session_start();
// updateUser.php - 03/01/04 - \phpApps\Regis - Updates sp_users and adds sp_list transaction &
// emails NCCS staff.;
// Calls registration_data.php if data request, or registration_reg.php ("thanks...") if not.
/*
select * from admin.sp_list where ticket_id > 4075
mysql_real_escape_string(
*/
$libdir = '/var/www/html/new/lib/';
$field1 = '';
$pageHdg = 'NCCS Request';
$libdir = '/var/www/html/new/lib/';
include($libdir.'settings.php');
require($libdir.'proclib.php');
include($libdir.'head.php');
include($libdir.'datacon.php');
echo "\n
\n";
$smallBanner = 1;
include($libdir.'head2.php');
$debug = 0;
if (count($_POST) > 0)
{
foreach($_POST as $key => $value)
{
if (! empty($_POST[$key]) and ! is_numeric($_POST[$key])) {
$_POST[$key] = addslashes($_POST[$key]);
// echo "var: ".$_POST[$key]."
";
}
}
}
if ( substr($email, 0,7) == 'tpollak'){
$debug = 0;
}
$idAuto = mysql_real_escape_string($HTTP_POST_VARS['idAuto']);
$email = mysql_real_escape_string($email);
debug("id: $idAuto");
// verify that if email changed, it is not a dup:
if ($action == 'edit'){
$qry = "SELECT * FROM admin.sp_users WHERE email = '$email' AND idAuto <> $idAuto";
} else {
$qry = "SELECT * FROM admin.sp_users WHERE email = '$email'";
}
$result = runSql($qry);
if (mysql_num_rows($result) > 0){
echo "This email address already exists! Record cannot be updated. Press 'Back' to change.
\n";
return;
}
$lname = addslashes($lname);
$reasons = addslashes($reasons);
if ( ! validate_email($email)){
abortProgram("You must enter a valid email.");
return;
}
if ($what2update == '1'){
if ($action == 'edit' ){
if ($idAuto <= 1){
abortProgam("Cannot update user record. ID is missing.");
return;
}
$q = "update admin.sp_users SET passwd=MD5('$password'),email='$email',lname='$lname',
fname='$fname',title='$title',org='$org',address='$address',city='$city',state='$state',
zip='$zip',phone='$phone',OrgType='$OrgType',FaxNumber='$fax',notes=concat_ws('; ',notes,'$reqType','$comments'),
Purpose=concat(Purpose,'$reasons') WHERE idAuto=$idAuto";
} elseif ($action == 'add') {
$q = "INSERT INTO admin.sp_users SET passwd=MD5('$password'),email='$email',lname='$lname',
fname='$fname',title='$title',org='$org',address='$address',city='$city',state='$state',
zip='$zip',phone='$phone',OrgType='$OrgType',FaxNumber='$fax',notes=concat_ws('; ',notes,'$reqType','$comments'),
Purpose=concat(Purpose,'$reasons')";
}
debug("updating user table:
$q");
$result = runSql($q);
if ($action == 'add'){
$idAuto = get1value("select idAuto from admin.sp_users where email = '$email'");
debug("New user id: $idAuto");
}
}
$today = date('Y-m-d');
// Add transaction record;
$details = "RequestType: $reqType\nRequested password: $password\nComments: $comments\nReasons: $reasons";
debug( $details);
$shortDetails = "RequestType: $reqType; Reasons: $reasons; Comments: $comments";
debug('what to update: '.what2update);
debug('submit: '.$submit);
debug('submitRequest: '.$submitRequest);
debug( 'short: '.$shortDetails);
$request = 0;
if (strlen($reqType <>'none' and strlen( $reqType)>0) or strlen($reasons.$comments) > 0){
$query = "INSERT INTO admin.sp_list SET
ticket_createdby_userid = $idAuto,
ticket_owner_id = $idAuto,
ticket_short_description = '$shortDetails',
ticket_full_description = '$details',
ticket_status = 'Open',
ticket_severity = 'Medium',
groups = 2,
ticket_added_date = '$today'";
debug("updating tickets:
$query");
$result = runSql($query);
$request = 1;
}
// send email;
$nccsMail = 'nccs@ui.urban.org';
if ($debug == 1){
$nccsMail = 'tpollak2@yahoo.com';
}
$mailText =
"Email: $email\nLast name: $lname\nFirst name: $fname\nTitle: $title\nOrganization: $org\nOrganization Type: $OrgType\nAddress: $address\nCity: $city\nState: $state\nZip: $zip\nPhone: $phone\nRequested password: $password\nComments: $comments\nReasons: $reasons\nRequest type: $reqType\nTo update this record: http://communityplatform.us/PubApps/regis/searchRequest.php?email=$email";
"Email: $email\nLast name: $lname\nFirst name: $fname\nTitle: $title\nOrganization: $org\nOrganization Type: $OrgType\nAddress: $address\nCity: $city\nState: $state\nZip: $zip\nPhone: $phone\nRequested password: $password\nComments: $comments\nReasons: $reasons\nRequest type: $reqType\nTo update this record: http://communityplatform.us/PubApps/regis/searchRequest.php?email=$email";
debug($mailText);
if (1){
if ($reqType == "data") {
debug( "id-b: $idAuto");
require('registration_data.php');
} else if ($reqType=="info") {
mail($nccsMail,"Information Request", $mailText, "From: nccsDataWeb@ui.urban.org\r\n");
include("registration_reg.php");
} else {
mail($nccsMail,"Data Access Request", $mailText, "From: nccsDataWeb@ui.urban.org\r\n");
include("registration_reg.php");
}
}
?>