From a111860d89c8e228b1f98a93e1bc5e94f5c99214 Mon Sep 17 00:00:00 2001
From: Milan Toman <toman@spoton.cz>
Date: Wed, 28 Feb 2024 01:10:02 +0100
Subject: [PATCH] registrace v2 + checks

---
 www/lib/get_races.php |  2 +-
 www/register.php      | 75 ++++++++++++++++++++++++++++++++++---------
 2 files changed, 61 insertions(+), 16 deletions(-)

diff --git a/www/lib/get_races.php b/www/lib/get_races.php
index 18291b7..b30b6d6 100644
--- a/www/lib/get_races.php
+++ b/www/lib/get_races.php
@@ -21,7 +21,7 @@
       $races[] = $row;
     }
   }
-  // would be nice to check if the name / nick / email exists
+  // would be nice to check if the email exists
   $sql = "SELECT ID, NAME, SURNAME, EMAIL from REGISTERED where EMAIL_CHECK like '".$email_check."'";
   $result = $conn->query($sql);
   if ($result->num_rows > 0){
diff --git a/www/register.php b/www/register.php
index d5d774e..4eaaa1b 100644
--- a/www/register.php
+++ b/www/register.php
@@ -7,24 +7,59 @@ include './lib/get_races.php'; //contains list of races, and checks if the email
 foreach($races as $race){
   $race_blob[$race['ID']] = $race['NAME'];
 }    
-if(isset($_POST['fname']) && strlen($_POST['fname']) > 0){ $fname = $_POST['fname'];} else header("Location: http://$base_url/?write_success=false&reason=Jmeno_je_potreba_vyplnit");
-if(isset($_POST['lname']) && strlen($_POST['lname']) > 0){ $lname = $_POST['lname'];} else header("Location: http://$base_url/?write_success=false&reason=Prijmeni_taky");
-if(isset($_POST['email']) && strlen($_POST['email']) > 0){ $email = $_POST['email'];} else header("Location: http://$base_url/?write_success=false&reason=Bez_mailu_to_nepude");
-if(isset($_POST['phone']) && strlen($_POST['phone']) > 0){ $phone = $_POST['phone'];} else header("Location: http://$base_url/?write_success=false&reason=Telefon_potrebuji");
-if(isset($_POST['nick']) && strlen($_POST['nick']) > 0){ $nick = $_POST['nick'];} else header("Location: http://$base_url/?write_success=false&reason=Nejak_se_jemnovat_musite");
-
+$failed_fields = [];
+$failed_input = False;
+if(isset($_POST['fname']) && strlen($_POST['fname']) > 0 && strlen($_POST['fname']) < 20){ $fname = $_POST['fname'];} else {
+  //header("Location: http://$base_url/?write_success=false&reason=Jmeno_je_potreba_vyplnit");
+  $failed_input = True;
+  if(strlen($_POST['fname']) > 20){
+    array_push($failed_fields,"Nějak je dlouhé, to jméno");
+  } 
+  else {
+    array_push($failed_fields,"Jméno chybí");
+  }
+}
+if(isset($_POST['lname']) && strlen($_POST['lname']) > 0 && strlen($_POST['lname']) < 20){ $lname = $_POST['lname'];} else {
+  //header("Location: http://$base_url/?write_success=false&reason=Prijmeni_taky");
+  $failed_input = True;
+  if(strlen($_POST['lname']) > 20){
+    array_push($failed_fields,"Nějak dlouhé, to druhé jméno jest");
+    } else{
+      array_push($failed_fields,"Příjmení chybí");
+    }
+      
+}
+if(isset($_POST['email']) && strlen($_POST['email']) > 0 && strlen($_POST['email']) < 50){ $email = $_POST['email'];} else {
+  //header("Location: http://$base_url/?write_success=false&reason=Bez_mailu_to_nepude");
+  $failed_input = True;
+  if(filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)){
+    array_push($failed_fields,"Email je prostě blbě");
+  } else {
+    array_push($failed_fields,"Email chybí, bez něho to nepůjde");
+  }
+}
+if(isset($_POST['phone']) && strlen($_POST['phone']) > 0 && strlen($_POST['phone']) < 20){ $phone = $_POST['phone'];} else {
+  //header("Location: http://$base_url/?write_success=false&reason=Telefon_potrebuji");
+  $failed_input = True;
+  if(strlen($_POST['phone']) > 15) {
+    array_push($failed_fields,"Pro telefon na Mars je to špatná předvolba");
+    } else {
+      array_push($failed_fields,"Telefon chybí");
+    }
+}
+if(isset($_POST['nick']) && strlen($_POST['nick']) > 0 && strlen($_POST['nick']) < 20){ $nick = $_POST['nick'];} else{
+  //header("Location: http://$base_url/?write_success=false&reason=Nejak_se_jemnovat_musite");
+  $failed_input = True;
+  if(strlen($_POST['nick']) > 20) {
+    array_push($failed_fields,"Tak takhle dlouhej název Tímu se na řidítka nevleze"); 
+    }else {
+      array_push($failed_fields,"Nick, nebo název Tímu chybí");
+    }
+}
 
 if(isset($_POST['confirm'])){
   if($_POST['confirm'] == "true"){
     include "./lib/write_registered.php";
-    //if($write_success['result']){
-    //  header("Location: http://$base_url/?write_success=true&reason=".$write_success['reason']."");
-    //}
-    //else{
-    //  header("Location: http://$base_url/?write_success=false&reason=".$write_success['reason']."");
-    //  //echo "Error: " . $stm . "<br>" . $conn->error;
-    //}
-    //die();
   }
   else {
     echo "Oops.";
@@ -71,6 +106,7 @@ if(isset($_POST['confirm'])){
         <td><? echo $race_blob[$logged_racer['RACE']]; ?></td>
       </tr>
     </table>
+    <p>Taky by ti měl přijít email s potvrzením, kam se startovným a tak dále.</p>
     <h3><a href="../">Zpátky na hlavní stránku</a></h3>
     <?
   }
@@ -111,10 +147,19 @@ else{
       <input type="hidden" name="nick" value="<? echo $_POST['nick']; ?>">
       <input type="hidden" name="race" value="<? echo $race_to_write; ?>">
       <input type="hidden" name="email_check" value="<? echo $rnd_link; ?>">
-      <input type="submit" class="w3-button w3-green w3-round-large" value="Jo, to vypadá dobře, Potvrzuji účast">
+      
+      <input type="submit" <? if($failed_input) echo "disabled"; ?> class="w3-button w3-green w3-round-large" value="Jo, to vypadá dobře, Potvrzuji účast">
     </form>
   </div>
 <?
+if($failed_input){
+  foreach($failed_fields as $failed_field){
+    echo "<h2 class=\"w3-red\">Chyba: $failed_field</h2>";
+  }
+}
+?>
+<h3><a href="../">Zpátky na hlavní stránku</a></h3>
+<?
 // konec predregistracni casti
 }
 ?>