require_once 'includes/php/scripts/connect.php';
require_once 'includes/php/validations/validations.php';
$errors = [];
if ($user->is_loggedin()) {
$user->redirect('home.php');
}
if (isset($_POST['submit'])) {
if (empty($_POST['fname']) || empty($_POST['lname'])) {
$errors[] = "You must include your first and last name.";
} elseif (!valName($_POST['fname']) || !valName($_POST['fname'])) {
$errors[] = "Your name should only include alpha-numerics and hyphens.";
} else {
$fname = test_input($_POST['fname']);
$lname = test_input($_POST['lname']);
}
if (empty($_POST['email']) || !valEmail($_POST['email'])) {
$errors[] = "You must include a valid email.";
} else {
$email = test_input($_POST['email']);
}
if (empty($_POST['password']) || strlen($_POST['password']) < 6) {
$errors[] = "You must provide a password with at least 6 characters.";
} else {
$password = $_POST['password'];
try {
$stmt = $connection->prepare("SELECT email FROM account WHERE email = :uemail");
$stmt->execute(array(':uemail' => $email));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if ($row['email'] == $email) {
$errors[] = "Sorry, this email is already taken.";
} else {
<p>Մուտքագրեք միայն լատինատառ</p>
<form action="feedback.php" method="post">
<label for="anun">Անուն</label><input type="text" name="anun" id="anun" length=12 /><br>
<label for="azganun">Ազգանուն</label><input type="text" name="azganun" id="azganun" length=12/><br>
<label for="email">Email</label><input type="text" name="email" id="email" /><br>
<label for="namak">Նամակ</label><textarea name="namak" id="namak" rows=6></textarea><br>
<input type="submit" value="Ուղղարկել">
</form>
</div>
</div>
</article>
<?php
if (empty($_POST['anun']) && empty($_POST['azganun']) && empty($_POST['email']) && empty($_POST['namak'])) {
$message = "<p class='errorMessage'>Դատարկ դաշտ չպետք է լինի</p>";
} else {
if (valText($_POST['anun']) && valText($_POST['azganun']) && valEmail($_POST['email']) && valText($_POST['namak'])) {
$anun = $_POST['anun'];
$azganun = $_POST['azganun'];
$email = $_POST['email'];
$namak = $_POST['namak'];
$message = "<p class='successMessage'>Հաղորդագրությունը հաջողությամբ ուղղարկված ՝</p>";
mail("*****@*****.**", "message from {$email}", $namak, $anun . " " . $azganun);
} else {
$message = "<p class='errorMessage'>Ճիշտ մուտքագրեք</p>";
}
}
function valText($var)
{
if (preg_match("/^[a-zA-Z]*\$/", $var)) {
$bl = true;
} else {
$newRole = valString($_POST['Role'], true);
$newPhone = valPhone($_POST['phone'], true);
$newEmail = valEmail($_POST['email'], true);
$newDepartment = valString($_POST['department'], true);
$newUserName = valString($_POST['username'], true);
$newPassword = valString($_POST['pass'], true);
$newUser = new userClass($newfName, $newlName, $newRole, $newPhone, $newEmail, $newDepartment, $newUserName, $newPassword);
$newUser->createUser();
header("Location: /JGWentworth/View/User.php");
}
// end first if
if (isset($_POST['EditUser'])) {
$fName = valString($_POST['fName'], true);
$lName = valString($_POST['lName'], true);
$role = valString($_POST['Role'], true);
$phone = valPhone($_POST['phone'], true);
$email = valEmail($_POST['email'], true);
$department = valString($_POST['department'], true);
$userName = valString($_POST['username'], true);
$password = valString($_POST['pass'], true);
$userID = $_POST['editID'];
$updateUser = new userClass($fName, $lName, $role, $phone, $email, $department, $userName, $password, $userID);
$updateUser->updateUser();
header("Location: /JGWentworth/View/User.php");
}
// end second if
if (isset($_GET['delete'])) {
$deleteID = urldecode(base64_decode($_GET['delete']));
userClass::deleteUser($deleteID);
header("Location: /JGWentworth/View/User.php");
}
}
if (empty($target_file)) {
$sql = "UPDATE COMPANY_MEMBER " . "SET CompanyID ='" . $companyID . "', FirstName = '" . $editCompFName . "', " . "LastName = '" . $editCompLName . "', Title ='" . $editCompTitle . ", " . "Phone = '" . $editCompPhone . "', Email = '" . $editCompEmail . "', " . "DateFirstContact = '" . $editCompFContacted . "' " . "WHERE MemberID ='" . $compClientId . "';";
$pdo->query($sql);
}
header("Location: /JGWentworth/View/Client.php");
}
/******* Edit No Company Client *********************************************************************************************/
if (isset($_POST['editNoCompClient'])) {
$target_dir = $_SERVER["DOCUMENT_ROOT"] . '/JGWentworth/ClientImages/';
$target_file = $target_dir . basename($_FILES['editNoCompPhoto']['name']);
$compClientId = $_POST['editClientID'];
$editClientFName = valString($_POST['editClientFName'], true);
$editClientLName = valString($_POST['editClientLName'], true);
$editClientTitle = valString($_POST['editClientTitle'], true);
$editClientEmail = valEmail($_POST['editClientEmail'], true);
$editClientPhone = valPhone($_POST['editClientPhone'], true);
$editClientAddress = valString($_POST['editClientAddress'], true);
$editClientFContacted = valDate($_POST['editClientFContacted'], true);
if (!empty($target_file)) {
move_uploaded_file($_FILES['editNoCompPhoto']['tmp_name'], $target_file);
$sql = "UPDATE NON_MEMBER " . "SET FirstName ='" . $editCompFName . "', LastName ='" . $editCompLName . "', " . "Title ='" . $editCompTitle . "', Email ='" . $editCompEmail . "', Phone ='" . $editCompPhone . "', " . "Address = '" . $editClientAddress . "', DateFirstContact ='" . $editCompFContacted . "', " . "PhotoURL ='" . $target_file . "' " . "WHERE MemberID ='" . $editClientID . "';";
$pdo->query($sql);
}
if (empty($target_file)) {
$sql = "UPDATE NON_MEMBER " . "SET FirstName = '" . $editCompFName . "', " . "LastName = '" . $editCompLName . "', Title ='" . $editCompTitle . ", " . "Email = '" . $editCompEmail . "', Phone = '" . $editCompPhone . "', " . "Address = '" . $editClientAddress . "', DateFirstContact = '" . $editCompFContacted . "' " . "WHERE MemberID ='" . $editClientID . "';";
$pdo->query($sql);
}
header("Location: /JGWentworth/View/Client.php");
}
/******* Delete Company Client **********************************************************************************************/