miles-city-council/public/subscribe.php

<?php

session_set_cookie_params(3600);
session_start();

$email = $_POST['email'];
$fname = $_POST['full_name'];
$phone = $_POST['phone'];
$gender = $_POST['gender'];

$pattern = '/^(?!(?:(?:\\x22?\\x5C[\\x00-\\x7E]\\x22?)|(?:\\x22?[^\\x5C\\x22]\\x22?)){255,})(?!(?:(?:\\x22?\\x5C[\\x00-\\x7E]\\x22?)|(?:\\x22?[^\\x5C\\x22]\\x22?)){65,}@)(?:(?:[\\x21\\x23-\\x27\\x2A\\x2B\\x2D\\x2F-\\x39\\x3D\\x3F\\x5E-\\x7E]+)|(?:\\x22(?:[\\x01-\\x08\\x0B\\x0C\\x0E-\\x1F\\x21\\x23-\\x5B\\x5D-\\x7F]|(?:\\x5C[\\x00-\\x7F]))*\\x22))(?:\\.(?:(?:[\\x21\\x23-\\x27\\x2A\\x2B\\x2D\\x2F-\\x39\\x3D\\x3F\\x5E-\\x7E]+)|(?:\\x22(?:[\\x01-\\x08\\x0B\\x0C\\x0E-\\x1F\\x21\\x23-\\x5B\\x5D-\\x7F]|(?:\\x5C[\\x00-\\x7F]))*\\x22)))*@(?:(?:(?!.*[^.]{64,})(?:(?:(?:xn--)?[a-z0-9]+(?:-+[a-z0-9]+)*\\.){1,126}){1,}(?:(?:[a-z][a-z0-9]*)|(?:(?:xn--)[a-z0-9]+))(?:-+[a-z0-9]+)*)|(?:\\[(?:(?:IPv6:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){7})|(?:(?!(?:.*[a-f0-9][:\\]]){7,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?::(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?)))|(?:(?:IPv6:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){5}:)|(?:(?!(?:.*[a-f0-9]:){5,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3})?::(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3}:)?)))?(?:(?:25[0-5])|(?:2[0-4][0-9])|(?:1[0-9]{2})|(?:[1-9]?[0-9]))(?:\\.(?:(?:25[0-5])|(?:2[0-4][0-9])|(?:1[0-9]{2})|(?:[1-9]?[0-9]))){3}))\\]))$/iD';

if (!isset($phone)) {
    http_response_code(400);
	header('Content-Type: application/json');
    die(json_encode([
	    'field' => 'phone',
	    'message' => 'Error: A phone number is required.'
    ]));
}
//eliminate every char except 0-9
$phone_num = preg_replace("/[^0-9]/", '', $phone);

//eliminate leading 1 if its there
if (strlen($phone_num) == 11)
	$phone_num = preg_replace("/^1/", '', $phone_num);

if (!isset($email) || preg_match($pattern, $email) !== 1) {
    http_response_code(400);
	header('Content-Type: application/json');
    die(json_encode([
	    'field' => 'email',
	    'message' => 'Error: A valid email address is required.'
    ]));
}
if (!isset($fname)) {
    http_response_code(400);
	header('Content-Type: application/json');
    die(json_encode([
	    'field' => 'full_name',
	    'message' => 'Error: A first and last name are required.'
    ]));
}
if (strlen($phone_num) !== 10) {
    http_response_code(400);
	header('Content-Type: application/json');
    die(json_encode([
	    'field' => 'phone',
	    'message' => 'Error: This phone number is invalid.'
    ]));
}
if ($gender && $gender !== 'm' && $gender !== 'f') {
    http_response_code(400);
	header('Content-Type: application/json');
    die(json_encode([
	    'field' => 'gender',
	    'message' => 'Error: An invalid gender was given.'
    ]));
}

$conn = new mysqli("localhost", "mileslinden", "Daiso@6969", "mileslinden");

$query = $conn->prepare(
    "INSERT INTO subscribers (`email`, `full_name`, `phone`, `gender`, `join_date`) VALUES (?, ?, ?, ?, ?)"
);
if (!$query) {
    http_response_code(500);
	header('Content-Type: application/json');
    die(json_encode(['message' => $conn->error]));
}
if (!isset($_SESSION['signups'])) {
	$_SESSION['signups'] = 0;
} else if ($_SESSION['signups'] >= 5) {
	http_response_code(429);
	header('Content-Type: application/json');
	die(json_encode(['message' => 'You are subscribing too often.']));
}
$query->bind_param(
    "sssss",
    $email, $fname, $phone_num, $gender,
    date("Y-m-d H:i:s")
);
if (!$query->execute()) {
	http_response_code(500);
	header('Content-Type: application/json');
	if ($query->errno === 1062) {
		http_response_code(400);
		header('Content-Type: application/json');
		die(json_encode(['message' => 'This email is already subscribed.', 'field' => 'email']));
	} else {
		die(json_encode(['message' => $query->error, 'errno' => $query->errno]));
	}
}
$_SESSION['signups']++;

?>
<!DOCTYPE HTML>
<html lang="en">
    <head>
        <meta charset="utf-8">
        <title>Miles Linden for San Jose City Council</title>
    </head>
    <body>
        <h1>You have subscribed successfully.</h1>
    </body>
</html>
added Join section 2021-05-05 22:35:51 -07:00			`<?php`
Improved error handling 2021-12-27 08:07:02 +00:00
			`session_set_cookie_params(3600);`
			`session_start();`
added Join section 2021-05-05 22:35:51 -07:00
			`$email = $_POST['email'];`
			`$fname = $_POST['full_name'];`
			`$phone = $_POST['phone'];`
Added contact form 2022-01-09 09:30:44 +00:00			`$gender = $_POST['gender'];`
added Join section 2021-05-05 22:35:51 -07:00
			$pattern = '/^(?!(?:(?:\\x22?\\x5C[\\x00-\\x7E]\\x22?)\|(?:\\x22?[^\\x5C\\x22]\\x22?)){255,})(?!(?:(?:\\x22?\\x5C[\\x00-\\x7E]\\x22?)\|(?:\\x22?[^\\x5C\\x22]\\x22?)){65,}@)(?:(?:[\\x21\\x23-\\x27\\x2A\\x2B\\x2D\\x2F-\\x39\\x3D\\x3F\\x5E-\\x7E]+)\|(?:\\x22(?:[\\x01-\\x08\\x0B\\x0C\\x0E-\\x1F\\x21\\x23-\\x5B\\x5D-\\x7F]\|(?:\\x5C[\\x00-\\x7F]))\\x22))(?:\\.(?:(?:[\\x21\\x23-\\x27\\x2A\\x2B\\x2D\\x2F-\\x39\\x3D\\x3F\\x5E-\\x7E]+)\|(?:\\x22(?:[\\x01-\\x08\\x0B\\x0C\\x0E-\\x1F\\x21\\x23-\\x5B\\x5D-\\x7F]\|(?:\\x5C[\\x00-\\x7F]))\\x22)))@(?:(?:(?!.[^.]{64,})(?:(?:(?:xn--)?[a-z0-9]+(?:-+[a-z0-9]+)\\.){1,126}){1,}(?:(?:[a-z][a-z0-9])\|(?:(?:xn--)[a-z0-9]+))(?:-+[a-z0-9]+))\|(?:\\[(?:(?:IPv6:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){7})\|(?:(?!(?:.[a-f0-9][:\\]]){7,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?::(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?)))\|(?:(?:IPv6:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){5}:)\|(?:(?!(?:.*[a-f0-9]:){5,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3})?::(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3}:)?)))?(?:(?:25[0-5])\|(?:2[0-4][0-9])\|(?:1[0-9]{2})\|(?:[1-9]?[0-9]))(?:\\.(?:(?:25[0-5])\|(?:2[0-4][0-9])\|(?:1[0-9]{2})\|(?:[1-9]?[0-9]))){3}))\\]))$/iD';

Added contact form 2022-01-09 09:30:44 +00:00			`if (!isset($phone)) {`
			`http_response_code(400);`
			`header('Content-Type: application/json');`
			`die(json_encode([`
			`'field' => 'phone',`
			`'message' => 'Error: A phone number is required.'`
			`]));`
			`}`
added Join section 2021-05-05 22:35:51 -07:00			`//eliminate every char except 0-9`
			`$phone_num = preg_replace("/[^0-9]/", '', $phone);`

			`//eliminate leading 1 if its there`
			`if (strlen($phone_num) == 11)`
			`$phone_num = preg_replace("/^1/", '', $phone_num);`

Added contact form 2022-01-09 09:30:44 +00:00			`if (!isset($email) \|\| preg_match($pattern, $email) !== 1) {`
Add admin panel 2021-12-27 07:01:20 +00:00			`http_response_code(400);`
Improved error handling 2021-12-27 08:07:02 +00:00			`header('Content-Type: application/json');`
Add admin panel 2021-12-27 07:01:20 +00:00			`die(json_encode([`
			`'field' => 'email',`
Added contact form 2022-01-09 09:30:44 +00:00			`'message' => 'Error: A valid email address is required.'`
Add admin panel 2021-12-27 07:01:20 +00:00			`]));`
added Join section 2021-05-05 22:35:51 -07:00			`}`
Added contact form 2022-01-09 09:30:44 +00:00			`if (!isset($fname)) {`
Add admin panel 2021-12-27 07:01:20 +00:00			`http_response_code(400);`
Improved error handling 2021-12-27 08:07:02 +00:00			`header('Content-Type: application/json');`
Add admin panel 2021-12-27 07:01:20 +00:00			`die(json_encode([`
			`'field' => 'full_name',`
Added contact form 2022-01-09 09:30:44 +00:00			`'message' => 'Error: A first and last name are required.'`
			`]));`
			`}`
			`if (strlen($phone_num) !== 10) {`
			`http_response_code(400);`
			`header('Content-Type: application/json');`
			`die(json_encode([`
			`'field' => 'phone',`
			`'message' => 'Error: This phone number is invalid.'`
			`]));`
			`}`
			`if ($gender && $gender !== 'm' && $gender !== 'f') {`
			`http_response_code(400);`
			`header('Content-Type: application/json');`
			`die(json_encode([`
			`'field' => 'gender',`
Add admin panel 2021-12-27 07:01:20 +00:00			`'message' => 'Error: An invalid gender was given.'`
			`]));`
added Join section 2021-05-05 22:35:51 -07:00			`}`

Add admin panel 2021-12-27 07:01:20 +00:00			`$conn = new mysqli("localhost", "mileslinden", "Daiso@6969", "mileslinden");`

			`$query = $conn->prepare(`
			"INSERT INTO subscribers (`email`, `full_name`, `phone`, `gender`, `join_date`) VALUES (?, ?, ?, ?, ?)"
			`);`
			`if (!$query) {`
			`http_response_code(500);`
Improved error handling 2021-12-27 08:07:02 +00:00			`header('Content-Type: application/json');`
Add admin panel 2021-12-27 07:01:20 +00:00			`die(json_encode(['message' => $conn->error]));`
added Join section 2021-05-05 22:35:51 -07:00			`}`
Improved error handling 2021-12-27 08:07:02 +00:00			`if (!isset($_SESSION['signups'])) {`
			`$_SESSION['signups'] = 0;`
			`} else if ($_SESSION['signups'] >= 5) {`
			`http_response_code(429);`
			`header('Content-Type: application/json');`
			`die(json_encode(['message' => 'You are subscribing too often.']));`
			`}`
Add admin panel 2021-12-27 07:01:20 +00:00			`$query->bind_param(`
			`"sssss",`
			`$email, $fname, $phone_num, $gender,`
added Join section 2021-05-05 22:35:51 -07:00			`date("Y-m-d H:i:s")`
			`);`
Improved error handling 2021-12-27 08:07:02 +00:00			`if (!$query->execute()) {`
			`http_response_code(500);`
			`header('Content-Type: application/json');`
			`if ($query->errno === 1062) {`
			`http_response_code(400);`
			`header('Content-Type: application/json');`
			`die(json_encode(['message' => 'This email is already subscribed.', 'field' => 'email']));`
			`} else {`
			`die(json_encode(['message' => $query->error, 'errno' => $query->errno]));`
			`}`
			`}`
			`$_SESSION['signups']++;`
added Join section 2021-05-05 22:35:51 -07:00
			`?>`
			`<!DOCTYPE HTML>`
			`<html lang="en">`
			`<head>`
			`<meta charset="utf-8">`
			`<title>Miles Linden for San Jose City Council</title>`
			`</head>`
			`<body>`
Add admin panel 2021-12-27 07:01:20 +00:00			`<h1>You have subscribed successfully.</h1>`
added Join section 2021-05-05 22:35:51 -07:00			`</body>`
			`</html>`