diff --git a/action.php b/action.php index d1ea966..55d0320 100644 --- a/action.php +++ b/action.php @@ -35,4 +35,10 @@ switch ($VARS['action']) { session_destroy(); header('Location: index.php'); die("Logged out."); + case "editfamily": + if (!(new User($_SESSION['uid']))->hasPermission("HACHEPORTAL_EDIT")) { + returnToSender("no_permission"); + } + + } \ No newline at end of file diff --git a/lib/Child.lib.php b/lib/Child.lib.php new file mode 100644 index 0000000..bde67bd --- /dev/null +++ b/lib/Child.lib.php @@ -0,0 +1,114 @@ +get('people', ["familyid", "name", "birthday", "graduated"], ['personid' => $id]); + + $this->id = $id; + $this->familyid = $info['familyid']; + $this->name = $info['name']; + $this->birthday = strtotime($info['birthday']); + $this->graduated = $info['graduated'] == 1; + + return $this; + } + + public function save() { + global $database; + if (is_int($this->id) && $database->has("people", ['personid' => $this->id])) { + $database->update("people", ["name" => $this->name, "birthday" => date("Y-m-d", $this->birthday), "graduated" => $this->graduated], ['personid' => $this->id]); + } else { + $database->insert("people", ["familyid" => $this->familyid, "name" => $this->name, "birthday" => date("Y-m-d", $this->birthday), "graduated" => $this->graduated]); + $this->id = $database->id(); + } + } + + public static function exists(int $cid, int $fid = null) { + global $database; + if (is_null($fid)) { + return $database->has("people", [ + 'personid' => $cid + ]); + } + return $database->has("people", ["AND" => [ + 'familyid' => $fid, + 'personid' => $cid + ]]); + } + + public function getID(): int { + return $this->id; + } + + public function getFamilyID(): int { + return $this->familyid; + } + + public function getFamily(): Family { + return (new Family())->load($this->familyid); + } + + public function getName(): string { + return $this->name; + } + + /** + * Get the person's birth date as a UNIX timestamp. + * @return int + */ + public function getBirthday(): int { + return $this->birthday; + } + + public function isGraduated(): bool { + return $this->graduated == true; + } + + public function setName(string $name) { + $this->name = $name; + } + + /** + * Set the person's birth date to either a UNIX timestamp or a date string. + * @param int $timestamp + * @param string $date A string parseable by strtotime(). + */ + public function setBirthday(int $timestamp = null, string $date = null) { + if (is_null($timestamp) && !is_null($date)) { + $this->birthday = strtotime($date); + } else if (!is_null($timestamp) && is_null($date)) { + $this->birthday = $timestamp; + } + } + + public function setGraduated(bool $graduated) { + $this->graduated = $graduated; + } + + public function setFamilyID(int $id) { + $this->familyid = $id; + } + + public function setFamily(Family $f) { + $this->familyid = $f->getID(); + } + +} diff --git a/lib/Family.lib.php b/lib/Family.lib.php new file mode 100644 index 0000000..1b62448 --- /dev/null +++ b/lib/Family.lib.php @@ -0,0 +1,255 @@ +has("families", ['familyid' => $familyid])) { + $this->id = $familyid; + } else { + throw new Exception("No such family exists."); + } + + $f = $database->get("families", [ + 'familyid (id)', + 'familyname (name)', + 'phone', + 'email', + 'newsletter_method (newsletter)', + 'address', + 'city', + 'state', + 'zip', + 'father_name (father)', + 'mother_name (mother)', + 'photo_permission (photo)' + ], [ + "familyid" => $this->id + ]); + + $children = $database->select("people", 'personid', ["familyid" => $this->id]); + + $this->name = $f['name']; + $this->father = $f['father']; + $this->mother = $f['mother']; + $this->phone = $f['phone']; + $this->email = $f['email']; + $this->address = $f['address']; + $this->city = $f['city']; + $this->state = $f['state']; + $this->zip = $f['zip']; + $this->photo = $f['photo'] == 1; + $this->newsletter = $f['newsletter']; + + foreach ($children as $c) { + $this->children[] = (new Child())->load($c); + } + + return $this; + } + + public function save() { + global $database; + if (is_int($this->id) && $database->has("families", ['familyid' => $this->id])) { + $database->update("families", [ + "familyname" => $this->getName(), + "father_name" => $this->getFather(), + "mother_name" => $this->getMother(), + "phone" => $this->getPhone(), + "email" => $this->getEmail(), + "address" => $this->getAddress(), + "city" => $this->getCity(), + "state" => $this->getState(), + "zip" => $this->getZip(), + "photo_permission" => $this->getPhotoPermission(), + "newsletter_method" => $this->getNewsletter() + ], [ + "familyid" => $this->id + ]); + } else { + $database->insert("families", [ + "familyname" => $this->getName(), + "father_name" => $this->getFather(), + "mother_name" => $this->getMother(), + "phone" => $this->getPhone(), + "email" => $this->getEmail(), + "address" => $this->getAddress(), + "city" => $this->getCity(), + "state" => $this->getState(), + "zip" => $this->getZip(), + "photo_permission" => $this->getPhotoPermission(), + "newsletter_method" => $this->getNewsletter() + ]); + $this->id = $database->id(); + } + + for ($i = 0; $i < count($this->children); $i++) { + $this->children[$i]->setFamilyID($this->id); + $this->children[$i]->save(); + } + } + + public function getID() { + return $this->id; + } + + public function getName(): string { + return $this->name; + } + + public function getFather(): string { + return $this->father; + } + + public function getMother(): string { + return $this->mother; + } + + public function getPhone(): string { + return $this->phone; + } + + public function getEmail(): string { + return $this->email; + } + + public function getAddress(): string { + return $this->address; + } + + public function getCity(): string { + return $this->city; + } + + public function getState(): string { + return $this->state; + } + + public function getZip(): string { + return $this->zip; + } + + public function getPhotoPermission(): bool { + return $this->photo == true; + } + + public function getNewsletter(): int { + return $this->newsletter; + } + + public function getChildren(): array { + return $this->children; + } + + + + public function setName(string $name) { + $this->name = $name; + } + + public function setFather(string $name) { + $this->father = $name; + } + + public function setMother(string $name) { + $this->mother = $name; + } + + public function setPhone(string $phone) { + $phone = preg_replace("/[^0-9]/", "", $phone); + if (strlen($phone) == 11) { + $phone = preg_replace("/^1/", "", $phone); + } + if (strlen($phone) != 10) { + throw new Exception("Enter a valid 10-digit phone number."); + } + $this->phone = $phone; + } + + public function setEmail(string $email) { + $email = strtolower($email); + if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { + throw new Exception("The email address looks wrong."); + } + $this->email = $email; + } + + public function setAddress(string $address) { + $this->address = $address; + } + + public function setCity(string $city) { + $this->city = $city; + } + + /** + * Set the state, in two-character form. + * @param string $state + * @throws Exception + */ + public function setState(string $state) { + $state = strtoupper($state); + if (!preg_match("/^[A-Z]{2}$/", $state)) { + throw new Exception("Select a valid state."); + } + $this->state = strtoupper($state); + } + + public function setZip(string $zip) { + if (!preg_match("/^[0-9]{5}(-?[0-9]{4})?$/", $zip)) { + throw new Exception("Enter a valid five or nine digit US ZIP code."); + } + $this->zip = $zip; + } + + public function setPhotoPermission(bool $perm) { + $this->photo = $perm; + } + + public function setNewsletter(int $newsletter) { + if (!is_int($newsletter) || !($newsletter == 1 || $newsletter == 2 || $newsletter == 3)) { + throw new Exception("Invalid newsletter preference."); + } + $this->newsletter = $newsletter; + } + + public function setChildren(array $children) { + $this->children = $children; + } + + public function addChild(Child $child) { + $this->children[] = $child; + } + +} diff --git a/pages/viewfamily.php b/pages/viewfamily.php index e9b04f7..3924e7b 100644 --- a/pages/viewfamily.php +++ b/pages/viewfamily.php @@ -20,24 +20,7 @@ if (empty($VARS['id']) || !$database->has('families', ['familyid' => $VARS['id'] $famid = $VARS['id']; -$family = $database->get("families", [ - 'familyid (id)', - 'familyname (name)', - 'phone', - 'email', - 'newsletter_method (newsletter)', - 'address', - 'city', - 'state', - 'zip', - 'father_name (father)', - 'mother_name (mother)', - 'photo_permission (photo)' - ], [ - "familyid" => $famid - ]); - -$children = $database->select("people", ["name", "birthday", "graduated"], ["familyid" => $famid]); +$family = (new Family())->load($famid); ?>
@@ -47,13 +30,13 @@ $children = $database->select("people", ["name", "birthday", "graduated"], ["fam - get("Family"); ?> + getName(); ?> get("Family"); ?>
- get('Edit Family'); ?> + get('Edit Family'); ?> @@ -63,7 +46,7 @@ $children = $database->select("people", ["name", "birthday", "graduated"], ["fam
getNewsletter()) { case 1: $newsletter = $Strings->get("Email", false); break; @@ -76,47 +59,47 @@ $children = $database->select("people", ["name", "birthday", "graduated"], ["fam } $items = [ [ - "db" => "father", + "value" => $family->getFather(), "icon" => "fas fa-male", "label" => "Father" ], [ - "db" => "mother", + "value" => $family->getMother(), "icon" => "fas fa-female", "label" => "Mother" ], [ - "db" => "phone", + "value" => $family->getPhone(), "icon" => "fas fa-phone", "label" => "Phone" ], [ - "db" => "email", + "value" => $family->getEmail(), "icon" => "fas fa-at", "label" => "Email" ], [ - "db" => "address", - "icon" => "fas fa-map-marker", + "value" => $family->getAddress(), + "icon" => "fas fa-home", "label" => "Address" ], [ - "db" => "city", + "value" => $family->getCity(), "icon" => "fas fa-city", "label" => "City" ], [ - "db" => "state", + "value" => $family->getState(), "icon" => "fas fa-flag", "label" => "State" ], [ - "db" => "zip", + "value" => $family->getZip(), "icon" => "fas fa-mail-bulk", "label" => "ZIP Code" ], [ - "value" => $family['photo'] ? $Strings->get("Yes", false) : $Strings->get("No", false), + "value" => $family->getPhotoPermission() ? $Strings->get("Yes", false) : $Strings->get("No", false), "icon" => "fas fa-camera", "label" => "Photo Permission" ], @@ -132,11 +115,7 @@ $children = $database->select("people", ["name", "birthday", "graduated"], ["fam get($i['label']); echo ": "; - if (empty($i['db'])) { - echo $i['value']; - } else { - echo $family[$i['db']]; - } + echo $i['value']; ?>
select("people", ["name", "birthday", "graduated"], ["fam getChildren() as $c) { ?> - - - get("Yes") : $Strings->get("No"); ?> + getName(); ?> + getBirthday()); ?> + isGraduated() ? $Strings->get("Yes") : $Strings->get("No"); ?> has("families", ['familyid' => $_SESSION['familyid']])) { - $familyid = $_SESSION['familyid']; + $family = (new Family())->load($familyid); } else if (!empty($_POST['renewing'])) { // Session expired, but we're renewing, so kick them back to verification header("Location: ../?page=renew&msg=sessionexpired"); @@ -26,150 +31,131 @@ if (!empty($_SESSION['familyid']) && $database->has("families", ['familyid' => $ } $database->action(function($database) { - global $familyid; - $lastname = $_POST['familyname']; - $father = $_POST['fathername']; - $mother = $_POST['mothername']; - - if (empty($lastname)) { - errorBack("Enter a last name."); - } - if (empty($father)) { - errorBack("Enter a father name."); - } - if (empty($mother)) { - errorBack("Enter a mother name."); - } - - $phone = $_POST['phone']; - $phone = preg_replace("/[^0-9]/", "", $phone); - if (strlen($phone) == 11) { - $phone = preg_replace("/^1/", "", $phone); - } - if (strlen($phone) != 10) { - errorBack("Enter a valid 10-digit phone number."); - } - - $email = strtolower($_POST['email']); - if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { - errorBack("The email address looks wrong."); - } + global $family; - $address = $_POST['streetaddress']; - $city = $_POST['city']; - $state = strtoupper($_POST['state']); - $zip = $_POST['zip']; - if (empty($address)) { - errorBack("Enter a street address."); - } - if (empty($city)) { - errorBack("Enter a city."); - } - if (!preg_match("/^[A-Z]{2}$/", $state)) { - errorBack("Select a state."); - } - if (!preg_match("/^[0-9]{5}(-?[0-9]{4})?$/", $zip)) { - errorBack("Enter a valid five or nine digit US ZIP code."); - } + try { + $lastname = $_POST['familyname']; + $father = $_POST['fathername']; + $mother = $_POST['mothername']; - $newsletter = $_POST['newsletter_method']; - $membership_cost = 2500; - if (empty($newsletter)) { - errorBack("Select a newsletter preference."); - } - switch ($newsletter) { - case 1: // Email only - $membership_cost = 2500; - break; - case 2: // Print only - $membership_cost = 3500; - break; - case 3: // Email and print - $membership_cost = 3500; - break; - default: - errorBack("Select a valid newsletter preference."); - } + if (empty($lastname)) { + errorBack("Enter a last name."); + } + if (empty($father)) { + errorBack("Enter a father name."); + } + if (empty($mother)) { + errorBack("Enter a mother name."); + } - $photopermission = $_POST['photo_permission']; - if (!empty($photopermission) && $photopermission == "1") { - $photopermission = true; - } else { - $photopermission = false; - } + $family->setName($lastname); + $family->setFather($father); + $family->setMother($mother); - if (isset($familyid)) { - $database->update("families", [ - "familyname" => $lastname, - "father_name" => $father, - "mother_name" => $mother, - "phone" => $phone, - "email" => $email, - "newsletter_method" => $newsletter, - "address" => $address, - "city" => $city, - "state" => $state, - "zip" => $zip, - "photo_permission" => $photopermission - ], [ - 'familyid' => $familyid - ]); - } else { - $database->insert("families", [ - "familyname" => $lastname, - "father_name" => $father, - "mother_name" => $mother, - "phone" => $phone, - "email" => $email, - "newsletter_method" => $newsletter, - "address" => $address, - "city" => $city, - "state" => $state, - "zip" => $zip, - "photo_permission" => $photopermission - ]); + $family->setPhone($_POST['phone']); + $family->setEmail($_POST['email']); - $familyid = $database->id(); - } + $address = $_POST['streetaddress']; + $city = $_POST['city']; + $state = strtoupper($_POST['state']); + $zip = $_POST['zip']; + if (empty($address)) { + errorBack("Enter a street address."); + } + if (empty($city)) { + errorBack("Enter a city."); + } + $family->setAddress($address); + $family->setCity($city); + $family->setState($state); + $family->setZip($zip); - $children = $_POST['child']; - foreach ($children['ids'] as $cid) { - if (empty($children['name'][$cid])) { - continue; + $newsletter = $_POST['newsletter_method']; + $membership_cost = 2500; + if (empty($newsletter)) { + errorBack("Select a newsletter preference."); } - - if (!preg_match("/^([1-9]|1[012])$/", $children['month'][$cid])) { - errorBack("Invalid birth month chosen for " . htmlentities($children['name'][$cid]) . "."); + $family->setNewsletter($newsletter); + switch ($newsletter) { + case 1: // Email only + $membership_cost = 2500; + break; + case 2: // Print only + $membership_cost = 3500; + break; + case 3: // Email and print + $membership_cost = 3500; + break; + default: + errorBack("Select a valid newsletter preference."); } - if (!is_numeric($children['year'][$cid])) { - errorBack("Invalid birth year chosen for " . htmlentities($children['name'][$cid]) . "."); + $photopermission = $_POST['photo_permission']; + if (!empty($photopermission) && $photopermission == "1") { + $photopermission = true; + } else { + $photopermission = false; } - $children['year'][$cid] = $children['year'][$cid] * 1; - if ($children['year'][$cid] < 1980 || $children['year'][$cid] > date("Y")) { - errorBack("Invalid birth year chosen for " . htmlentities($children['name'][$cid]) . "."); + $family->setPhotoPermission($photopermission); + + $family->save(); + + // + // Children + // + $children = $_POST['child']; + + $childObjects = $family->getChildren(); + + foreach ($children['ids'] as $cid) { + if (empty($children['name'][$cid])) { + continue; + } + + if (!preg_match("/^([1-9]|1[012])$/", $children['month'][$cid])) { + errorBack("Invalid birth month chosen for " . htmlentities($children['name'][$cid]) . "."); + } + + if (!is_numeric($children['year'][$cid])) { + errorBack("Invalid birth year chosen for " . htmlentities($children['name'][$cid]) . "."); + } + $children['year'][$cid] = $children['year'][$cid] * 1; + if ($children['year'][$cid] < 1980 || $children['year'][$cid] > date("Y")) { + errorBack("Invalid birth year chosen for " . htmlentities($children['name'][$cid]) . "."); + } + + if (Child::exists($cid, $family->getID())) { + // iterate over existing children to find the correct one + for ($i = 0; $i < count($childObjects); $i++) { + if ($childObjects[$i]->getID() == $cid) { + $childObjects[$i]->setName($children['name'][$cid]); + $childObjects[$i]->setBirthday(null, $children['year'][$cid] . "-" . $children['month'][$cid] . "-00"); + $childObjects[$i]->setGraduated(empty($children['graduate'][$cid]) ? false : true); + } + } + } else { + $child = new Child(); + $child->setName($children['name'][$cid]); + $child->setBirthday(null, $children['year'][$cid] . "-" . $children['month'][$cid] . "-00"); + $child->setGraduated(empty($children['graduate'][$cid]) ? false : true); + $child->setFamilyID($family->getID()); + $childObjects[] = $child; + } } - if ($database->has('people', ["AND" => [ - 'familyid' => $familyid, - 'personid' => $cid - ]])) { - $database->update('people', [ - "name" => $children['name'][$cid], - "birthday" => $children['year'][$cid] . "-" . $children['month'][$cid] . "-00", - "graduated" => empty($children['graduate'][$cid]) ? 0 : 1 - ], ['personid' => $cid]); - } else { - $database->insert("people", [ - "familyid" => $familyid, - "name" => $children['name'][$cid], - "birthday" => $children['year'][$cid] . "-" . $children['month'][$cid] . "-00", - "graduated" => empty($children['graduate'][$cid]) ? 0 : 1 - ]); + foreach ($childObjects as $child) { + $child->save(); } + + } catch (Exception $ex) { + errorBack($ex->getMessage()); } + + // + // Interests + // $database->delete('interests', ['familyid' => $familyid]); $interests = []; foreach ($_POST['events'] as $evt) { @@ -180,6 +166,10 @@ $database->action(function($database) { $database->insert("interests", $interests); + + // + // Payment + // try { \Stripe\Stripe::setApiKey(STRIPE_SECKEY);