/
viewBike.php
178 lines (155 loc) · 6.29 KB
/
viewBike.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
<?php
include ("top.php");
?>
<article>
<?php
if(isset($_GET['bikeNum'])){
$bikeNumber = ($_GET['bikeNum']);
}else if(isset($_POST['bikeNum'])) {
$bikeNumber = ($_POST['bikeNum']);
}
$debug = false;
$queryCustomer = 'SELECT fldFirstName, fldLastName, fldEmail '
. 'FROM tblCustomer '
. 'WHERE pmkCustomerId = "' . $currentUser . '"';
$customerInfo = $thisDatabaseReader->select($queryCustomer, "", 1, 0, 2, 0, false, false);
$queryBike = 'SELECT fldPhoto, fldMake, fldModel, fldType, fldCondition, fldTireSize, fldDescription '
. 'FROM tblBike '
. 'WHERE pmkSerialNumber = "' . $bikeNumber . '"';
$bikeInfo = $thisDatabaseReader->select($queryBike, "", 1, 0, 2, 0, false, false);
$queryDonor = 'SELECT fldFirstName, fldLastName, fldEmail '
. 'FROM tblCustomer, tblBike '
. 'WHERE fnkCustomerId = pmkCustomerId '
. 'AND pmkSerialNumber = "' . $bikeNumber . '"';
$donorInfo = $thisDatabaseReader->select($queryDonor, "", 1, 1, 2, 0, false, false);
$yourURL = $domain . $phpSelf;
$bikeMessage = "";
$to = "";
$bikeMessageERROR = false;
$errorMsg = array();
$dataRecord = array();
$mailed = false;
?>
<h2>Bike Number: <?php print $bikeNumber ?></h2>
<section id="viewSection">
<section id="viewImage">
<img src="images/<?php print $bikeNumber ?>.jpg" class="browseImage">
</section>
<section id="viewBikeInfo">
<h3>Bike Information:</h3>
<?php
foreach($bikeInfo as $bike){
print"<p>Make: " . $bike['fldMake'] . "</p>";
print"<p>Model: " . $bike['fldModel'] . "</p>";
print"<p>Type: " . $bike['fldType'] . "</p>";
print"<p>Tire Size: " . $bike['fldTireSize'] . '"' . "</p>";
print"<p>Description: " . $bike['fldDescription'] . "</p>";
}
?>
</section>
<section id="viewDonor">
<h3>Contact Information:</h3>
<?php
foreach($donorInfo as $donor){
print"<p>" . $donor['fldFirstName'] . " " . $donor['fldLastName'] . "</p>";
print"<p>" . $donor['fldEmail'] . "</p>";
print"<p>" . $donor['fldPhone'] . "</p>";
}
?>
</section>
</section>
<?php
if (isset($_POST["btnSubmit"])) {
if (!securityCheck($path_parts, $yourURL, true)) {
print "<p>From: " . $fromPage . " should match your Url: " . $yourURL . "</p>";
$msg = "<p>Sorry you cannot access this page. ";
$msg.= "Security breach detected and reported</p>";
die($msg);
}
$bikeMessage = htmlentities($_POST["txtBikeMessage"],ENT_QUOTES,"UTF-8");
$dataRecord[] = $bikeMessage;
if ($bikeMessage == "") {
$errorMsg[] = "Please enter something";
$bikeMessageERROR = true;
}
// } elseif (!verifyAlphaNum($bikeMessage)) {
// $errorMsg[] = "Your message appears to have extra character.";
// $bikeMessageERROR = true;
// }
if(!$errorMsg){
$message = '<h2>Customer Message:<h2>';
$message .= '<h3>From: ' . $customerInfo[0]['fldFirstName'] . " " . $customerInfo[0]['fldLastName'] . " " . $customerInfo[0]['fldEmail'] . '</h3>';
$message .= "<p>";
$message .= $bikeMessage;
$to = $donorInfo[0]['fldEmail'];//$donorInfo[0][2]; // the person who filled out the form
$cc = "";
$bcc = "";
$from = $customerInfo[0]['fldEmail'];
// subject of mail should make sense to your form
$todaysDate = strftime("%x");
$subject = "Sent: " . $todaysDate;
$mailed = sendMail_1($to, $cc, $bcc, $from, $subject, $message);
}
}
?>
<article id="main">
<?php
if (isset($_POST["btnSubmit"]) AND empty($errorMsg)) { // closing of if marked with: end body submit
print "<div class='requestText'>";
print "<h1>Your Request has ";
if (!$mailed) {
print "not ";
}
print "been processed</h1>";
print "<p>A copy of this message has ";
if (!$mailed) {
print "not ";
}
print "been sent</p>";
print "<p>To: " . $to . "</p>";
print "<p>Mail Message:</p>";
print $bikeMessage;
print "</div>";
} else {
//####################################
//
// SECTION 3b Error Messages
//
// display any error messages before we print out the form
if ($errorMsg) {
print '<div id="errors">';
print "<ol>\n";
foreach ($errorMsg as $err) {
print "<li>" . $err . "</li>\n";
}
print "</ol>\n";
print '</div>';
}
?>
<form action="<?php print $phpSelf . "?bikeNum=" . $bikeNumber; ?>"
method="post"
id="frmRegister">
<fieldset class="wrapper">
<legend id ="formLegend">Email the Bike Donor</legend>
<label for="txtBikeMessage" class="required">Message:
<input type="text" id="txtBikeMessage" name="txtBikeMessage"
value="<?php print$bikeMessage ?>"
tabIndex="10" maxLength="160" placeholder="Enter a Message"
<?php if (bikeMessageERROR) print 'class="mistake"' ?>
onfocus="this.select()"
autofocus>
</label>
</fieldset>
<fieldset class="buttons">
<legend></legend>
<input type="submit" id="btnSubmit" name="btnSubmit" value="Register" tabindex="900" class="button">
</fieldset>
</form>
<?php
}
?>
</article>
</article>
<?php include ("footer.php") ?>
</body>
</html>