FriendsPaste

1. <?php
2. /*
3. Template Name: Friends
4. */
5.  
6. get_header();
7.  
8. function TestInput($data) {
9. $badchars = array("$",",",";","/","\\","\:");
10. // prevent !isset() error
11. if (!isset($data)) {
12. $data = ' ';
13. }
14. $data=trim($data);
15. $data=stripslashes($data);
16. $data=htmlspecialchars($data);
17. $d=$data;
18. $d=str_replace($badchars,"",$d);
19. $d=str_replace("'","''",$d);
20. if (!is_numeric($data)) { $data = $d; }
21. return $data;
22. }
23.  
24. echo "<br /><br />T1...<br />";
25.  
26. $method = strtoupper($_SERVER["REQUEST_METHOD"]);
27.  
28. echo "<br /><br />T2...".$method."<br />";
29.  
30. if ($method === "POST") {
31.  
32. echo "<br /><br />T3...inside POST<br /><br />";
33.  
34. $name = TestInput($_POST["inputName"]);
35. $email = TestInput($_POST["eMail"]);
36. $phone = TestInput($_POST["Phone"]);
37. $zip = TestInput($_POST["Zip"]);
38. $comment = TestInput($_POST["Comment"]);
39.  
40. $sql = "insert into friends (fName,eMail,Zip,Phone,fSource,Comments) ";
41. $sql .= "values('" . $name . "','";
42. $sql .= $email . "','";
43. $sql .= $zip . "','";
44. $sql .= $phone . "',";
45. $sql .= "'F','";
46. $sql .= $comment . "')";
47.  
48. $servername = "localhost";
49. $username = "usrid";
50. $password = "pwd";
51. $dbname = "dbname";
52.  
53. $conn = new mysqli($servername, $username, $password, $dbname);
54. // Check connection
55. if ($conn->connect_error) {
56. die("Database connection failed: " . $conn->connect_error);
57. }
58. else {
59. if ($conn->query($sql) === TRUE) {
60. echo "<br /><br /><p>Thank you, " . $name . ". Your information and comments have been added to the database.</p><br />";
61. } else {
62. echo "Error: " .$sql . "<br />" . $conn->error;
63. }
64. }
65. } else {
66. ?>
67.  
68. <form method="post">
69. <div>
70. <div style="padding-left:50px;clear:both;width:350px;">
71. <label for="inputName" style="height:50px;vertical-align:-15px;">Name:</label>
72. <div style="float:right;">
73. <input type="text" class="form-control" name="inputName" id="inputName" placeholder="Your Name">
74. </div>
75. </div>
76.  
77. <div style="padding-left:50px;clear:both;width:350px;">
78. <label for="eMail" style="height:50px;vertical-align:-15px;">E-Mail Address:</label>
79. <div style="float:right;">
80. <input type="text" class="form-control" name="eMail" id="eMail" placeholder="Your E-Mail">
81. </div>
82. </div>
83.  
84. <div style="padding-left:50px;clear:both;width:350px;">
85. <label for="Phone" style="height:50px;vertical-align:-15px;">Phone Number:</label>
86. <div style="float:right;">
87. <input type="text" class="form-control" name="Phone" id="Phone" placeholder="Your Phone Number">
88. </div>
89. </div>
90.  
91. <div style="padding-left:50px;clear:both;width:350px;">
92. <label for="Zip" style="height:50px;vertical-align:-15px;">Zip Code:</label>
93. <div style="float:right;">
94. <input type="text" class="form-control" name="Zip" id="Zip" placeholder="Your Zip Code">
95. </div>
96. </div>
97.  
98. <div style="padding-left:50px;clear:both;width:350px;">
99. <label for="Comment" style="height:50px;vertical-align:-15px;">Comments:</label>
100. <div style="float:right;">
101. <input type="text" class="form-control" name="Comment" id="Comment" placeholder="Comments">
102. </div>
103. </div>
104.  
105. <div style="padding-left:50px;clear:both;width:285px;">
106. <div style="height:50px;text-align:right;">
107. <button type="submit">Submit</button>
108. </div>
109. </div>
110. <br /><br />
111. </div>
112. </form>
113. <?php }
114. get_footer();
115. ?>