<div data-role="content" >
<?php
if (isset($_POST["first"]) && $_POST["first"] != '' && !isset($_COOKIE["ycprofile"])) {
//clean first - always clean variables
$fname = filter_var($_POST["first"], FILTER_SANITIZE_STRING);
$lname = filter_var($_POST["last"], FILTER_SANITIZE_STRING);
$phone = filter_var($_POST["phone"], FILTER_SANITIZE_STRING);
$email = filter_var($_POST["email"], FILTER_SANITIZE_STRING);
$link = ConnectToDBi('yakimaconnect');
$sql = "INSERT INTO `user`\r\n\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t `firstName` \t= '{$fname}',\r\n\t\t\t\t\t\t\t `lastName` \t= '{$lname}',\r\n\t\t\t\t\t\t\t `phone`\t\t\t= '{$phone}',\r\n\t\t\t\t\t\t\t `email`\t\t\t= '{$email}'\t\t\r\n\t\t\t\t";
//echo $sql;
mysqli_query($link, $sql);
mysqli_close($link);
setcookielive('ycprofile', $email, time() + 2629743, '/', 'yakimawa.gov');
//set the cookie with the email address
setcookielive('ycname', $fname, time() + 2629743, '/', 'yakimawa.gov');
//set the cookie with the email address
header('Location: ./');
} elseif (isset($_POST["first"]) && $_POST["first"] != '' && $_COOKIE["ycprofile"] != '') {
//clean first - always clean variables
$fname = filter_var($_POST["first"], FILTER_SANITIZE_STRING);
$lname = filter_var($_POST["last"], FILTER_SANITIZE_STRING);
$phone = filter_var($_POST["phone"], FILTER_SANITIZE_STRING);
$email = filter_var($_POST["email"], FILTER_SANITIZE_STRING);
$link = ConnectToDBi('yakimaconnect');
$sql = "UPDATE `user`\r\n\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t `firstName` \t= '{$fname}',\r\n\t\t\t\t\t\t\t `lastName` \t= '{$lname}',\r\n\t\t\t\t\t\t\t `phone`\t\t\t= '{$phone}'\r\n\t\t\t\t\t\t\t WHERE\r\n\t\t\t\t\t\t\t `email`\t\t\t= '{$email}'\t\t\r\n\t\t\t\t";
//echo $sql;
mysqli_query($link, $sql);
mysqli_close($link);
header('Location: ./');
}
$phone = filter_var($_POST["phone"], FILTER_SANITIZE_STRING);
$email = filter_var($_POST["email"], FILTER_SANITIZE_STRING);
if (isset($_POST["inprocess"]) && $_POST["inprocess"] != '') {
$inprocess = filter_var($_POST["inprocess"], FILTER_SANITIZE_STRING);
}
//look up the user
$link = ConnectToDBi('yakimaconnect');
$sql = "SELECT * FROM `user` WHERE `email` = '{$email}' AND `phone` LIKE '%{$phone}%' LIMIT 0,1";
$result = mysqli_query($link, $sql);
$row = mysqli_fetch_assoc($result);
$num = mysqli_num_rows($result);
mysqli_close($link);
if ($num > 0) {
//if we found the user, log them in by setting the cookie
setcookielive('ycprofile', $email, time() + 2629743, '/', 'yakimawa.gov');
setcookielive('ycname', $row["firstName"], time() + 2629743, '/', 'yakimawa.gov');
//set the cookie with the email address and firstname
if (isset($_GET["returnTo"]) && $_GET["returnTo"] != '') {
header("Location: ./{$_GET['returnTo']}");
} else {
header('Location: ./login.php#two');
//send them to the yay! page
}
} else {
//----------------------- DID NOT FIND MATCH
$failed = "<p><strong>Please try again, no user found with that email and phone.</strong></p>";
//diplay a message if you failed login
echo $failed;
}
} else {
if (isset($_POST["email"]) && $_POST["email"] != '' && $_POST["phone"] == '') {
