Skip to content
GitLab
Commit 925126d2 authored by Leigh B. Stoller's avatar Leigh B. Stoller
Browse files

Commit first cut at preorder form so Jay can mess with it.

parent 99cb795a
Hide whitespace changes
Inline Side-by-side
www/sdr/preorder.php 0 → 100644
View file @ 925126d2
<?php
#
# EMULAB-COPYRIGHT
# Copyright (c) 2004 University of Utah and the Flux Group.
# All rights reserved.
#
chdir("..");
include("defs.php3");
#
# No PAGEHEADER since we spit out a Location header later. See below.
#
# This comes in as a GET argument all the time.
unset($order_id);
if (isset($_GET['order_id'])) {
$order_id = $_GET['order_id'];
}
#
# Spit the form out using the array of data.
#
function SPITFORM($formfields, $errors, $order_id, $justview)
{
if ($errors) {
echo "<table class=nogrid
align=center border=0 cellpadding=6 cellspacing=0>
<tr>
<th align=center colspan=2>
<font size=+1 color=red>
&nbsp;Oops, please fix the following errors!&nbsp;
</font>
</td>
</tr>\n";
while (list ($name, $message) = each ($errors)) {
echo "<tr>
<td align=right>
<font color=red>$name:&nbsp;</font></td>
<td align=left>
<font color=red>$message</font></td>
</tr>\n";
}
echo "</table><br>\n";
}
echo "<table align=center border=1>\n";
if (! $justview) {
echo "<form enctype=multipart/form-data
action=preorder.php" .
($order_id ? "?order_id=$order_id" : "") .
" method=post>\n";
}
#
# Existing order_id.
#
if ($order_id) {
echo "<tr>
<td colspan=1>Order ID:</td>
<td class=left>$order_id</td>
</tr>\n";
}
#
# Full Name
#
echo "<tr>
<td colspan=1>Full Name:</td>
<td class=left>";
if ($justview)
echo $formfields[usr_name];
else
echo "<input type=text
name=\"formfields[usr_name]\"
value=\"" . $formfields[usr_name] . "\"
size=30>";
echo " </td>
</tr>\n";
#
# Email:
#
echo "<tr>
<td colspan=1>Email Address:</td>
<td class=left>";
if ($justview)
echo $formfields[usr_email];
else
echo " <input type=text
name=\"formfields[usr_email]\"
value=\"" . $formfields[usr_email] . "\"
size=30>";
echo " </td>
</tr>\n";
#
# Phone
#
echo "<tr>
<td colspan=1>Phone #:</td>
<td class=left>";
if ($justview)
echo $formfields[usr_phone];
else
echo " <input type=text
name=\"formfields[usr_phone]\"
value=\"" . $formfields[usr_phone] . "\"
size=15>";
echo " </td>
</tr>\n";
#
# Affiliation:
#
echo "<tr>
<td colspan=1>Institutional<br>Affiliation (if any):</td>
<td class=left>";
if ($justview)
echo $formfields[usr_affil];
else
echo " <input type=text
name=\"formfields[usr_affil]\"
value=\"" . $formfields[usr_affil] . "\"
size=40>";
echo " </td>
</tr>\n";
#
# Parts
#
echo "<tr>
<td colspan=2 align=center>USRP Parts Quantities</td>
</tr>\n";
echo "<tr>
<td colspan=1>USRP Motherboard:</td>
<td class=left>";
if ($justview)
echo $formfields[num_mobos];
else
echo " <input type=text
name=\"formfields[num_mobos]\"
value=\"" . $formfields[num_mobos] . "\"
size=3>";
echo " ($0.69 each)";
echo " </td>
</tr>\n";
echo "<tr>
<td colspan=1>420MHZ Daughterboards:</td>
<td class=left>";
if ($justview)
echo $formfields[num_dboards];
else
echo " <input type=text
name=\"formfields[num_dboards]\"
value=\"" . $formfields[num_dboards] . "\"
size=3>";
echo " ($36452832 each)";
echo " </td>
</tr>\n";
#
# Intended Use
#
if ($justview) {
echo "<tr>
<td colspan=2 align=center>
Your intended use
</td>
</tr>
<tr>
<td colspan=2 class=left>" .
$formfields[intended_use] .
"</td>
</tr>\n";
}
else {
echo "<tr>
<td colspan=2 align=center>
Please describe your intended use
</td>
</tr>
<tr>
<td colspan=2 align=center class=left>
<textarea name=\"formfields[intended_use]\"
rows=3 cols=60>" .
ereg_replace("\r", "", $formfields[intended_use]) .
"</textarea>
</td>
</tr>\n";
}
#
# General Comments
#
if ($justview) {
echo "<tr>
<td colspan=2 align=center>
Optional Comments
</td>
</tr>
<tr>
<td colspan=2 class=left>" .
$formfields[comments] .
"</td>
</tr>\n";
}
else {
echo "<tr>
<td colspan=2 align=center>
Any other comments you would like to make?
</td>
</tr>
<tr>
<td colspan=2 align=center class=left>
<textarea name=\"formfields[comments]\"
rows=5 cols=60>" .
ereg_replace("\r", "", $formfields[comments]) .
"</textarea>
</td>
</tr>\n";
}
if (! $justview) {
echo "<tr>
<td colspan=2 align=center>
<b><input type=submit name=submit value=Submit></b>
</td>
</tr>\n";
echo "</form>";
}
echo "</table>\n";
}
# For initial order and for order modify.
$defaults = array();
#
# Check for existing order ID, and pull that from the DB for the defaults
# array.
#
if (isset($order_id) && $order_id != "") {
if (! preg_match("/^[\w]+$/", $order_id)) {
PAGEARGERROR();
}
$query_result =
DBQueryFatal("select * from usrp_orders where order_id='$order_id'");
if (! mysql_num_rows($query_result)) {
USERERROR("No such USRP order id '$order_id'", 1);
}
$row = mysql_fetch_array($query_result);
$defaults["usr_name"] = $row["name"];
$defaults["usr_email"] = $row["email"];
$defaults["usr_phone"] = $row["phone"];
$defaults["usr_affil"] = $row["affiliation"];
$defaults["intended_use"] = $row["intended_use"];
$defaults["comments"] = $row["comments"];
$defaults["num_mobos"] = $row["num_mobos"];
$defaults["num_dboards"] = $row["num_dboards"];
}
else {
$defaults["num_mobos"] = 0;
$defaults["num_dboards"] = 0;
}
#
# The conclusion of a pre-order, or just wanting to view an order.
#
if (isset($_GET['finished']) || isset($_GET['vieworder'])) {
PAGEHEADER("Pre-Order USRP Parts");
if (isset($_GET['finished'])) {
#
# Generate some warm fuzzies.
#
echo "<center><font size=+1>
Thank you for placing your pre-order.<br>We will notify you via
email when you can place your actual order.
</font></center><br>\n";
}
# Spit out order in viewmode only.
SPITFORM($defaults, 0, $order_id, 1);
echo "<br><center>
Would you like to <a href=preorder.php?order_id=$order_id>edit</a>
this order?</center>\n";
PAGEFOOTER();
return;
}
#
# On first load, display a virgin form and exit.
#
if (! isset($_POST['submit'])) {
PAGEHEADER("Pre-Order USRP Parts");
SPITFORM($defaults, 0, $order_id, 0);
PAGEFOOTER();
return;
}
else {
# Form submitted. Make sure we have a formfields array and a target_uid.
if (!isset($_POST['formfields']) ||
!is_array($_POST['formfields'])) {
PAGEARGERROR("Invalid form arguments.");
}
$formfields = $_POST['formfields'];
}
#
# Otherwise, must validate and redisplay if errors
#
$errors = array();
#
# User Name
#
if (!isset($formfields[usr_name]) ||
strcmp($formfields[usr_name], "") == 0) {
$errors["Full Name"] = "Missing Field";
}
elseif (! TBvalid_usrname($formfields[usr_name])) {
$errors["Full Name"] = TBFieldErrorString();
}
#
# User email
#
if (!isset($formfields[usr_email]) ||
strcmp($formfields[usr_email], "") == 0) {
$errors["Email Address"] = "Missing Field";
}
elseif (! TBvalid_email($formfields[usr_email])) {
$errors["Email Address"] = TBFieldErrorString();
}
#
# User Phone
#
if (!isset($formfields[usr_phone]) ||
strcmp($formfields[usr_phone], "") == 0) {
$errors["Phone #"] = "Missing Field";
}
elseif (!TBvalid_phone($formfields[usr_phone])) {
$errors["Phone #"] = TBFieldErrorString();
}
#
# Affiliation
#
if (!isset($formfields[usr_affil])) {
$formfields[usr_affil] = "";
}
elseif (! TBvalid_affiliation($formfields[usr_affil])) {
$errors["Affiliation"] = TBFieldErrorString();
}
#
# Parts.
#
if (!isset($formfields[num_mobos]) ||
strcmp($formfields[num_mobos], "") == 0) {
$errors["#of Motherboards"] = "Missing Field";
}
elseif (! TBvalid_num_pcs($formfields[num_mobos])) {
$errors["#of Motherboards"] = TBFieldErrorString();
}
if (!isset($formfields[num_dboards]) ||
strcmp($formfields[num_dboards], "") == 0) {
$errors["#of Daughterboards"] = "Missing Field";
}
elseif (! TBvalid_num_pcs($formfields[num_dboards])) {
$errors["#of Daughterboards"] = TBFieldErrorString();
}
#
# Intended Use
#
if (!isset($formfields[intended_use]) ||
strcmp($formfields[intended_use], "") == 0) {
$errors["Intended Use"] = "Missing Field";
}
elseif (! TBvalid_why($formfields[intended_use])) {
$errors["Intended Use"] = TBFieldErrorString();
}
#
# Intended Use
#
if (!isset($formfields[comments])) {
$formfields[comments] = "";
}
elseif (! TBvalid_why($formfields[comments])) {
$errors["Comments"] = TBFieldErrorString();
}
if (count($errors)) {
PAGEHEADER("Pre-Order USRP Parts");
SPITFORM($formfields, $errors, $order_id, 0);
PAGEFOOTER();
return;
}
#
# Certain of these values must be escaped or otherwise sanitized.
#
$usr_name = addslashes($formfields[usr_name]);
$usr_email = $formfields[usr_email];
$usr_phone = $formfields[usr_phone];
$usr_affil = addslashes($formfields[usr_affil]);
$intended_use = addslashes($formfields[intended_use]);
$comments = addslashes($formfields[comments]);
$num_mobos = $formfields[num_mobos];
$num_dboards = $formfields[num_dboards];
#
# Insert order into the DB, or update current entry.
#
if (isset($order_id)) {
DBQueryFatal("update usrp_orders set ".
" name='$usr_name', ".
" email='$usr_email', ".
" phone='$usr_phone', ".
" affiliation='$usr_affil', ".
" intended_use='$intended_use', ".
" comments='$comments', ".
" num_mobos='$num_mobos', ".
" num_dboards='$num_dboards', ".
" modify_date=now() ".
"where order_id='$order_id'");
$action = "modified";
}
else {
$order_id = md5(uniqid(rand(),1));
DBQueryFatal("insert into usrp_orders ".
" (order_id, name, email, phone, affiliation, intended_use, ".
" comments, num_mobos, num_dboards, ".
" order_date, modify_date) ".
"values ".
" ('$order_id', '$usr_name', '$usr_email', '$usr_phone', ".
" '$usr_affil', '$intended_use', '$comments', ".
" $num_mobos, $num_dboards, ".
" now(), now())");
$action = "placed";
}
#
# Send email to someone.
#
TBMAIL("$usr_name <$usr_email>",
"USRP Preorder $order_id",
"A USRP preorder has been $action by $usr_name ($usr_email).\n".
"\n".
"Order Info:\n".
"Order ID: $order_id\n".
"Name: $usr_name\n".
"Email: $usr_email\n".
"Phone: $usr_phone\n".
"Affiliation: $usr_affil\n".
"#Motherboards: $num_mobos\n".
"#Daughterboards: $num_dboards\n".
"Intended Use:\n".
"$intended_use\n".
"Comments:\n".
"$comments\n".
"\n".
"Thank you for your preorder. You may modify your order by going to:\n".
"\n".
" ${TBBASE}/usrp/preorder.php?order_id=$order_id\n".
"\n".
"Thank you very much!\n",
"From: $TBMAIL_OPS\n".
"Bcc: $TBMAIL_OPS\n".
"Errors-To: $TBMAIL_WWW");
#
# Spit out a redirect so that the history does not include a post
# in it. The back button skips over the post and to the form.
# See above for conclusion.
#
header("Location: preorder.php?finished=1&order_id=$order_id");
?>
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment