName); $validate->text('last_name', $lastName); $validate->text('address', $address); $validate->text('city', $city); $validate->state('state', $state); $validate->zip('zip', $zip); $validate->phone('phone', $phone); $validate->cardType('card_type', $cardType); $validate->cardNumber('card_number', $cardDigits, $cardType); $validate->expDate('exp_date', $expDate); // Load appropriate view based on hasErrors if ($fields->hasErrors()) { include 'view/register.php'; } else { include 'view/success.php'; }
} else { if ($action == 'show_add_form') { $code = ''; $name = ''; $price = ''; $categories = CategoryDB::getCategories(); include 'product_add.php'; } else { if ($action == 'add_product') { // Get form data $category_id = filter_input(INPUT_POST, 'category_id', FILTER_VALIDATE_INT); $code = filter_input(INPUT_POST, 'code'); $name = filter_input(INPUT_POST, 'name'); $price = filter_input(INPUT_POST, 'price'); // Validate form data $validate->text('code', $code, true, 1, 10); $validate->text('name', $name); $validate->number('price', $price); // Load appropriate view based on hasErrors if ($fields->hasErrors()) { $categories = CategoryDB::getCategories(); include 'product_add.php'; } else { $current_category = CategoryDB::getCategory($category_id); $product = new Product($current_category, $code, $name, $price); ProductDB::addProduct($product); // Display the Product List page for the current category header("Location: .?category_id={$category_id}"); } } }
<?php // Form Submission if (Form::submitted("add-user-uni6")) { // Check if all of the input you sent is valid: Validate::variable("Handle", $_POST['handle'], 1, 22); Validate::text("Display Name", $_POST['display_name'], 3, 22); Validate::password($_POST['password']); Validate::email($_POST['email']); // Check if the handle has already been taken if (AppAccount::handleTaken($_POST['handle'])) { Alert::error("Handle Taken", "That handle has already been taken", 1); } if (Database::selectOne("SELECT email FROM users WHERE email=? LIMIT 1", array($_POST['email']))) { Alert::error("Email", "That email already exists.", 1); } // Final Validation Test if (Validate::pass()) { Database::startTransaction(); $uniID = 0; // Check if the account already exists if ($checkAuth = Database::selectValue("SELECT uni_id FROM users WHERE handle=? LIMIT 1", array($_POST['handle']))) { $uniID = (int) $checkAuth; } else { if ($regSuccess = Database::query("INSERT INTO users (handle, display_name, email, password, date_joined, auth_token, verified) VALUES (?, ?, ?, ?, ?, ?, ?)", array($_POST['handle'], $_POST['display_name'], $_POST['email'], Security_HashPassword::set($_POST['password']), time(), Security_Hash::random(22, 72), 1))) { $uniID = (int) Database::$lastID; if (isset($_POST['send_email'])) { // Email a verification letter AppVerification::sendVerification($uniID); Alert::success("Email Sent", "The account was created successfully! A verification email has been sent to " . $_POST['email'] . "!"); } else {