-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathguestapp.php
More file actions
71 lines (50 loc) · 2.11 KB
/
guestapp.php
File metadata and controls
71 lines (50 loc) · 2.11 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
<?php
session_start();
include "db_conn.php";
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
function validate($data){
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
$branch = validate($_POST['branch']);
$office = validate($_POST['office']);
$email = validate($_POST['email']);
$contact = validate($_POST['contact']);
$first = validate($_POST['first']);
$last = validate($_POST['last']);
$type = validate($_POST['type']);
$identification = validate($_POST['identity']);
$purpose = validate($_POST['purpose']);
$date = validate($_POST['date']);
$time = validate($_POST['time']);
$name = $first . " " . $last;
$sql = "SELECT * FROM overall_appointments WHERE Email LIKE '%$email%'";
$result = mysqli_query($conn, $sql);
$totalresult = mysqli_num_rows($result);
$timeexist = "SELECT * FROM overall_appointments WHERE Date = '$date' AND Time = '$time'";
$checkexist = mysqli_query($conn, $timeexist);
$timeresult = mysqli_num_rows($checkexist);
$limit = "SELECT * FROM overall_appointments WHERE Date='$date'";
$limitres = mysqli_query($conn, $limit);
$totalRows = mysqli_num_rows($limitres);
if($totalresult > 0){
http_response_code(500);
}elseif($timeresult > 0){
http_response_code(500);
}elseif($totalRows > 25){
http_response_code(500);
}else{
$insertstud = "INSERT INTO guest_appointment( Name, Branch, Office, Type, Identity, Contact, Email, Purpose, Date, Time )
VALUES('$name', '$branch','$office','$type','$identification','$contact','$email','$purpose','$date','$time')";
$insertstudres = mysqli_query($conn, $insertstud);
$insertoverall = "INSERT INTO overall_appointments( Name, Date, Time, Office, Branch, Email, Type)
VALUES('$name', '$date','$time','$office','$branch','$email','Guest')";
$insertoverallres = mysqli_query($conn, $insertoverall);
}
if($insertstudres && $insertoverallres){
}else{
http_response_code(500);
}
}