Exemplo n.º 1
0
 /**
  * Example of an Endpoint
  */
 protected function register()
 {
     if (sizeof($this->args) != 7) {
         return "Expected 7 arguments, found " . sizeof($this->args);
     } elseif ($this->method == 'POST') {
         $fname = htmlspecialchars((string) array_shift($this->args));
         $lname = htmlspecialchars((string) array_shift($this->args));
         $email = htmlspecialchars((string) array_shift($this->args));
         $phone = htmlspecialchars((string) array_shift($this->args));
         $rideid = htmlspecialchars((string) array_shift($this->args));
         $ridedate = htmlspecialchars((string) array_shift($this->args));
         $ridetime = htmlspecialchars((string) array_shift($this->args));
         // php complains later on if we don't explicitly set timezone, so must do that
         date_default_timezone_set('America/Indiana/Indianapolis');
         $current_date = new DateTime();
         $todaystring = $current_date->format('Y-m-d');
         // This if block makes sure the data is not empty, is formatted
         // correctly, and does not contain too many characters
         if ($fname === '') {
             return "Failure: Code 1";
         } else {
             $fname = test_input($fname);
             // making sure the fname contains only letters
             if (!preg_match("/^[a-zA-Z]*\$/", $fname)) {
                 return "Failure: Code 2";
             } elseif (strlen($fname) > 255) {
                 // length is also checked at input field, but doesn't hurt to check again.
                 return "Failure: Code 3";
             }
         }
         if ($lname == '') {
             return "Failure: Code 4";
         } else {
             $lname = test_input($lname);
             // making sure lname contains only letters
             if (!preg_match("/^[a-zA-Z]*\$/", $lname)) {
                 return "Failure: Code 5";
             } elseif (strlen($lname) > 255) {
                 // length is also checked at input field, but doesn't hurt to check again.
                 return "Failure: Code 6";
             }
         }
         if ($email == '') {
             return "Failure: Code 7";
         } else {
             $email = test_input($email);
             // making sure email is formatted correctly
             if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
                 return "Failure: Code 8";
             } elseif (strlen($email) > 254) {
                 // length is also checked at input field, but doesn't hurt to check again.
                 return "Failure: Code 9";
             }
         }
         if ($phone == '') {
             return "Failure: Code 10";
         } else {
             $phone = test_input($phone);
             // making sure phone contains only numbers and is either 10 or 11 chars long
             if (!preg_match("/^[0-9]*\$/", $phone) or !(strlen($phone) == 10) and !(strlen($phone) == 11)) {
                 // length is also checked at input field, but doesn't hurt to check again.
                 return "Failure: Code 11";
             }
         }
         if ($rideid == '') {
             return "Failure: Code 12";
         } else {
             $rideid = test_input($rideid);
         }
         if ($ridedate == '') {
             return "Failure: Code 13";
         } else {
             $ridedate = test_input($ridedate);
         }
         if ($ridetime == '') {
             return "Failure: Code 14";
         } else {
             $ridetime = test_input($ridetime);
         }
         // setting error flags to actual values
         // see more detailed comments in formFucntions.php
         $nullfields = nullFieldsCheck(array($fname, $lname, $email, $phone, $rideid, $ridedate, $ridetime));
         // true if at least one null
         $isOpen = isOpen($rideid, $ridedate, $ridetime);
         // true if is open
         $overFiveRegs = hasOverFiveRegs($fname, $lname, $email);
         // true if has over 5 registrations in future
         $overDailyLimit = isAlreadyRegisteredForRide($fname, $lname, $email, $ridedate, $rideid);
         // true if already registered for that ride today
         $timeInPast = !isInFuture($ridedate, $ridetime);
         // true if day in future, or if today and time in future
         // populating custom help strings if submission not valid
         if ($nullfields) {
             return "Failure: Code 15";
         } elseif (!$isOpen) {
             $openslots = getAvailableTimes($rideid, $ridedate);
             reset($openslots);
             // get back to first element
             if (!empty(current($openslots))) {
                 return "Failure: Code 16";
             } else {
                 // if there are no slots available on this day
                 return "Failure: Code 17";
             }
         } elseif ($overFiveRegs) {
             return "Failure: Code 18";
         } elseif ($overDailyLimit) {
             return "Failure: Code 19";
         } elseif ($timeInPast) {
             return "Failure: Code 20";
         } elseif ($formattingEFlag) {
             return "Failure: Code 21";
         } else {
             // we can insert the data
             // rideID and rideTimeID need to be ints because of database architecture
             $rideid = (int) $rideid;
             $ridetime = (int) $ridetime;
             // need to randomly generate a confirmation string, 10 characters long
             $confno = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 10);
             // database connection components
             $servername = "localhost:3307";
             // port is 3307 instead of default 3306 because I have two MySQL servers on the same EC2 instance
             $username = "******";
             $password = "******";
             // obviously not a good thing to put on Github in a production environment, but will suffice here.
             // host is obscured and DB is behind firewall
             $dbname = "ck_registrations";
             // create connection
             $conn = new mysqli($servername, $username, $password, $dbname);
             // check connection
             if ($conn->connect_error) {
                 return "Failure: Code 22";
                 //die("Connection failed: " . $conn->connect_error);
             }
             // setting query, depending on if there is text in the special needs field
             $sql = "INSERT INTO registrations (fname, lname, email, phone, rideID, rideDT, rideTimeID, confirmationID) VALUES\n                    ('{$fname}', '{$lname}', '{$email}', '{$phone}', {$rideid}, CAST('" . $ridedate . "' AS DATE), {$ridetime}, '{$confno}')";
             // sending query and checking for success
             if ($conn->query($sql) === TRUE) {
                 return "You have successfully registered! Your confirmation number is: {$confno}";
             } else {
                 return "Failure: Code 23";
             }
             // close the db connection
             $conn->close();
         }
     } else {
         return "Only accepts POST requests";
     }
 }
     }
 }
 if (empty($_POST["rideTimeRadioGroup"])) {
     $ridetimeE = "Please choose a time to register for";
 } else {
     $ridetime = test_input($_POST["rideTimeRadioGroup"]);
 }
 if (strlen($_POST["specialNeeds"]) > 1000) {
     // length is also checked at input field, but doesn't hurt to check again.
     $specneedsE = "← The special needs text must be under 1,000 characters";
 } else {
     $specneeds = test_input($_POST["specialNeeds"]);
 }
 // setting error flags to actual values
 // see more detailed comments in formFucntions.php
 $nullfields = nullFieldsCheck(array($fname, $lname, $email, $phone, $rideid, $ridedate, $ridetime));
 // true if at least one null
 $isOpen = isOpen($rideid, $ridedate, $ridetime);
 // true if is open
 $overFiveRegs = hasOverFiveRegs($fname, $lname, $email);
 // true if has over 5 registrations in future
 $overDailyLimit = isAlreadyRegisteredForRide($fname, $lname, $email, $ridedate, $rideid);
 // true if already registered for that ride today
 $timeInPast = $formattingEFlag ? false : !isInFuture($ridedate, $ridetime);
 // true if day in future, or if today and time in future
 // populating custom help strings if submission not valid
 if ($nullfields) {
     $nullfieldsH = "It looks like some data is missing, please fill in all required fields.";
 } elseif (!$isOpen) {
     $openslots = getAvailableTimes($rideid, $ridedate);
     reset($openslots);