function process_form()
{
// INITIAL DATA FETCHING
global $name, $email, $grade;
// so that the show_form function can use these values later
$name = htmlentities(ucwords(trim($_POST['name'])));
$name = preg_replace('/\\s\\s+/', ' ', $name);
$name = preg_replace('/\\-+/', '-', $name);
$email = htmlentities($_POST['email']);
$grade = $_POST['grade'];
$name_msg = validate_name($name);
if ($name_msg !== true) {
show_form($name_msg, 'name');
}
$grade_msg = validate_grade($grade);
if ($grade_msg !== true) {
show_form($grade_msg, 'grade');
}
$recaptcha_msg = validate_recaptcha();
if ($recaptcha_msg !== true) {
show_form($recaptcha_msg, 'recaptcha_response_field');
}
$email_msg = validate_email($email);
if ($email_msg !== true) {
show_form($email_msg, 'email');
}
// ** All information has been validated at this point **
// Create database entry
DB::insert('individuals', array('name' => $name, 'grade' => $grade, 'email' => $email));
$id = DB::insertId();
//Get AUTO_INCREMENT id
// Start outputting the top part of the page, to make it seem responsive while we send the email
lmt_page_header('Individual Registration');
// Send the email
$lmt_year = htmlentities(map_value('year'));
$lmt_date = htmlentities(map_value('date'));
$cost = htmlentities(map_value('indiv_cost'));
$url = get_site_url() . '/LMT';
global $LMT_EMAIL;
$subject = "LMT {$lmt_year} Registration Receipt";
$body = <<<HEREDOC
Hi {$name},
You have successfully registered as an individual for LMT {$lmt_year}!
[b]Please print out this email and bring it to the competition
along with the registration fee of {$cost}[/b].
Date: [b]{$lmt_date}[/b]
Location: Lexington High School [url]http://www.lhsmath.org/LMT/Location[/url]
If you have any questions, please contact us at [email]{$LMT_EMAIL}[/email].
______________________________________________________________
Registration: [b]Individual[/b]
ID: [b]{$id}[/b]
Name: [b]{$name}[/b]
Email: [b]{$email}[/b]
Grade: [b]{$grade}[/b]
______________________________________________________________
HEREDOC;
lmt_send_email(array($email => $name), $subject, $body);
// Show the post-registration message
echo <<<HEREDOC
<h1>Individual Registration</h1>
<div class="text-centered">
You have successfully registered for LMT {$lmt_year}! An email has been sent with more information.
</div>
HEREDOC;
}
function do_change_grade()
{
if ($_POST['xsrf_token'] != $_SESSION['xsrf_token']) {
trigger_error('XSRF code incorrect', E_USER_ERROR);
}
$grade_msg = validate_grade($_POST['grade']);
if ($grade_msg !== true) {
display_individual($grade_msg, 'document.forms[\'lmtDataIndividualGrade\'].grade.focus();');
}
$row = DB::queryFirstRow('SELECT grade FROM individuals WHERE id=%i', $_GET['ID']);
if ($_POST['grade'] == $row['grade']) {
header('Location: Individual?ID=' . $_GET['ID']);
die;
}
DB::queryRaw('UPDATE individuals SET grade="' . mysqli_real_escape_string(DB::get(), $_POST['grade']) . '" WHERE id="' . mysqli_real_escape_string(DB::get(), $_GET['ID']) . '" LIMIT 1');
alert('Grade was changed', 1);
lmt_location('Backstage/Data/Individual?ID=' . $_GET['ID']);
}
function do_edit_member()
{
if ($_POST['xsrf_token'] != $_SESSION['xsrf_token']) {
trigger_error('XSRF code incorrect', E_USER_ERROR);
}
global $name, $grade;
$name = htmlentities(ucwords(trim($_POST['name'])));
$grade = htmlentities($_POST['grade']);
$name_msg = validate_member_name($name);
if ($name_msg !== true) {
show_edit_member_page($name_msg);
}
$grade_msg = validate_grade($grade);
if ($grade_msg !== true) {
show_edit_member_page($grade_msg);
}
$team = DB::queryFirstField('SELECT team FROM individuals WHERE id=%i', $_GET['EditMember']);
$school = DB::queryFirstField('SELECT school FROM teams WHERE team_id=%i', $team);
if ($school != $_SESSION['LMT_user_id']) {
trigger_error('Edit Member: Member does not attend this school', E_USER_ERROR);
}
// ** All information has been validated at this point **
DB::update('individuals', array('name' => $name, 'grade' => $grade), 'id=%i', $_GET['EditMember']);
header('Location: Team?Edit=' . $team);
}
