· 6 years ago · May 29, 2019, 03:08 PM
1<!DOCTYPE html>
2<html lang="en">
3
4<head>
5 <meta charset="utf-8" />
6 <meta name="description" content="eoiprocess page php assignment 3" />
7 <meta name="keywrods" content="php, validation" />
8 <meta name="author" content="Anthony Sidoti - 102561282" />
9 <title>CWA - Assignment Three - processEOI</title>
10 <link href="styles/style.css" rel="stylesheet" />
11 <script src="scripts/apply.js"></script>
12</head>
13
14<body>
15<?php
16 include_once "header.inc";
17?>
18<br />
19<div class="pagetitle">
20 <h1>Expression of Interest</h1>
21 </div>
22 <div class="secondarybackground">
23 <div class="pagemargins">
24<?php
25
26 // stores error message, assumes no errors
27 $err_msg="";
28
29 // sanitise the data
30 function sanitiseInput($data) {
31 $data = trim($data);
32 $data = stripslashes($data);
33 $data = htmlspecialchars($data);
34 return $data;
35 }
36
37 // validate form data, echo message
38 if (!isset($_POST["jobRef"])) {
39 header("location:apply.php");
40 exit();
41 }
42
43 // get value. validate and sanitise the values
44 $jobRef=sanitiseInput($_POST["jobRef"]);
45 if ($jobRef=="") {
46 $err_msg .= "<p>Please enter a Job Ref Number.</p>";
47 } else if (!preg_match("/^[A-Za-z\d]{5}$/", $jobRef)) {
48 $err_msg .= "<p>Please make sure your reference number only contains a max of 5 alphanumeric characters.</p>";
49 }
50
51 $fName=sanitiseInput($_POST["fName"]);
52 if ($fName=="") {
53 $err_msg .= "<p>Please enter first name.</p>";
54 } else if (preg_match("/^[a-zA-Z-]{20}$/", $fName)) {
55 $err_msg .= "<p>Please make sure your first name only contains alphanumeric characters.</p>";
56 }
57
58 $lName=sanitiseInput($_POST["lName"]);
59 if ($lName=="") {
60 $err_msg .= "<p>Please enter last name.</p>";
61 } else if (preg_match("/^[a-zA-Z-]{20}$/", $lName)) {
62 $err_msg .= "<p>Please make sure your last name only contains alphanumeric characters.</p>";
63 }
64
65 $dob=sanitiseInput($_POST["dob"]);
66 if (!preg_match("/^\d{2}\/\d{2}\/\d{4}$/", $dob)) {
67 $err_msg .= "<p>Please enter your date of birth so that it follows the dd/mm/yyyy format.</p>";
68 }
69 else {
70 $dob=explode("/", $dob);
71 $dob=$dob[2] . "-" . $dob[1] . "-" . $dob[0];
72
73 $dateDob = date_create($dob);
74 $dateNow = date_create();
75 $age = date_diff($dateDob, $dateNow);
76 $age = date_interval_format($age, "%Y");
77
78 if ($age<15 || $age>80)
79 $err_msg .= "<p>You age is NOT between 15 and 80.</p>";
80 }
81
82 $sex=sanitiseInput($_POST["sex"]);
83 if ($sex="") {
84 $err_msg .= "<p>Please select your gender</p>";
85 }
86
87 $address=sanitiseInput($_POST["address"]);
88 if ($address=="") {
89 $err_msg .= "<p>Please enter your address.</p>";
90 } else if (!preg_match("/^[a-zA-Z0-9_\s]{1,40}$/", $address)){
91 $err_msg .= "<p>Your street address may only contain between 1 and 40 characters</p>";
92 }
93
94 $suburb=sanitiseInput($_POST["suburb"]);
95 if ($suburb=="")
96 $err_msg .= "<p>Please enter your suburb.</p>";
97 else if (!preg_match("/^[a-zA-Z0-9_\s]{1,40}$/", $suburb)){
98 $err_msg .= "<p>Your suburb may only contain between 1 and 40 characters</p>";
99 }
100
101 $state=sanitiseInput($_POST["state"]);
102 if ($state=="")
103 $err_msg .= "<p>Please enter your state.</p>";
104
105 // The following link was used to match the postcodes and states
106 // https://alvinalexander.com/php/php-charat-char_at-function-string
107 function char_at($str, $pos) {
108 return $str{$pos};
109 }
110
111 $postcode=sanitiseInput($_POST["postcode"]);
112 if ($postcode=="") {
113 $err_msg .= "<p>Please enter your postcode.</p>";
114 } else {
115 $fNumber = char_at($postcode, 0);
116 switch ($state) {
117 case 'VIC';
118 if ($fNumber != 3 && $fNumber != 8) {
119 $err_msg .= "<p>The postcode you have entered does not match your state.</p>";
120 }
121 break;
122 case 'NSW';
123 if ($fNumber != 1 && $fNumber != 2) {
124 $err_msg .= "<p>The postcode you have entered does not match your state.</p>";
125 }
126 break;
127 case 'QLD';
128 if ($fNumber != 4 && $fNumber != 9) {
129 $err_msg .= "<p>The postcode you have entered does not match your state.</p>";
130 }
131 break;
132 case 'NT';
133 if ($fNumber != 0) {
134 $err_msg .= "<p>The postcode you have entered does not match your state.</p>";
135 }
136 break;
137 case 'WA';
138 if ($fNumber != 6) {
139 $err_msg .= "<p>The postcode you have entered does not match your state.</p>";
140 }
141 break;
142 case 'SA';
143 if ($fNumber != 5) {
144 $err_msg .= "<p>The postcode you have entered does not match your state.</p>";
145 }
146 break;
147 case 'TAS';
148 if ($fNumber != 7) {
149 $err_msg .= "<p>The postcode you have entered does not match your state.</p>";
150 }
151 break;
152 case 'ACT';
153 if ($fNumber != 0) {
154 $err_msg .= "<p>The postcode you have entered does not match your state.</p>";
155 }
156 break;
157 }
158}
159 // The following site was used to get the regular expresion for a valid email
160 // https://www.oreilly.com/library/view/regular-expressions-cookbook/9781449327453/ch04s01.html
161 $email=sanitiseInput($_POST["email"]);
162 if ($email=="")
163 $err_msg .= "<p>Please enter your email.</p>";
164 else if (preg_match("/^[A-Z0-9+_.-]+@[A-Z0-9.-]+$/", $email)){
165 $err_msg .= "<p>Your email is not in a valid format</p>";
166 }
167
168 $number=sanitiseInput($_POST["number"]);
169 if ($number=="")
170 $err_msg .= "<p>Please enter your phone number.</p>";
171 else if (!preg_match("/^\d{8,12}$/", $number)){
172 $err_msg .= "<p>Your phone number should contain between 8 to 12 digits.</p>";
173 }
174
175 if (isset($_POST["skills"]))
176 $skills=$_POST["skills"];
177 else
178 $err_msg .= "<p>Please select skills.</p>";
179
180 $otherskills=sanitiseInput($_POST["otherskills"]);
181 $otherskillstext=sanitiseInput($_POST['otherskillstext']);
182 if ($otherskills == true && $otherskillstext == "") {
183 $err_msg .= "<p>The other skills checkbox is selected, please enter your other skills.</p>";
184 }
185
186 if ($err_msg!=""){
187 echo $err_msg;
188 }
189 else {
190
191 // connect to db, create table, insert record
192 require_once "settings.php"; // Load MySQL log in credentials
193 $conn = mysqli_connect ($host,$user,$pwd,$sql_db); // Log in and use database
194
195 if ($conn) { // check is database is available for use
196 $query = "CREATE TABLE IF NOT EXISTS eoi (
197 EOInumber INT AUTO_INCREMENT PRIMARY KEY ,
198 jobRef VARCHAR(5) NOT NULL,
199 fName VARCHAR(20) NOT NULL,
200 lName VARCHAR(20) NOT NULL,
201 dob DATE NOT NULL,
202 sex enum('male','female') NOT NULL,
203 address VARCHAR(40) NOT NULL,
204 suburb VARCHAR(40) NOT NULL,
205 state VARCHAR(3) NOT NULL,
206 postcode INT(4) NOT NULL,
207 email VARCHAR(255) NOT NULL,
208 number INT(12) NOT NULL,
209 skills VARCHAR(255) NOT NULL,
210 otherskills VARCHAR(255) NOT NULL,
211 otherskillstext VARCHAR(255) NOT NULL,
212 status enum('new', 'current', 'final') NOT NULL,
213 );";
214
215 $result = mysqli_query ($conn, $query);
216 if ($result) { // check if query was successfully executed
217
218 $query = "INSERT INTO EOI (jobref, fname, lname, dob, sex, address, suburb, state, postcode, email, number, skills, otherskills, otherskillstext, status)
219 VALUES ('$jobRef', '$fName','$lName', '$dob', '$sex', '$address', '$suburb', '$state', '$postcode', '$email', '$number', '" . implode(',', $skills) . "', '$otherskills', '$otherskillstext', 'new');";
220
221 $insert_result = mysqli_query ($conn, $query);
222
223 if ($insert_result) { // check if insert successfully
224 echo "<p>Application inserted successfully. Your application number is " . mysqli_insert_id($conn) . ".</p>";
225 } else {
226 echo "<p>Application inserted unsuccessfully.</p>";
227 }
228 } else {
229 echo "<p>Create table operation unsuccessful.</p>";
230 }
231 mysqli_close ($conn); // Close the database connect
232 } else {
233 echo "<p>Unable to connect to the database.</p>";
234 }
235 }
236?>
237</div>
238</div>
239</body>
240</html>