/
submit_registration.php
executable file
·75 lines (60 loc) · 2.5 KB
/
submit_registration.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
<?php
require_once("dbLogin.php");
require_once("sqlconnector.php");
require_once("fileEditor.php");
session_start();
session_unset();
// connect to db
$fe = new FileEditor('login-info.txt');
$credentials = $fe->readFile();
$cred = new Credentials("terrapintango.cgpkve9uh8yp.us-east-1.rds.amazonaws.com", $credentials[0], $credentials[1], "tangodb", 3306);
//$cred = new Credentials("localhost", "tango", "tango", "test");
$connection = new SQLConnector($cred);
$connection->connect();
$first_name = $_POST['fname'];
$last_name = $_POST['lname'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$ticket_type = $_POST['status'];
$type = $_POST['dancer'];
$partner_fname = "NULL";
$partner_lname = "NULL";
$partner_type = "NULL";
$sqli_ref = $connection->getConnection();
// Only if partner is selected
if ($_POST['partner'] == "2") {
$partner_fname = $_POST['fname2'];
$partner_lname = $_POST['lname2'];
$partner_type = $_POST['partnerdancerh'];
$partner_fname = "'".mysqli_real_escape_string($sqli_ref, $partner_fname)."'";
$partner_lname = "'".mysqli_real_escape_string($sqli_ref, $partner_lname)."'";
$partner_type = "'".mysqli_real_escape_string($sqli_ref, $partner_type)."'";
}
// escape strings
$first_name = mysqli_real_escape_string($sqli_ref, $first_name);
$last_name = mysqli_real_escape_string($sqli_ref, $last_name);
$email = mysqli_real_escape_string($sqli_ref, $email);
$phone = mysqli_real_escape_string($sqli_ref, $phone);
// store into db
$query = "INSERT INTO `records` (`fname`, `lname`, `email`, `phone`, `tickettype`,
`dancertype`, `partnerfname`, `partnerlname`, `registerid`) VALUES
('$first_name', '$last_name', '$email', '$phone', '$ticket_type',
'$type', $partner_fname, $partner_lname, NULL);";
try {
$connection->insert($query);
} catch (Exception $e) {
$error = $e->getMessage();
header("Location: error.php?sql_error=$error");
}
$id = $connection->retrieve("SELECT LAST_INSERT_ID();");
// store id and partner type into session
$_SESSION['submission_id'] = $id["LAST_INSERT_ID()"];
$_SESSION['ticket_type'] = $ticket_type;
$_SESSION['dancertype'] = $type;
if ($partner_fname != "NULL") {
$_SESSION['partner_pass'] = true;
} else {
$_SESSION['partner_pass'] = false;
}
header("Location: form.php");
?>