/
register.php
325 lines (283 loc) · 12.4 KB
/
register.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
<?php
include ("top.php");
?>
<article class='mainArt'>
<div class='headDiv'>
<h1 class="hHead">Registration</h1>
</div>
<?php
$debug = false;
if (isset($_GET["debug"])) {
$debug = true;
}
if ($debug)
print "<p>DEBUG MODE IS ON</p>";
$yourURL = $domain . $phpSelf;
$firstName = "";
$lastName = "";
$email = "";
$address = "";
$netId = "";
$phone = "";
$mountain = true;
$road = false;
$bmx = false;
$other = false;
$firstNameERROR = false;
$lastNameERROR = false;
$emailERROR = false;
$addressERROR = false;
$idERROR = false;
$phoneERROR = false;
$errorMsg = array();
$dataRecord = array();
$checkRecord = "";
$mailed=false;
if (isset($_POST["btnSubmit"])) {
if (!securityCheck($path_parts, $yourURL, true)) {
print "<p>From: " . $fromPage . " should match your Url: " . $yourURL . "</p>";
$msg = "<p>Sorry you cannot access this page. ";
$msg.= "Security breach detected and reported</p>";
die($msg);
}
$netId = htmlentities($_POST["txtId"],ENT_QUOTES,"UTF-8");
$dataRecord[] = $netId;
$firstName = htmlentities($_POST["txtFirstName"], ENT_QUOTES, "UTF-8");
$dataRecord[] = $firstName;
$lastName = htmlentities($_POST["txtLastName"], ENT_QUOTES, "UTF-8");
$dataRecord[] = $lastName;
$email = filter_var($_POST["txtEmail"], FILTER_SANITIZE_EMAIL);
$dataRecord[] = $email;
$address = htmlentities($_POST["txtAddress"], ENT_QUOTES, "UTF-8");
$dataRecord[] = $address;
$phone = htmlentities($_POST["txtPhone"],ENT_QUOTES,"UTF-8");
$dataRecord[] = $phone;
if(isset($_POST["chkMountain"])) {
$mountain = true;
$checkRecord .= "Mountain ";
}
if(isset($_POST["chkRoad"])) {
$road = true;
$checkRecord .= "Road ";
}
if(isset($_POST["chkBMX"])) {
$bmx = true;
$checkRecord .= "BMX ";
}
if(isset($_POST["chkOther"])) {
$other = true;
$checkRecord .= "Other ";
}
if ($firstName == "") {
$errorMsg[] = "Please enter your first name";
$firstNameERROR = true;
} elseif (!verifyAlphaNum($firstName)) {
$errorMsg[] = "Your first name appears to have extra character.";
$firstNameERROR = true;
}
if ($lastName == "") {
$errorMsg[] = "Please enter your last name";
$lastNameERROR = true;
} elseif (!verifyAlphaNum($lastName)) {
$errorMsg[] = "Your first name appears to have extra character.";
$lastNameERROR = true;
}
if ($email == "") {
$errorMsg[] = "Please enter your email address";
$emailERROR = true;
} elseif (!verifyEmail($email)) {
$errorMsg[] = "Your email address appears to be incorrect.";
$emailERROR = true;
}
if ($address == "") {
$errorMsg[] = "Please enter your address";
$addressERROR = true;
} elseif (!verifyAlphaNum($address)) {
$errorMsg[] = "Your address appears to be incorrect.";
$addressERROR = true;
}
if ($netId == "") {
$errorMsg[] = "Please enter your net ID";
$idERROR = true;
} elseif (!verifyAlphaNum($netId)) {
$errorMsg[] = "Your net ID appears to be incorrect.";
$idERROR = true;
}
if ($phone == "") {
$errorMsg[] = "Please enter your net ID";
$phoneERROR = true;
} elseif (!verifyAlphaNum($phone)) {
$errorMsg[] = "Your phone number appears to be incorrect.";
$phoneERROR = true;
}
if (!$errorMsg) {
if ($debug){
print "<p>Form is valid</p>";
}
$query = "INSERT INTO tblCustomer "
. "(pmkCustomerId, fldFirstName, fldLastName, fldEmail, fldAddress, fldPhone, fldType) VALUES "
. "(?, ?, ?, ?, ?, ?, '" . $checkRecord . "')";
$results = $thisDatabaseWriter->insert($query, $dataRecord, 0, 0, 2, 0, false, false);
$message = '<h2>Your Information:</h2>';
$message_admin = '<h2>Customer Information:</h2>';
foreach ($_POST as $key => $value) {
if($key != "btnSubmit"){
$message .= "<p>";
$message_admin .= "<p>";
$camelCase = preg_split('/(?=[A-Z])/', substr($key, 3));
foreach ($camelCase as $one) {
$message .= $one . " ";
$message_admin .= $one . " ";
}
$message .= " = " . htmlentities($value, ENT_QUOTES, "UTF-8") . "</p>";
$message_admin .= " = " . htmlentities($value, ENT_QUOTES, "UTF-8") . "</p>";
}
}
$to = $email; // the person who filled out the form
$cc = "";
$bcc = "";
$from = "Bike Shop <noreply@email.com>";
// subject of mail should make sense to your form
$todaysDate = strftime("%x");
$subject = "Registration: " . $todaysDate;
$mailed = sendMail_1($to, $cc, $bcc, $from, $subject, $message);
$mailed_josh = sendMail_1("jrdyke@uvm.edu", $cc, $bcc, $from, $subject, $message_admin);
$mailed_blaine = sendMail_1("bandreol@uvm.edu", $cc, $bcc, $from, $subject, $message_admin);
}
}
?>
<article id="main">
<?php
if (isset($_POST["btnSubmit"]) AND empty($errorMsg)) { // closing of if marked with: end body submit
print "<div class='requestText'>";
print "<h1>Your Request has ";
if (!$mailed) {
print "not ";
}
print "been processed</h1>";
print "<p>A copy of this message has ";
if (!$mailed) {
print "not ";
}
print "been sent</p>";
print "<p>To: " . $email . "</p>";
print "<p>Mail Message:</p>";
print $message;
print "</div>";
} else {
//####################################
//
// SECTION 3b Error Messages
//
// display any error messages before we print out the form
if ($errorMsg) {
print '<div id="errors">';
print "<ol>\n";
foreach ($errorMsg as $err) {
print "<li>" . $err . "</li>\n";
}
print "</ol>\n";
print '</div>';
}
?>
<form action="<?php print $phpSelf; ?>"
method="post"
id="frmRegister">
<fieldset class="wrapper">
<legend id="formLegend">Register Today</legend>
<p id="formText">Fill out the form to register</p>
<fieldset class="wrapperTwo">
<legend>Please Complete the Following Form</legend>
<fieldset class="contact">
<legend>Contact Information</legend>
<label for="txtFirstName" class="required">First Name:
<input type="text" id="txtFirstName" name="txtFirstName"
value="<?php print $firstName; ?>"
tabindex="100" maxlength="45" placeholder="Enter your first name"
<?php if ($firstNameERROR) print 'class="mistake"'; ?>
onfocus="this.select()"
autofocus>
</label>
<label for="txtLastName" class="required">Last Name:
<input type="text" id="txtLastName" name="txtLastName"
value="<?php print $LastName; ?>"
tabindex="110" maxlength="45" placeholder="Enter your last name"
<?php if ($lastNameERROR) print 'class="mistake"'; ?>
onfocus="this.select()"
autofocus>
</label>
<label for="txtEmail" class="required">Email:
<input type="text" id="txtEmail" name="txtEmail"
value="<?php print $email ?>"
tabindex="120" maxlength="45" placeholder="Enter a valid email address"
<?php if ($emailERROR) print 'class="mistake"'; ?>
onfocus="this.select()"
autofocus>
</label>
<label for="txtAddress" class="required">Address:
<input type="text" id="txtAddress" name="txtAddress"
value="<?php print $address ?>"
tabindex="130" maxlength="45" placeholder="Enter a valid address"
<?php if ($addressERROR) print 'class="mistake"'; ?>
onfocus="this.select()"
autofocus>
</label>
<label for="txtId" class="required">Net ID:
<input type="text" id="txtId" name="txtId"
value="<?php print $netId ?>"
tabindex="140" maxlength="45" placeholder="Enter a valid net ID"
<?php if ($idERROR) print 'class="mistake"'; ?>
onfocus="this.select()"
autofocus>
</label>
<label for="txtPhone" class="required">Phone Number:
<input type="text" id="txtPhone" name="txtPhone"
value="<?php print $phoneId ?>"
tabindex="150" maxlength="45" placeholder="Enter a valid phone number"
<?php if ($phoneERROR) print 'class="mistake"'; ?>
onfocus="this.select()"
autofocus>
</label>
</fieldset>
<fieldset class="checkbox">
<legend>What bike's are you interested in?</legend>
<label class="checkText"><input type="checkbox"
id="chkMountain"
name="chkMountain"
value="Mountain Bike"
<?php if ($mountain) print ' checked '; ?>
tabindex="160">Mountain Bike</label>
<label class="checkText"><input type="checkbox"
id="chkRoad"
name="chkRoad"
value="Road Bike"
<?php if ($road) print ' checked '; ?>
tabindex="170">Road Bike</label>
<label class="checkText"><input type="checkbox"
id="chkBMX"
name="chkBMX"
value="BMX"
<?php if ($bmx) print ' checked '; ?>
tabindex="180">BMX</label>
<label class="checkText"><input type="checkbox"
id="chkOther"
name="chkOther"
value="Other"
<?php if ($other) print ' checked '; ?>
tabindex="190">Other</label>
</fieldset>
</fieldset>
<fieldset class="buttons">
<legend></legend>
<input type="submit" id="btnSubmit" name="btnSubmit" value="Register" tabindex="900" class="button">
</fieldset>
</fieldset>
</form>
<?php
}
?>
</article>
</article>
<?php include "footer.php"; ?>
</body>
</html>