Newer
Older
Callum Massey
committed
<?php
//unique society identifier
$GroupingID = "6613";
include "../lib/member_functions.php";
include "../suapi.inc.php";
$error_email = "admin@sucs.org";
Callum Massey
committed
$mode = 'login';
//login
if(!empty($_REQUEST['sid'])&&!empty($_REQUEST['transactionID'])){
Callum Massey
committed
//set signup details
$sid = $_REQUEST['sid'];
$transactionID = $_REQUEST['transactionID'];
//set POST variables
$url = "https://$suapi_user:$suapi_pass@hap.swansea-union.co.uk/memberships/Membership.asmx/GetMemberByTransactionID";
Callum Massey
committed
$fields = array(
'transactionID'=>urlencode($transactionID),
'GroupingID'=>urlencode($GroupingID),
);
//url-ify the data for the POST
Callum Massey
committed
foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
rtrim($fields_string,'&');
//open connection
$ch = curl_init();
//set the url, number of POST vars, POST data
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch,CURLOPT_POST,count($fields));
curl_setopt($ch,CURLOPT_POSTFIELDS,$fields_string);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,TRUE);
//execute post
$result = curl_exec($ch);
Callum Massey
committed
//close connection
curl_close($ch);
Callum Massey
committed
}else{
$re1='.*?';
$re2='(\\{.*?\\})';
if ($c=preg_match_all ("/".$re1.$re2."/is", $result, $matches))
{
$json_string=$matches[1][0];
}else{
//ERROR
}
$array = json_decode($json_string,TRUE);
if($array['cardNumber'] == $sid && $sid != ""){
$mode = 'form';
// connect to sucs database
$sucsDB = NewADOConnection('postgres8');
// SET THIS FOR DEBUG MODE
// $sucsDB->debug = true;
Callum Massey
committed
// SET THIS TO YOUR DB FOR TESTING
$sucsDB->Connect('dbname=sucs user=apache');
Callum Massey
committed
$sucsDB->SetFetchMode(ADODB_FETCH_ASSOC);
$fullName = $array['firstName']." ".$array['lastName'];
$query = "INSERT INTO transactions (transactionID,fullName,emailAddress,cardNumber,personID) values(?, ?, ?, ?, ?)";
$attribs[] = $transactionID;
$attribs[] = $fullName;
$attribs[] = $array['emailAddress'];
$attribs[] = $array['cardNumber'];
$attribs[] = $array['personID'];
Callum Massey
committed
Callum Massey
committed
if(!$sucsDB->Execute($query,$attribs)) {
// We did this because Adodb ErrorNo command is broken
$query = "SELECT * FROM transactions WHERE transactionID = ?";
unset($attribs);
Callum Massey
committed
$attribs[]=$transactionID;
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
if($sucsDB->Execute($query,$attribs)) {
$query = "SELECT * FROM transactions WHERE transactionID = ?";
$attribs= array();
$attribs[]=$transactionID;
$data = $sucsDB->GetAll($query,$attribs);
if(is_array($data)&&sizeof($data)==1&&$data[0]['signupid']==NULL){
// As it stands this shouldn't happen but if it does, no reason not to let them carry on
$valid = true;
} elseif(is_array($data)&&sizeof($data)==1&&$data[0]['signupid']!=NULL) {
$query = "SELECT * FROM signup WHERE sid = ? AND username IS NULL";
unset($attribs);
$attribs[]=$sid;
$data = $sucsDB->Execute($query, $attribs);
if(!$data) {
//handle db err
print($sucsDB->ErrorMsg());
$valid=false;
} else if($data->RecordCount()==0) {
$smarty->assign("username", $data->fields['username']);
$mode='numpty2';
// This happens if they already ahve a SUCS account and are trying to create a new signupid
$valid = false;
} else {
$smarty->assign("id", $data->fields['id']);
$smarty->assign("pass", $data->fields['password']);
$mode='numpty';
// If this happens they tried to get a new signupid/pass after already getting one, and should get weekly reminders about it
$valid = false;
}
} else {
$mode="error";
mail(
$error_email,
"SUSignup Error",
"An error occured in the susignup system at stage 1\n Love the signup system.\n\nP.S. The Error is:\n ".$sucsDB->ErrorMsg(),
"From: \"SUCS Admin\" <admin@sucs.org>"
);
$valid = false;
}
} else {
$mode="error";
mail(
$error_email,
"SUSignup Error",
"An error occured in the susignup system at stage 2\n Love the signup system.\n\nP.S. The Error is:\n ".$sucsDB->ErrorMsg(),
"From: \"SUCS Admin\" <admin@sucs.org>"
);
Callum Massey
committed
}
}
if($valid)
{
$pass = make_password();
unset($query);
$query = "insert into signup (password,sid,issuedby) values( ?, ?, ?) returning id";
unset($attribs);
$attribs[]=addslashes($pass);
$attribs[]=$array['cardNumber'];
$attribs[]='99999';
Callum Massey
committed
$id = $id->fields['id'];
if (!$id) {
$mode="error";
mail(
$error_email,
"SUSignup Error",
"An error occured in the susignup system at stage 3\n Love the signup system.\n\nP.S. The Error is:\n ".$sucsDB->ErrorMsg(),
"From: \"SUCS Admin\" <admin@sucs.org>"
);
} else {
$query = "update transactions set signupid=? WHERE transactionID=?";
unset($attribs);
$attribs[]=$id;
$attribs[]=$transactionID;
if(!$sucsDB->Execute($query,$attribs)) {
$mode="error";
mail(
$error_email,
"SUSignup Error",
"An error occured in the susignup system at stage 4\n Love the signup system.\n\nP.S. The Error is:\n ".$sucsDB->ErrorMsg(),
"From: \"SUCS Admin\" <admin@sucs.org>"
);
print($sucsDB->ErrorMsg());
} else {
$smarty->assign("id", $id);
$smarty->assign("pass", $pass);
mail(
$array['emailAddress'].','.$sid.'@swansea.ac.uk',
"SUCS Signup Information",
"Thankyou for joining Swansea University Computer Society, your signup details are below;\nSignupID: $id\nSignup Password: $pass\nIf you have successfully completed signup immediately then you can disregard this message.\n\nSUCS Admin Team.",
"From: \"SUCS Admin\" <admin@sucs.org>"
);
Callum Massey
committed
}
} else {
//ERROR
Callum Massey
committed
}
}
}
}
$smarty->assign("mode", $mode);
$output = $smarty->fetch("susignup.tpl");
$smarty->assign("title", "Join");
$smarty->assign("body", $output);
?>