관리-도구

편집 파일: free_wedding-process_2014test.php

<?
include_once('includes/root.php');
session_start();

include_once("constants.php");

require_once("classes/class-formval.php");

require_once("classes/class-sanitizer.php");

// Report simple running errors

error_reporting  (E_ERROR | E_WARNING | E_PARSE);

$_SESSION['error'] = null;

//Create an array of the form information

while (list($key,$val)=each($HTTP_POST_VARS)){

if(isset($_SESSION['free_wedding'][$key])){

$_SESSION['free_wedding'][$key] = NULL;

}

$_SESSION['free_wedding'][$key] = $val;

}

// Process The Form Cleaner

$sanitizer_obj = & new sanitizer;

$_SESSION['free_wedding'] = $sanitizer_obj->cleandata( $_SESSION['free_wedding']); //cleandata( $process_info, $hacker, $spamer, $badword, $phone )

// Check the form validation

$validator =& new formval;

if ($_SESSION['free_wedding']['form_token'] != $_SESSION['free_wedding']['form_token_s']) { // Session Token test

$_SESSION['error']['session_token'] = true;

$hack = true;

}

if (!$validator->validate('token_date','yes',$_SESSION['free_wedding']['form_token'])) {

$_SESSION['error']['session_date'] = true;

$hack = true;

}

if (!$validator->validate('text','yes',$_SESSION['free_wedding']['firstname'])) {

$_SESSION['error']['firstname'] = true;

}

if (!$validator->validate('text','yes',$_SESSION['free_wedding']['lastname'])) {

$_SESSION['error']['lastname'] = true;

}

if (!$validator->validate('email','yes',$_SESSION['free_wedding']['emailaddress'])) {

$_SESSION['error']['emailaddress'] = true;

}

if(is_array($_SESSION['error'])){

header("location: "."promo2014test.php" );
	exit;

}

/* Construct phone number*/
$phone1 = $_POST[areacode];
$phone2 = $_POST[three];
$phone3 = $_POST[four];
$phone = "(".$phone1.")".$phone2. "-".$phone3;

/* start database connection*/

$host="localhost"; // Host name 
$username="finest09_admin"; // Mysql username 
$password="LCqR7ydNeQ1U"; // Mysql password 
$db_name="finest09_brides"; // Database name 
$tbl_name="users"; // Table name

// Connect to server and select database.
 mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
 mysql_select_db("$db_name")or die("cannot select DB");
 
 
$registereddatetime = date("Y-m-d H:i:s") ;

// Insert data into mysql 
 $sql="INSERT INTO users(firstname,lastname,address,city,state,zipcode,phone,emailaddress,weddingdate,bridesmaids,referral,comments,registereddatetime,chkspecialoffers,cwlife)
 VALUES('$_POST[firstname]','$_POST[lastname]','$_POST[address]','$_POST[city]','$_POST[state]','$_POST[zipcode]','$phone','$_POST[emailaddress]','$_POST[weddingdate]','$_POST[bridesmaids]','$_POST[referral]','$_POST[comments]','$registereddatetime','$_POST[chkspecialoffers]','$_POST[cwlife]')";
 
 
 $result=mysql_query($sql);

// 
 if($result){
 }
 else {
	 echo mysql_error();
 echo "Database ERROR";
 }
 
// close connection 
 mysql_close();
 
/*End Database Connection */

$page_title = COMPANY_NAME." : Free Arizona Wedding | Arizona Wedding Vendors | AZ Wedding Sites | Home";

if (file_exists($DOCUMENT_ROOT."/includes/header_vendors.php")) {

include_once($DOCUMENT_ROOT."/includes/header_vendors.php");

}

else {

header("location: /error.php");

}

</div>

<h1 class="title">Thank You</h1>
                <p>Thank you for entering our contest!</p>
<?php echo $first ; ?>
                <p>Be sure to browse the rest of our website to find your <a href="reception/index.php">wedding and reception venue</a>, <a href="vendors/photographers.php">photography</a>, <a href="vendors/floral.php">floral</a>, <a href="vendors/cakes.php">cake</a> and <a href="vendors/index.php">more</a>!</p>

</div>

$_SESSION['error'] = NULL;

$_SESSION['free_wedding'] = NULL;

if (file_exists($DOCUMENT_ROOT."/includes/footer.php")) {

include_once($DOCUMENT_ROOT."/includes/footer.php");

}

else {

header("location: /error.php");

}