@ -10,258 +10,215 @@ require_once __DIR__ . "/../../lib/requiredpublic.php";
require_once __DIR__ . "/../../lib/Email.lib.php";
var_export($_POST);
die();
function errorBack(string $errormsg) {
global $familyid;
header("Location: ../?page=signup& error=" . htmlentities($errormsg));
$database->delete("families", ["familyid" => $familyid]);
die($errormsg);
}
if (!empty($_SESSION['familyid']) & & $database->has("families", ['familyid' => $_SESSION['familyid']])) {
$family = $_SESSION['familyid'];
$renewal = true;
} else if (!empty($_POST['renewing'])) {
// Session expired, but we're renewing, so kick them back to verification
header("Location: ../?page=renew&msg=sessionexpired");
die("You took too long and were automatically logged out. Please try again.");
}
$database->action(function($database) {
global $family, $renewal, $SETTINGS;
try {
$lastname = $_POST['familyname'];
$father = $_POST['fathername'];
$mother = $_POST['mothername'];
global $SETTINGS;
if (empty($lastname)) {
errorBack("Enter a last name.");
}
if (empty($father)) {
errorBack("Enter a father name.");
}
if (empty($mother)) {
errorBack("Enter a mother name.");
}
$database->insert("families", []);
$familyid = $database->id();
$family->setName($lastname);
$family->setFather($father);
$family->setMother($mother);
$dueusd = 0.0;
$family->setPhone($_POST['phone']);
$family->setEmail($_POST['email']);
try {
if ($renewal) {
if ($database->has("families", ["AND" => ["email" => $family->getEmail(), "familyid[!]" => $family->getID()]])) {
errorBack("That email address is already in use with another family.");
}
} else {
if ($database->has("families", ["email" => $family->getEmail()])) {
errorBack("That email address is already in use with another family.");
$people = $_POST['people'];
$requiredfields = [
"firstname" => ".+",
"lastname" => ".+",
"address" => ".+",
"zip" => "[0-9]{5}(-?[0-9]{4})?",
"phone1" => "[0-9]{10}",
"email" => "_EMAIL_",
"shirt" => ["YS", "YM", "YL", "AS", "AM", "AL", "AX", "A2"],
"sex" => ["M", "F"]
];
foreach ($people['ids'] as $pid) {
switch ($people["type"][$pid]) {
case "camper":
$checkfields = array_merge($requiredfields, [
"parentname" => ".+",
"unit" => "[0-9]{3,4}",
"rank" => ["Tiger", "Wolf", "Bear", "Webelos", "Arrow of Light"]
]);
break;
case "adult":
$checkfields = array_merge($requiredfields, [
"position" => [
"None",
"Den Walker",
"Station Leader",
"Tot Lot",
"First Aid",
"Floater"
]
]);
break;
case "youth":
$checkfields = array_merge($requiredfields, [
"position" => [
"None",
"Den Chief",
"Station",
"Tot Lot",
"Floater"
]
]);
break;
default:
errorBack("Invalid person type.");
}
}
$address = $_POST['streetaddress'];
$city = $_POST['city'];
$state = strtoupper($_POST['state']);
$zip = $_POST['zip'];
if (empty($address)) {
errorBack("Enter a street address.");
}
if (empty($city)) {
errorBack("Enter a city.");
}
$family->setAddress($address);
$family->setCity($city);
$family->setState($state);
$family->setZip($zip);
$newsletter = $_POST['newsletter_method'];
$membership_cost = 2500;
if (empty($newsletter)) {
errorBack("Select a newsletter preference.");
}
$family->setNewsletter($newsletter);
switch ($newsletter) {
case 1: // Email only
$membership_cost = 2500;
break;
case 2: // Print only
$membership_cost = 3500;
break;
case 3: // Email and print
$membership_cost = 3500;
break;
default:
errorBack("Select a valid newsletter preference.");
}
$photopermission = $_POST['photo_permission'];
if (!empty($photopermission) & & $photopermission == "1") {
$photopermission = true;
} else {
$photopermission = false;
}
$family->setPhotoPermission($photopermission);
foreach ($checkfields as $name => $regex) {
$validatefunction = function ($str) use ($regex) {
return preg_match("/$regex/", $str);
};
if (is_array($regex)) {
// Array of options
$validatefunction = function ($str) use ($regex) {
return in_array($str, $regex);
};
} else if (strpos($regex, "_") === 0) {
// Special cases
switch ($regex) {
case "_EMAIL_":
$validatefunction = function ($str) {
return filter_var($str, FILTER_VALIDATE_EMAIL);
};
break;
}
}
if ($renewal) {
// If membership lapsed, add a whole year, otherwise just extend it
if ($family->getExpires() < time ( ) ) {
$family->setExpires(strtotime("+1 year"));
} else {
$family->setExpires(strtotime("+1 year", $family->getExpires()));
// Validate
if (!$validatefunction($people[$name][$pid])) {
errorBack("Please check your input and try again ($name).");
}
}
} else {
$family->setExpires(strtotime("+1 year"));
}
$family->save();
//
// Children
//
$children = $_POST['child'];
$childObjects = $family->getChildren();
foreach ($children['ids'] as $cid) {
if (empty($children['name'][$cid])) {
continue;
}
if (!preg_match("/^([1-9]|1[012])$/", $children['month'][$cid])) {
errorBack("Invalid birth month chosen for " . htmlentities($children['name'][$cid]) . ".");
$days = "";
if (is_array($people["days"][$pid])) {
$validdays = ["Tu", "We", "Th", "Fr"];
$days = "";
foreach ($people["days"][$pid] as $day) {
if (in_array($day, $validdays)) {
$days .= $day;
}
}
}
if (!is_numeric($children['year'][$cid])) {
errorBack("Invalid birth year chosen for " . htmlentities($children['name'][$cid]) . ".");
}
$children['year'][$cid] = $children['year'][$cid] * 1;
if ($children['year'][$cid] < 1980 | | $ children [ ' year ' ] [ $ cid ] > date("Y")) {
errorBack("Invalid birth year chosen for " . htmlentities($children['name'][$cid]) . ".");
switch ($people["type"][$pid]) {
case "camper":
$dueusd += 50.0;
echo "\nAdding $50 to the total for a camper, dueusd is $dueusd\n";
$database->insert("campers", [
"parentname" => $people["parentname"][$pid],
"rank" => $people["rank"][$pid]
]);
$camperid = $database->id();
break;
case "adult":
$discount = 10.0 * (strlen($days) / 2);
$dueusd -= $discount;
echo "\Subtracting $$discount from the total for an adult volunteer, dueusd is $dueusd\n";
$database->insert("adults", [
"position" => $people["position"][$pid],
"days" => $days
]);
$adultid = $database->id();
break;
case "youth":
$database->insert("youth", [
"position" => $people["position"][$pid],
"days" => $days
]);
$youthid = $database->id();
break;
}
if (Child::exists($cid, $family->getID())) {
// iterate over existing children to find the correct one
for ($i = 0; $i < count ( $ childObjects ) ; $ i + + ) {
if ($childObjects[$i]->getID() == $cid) {
$childObjects[$i]->setName($children['name'][$cid]);
$childObjects[$i]->setBirthday(null, $children['year'][$cid] . "-" . $children['month'][$cid] . "-00");
$childObjects[$i]->setGraduated(empty($children['graduate'][$cid]) ? false : true);
}
}
} else {
$child = new Child();
$child->setName($children['name'][$cid]);
$child->setBirthday(null, $children['year'][$cid] . "-" . $children['month'][$cid] . "-00");
$child->setGraduated(empty($children['graduate'][$cid]) ? false : true);
$child->setFamilyID($family->getID());
$childObjects[] = $child;
}
}
foreach ($childObjects as $child) {
$child->save();
$database->insert("people", [
"familyid" => $familyid,
"camperid" => $camperid,
"adultid" => $adultid,
"youthid" => $youthid,
"firstname" => $people["firstname"][$pid],
"lastname" => $people["lastname"][$pid],
"address" => $people["address"][$pid],
"zip" => $people["zip"][$pid],
"phone1" => empty($people["phone1"][$pid] ? "" : $people["phone1"][$pid]),
"phone2" => empty($people["phone2"][$pid] ? "" : $people["phone2"][$pid]),
"email" => empty($people["email"][$pid] ? "" : $people["email"][$pid]),
"unit" => $people["unit"][$pid],
"shirt" => $people["shirt"][$pid],
"sex" => $people["sex"][$pid]
]);
}
} catch (Exception $ex) {
errorBack($ex->getMessage());
}
//
// Interests
//
$database->delete('interests', ['familyid' => $family->getID()]);
if (!empty($_POST['events']) & & is_array($_POST['events'])) {
$interests = [];
foreach ($_POST['events'] as $evt) {
if ($database->has("events", ['eventid' => $evt])) {
$interests[] = ["familyid" => $family->getID(), "eventid" => $evt];
}
}
$database->insert("interests", $interests);
}
//
// Payment
//
try {
\Stripe\Stripe::setApiKey($SETTINGS["stripe"]["seckey"]);
$charge = \Stripe\Charge::create([
'amount' => $membership_cost,
'currency' => 'usd',
'description' => 'HACHE Membership',
'source' => $_POST['stripeToken'],
'statement_descriptor' => 'HACHE Membership 1yr',
]);
} catch (\Stripe\Error\Card $e) {
$body = $e->getJsonBody();
$err = $body['error'];
errorBack("We couldn't process your card because it was declined. Your card issuer or bank sent us this message: " . $err["message"] . " That's all we know.");
} catch (\Stripe\Error\RateLimit $e) {
errorBack("We couldn't process your card because things are happening too fast. Please try again in a minute. (Error code: STRIPE_RATELIMIT)");
} catch (\Stripe\Error\InvalidRequest $e) {
errorBack("We couldn't process your card because of a technical issue. Please try again later. (Error code: STRIPE_INVREQ)");
} catch (\Stripe\Error\Authentication $e) {
errorBack("We can't connect to the card processor. Please try again later. (Error code: STRIPE_AUTH)");
} catch (\Stripe\Error\ApiConnection $e) {
errorBack("We can't connect to the card processor. Please try again later. (Error code: STRIPE_NOAPI)");
} catch (\Stripe\Error\Base $e) {
errorBack("An unknown payment error occurred. Please try again later.");
} catch (Exception $e) {
errorBack("An unknown error occurred. Please try again later.");
}
$campcoupons = (!empty($_POST['campcoupons']) & & preg_match("/[0-9]+/", $_POST['campcoupons'])) ? $_POST['campcoupons'] * 1 : 0;
$database->insert("payments", [
"familyid" => $family->getID(),
"amount" => ($membership_cost / 100.0),
"paid" => 1,
"date" => date("Y-m-d H:i:s"),
"type" => "Online"
]);
$duecard = $dueusd - $campcoupons;
try {
$confirmation = new Email();
$confirmation->addTo($family->getEmail());
$confirmation->setFrom($SETTINGS["smtp"]["fromaddress"], $SETTINGS["smtp"]["fromname"]);
$confirmation->setSMTP($SETTINGS["smtp"]["host"], $SETTINGS["smtp"]["port"], $SETTINGS["smtp"]["auth"], $SETTINGS["smtp"]["user"], $SETTINGS["smtp"]["password"], $SETTINGS["smtp"]["secure"]);
if ($renewal) {
$confirmation->setSubject("HACHE renewal confirmation");
$confirmation->setBody("Your membership renewal has been processed.\r\n"
. "Your membership will expire on" . date("F j Y", $family->getExpires()) . ".\r\n"
. "Thanks for being a HACHE member!");
} else {
$confirmation->setSubject("HACHE membership confirmation");
$confirmation->setBody("Your membership and payment have been recorded.\r\n"
. "A HACHE member will be in touch in the next few days.\r\n"
. "Thanks again and welcome to HACHE!");
}
$confirmation->send();
} catch (Exception $e) {
echo "\nCost $dueusd total: $duecard to Stripe, $campcoupons as coupons\n";
if ($_POST['totalcharge'] != $dueusd) {
errorBack("There was a discrepency between the total you saw and the total the server calculated. The transaction has been cancelled and you were not charged.");
}
try {
$notification = new Email();
$notification->addTo($SETTINGS["smtp"]["notification_to"]);
$notification->setFrom($SETTINGS["smtp"]["fromaddress"], $SETTINGS["smtp"]["fromname"]);
$notification->setSMTP($SETTINGS["smtp"]["host"], $SETTINGS["smtp"]["port"], $SETTINGS["smtp"]["auth"], $SETTINGS["smtp"]["user"], $SETTINGS["smtp"]["password"], $SETTINGS["smtp"]["secure"]);
if ($renewal) {
$notification->setSubject("HACHE renewal notification");
$notification->setBody("The " . $family->getName() . " family has renewed their HACHE membership.");
} else {
$notification->setSubject("HACHE membership notification");
$notification->setBody("The " . $family->getName() . " family has registered for a HACHE membership.");
if ($duecard > 0) {
try {
\Stripe\Stripe::setApiKey($SETTINGS["stripe"]["seckey"]);
$charge = \Stripe\Charge::create([
'amount' => $duecard * 100.0,
'currency' => 'usd',
'description' => 'Day Camp',
'source' => $_POST['stripeToken'],
'statement_descriptor' => 'PPD Day Camp',
]);
} catch (\Stripe\Error\Card $e) {
$body = $e->getJsonBody();
$err = $body['error'];
errorBack("We couldn't process your card because it was declined. Your card issuer or bank sent us this message: " . $err["message"] . " That's all we know.");
} catch (\Stripe\Error\RateLimit $e) {
errorBack("We couldn't process your card because things are happening too fast. Please try again in a minute. (Error code: STRIPE_RATELIMIT)");
} catch (\Stripe\Error\InvalidRequest $e) {
errorBack("We couldn't process your card because of a technical issue. Please try again later. (Error code: STRIPE_INVREQ)");
} catch (\Stripe\Error\Authentication $e) {
errorBack("We can't connect to the card processor. Please try again later. (Error code: STRIPE_AUTH)");
} catch (\Stripe\Error\ApiConnection $e) {
errorBack("We can't connect to the card processor. Please try again later. (Error code: STRIPE_NOAPI)");
} catch (\Stripe\Error\Base $e) {
errorBack("An unknown payment error occurred. Please try again later.");
} catch (Exception $e) {
errorBack("An unknown error occurred. Please try again later.");
}
$notification->send();
} catch (Exception $e) {
}
$database->insert("payments", [
"familyid" => $familyid,
"amount" => ($dueusd),
"amountpaid" => ($duecard),
"date" => date("Y-m-d H:i:s"),
"type" => "Online"
]);
header("Location: ../?page=thanks");
var_dump($_POST);
return true;
});