2024-04-29 16:09:02 +02:00
|
|
|
<?php
|
|
|
|
header("Access-Control-Allow-Origin: *");
|
|
|
|
header("Content-Type: application/json; charset=UTF-8");
|
|
|
|
header("Access-Control-Allow-Methods: POST");
|
|
|
|
header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");
|
|
|
|
|
|
|
|
require_once('../../utils/config.php');
|
|
|
|
require_once('../../utils/db.php');
|
|
|
|
require_once('../../utils/tools.php');
|
2024-05-04 02:41:04 +02:00
|
|
|
|
|
|
|
$authorization = $_SERVER["HTTP_AUTHORIZATION"];
|
|
|
|
if(strcmp($authorization, API_KEY) !== 0) {
|
|
|
|
echo 'STOP TRYING TO STEAL MY DATA!';
|
|
|
|
exit;
|
|
|
|
}
|
2024-04-29 16:09:02 +02:00
|
|
|
|
|
|
|
$method = $_SERVER['REQUEST_METHOD'];
|
|
|
|
if ('POST' === $method) {
|
|
|
|
parse_str(file_get_contents('php://input'), $_POST);
|
|
|
|
}
|
|
|
|
|
|
|
|
$connection = connect();
|
|
|
|
|
|
|
|
$rid = intval($_POST["rid"]);
|
|
|
|
$firstname = escape($connection, $_POST["firstname"]);
|
|
|
|
$lastname = escape($connection, $_POST["lastname"]);
|
|
|
|
$birthday = escape($connection, $_POST["birthday"]);
|
|
|
|
$gender = intval($_POST["gender"]);
|
|
|
|
$street = escape($connection, $_POST["street"]);
|
|
|
|
$house = intval($_POST["house"]);
|
|
|
|
$zip = escape($connection, $_POST["zip"]);
|
|
|
|
$city = escape($connection, $_POST["city"]);
|
|
|
|
$phone = escape($connection, $_POST["phone"]);
|
|
|
|
$email = escape($connection, $_POST["email"]);
|
|
|
|
|
2024-04-30 16:44:28 +02:00
|
|
|
$accountholder = escape($connection, $_POST["accountHolder"]);
|
2024-04-29 16:09:02 +02:00
|
|
|
$iban = escape($connection, $_POST["iban"]);
|
|
|
|
$bic = escape($connection, $_POST["bic"]);
|
|
|
|
$bank = escape($connection, $_POST["bank"]);
|
|
|
|
|
2024-04-30 16:44:28 +02:00
|
|
|
$applicationconsent = $_POST["applicationConsent"] === "true";
|
|
|
|
$datachangeconsent = $_POST["dataChangeConsent"] === "true";
|
|
|
|
$privacypolicyconsent = $_POST["privacyPolicyConsent"] === "true";
|
|
|
|
$directdebitconsent = $_POST["directDebitConsent"] === "true";
|
|
|
|
$returndebitconsent = $_POST["returnDebitConsent"] === "true";
|
|
|
|
$datastorageconsent = $_POST["dataStorageConsent"] === "true";
|
|
|
|
$multimediaconsent = $_POST["multimediaConsent"] === "true";
|
|
|
|
|
|
|
|
$registrationfrom = registrationDate()->format('Y-m-d');
|
2024-04-29 16:09:02 +02:00
|
|
|
|
|
|
|
$querystr = "SELECT * FROM li_registrations
|
|
|
|
WHERE li_registrations.rid = ${rid}";
|
2024-04-30 16:44:28 +02:00
|
|
|
|
2024-04-29 16:09:02 +02:00
|
|
|
$result = mysqli_query($connection, $querystr);
|
|
|
|
if($result->num_rows !== 0) {
|
|
|
|
$querystr = "UPDATE li_registrations SET firstname='${firstname}', lastname='${lastname}', birthday='${birthday}',
|
|
|
|
gender=${gender}, street='${street}', house=${house},
|
|
|
|
zip='${zip}', city='${city}', phone='${phone}', email='${email}',
|
|
|
|
accountholder='${accountHolder}', iban='${iban}', bic='${bic}', bank='${bank}',
|
|
|
|
applicationconsent=${applicationconsent}, datachangeconsent=${datachangeconsent}, privacypolicyconsent=${privacypolicyconsent},
|
2024-04-30 16:44:28 +02:00
|
|
|
directdebitconsent=${directdebitconsent}, returndebitconsent=${returndebitconsent}, datastorageconsent=${datastorageconsent}, multimediaconsent=${multimediaconsent},
|
2024-04-29 16:09:02 +02:00
|
|
|
WHERE rid=${rid}";
|
|
|
|
} else {
|
|
|
|
$querystr = "INSERT INTO li_registrations (firstname, lastname, birthday, gender, street, house, zip, city, phone, email,
|
|
|
|
accountholder, iban, bic, bank,
|
2024-04-30 16:44:28 +02:00
|
|
|
applicationconsent, datachangeconsent, privacypolicyconsent, directdebitconsent,
|
|
|
|
returndebitconsent, datastorageconsent, multimediaconsent, registrationfrom)
|
2024-04-29 16:09:02 +02:00
|
|
|
|
2024-04-30 16:44:28 +02:00
|
|
|
VALUES('{$firstname}', '{$lastname}', '{$birthday}', {$gender}, '{$street}', {$house}, '{$zip}', '{$city}', '{$phone}', '{$email}',
|
|
|
|
'{$accountholder}', '{$iban}', '{$bic}', '{$bank}',
|
|
|
|
{$applicationconsent}, {$datachangeconsent}, {$privacypolicyconsent}, {$directdebitconsent},
|
|
|
|
{$returndebitconsent}, {$datastorageconsent}, {$multimediaconsent}, '{$registrationfrom}')";
|
|
|
|
|
|
|
|
echo json_encode('{ "result": "' . $querystr . '" }');
|
2024-04-29 16:09:02 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
$result = mysqli_query($connection, $querystr);
|
|
|
|
|
2024-05-14 00:05:57 +02:00
|
|
|
$to = REGISTRATION_MAIL;
|
|
|
|
$title = 'Neue Anmeldung bei Li-Dance';
|
|
|
|
$message = "
|
|
|
|
<html><head><title>Neue Anmeldung bei Li-Dance</title></head><body>
|
|
|
|
<p>{$firstname} {$lastname} aus {$city} hat sich angemeldet.</p>
|
|
|
|
<p>Btte bearbeite diese möglichst schnell: <a href='" . REGISTRATION_URL . "'>Zur Anmeldung</a></p>
|
|
|
|
</body></html>";
|
|
|
|
|
|
|
|
$header[] = 'MIME-Version: 1.0';
|
|
|
|
$header[] = 'Content-type: text/html; charset=iso-8859-1';
|
|
|
|
$header[] = 'To: ' . REGISTRATION_MAIL;
|
|
|
|
$header[] = 'From: Li-Dance Registrierung <registration@li-dance.de>';
|
|
|
|
$header[] = 'X-Mailer: PHP/' . phpversion();
|
|
|
|
|
|
|
|
mb_send_mail($to, $title, $message, implode("\r\n", $header));
|
|
|
|
|
2024-04-29 16:09:02 +02:00
|
|
|
echo json_encode('{ "result": "' . $result . '" }');
|
|
|
|
?>
|