<?session_start();include $_SERVER['DOCUMENT_ROOT'].'/conf/db_connect.php';$

1. <?
2. session_start();
3. include $_SERVER['DOCUMENT_ROOT'].'/conf/db_connect.php';
4.  
5. $sql = "call get_user_by_user_name('$_POST[username]')";
6. $get_user = db_query($sql, $link, $_SESSION[mode]);
7. $row = db_fetch($get_user, $_SESSION[mode]);
8.  
9. if(!empty($row[user_id]))
10. {
11. header ("location:/reg/regindex.php?error=1");
12. exit;
13. }
14.  
15. if( !empty( $_FILES['avatar']['name'] ) )
16. {
17. $userAvatar = $_SERVER['DOCUMENT_ROOT'].'/avatars/' .$_POST['username']. basename($_FILES['avatar']['name']);
18. $userAvatarPath = '/avatars/' .$_POST['username']. basename($_FILES['avatar']['name']);
19. if( substr($_FILES['avatar']['type'], 0, 5)=='image' )
20. {
21. if (!move_uploaded_file($_FILES['avatar']['tmp_name'], $userAvatar))
22. {
23. header ("location:/reg/regindex.php?error=2");
24. exit;
25. }
26. }
27. else
28. {
29. header ("location:/reg/regindex.php?error=2");
30. exit;
31. }
32. }
33. else
34. {
35. unset($userAvatar);
36. unset($userAvatarPath);
37. }
38. $userName = $_POST['username'];
39. $userPassword = $_POST['pw'];
40. $email = $_POST['email'];
41. $userFirstName = $_POST['firstname'];
42. $userLastName = $_POST['lastname'];
43. $birthdate = $_POST['date'];
44.  
45.  
46. $userName = stripslashes($userName);
47. $userName = htmlspecialchars($userName);
48. $userName = addslashes($userName);
49.  
50. $userPassword = stripslashes($userPassword);
51. $userPassword = htmlspecialchars($userPassword);
52. $userPassword = addslashes($userPassword);
53.  
54. $userFirstName = stripslashes($userFirstName);
55. $userFirstName = htmlspecialchars($userFirstName);
56. $userFirstName = addslashes($userFirstName);
57.  
58. $userLastName = stripslashes($userLastName);
59. $userLastName = htmlspecialchars($userLastName);
60. $userLastName = addslashes($userLastName);
61.  
62. $email = stripslashes($email);
63. $email = htmlspecialchars($email);
64. $email = addslashes($email);
65.  
66. $userName = trim($userName);
67. $userPassword = trim($userPassword);
68. $userFirstName = trim($userFirstName);
69. $userLastName = trim($userLastName);
70. $email = trim($email);
71.  
72. $userName = str_replace("'","’",$userName);
73. $userPassword = str_replace("'","’",$userPassword);
74. $userFirstName = str_replace("'","’",$userFirstName);
75. $userLastName = str_replace("'","’",$userLastName);
76. $email = str_replace("'","’",$email);
77.  
78. $sql_two = "call add_user('$userName','$userPassword','$email','$userLastName','$userLastName','$birthdate','$userAvatarPath')";
79. db_query($sql_two, $link, $_SESSION['mode']);
80.  
81. header ("location:/reg/regend.php");
82. ?>
83.  
84. $sql = "call get_user_by_user_name('$_POST[username]')";
85. $get_user = db_query($sql, $link, $_SESSION[mode]);
86. $row = db_fetch($get_user, $_SESSION[mode]);
87.  
88. $tempRow = db_row(db_query("SELECT count(*) FROM view_guest_book", $link, $_SESSION['mode']), $_SESSION['mode']);
89. $result = db_query("call get_entries_gb_per_page('$per_page', '$start')", $link, $_SESSION['mode']);
90.  
91. function db_query($query, $link, $conntype)
92. {
93.  
94. switch($conntype)
95. {
96. case "sqlb":
97. {
98. $result = mysql_query($query) or die("nНекорректный SQL запрос >>" . $query);
99. return $result;
100. break;
101. }
102. case "sqlip":
103. {
104. $result = mysqli_query($link, $query) or die("nНекорректный SQL запрос >>" . $query);
105. return $result;
106. break;
107. }
108. case "sqlio":
109. {
110. $result = $link->query($query) or die("nНекорректный SQL запрос >>" . $query);
111. return $result;
112. break;
113. }
114. case "pdo":
115. {
116. $result = $link->prepare($query);
117. $result->setFetchMode(PDO::FETCH_NUM);
118. $result->execute() or die("nНекорректный SQL запрос >>" . $query);
119. return $result;
120. break;
121. }
122. default:break;
123.  
124. }
125. }