function addCustomer($custdata)
{
$message = "";
if ($custdata["fname"] == "") {
$message .= "First Name must have a value<br />";
}
if ($custdata["lname"] == "") {
$message .= "Last Name must have a value<br />";
}
if ($custdata["address"] == "") {
$message .= "Address must have a value<br />";
}
if ($custdata["city"] == "") {
$message .= "City must have a value<br />";
}
if ($custdata["prov"] == "") {
$message .= "Province must have a value<br />";
}
if ($custdata["post"] == "") {
$message .= "Postal Code must have a value<br />";
} else {
if (!preg_match("/^[a-z]\\d[a-z][- ]?\\d[a-z]\\d\$/i", $custdata["post"])) {
$message .= "Invalid postal code format<br />";
}
}
if ($custdata["phone"] == "") {
$message .= "Phone Number must have a value<br />";
}
if ($message) {
return $message;
} else {
// pass data to database insert function
return customerInsert($custdata);
// print("inserting data");
}
}
}
if ($error = $_REQUEST["CustBusPhone"] == "") {
$_SESSION['busPhoneMessage'] = "Please enter your Business Phone Number";
} else {
$_SESSION["CustBusPhone"] = $_REQUEST["CustBusPhone"];
}
if ($error = $_REQUEST["CustEmail"] == "") {
$_SESSION['emailMessage'] = "Please enter an email address";
} else {
$_SESSION["CustEmail"] = $_REQUEST["CustEmail"];
}
if ($error = $_REQUEST["AgentId"] == "") {
$_SESSION['agentMessage'] = "Please enter an Agent ID";
} else {
$_SESSION["AgentId"] = $_REQUEST["AgentId"];
}
// if error is true...
if ($error) {
// send the messages back to the registration page along with the user.
header("Location: registration.php");
} else {
// otherwise print out a success message
$_SESSION['successfullInsert'] = "<h1>" . $message . "</h1>";
// and run the customerinsert function
customerInsert($_REQUEST);
// set all the sessions to blank
$_SESSION["CustFirstName"] = $_SESSION["CustLastName"] = $_SESSION["CustAddress"] = $_SESSION["CustCity"] = $_SESSION["CustProv"] = $_SESSION["CustPostal"] = $_SESSION["CustCountry"] = $_SESSION["CustHomePhone"] = $_SESSION["CustBusPhone"] = $_SESSION["CustEmail"] = $_SESSION["AgentId"] = "";
header("Location: registration.php");
}
}
}
// $dbh is the connection being used.
// $sql is the code needed to change your DB table
$stmt = mysqli_prepare($dbh, $sql);
// mysqli_stmt_bind_param takes the prepared variable ($stmt) with the connection and SQL code, and replace the ? with the array data.
// It uses the 'sssssssssi' as the types information being passed.
mysqli_stmt_bind_param($stmt, "ssssssssssi", $data['CustFirstName'], $data['CustLastName'], $data['CustAddress'], $data['CustCity'], $data['CustProv'], $data['CustPostal'], $data['CustCountry'], $data['CustHomePhone'], $data['CustBusPhone'], $data['CustEmail'], $data['AgentId']);
// execute all the above steps.
mysqli_stmt_execute($stmt);
// if the number of rows change...
if (mysqli_stmt_affected_rows($stmt)) {
// this returns different values for success and failures. 1 means success and 0 or -1 are failures.
// print this message. This says that rows have changed, but doesn't tell you of it worked properly. Needs to be a 1 not 0 or-1
$message = "Customer added successfully!";
} else {
// this will print if nothing has change or mysqli_stmt_affected_rows returns a 0.
$message = "Adding Customer Failed. Call Technical Support";
}
// always close your table and DB so that it can be accessed by others.
mysqli_close($dbh);
// return the message
return $message;
}
// if someone lands on this page without going through the form page, send them back to the form.
if (!isset($_REQUEST['CustFirstName'])) {
header("Location: day15form.php");
} else {
// validate incoming data. if data not valid, set error message in session
//and send back to form page
$message = customerInsert($_REQUEST);
print "<h2>{$message}</h2>";
}
