function wise_validate($itemName, $errorMessage)
{
global $errorArray;
if (!empty($_POST[$itemName])) {
$item = wise_clean_data($_POST[$itemName]);
return $item;
} else {
$errorArray[$itemName] = "<span class=\"form-error\">{$errorMessage}</span>";
return '';
}
}
$wiseIntakeDemoPreferredEmail = wise_validate('wiseIntakeDemoPreferredEmail', 'Preferred Email cannot be empty!');
$wiseIntakeDemoRace = wise_validate('wiseIntakeDemoRace', 'You must select a Race!');
$wiseIntakeDemoDisability = wise_validate('wiseIntakeDemoDisability', 'You must select Yes or No!');
$wiseIntakeDemoPellGrant = wise_validate('wiseIntakeDemoPellGrant', 'You must select Yes, No, or I do not know!');
$wiseIntakeDemoTAA = wise_validate('wiseIntakeDemoTAA', 'You must select Yes, No, or I do not know!');
$wiseIntakeDemoEligibleVeteran = wise_validate('wiseIntakeDemoEligibleVeteran', 'You must select Yes or No!');
$wiseIntakeDemoSpouseOfEligibleVeteran = wise_validate('wiseIntakeDemoSpouseOfEligibleVeteran', 'You must select Yes or No!');
$wiseIntakeEmploymentStatus = wise_validate('wiseIntakeEmploymentStatus', 'You must select your current Employment Status!');
//optional data is just cleaned rather than checked for emptiness.
$wiseIntakeEmployerName = wise_clean_data($_POST['wiseIntakeEmployerName']);
//optional string
$wiseIntakeEmploymentStartDate = wise_clean_data($_POST['wiseIntakeEmploymentStartDate']);
//optional string
$wiseIntakeEmploymentHoursPerWeek = wise_clean_data($_POST['wiseIntakeEmploymentHoursPerWeek']);
//optional string
$wiseIntakeEmploymentCurrentSalary = wise_clean_data($_POST['wiseIntakeEmploymentCurrentSalary']);
//optional string
//verify information checkbox was checked during variable assignment.
//validate the date of birth field to make sure it is in mm/dd/yyyy format.
if (!validateDate($wiseIntakeDemoDateOfBirth, 'm/d/Y')) {
$errorArray['wiseIntakeDemoDateOfBirth'] = '<span class="form-error">Invalid date! Use mm/dd/yyyy format!</span>';
}
//validate the date of start date field to make sure it is in mm/yyyy format.
//because its optional, it is only validated if the field is not empty.
if (!empty($wiseIntakeEmploymentStartDate) && !validateDate($wiseIntakeEmploymentStartDate, 'm/Y')) {
$errorArray['wiseIntakeEmploymentStartDate'] = '<span class="form-error">Invalid date! Use mm/yyyy format!</span>';
}
//check radio/checkbox data to make sure it is in the allowed array of options. (helps prevent spoofing)
//only add the error if we know there is no current error for this input.
wise_validate_radio_checkbox_spoofing($wiseIntakeDemoGender, 'wiseIntakeDemoGender', $demoGenderRadio);
wise_validate_radio_checkbox_spoofing($wiseIntakeDemoRace, 'wiseIntakeDemoRace', $demoRaceRadio);
}
}
//validate data: required fields cannot be empty.
//data will be stripped of unsafe values such as html tags
//(mysql injection checks are made upon submitting
//the entire form rather than on each of the pages). radio and checkbox list
//values must be on the allowed array of options (to help prevent spoofing).
$wiseIntakeLName = wise_validate('wiseIntakeLName', 'Last Name cannot be empty!');
$wiseIntakeStudentID = wise_validate('wiseIntakeStudentID', 'Student ID Number cannot be empty!');
//student ID must also be a number, in addition to being not empty
if (!empty($wiseIntakeStudentID) && !is_numeric($wiseIntakeStudentID)) {
$errorArray['wiseIntakeStudentID'] = '<span class="form-error">Student ID may only contain numbers!</span>';
}
$wiseIntakeFName = wise_validate('wiseIntakeFName', 'First Name cannot be empty!');
$wiseIntakeCourse = wise_validate('wiseIntakeCourse', 'Course cannot be empty!');
$wiseIntakeMInitial = wise_clean_data($wiseIntakeMInitial);
//optional, so it is just cleaned instead of validated.
$wiseIntakeEduBackground = wise_validate('wiseIntakeEduBackground', 'You must select an Educational Background!');
$wiseIntakeEduGoal = wise_validate('wiseIntakeEduGoal', 'You must select a Goal!');
$wiseIntakeEduCurrentStatus = wise_validate('wiseIntakeEduCurrentStatus', 'You must select your Current Status!');
//intended programs was checked during variable assignment
//check radio/checkbox data to make sure it is in the allowed array of options. (helps prevent spoofing)
//only add the error if we know there is no current error for this input.
wise_validate_radio_checkbox_spoofing($wiseIntakeEduBackground, 'wiseIntakeEduBackground', $eduBackgroundRadio);
wise_validate_radio_checkbox_spoofing($wiseIntakeEduGoal, 'wiseIntakeEduGoal', $eduGoalRadio);
wise_validate_radio_checkbox_spoofing($wiseIntakeEduCurrentStatus, 'wiseIntakeEduCurrentStatus', $eduCurrentStatusRadio);
//for the checkbox list, check each selected option to make sure it is on the list of actual options.
//note that if the array is empty, no error will be added here.
foreach ($wiseIntakeIntendedPrograms as $SelectedIntendedProgramOption) {
wise_validate_radio_checkbox_spoofing($SelectedIntendedProgramOption, 'wiseIntakeIntendedPrograms', $intendedProgramsCheckboxes);
}
//start session so that the admin variable can be set upon successful login
session_start();
//require functions list
require 'includes/functions.php';
//this variable tells the header to appear differently (rather than "form" it will say "table").
$isTablePage = true;
//setting initial username and password to empty strings
$wiseIntakeTableLoginUsername = '';
$wiseIntakeTableLoginPassword = '';
//error array starts empty
$errorArray = array();
//validate the submitted username and password (if the form was submitted)
if (isset($_POST['submit'])) {
//get submitted username and password
$wiseIntakeTableLoginUsername = wise_clean_data($_POST['wiseIntakeTableLoginUsername']);
$wiseIntakeTableLoginPassword = wise_clean_data($_POST['wiseIntakeTableLoginPassword']);
//if username and password are correct, set variable to mark successful login
if ($wiseIntakeTableLoginUsername == 'wiseAdmin' && $wiseIntakeTableLoginPassword == 'adbEJL5Pmlfbu2k9') {
$successfulLogin = true;
}
//if username/password combo is correct, redirect to table page with a session variable set
//marking this session as an admin that can view the table.
if (isset($successfulLogin)) {
$_SESSION['admin'] = 'wise-admin';
header('location: wise-intake-table.php');
} else {
$errorArray['wiseIntakeTableLoginError'] = '<strong><span class="form-error">Username or password incorrect.</span></strong><br />';
}
}
?>
<!DOCTYPE html>
