I would also like to note that if I add "global $db, $db_user, $db_loc, $db_pass;" to the top of every function, everything works fine.... This just seems verbose and again, not the right way to do things.
Code: Select all
<?php
require_once("variables.php");
class indexController {
function show($x) {
global $db, $db_user, $db_loc, $db_pass;
$link = mysql_connect($db_loc, $db_user, $db_pass);
mysql_select_db($db, $link);
$query = mysql_query("SELECT $x FROM woots ORDER BY id DESC LIMIT 1", $link) or die(mysql_error());
$result = mysql_fetch_array($query);
return $result[0];
@mysql_close($link);
@mysql_free_result($result);
}
function send_txt_msg($phone, $provider) {
global $db, $db_user, $db_loc, $db_pass;
$link = mysql_connect($db_loc, $db_user, $db_pass);
mysql_select_db($db, $link);
$query = mysql_query("SELECT * FROM woots ORDER BY id DESC LIMIT 1", $link) or die(mysql_error());
$result = mysql_fetch_array($query);
$title = trim($result['title']);
$price = trim($result['price']);
$shipping = $result['shipping'];
$shipping = eregi_replace("[[]]+", " ", $shipping);
$shipping = trim($shipping);
$date = $result['date'];
$to = $phone.'@'.$provider;
$subject = 'Wootifier.com confirmation message';
$from = 'admin@wootifier.com';
$message = "Congratulations! Your cell phone is now being wootified! I also sent you today's woot just in case you missed it.\n\n";
// Send confirmation message
mail($to, $subject, $message, "From: $from");
// Send Today's Woot
$subject = "Today's Woot - $date";
$message = $title."\r".$price."\r".$shipping;
$message .= "\r\rVisit http://www.wootifier.com to unsubscribe from these messages";
mail($to, $subject, $message, "From: $from");
@mysql_close($link);
@mysql_free_result($result);
}
function send_email($email) {
global $db, $db_user, $db_loc, $db_pass;
$link = mysql_connect($db_loc, $db_user, $db_pass);
mysql_select_db($db, $link);
$query = mysql_query("SELECT * FROM woots ORDER BY id DESC LIMIT 1", $link) or die(mysql_error());
$result = mysql_fetch_array($query);
$title = trim($result['title']);
$price = trim($result['price']);
$shipping = $result['shipping'];
$shipping = eregi_replace("[[]]+", " ", $shipping);
$shipping = trim($shipping);
$date = $result['date'];
// Send confirmation message
$to = $email;
$subject = 'Wootifier.com confirmation message';
$from = 'admin@wootifier.com';
$message = "Congratulations! Your email inbox is now being wootified! I also sent you today's woot just in case you missed it.\n\n";
mail($to, $subject, $message, "From: $from");
// Find woot id on website
$query = mysql_query("SELECT id FROM woots WHERE title = \"$title\" and date = \"$date\"", $link) or die(mysql_error());
$result = mysql_fetch_array($query);
$id = $result['id'];
// Send Today's Woot
$subject = "Today's Woot - $date";
$message = $title."\r".$price."\r".$shipping;
$message .= "\rhttp://www.wootifier.com/archive/#woot$id";
$message .= "\r\rVisit http://www.wootifier.com to unsubscribe from these messages";
mail($to, $subject, $message, "From: $from");
@mysql_close($link);
@mysql_free_result($result);
}
function validate_email() {
global $db, $db_user, $db_loc, $db_pass;
if (isset($_POST['txtEmail'])) {
$email = $_POST['txtEmail'];
$div_error_open = "<div id=\"error\">\n<ul>\n";
$div_error_close = "</ul>\n</div>\n";
$valid = false;
$output = '';
//check if email is valid
$email_filter="^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$";
if(!empty($email)) {
if (eregi($email_filter, $email)) {
// Connect to database
$link = mysql_connect($db_loc, $db_user, $db_pass);
mysql_select_db($db, $link);
// Run a query to see if email address is taken
$query = mysql_query("SELECT * FROM emails WHERE email=\"$email\"", $link) or die(mysql_error());
// Run the query, and put results in an array
$result = mysql_fetch_array($query, MYSQL_ASSOC);
// If email address is found in database display error
if ($result['email'] == $email) {
$output .= "<li>It appears that your email address is already in the database.</li>\n";
} else {
// Log ip with timestamp
$client_ip = $_SERVER['REMOTE_ADDR'];
$query = mysql_query("INSERT INTO ip_entry_dates (ip_address, entry_date) VALUES (\"$client_ip\", NOW())", $link) or die(mysql_error());
// Check if user has made more than 10 entries today
$query = mysql_query("SELECT * FROM ip_entry_dates WHERE ip_address = \"$client_ip\" and entry_date > DATE_ADD(NOW(), INTERVAL -1 DAY)") or die (mysql_error());
$recent_entries = 0;
// Count the amount of entries in the last 24 hrs
while (mysql_fetch_array($query, MYSQL_ASSOC)) {
$recent_entries++;
}
if ($recent_entries <= 5) {
// Insert email address into database
$query = mysql_query("INSERT INTO emails (email) VALUES(\"$email\")") or die (mysql_error());
// Display succeess message
$output .= "<li>Registration was successful. You should receive a confirmation email message
within the next few minutes. If you don't see the confirmation message, check your spam folder!</li>\n";
$this->send_email($email);
} else {
// Show banned message
$output .= "<li>For security reasons, you are only allowed to submit 5 email and phone entries per day. You have attempted $recent_entries entries within the last 24 hours. Seriously now, do you really need to subscribe $recent_entries times?</li>\n";
}
}
@mysql_close($link);
@mysql_free_result($result);
return $div_error_open.$output.$div_error_close;
}
}
if (trim($_POST['txtEmail']) == '') {
// Display error if field is blank
$output .= "<li>If you leave the text field field blank, there is really nothing I can do to help.</li>\n";
} else {
// Email address entered is invalid
$output .= "<li>It appears that the email address you have entered is invalid.</li>\n";
}
@mysql_close($link);
@mysql_free_result($result);
return $div_error_open.$output.$div_error_close;
}
}
function validate_phone() {
global $db, $db_user, $db_loc, $db_pass;
if(isset($_POST['txtNumber']) || isset($_POST['selCarrier'])) {
$phone = $_POST['txtNumber'];
$div_error_open = "<div id=\"error\">\n<ul>\n";
$div_error_close = "</ul>\n</div>\n";
$valid = false;
$output = '';
$provider = $_POST['selCarrier'];
$phone = preg_replace('/[^0-9]/', '', $phone); # remove non-numbers
//check if number is valid
if (preg_match('/^1?[0-9]{10}$/', $phone) && $provider != '') {
$valid = true;
} elseif (strlen(trim($_POST['txtNumber'])) != '' && strlen($phone) != 10) {
$output .= "<li>It appears that the number you have entered is invalid.</li>\n";
}
if ($valid == true) {
// Connect to database
$link = mysql_connect($db_loc, $db_user, $db_pass);
mysql_select_db($db, $link);
// Run a query to see if username is taken
$query = mysql_query("SELECT * FROM phones WHERE number=\"$phone\"", $link) or die(mysql_error());
// Run the query, and put results in an array
$result = mysql_fetch_array($query, MYSQL_ASSOC);
// If number is not found, continue and insert number into database
if ($result["number"] == '') {
// Log ip with timestamp
$client_ip = $_SERVER['REMOTE_ADDR'];
$query = mysql_query("INSERT INTO ip_entry_dates (ip_address, entry_date) VALUES (\"$client_ip\", NOW())", $link) or die(mysql_error());
// Check if user has made more than 10 entries today
$query = mysql_query("SELECT * FROM ip_entry_dates WHERE ip_address = \"$client_ip\" and entry_date > DATE_ADD(NOW(), INTERVAL -1 DAY)") or die (mysql_error());
$recent_entries = 0;
// Count the amount of entries in the last 24 hrs
while (mysql_fetch_array($query, MYSQL_ASSOC)) {
$recent_entries++;
}
if ($recent_entries <= 5) {
// Insert number into database
$query = mysql_query("INSERT INTO phones (number, provider) VALUES(\"$phone\", \"$provider\")") or die (mysql_error());
// Display succeess message
$output .= "<li>Registration was successful. You should receive a confirmation text message
within the next few minutes.</li>\n";
$this->send_txt_msg($phone, $provider);
} else {
// Show banned message
$output .= "<li>For security reasons, you are only allowed to submit 5 email and phone entries per day. You have attempted $recent_entries entries within the last 24 hours. Seriously now, do you really need to subscribe $recent_entries times?</li>\n";
}
}
if ($result['number'] == $phone) {
$output .= "<li>It appears that your number is already in the database.</li>\n";
}
}
// Display error if field is blank
if (trim($_POST['txtNumber']) == '') {
$output .= "<li>If you leave the text field field blank, there is really nothing I can do to help.</li>\n";
}
if ($provider == '') {
$output .= "<li>Please select a cellular provider.</li>\n";
}
@mysql_close($link);
@mysql_free_result($result);
// Returns error div and message
return $div_error_open.$output.$div_error_close;
}
}
}
?>