> simply check the required fields $required=array('name','email'); checkBlockedNames($name); if ($action=="postInfo") { if (!$name || !$email || !preg_match("/^([\w\-]+\.)*[\w\-]+@([\w\-]+\.)+([\w\-]{2,4})$/",$email) || !is_array($events)) { $javascript="alert('Please enter a valid email address, your name and your phone number as well as at least one event in order to register for an event.');\n"; $action=""; } else { $fillIN=array('name','address','city','state','country','postalcode','email','phone'); checkProfanity("name,address,city,state,country,postalcode,email,phone"); foreach ($fillIN as $loop) { $$loop=preg_replace("/\"/",""",$$loop); } ###>> test if they have already submitted list ($testDup)=get_mysql("select tid from tickets where name=\"$name\" && email=\"$email\"",10); if ($testDup) { $ID=$testDup; } else { ###>> first do insert for info, then do event inserts if (!$guests) {$guests=1;} get_mysql("insert into tickets (tid,name,address,city,state,zip,Country,phone,email,submitted,HTTPHOST,guests) values (null,\"$name\",\"$address\",\"$city\",\"$state\",\"$zip\",\"$country\",\"$phone\",\"$email\",now(),\"$HTTP_HOST\",\"$guests\")",3); $ID=mysql_insert_id(); } foreach ($events as $loop) { ###>> check dup list ($test)=get_mysql("select tid from ticketevents where tid='$ID' && eid='$loop'",10); if (!$test) { get_mysql("insert into ticketevents (tid,eid) values ('$ID','$loop')",3); } } $results=get_mysql("select ticketevents.eid,City,Country,Address,date_format(Happening,\"%d-%b-%Y\"),TypeEvent from events,ticketevents where events.eid=ticketevents.eid && ticketevents.tid='$ID'",1); if (is_array($results)) { foreach ($results as $loop) { list ($tEID,$city,$country,$address,$happening,$type)=$loop; $address=preg_replace("/\'/","\\\'",$address); # `rm -f /usr/web/reopen911.org/html/images/tmp/$ID.$tEID.ticket.jpg`; # $crap=`/usr/local/bin/convert -gravity center -font Helvetica-Bold -pointsize 20 -fill crap -draw "text 10,0 '$name\n$city, $country\n$type\n$happening\n\n\n\n$address'" /usr/web/reopen911.org/html/images/ticket.jpg /usr/web/reopen911.org/html/images/tmp/$ID.$tEID.ticket.jpg`; # $crap=`/usr/local/bin/convert -gravity center -font Helvetica-Bold -pointsize 24 -fill crap -draw "text 10,0 '$name\n$city, $country\n$type\n$happening\n\n\n\n$address'" /usr/web/reopen911.org/html/images/ticket.jpg /usr/web/reopen911.org/html/images/tmp/$ID.$tEID.ticket.jpg`; `/usr/local/bin/convert -font Helvetica-Bold -pointsize 24 -fill black -draw "text 325,95 ' $name\n $city, $country\n $type\n $happening\n Admit $guests\n\n'" /usr/web/reopen911.org/html/images/ticket.jpg /usr/web/reopen911.org/html/images/tmp/$ID.$tEID.ticket.jpg`; `/usr/local/bin/convert -gravity center -font Helvetica-Bold -pointsize 15 -fill black -draw "text 130,140 '$address'" /usr/web/reopen911.org/html/images/tmp/$ID.$tEID.ticket.jpg /usr/web/reopen911.org/html/images/tmp/$ID.$tEID.ticket.jpg`; $images.="

"; } } else { echo "no tickets found"; exit; } ###>> last thing, print tickets $html=getFileContents($templates."basic.empty.htm"); $html=preg_replace("/%%JAVASCRIPT%%/",$javascript,$html); $html=preg_replace("/%%ERROR%%/",$errorOnPage,$html); $html=preg_replace("/%%SCRIPT%%/",$script,$html); $html=preg_replace("/%%CONTENT%%/","Here are your tickets (print):

$images",$html); $html=preg_replace("/%%TITLE%%/","Ticket Order",$html); $html=preg_replace("/%%SCRIPT%%/",$script,$html); $html=preg_replace("/%%ENC%%/","",$html); echo $html; exit; } } if ($action=="") { ###>> get events $results=get_mysql("select eid,City,Country,Address,date_format(Happening,\"%d-%b-%Y\"),TypeEvent,status from events where status='active' && Happening>now() order by country,city,Happening",1); if (is_array($results)) { foreach ($results as $loop) { list ($eid,$City,$Country,$Address,$Happening,$TypeEvent,$status)=$loop; $eventOptions.="$City, $Country - $TypeEvent, $Happening\n"; } } $html=getFileContents($templates."basic.empty.htm"); $html=preg_replace("/%%JAVASCRIPT%%/",$javascript,$html); $html=preg_replace("/%%ERROR%%/",$errorOnPage,$html); $html=preg_replace("/%%SCRIPT%%/",$script,$html); $fillIN=array('name','address','city','state','country','postalcode','email','phone'); checkProfanity("name,address,city,state,country,postalcode,email,phone"); foreach ($fillIN as $loop) { $$loop=preg_replace("/\"/",""",$$loop); } $countryOptions=get_countries(); if ($country) { $selectedCountry="$country\n"; } $content="

I would like tickets for the following events: (Ctrl + click to select multiple)
$eventOptions
*Name:
Address:
City:
State/Locality:
Postal Code:
Country:	$countryOptions $selectedCountry
Phone:
Total of Guests:
*Email:

"; $html=preg_replace("/%%CONTENT%%/",$content,$html); $html=preg_replace("/%%TITLE%%/","Ticket Order",$html); $html=preg_replace("/%%SCRIPT%%/",$script,$html); $html=preg_replace("/%%ENC%%/","",$html); echo $html; exit; } /////////////////////////////// function checkProfanity($tmp) /////////////////////////////// { $head=`head -n 1 profanity.txt`; $head=preg_replace("/\s+$/","",$head); $profanityArray=array(); $profanityArray=preg_split("/,/",$head); $chkThis=array(); $chkThis=preg_split("/,/",$tmp); foreach ($chkThis as $loop) { foreach ($profanityArray as $loopTwo) { if (preg_match("/$loopTwo/",$$loop)) { $blocked=1; } } } if ($blocked) { ///>> put ip in file $remote=$_SERVER{REMOTE_ADDR}; `echo $remote >> ./blocked.ips.txt`; echo "The use of profanity in this form in prohibited and you have been blocked from submitting your comments."; exit; } } ?>