header('Location: /tilaa');
$errs='';
function errfunc($lev,$msg,$fil,$lin,$ctx)
{
global $errs;
$errs.="$msg
";
}
set_error_handler(errfunc);
error_reporting(E_ALL);
include('/home/tpkizlej/connectdb.php');
if(!$db)
{
?>
Jokin on vialla, kantaa ei löydy.
} else
if($_GET['kiitos']>0)
{
if(strlen($_GET['kiitos'])<7)
{
?>
Noh noh.
} else
{
$id=substr($_GET['kiitos'],0,strlen($_GET['kiitos'])-6);
$hash=substr($_GET['kiitos'],strlen($_GET['kiitos'])-6);
$q='select payer_name,recvr_name from subwannabes where '.
"id='".$db->real_escape_string($id)."' and ".
"hash='".$db->real_escape_string($hash)."'";
//print $q;
$r=$db->query($q);
if(!$r)
{
?>
Virheellinen kiitospyyntö.
//print "Onko query ok? $q\n";
} else
{
$a=$r->fetch_row();
if(!$a)
{
?>
Virheellinen kiitospyyntö.
} else
{
$payer = $a[0];
$recvr = $a[1];
include 'kiitos.php';
}
}
}
} else
{
if($_SERVER['REQUEST_METHOD']=='POST')
{
$missingfields=0;
$invalidemails=0;
$notvalidated=0;
$serverside=0;
if(!$_POST['validation']) $missingfields=1;
else
if(trim(strtolower($_POST['validation']))!='tietokonekulttuurin')
$notvalidated=1;
if(!$_POST['payer_name']) $missingfields=1;
if(!$_POST['payer_addr1']) $missingfields=1;
if(!$_POST['payer_zipcode']) $missingfields=1;
if(!$_POST['payer_city']) $missingfields=1;
if(!$_POST['payer_email']) $missingfields=1;
else
if(!filter_var($_POST['payer_email'], FILTER_VALIDATE_EMAIL))
$invalidemails=1;
if(!$_POST['recvr_name'] &&
!$_POST['recvr_addr1'] &&
!$_POST['recvr_zipcode'] &&
!$_POST['recvr_city'] &&
!$_POST['recvr_email'])
{
$_POST['recvr_name'] = $_POST['payer_name'];
$_POST['recvr_addr1'] = $_POST['payer_addr1'];
$_POST['recvr_addr2'] = $_POST['payer_addr2'];
$_POST['recvr_zipcode'] = $_POST['payer_zipcode'];
$_POST['recvr_city'] = $_POST['payer_city'];
$_POST['recvr_country'] = $_POST['payer_country'];
$_POST['recvr_email'] = $_POST['payer_email'];
}
if(!$_POST['recvr_email']) $missingfields=1;
else
if(!filter_var($_POST['recvr_email'], FILTER_VALIDATE_EMAIL))
$invalidemails=1;
if(!$_POST['recvr_name']) $missingfields=1;
if(!$_POST['pdfonly'])
{
if(!$_POST['recvr_addr1']) $missingfields=1;
if(!$_POST['recvr_zipcode']) $missingfields=1;
if(!$_POST['recvr_city']) $missingfields=1;
}
if($missingfields+$invalidemails+$notvalidated==0)
{
$hash = sprintf("%06d",rand(0,999999));
$q = 'insert into subwannabes '.
'(payer_name,payer_addr1,payer_addr2,payer_zipcode,payer_city,payer_country,payer_email,'.
'recvr_name,recvr_addr1,recvr_addr2,recvr_zipcode,recvr_city,recvr_country,recvr_email,'.
'pdfonly,time,origin,referer,hash) values ('.
"'".$db->real_escape_string($_POST['payer_name'])."',".
"'".$db->real_escape_string($_POST['payer_addr1'])."',".
"'".$db->real_escape_string($_POST['payer_addr2'])."',".
"'".$db->real_escape_string($_POST['payer_zipcode'])."',".
"'".$db->real_escape_string($_POST['payer_city'])."',".
"'".$db->real_escape_string($_POST['payer_country'])."',".
"'".$db->real_escape_string($_POST['payer_email'])."',".
"'".$db->real_escape_string($_POST['recvr_name'])."',".
"'".$db->real_escape_string($_POST['recvr_addr1'])."',".
"'".$db->real_escape_string($_POST['recvr_addr2'])."',".
"'".$db->real_escape_string($_POST['recvr_zipcode'])."',".
"'".$db->real_escape_string($_POST['recvr_city'])."',".
"'".$db->real_escape_string($_POST['recvr_country'])."',".
"'".$db->real_escape_string($_POST['recvr_email'])."',".
"'".$db->real_escape_string($_POST['pdfonly'])."',".
"'".time()."',".
"'".$db->real_escape_string($_SERVER['REMOTE_ADDR'])."',".
"'".$db->real_escape_string($_POST['referer'])."',".
"'$hash')";
//print "DOING: $q";
$res=$db->query($q);
if($res)
{
//print "query was ok methinks!\n";
$id = $db->insert_id;
$url="http://www.skrolli.fi/2015/?kiitos=$id$hash";
?>
//header("Location: $url");
//print $errs;
} else
{
$errors=1;
$serverside=1;
include 'lomake.php';
}
} else
{
$errors=1;
include 'lomake.php';
}
} else
{
include 'lomake.php';
}
}
?>