Newer
Older
Callum Massey
committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
<?php
//unique society identifier
$GroupingID = "6613";
include "../lib/member_functions.php";
include "../suapi.inc.php";
$mode = 'login';
//login
if(isset($_REQUEST['sid'])&&isset($_REQUEST['transactionID'])&&$_REQUEST['sid']!=''&&$_REQUEST['transactionID']!=''){
//set signup details
$sid = $_REQUEST['sid'];
$transactionID = $_REQUEST['transactionID'];
//set POST variables
$url = "https://'$suapi_user':'$suapi_pass'@hap.swansea-union.co.uk/memberships/Membership.asmx/GetMemberByTransactionID";
$fields = array(
'transactionID'=>urlencode($transactionID),
'GroupingID'=>urlencode($GroupingID),
);
//url-ify the data for the POST
foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
rtrim($fields_string,'&');
//open connection
$ch = curl_init();
//set the url, number of POST vars, POST data
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch,CURLOPT_POST,count($fields));
curl_setopt($ch,CURLOPT_POSTFIELDS,$fields_string);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,TRUE);
//execute post
$result = curl_exec($ch);
//close connection
curl_close($ch);
if(!result){
//HTTP Error
}else{
$re1='.*?';
$re2='(\\{.*?\\})';
if ($c=preg_match_all ("/".$re1.$re2."/is", $result, $matches))
{
$json_string=$matches[1][0];
}else{
//ERROR
}
$array = json_decode($json_string,TRUE);
if($array['cardNumber'] == $sid && $sid != ""){
$mode = 'form';
// connect to sucs database
$sucsDB = NewADOConnection('postgres8');
// SET THIS FOR DEBUG MODE
$sucsDB->debug = true;
// SET THIS TO YOUR DB FOR TESTING
$sucsDB->Connect('dbname=sucs');
$sucsDB->SetFetchMode(ADODB_FETCH_ASSOC);
$query = "INSERT INTO transactions (transactionID,fullName,emailAddress,cardNumber,personID) values(?, ? ?, ?, ?, ?)";
$attribs[]=$transactionID;
$attribs[]=$array['firstName'];
$attribs[]=$array['lastName'];
$attribs[]=$array['emailAddress'];
$attribs[]=$array['cardNumber'];
$attribs[]=$array['personID'];
if(!$sucsDB->Execute($query,$attribs)) {
unset($query);
unset($attribs);
$query = "SELECT * FROM transactions WHERE transactionID = ? AND signupid IS NULL";
$attribs[]=$transactionID;
$data = $sucsDB->GetAll($query,$attribs);
if(is_array($data)&&sizeof($data)==1){
//ERROR SOMEONE TRIED TO USE SAME TRANSACTIONID TWICE SIGNUP SLIP ALREADY GENERATED
// MAIL ERROR MESSAGE THEN DIE
die();
}
}
$pass = make_password();
unset($query);
$query = "insert into signup (password,sid,issuedby) values( ?, ?, ?) returning id";
unset($attribs);
$attribs[]=addslashes($pass);
$attribs[]=$array['cardNumber'];
$attribs[]='SUSU API';
$id = $sucsDB->Execute($query,$attribs);
if (!$id) {
echo "Entering id $id failed.<br>\n";
} else {
unset($query);
$query = "update transactions set signupid = ? WHERE transactionID = ?";
unset($attribs);
$attribs[]=$id;
$attribs[]=$transactionID;
if(!$sucsDB->Execute($query,$attibs)) {
//ERROR
} else {
$smarty->assign("id", $id);
$smarty->assign("pass", $pass);
}
}
}
}
}
$smarty->assign("mode", $mode);
$output = $smarty->fetch("susignup.tpl");
$smarty->assign("title", "Join");
$smarty->assign("body", $output);
?>