Here is company_info.php:
<?php
$x = explode(DIRECTORY_SEPARATOR, $_SERVER['SCRIPT_FILENAME']);
$y = array_pop($x);
$dir = end($x);
mysql_select_db($database_connSmartBenefit, $connSmartBenefit);
$query_rsCompanyInfo = "SELECT company_name, job_title, contact_email,form_email, company_url, contact_phone, logo FROM company_info WHERE directory_name = '$dir'";//CHANGE THE NUMBER IN "WHERE ID = X" to the your specific company info ID (for example the ID for Kalan is 1, so you would do this: WHERE ID = 1)
$rsCompanyInfo = mysql_query($query_rsCompanyInfo, $connSmartBenefit) or die(mysql_error());
$row_rsCompanyInfo = mysql_fetch_assoc($rsCompanyInfo);
$totalRows_rsCompanyInfo = mysql_num_rows($rsCompanyInfo);
?>
here is the register.php code:
<?php
function VerifyForm(&$values, &$errors)
{
// Do all necessary form verification
if (strlen($values['first_name']) == '')
$errors['first_name'] = '<div class="required">First name empty</div>';
// Do all necessary form verification
if (strlen($values['last_name']) == '')
$errors['last_name'] = '<div class="required">Last name empty</div>';
// Do all necessary form verification
if (strlen($values['contact_number']) == '')
$errors['contact_number'] = '<div class="required">Contact number empty</div>';
// Do all necessary form verification
if (strlen($values['password']) == '')
$errors['password'] = '<div class="required">Password empty</div>';
// Needs better checking ;)
if (!ereg('.*@.*\..{2,4}', $values['email_address'])){
$errors['email_address'] = '<div class="required">Invalid email address</div>';
} else {
//begin check for duplicate email addresses
require_once('/home/smarter/public_html/Connections/connSmartBenefit.php');
$colname_result = "-1";
if (isset($_POST['email_address'])) {
$colname_result = (get_magic_quotes_gpc()) ? $_POST['email_address'] : addslashes($_POST['email_address']);
}
mysql_select_db($database_connSmartBenefit, $connSmartBenefit);
$query_result = sprintf("SELECT email_address FROM users WHERE email_address LIKE '%%%s%%'", $colname_result);
$result = mysql_query($query_result, $connSmartBenefit) or die(mysql_error());
$row_result = mysql_fetch_assoc($result);
$totalRows_result = mysql_num_rows($result);
if ((mysql_num_rows($result)==1)&&(!empty($result)))
$errors['email_address2'] = '<div class="required2"><br />Email address already exists. Please use another email address or <a href="password.php">click here</a> to retrieve your password. </div>';
//end check for duplicate email addresses
}
return (count($errors) == 0);
}
function DisplayForm($values, $errors)
{
?>
<?php require_once('/home/smarter/public_html/Connections/connSmartBenefit.php'); ?>
<?php $login="1";?>
<?php $register="1";?>
<?php include('includes/company_info.php');?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>smarterbenefit.com</title>
<style>
TD.error
{
color: red;
font-weight: bold;
}
</style>
<link href="http://smarterbenefit.com/css/main.css" rel="stylesheet" type="text/css" />
<script type="text/JavaScript">
<!--
function HideContent(d) {
document.getElementById(d).style.display = "none";
}
function ShowContent(d) {
document.getElementById(d).style.display = "block";
}
function ReverseDisplay(d) {
if(document.getElementById(d).style.display == "none") { document.getElementById(d).style.display = "block"; }
else { document.getElementById(d).style.display = "none"; }
}
//-->
</script>
</head>
<body>
<div id="wrap">
<div id="companyInfoWrap">
<?php include('includes/welcome.php');?>
</div>
<div id="contentWrap">
<h1>register</h1>
<div id="boxWrap">
<div id="grayBoxTop"></div>
<div id="grayBoxMiddle">
<div id="formContainer">
<?php
if (count($errors) > 0)
echo "<p style=\"color:#f30; font-weight:bold;\">There were some errors in your submitted form, please correct them and try again.</p>";
?>
<form action="<?= $_SERVER['PHP_SELF'] ?>" method="POST">
<table width="375" border="0" cellpadding="0" cellspacing="0">
<tr>
<td valign="top" class="selectPad"><span class="form_text">First name: </span> </td>
<td valign="top" class="selectPad"><?= $errors['first_name'] ?><input name="first_name" type="text" class="text_input" id="first_name" value="<?= htmlentities($values['first_name']) ?>" /> </td>
</tr>
<tr>
<td valign="top" class="selectPad"><span class="form_text">Last name: </span> </td>
<td valign="top" class="selectPad"><?= $errors['last_name'] ?><input name="last_name" type="text" class="text_input" id="last_name" value="<?= htmlentities($values['last_name']) ?>" /> </td>
</tr>
<tr>
<td valign="top" class="selectPad"><span class="form_text">Contact number: </span> </td>
<td valign="top" class="selectPad"><?= $errors['contact_number'] ?><input name="contact_number" type="text" class="text_input" id="contact_number" value="<?= htmlentities($values['contact_number']) ?>" /> </td>
</tr>
<tr>
<td width="108" valign="top" class="selectPad">
<span class="form_text">Email address</span>: </td>
<td width="267" valign="top" class="selectPad">
<?= $errors['email_address'] ?>
<input type="text" name="email_address" class="text_input" value="<?= htmlentities($values['email_address']) ?>" /> <?= $errors['email_address2'] ?> </td>
</tr>
<tr>
<td valign="top" class="selectPad"><span class="form_text">Password: </span></td>
<td valign="top" class="selectPad"><?= $errors['password'] ?><input name="password" type="text" class="text_input" id="password" value="<?= htmlentities($values['password']) ?>" /></td>
</tr>
<tr>
<td colspan="2" valign="top" class="selectPad2"> </td>
</tr>
<tr>
<td colspan="2" align="center" valign="top" class="submitPad"><input type="image" name="imageField" src="http://smarterbenefit.com/images/submit.png" /></td>
</tr>
</table>
</form>
</div>
</div>
<div id="grayBoxBottom"></div>
</div>
</div>
<?php include('includes/footer.php')?>
</div>
</body>
</html>
<?php
}
function ProcessForm($values)
{
# get user input
$first_name = $_REQUEST['first_name'];
$last_name = $_REQUEST['last_name'];
$contact_number = $_REQUEST['contact_number'];
$email_address = $_REQUEST['email_address'];
$password = $_REQUEST['password'];
# escape email, prevent sql injection
$first_name = mysql_real_escape_string($first_name);
$last_name = mysql_real_escape_string($last_name);
$contact_number = mysql_real_escape_string($contact_number);
$email_address = mysql_real_escape_string($email_address);
$password = mysql_real_escape_string($password);
$sql = "insert into users set email_address='$email_address',first_name='$first_name',last_name='$last_name',contact_number='$contact_number',password='$password'";
$res = mysql_query($sql);
if($res) {
$msg = "Hello $first_name,\n\nPlease use the following email address and password to log in to SmarterBenefit.\n\nEmail address: $email_address\nPassword: $password";
$res = @mail($email_address,'SmarterBenefit.com Registration',$msg);
if(!$res)
echo 'Could not send email. Check if the provided email address was valid!';
} else
echo 'Bad sql: '.$sql."\n".mysql_error(); # debug, remove in production code
// Replace with actual page or redirect :P
echo "<meta http-equiv=\"refresh\" content=\"0;URL=register_success.php\" />";
}
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
$formValues = $_POST;
$formErrors = array();
if (!VerifyForm($formValues, $formErrors))
DisplayForm($formValues, $formErrors);
else
ProcessForm($formValues);
}
else
DisplayForm(null, null);
?>
|