well, its an array i guess sort of indirectly here is the file that contains those two arguments
Code: Select all
<?php
session_start();
include("functions_main.php");
$table_name = "Customer";
$next_program = "SecretPage.php";
switch(@$_POST['Button']) {
case "Login":
$cxn = Connect_to_db("Vars.php");
$sql = "SELECT user_name FROM $table_name
WHERE user_name='$_POST[fusername]'";
$result = mysqli_query($cxn,$sql) or die("Coulden't execute query 1");
$num = mysqli_num_rows($result);
if($num == 1) {
$sql = "SELECT user_name FROM $table_name
WHERE user_name='$_POST[fusername]'
AND password=md5('$_POST[fpassword]')";
$result2 = mysqli_query($cxn,$sql)
or die("Coulden't execute query 2");
$row = mysqli_fetch_assoc($result2);
if($row) {
$_SESSION['auth']="yes";
$_SESSION['logname']=$_POST['fusername'];
header("Location: $next_program");
} else {
$message_1="The Login Name, '$_POST[fusername]'
exist, but you have not entered the
correct password! Please try again.<br>";
extract($_POST);
include("fields_login.php");
include("double_form.php");
}
} elseif($num == 0) {
//login name not found
$message_1 = "The User Name you entered does not
exist! Pease try again.<br>";
include("fields_login.php");
include("double_form.php");
}
break;
case "Register":
/* Check for blanks */
foreach($_POST as $field => $value) {
if($field != "fax") {
if($value == "") {
$blanks[] = $field;
}
}
}
if(isset($blanks)) {
$message_2 = "The Following fields are blank.
Please enter the required information: ";
foreach($blanks as $value) {
$message_2 .="$value, ";
}
extract($_POST);
include("fields_login.php");
include("double_form.php");
exit();
}
/* validate data */
foreach($_POST as $field => $value) {
if(!empty($value)) {
if(eregi("name",$field) and !eregi("user",$field) and !eregi("log",$field)) {
if(!ereg("^[A-Za-z' -]{1,50}$",$value)) {
$errors[] = "$value is not a valid name.";
}
}
if(eregi("street",$field) or eregi("addr",$field) or eregi("city",$field)) {
if(!ereg("^[A-Za-z0-9.,' -]{1,50}$",$value)) {
$errors[] = "$value is not a valid address or city.";
}
}
if(eregi("state",$field)) {
if(!ereg("[A-Za-z]",$value)) {
$errors[] = "$value is not a valid state.";
}
}
if(eregi("email",$field)) {
if(!ereg("^.+@.+\\..+$",$value)) {
$errors[] = "$value is not a valid email address.";
}
}
if(eregi("zip",$field)) {
if(!ereg("^[0-9]{5,5}(\-[0-9]{4,4})?$",$value)) {
$errors[] = "$value is not a valid zipcode.";
}
}
if(eregi("phone",$field) or eregi("fax",$field)) {
if(!ereg("^[0-9)(xX -]{7,20}$",$value)) {
$errors[] = "$value is not a valid phone number.";
}
}
}
}
foreach($_POST as $field => $value) {
if(field != "password") {
$password = strip_tags(trim($value));
} else {
$fields[]=$field;
$value = strip_tags(trim($value));
$values[] = addslashes($value);
$$field = $value;
}
}
if(@is_array($errors)) {
$message_2 = "";
foreach($errors as $value) {
$message_2 .= $value." Please try again<br />";
}
include("fields_login.php");
include("double_form.php");
exit();
}
$user_name = $_POST['user_name'];
/* check to see if user name already exist */
$cxn = Connect_to_db("Vars.php");
$sql = "SELECT user_name FROM $table_name WHERE user_name='$user_name'";
$result = mysqli_query($cxn,$sql) or die("Coulden't execute query.");
$num = mysqli_num_rows($result);
if($num > 0) {
$message_2 = "$user_name already used. Select another
User Name.";
include("fields_login.php");
include("double_form.php");
exit();
} else {
$today = date("Y-m-d");
$fields_str = implode(",",$fields);
$values_str = implode('","',$values);
$fields_str .=",create_date";
$values_str .='"'.",".'"'.$today;
$fields_str .=",password";
$values_str .= '"'.","."md5"."('".$password."')";
$sql = "INSERT INTO $table_name ";
$sql .= "(".$fields_str.")";
$sql .= " VALUES ";
$sql .= "(".'"'.$values_str.")";
mysqli_query($cxn,$sql) or die(mysqli_error($cxn));
$_SESSION['auth']="yes";
$_SESSION['logname']=$user_name;
/* send email to new Customer */
$emess = "You have successfully registered.";
$emess .= "Your new user name and password are:";
$emess .= "\n\n\t$user_name\n\t";
$emess .= "password\n\n";
$emess .= "We apprieciate your interest. \n\n";
$emess .= "If you have any questions or problems,";
$emess .= " email obadiah_00@hotmil.com";
$subj .= "Your new customer registration";
$mailsend=mail("$email","$subj","$emess");
header("Location: $next_program");
}
break;
default:
include("fields_login.php");
include("double_form.php");
}
?>
in one of the for each loops it has
Code: Select all
foreach($_POST as $field => $value) {
if(field != "password") {
$password = strip_tags(trim($value));
} else {
$fields[]=$field;
$value = strip_tags(trim($value));
$values[] = addslashes($value);
$$field = $value;
}
the other arrays are being pulled from another file called fields_login.php and just contains
Code: Select all
<?php
$page = array( "title" => "Customer Login Page",
"top" => " ",
"bottom" => "Send questions and comments
to Obadiah_00@hotmail.com",
);
$elements_1 = array( "top" => "Returning Customers:
<span style=\"font-size: 80%;
font-weight: 100%\">
<i>Login here</i></span>",
"bottom" => "",
"submit" => "Login"
);
$elements_2 = array( "top" => "New Customers:
<span style=\"font-size: 80%;
font-weight: 100%\">
<i>Register here</i></span>",
"bottom" => "",
"submit" => "Register"
);
$fields_1 = array( "fusername" => "User Name",
"fpassword" => "Password"
);
$length_1 = array( "fusername" => "10",
"fpassword" => "10"
);
$fields_2 = array( "user_name" => "User Name",
"password" => "Password",
"email" => "Email Address",
"first_name" => "First Name",
"last_name" => "Last Name",
"street" => "Street",
"city" => "City",
"state" => "State",
"zip" => "Zip",
"phone" => "Phone",
"Fax" => "Fax",
);
$length_2 = array( "user_name" => "20",
"password" => "8",
"email" => "55",
"first_name" => "40",
"last_name" => "40",
"street" => "55",
"city" => "40",
"zip" => "10",
"phone" => "15",
"Fax" => "15",
);
?>
the tutorial didnt include a specific array for those 2 fields like the ones in the above file