-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcreate.php
More file actions
79 lines (69 loc) · 2.77 KB
/
create.php
File metadata and controls
79 lines (69 loc) · 2.77 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
<?php
include 'functions.lib.php';
const TITLE = 'Create';
$phoneUtil = Phone::number_util();
$pdo = Contact::secure_connect();
// $pdo = SQL::pdo_connect_mysql();
try {
$jobSelect = SQL::job_select($pdo);
} catch (Exception $e) {
Status::report_and_exit(TITLE, $e);
};
if (
isset($_POST['forename']) &&
isset($_POST['surname']) &&
isset($_POST['email']) &&
isset($_POST['phone_code']) &&
isset($_POST['phone_number']) &&
isset($_POST['job_id']) &&
isset($_POST['created']) &&
isset($_POST['password']) &&
isset($_POST['password_confirm'])
) {
$forename = $_POST['forename'];
$surname =$_POST['surname'];
$jobID = $_POST['job_id'];
$created = $_POST['created'];
if ($jobID == JOB_BOSS_ID && $_SESSION['job_id'] !== JOB_BOSS_ID) {
Status::report_and_exit(TITLE, "Security Violation: You are not allowed to create a Boss Account.");
}
try {
$email = Contact::validate_email($_POST['email']);
$phone = Phone::validate($phoneUtil, $_POST['phone_code'], $_POST['phone_number']);
$phoneID = SQL::get_phone_id($pdo, $phone);
$password = Contact::validate_password($_POST['password'], $_POST['password_confirm']);
SQL::insert_into_contacts($pdo, $forename, $surname, $email, $phoneID, $jobID, $created, $password);
}
catch (Exception $e) {
Status::report_and_exit(TITLE, $e);
}
Status::success();
}
?>
<?=Template::header(TITLE)?>
<div class="content update">
<h2>Create Contact</h2>
<form action="create.php" method="post">
<label for="forename">Forename</label>
<label for="surname">Surname</label>
<input type="text" name="forename" id="forename" required/>
<input type="text" name="surname" id="surname" required/>
<label for="email">Email</label>
<label for="phone">Phone</label>
<input type="email" name="email" id="email" required/>
<?php Phone::select($phoneUtil) ?>
<label for="job_id">Job</label>
<label for="created">Created</label>
<?= $jobSelect ?>
<input type="datetime-local" name="created" value="<?=date('Y-m-d\TH:i')?>" id="created" required/>
<label for="password">Password</label>
<label for="password_confirm">Confirm Password</label>
<input type="password" name="password" id="password" required minlength="4"/>
<input type="password" name="password_confirm" id="password_confirm" required minlength="4"/>
<input type="submit" value="Create">
</form>
<?php if (isset($_GET['success'])): if ($_GET['success'] === 'true'): ?>
<p>Created Succesfully!</p>
<?php endif; endif; ?>
</div>
<?=Template::footer()?>