📄 addmember.php
字号:
<?
include_once("myconnect.php");
$errcnt=0;
if(count($_POST)<>0) //IF SOME FORM WAS POSTED DO VALIDATION
{
// ob_start();
if(!get_magic_quotes_gpc())
{
$username=str_replace("$","\$",addslashes($_REQUEST["username"]));
$password=str_replace("$","\$",addslashes($_REQUEST["password"]));
$firstname=str_replace("$","\$",addslashes($_REQUEST["firstname"]));
$lastname=str_replace("$","\$",addslashes($_REQUEST["lastname"]));
$email=str_replace("$","\$",addslashes($_REQUEST["email"]));
$street=str_replace("$","\$",addslashes($_REQUEST["street"]));
$city=str_replace("$","\$",addslashes($_REQUEST["city"]));
$state=str_replace("$","\$",addslashes($_REQUEST["state"]));
$other_state=str_replace("$","\$",addslashes($_REQUEST["other_state"]));
$phone=str_replace("$","\$",addslashes($_REQUEST["phone"]));
$phone1=str_replace("$","\$",addslashes($_REQUEST["phone1"]));
$phone2=str_replace("$","\$",addslashes($_REQUEST["phone2"]));
$fax=str_replace("$","\$",addslashes($_REQUEST["fax"]));
$fax1=str_replace("$","\$",addslashes($_REQUEST["fax1"]));
$fax2=str_replace("$","\$",addslashes($_REQUEST["fax2"]));
$mobile=str_replace("$","\$",addslashes($_REQUEST["mobile"]));
$zip_code=str_replace("$","\$",addslashes($_REQUEST["zip_code"]));
}
else
{
$username=str_replace("$","\$",$_REQUEST["username"]);
$password=str_replace("$","\$",$_REQUEST["password"]);
$firstname=str_replace("$","\$",$_REQUEST["firstname"]);
$lastname=str_replace("$","\$",$_REQUEST["lastname"]);
$email=str_replace("$","\$",$_REQUEST["email"]);
$street=str_replace("$","\$",$_REQUEST["street"]);
$city=str_replace("$","\$",$_REQUEST["city"]);
$state=str_replace("$","\$",$_REQUEST["state"]);
$other_state=str_replace("$","\$",$_REQUEST["other_state"]);
$phone=str_replace("$","\$",$_REQUEST["phone"]);
$phone1=str_replace("$","\$",$_REQUEST["phone1"]);
$phone2=str_replace("$","\$",$_REQUEST["phone2"]);
$fax=str_replace("$","\$",$_REQUEST["fax"]);
$fax1=str_replace("$","\$",$_REQUEST["fax1"]);
$fax2=str_replace("$","\$",$_REQUEST["fax2"]);
$mobile=str_replace("$","\$",$_REQUEST["mobile"]);
$zip_code=str_replace("$","\$",$_REQUEST["zip_code"]);
}
if($state=="")
{ $state=$other_state; }
$phone_no="";
if(strlen(trim($phone))<>0)
{$phone_no.=$phone;}
$phone_no.="-";
if(strlen(trim($phone1))<>0)
{$phone_no.=$phone1;}
$phone_no.="-";
if(strlen(trim($phone2))<>0)
{$phone_no.=$phone2;}
$fax_no="";
if(strlen(trim($fax))<>0)
{$fax_no.=$fax;}
$fax_no.="-";
if(strlen(trim($fax1))<>0)
{$fax_no.=$fax1;}
$fax_no.="-";
if(strlen(trim($fax2))<>0)
{$fax_no.=$fax2;}
if ( strlen(trim($username)) == 0 )
{
$errs[$errcnt]="Username must be provided";
$errcnt++;
}
elseif(preg_match ("/[^a-zA-Z0-9_]/", $_REQUEST["username"]))
{
$errs[$errcnt]="Username can contain only Alpha-Numeric and Underscore character";
$errcnt++;
}
elseif(mysql_num_rows(mysql_query("select * from sbbleads_members where sb_username='$username' or sb_email='$email'"))!= 0)
{
$errs[$errcnt]="Some Member with same Username or Email Address already exists";
$errcnt++;
}
if ( !isset( $_REQUEST["password"] ) || (strlen(trim($_REQUEST["password"])) == 0) )
{
$errs[$errcnt]="Password must be provided";
$errcnt++;
}
elseif( strcmp($_REQUEST["password"],$_REQUEST["pwd2"]) != 0)
{
$errs[$errcnt]="Retyped Password does not match the Password";
$errcnt++;
}
if ( strlen(trim($firstname)) == 0 )
{
$errs[$errcnt]="Firstname must be provided";
$errcnt++;
}
elseif(preg_match ("/[;<>&]/", $_REQUEST["firstname"]))
{
$errs[$errcnt]="Firstname can not have any special character (e.g. & ; < >)";
$errcnt++;
}
if ( strlen(trim($lastname)) == 0 )
{
$errs[$errcnt]="Lastname must be provided";
$errcnt++;
}
elseif(preg_match ("/[;<>&]/", $_REQUEST["lastname"]))
{
$errs[$errcnt]="Lastname can not have any special character (e.g. & ; < >)";
$errcnt++;
}
if ( !isset( $_REQUEST["email"] ) || (strlen(trim($_REQUEST["email"] )) == 0) )
{
$errs[$errcnt]="Email Address must be provided";
$errcnt++;
}
elseif(preg_match ("/[;<>&]/", $_REQUEST["email"]))
{
$errs[$errcnt]="Email can not have any special character (e.g. & ; < >)";
$errcnt++;
}
if ( strlen(trim($street)) == 0 )
{
$errs[$errcnt]="Street must be provided";
$errcnt++;
}
elseif(preg_match ("/[;<>&]/", $_REQUEST["street"]))
{
$errs[$errcnt]="Street can not have any special character (e.g. & ; < >)";
$errcnt++;
}
if ( strlen(trim($city)) == 0 )
{
$errs[$errcnt]="City must be provided";
$errcnt++;
}
elseif(preg_match ("/[;<>&]/", $_REQUEST["city"]))
{
$errs[$errcnt]="City can not have any special character (e.g. & ; < >)";
$errcnt++;
}
if ( strlen(trim($state)) == 0 )
{
$errs[$errcnt]="State must be provided";
$errcnt++;
}
elseif(preg_match ("/[;<>&]/", $_REQUEST["state"]))
{
$errs[$errcnt]="State can not have any special character (e.g. & ; < >)";
$errcnt++;
}
if ( strlen(trim($zip_code)) == 0 )
{
$errs[$errcnt]="Zip/Postal Code must be provided";
$errcnt++;
}
elseif(preg_match ("/[;<>&]/", $_REQUEST["zip_code"]))
{
$errs[$errcnt]="Zip/Postal Code can not have any special character (e.g. & ; < >)";
$errcnt++;
}
if ( $_REQUEST["country"]== 0 )
{
$errs[$errcnt]="Country must be choosen";
$errcnt++;
}
if(preg_match ("/[;<>&]/", $phone_no))
{
$errs[$errcnt]="Phone No. can not have any special character (e.g. & ; < >)";
$errcnt++;
}
if(preg_match ("/[;<>&]/", $fax_no))
{
$errs[$errcnt]="Fax can not have any special character (e.g. & ; < >)";
$errcnt++;
}
if(preg_match ("/[;<>&]/", $mobile))
{
$errs[$errcnt]="Mobile can not have any special character (e.g. & ; < >)";
$errcnt++;
}
if($errcnt==0)
{
$suspended="no";
$mem_type=0;
$config=mysql_fetch_array(mysql_query("select * from sbbleads_config"));
if($config["sb_mem_approval"]=="admin")
{$suspended="yes";}
if($config["sb_memtype"]<>"")
{ $mem_type=$config["sb_memtype"];}
$query_insert="Insert into `sbbleads_members`
( sb_username ,sb_password ,sb_lastlogin,sb_ondate,sb_suspended, sb_firstname , sb_lastname , sb_email , sb_street , sb_city , sb_state , sb_zip , sb_country , sb_phone, sb_fax , sb_mobile ,sb_memtype )
VALUES ( '$username' ,'$password',0,'".date("YmdHis",time())."','$suspended', '$firstname' , '$lastname','$email','$street','$city','$state','$zip_code' ,".$_REQUEST["country"].",'$phone_no','$fax_no','$mobile',$mem_type )
";
//echo $query_insert;
//die();
$rs_insert=mysql_query($query_insert);
if(mysql_affected_rows()>0)
{
if(isset($_REQUEST["subscribe"])&&($_REQUEST["subscribe"]=="yes"))
{
$check_prev=mysql_fetch_array(mysql_query("select * from sbbleads_newsletter where sb_email='$email'"));
if(!$check_prev)
{
mysql_query("insert into sbbleads_newsletter (sb_email) values ('$email')");
}
}
mysql_query ("delete from sbbleads_signups where sb_email='$email'");
mysql_query ("delete from sbbleads_tmp_email where sb_email='$email'");
//sending welcome mail
$sbrow_con=mysql_fetch_array(mysql_query("select * from sbbleads_config"));
$sb_null_char=$sbrow_con["sb_null_char"];
$sb_site_root=$sbrow_con["sb_site_root"];
$rs0= mysql_fetch_array(mysql_query("SELECT * FROM sbbleads_members WHERE sb_email='$email'"));
if($rs0)
{
//Reads email to be sebt
$sql = "SELECT * FROM sbbleads_mails where sb_mailid=1" ;
$rs_query=mysql_query($sql);
$login_url=$sb_site_root."/signin.php";
if ( $rs=mysql_fetch_array($rs_query) )// if mail
{
if($rs["sb_status"]=="yes")
{
$from =$rs["sb_fromid"];
$to = $rs0["sb_email"];
$subject =$rs["sb_subject"];
$body=str_replace("%email%", $rs0["sb_email"],str_replace("%password%",$rs0["sb_password"],str_replace("%lname%", $rs0["sb_lastname"],str_replace("%fname%", $rs0["sb_firstname"],str_replace("%username%", $rs0["sb_username"], $rs["sb_mail"]) ))));
$body=str_replace("%signup_url%",$sb_null_char,str_replace("%login_url%",$login_url,$body));
$header="From:" . $from . "\r\n" ."Reply-To:". $from ;
if(isset($rs["sb_html_format"])&&($rs["sb_html_format"]=="yes"))
{
$header .= "\r\nMIME-Version: 1.0";
$header .= "\r\nContent-type: text/html; charset=iso-8859-1\r\n";
// $body=str_replace("\n","<br>",$body);
}
// echo "--from:-$from----to:-$to---sub:-$subject----head:-$header----";
// echo "<pre>$body</pre>";
// die();
if( $rs["sb_status"]=='yes')
mail($to,$subject,$body,$header);
}// end if status is on
}// end if mail
}
//mail ends here
header("Location: signin.php?errmsg=".urlencode("You are successfully registered with us"));
die();
}
else
{
header("Location: gen_confirm.php?errmsg=".urlencode("Some Error Occurred, Please try again!"));
die();
}
} //end if-errcnt==0
} //end if count-post
function main()
{
global $errs, $errcnt;
$config=mysql_fetch_array(mysql_query("select * from sbbleads_config"));
$invalidaccess="No";
if( !isset($_REQUEST["rnum"]) || !isset($_REQUEST["email"] ) )
{
$invalidaccess="Yes";
}
else
{
if(!get_magic_quotes_gpc())
{
$email=str_replace("$","\$",addslashes($_REQUEST["email"]));
$rnum=str_replace("$","\$",addslashes($_REQUEST["rnum"]));
}
else
{
$email=str_replace("$","\$",$_REQUEST["email"]);
$rnum=str_replace("$","\$",$_REQUEST["rnum"]);
}
$rs0_query=mysql_query ("select * from sbbleads_signups where sb_email='$email' and sb_rnum='$rnum' ");
if (!($rs0=mysql_fetch_array($rs0_query)))
{
$invalidaccess="Yes";
}
}
if (($invalidaccess=="Yes")&&($config["sb_signup_verification"]=="yes"))
{
?>
<table width="90%" border="0" align="center" cellpadding="2" cellspacing="0" class="errorstyle">
<tr>
<td><strong> Invalid
Access</strong></td>
</tr>
</table>
<?
return;
}
$showform="";
$username="";
$password="";
$firstname="";
$lastname="";
$email="";
if(isset($_REQUEST["email"]))
{ $email=$_REQUEST["email"]; }
$street="";
$city="";
$state="";
$country="";
$zip_code="";
$phone="";
$phone1="";
$phone2="";
$fax="";
$fax1="";
$fax2="";
$mobile="";
$subscribe="";
$other_state="";
//IF SOME FORM WAS POSTED DO VALIDATION
if ( count($_POST)>0 )
{
$username=$_REQUEST["username"];
$firstname=$_REQUEST["firstname"];
$lastname=$_REQUEST["lastname"];
$email=$_REQUEST["email"];
$street=$_REQUEST["street"];
$city=$_REQUEST["city"];
$state=$_REQUEST["state"];
$country=$_REQUEST["country"];
$zip_code=$_REQUEST["zip_code"];
$phone=$_REQUEST["phone"];
$phone1=$_REQUEST["phone1"];
$phone2=$_REQUEST["phone2"];
$fax=$_REQUEST["fax"];
$fax1=$_REQUEST["fax1"];
$fax2=$_REQUEST["fax2"];
$mobile=$_REQUEST["mobile"];
if(isset($_REQUEST["subscribe"]))
$subscribe=$_REQUEST["subscribe"];
$other_state=$_REQUEST["other_state"];
}
if (count($_POST)>0)
{
if ( $errcnt<>0 )
{
?>
<table width="90%" border="0" align="center" cellpadding="2" cellspacing="0" class="errorstyle">
<tr>
<td colspan="2"><strong> Your request cannot be processed due to following
reasons</strong></td>
</tr>
<tr height="10">
<td colspan="2"></td>
</tr>
<?
for ($i=0;$i<$errcnt;$i++)
{
?>
<tr valign="top">
<td width="6%"> <?php echo $i+1;?></td>
<td width="94%"><?php echo $errs[$i]; ?></td>
</tr>
<?
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -