timeline/createProjectProcessing.php at master · bhargav18/timeline · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
<?php
	SESSION_START();
	        date_default_timezone_set('America/Los_Angeles');
    include './DBConfig.php';
    $mysql = new DBConfig();
    $db = $mysql->getDBConfig();

    //Validating Inputs
	if(!empty($_POST))
 	{
 	$error = 0;
 	$holdName = $holdDesc = $holdSD = $holdED = $holdCost = "";
 	function test_input($data)   // to test input
	{
	   $data = stripslashes($data);
	   $data = htmlspecialchars($data);
	   return $data;
	}

 	function isEmpty($data)   // to test input!!
   {
       $data = trim($data);
       if (empty($data))
          return true;
      else
          return false;
   }

    if(isEmpty($_POST['projname'])){
    	$_SESSION['pNameErr'] = "Project name is required"; $error = 1;}
    else if (!preg_match("/^[-a-zA-Z0-9 ]*$/",$_POST['projname'])){
     	$_SESSION['pNameErr'] = "Only letters and white space allowed"; $error = 1;
     	$holdName = $_POST['projname'];
    }
     else
     {
     	$_SESSION['pNameErr']="";
     	$holdName = $_POST['projname'];
     }

    if(isEmpty($_POST['descr'])){
    	$_SESSION['pDescErr'] = "Project description is required"; $error = 1;}
     else
     {
     	$_SESSION['pDescErr']="";
     	$holdDesc = test_input($_POST['descr']);
     }
    if (empty($_POST['startdate'])){
     	$_SESSION['pSDateErr'] = "Start Date is required"; $error = 1;}
    else
    {
    	$_SESSION['pSDateErr'] = "";
    	$holdSD = $_POST['startdate'];
    }
    if (empty($_POST['enddate'])){
     	$_SESSION['pEDateErr'] = "End Date is required"; $error = 1;}
    elseif (strtotime($_POST['enddate']) == strtotime($_POST['startdate']))
    {
    	$_SESSION['pEDateErr'] = "End date cannot be same as start date";   $error = 1;
    }
 	else
    {
    	$_SESSION['pEDateErr'] = "";
    	$holdED = $_POST['enddate'];
    }
	if (empty($_POST['cost']))
	{	$_SESSION['costErr'] = "Project budget is required"; $error = 1;}
	elseif (!preg_match("/^[,.0-9]*$/",$_POST['cost']))
	{	$_SESSION['costErr'] = "Please enter a valid cost";
		$holdCost = $_POST['cost'];
		$error = 1;}
	else
	{
		$_SESSION['costErr'] = "";
		$holdCost = $_POST['cost'];
	}

    	if ($error == 1)
    	{
    		$_SESSION['pName'] = $_POST['projname'];
    		$_SESSION['pDesc']= $holdDesc;
    		$_SESSION['pSDate']= $holdSD;
    		$_SESSION['pEDate']= $holdED;
    		$_SESSION['pSts'] = $_POST['status'];
    		$_SESSION['pPrio'] = $_POST['priority'];
    		$_SESSION['pCost'] = $holdCost;
    		header("Location:createProject.php");
    		exit;
    	}
		$sts = "";
    	if ($_POST['status'] === "Default")
    	{
    		if (strtotime($_POST['enddate']) < strtotime($_POST['clientTime']))
    			$sts = "Closed";
    		else
    			$sts = "Open";
    	}
    	else
    		$sts = $_POST['status'];

                $stmt = $db->prepare('insert into project( name,cost, description, start_date, end_date, est_end_date, status, priority)'
                        . 'VALUES (?,?,?,STR_TO_DATE(?,"%m/%d/%Y"),STR_TO_DATE(?,"%m/%d/%Y"),STR_TO_DATE(?,"%m/%d/%Y"),?,?)');

                $stmt->bind_param('ssssssss',$_POST['projname'],$holdCost,$holdDesc,$_POST['startdate'],$_POST['enddate'],$_POST['enddate'],$sts,$_POST['priority']);
                $stmt->execute();

		$msg = 'A new project has been created';
        echo '<script type="text/javascript">alert("' . $msg . '");</script>';
        echo "<script>setTimeout(\"location.href = 'viewProjects.php';\",1500);</script>";
		exit;
 	}
 	else
 	{
 		header("Location:createProject.php");
 		exit;
 	}
?>