Forum Moderators: coopster
-khanh
/*
inializing PN
this is needed to preserv PN SESSION variables
*/
ini_set('include_path',ini_get('include_path').':../:'); //sets to main dir since pnAPI.php will include other files too.
if(!include ("includes/pnAPI.php")){
die("Error code 1: Failed to load core file");
}
pnInit();
if(!include("includes/inc.php")){
die("Error code 2: Failed to load core file");
}
/*
prevents inclusion
*/if(includedScript("orderformProcessCheckout.php")){
die("Please don't include me.");
}
/*
if cart is set->continue
*/
if(isset($_SESSION['orderformShoppingCart'])){
/*
retrieving variables
*/
$orderformFirstName = mysql_less_safe(clean_var($_POST['orderformFirstName']));
$orderformLastName = mysql_less_safe(clean_var($_POST['orderformLastName']));
$orderformService = mysql_less_safe(clean_var($_POST['orderformService']));
$orderformTitlePosition = mysql_less_safe(clean_var($_POST['orderformTitlePosition']));
$orderformFacility = mysql_less_safe(clean_var($_POST['orderformFacility']));
$orderformAddress = mysql_less_safe(clean_var($_POST['orderformAddress']));
$orderformCity = mysql_less_safe(clean_var($_POST['orderformCity']));
$orderformState = mysql_less_safe(clean_var($_POST['orderformState']));
$orderformZip = mysql_less_safe(clean_var($_POST['orderformZip']));
$orderformCountry = mysql_less_safe(clean_var($_POST['orderformCountry']));
$orderformPhone = mysql_less_safe(clean_var($_POST['orderformPhone']));
$orderformEmail = mysql_less_safe(clean_var($_POST['orderformEmail']));
/*
checking variables
*/
$results = array(); //holds error
/*
first name
*/
if(validInputString($orderformFirstName) && strlen($orderformFirstName)>0){
$_SESSION['orderformFirstName'] = $orderformFirstName;
}
else{
unset($_SESSION['orderformFirstName']);
$results[] = "<div class=\"error\">First Name is empty or contains invalid characters</div>\n";
}
/*
last name
*/
if(validInputString($orderformLastName) && strlen(orderformLastName)>0){
$_SESSION['orderformLastName'] = $orderformLastName;
}
else{
unset($_SESSION['orderformLastName']);
$results[] = "<div class=\"error\">Last Name is empty or contains invalid characters</div>\n";
}
/*
service
*/
if(strcasecmp($orderformService, "AIR_FORCE")==0 ¦¦ strcasecmp($orderformService, "ARMY")==0
¦¦ strasecmp($orderformService, "NAVY")==0 ¦¦ strcasecmp($orderformService, "other")==0){
$_SESSION['orderformService'] = $orderformService;
}
else{
unset($_SESSION['orderformService']);
$results[] = "<div class=\"error\">Service is invalid</div>\n";
}
/*
title/position
*/
if(validInputString($orderformTitlePosition) && strlen($orderformTitlePosition) > 0){
$_SESSION['orderformTitlePosition'] = $orderformTitlePosition;
}
else{
unset($_SESSION['orderformTitlePosition']);
$results[] = "<div class=\"error\">Title/Position is empty or contains invalid characters</div>\n";
}
/*
facility
*/
if(validInputString($orderformFacility) && strlen($orderformFacility) > 0){
$_SESSION['orderformFacility'] = $orderformFacility;
}
else{
unset($_SESSION['orderformFacility']);
$results[] = "<div class=\"error\">Facility is empty or contains invalid characters</div>\n";
}
/*
Address
*/
if(validInputString($orderformAddress) && strlen($orderformAddress) > 0){
$_SESSION['orderformAddress'] = $orderformAddress;
}
else{
unset($_SESSION['orderformAddress']);
$results[] = "<div class=\"error\">Address is empty or contains invalid characters</div>\n";
}
/*
city
*/
if(validInputString($orderformCity) && strlen($orderformCity) > 0){
$_SESSION['orderformCity'] = $orderformCity;
}
else{
unset($_SESSION['orderformCity']);
$results[] = "<div class=\"error\">City is empty or contains invalid characters</div>\n";
}
/*
Zip
*/
if(validZip($orderformZip)){
$_SESSION['orderformZip'] = $orderformZip;
}
else{
unset($_SESSION['orderformZip']);
$results[] = "<div class=\"error\">Zip is not long enough or contains invalid characters</div>\n";
}
/*
state
*/
if(validInputString($orderformState) && strlen($orderformState) > 0){
$_SESSION['orderformState'] = $orderformState;
}
else{
unset($_SESSION['orderformState']);
$results[] = "<div class=\"error\">State is not long enough or contains invalid characters</div>\n";
}
/*
Country
*/
if(validInputString($orderformCountry) && strlen($orderformCountry) > 0){
$_SESSION['orderformCountry'] = $orderformCountry;
}
else{
unset($_SESSION['orderformCountry']);
$results[] = "<div class=\"error\">Country is empty or contains invalid characters</div>\n";
}
/*
phone
*/
if(validPhone($orderformPhone)){
$_SESSION['orderformPhone'] = $orderformPhone;
}
else{
unset($_SESSION['orderformPhone']);
$results[] = "<div class=\"error\">Phone is must be at least 10 digits and may only contain dashes and periods.</div>\n";
}
/*
email
*/
if(validEmail($orderformEmail) && validEmail2($orderformEmail)){
$_SESSION['orderformEmail'] = $orderformEmail;
}
else{
unset($_SESSION['orderformEmail']);
$results[] = "<div class=\"error\">Email is invalid.</div>\n";
}
/*
assigns results to session
*/
if(!empty($results[0])){
$_SESSION['results'] = $results;
}
}//ends if cart is set
/*
cart is not set -> disp. error
*/
else{
$_SESSION['results'] = "<div class=\"error\">Cart is not set.</div>\n";
}
header('Location: /index.php?name=psorderform&view=checkout');
