<?php session_start();

include ("../settings.php");
include ("../language/$cfg_language");
include ("../classes/db_functions.php");
include ("../classes/security_functions.php");
include ("../classes/display.php");

$lang=new language();
$dbf=new db_functions($cfg_server,$cfg_username,$cfg_password,$cfg_database,$cfg_tableprefix,$cfg_theme,$lang);
$sec=new security_functions($dbf,'Sales Clerk',$lang);
$display=new display($dbf->conn,$cfg_theme,$cfg_currency_symbol,$lang);

global $cfg_membershipID;

if(!$sec->isLoggedIn())
{
        header ("location: ../login.php");
        exit();
}

?>

<html>
<head>
</head>
<body>

<h3> Progress </h3>
<b>...If membership needs to be sold, click <a href="../sales/sale_ui.php">HERE</a></b><br /><br />
<?php



/* 
if (!mysql_connect($db_host, $db_user, $db_pwd))
    die("Can't connect to database");
 
if (!mysql_select_db($database))
    die("Can't select database");
*/

/**
Validate an email address.
Provide email address (raw input)
Returns true if the email address has the email 
address format and the domain exists.
*/
function validEmail($email)
{
   $isValid = true;
   $atIndex = strrpos($email, "@");
   if (is_bool($atIndex) && !$atIndex)
   {
      $isValid = false;
   }
   else
   {
      $domain = substr($email, $atIndex+1);
      $local = substr($email, 0, $atIndex);
      $localLen = strlen($local);
      $domainLen = strlen($domain);
      if ($localLen < 1 || $localLen > 64)
      {
         // local part length exceeded
         $isValid = false;
      }
      else if ($domainLen < 1 || $domainLen > 255)
      {
         // domain part length exceeded
         $isValid = false;
      }
      else if ($local[0] == '.' || $local[$localLen-1] == '.')
      {
         // local part starts or ends with '.'
         $isValid = false;
      }
      else if (preg_match('/\\.\\./', $local))
      {
         // local part has two consecutive dots
         $isValid = false;
      }
      else if (!preg_match('/^[A-Za-z0-9\\-\\.]+$/', $domain))
      {
         // character not valid in domain part
         $isValid = false;
      }
      else if (preg_match('/\\.\\./', $domain))
      {
         // domain part has two consecutive dots
         $isValid = false;
      }
      else if
(!preg_match('/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/',
                 str_replace("\\\\","",$local)))
      {
         // character not valid in local part unless 
         // local part is quoted
         if (!preg_match('/^"(\\\\"|[^"])+"$/',
             str_replace("\\\\","",$local)))
         {
            $isValid = false;
         }
      }
      if ($isValid && !(checkdnsrr($domain,"MX") || checkdnsrr($domain,"A")))
      {
         // domain not found in DNS
         $isValid = false;
      }
   }
   return $isValid;
}


// sending query

//echo "userID is not set";


$fname = $_POST[fname];
$lname = $_POST[lname];

$maillist = $_POST[maillist];


//if (!preg_match('/^(\(?[2-9]{1}[0-9]{2}\)?|[0-9]{3,3}[-. ]?)[ ][0-9]{3,3}[-. ]?[0-9]{4,4}$/', $_POST[phone1])) {
//die('Phone number invalid. Click back and try again.');
//}

if ($_POST[waiver] == "on"){ $waiver = "1"; } else { $waiver = "0";}
if ($_POST[maillist1] == "on"){ $maillist1 = "1"; } else { $maillist1 = "0";}
if ($_POST[maillist2] == "on"){ $maillist2 = "1"; } else { $maillist2 = "0";}
if ($_POST[maillist3] == "on"){ $maillist3 = "1"; } else { $maillist3 = "0";}
if ($_POST[warnedonce] == "on"){ $warnedonce = "1"; } else { $warnedonce = "0";}
if ($_POST[warnedtwice] == "on"){ $warnedtwice = "1"; } else { $warnedtwice = "0";}
if ($_POST[banned] == "on"){ $banned = "1"; } else { $banned = "0";}

$phone1 = $_POST[phone1];

$email = $_POST[email];
//  $pass = validEmail($email);
//  if ($pass)  { $email = $email; } else { die('E-mail Address is not valid. Click back and try again.'); }
$email = $email;
$address = $_POST[address];
$membertype = $_POST[membertype];
$notes = $_POST[notes];


if (!isset($_GET[userID]) || $_GET[userID] == ""){
	$query = "INSERT INTO customers (first_name, last_name, phone_number, email, maillist1, maillist2, maillist3, street_address, membertype, studentID, drivers, cashdeposit, waiver, warnedonce, warnedtwice, banned, comments) VALUES ('$fname', '$lname', '$phone1', '$email', '$maillist1', '$maillist2', '$maillist3', '$address', '$membertype', '$_POST[studentID]', '$_POST[drivers]','$_POST[cashdeposit]', '$waiver', '$warnedonce', '$warnedtwice', '$banned', '$notes')";

// echo "QUEERY:$query";

	mysql_query($query) or die('Error, user not added. Consult Mark...');

	echo "<b>...User has been added</b><br /><br />";

	//$query = "FLUSH PRIVILEGES";
	//mysql_query($query) or die('Error, flush insert query failed');

//	echo "<b>Here is some technical jargon if you want to check what info was added</b>... <br />$query"; 
/*
	//EMAIL WELCOME TO MEMBER!

	$headers  = 'MIME-Version: 1.0' . "\r\n";
	$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
	$headers .= 'From: reciepts@goodlifebikes.ca' . "\r\n";
	$headers .= 'Reply-to: info@goodlifebikes.ca' . "\r\n";
	
	 $message = "<html><body><br /><br /><b>Please retain or print this receipt for your records</b><br /> $body </body></html>";
	
	// In case any of our lines are larger than 70 characters, we should use wordwrap()
	$message = wordwrap($message, 70);
	
	// Send
	mail($customer_email, "Your E-receipt from $cfg_company", $message, $headers);
	
	echo "<h3>E-Reciept has been sent to &lt;$customer_email&gt;</h3>";

*/


} else {
  $query="UPDATE customers SET first_name='$fname', last_name='$lname', phone_number='$phone1', email='$email', maillist1='$maillist1', maillist2='$maillist2', maillist3='$maillist3', street_address='$address', membertype='$membertype', studentID='$_POST[studentID]', drivers='$_POST[drivers]', cashdeposit='$_POST[cashdeposit]', waiver='$waiver', comments='$notes', warnedonce='$warnedonce', warnedtwice='$warnedtwice', banned='$banned' WHERE id=$_GET[userID] ";

// echo "QUERY : $query";

	mysql_query($query) or die('Error, user not added. Consult Mark...');

	echo "<b>...User $fname $lname has been updated</b>(if no errors appear above)<br /><br />";



	//$query = "FLUSH PRIVILEGES";
	//mysql_query($query) or die('Error, flush insert query failed');

//	echo "<b>Here is some technical jargon if you want to check what info was added</b>... <br />$query"; 


}

if (!isset($_GET[userID]) || $_GET[userID] == ""){

	echo "<b>...register mailing list subscriptions</b>";
	if($maillist1 == 1){$subscribeURL = "https://$cfg_mailmanLocation/mailman/admin/$cfg_mailmanListName1" . "_" . "$cfg_mailmanLocation/members/add?subscribees=$email&adminpw=$cfg_mailmanPass&send_welcome_msg_to_this_batch=0&send_notifications_to_list_owner=0";
	echo "<iframe scrolling=no src=\"$subscribeURL\" style=\"display: block;\" width=\"500\" height=\"80\"><p>Your browser does not support iframes.</p></iframe>";
	}
if($maillist2 == 1){$subscribeURL = "https://$cfg_mailmanLocation/mailman/admin/$cfg_mailmanListName2" . "_" . "$cfg_mailmanLocation/members/add?subscribees=$email&adminpw=$cfg_mailmanPass&send_welcome_msg_to_this_batch=0&send_notifications_to_list_owner=0";
        echo "<iframe scrolling=no src=\"$subscribeURL\" style=\"display: block;\" width=\"500\" height=\"80\"><p>Your browser does not support iframes.</p></iframe>";
        }
if($maillist3 == 1){$subscribeURL = "https://$cfg_mailmanLocation/mailman/admin/$cfg_mailmanListName3" . "_" . "$cfg_mailmanLocation/members/add?subscribees=$email&adminpw=$cfg_mailmanPass&send_welcome_msg_to_this_batch=0&send_notifications_to_list_owner=0";
        echo "<iframe scrolling=no src=\"$subscribeURL\" style=\"display: block;\" width=\"500\" height=\"80\"><p>Your browser does not support iframes.</p></iframe>";
        }

}
echo "<br />...NOTE: If you are not connected to the internet, the user has NOT been added to the mailing lists.";
echo "<br /><br />Finished<br /><br />"
?>
	<a href="../customers/manage_customers.php">Back to Member List...</a>
<body>