From 18c3fb434f39da2b3e2597f473e3138770fd7d84 Mon Sep 17 00:00:00 2001 From: Carson Fleming Date: Mon, 24 Apr 2017 13:06:13 -0400 Subject: Added phone number checking to signup --- signup.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/signup.php b/signup.php index aa8a3f3..8cb8d62 100644 --- a/signup.php +++ b/signup.php @@ -26,7 +26,11 @@ if (!empty($_POST['signup'])) { goto err; } $db = new bdb(); - $result = $db->query('SELECT id FROM users WHERE email = \''.$db->escape_string($_POST['email']).'\' LIMIT 1') or fatal($db->error); + + $area = (intval($_POST['phone1'])>0)?intval($_POST['phone1']):intval(substr($_POST['phone1'], 1, -1)); + $phone = intval($_POST['phone0']).' ('.$area.') '.intval($_POST['phone2']).'-'.intval($_POST['phone3']); + + $result = $db->query('SELECT id FROM users WHERE email = \''.$db->escape_string($_POST['email']).'\' OR phone = \''.$phone.'\' LIMIT 1') or fatal($db->error); if ($result->num_rows > 0) { $result->free(); $db->close(); @@ -38,8 +42,6 @@ if (!empty($_POST['signup'])) { $stmt = $db->prepare('INSERT INTO users (type, name, email, password, zipcode, phone, session) VALUES (?, ?, ?, ?, ?, ?, ?)') or fatal($db->error); $type = intval($_POST['type']) ? 'EMPLOYER' : 'EMPLOYEE'; $pass = bulletin_hash($_POST['password']); - $area = (intval($_POST['phone1'])>0)?intval($_POST['phone1']):intval(substr($_POST['phone1'], 1, -1)); - $phone = intval($_POST['phone0']).' ('.$area.') '.intval($_POST['phone2']).'-'.intval($_POST['phone3']); $sess = uniqid('act', true); $stmt->bind_param('sssssss', $type, $_POST['name'], $_POST['email'], $pass, $_POST['zip'], $phone, bulletin_hash($sess)); $stmt->execute(); -- cgit v1.2.3