<?php
include("inde.php");
include("db1.php");
$ip=$_SERVER['REMOTE_ADDR'];
session_start(); 
if ($_POST["vercode"] != $_SESSION["vercode"] OR $_SESSION["vercode"]=='')  { 
     echo '<strong>Incorrect verification code.</strong>';
     echo '<a href = "register.php"> Go Back </a>';
} else { 
	$stmt = $conn->prepare("INSERT INTO register(name, poster, email, category, ipa, date1) VALUES (:name, :poster, :email, :category, :ip, :date1)");
	
	$input =  htmlspecialchars(addslashes($_POST['name']));
	$input = str_replace(array('&amp;','&lt;','&gt;'), array('&amp;amp;','&amp;lt;','&amp;gt;'), $input);
        $input = preg_replace('/(&#*\w+)[\x00-\x20]+;/u', '$1;', $input);
        $input = preg_replace('/(&#x*[0-9A-F]+);*/iu', '$1;', $input);
        $name = html_entity_decode($input, ENT_COMPAT, 'UTF-8');
	$stmt->bindParam(':name', $name);
	
	$stmt->bindParam(':poster', addslashes($_POST['poster']));
	
	$input = htmlspecialchars(addslashes($_POST['email']));
	$input = str_replace(array('&amp;','&lt;','&gt;'), array('&amp;amp;','&amp;lt;','&amp;gt;'), $input);
        $input = preg_replace('/(&#*\w+)[\x00-\x20]+;/u', '$1;', $input);
        $input = preg_replace('/(&#x*[0-9A-F]+);*/iu', '$1;', $input);
        $email = html_entity_decode($input, ENT_COMPAT, 'UTF-8');
	$stmt->bindParam(':email', $email);
	
	$stmt->bindParam(':category', addslashes($_POST['category']));
	$stmt->bindParam(':ip', $ip);
	$stmt->bindParam(':date1', date("Y/m/d h:i:s A"));
	$email = addslashes($_POST['email']);
	$sql = $conn->prepare("SELECT email FROM register where email = :email");
	$sql->bindValue(':email',$email);
	$sql->execute();
	$row = $sql->rowCount();
	if($row <= 0) {
		if($stmt->execute()) {
	        	echo "<b> <center> <font color = 'blue'> <br>Sucessfully Submitted </font>  </center> </b> <br> <br>";
		}
	}
	else {
			echo "<b> <center> <font color = 'blue'> <br>Already Submitted </font>  </center> </b> <br> <br>";
	}
}
include("bottom.php");
?>