} else { if ($fm_stage == "verify") { if (empty($fm_sessionid)) { display_errorbox("Lost session ID; must log in again."); print_request_login_form(); } else { if (empty($fm_msgid) || empty($fm_listids) && empty($fm_segids) || empty($fm_fromaddr)) { display_errorbox("Unable to send approval request; invalid data."); print_message_select_form($bapi, $fm_sessionid, $fm_msgid, $fm_listids, $fm_segids, $fm_year, $fm_month, $fm_day, $fm_fromaddr, $fm_fromname, $fm_replyaddr); } else { if (strlen($fm_initials) < 2) { display_errorbox("You must enter your initials in order to verify compliance with Senate guidelines."); print_verify_form($fm_sessionid, $fm_msgid, $fm_listids, $fm_segids, $fm_year, $fm_month, $fm_day, $fm_district, $fm_fromaddr, $fm_fromname, $fm_replyaddr, $fm_iscc, $fm_ccemail, $fm_notes, $fm_initials); } else { $dbh = open_db(); $session_rec = db_get_session($dbh, $fm_sessionid); if ($session_rec) { $got_error = false; $username = $session_rec['username']; $reviewer = DEFAULT_REVIEWER; $requserinfo = db_get_user($dbh, $username); $revuserinfo = db_get_user($dbh, $reviewer); if ($requserinfo && $revuserinfo && $requserinfo['email'] && $revuserinfo['email']) { $account_id = $session_rec['account_id']; $account_name = get_account_name($bapi, $account_id); $msg_name = get_message_name($bapi, $fm_msgid); $list_names = get_list_names($bapi, $fm_listids); $seg_names = get_segment_names($bapi, $fm_segids); $req_uuid = generate_request_uuid($account_id); $reqinfo = create_request_info(null, $req_uuid, 0, $username, $reviewer, $fm_sessionid, $account_id, $fm_msgid, $account_name, $msg_name, "{$fm_year}-{$fm_month}-{$fm_day}", $fm_district, $fm_fromaddr, $fm_fromname, $fm_replyaddr, $fm_iscc, $fm_ccemail, null, null, null, null, "AWAITING_REVIEW", $fm_notes, null, $fm_listids, $list_names, $fm_segids, $seg_names, null, null); $rc = db_save_request($dbh, $reqinfo);
function db_save_session($p_dbh, $session_id, $username, $account_id) { $q_insert = "insert into session (id, username, account_id, created_on) values (?,?,?,NOW())"; $q_update = "update session set username=?, account_id=?, created_on=NOW() where id=?"; try { $dbh = $p_dbh == null ? open_db() : $p_dbh; $sess = db_get_session($dbh, $session_id); if ($sess === null) { $q = $q_insert; $vals = array($session_id, $username, $account_id); } else { $q = $q_update; $vals = array($username, $account_id, $session_id); } $dbh->beginTransaction(); $sth = $dbh->prepare($q); $sth->execute($vals); $dbh->commit(); $dbh = null; return true; } catch (PDOException $ex) { echo "Error Message: " . $ex->getMessage(); if ($dbh) { $dbh->rollBack(); $dbh = null; } return false; } }