<?php if (!isset($onward)) {exit('<em>unauthorized</em>');} /* * Virgin Mobile F

1. <?php if (!isset($onward)) {exit('<em>unauthorized</em>');} /* * Virgin Mobile Free Fest Sweepstakes submission code * * Please edit the following lines to fit your installation. * */ $databaseLocation = 'localhost'; // generally, this is "localhost"; $databaseUsername = 'marrsent_michael'; $databasePassword = 'michaelPW'; $databaseName = 'marrsent_virgin'; /* success message */ $successMessage = "Your submission has been saved! We'll notify you if you're the winner!"; /* returned error messages */ $errorText['header'] = 'There were a few problems with your submission'; $errorText['missingData'] = 'Not all requred data was given'; $errorText['invalidEmail'] = 'The email you submitted isn't valid'; $errorText['invalidPhoneNumber'] = 'That doesn't look like a good phone number'; $errorText['invalidMobileNumber'] = 'That doesn't look like a good cell phone number'; $errorText['invalidAge'] = 'You must check that you are 13 years of age before you can participate'; /* * don't edit anything below this line unless you know what you're doing */ include 'SqlBuilder.php'; // blank variables $errors = array(); // if submit was pressed if (isset($_POST['input-submit']) && $_POST['input-submit'] == '1') { // inputs we'll be wanting $getThese = array( 'sex', 'first-name', 'middle-initial', 'last-name', 'address-1', 'address-2', 'city', 'state', 'zip-code', 'phone-number', 'mobile-number', 'birth-month', 'birth-day', 'birth-year', 'email-address', 'check-updates', 'check-wireless-updates', 'age-cert' ); // these could be null, and we don't want that... $couldBeNull = array( 'sex', 'check-updates', 'check-wireless-updates', ); // roll through the inputs that could be null and set them to zero if they're not set foreach($couldBeNull as $value) { if (!isset($_POST['input-' . $value])) { $_POST['input-' . $value] = 0; } } // grab the inputs we want foreach($getThese as $value) { $inputs[$value] = $_POST['input-' . $value]; } function inputToDatabase(&$inputs, &$errorText) { // these inputs are required foreach(array('first-name', 'last-name', 'phone-number', 'email-address') as $value) { if (strlen($inputs[$value]) == 0) { return $errorText['missingData']; } } // validate email address // init some blank variables for the matches $matches = array(); // check if the email address passes and give us some matching parts. if (eregi( "^[._a-z0-9-]+((+[._a-z0-9-]+))*@[a-z0-9-]+(.[a-z0-9-]+)*.(([a-z]{2,3})|(aero|coop|info|jobs|mobi|museum|name|travel))$", $inputs['email-address'], $matches)) { /* // if the local piece of the email holds a plus sign (using filters) if (isset($matches[1]) && strstr($matches[1], '+')) { $inputs['email-address-send'] = $inputs['email-address']; // switch it up $inputs['email-address'] = substr_replace($inputs['email-address-send'], '', strpos($inputs['email-address'], $matches[1]), strlen($matches[1])); // remove the filter for the send to address } else { $inputs['email-address-send'] = &$inputs['email-address']; // no filter there, point them both to the same address } */ } else { return $errorText['invalidEmail']; } // reset $matches $matches = array(); // validate their phone number if they submitted it if (strlen($inputs['phone-number']) > 0 && !eregi( "^([0-9]( |-)?)?((?[0-9]{3})?|[0-9]{3})( |-)?([0-9]{3}( |-)?[0-9]{4}|[0-9]{7})$", $inputs['phone-number'], $matches)) { return $errorText['invalidPhoneNumber']; } // reset $matches $matches = array(); // validate their mobile number if they submitted it if (strlen($inputs['mobile-number']) > 0 && !eregi( "^([0-9]( |-)?)?((?[0-9]{3})?|[0-9]{3})( |-)?([0-9]{3}( |-)?[0-9]{4}|[0-9]{7})$", $inputs['mobile-number'], $matches)) { return $errorText['invalidMobileNumber']; } if ($inputs['age-cert'] != 'on') { return $errorText['invalidAge']; } // create a new sql builder object $sql = new SqlBuilder(); // roll through all the inputs and throw 'em in foreach($inputs as $key => $value) { $sql->insert('submissions', $key, $value); } // log the users IP address $sql->insert('submissions', 'ip-address', (isset($_SERVER['HTTP_X_FORWARD_FOR']) ? $_SERVER['HTTP_X_FORWARD_FOR'] : $_SERVER['REMOTE_ADDR'])); $query = $sql->build('insert'); global $databaseLocation, $databaseUsername, $databasePassword, $databaseName; $db = new mysqli($databaseLocation, $databaseUsername, $databasePassword, $databaseName); if ($db->query($query)) { $_POST = array(); return 'success'; } return false; } $errors[] = inputToDatabase($inputs, $errorText); } function displayErrors(&$errorText, &$errors) { if (count($errors) > 0 && $errors[0] != null) { if ($errors[0] == 'success') { global $successMessage; return "<div id="success" class="success"><p>". $successMessage ."</p></div>"; } else { $errorOutput = implode('</li><li>', $errors); $sReturn = "<div id="errors"><span id="error-header">". $errorText['header'] ."</span><ul><li>". $errorOutput ."</li></ul></div>"; return $sReturn; } } else { return false; } } function checkIncoming($type, $key) { $key = 'input-'.$key; if (isset($_POST[$key])) { switch($type) { case 'text': return ' value="' . $_POST[$key] .'"'; break; case 'select': return ' selected="selected"'; break; case 'checkbox': return ' checked="checked"'; break; default: break; } } }