X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fguest%2Fwhat-register.php;h=59ffc72e760046b2cddf5d194575dcf238e4fba4;hb=c223dd6de45036321ef0bc195e25af0678f5d1f1;hp=7303c4895d832b45a1285ba1aa44cfd5763e9ab5;hpb=c3e061c0d6fc0ee8778ebaebf1c05cf2bf126703;p=mailer.git diff --git a/inc/modules/guest/what-register.php b/inc/modules/guest/what-register.php index 7303c4895d..59ffc72e76 100644 --- a/inc/modules/guest/what-register.php +++ b/inc/modules/guest/what-register.php @@ -167,7 +167,7 @@ if (isset($_POST['ok'])) { // Not found so we set your refid! $_POST['refid'] = $_CONFIG['def_refid']; - @setcookie("refid", $_CONFIG['def_refid'], (time() + $_CONFIG['online_timeout']), COOKIE_PATH); + set_session("refid", $_CONFIG['def_refid']); } // Free memory @@ -306,26 +306,26 @@ array( 'hash' => $hash, 'uid' => $userid, 'salut' => $sex, - 'surname' => $_POST['surname'], - 'family' => $_POST['family_name'], - 'email' => $_POST['addy'], - 'street' => $_POST['street_nr'], - 'city' => $_POST['city'], + 'surname' => SQL_ESCAPE($_POST['surname']), + 'family' => SQL_ESCAPE($_POST['family_name']), + 'email' => SQL_ESCAPE($_POST['addy']), + 'street' => SQL_ESCAPE($_POST['street_nr']), + 'city' => SQL_ESCAPE($_POST['city']), 'zip' => bigintval($_POST['zip']), 'country' => $countryData, - 'refid' => $_POST['refid'], - 'pass' => $_POST['pass1'], + 'refid' => SQL_ESCAPE($_POST['refid']), + 'pass' => SQL_ESCAPE($_POST['pass1']), ); // Continue with birthday... switch (GET_LANGUAGE()) { case "de": - $DATA['birthday'] = $_POST['day'].".".$_POST['month'].".".$_POST['year']; + $DATA['birthday'] = bigintval($_POST['day']).".".bigintval($_POST['month']).".".bigintval($_POST['year']); break; default: - $DATA['birthday'] = $_POST['month']."/".$_POST['day']."/".$_POST['year']; + $DATA['birthday'] = bigintval($_POST['month'])."/".bigintval($_POST['day'])."/".bigintval($_POST['year']); break; } @@ -416,10 +416,10 @@ array( } // Adds a table for the guests with all visible categories - define ('CATEGORY_SELECTION', REGISTER_ADD_CATEGORY_TABLE("guest", true)); + define('CATEGORY_SELECTION', REGISTER_ADD_CATEGORY_TABLE("guest", true)); // Adds maximum receiveable mails list... :) - define ('MAX_RECEIVE_LIST', ADD_MAX_RECEIVE_LIST("guest", "", true)); + define('MAX_RECEIVE_LIST', ADD_MAX_RECEIVE_LIST("guest", "", true)); // Check if nickname extension is active and get state if nickname is selected or userid $nick = false; @@ -428,7 +428,7 @@ array( // Is the nickname valid? if (!$nick) { // Nope, disable it - if (GET_EXT_VERSION("sql_patches") != "") { + if (GET_EXT_VERSION("sql_patches") != '') { // Use default refid $GLOBALS['refid'] = $_CONFIG['def_refid']; } else { @@ -443,7 +443,7 @@ array( define('REFID_CONTENT', LOAD_TEMPLATE("guest_register_refid", true, $GLOBALS['refid'])); } else { // Load "hide" form template - define ('REFID_CONTENT', LOAD_TEMPLATE("guest_register_refid_hide", true, $GLOBALS['refid'])); + define('REFID_CONTENT', LOAD_TEMPLATE("guest_register_refid_hide", true, $GLOBALS['refid'])); } // You may want to modify the register_header.tpl.xx file and not this script when you add your scripts etc. :-)