Code: Select all
<?php
// Open database connection
$conn = mysql_connect('localhost','user','pass');
mysql_select_db('db_table');
if(isset($_POST['submit'])) { // if form is submitted
$returned_message = ""; // Sets message to empty.
/**********
Validate form data.
***********/
// Email
if(empty($_POST['email'])) {
$email = FALSE;
$returned_message .= "You must enter your Email Address<br />";
}
// Data cleaning function
function clean_data($string) {
if (get_magic_quotes_gpc()) {
$string = stripslashes($string);
}
$string = strip_tags($string);
return mysql_real_escape_string($string);
}
// Mail header removal
function remove_headers($string) {
$headers = array(
"/to\:/i",
"/from\:/i",
"/bcc\:/i",
"/cc\:/i",
"/Content\-Transfer\-Encoding\:/i",
"/Content\-Type\:/i",
"/Mime\-Version\:/i"
);
$string = preg_replace($headers, '', $string);
return strip_tags($string);
}
// Pick up the cleaned form data
$first_name = clean_data($_POST['first_name']);
$last_name = clean_data($_POST['last_name']);
$email = clean_data($_POST['email']);
$age = clean_data($_POST['age']);
$address = clean_data($_POST['address']);
$city = clean_data($_POST['city']);
$zipcode = clean_data($_POST['zipcode']);
$phone = clean_data($_POST['phone']);
$youtube_a = clean_data($_POST['youtube_a']);
$youtube_b = clean_data($_POST['youtube_b']);
$youtube_c = clean_data($_POST['youtube_c']);
$youtube_d = clean_data($_POST['youtube_d']);
$youtube_d = clean_data($_POST['youtube_e']);
$alternate = clean_data($_POST['alternate']);
// Insert data
if ($email) {
$query = "INSERT INTO school (first_name, last_name, email, age, address, city, zipcode, phone, youtube_a, youtube_b, youtube_c, youtube_d, youtube_e, alternate, submit_date)
VALUES ('$first_name', '$last_name', '$email', '$age', '$address', '$city', '$zipcode', '$phone', '$youtube_a', '$youtube_b', '$youtube_c', '$youtube_d', '$youtube_e', '$alternate', (CURRENT_TIMESTAMP))";
mysql_query($query);
$result = @mysql_query($query);
if($result) {
$to = "test@oregonschoolchoicecontest.com";
$subject = "Oregon School Choice Video Contest Entry";
$headers = "from: $email";
$mail_sent=mail($to, $subject, $headers);
if($mail_sent) {
$win_message .= 'Your entry information has been received.<br />
We will contact you once your content has been approved.<br />';
}
}
// Close connection
mysql_close($conn);
}
}
?>