diff --git a/action.php b/action.php
index d1ea966..55d0320 100644
--- a/action.php
+++ b/action.php
@@ -35,4 +35,10 @@ switch ($VARS['action']) {
session_destroy();
header('Location: index.php');
die("Logged out.");
+ case "editfamily":
+ if (!(new User($_SESSION['uid']))->hasPermission("HACHEPORTAL_EDIT")) {
+ returnToSender("no_permission");
+ }
+
+
}
\ No newline at end of file
diff --git a/lib/Child.lib.php b/lib/Child.lib.php
new file mode 100644
index 0000000..bde67bd
--- /dev/null
+++ b/lib/Child.lib.php
@@ -0,0 +1,114 @@
+get('people', ["familyid", "name", "birthday", "graduated"], ['personid' => $id]);
+
+ $this->id = $id;
+ $this->familyid = $info['familyid'];
+ $this->name = $info['name'];
+ $this->birthday = strtotime($info['birthday']);
+ $this->graduated = $info['graduated'] == 1;
+
+ return $this;
+ }
+
+ public function save() {
+ global $database;
+ if (is_int($this->id) && $database->has("people", ['personid' => $this->id])) {
+ $database->update("people", ["name" => $this->name, "birthday" => date("Y-m-d", $this->birthday), "graduated" => $this->graduated], ['personid' => $this->id]);
+ } else {
+ $database->insert("people", ["familyid" => $this->familyid, "name" => $this->name, "birthday" => date("Y-m-d", $this->birthday), "graduated" => $this->graduated]);
+ $this->id = $database->id();
+ }
+ }
+
+ public static function exists(int $cid, int $fid = null) {
+ global $database;
+ if (is_null($fid)) {
+ return $database->has("people", [
+ 'personid' => $cid
+ ]);
+ }
+ return $database->has("people", ["AND" => [
+ 'familyid' => $fid,
+ 'personid' => $cid
+ ]]);
+ }
+
+ public function getID(): int {
+ return $this->id;
+ }
+
+ public function getFamilyID(): int {
+ return $this->familyid;
+ }
+
+ public function getFamily(): Family {
+ return (new Family())->load($this->familyid);
+ }
+
+ public function getName(): string {
+ return $this->name;
+ }
+
+ /**
+ * Get the person's birth date as a UNIX timestamp.
+ * @return int
+ */
+ public function getBirthday(): int {
+ return $this->birthday;
+ }
+
+ public function isGraduated(): bool {
+ return $this->graduated == true;
+ }
+
+ public function setName(string $name) {
+ $this->name = $name;
+ }
+
+ /**
+ * Set the person's birth date to either a UNIX timestamp or a date string.
+ * @param int $timestamp
+ * @param string $date A string parseable by strtotime().
+ */
+ public function setBirthday(int $timestamp = null, string $date = null) {
+ if (is_null($timestamp) && !is_null($date)) {
+ $this->birthday = strtotime($date);
+ } else if (!is_null($timestamp) && is_null($date)) {
+ $this->birthday = $timestamp;
+ }
+ }
+
+ public function setGraduated(bool $graduated) {
+ $this->graduated = $graduated;
+ }
+
+ public function setFamilyID(int $id) {
+ $this->familyid = $id;
+ }
+
+ public function setFamily(Family $f) {
+ $this->familyid = $f->getID();
+ }
+
+}
diff --git a/lib/Family.lib.php b/lib/Family.lib.php
new file mode 100644
index 0000000..1b62448
--- /dev/null
+++ b/lib/Family.lib.php
@@ -0,0 +1,255 @@
+has("families", ['familyid' => $familyid])) {
+ $this->id = $familyid;
+ } else {
+ throw new Exception("No such family exists.");
+ }
+
+ $f = $database->get("families", [
+ 'familyid (id)',
+ 'familyname (name)',
+ 'phone',
+ 'email',
+ 'newsletter_method (newsletter)',
+ 'address',
+ 'city',
+ 'state',
+ 'zip',
+ 'father_name (father)',
+ 'mother_name (mother)',
+ 'photo_permission (photo)'
+ ], [
+ "familyid" => $this->id
+ ]);
+
+ $children = $database->select("people", 'personid', ["familyid" => $this->id]);
+
+ $this->name = $f['name'];
+ $this->father = $f['father'];
+ $this->mother = $f['mother'];
+ $this->phone = $f['phone'];
+ $this->email = $f['email'];
+ $this->address = $f['address'];
+ $this->city = $f['city'];
+ $this->state = $f['state'];
+ $this->zip = $f['zip'];
+ $this->photo = $f['photo'] == 1;
+ $this->newsletter = $f['newsletter'];
+
+ foreach ($children as $c) {
+ $this->children[] = (new Child())->load($c);
+ }
+
+ return $this;
+ }
+
+ public function save() {
+ global $database;
+ if (is_int($this->id) && $database->has("families", ['familyid' => $this->id])) {
+ $database->update("families", [
+ "familyname" => $this->getName(),
+ "father_name" => $this->getFather(),
+ "mother_name" => $this->getMother(),
+ "phone" => $this->getPhone(),
+ "email" => $this->getEmail(),
+ "address" => $this->getAddress(),
+ "city" => $this->getCity(),
+ "state" => $this->getState(),
+ "zip" => $this->getZip(),
+ "photo_permission" => $this->getPhotoPermission(),
+ "newsletter_method" => $this->getNewsletter()
+ ], [
+ "familyid" => $this->id
+ ]);
+ } else {
+ $database->insert("families", [
+ "familyname" => $this->getName(),
+ "father_name" => $this->getFather(),
+ "mother_name" => $this->getMother(),
+ "phone" => $this->getPhone(),
+ "email" => $this->getEmail(),
+ "address" => $this->getAddress(),
+ "city" => $this->getCity(),
+ "state" => $this->getState(),
+ "zip" => $this->getZip(),
+ "photo_permission" => $this->getPhotoPermission(),
+ "newsletter_method" => $this->getNewsletter()
+ ]);
+ $this->id = $database->id();
+ }
+
+ for ($i = 0; $i < count($this->children); $i++) {
+ $this->children[$i]->setFamilyID($this->id);
+ $this->children[$i]->save();
+ }
+ }
+
+ public function getID() {
+ return $this->id;
+ }
+
+ public function getName(): string {
+ return $this->name;
+ }
+
+ public function getFather(): string {
+ return $this->father;
+ }
+
+ public function getMother(): string {
+ return $this->mother;
+ }
+
+ public function getPhone(): string {
+ return $this->phone;
+ }
+
+ public function getEmail(): string {
+ return $this->email;
+ }
+
+ public function getAddress(): string {
+ return $this->address;
+ }
+
+ public function getCity(): string {
+ return $this->city;
+ }
+
+ public function getState(): string {
+ return $this->state;
+ }
+
+ public function getZip(): string {
+ return $this->zip;
+ }
+
+ public function getPhotoPermission(): bool {
+ return $this->photo == true;
+ }
+
+ public function getNewsletter(): int {
+ return $this->newsletter;
+ }
+
+ public function getChildren(): array {
+ return $this->children;
+ }
+
+
+
+ public function setName(string $name) {
+ $this->name = $name;
+ }
+
+ public function setFather(string $name) {
+ $this->father = $name;
+ }
+
+ public function setMother(string $name) {
+ $this->mother = $name;
+ }
+
+ public function setPhone(string $phone) {
+ $phone = preg_replace("/[^0-9]/", "", $phone);
+ if (strlen($phone) == 11) {
+ $phone = preg_replace("/^1/", "", $phone);
+ }
+ if (strlen($phone) != 10) {
+ throw new Exception("Enter a valid 10-digit phone number.");
+ }
+ $this->phone = $phone;
+ }
+
+ public function setEmail(string $email) {
+ $email = strtolower($email);
+ if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
+ throw new Exception("The email address looks wrong.");
+ }
+ $this->email = $email;
+ }
+
+ public function setAddress(string $address) {
+ $this->address = $address;
+ }
+
+ public function setCity(string $city) {
+ $this->city = $city;
+ }
+
+ /**
+ * Set the state, in two-character form.
+ * @param string $state
+ * @throws Exception
+ */
+ public function setState(string $state) {
+ $state = strtoupper($state);
+ if (!preg_match("/^[A-Z]{2}$/", $state)) {
+ throw new Exception("Select a valid state.");
+ }
+ $this->state = strtoupper($state);
+ }
+
+ public function setZip(string $zip) {
+ if (!preg_match("/^[0-9]{5}(-?[0-9]{4})?$/", $zip)) {
+ throw new Exception("Enter a valid five or nine digit US ZIP code.");
+ }
+ $this->zip = $zip;
+ }
+
+ public function setPhotoPermission(bool $perm) {
+ $this->photo = $perm;
+ }
+
+ public function setNewsletter(int $newsletter) {
+ if (!is_int($newsletter) || !($newsletter == 1 || $newsletter == 2 || $newsletter == 3)) {
+ throw new Exception("Invalid newsletter preference.");
+ }
+ $this->newsletter = $newsletter;
+ }
+
+ public function setChildren(array $children) {
+ $this->children = $children;
+ }
+
+ public function addChild(Child $child) {
+ $this->children[] = $child;
+ }
+
+}
diff --git a/pages/viewfamily.php b/pages/viewfamily.php
index e9b04f7..3924e7b 100644
--- a/pages/viewfamily.php
+++ b/pages/viewfamily.php
@@ -20,24 +20,7 @@ if (empty($VARS['id']) || !$database->has('families', ['familyid' => $VARS['id']
$famid = $VARS['id'];
-$family = $database->get("families", [
- 'familyid (id)',
- 'familyname (name)',
- 'phone',
- 'email',
- 'newsletter_method (newsletter)',
- 'address',
- 'city',
- 'state',
- 'zip',
- 'father_name (father)',
- 'mother_name (mother)',
- 'photo_permission (photo)'
- ], [
- "familyid" => $famid
- ]);
-
-$children = $database->select("people", ["name", "birthday", "graduated"], ["familyid" => $famid]);
+$family = (new Family())->load($famid);
?>
@@ -47,13 +30,13 @@ $children = $database->select("people", ["name", "birthday", "graduated"], ["fam
- get("Family"); ?>
+ getName(); ?> get("Family"); ?>
-
get('Edit Family'); ?>
+
get('Edit Family'); ?>
@@ -63,7 +46,7 @@ $children = $database->select("people", ["name", "birthday", "graduated"], ["fam
getNewsletter()) {
case 1:
$newsletter = $Strings->get("Email", false);
break;
@@ -76,47 +59,47 @@ $children = $database->select("people", ["name", "birthday", "graduated"], ["fam
}
$items = [
[
- "db" => "father",
+ "value" => $family->getFather(),
"icon" => "fas fa-male",
"label" => "Father"
],
[
- "db" => "mother",
+ "value" => $family->getMother(),
"icon" => "fas fa-female",
"label" => "Mother"
],
[
- "db" => "phone",
+ "value" => $family->getPhone(),
"icon" => "fas fa-phone",
"label" => "Phone"
],
[
- "db" => "email",
+ "value" => $family->getEmail(),
"icon" => "fas fa-at",
"label" => "Email"
],
[
- "db" => "address",
- "icon" => "fas fa-map-marker",
+ "value" => $family->getAddress(),
+ "icon" => "fas fa-home",
"label" => "Address"
],
[
- "db" => "city",
+ "value" => $family->getCity(),
"icon" => "fas fa-city",
"label" => "City"
],
[
- "db" => "state",
+ "value" => $family->getState(),
"icon" => "fas fa-flag",
"label" => "State"
],
[
- "db" => "zip",
+ "value" => $family->getZip(),
"icon" => "fas fa-mail-bulk",
"label" => "ZIP Code"
],
[
- "value" => $family['photo'] ? $Strings->get("Yes", false) : $Strings->get("No", false),
+ "value" => $family->getPhotoPermission() ? $Strings->get("Yes", false) : $Strings->get("No", false),
"icon" => "fas fa-camera",
"label" => "Photo Permission"
],
@@ -132,11 +115,7 @@ $children = $database->select("people", ["name", "birthday", "graduated"], ["fam
get($i['label']);
echo ": ";
- if (empty($i['db'])) {
- echo $i['value'];
- } else {
- echo $family[$i['db']];
- }
+ echo $i['value'];
?>
select("people", ["name", "birthday", "graduated"], ["fam
getChildren() as $c) {
?>
- |
- |
- get("Yes") : $Strings->get("No"); ?> |
+ getName(); ?> |
+ getBirthday()); ?> |
+ isGraduated() ? $Strings->get("Yes") : $Strings->get("No"); ?> |
has("families", ['familyid' => $_SESSION['familyid']])) {
- $familyid = $_SESSION['familyid'];
+ $family = (new Family())->load($familyid);
} else if (!empty($_POST['renewing'])) {
// Session expired, but we're renewing, so kick them back to verification
header("Location: ../?page=renew&msg=sessionexpired");
@@ -26,150 +31,131 @@ if (!empty($_SESSION['familyid']) && $database->has("families", ['familyid' => $
}
$database->action(function($database) {
- global $familyid;
- $lastname = $_POST['familyname'];
- $father = $_POST['fathername'];
- $mother = $_POST['mothername'];
-
- if (empty($lastname)) {
- errorBack("Enter a last name.");
- }
- if (empty($father)) {
- errorBack("Enter a father name.");
- }
- if (empty($mother)) {
- errorBack("Enter a mother name.");
- }
-
- $phone = $_POST['phone'];
- $phone = preg_replace("/[^0-9]/", "", $phone);
- if (strlen($phone) == 11) {
- $phone = preg_replace("/^1/", "", $phone);
- }
- if (strlen($phone) != 10) {
- errorBack("Enter a valid 10-digit phone number.");
- }
-
- $email = strtolower($_POST['email']);
- if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
- errorBack("The email address looks wrong.");
- }
+ global $family;
- $address = $_POST['streetaddress'];
- $city = $_POST['city'];
- $state = strtoupper($_POST['state']);
- $zip = $_POST['zip'];
- if (empty($address)) {
- errorBack("Enter a street address.");
- }
- if (empty($city)) {
- errorBack("Enter a city.");
- }
- if (!preg_match("/^[A-Z]{2}$/", $state)) {
- errorBack("Select a state.");
- }
- if (!preg_match("/^[0-9]{5}(-?[0-9]{4})?$/", $zip)) {
- errorBack("Enter a valid five or nine digit US ZIP code.");
- }
+ try {
+ $lastname = $_POST['familyname'];
+ $father = $_POST['fathername'];
+ $mother = $_POST['mothername'];
- $newsletter = $_POST['newsletter_method'];
- $membership_cost = 2500;
- if (empty($newsletter)) {
- errorBack("Select a newsletter preference.");
- }
- switch ($newsletter) {
- case 1: // Email only
- $membership_cost = 2500;
- break;
- case 2: // Print only
- $membership_cost = 3500;
- break;
- case 3: // Email and print
- $membership_cost = 3500;
- break;
- default:
- errorBack("Select a valid newsletter preference.");
- }
+ if (empty($lastname)) {
+ errorBack("Enter a last name.");
+ }
+ if (empty($father)) {
+ errorBack("Enter a father name.");
+ }
+ if (empty($mother)) {
+ errorBack("Enter a mother name.");
+ }
- $photopermission = $_POST['photo_permission'];
- if (!empty($photopermission) && $photopermission == "1") {
- $photopermission = true;
- } else {
- $photopermission = false;
- }
+ $family->setName($lastname);
+ $family->setFather($father);
+ $family->setMother($mother);
- if (isset($familyid)) {
- $database->update("families", [
- "familyname" => $lastname,
- "father_name" => $father,
- "mother_name" => $mother,
- "phone" => $phone,
- "email" => $email,
- "newsletter_method" => $newsletter,
- "address" => $address,
- "city" => $city,
- "state" => $state,
- "zip" => $zip,
- "photo_permission" => $photopermission
- ], [
- 'familyid' => $familyid
- ]);
- } else {
- $database->insert("families", [
- "familyname" => $lastname,
- "father_name" => $father,
- "mother_name" => $mother,
- "phone" => $phone,
- "email" => $email,
- "newsletter_method" => $newsletter,
- "address" => $address,
- "city" => $city,
- "state" => $state,
- "zip" => $zip,
- "photo_permission" => $photopermission
- ]);
+ $family->setPhone($_POST['phone']);
+ $family->setEmail($_POST['email']);
- $familyid = $database->id();
- }
+ $address = $_POST['streetaddress'];
+ $city = $_POST['city'];
+ $state = strtoupper($_POST['state']);
+ $zip = $_POST['zip'];
+ if (empty($address)) {
+ errorBack("Enter a street address.");
+ }
+ if (empty($city)) {
+ errorBack("Enter a city.");
+ }
+ $family->setAddress($address);
+ $family->setCity($city);
+ $family->setState($state);
+ $family->setZip($zip);
- $children = $_POST['child'];
- foreach ($children['ids'] as $cid) {
- if (empty($children['name'][$cid])) {
- continue;
+ $newsletter = $_POST['newsletter_method'];
+ $membership_cost = 2500;
+ if (empty($newsletter)) {
+ errorBack("Select a newsletter preference.");
}
-
- if (!preg_match("/^([1-9]|1[012])$/", $children['month'][$cid])) {
- errorBack("Invalid birth month chosen for " . htmlentities($children['name'][$cid]) . ".");
+ $family->setNewsletter($newsletter);
+ switch ($newsletter) {
+ case 1: // Email only
+ $membership_cost = 2500;
+ break;
+ case 2: // Print only
+ $membership_cost = 3500;
+ break;
+ case 3: // Email and print
+ $membership_cost = 3500;
+ break;
+ default:
+ errorBack("Select a valid newsletter preference.");
}
- if (!is_numeric($children['year'][$cid])) {
- errorBack("Invalid birth year chosen for " . htmlentities($children['name'][$cid]) . ".");
+ $photopermission = $_POST['photo_permission'];
+ if (!empty($photopermission) && $photopermission == "1") {
+ $photopermission = true;
+ } else {
+ $photopermission = false;
}
- $children['year'][$cid] = $children['year'][$cid] * 1;
- if ($children['year'][$cid] < 1980 || $children['year'][$cid] > date("Y")) {
- errorBack("Invalid birth year chosen for " . htmlentities($children['name'][$cid]) . ".");
+ $family->setPhotoPermission($photopermission);
+
+ $family->save();
+
+ //
+ // Children
+ //
+ $children = $_POST['child'];
+
+ $childObjects = $family->getChildren();
+
+ foreach ($children['ids'] as $cid) {
+ if (empty($children['name'][$cid])) {
+ continue;
+ }
+
+ if (!preg_match("/^([1-9]|1[012])$/", $children['month'][$cid])) {
+ errorBack("Invalid birth month chosen for " . htmlentities($children['name'][$cid]) . ".");
+ }
+
+ if (!is_numeric($children['year'][$cid])) {
+ errorBack("Invalid birth year chosen for " . htmlentities($children['name'][$cid]) . ".");
+ }
+ $children['year'][$cid] = $children['year'][$cid] * 1;
+ if ($children['year'][$cid] < 1980 || $children['year'][$cid] > date("Y")) {
+ errorBack("Invalid birth year chosen for " . htmlentities($children['name'][$cid]) . ".");
+ }
+
+ if (Child::exists($cid, $family->getID())) {
+ // iterate over existing children to find the correct one
+ for ($i = 0; $i < count($childObjects); $i++) {
+ if ($childObjects[$i]->getID() == $cid) {
+ $childObjects[$i]->setName($children['name'][$cid]);
+ $childObjects[$i]->setBirthday(null, $children['year'][$cid] . "-" . $children['month'][$cid] . "-00");
+ $childObjects[$i]->setGraduated(empty($children['graduate'][$cid]) ? false : true);
+ }
+ }
+ } else {
+ $child = new Child();
+ $child->setName($children['name'][$cid]);
+ $child->setBirthday(null, $children['year'][$cid] . "-" . $children['month'][$cid] . "-00");
+ $child->setGraduated(empty($children['graduate'][$cid]) ? false : true);
+ $child->setFamilyID($family->getID());
+ $childObjects[] = $child;
+ }
}
- if ($database->has('people', ["AND" => [
- 'familyid' => $familyid,
- 'personid' => $cid
- ]])) {
- $database->update('people', [
- "name" => $children['name'][$cid],
- "birthday" => $children['year'][$cid] . "-" . $children['month'][$cid] . "-00",
- "graduated" => empty($children['graduate'][$cid]) ? 0 : 1
- ], ['personid' => $cid]);
- } else {
- $database->insert("people", [
- "familyid" => $familyid,
- "name" => $children['name'][$cid],
- "birthday" => $children['year'][$cid] . "-" . $children['month'][$cid] . "-00",
- "graduated" => empty($children['graduate'][$cid]) ? 0 : 1
- ]);
+ foreach ($childObjects as $child) {
+ $child->save();
}
+
+ } catch (Exception $ex) {
+ errorBack($ex->getMessage());
}
+
+ //
+ // Interests
+ //
$database->delete('interests', ['familyid' => $familyid]);
$interests = [];
foreach ($_POST['events'] as $evt) {
@@ -180,6 +166,10 @@ $database->action(function($database) {
$database->insert("interests", $interests);
+
+ //
+ // Payment
+ //
try {
\Stripe\Stripe::setApiKey(STRIPE_SECKEY);