Codice PHP:
<?php
mysql_select_db($database_myconn, $myconn);
$query_state = "SELECT * FROM `state` ORDER BY title ASC";
$state = mysql_query($query_state, $myconn) or die(mysql_error());
$row_state = mysql_fetch_assoc($state);
$totalRows_state = mysql_num_rows($state);
$settings = mysql_fetch_assoc(mysql_query('select * from settings'));
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
//validate
$error = "";
if($_REQUEST['name'] == "")
$error.= "Inserisci Nome,
";
if($_REQUEST['address'] =="")
$error.= "Inserisci Indirizzo,
";
if($_REQUEST['city'] =="")
$error.="Inserisci Città,
";
if($_REQUEST['state'] =="")
$error.="Inserisci Regione,
";
if($_REQUEST['zip'] =="")
$error.="Inserisci CAP,
";
if($_REQUEST['email'] =="")
$error.="Inserisci Email,
";
if($_REQUEST['phone']=="")
$error.="Inserisci Telefono,
";
if($error != ""){
echo "<div class='free'><p class='rightTxt1'><button onClick='history.back()'>Indietro</button></p><blockquote>".$error."</blockquote></div>";
die();
}
$password = rand(9898,9898998);
//Verifico la presenza dell'e-mail nel database
$query = "SELECT * FROM members WHERE email='email'";
$result = mysql_query($sql);
$verify = mysql_fetch_row($result);
if(count($verify))//Verifico se l'e-mail esiste nel database almeno una volta
{
echo "Impossibile completare la registarzione: qualcuno ha già efettuato la registarzione con l'e-mail '$email'; utilizzane un'altra!";
}else{//altrimenti eseguo la query
//send member information
$message =
'
Thanks for registering.
Please keep the following for your records:
Username: '.$_REQUEST['email'].'
Password: '.$password;
//mail member
@mail($_REQUEST['email'],'Member Registration',$message,'From:'.$settings['email']);
$mailmessage = '<div align=center class="pageSubTitle">Username and Password sent to '.$_REQUEST['email'].'</div>';
@mail($settings['email'],'How did you hear about us',$_REQUEST['hear_about'],'From:'.$settings['email']);
$insertSQL = sprintf("INSERT INTO members (name, address, city, `state`, zip, active, email, password, phone) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
GetSQLValueString($_POST['name'], "text"),
GetSQLValueString($_POST['address'], "text"),
GetSQLValueString($_POST['city'], "text"),
GetSQLValueString($_POST['state'], "text"),
GetSQLValueString($_POST['zip'], "text"),
GetSQLValueString($_POST['active'], "text"),
GetSQLValueString($_POST['email'], "text"),
GetSQLValueString(md5($password), "text"),
GetSQLValueString($_POST['phone'], "text"));
mysql_select_db($database_myconn, $myconn);
$Result1 = mysql_query($insertSQL, $myconn) or die(mysql_error());
echo "<h3>You are now registered, check your email for username and password</h3> [url='login.php']Sign In[/url]";
$message =
'A new user has signed up to '.$settings['domain'].'
Member Info:
'.$_REQUEST['name'].'
'.$_REQUEST['phone'].'
'.$_REQUEST['email'].'
';
mail($settings['email'],"New Registered User",$message,"FROM:".$settings['email']);
}
}
?>
Rispondi quotando