function uploadContactsInfo($mysqli, $data) { //include format checking function require_once "classes/formatting.php"; $raw_num = $data[1]; $processed_num = cleanSGNum($raw_num); //we check if phone number is in correct format and generate warning if not if (!checkSGNum($processed_num)) { print $raw_num . ' has invalid phone format. Please use 65XXXXXXXX'; return false; } $user_name = $_SESSION['user_name']; //create the prepared statement $query = "INSERT INTO contacts (contact_name, contact_country_code, contact_number) VALUES (?,?,?)"; $statement = $mysqli->prepare($query); //bind parameters for markers where (s=string, i=integer, d=double, b=blob) //we parse the $data[1], into country code and phone number $contact_name = $data[0]; $contact_country_code = substr($processed_num, 0, 2); $contact_number = substr($processed_num, 2, 8); $statement->bind_param('sss', $contact_name, $contact_country_code, $contact_number); //execute query and print any errors that occur if (!$statement->execute()) { print 'Failed to insert (contacts table): ' . $data[0]; return false; } else { //We get the last inserted contact_id $query2 = "SELECT MAX(contact_id) AS contact_id FROM contacts"; $contact_id = $mysqli->query($query2)->fetch_object()->contact_id; //and insert it into contacts_users with the user_name $query3 = "INSERT INTO contacts_users (contact_id,user_name) VALUES (?,?)"; $statement3 = $mysqli->prepare($query3); $statement3->bind_param('is', $contact_id, $user_name); //execute query and print any errors that occur if (!$statement3->execute()) { print 'Failed to insert (contacts_users table). contact_id: ' . $contact_id . ' & user_name: ' . $user_name; return false; } return true; } }
//check if phone number is valid if (checkSGNum($input_num)) { $recipients_array[] = $input_num; } else { echo $input_num . ' is not a valid SG phone number'; } } $api_fields['to'] = $recipients_array; } elseif (isset($_FILES['fileToUpload'])) { $fname = $_FILES['fileToUpload']['name']; $chk_ext = explode(".", $fname); if (strtolower(end($chk_ext)) == "csv") { $filename = $_FILES['fileToUpload']['tmp_name']; $handle = fopen($filename, "r"); while (($data = fgetcsv($handle, 1000, ",")) !== FALSE) { $input_num = cleanSGNum($data[0]); //check if phone number is valid if (checkSGNum($input_num)) { $recipients_array[] = $input_num; } else { echo $input_num . ' is not a valid SG phone number'; } } fclose($handle); $api_fields['to'] = $recipients_array; } else { createNotif("warning", "Invalid filetype. Please only upload CSV files"); } } else { } //we send the SMS to the API with the appropriate request parameters in the associative array, $api_fields