?php
// DD SIGNUP FUNCTIONS //

//////////////////////////
// Tiina Vuorenmaa

// dating.deliciously
// Last Updated: 9/20/2009
/////////////////////////

//signup variables
//first_name, last_name, email, password, password_again, gender, looking_for, birthmonth, birthday, birthyear
//$email, $password, $join_date, $first_name, $last_name, $gender, $looking_for, $birthdate

//chesks to see if the form has been submitted yet
//if (isset($_POST[first_name]) || isset($_POST[last_name]) || isset($_POST[gender]) || isset($_POST[looking_for]) || isset($_POST[password]) || isset($_POST[password_again]) || isset($_POST[birth_month]) || isset($_POST[birth_day]) || isset($_POST[birth_year]) || isset($_POST[email])) {
if (isset($_POST['register_submit'])) {
$first_time = false;
}
else {
//if not it's the first time
$first_time = true;
//echo "This is the first time";
}
////////////////////////////////////////////////////////////////////////////////////////
//grab the variables
//trim form whitespace
//makesure that there are escapes in characters for the database
$first_name  = mysqli_real_escape_string($dbc, trim($_POST[first_name])); //first name from the form
$last_name  = mysqli_real_escape_string($dbc, trim($_POST[last_name])); //last name from the form
$password  = mysqli_real_escape_string($dbc, trim($_POST[password])); //password  from the form
$password_again  = mysqli_real_escape_string($dbc, trim($_POST[password_again])); //password reentered from the form
//$email 	= $_POST[email];  //email address from the form
$email = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL); //filter email

//rest of the variables are dropdown
$gender  = $_POST[gender];
$looking_for  = $_POST[looking_for];
$birth_month  = $_POST[birth_month];
$birth_day  = $_POST[birth_day];
$birth_year  = $_POST[birth_year];


//if there is a mistake:
$mistake = false;
//the array with mistake comments
$mistakes_comments = array();


/////////////////////////////////////////////////////////////////////////////////////////
//test the variables

//is it empty?
if (empty($first_name)) {
$mistakes_comments [] = "Please fill in your first name.";
$mistake = true;
}

if (empty($last_name)) {
$mistakes_comments [] = "Please fill in your last name.";
$mistake = true;
}


//reg ex from online 
$email_match = '/^([a-z0-9])(([-a-z0-9._])*([a-z0-9]))*\@([a-z0-9])*(\.([a-z0-9])([-a-z0-9_-])([a-z0-9])+)*$/i';
//check if email is empty
if (empty($email)) {
$mistakes_comments [] = "Please fill in your email address.";
$mistake = true;
}
//checks if it is a valid email
//using preg match to check for reg ex
else if (!(preg_match($email_match, $email))) { 
	//bad email
	$mistakes_comments [] = "Please enter a valid email address.";
	$mistake = true;
}
//check to see if there already is an email
else {
	$query = "SELECT * FROM itst_user WHERE email = '$email'";
	$data = mysqli_query ($dbc, $query);
	if(mysqli_num_rows($data) != 0) {
	$mistakes_comments [] = "There already is an account attached to this email. Please use another email adddress.";
	$mistake = true;
	}

}

//check if the password is empty
if ( (empty($password)) || (empty($password_again)) ) {
	$mistakes_comments [] = "Please fill in a password twice.";
	$mistake = true;
}
 //checks the length of the password is less than 8 characters
else if(strlen($password) < 8) { 	
	$mistakes_comments [] = "Passwords must be at least 8 characters";
	$mistake = true;
}
//checks to see if both password match
else if($password != $password_again ) { 	
	$mistakes_comments [] = "Both passwords must match.";
	$mistake = true;
}


if ($gender =='--Click to Select--') {
$mistakes_comments [] = "Please choose your gender.";
$mistake = true;
}

if ($looking_for =='--Click to Select--') {
$mistakes_comments [] = "Please choose whom you'd like to meet.";
$mistake = true;
}


if (empty($birth_month)) {
$mistakes_comments [] = "Please choose your birth month.";
$mistake = true;
}

if (empty($birth_day)) {
$mistakes_comments [] = "Please choose your birth day.";
$mistake = true;
}

if (empty($birth_year)) {
$mistakes_comments [] = "Please choose your birth year.";
$mistake = true;
}





/////////////////////////////////////////////////////////////////////////////////////////
//print out the variables
//checks for mistakes

if ($first_time){
	//print out intro message
	echo "<p>Create your <strong>FREE</strong> profile now!</p> \n"; 
	//clears mistakes array for next time
	$mistakes_comments = array();
}

else if ($mistake) {
	//add mistakes div for styling
	//echo "<div id=\"mistakes\">There is a mistake. See comments below. <br /> \n";
	echo "<div class=\"mistakes\">\n";
	//prints out comments from mistake array
	for ($i=0; $i < (count($mistakes_comments)); $i++) {
		
		echo $mistakes_comments [$i];
		//echo $i;
		echo "<br /> \n";
	}
	//ends the mistakes div for styling
	echo"</div> \n";
}
//if there are no mistakes, then print out the info

else {
	//print out the info
	echo "<p>Thank you $first_name $last_name, for signing up with $email. </p> \n"; 
	
	//make the birtdate
	$birthdate = $birth_year.$birth_month.$birth_day;
	//the date they joined
	$join_date = get_join_date();
	//clears mistakes array for next time
	$mistakes_comments = array();
	//databse is already connected at each session

	//enter in fields
	$query = "INSERT INTO itst_user (email, password, join_date, first_name, last_name, gender, looking_for, birthdate)".
	"VALUES ('$email', SHA('$password'), '$join_date', '$first_name', '$last_name', '$gender', '$looking_for', '$birthdate')";
	//actually does the query
	mysqli_query ($dbc, $query) or die ("We're sorry. There was an error adding your information to the database. Please contact us if you have any questions.");
	//closes the database
	mysqli_close($dbc);
	exit();
    
    echo "<script>";
    echo "top.location.href = 'register_thankyou.php';";
    echo "</script>";

}


?>