From 9d56af802dd0c00f318318889b6b1de10eaf3165 Mon Sep 17 00:00:00 2001 From: Skylar Ittner Date: Mon, 17 Dec 2018 19:07:26 -0700 Subject: [PATCH] Don't allow membership renewals when they aren't near expiration --- public/parts/renew.php | 7 +++++++ public/parts/verify.php | 9 +++++++++ 2 files changed, 16 insertions(+) diff --git a/public/parts/renew.php b/public/parts/renew.php index 248b393..044f101 100644 --- a/public/parts/renew.php +++ b/public/parts/renew.php @@ -39,6 +39,13 @@ if (empty($IN_SITE)) { case "bademail": $msg = "That email address doesn't look right. Please try again."; break; + case "tooearly": + if (!empty($_GET['exp']) && is_numeric($_GET['exp'])) { + $msg = "This membership isn't expiring until " . date("F Y", $_GET['exp'] * 1) . " and cannot be renewed yet."; + } else { + $msg = "This membership isn't close enough to expiration and cannot be renewed yet."; + } + break; } } if ($msg != "") { diff --git a/public/parts/verify.php b/public/parts/verify.php index e9daf1e..8b348da 100644 --- a/public/parts/verify.php +++ b/public/parts/verify.php @@ -19,6 +19,15 @@ if (!empty($_POST['email'])) { die("We don't have that email on file for any current families."); } + $familyid = $database->get('families', 'familyid', ['email' => strtolower($_POST['email'])]); + + // Check expiration date + $expires = (new Family())->load($familyid)->getExpires(); + if ($expires > strtotime("+6 months")) { + header("Location: ./?page=renew&msg=tooearly&exp=$expires"); + die("This membership isn't expiring until " . date("F Y", $expires) . " and cannot be renewed yet."); + } + $code = mt_rand(100000, 999999); $_SESSION['code'] = $code; $_SESSION['maybefamily'] = $familyid;