<?php
//unique society identifier
$GroupingID = "6613";
include "../lib/member_functions.php";
include "../suapi.inc.php";
$mode = 'login';
//login
if(!empty($_REQUEST['sid'])&&!empty($_REQUEST['transactionID'])){
//set signup details
$sid = $_REQUEST['sid'];
$transactionID = $_REQUEST['transactionID'];
//set POST variables
$url = "https://$suapi_user:$suapi_pass@hap.swansea-union.co.uk/memberships/Membership.asmx/GetMemberByTransactionID";
$fields = array(
'transactionID'=>urlencode($transactionID),
'GroupingID'=>urlencode($GroupingID),
);
//url-ify the data for the POST
$field_string = "";
foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
rtrim($fields_string,'&');
//open connection
$ch = curl_init();
//set the url, number of POST vars, POST data
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch,CURLOPT_POST,count($fields));
curl_setopt($ch,CURLOPT_POSTFIELDS,$fields_string);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,TRUE);
//execute post
$result = curl_exec($ch);
//close connection
curl_close($ch);
if(!$result){
//HTTP Error
}else{
$re1='.*?';
$re2='(\\{.*?\\})';
if ($c=preg_match_all ("/".$re1.$re2."/is", $result, $matches))
{
$json_string=$matches[1][0];
}else{
//ERROR
}
$array = json_decode($json_string,TRUE);
if($array['cardNumber'] == $sid && $sid != ""){
$mode = 'form';
// connect to sucs database
$sucsDB = NewADOConnection('postgres8');
// SET THIS FOR DEBUG MODE
$sucsDB->debug = true;
// SET THIS TO YOUR DB FOR TESTING
$sucsDB->Connect('dbname=sucs');
$sucsDB->SetFetchMode(ADODB_FETCH_ASSOC);
$query = "INSERT INTO transactions (transactionID,fullName,emailAddress,cardNumber,personID) values(?, ? ?, ?, ?, ?)";
$attribs[]=$transactionID;
$attribs[]=$array['firstName'];
$attribs[]=$array['lastName'];
$attribs[]=$array['emailAddress'];
$attribs[]=$array['cardNumber'];
$attribs[]=$array['personID'];
$valid = true;
if(!$sucsDB->Execute($query,$attribs)) {
$query = "SELECT * FROM transactions WHERE transactionID = ? AND signupid IS NULL";
$attribs= array();
$attribs[]=$transactionID;
$data = $sucsDB->GetAll($query,$attribs);
if(is_array($data)&&sizeof($data)==1){
//ERROR SOMEONE TRIED TO USE SAME TRANSACTIONID TWICE SIGNUP SLIP ALREADY GENERATED
// MAIL ERROR MESSAGE THEN DIE
$valid = false;
}
}
if($valid)
{
$pass = make_password();
unset($query);
$query = "insert into signup (password,sid,issuedby) values( ?, ?, ?) returning id";
unset($attribs);
$attribs[]=addslashes($pass);
$attribs[]=$array['cardNumber'];
$attribs[]='SUSU API';
$id = $sucsDB->Execute($query,$attribs);
if (!$id) {
echo "Entering id $id failed.<br>\n".$sucsDB->ErrorMsg();
} else {
unset($query);
$query = "update transactions set signupid = ? WHERE transactionID = ?";
unset($attribs);
$attribs[]=$id;
$attribs[]=$transactionID;
if(!$sucsDB->Execute($query,$attibs)) {
//ERROR
} else {
$smarty->assign("id", $id);
$smarty->assign("pass", $pass);
}
}
}
}
}
}
$smarty->assign("mode", $mode);
$output = $smarty->fetch("susignup.tpl");
$smarty->assign("title", "Join");
$smarty->assign("body", $output);
?>