API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 19th, 2017
113
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
HTML 5 7.52 KB | None | 0 0
raw download clone embed print report
  1. <html>
  2. <head>
  3. <title>Test Register Page</title>
  4. <meta name="viewport" content="width=device-width, initial-scale=1">
  5. <link rel="stylesheet" href="css/register.css" />
  6. <link rel="stylesheet" href="http://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css">
  7. <link rel="stylesheet" href="css/index.css" />
  8. <link rel="stylesheet" href="css/styles.css" />
  9. <link href='https://fonts.googleapis.com/css?family=Raleway:400,500,300,600' rel='stylesheet' type='text/css'>
  10. </head>
  11. <?php
  12. //This line creates the function test_input using the parameter $data
  13. function test_input($data) {
  14.  
  15. //This line removes all whitespace from the data parsed in
  16. $data = trim($data);
  17.  
  18. //This line removes all backslashes from the data
  19. $data = stripslashes($data);
  20.  
  21. //This line replaces all special characters with HTML escaped code to prevent cross-site scripting
  22. $data = htmlspecialchars($data);
  23.  
  24. //This line returns the resulting data to the above code
  25. return $data;
  26.  
  27. }
  28. include_once "navBar.php";
  29. //These lines create all of the variables and sets them to empty values
  30. $emailErr = $newEmailErr = $firstNErr = $surnErr = $phoneErr = $passErr = $confPassErr = "";
  31.  
  32. $email = $newEmail = $firstN = $surn = $phone = $pass = "";
  33. $error = 0;
  34.  
  35. //These lines ceate and assign the variables required to connect to the SQL database
  36.  
  37. $servername = "127.0.0.1";
  38. $username = "root";
  39. $password = "";
  40. $dbname = "accounts";
  41.  
  42. //These lines try to connect to the database with the assigned variables above
  43. $conn = new mysqli($servername, $username, $password, $dbname);
  44.  
  45. //This if statement runs the indented code below when the user clicks the register button
  46. if ($_SERVER["REQUEST_METHOD"] == "POST") {
  47.  
  48. //If the connection to the database fails, an error message is displayed to the user
  49. if ($conn->connect_error) {
  50.  
  51. die("Connection failed: " . $conn->connect_error . "/nPlease try again. If it still doesn't work, copy the error message and send it to cjbrennan2701@gmail.com");
  52.  
  53. }
  54.  
  55. //This line checks whether the user has entered anything in the email box
  56. if (empty($_POST["email"])) {
  57. } else if (strpos($_POST["email"],'@') === FALSE && $error != 1){
  58.     $emailErr = "Please enter a valid email address";
  59. } else {
  60.  
  61. //Otherwise, the user's input is stripped of any whitespace or backslashes
  62. //Any special characters in the input are converted to HTML escaped code to prevent malicious attacks
  63. $email = test_input($_POST["email"]);
  64.  
  65. //If the user has validated their email address by
  66. // checking it against their current address, then the changes are made
  67. if ($email === $_SESSION["email"]){
  68.    
  69.     //The first name box is checked to see whether it is empty
  70.     if (empty($_POST["firstN"])) {
  71.     } else {
  72.  
  73.     //If not, the function test_input removes whitespace and backslashes from the imput
  74.     //and special characters are replaced by HTML escaped code
  75.     $firstN = test_input($_POST["firstN"]);
  76.  
  77.     //Then the user's first name in the database is replaced by the new value
  78.     $conn->query("UPDATE testTable SET firstN='$firstN' WHERE email='$email'");
  79.     $_SESSION["firstN"]=$firstN;
  80.     }
  81.  
  82.     //The surname box is checkked to see whether it is empty
  83.     if (empty($_POST["surn"])) {
  84.     } else {
  85.  
  86.     //If it isn't empty, test_input removes backslashes and whitespace
  87.     //as well as replaces any special characters with HTML escaped code
  88.     $surn = test_input($_POST["surn"]);
  89.  
  90.     //Then the value in the database is updated
  91.     $conn->query("UPDATE testTable SET surn='$surn' WHERE email='$email'");
  92.     $_SESSION["surn"]=$surn;
  93.     }
  94.  
  95.     //The user's input for their phone is then checked
  96.     if (empty($_POST["phone"])) {
  97.  
  98.     //If it is empty, then nothing is stored
  99.     $phone = "";
  100.     } else if(strlen($_POST["phone"] == 11)){
  101.  
  102.     //If the user's input only contains numbers and is 11 characters long
  103.     //it is stored as $phone
  104.     $phone = test_input($_POST["phone"]);
  105.  
  106.     //Then the value in the database is replaced by the new number
  107.     $conn->query("UPDATE testTable SET phone='$phone' WHERE email='$email'");
  108.     $_SESSION["phone"]=$phone;
  109.  
  110.     //If any other format of input is detected, an error is produced
  111.     } else {
  112.         $phoneErr = "Please enter a valid phone number" . strlen($_POST["phone"]);
  113.     }
  114.  
  115.     //This line checks whether the user has entered anything in the email box
  116.     if (empty($_POST["newEmail"])) {
  117.     } else if (strpos($_POST["newEmail"],'@') === FALSE && $error != 1){
  118.         $newEmailErr = "Please enter a valid email address";
  119.     } else {
  120.  
  121.     //Otherwise, the user's input is stripped of any whitespace or backslashes
  122.     //Any special characters in the input are converted to HTML escaped code to prevent malicious attacks
  123.     $newEmail = test_input($_POST["newEmail"]);
  124.  
  125.     //Then the email address is updated
  126.     $conn->query("UPDATE testTable SET email='$newEmail' WHERE email='$email'");
  127.     $_SESSION["email"]=$newEmail;
  128.     }
  129. } else {
  130.     $emailErr = "Please use the email address you have signed in with";
  131. }
  132. }
  133.  
  134.  
  135.  
  136.  
  137. //This line ends the connection to the database
  138. $conn->close();
  139. }
  140. ?>
  141.  
  142. <body>
  143. <div class="container-fluid">
  144.   <div class="row">
  145.     <div class="col-md-3"></div>
  146.     <div class="col-xs-12 col-md-6">
  147.       <!-- This line creates a form where when the user clicks submit, runs the PHP code above -->
  148.       <form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
  149. <h5 style="color:#136002; font-size:16px;">Please enter any information you would like to change.<br>
  150.         If you don't want to change something, leave it blank</h5>
  151.         <div class="row">
  152.           <div id="text" class="col-xs-6">
  153.             <p>Current e-mail: </p>
  154.             <br>
  155.             <p>New e-mail: </p>
  156.             <br>
  157.             <p>First name: </p>
  158.             <br>
  159.             <p>Surname: </p>
  160.             <br>
  161.             <p>Phone number: </p>
  162.           </div>
  163.           <div id="input" class="col-xs-6">
  164.             <p>
  165.             <!--These lines provide an input box for the user to type their email address as well as a space to display any errors-->
  166.               <input type="text" name="email" id="email">
  167.               <span class="error"> <?php echo $emailErr;?></span></p>
  168.             <p>
  169.             <!--These lines create an input box for the user's new email address and an output space for any errors-->
  170.               <input type="text" name="newEmail" id="newEmail" style="margin-bottom:16px;">
  171.               <span class="error"> <?php echo $newEmailErr;?></span></p>
  172.             <p>
  173.             <!--These lines allow the user to input their first name and output errors-->
  174.               <input type="text" name="firstN" id="firstN">
  175.               <span class="error"> <?php echo $firstNErr;?></span></p>
  176.             <p>
  177.             <!--These lines allow input for the user's second name and an output for any errors-->
  178.               <input type="text" name="surn" id="surn">
  179.               <span class="error"> <?php echo $surnErr;?></span></p>
  180.             <p>
  181.             <!--These lines provide and input box for the user's phone number and a space to output any errors-->
  182.               <input type="text" name="phone" id="phone">
  183.               <span class="error"> <?php echo $phoneErr;?></span></p>
  184.           </div>
  185.         </div>
  186.         <div class="row">
  187.         <!--This division creates a button which, when clicked, runs the PHP code at the top of the file-->
  188.           <div id="btnReg" class="col-sm-12">
  189.             <button type="submit" name="submit">Update</button>
  190.           </div>
  191.         </div>
  192. </form>
  193. </div>
  194.     <div class="col-sm-2 col-md-3"></div>
  195.   </div>
  196. </div>
  197. <div id="footer" class="container-fluid">
  198.   <div class="row">
  199.     <div class="col-sm-12">
  200.       <p>Copyright</p>
  201.     </div>
  202.   </div>
  203. </div>
  204. </body>
  205. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!