} else {
if ($fm_stage == "verify") {
if (empty($fm_sessionid)) {
display_errorbox("Lost session ID; must log in again.");
print_request_login_form();
} else {
if (empty($fm_msgid) || empty($fm_listids) && empty($fm_segids) || empty($fm_fromaddr)) {
display_errorbox("Unable to send approval request; invalid data.");
print_message_select_form($bapi, $fm_sessionid, $fm_msgid, $fm_listids, $fm_segids, $fm_year, $fm_month, $fm_day, $fm_fromaddr, $fm_fromname, $fm_replyaddr);
} else {
if (strlen($fm_initials) < 2) {
display_errorbox("You must enter your initials in order to verify compliance with Senate guidelines.");
print_verify_form($fm_sessionid, $fm_msgid, $fm_listids, $fm_segids, $fm_year, $fm_month, $fm_day, $fm_district, $fm_fromaddr, $fm_fromname, $fm_replyaddr, $fm_iscc, $fm_ccemail, $fm_notes, $fm_initials);
} else {
$dbh = open_db();
$session_rec = db_get_session($dbh, $fm_sessionid);
if ($session_rec) {
$got_error = false;
$username = $session_rec['username'];
$reviewer = DEFAULT_REVIEWER;
$requserinfo = db_get_user($dbh, $username);
$revuserinfo = db_get_user($dbh, $reviewer);
if ($requserinfo && $revuserinfo && $requserinfo['email'] && $revuserinfo['email']) {
$account_id = $session_rec['account_id'];
$account_name = get_account_name($bapi, $account_id);
$msg_name = get_message_name($bapi, $fm_msgid);
$list_names = get_list_names($bapi, $fm_listids);
$seg_names = get_segment_names($bapi, $fm_segids);
$req_uuid = generate_request_uuid($account_id);
$reqinfo = create_request_info(null, $req_uuid, 0, $username, $reviewer, $fm_sessionid, $account_id, $fm_msgid, $account_name, $msg_name, "{$fm_year}-{$fm_month}-{$fm_day}", $fm_district, $fm_fromaddr, $fm_fromname, $fm_replyaddr, $fm_iscc, $fm_ccemail, null, null, null, null, "AWAITING_REVIEW", $fm_notes, null, $fm_listids, $list_names, $fm_segids, $seg_names, null, null);
$rc = db_save_request($dbh, $reqinfo);
function db_save_session($p_dbh, $session_id, $username, $account_id)
{
$q_insert = "insert into session (id, username, account_id, created_on) values (?,?,?,NOW())";
$q_update = "update session set username=?, account_id=?, created_on=NOW() where id=?";
try {
$dbh = $p_dbh == null ? open_db() : $p_dbh;
$sess = db_get_session($dbh, $session_id);
if ($sess === null) {
$q = $q_insert;
$vals = array($session_id, $username, $account_id);
} else {
$q = $q_update;
$vals = array($username, $account_id, $session_id);
}
$dbh->beginTransaction();
$sth = $dbh->prepare($q);
$sth->execute($vals);
$dbh->commit();
$dbh = null;
return true;
} catch (PDOException $ex) {
echo "Error Message: " . $ex->getMessage();
if ($dbh) {
$dbh->rollBack();
$dbh = null;
}
return false;
}
}
