miles-city-council/subscribe.php

<?php

$email = $_POST['email'];
$fname = $_POST['full_name'];
$phone = $_POST['phone'];
$gender = $_POST['gender'];

$pattern = '/^(?!(?:(?:\\x22?\\x5C[\\x00-\\x7E]\\x22?)|(?:\\x22?[^\\x5C\\x22]\\x22?)){255,})(?!(?:(?:\\x22?\\x5C[\\x00-\\x7E]\\x22?)|(?:\\x22?[^\\x5C\\x22]\\x22?)){65,}@)(?:(?:[\\x21\\x23-\\x27\\x2A\\x2B\\x2D\\x2F-\\x39\\x3D\\x3F\\x5E-\\x7E]+)|(?:\\x22(?:[\\x01-\\x08\\x0B\\x0C\\x0E-\\x1F\\x21\\x23-\\x5B\\x5D-\\x7F]|(?:\\x5C[\\x00-\\x7F]))*\\x22))(?:\\.(?:(?:[\\x21\\x23-\\x27\\x2A\\x2B\\x2D\\x2F-\\x39\\x3D\\x3F\\x5E-\\x7E]+)|(?:\\x22(?:[\\x01-\\x08\\x0B\\x0C\\x0E-\\x1F\\x21\\x23-\\x5B\\x5D-\\x7F]|(?:\\x5C[\\x00-\\x7F]))*\\x22)))*@(?:(?:(?!.*[^.]{64,})(?:(?:(?:xn--)?[a-z0-9]+(?:-+[a-z0-9]+)*\\.){1,126}){1,}(?:(?:[a-z][a-z0-9]*)|(?:(?:xn--)[a-z0-9]+))(?:-+[a-z0-9]+)*)|(?:\\[(?:(?:IPv6:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){7})|(?:(?!(?:.*[a-f0-9][:\\]]){7,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?::(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?)))|(?:(?:IPv6:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){5}:)|(?:(?!(?:.*[a-f0-9]:){5,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3})?::(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3}:)?)))?(?:(?:25[0-5])|(?:2[0-4][0-9])|(?:1[0-9]{2})|(?:[1-9]?[0-9]))(?:\\.(?:(?:25[0-5])|(?:2[0-4][0-9])|(?:1[0-9]{2})|(?:[1-9]?[0-9]))){3}))\\]))$/iD';

//eliminate every char except 0-9
$phone_num = preg_replace("/[^0-9]/", '', $phone);

//eliminate leading 1 if its there
if (strlen($phone_num) == 11)
	$phone_num = preg_replace("/^1/", '', $phone_num);

if (!$email || preg_match($pattern, $email) !== 1 || !$fname || strlen($phone_num) != 10) {
    die("Error: An email address, first name, and last name are required.");
}
if ($gender && $gender !== 'm' && $gender !== 'f') {
    die("Error: An invalid gender was given.");
}

$conn = mysql_connect(":/tmp/mysql.sock", "root", "");
if (!$conn) {
    die("MySQL connection error: " . mysql_error());
}
mysql_select_db("mileslinden", $conn);

$query = sprintf(
    "INSERT INTO subscribers (`email`, `full_name`, `phone`, `gender`, `join_date`) ".
    "VALUES ('%s', '%s', '%s', '%s', '%s')",
    mysql_real_escape_string($email),
    mysql_real_escape_string($fname),
    mysql_real_escape_string($phone),
    mysql_real_escape_string($gender),
    date("Y-m-d H:i:s")
);
$res = mysql_query($query);

if (!$res) {
    die("MySQL query error: " . mysql_error());
}

mysql_close($conn);

?>
<!DOCTYPE HTML>
<html lang="en">
    <head>
        <meta charset="utf-8">
        <title>Miles Linden for San Jose City Council</title>
    </head>
    <body>
        <h1>You have subscribed successfully!</h1>
    </body>
</html>
added Join section 2021-05-05 22:35:51 -07:00			`<?php`

			`$email = $_POST['email'];`
			`$fname = $_POST['full_name'];`
			`$phone = $_POST['phone'];`
			`$gender = $_POST['gender'];`

			$pattern = '/^(?!(?:(?:\\x22?\\x5C[\\x00-\\x7E]\\x22?)\|(?:\\x22?[^\\x5C\\x22]\\x22?)){255,})(?!(?:(?:\\x22?\\x5C[\\x00-\\x7E]\\x22?)\|(?:\\x22?[^\\x5C\\x22]\\x22?)){65,}@)(?:(?:[\\x21\\x23-\\x27\\x2A\\x2B\\x2D\\x2F-\\x39\\x3D\\x3F\\x5E-\\x7E]+)\|(?:\\x22(?:[\\x01-\\x08\\x0B\\x0C\\x0E-\\x1F\\x21\\x23-\\x5B\\x5D-\\x7F]\|(?:\\x5C[\\x00-\\x7F]))\\x22))(?:\\.(?:(?:[\\x21\\x23-\\x27\\x2A\\x2B\\x2D\\x2F-\\x39\\x3D\\x3F\\x5E-\\x7E]+)\|(?:\\x22(?:[\\x01-\\x08\\x0B\\x0C\\x0E-\\x1F\\x21\\x23-\\x5B\\x5D-\\x7F]\|(?:\\x5C[\\x00-\\x7F]))\\x22)))@(?:(?:(?!.[^.]{64,})(?:(?:(?:xn--)?[a-z0-9]+(?:-+[a-z0-9]+)\\.){1,126}){1,}(?:(?:[a-z][a-z0-9])\|(?:(?:xn--)[a-z0-9]+))(?:-+[a-z0-9]+))\|(?:\\[(?:(?:IPv6:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){7})\|(?:(?!(?:.[a-f0-9][:\\]]){7,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?::(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?)))\|(?:(?:IPv6:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){5}:)\|(?:(?!(?:.*[a-f0-9]:){5,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3})?::(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3}:)?)))?(?:(?:25[0-5])\|(?:2[0-4][0-9])\|(?:1[0-9]{2})\|(?:[1-9]?[0-9]))(?:\\.(?:(?:25[0-5])\|(?:2[0-4][0-9])\|(?:1[0-9]{2})\|(?:[1-9]?[0-9]))){3}))\\]))$/iD';

			`//eliminate every char except 0-9`
			`$phone_num = preg_replace("/[^0-9]/", '', $phone);`

			`//eliminate leading 1 if its there`
			`if (strlen($phone_num) == 11)`
			`$phone_num = preg_replace("/^1/", '', $phone_num);`

			`if (!$email \|\| preg_match($pattern, $email) !== 1 \|\| !$fname \|\| strlen($phone_num) != 10) {`
			`die("Error: An email address, first name, and last name are required.");`
			`}`
			`if ($gender && $gender !== 'm' && $gender !== 'f') {`
			`die("Error: An invalid gender was given.");`
			`}`

			`$conn = mysql_connect(":/tmp/mysql.sock", "root", "");`
			`if (!$conn) {`
			`die("MySQL connection error: " . mysql_error());`
			`}`
			`mysql_select_db("mileslinden", $conn);`

			`$query = sprintf(`
			"INSERT INTO subscribers (`email`, `full_name`, `phone`, `gender`, `join_date`) ".
			`"VALUES ('%s', '%s', '%s', '%s', '%s')",`
			`mysql_real_escape_string($email),`
			`mysql_real_escape_string($fname),`
			`mysql_real_escape_string($phone),`
			`mysql_real_escape_string($gender),`
			`date("Y-m-d H:i:s")`
			`);`
			`$res = mysql_query($query);`

			`if (!$res) {`
			`die("MySQL query error: " . mysql_error());`
			`}`

			`mysql_close($conn);`

			`?>`
			`<!DOCTYPE HTML>`
			`<html lang="en">`
			`<head>`
			`<meta charset="utf-8">`
			`<title>Miles Linden for San Jose City Council</title>`
			`</head>`
			`<body>`
			`<h1>You have subscribed successfully!</h1>`
			`</body>`
			`</html>`