Commit 925126d2 authored by Leigh B. Stoller's avatar Leigh B. Stoller

Commit first cut at preorder form so Jay can mess with it.

parent 99cb795a
<?php
#
# EMULAB-COPYRIGHT
# Copyright (c) 2004 University of Utah and the Flux Group.
# All rights reserved.
#
chdir("..");
include("defs.php3");
#
# No PAGEHEADER since we spit out a Location header later. See below.
#
# This comes in as a GET argument all the time.
unset($order_id);
if (isset($_GET['order_id'])) {
$order_id = $_GET['order_id'];
}
#
# Spit the form out using the array of data.
#
function SPITFORM($formfields, $errors, $order_id, $justview)
{
if ($errors) {
echo "<table class=nogrid
align=center border=0 cellpadding=6 cellspacing=0>
<tr>
<th align=center colspan=2>
<font size=+1 color=red>
&nbsp;Oops, please fix the following errors!&nbsp;
</font>
</td>
</tr>\n";
while (list ($name, $message) = each ($errors)) {
echo "<tr>
<td align=right>
<font color=red>$name:&nbsp;</font></td>
<td align=left>
<font color=red>$message</font></td>
</tr>\n";
}
echo "</table><br>\n";
}
echo "<table align=center border=1>\n";
if (! $justview) {
echo "<form enctype=multipart/form-data
action=preorder.php" .
($order_id ? "?order_id=$order_id" : "") .
" method=post>\n";
}
#
# Existing order_id.
#
if ($order_id) {
echo "<tr>
<td colspan=1>Order ID:</td>
<td class=left>$order_id</td>
</tr>\n";
}
#
# Full Name
#
echo "<tr>
<td colspan=1>Full Name:</td>
<td class=left>";
if ($justview)
echo $formfields[usr_name];
else
echo "<input type=text
name=\"formfields[usr_name]\"
value=\"" . $formfields[usr_name] . "\"
size=30>";
echo " </td>
</tr>\n";
#
# Email:
#
echo "<tr>
<td colspan=1>Email Address:</td>
<td class=left>";
if ($justview)
echo $formfields[usr_email];
else
echo " <input type=text
name=\"formfields[usr_email]\"
value=\"" . $formfields[usr_email] . "\"
size=30>";
echo " </td>
</tr>\n";
#
# Phone
#
echo "<tr>
<td colspan=1>Phone #:</td>
<td class=left>";
if ($justview)
echo $formfields[usr_phone];
else
echo " <input type=text
name=\"formfields[usr_phone]\"
value=\"" . $formfields[usr_phone] . "\"
size=15>";
echo " </td>
</tr>\n";
#
# Affiliation:
#
echo "<tr>
<td colspan=1>Institutional<br>Affiliation (if any):</td>
<td class=left>";
if ($justview)
echo $formfields[usr_affil];
else
echo " <input type=text
name=\"formfields[usr_affil]\"
value=\"" . $formfields[usr_affil] . "\"
size=40>";
echo " </td>
</tr>\n";
#
# Parts
#
echo "<tr>
<td colspan=2 align=center>USRP Parts Quantities</td>
</tr>\n";
echo "<tr>
<td colspan=1>USRP Motherboard:</td>
<td class=left>";
if ($justview)
echo $formfields[num_mobos];
else
echo " <input type=text
name=\"formfields[num_mobos]\"
value=\"" . $formfields[num_mobos] . "\"
size=3>";
echo " ($0.69 each)";
echo " </td>
</tr>\n";
echo "<tr>
<td colspan=1>420MHZ Daughterboards:</td>
<td class=left>";
if ($justview)
echo $formfields[num_dboards];
else
echo " <input type=text
name=\"formfields[num_dboards]\"
value=\"" . $formfields[num_dboards] . "\"
size=3>";
echo " ($36452832 each)";
echo " </td>
</tr>\n";
#
# Intended Use
#
if ($justview) {
echo "<tr>
<td colspan=2 align=center>
Your intended use
</td>
</tr>
<tr>
<td colspan=2 class=left>" .
$formfields[intended_use] .
"</td>
</tr>\n";
}
else {
echo "<tr>
<td colspan=2 align=center>
Please describe your intended use
</td>
</tr>
<tr>
<td colspan=2 align=center class=left>
<textarea name=\"formfields[intended_use]\"
rows=3 cols=60>" .
ereg_replace("\r", "", $formfields[intended_use]) .
"</textarea>
</td>
</tr>\n";
}
#
# General Comments
#
if ($justview) {
echo "<tr>
<td colspan=2 align=center>
Optional Comments
</td>
</tr>
<tr>
<td colspan=2 class=left>" .
$formfields[comments] .
"</td>
</tr>\n";
}
else {
echo "<tr>
<td colspan=2 align=center>
Any other comments you would like to make?
</td>
</tr>
<tr>
<td colspan=2 align=center class=left>
<textarea name=\"formfields[comments]\"
rows=5 cols=60>" .
ereg_replace("\r", "", $formfields[comments]) .
"</textarea>
</td>
</tr>\n";
}
if (! $justview) {
echo "<tr>
<td colspan=2 align=center>
<b><input type=submit name=submit value=Submit></b>
</td>
</tr>\n";
echo "</form>";
}
echo "</table>\n";
}
# For initial order and for order modify.
$defaults = array();
#
# Check for existing order ID, and pull that from the DB for the defaults
# array.
#
if (isset($order_id) && $order_id != "") {
if (! preg_match("/^[\w]+$/", $order_id)) {
PAGEARGERROR();
}
$query_result =
DBQueryFatal("select * from usrp_orders where order_id='$order_id'");
if (! mysql_num_rows($query_result)) {
USERERROR("No such USRP order id '$order_id'", 1);
}
$row = mysql_fetch_array($query_result);
$defaults["usr_name"] = $row["name"];
$defaults["usr_email"] = $row["email"];
$defaults["usr_phone"] = $row["phone"];
$defaults["usr_affil"] = $row["affiliation"];
$defaults["intended_use"] = $row["intended_use"];
$defaults["comments"] = $row["comments"];
$defaults["num_mobos"] = $row["num_mobos"];
$defaults["num_dboards"] = $row["num_dboards"];
}
else {
$defaults["num_mobos"] = 0;
$defaults["num_dboards"] = 0;
}
#
# The conclusion of a pre-order, or just wanting to view an order.
#
if (isset($_GET['finished']) || isset($_GET['vieworder'])) {
PAGEHEADER("Pre-Order USRP Parts");
if (isset($_GET['finished'])) {
#
# Generate some warm fuzzies.
#
echo "<center><font size=+1>
Thank you for placing your pre-order.<br>We will notify you via
email when you can place your actual order.
</font></center><br>\n";
}
# Spit out order in viewmode only.
SPITFORM($defaults, 0, $order_id, 1);
echo "<br><center>
Would you like to <a href=preorder.php?order_id=$order_id>edit</a>
this order?</center>\n";
PAGEFOOTER();
return;
}
#
# On first load, display a virgin form and exit.
#
if (! isset($_POST['submit'])) {
PAGEHEADER("Pre-Order USRP Parts");
SPITFORM($defaults, 0, $order_id, 0);
PAGEFOOTER();
return;
}
else {
# Form submitted. Make sure we have a formfields array and a target_uid.
if (!isset($_POST['formfields']) ||
!is_array($_POST['formfields'])) {
PAGEARGERROR("Invalid form arguments.");
}
$formfields = $_POST['formfields'];
}
#
# Otherwise, must validate and redisplay if errors
#
$errors = array();
#
# User Name
#
if (!isset($formfields[usr_name]) ||
strcmp($formfields[usr_name], "") == 0) {
$errors["Full Name"] = "Missing Field";
}
elseif (! TBvalid_usrname($formfields[usr_name])) {
$errors["Full Name"] = TBFieldErrorString();
}
#
# User email
#
if (!isset($formfields[usr_email]) ||
strcmp($formfields[usr_email], "") == 0) {
$errors["Email Address"] = "Missing Field";
}
elseif (! TBvalid_email($formfields[usr_email])) {
$errors["Email Address"] = TBFieldErrorString();
}
#
# User Phone
#
if (!isset($formfields[usr_phone]) ||
strcmp($formfields[usr_phone], "") == 0) {
$errors["Phone #"] = "Missing Field";
}
elseif (!TBvalid_phone($formfields[usr_phone])) {
$errors["Phone #"] = TBFieldErrorString();
}
#
# Affiliation
#
if (!isset($formfields[usr_affil])) {
$formfields[usr_affil] = "";
}
elseif (! TBvalid_affiliation($formfields[usr_affil])) {
$errors["Affiliation"] = TBFieldErrorString();
}
#
# Parts.
#
if (!isset($formfields[num_mobos]) ||
strcmp($formfields[num_mobos], "") == 0) {
$errors["#of Motherboards"] = "Missing Field";
}
elseif (! TBvalid_num_pcs($formfields[num_mobos])) {
$errors["#of Motherboards"] = TBFieldErrorString();
}
if (!isset($formfields[num_dboards]) ||
strcmp($formfields[num_dboards], "") == 0) {
$errors["#of Daughterboards"] = "Missing Field";
}
elseif (! TBvalid_num_pcs($formfields[num_dboards])) {
$errors["#of Daughterboards"] = TBFieldErrorString();
}
#
# Intended Use
#
if (!isset($formfields[intended_use]) ||
strcmp($formfields[intended_use], "") == 0) {
$errors["Intended Use"] = "Missing Field";
}
elseif (! TBvalid_why($formfields[intended_use])) {
$errors["Intended Use"] = TBFieldErrorString();
}
#
# Intended Use
#
if (!isset($formfields[comments])) {
$formfields[comments] = "";
}
elseif (! TBvalid_why($formfields[comments])) {
$errors["Comments"] = TBFieldErrorString();
}
if (count($errors)) {
PAGEHEADER("Pre-Order USRP Parts");
SPITFORM($formfields, $errors, $order_id, 0);
PAGEFOOTER();
return;
}
#
# Certain of these values must be escaped or otherwise sanitized.
#
$usr_name = addslashes($formfields[usr_name]);
$usr_email = $formfields[usr_email];
$usr_phone = $formfields[usr_phone];
$usr_affil = addslashes($formfields[usr_affil]);
$intended_use = addslashes($formfields[intended_use]);
$comments = addslashes($formfields[comments]);
$num_mobos = $formfields[num_mobos];
$num_dboards = $formfields[num_dboards];
#
# Insert order into the DB, or update current entry.
#
if (isset($order_id)) {
DBQueryFatal("update usrp_orders set ".
" name='$usr_name', ".
" email='$usr_email', ".
" phone='$usr_phone', ".
" affiliation='$usr_affil', ".
" intended_use='$intended_use', ".
" comments='$comments', ".
" num_mobos='$num_mobos', ".
" num_dboards='$num_dboards', ".
" modify_date=now() ".
"where order_id='$order_id'");
$action = "modified";
}
else {
$order_id = md5(uniqid(rand(),1));
DBQueryFatal("insert into usrp_orders ".
" (order_id, name, email, phone, affiliation, intended_use, ".
" comments, num_mobos, num_dboards, ".
" order_date, modify_date) ".
"values ".
" ('$order_id', '$usr_name', '$usr_email', '$usr_phone', ".
" '$usr_affil', '$intended_use', '$comments', ".
" $num_mobos, $num_dboards, ".
" now(), now())");
$action = "placed";
}
#
# Send email to someone.
#
TBMAIL("$usr_name <$usr_email>",
"USRP Preorder $order_id",
"A USRP preorder has been $action by $usr_name ($usr_email).\n".
"\n".
"Order Info:\n".
"Order ID: $order_id\n".
"Name: $usr_name\n".
"Email: $usr_email\n".
"Phone: $usr_phone\n".
"Affiliation: $usr_affil\n".
"#Motherboards: $num_mobos\n".
"#Daughterboards: $num_dboards\n".
"Intended Use:\n".
"$intended_use\n".
"Comments:\n".
"$comments\n".
"\n".
"Thank you for your preorder. You may modify your order by going to:\n".
"\n".
" ${TBBASE}/usrp/preorder.php?order_id=$order_id\n".
"\n".
"Thank you very much!\n",
"From: $TBMAIL_OPS\n".
"Bcc: $TBMAIL_OPS\n".
"Errors-To: $TBMAIL_WWW");
#
# Spit out a redirect so that the history does not include a post
# in it. The back button skips over the post and to the form.
# See above for conclusion.
#
header("Location: preorder.php?finished=1&order_id=$order_id");
?>
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment