The iResturant is open source for web commercial use. SQL Injection occurs because iResturant does not verify email and phone parameters when registering as a member.
/* (...) */
session_start();
require_once('../config/codeGen.php');
require_once('../config/config.php');
require_once('../partials/head.php');