<? require_once('include/init.php');
check_authhmac_GET();
if (!isset($_GET['ppl_vn']) ||
	!isset($_GET['ppl_tv']) ||
	!isset($_GET['ppl_an']) ||
	!isset($_GET['ppl_email']) ||
	!isset($_GET['ppl_type']) ||
	( $_GET['ppl_type'] != 'leerling' && $_GET['ppl_type'] != 'personeel' && $_GET['ppl_type'] != 'ouder') ||
	!isset($_GET['ppl_password'])) exit; //impossible
$ppl_vn = htmlspecialchars($_GET['ppl_vn'], ENT_QUOTES, 'UTF-8');
$ppl_tv = htmlspecialchars($_GET['ppl_tv'], ENT_QUOTES, 'UTF-8');
$ppl_an = htmlspecialchars($_GET['ppl_an'], ENT_QUOTES, 'UTF-8');
$ppl_email = htmlspecialchars($_GET['ppl_email'], ENT_QUOTES, 'UTF-8');
if ($_GET['ppl_vn'] == '') exit; //FIXME
if (strlen($ppl_vn) > 64) exit;
if (strlen($ppl_tv) > 16) exit;
if ($_GET['ppl_an'] == '') exit;
if (strlen($ppl_an) > 128) exit;
if ($_GET['ppl_email'] == '') exit;
if (strlen($ppl_email) > 128) exit;
if (!filter_var($_GET['ppl_email'], FILTER_VALIDATE_EMAIL)) exit;
mysql_query_safe("INSERT INTO ppl ( ppl_vn, ppl_tv, ppl_an, ppl_email, ppl_type, ppl_password ) VALUES ( '%s', '%s', '%s', '%s', '%s', '%s' )",
	mysql_escape_safe($ppl_vn), mysql_escape_safe($ppl_tv), mysql_escape_safe($ppl_an), mysql_escape_safe($ppl_email),
	mysql_escape_safe($_GET['ppl_type']), mysql_escape_safe($_GET['ppl_password']));
?>