Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?PHP
- $hostname = "websqurl.db.8248509.hostedresource.com";
- $database = "websqurl";
- $username = "websqurl";
- $password = "Sicm1149!";
- $connection = mysql_connect($hostname, $username, $password) or trigger_error(mysql_error(),E_USER_ERROR);
- function sanitize($value, $type)
- {
- $value = (!get_magic_quotes_gpc()) ? addslashes($value) : $value;
- switch ($type) {
- case "text":
- $value = ($value != "") ? "'" . $value . "'" : "NULL";
- break;
- case "long":
- case "int":
- $value = ($value != "") ? intval($value) : "NULL";
- break;
- case "double":
- $value = ($value != "") ? "'" . doubleval($value) . "'" : "NULL";
- break;
- case "date":
- $value = ($value != "") ? "'" . $value . "'" : "NULL";
- break;
- }
- return $value;
- }
- //include the connection file
- require_once('websqurlsubmission.php');
- //save the data on the DB and send the email
- if(isset($_POST['action']) && $_POST['action'] == 'submitform')
- {
- //recieve the variables
- $name = $_POST['name'];
- $email = $_POST['email'];
- $sitename = $_POST['sitename'];
- $url = $_POST['url'];
- $cat = $_POST['category'];
- $subcat = $_POST['subcategory'];
- }
- //save the data on the DB
- mysql_select_db($database, $connection);
- $insert_query = sprintf("INSERT INTO websqurlsubmit (name, email, sitename, url, category, subcategory) VALUES (%s, %s, %s, %s, %s, %s)",
- sanitize($name, "text"),
- sanitize($email, "text"),
- sanitize($sitename, "text"),
- sanitize($url, "text"),
- sanitize($cat, "text"),
- sanitize($subcat, "text"));
- $result = mysql_query($insert_query, $connection) or die(mysql_error());
- //form validation
- /*
- * Specify the field names that are in the form. This is meant
- * for security so that someone can't send whatever they want
- * to the form.
- */
- $allowedFields = array(
- 'name',
- 'email',
- 'sitename',
- 'url',
- 'category',
- 'subcategory',
- );
- // Specify the field names that you want to require...
- $requiredFields = array(
- 'email',
- 'sitename',
- 'url',
- 'category',
- );
- // Loop through the $_POST array, which comes from the form...
- $errors = array();
- foreach($_POST AS $key => $value)
- {
- // first need to make sure this is an allowed field
- if(in_array($key, $allowedFields))
- {
- $$key = $value;
- // is this a required field?
- if(in_array($key, $requiredFields) && $value == '')
- {
- $errors[] = "The field $key is required.";
- }
- }
- }
- // were there any errors?
- if(count($errors) > 0)
- {
- $errorString = '<p>There was an error processing the form.</p>';
- $errorString .= '<ul>';
- foreach($errors as $error)
- {
- $errorString .= "<li>$error</li>";
- }
- $errorString .= '</ul>';
- // display the previous form
- include 'index.php';
- }
- else
- {
- // At this point you can send out an email or do whatever you want
- // with the data...
- // each allowed form field name is now a php variable that you can access
- // display the thank you page
- header("Location: thankyou.html");
- }
- ?>
Add Comment
Please, Sign In to add comment