Source for file prime-check.php

<?php 
################################################################
# This file is part of SlidingDoors                            #
# Copyright 2001-2005. Eric D. Nielsen, All rights reserverd   #
# SlidingDoors is availible for license under the GPL, see     #
# the COPYING file in the root directory of the install for    #
# the full terms of the GPL.                                   #
#                                                              #
# File: prime-check.inc                                        #
# Author: Eric D. Nielsen                                      #
# Description: An interstitial page that handles the form data #
#              passed from prime.php.  This page will validate #
#              the data, check for name collisions, insert the #
#              new person into the database and pass the PID   #
#              to the partners page if all goes well.  In case #
#              of error it passed control back to prime.php to #
#              handle missing/invalid data and to              #
#              prime-collision.php to handle close matches.    #
# Internal Links: prime.php                                    #
#                 prime-collision.php                          #
#                 partners.php                                 #
# External Links: SlidingDoors information page (footer)       #
#                 Comp-in-a-box information page (footer)      #
#                 OpenImpetus information page (footer)        #
# Change Log: 6/12/01 -- created -- edn                        #
#             2/14/02 -- prepped for PrepStep -- edn           #
#             7/02/02 -- new validation system -- edn          #
#            10/30/04 -- temporalization -- edn                #
#             7/03/05 -- Passwords -- edn                      #
################################################################
 
 
 
include "include_others.inc";
unset($formVars);
 
$includeEmail = (isset($_POST["ignoreEmail"]) && $_POST["ignoreEmail"]!="on");
if (!$includeEmail)
   {
      $propagateEnteredEmail=$_POST["Email"];
      $_SESSION["propagateEnteredEmail"]=$propagateEnteredEmail;
   }
$formVars=array();
$person = new Person($db);
 
$validated = $person->validateInputs($formVars,"PRIME");
if (!$validated)
{
  $_SESSION["formVars"]=$formVars;
  localRedirect("Location: $baseURL/prime.php");  # Branch Works
  exit;
}
 
$person->populateFromFormVars($formVars);
if ($conflicts = $db->personConflicts($person,$includeEmail))
{
    if (count($conflicts)!=0)
    {
      $_SESSION["conflicts"]=$conflicts;
      $_SESSION["formVars"]=$formVars;
      localRedirect("Location: $baseURL/prime-collision.php"); # Branch works
      exit;
    }
 }
 
if (in_array("Affiliation", $SD_elements))
  {
    $newAffil   = isset($_POST["NewAffil"])   ? $_POST["NewAffil"]   : "";
    $affilShort = isset($_POST["AffilShort"]) ? $_POST["AffilShort"] : "";
    $affilID    = isset($_POST["AffilID"])    ? $_POST["AffilID"]    : "";
    if ($affilID=="" && $affilShort!="")
    {
    $affiliation = new RegOrg($db);
    $affiliation->setName($newAffil);
    $affiliation->setOrgPays($SD_default_org_pays);
    $affiliation->setAbbrev($affilShort);
    $affiliation->postToDB();
    $affilID = $affiliation->getID();
    if (!$affilID)
    {
        errorPage($PHP_SELF, "root","Database Inaccessible", "Organization::postToDB unable to access database",TRUE); #TODO, make prettier
        exit;
    }
    }
    if ($affilID!=-1)
    $person->setAffilID($affilID); 
    else
    $person->setOrgPays(FALSE);
}
$person->postToDB();
$primeID=$person->getID();
 
// NEW Password Section -- Will probably need to be cleaned-up
$email = $formVars["Email"];
$firstname= $formVars["FirstName"];
$lastname=$formVars["LastName"];
$db->startTransaction();
$query = "SELECT DISTINCT password FROM people_passwords NATURAL JOIN 
people_contact WHERE emailday='$email';";
$result=$db->query($query);
if ($result->numrows()==0)
  {
    $newPassword = generatePassword();
    $query="INSERT INTO people_passwords (peopleid,password) VALUES ($primeID,'$newPassword');";
    $db->query($query);
    $body=<<<END_BODY
Somebody, presumably the holder of this email address, just
created an entry $firstname $lastname for the $SD_compname.
 
This entry is protected by the following password:
$newPassword
All subsequent registrations sharing this email address will use the
  same password.  If you are registering your entire team (often 
Captain or Registration Coordinator), you might want to register
for an account on the CompInaBox Server to use the Team Management tools
there.  They give a more streamlined registration process and allow you to use
a single password for all competitions.
 
-- CompInaBox Automated Mailor
 
END_BODY;    $subject="[CompInaBox] Registration Password";
    $to=$email;
    $headers="From: auto-mail@$CIB_HOSTNAME{$CIB_DOMAIN}\r\nReply-To: $CIB_SERVER_ADMIN_EMAIL\r\nX-mailer: CompInaBox via PHP";
    mail($to,$subject,$body,$headers);
  }
 else if ($result->numrows()==1)
   {
     list($newPassword)=$result->getRowAt(0);
     $query="INSERT INTO people_passwords (peopleid,password) VALUES ($primeID,'$newPassword');";
     $db->query($query);
   }
else
  {
    $db->rollback();
    errorPage($PHP_SELF,"root","Password Corruption","Multiple Passwords found for same email.  Please Contact the site administrator, $CIB_SERVER_ADMIN_NAME,
$CIB_SERVER_ADMIN_EMAIL immediately.");
    exit();
  }
$db->commit();
// END NEW Password Section
 
 
if (!$primeID)
{
    errorPage($PHP_SELF, "root","Database Inaccessible", "Person::PostToDB unable to access database",TRUE);
    exit; #TODO, make prettier
}
$_SESSION["primeID"]=$primeID;
$_SESSION["includeEmail"]=$includeEmail;
localRedirect("Location: $baseURL/partners.php"); #branch works
exit;
?>