-
Notifications
You must be signed in to change notification settings - Fork 0
/
submit_form.php
76 lines (60 loc) · 1.77 KB
/
submit_form.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
<?php
session_start();
$ROOT_PATH = '.';
require_once('helpers/json.php');
require_once('helpers/data_validation.php');
require_once('helpers/validation.php');
require_once('helpers/database.php');
require_once('helpers/user.php');
require_once('helpers/form.php');
function submit_form() {
// Return if submission is in progress.
if(isset($_SESSION['submit']) && $_SESSION['submit'] == true) {
return 'ERROR: SUBMISSION IN PROGRESS';
}
$_SESSION['submit'] = true;
if(!(
isset($_SESSION['logged_in']) &&
$_SESSION['logged_in'] == true &&
isset($_SESSION['username']) &&
is_string($_SESSION['username'])
)) {
$_SESSION['submit'] = false;
return 'ERROR: NOT LOGGED IN';
}
if(
!isset($_POST['form_data']) ||
!is_string($_POST['form_data']) ||
!is_json($_POST['form_data'])
) {
$_SESSION['submit'] = false;
return 'ERROR: INVALID FORM DATA';
}
$form = json_decode($_POST['form_data']);
if(!property_exists($form, 'owner') || $form->owner != getUserId($_SESSION['username'])) {
$_SESSION['submit'] = false;
return 'ERROR: INCORRECT OWNER';
}
$validation = validate_form($form);
if($validation === true) {
// Begin transaction
$db = getDbInstance();
$db->beginTransaction();
$added = addForm($form);
$_SESSION['submit'] = false;
if($added !== false) {
// Commit transaction
$db->commit();
return 'SUCCESS' . $added;
} else {
// Error - Rollback Transaction
$db->rollback();
return 'ERROR: ADD FORM FAILED: ' . $added;
}
} else {
$_SESSION['submit'] = false;
return $validation;
}
}
echo submit_form();
?>