2018-11-17 19:56:10 -07:00
< ? php
/*
* This Source Code Form is subject to the terms of the Mozilla Public
* License , v . 2.0 . If a copy of the MPL was not distributed with this
* file , You can obtain one at http :// mozilla . org / MPL / 2.0 /.
*/
2018-11-30 15:17:31 -07:00
require_once __DIR__ . " /../../lib/requiredpublic.php " ;
function errorBack ( string $errormsg ) {
2018-12-03 19:53:10 -07:00
header ( " Location: ../?page=signup&error= " . htmlentities ( $errormsg ));
2018-11-30 15:17:31 -07:00
die ( $errormsg );
}
if ( empty ( $_POST [ 'agree_terms' ])) {
errorBack ( " You must agree to HACHE's policy. " );
}
2018-11-30 16:54:02 -07:00
if ( ! empty ( $_SESSION [ 'familyid' ]) && $database -> has ( " families " , [ 'familyid' => $_SESSION [ 'familyid' ]])) {
$familyid = $_SESSION [ 'familyid' ];
2018-12-03 19:53:10 -07:00
} else if ( ! empty ( $_POST [ 'renewing' ])) {
// Session expired, but we're renewing, so kick them back to verification
header ( " Location: ../?page=renew&msg=sessionexpired " );
die ( " You took too long and were automatically logged out. Please try again. " );
2018-11-30 16:54:02 -07:00
}
2018-11-30 15:17:31 -07:00
$database -> action ( function ( $database ) {
2018-11-30 16:54:02 -07:00
global $familyid ;
2018-11-30 15:17:31 -07:00
$lastname = $_POST [ 'familyname' ];
$father = $_POST [ 'fathername' ];
$mother = $_POST [ 'mothername' ];
if ( empty ( $lastname )) {
errorBack ( " Enter a last name. " );
}
if ( empty ( $father )) {
errorBack ( " Enter a father name. " );
}
if ( empty ( $mother )) {
errorBack ( " Enter a mother name. " );
}
$phone = $_POST [ 'phone' ];
$phone = preg_replace ( " /[^0-9]/ " , " " , $phone );
if ( strlen ( $phone ) == 11 ) {
$phone = preg_replace ( " /^1/ " , " " , $phone );
}
if ( strlen ( $phone ) != 10 ) {
errorBack ( " Enter a valid 10-digit phone number. " );
}
2018-12-03 19:53:10 -07:00
$email = strtolower ( $_POST [ 'email' ]);
2018-11-30 15:17:31 -07:00
if ( ! filter_var ( $email , FILTER_VALIDATE_EMAIL )) {
errorBack ( " The email address looks wrong. " );
}
$address = $_POST [ 'streetaddress' ];
$city = $_POST [ 'city' ];
$state = strtoupper ( $_POST [ 'state' ]);
$zip = $_POST [ 'zip' ];
if ( empty ( $address )) {
errorBack ( " Enter a street address. " );
}
if ( empty ( $city )) {
errorBack ( " Enter a city. " );
}
if ( ! preg_match ( " /^[A-Z] { 2} $ / " , $state )) {
2018-11-30 15:40:27 -07:00
errorBack ( " Select a state. " );
2018-11-30 15:17:31 -07:00
}
if ( ! preg_match ( " /^[0-9] { 5}(-?[0-9] { 4})? $ / " , $zip )) {
errorBack ( " Enter a valid five or nine digit US ZIP code. " );
}
$newsletter = $_POST [ 'newsletter_method' ];
$membership_cost = 2500 ;
if ( empty ( $newsletter )) {
errorBack ( " Select a newsletter preference. " );
}
switch ( $newsletter ) {
case 1 : // Email only
$membership_cost = 2500 ;
break ;
case 2 : // Print only
$membership_cost = 3500 ;
break ;
case 3 : // Email and print
$membership_cost = 3500 ;
break ;
default :
errorBack ( " Select a valid newsletter preference. " );
}
$photopermission = $_POST [ 'photo_permission' ];
if ( ! empty ( $photopermission ) && $photopermission == " 1 " ) {
$photopermission = true ;
} else {
$photopermission = false ;
}
2018-11-30 16:54:02 -07:00
if ( isset ( $familyid )) {
$database -> update ( " families " , [
" familyname " => $lastname ,
" father_name " => $father ,
" mother_name " => $mother ,
" phone " => $phone ,
" email " => $email ,
" newsletter_method " => $newsletter ,
" address " => $address ,
" city " => $city ,
" state " => $state ,
" zip " => $zip ,
" photo_permission " => $photopermission
], [
'familyid' => $familyid
]);
} else {
$database -> insert ( " families " , [
" familyname " => $lastname ,
" father_name " => $father ,
" mother_name " => $mother ,
" phone " => $phone ,
" email " => $email ,
" newsletter_method " => $newsletter ,
" address " => $address ,
" city " => $city ,
" state " => $state ,
" zip " => $zip ,
" photo_permission " => $photopermission
]);
2018-11-30 15:17:31 -07:00
2018-11-30 16:54:02 -07:00
$familyid = $database -> id ();
}
2018-11-30 15:17:31 -07:00
$children = $_POST [ 'child' ];
foreach ( $children [ 'ids' ] as $cid ) {
if ( empty ( $children [ 'name' ][ $cid ])) {
continue ;
}
if ( ! preg_match ( " /^([1-9]|1[012]) $ / " , $children [ 'month' ][ $cid ])) {
errorBack ( " Invalid birth month chosen for " . htmlentities ( $children [ 'name' ][ $cid ]) . " . " );
}
if ( ! is_numeric ( $children [ 'year' ][ $cid ])) {
errorBack ( " Invalid birth year chosen for " . htmlentities ( $children [ 'name' ][ $cid ]) . " . " );
}
$children [ 'year' ][ $cid ] = $children [ 'year' ][ $cid ] * 1 ;
if ( $children [ 'year' ][ $cid ] < 1980 || $children [ 'year' ][ $cid ] > date ( " Y " )) {
errorBack ( " Invalid birth year chosen for " . htmlentities ( $children [ 'name' ][ $cid ]) . " . " );
}
2018-11-30 16:54:02 -07:00
if ( $database -> has ( 'people' , [ " AND " => [
'familyid' => $familyid ,
'personid' => $cid
]])) {
$database -> update ( 'people' , [
" name " => $children [ 'name' ][ $cid ],
" birthday " => $children [ 'year' ][ $cid ] . " - " . $children [ 'month' ][ $cid ] . " -00 " ,
" graduated " => empty ( $children [ 'graduate' ][ $cid ]) ? 0 : 1
], [ 'personid' => $cid ]);
} else {
$database -> insert ( " people " , [
" familyid " => $familyid ,
" name " => $children [ 'name' ][ $cid ],
" birthday " => $children [ 'year' ][ $cid ] . " - " . $children [ 'month' ][ $cid ] . " -00 " ,
" graduated " => empty ( $children [ 'graduate' ][ $cid ]) ? 0 : 1
]);
}
2018-11-30 15:17:31 -07:00
}
2018-11-30 16:54:02 -07:00
$database -> delete ( 'interests' , [ 'familyid' => $familyid ]);
2018-11-30 15:17:31 -07:00
$interests = [];
foreach ( $_POST [ 'events' ] as $evt ) {
if ( $database -> has ( " events " , [ 'eventid' => $evt ])) {
$interests [] = [ " familyid " => $familyid , " eventid " => $evt ];
}
}
$database -> insert ( " interests " , $interests );
try {
\Stripe\Stripe :: setApiKey ( STRIPE_SECKEY );
2018-11-30 16:54:02 -07:00
2018-11-30 15:17:31 -07:00
$charge = \Stripe\Charge :: create ([
'amount' => $membership_cost ,
'currency' => 'usd' ,
'description' => 'HACHE Membership' ,
'source' => $_POST [ 'stripeToken' ],
'statement_descriptor' => 'HACHE Membership 1yr' ,
]);
} catch ( \Stripe\Error\Card $e ) {
$body = $e -> getJsonBody ();
$err = $body [ 'error' ];
errorBack ( " We couldn't process your card because it was declined. Your card issuer or bank sent us this message: " . $err [ " message " ] . " That's all we know. " );
} catch ( \Stripe\Error\RateLimit $e ) {
errorBack ( " We couldn't process your card because things are happening too fast. Please try again in a minute. (Error code: STRIPE_RATELIMIT) " );
} catch ( \Stripe\Error\InvalidRequest $e ) {
errorBack ( " We couldn't process your card because of a technical issue. Please try again later. (Error code: STRIPE_INVREQ) " );
} catch ( \Stripe\Error\Authentication $e ) {
errorBack ( " We can't connect to the card processor. Please try again later. (Error code: STRIPE_AUTH) " );
} catch ( \Stripe\Error\ApiConnection $e ) {
errorBack ( " We can't connect to the card processor. Please try again later. (Error code: STRIPE_NOAPI) " );
} catch ( \Stripe\Error\Base $e ) {
errorBack ( " An unknown payment error occurred. Please try again later. " );
} catch ( Exception $e ) {
errorBack ( " An unknown error occurred. Please try again later. " );
}
$database -> insert ( " payments " , [
" familyid " => $familyid ,
" amount " => ( $membership_cost / 100.0 ),
" paid " => 1 ,
" date " => date ( " Y-m-d H:i:s " )
]);
header ( " Location: ../?page=thanks " );
return true ;
});
