if (!$name) { $nameErr = "Please enter a name."; } $date = test_input($_POST['date']); if (!$date) { $dateErr = "Please enter a date."; } $time = test_input($_POST['time']); if (!$time) { $timeErr = "Please enter a time."; } $street_address = test_address($_POST['street_address']); if (!$street_address) { $addressErr = "Please enter a street address less than 40 characters."; } $zipcode = test_zipcode($_POST['zipcode']); if (!$zipcode) { $zipcodeErr = "Please enter a valid zipcode."; } $num_meals = test_num_meals($_POST['quantity']); if (!$num_meals) { $numMealsErr = "Please enter a valid number."; } if (!($nameErr || $dateErr || $timeErr || $numMealsErr || $addressErr || $zipcodeErr)) { submit($name, $date, $time, $num_meals, $street_address, $zipcode, 0, $store, $user, $pass); //TODO: give confirmation and clear form } } function submit($name, $date, $time, $num_meals, $street_address, $zipcode, $recurring, $store, $user, $pass) { try {
require 'creds.php'; require 'queries.php'; require 'validation.php'; // now greet the sender header("content-type: text/xml"); echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"; //establish database connection try { $DBH = new PDO("mysql:host=localhost;dbname=hudsonhack", $user, $pass); $DBH->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); } catch (PDOException $e) { echo $e->getMessage(); } $msg = ""; $body = strtolower($_REQUEST['Body']); if (test_zipcode($body)) { $statement = $DBH->prepare($getInfo); $lim = 4; $statement->bindParam(':zip', $body, PDO::PARAM_STR); $statement->bindParam(':lim', $lim, PDO::PARAM_INT); $statement->execute(); $rows = $statement->fetchAll(); foreach ($rows as $row) { $datetime_obj = DateTime::createFromFormat('Y-m-j H:i:s', $row['datetime']); $datetime = $datetime_obj->format('m/j/Y h:ia'); $msg .= $datetime . " " . $row['street_address'] . ",\r\n"; } if ($msg === "") { $msg = "Sorry, there are no events in this zipcode at this time."; } } else {
<?php require 'creds.php'; require 'queries.php'; require 'validation.php'; $emptymsg = $list_events = ''; if ($_SERVER["REQUEST_METHOD"] == "POST") { try { $DBH = new PDO("mysql:host=localhost;dbname=hudsonhack", $user, $pass); $DBH->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); } catch (PDOException $e) { echo $e->getMessage(); } $zip = test_input($_POST['zipcode']); if (test_zipcode($zip)) { $statement = $DBH->prepare($getInfo); $lim = 20; $statement->bindParam(':zip', $zip, PDO::PARAM_STR); $statement->bindParam(':lim', $lim, PDO::PARAM_INT); $statement->execute(); $rows = $statement->fetchAll(); if ($rows) { $list_events .= '<ul class="list-events">'; $list_events .= '<li class="event-item">' . '<h3 class="event-item-header" id="search-zip-title">' . 'Zipcode: ' . $zip . '</h3>' . '</li>'; foreach ($rows as $row) { $datetime_obj = DateTime::createFromFormat('Y-m-j H:i:s', $row['datetime']); $datetime = $datetime_obj->format('l M j, Y g:i A'); $meal_string = $row['num_meals'] === 1 ? 'meal available' : 'meals available'; $list_events .= '<li class="event-item">' . '<h3 class="event-item-header">' . $row['name'] . '</h3>' . $row['street_address'] . ' ' . '</br>' . $datetime . '</br>' . $row['num_meals'] . ' meals available' . '</li>'; } $list_events .= '</ul>';