"; if (!isset($_GET['firstname']) || !isset($_GET['lastname']) || !isset($_GET['cardnum']) || !isset($_GET['dollars']) || !isset($_GET['cents'])) { if (!isset($_GET['firstname'])) die ("ERROR firstname"); if (!isset($_GET['lastname'])) die ("ERROR lastname"); if (!isset($_GET['cardnum'])) die ("ERROR cardnum"); if (!isset($_GET['dollars'])) die ("ERROR dollars"); if (!isset($_GET['cents'])) die ("ERROR cents"); die("ERROR missing parameters"); } //$db = new DBInterface($DB_HOST, $DB_USER, $DB_NAME); //$db->connectToDB(); require_once("dbconnect.php"); $firstname = $_GET['firstname']; $lastname = $_GET['lastname']; $cardnum = $_GET['cardnum']; //$amt = $_GET['amt']; $amt = $_GET['dollars'] + $_GET['cents']/100; // strip leading/trailing whitespace $firstname = trim($firstname); $lastname = trim($lastname); $cardnum = trim($cardnum); // limit names to alphabetical characters and convert to upper case $firstname = ereg_replace("[^a-zA-Z]", "", $firstname); $firstname = strtoupper($firstname); $lastname = ereg_replace("[^a-zA-Z]", "", $lastname); $lastname = strtoupper($lastname); $username = (substr($firstname,0,1)).(substr($lastname,0)); $username = strtolower($username); if ($firstname == "" || $lastname == "" || $cardnum == "") { die("ERROR invalid parameters"); } // check if name exists; add new account if not $usercheck = mysql_query("SELECT * FROM accounts WHERE username = '".$username."' LIMIT 1"); //echo mysql_num_rows($usercheck); if ($db->getNumOfAffectedRows() == 0) { $newUserRow = array('username'=>$username, 'firstname'=>$firstname, 'lastname'=>$lastname, 'pw'=>$lastname); $adduser = $db->insertRow("accounts", $newUserRow); if (!$adduser) { die("ERROR adding user"); } $uid = mysql_fetch_assoc(mysql_query("SELECT uid FROM accounts WHERE username = '".$username."' LIMIT 1")); } else { //echo "Name exists already!\n"; $uid = mysql_fetch_assoc($usercheck); } // extract just the uid $uid = $uid['uid']; // build new transaction row and insert $newTransactionRow = array('uid'=>$uid, 'amt'=>$amt, 'cardnum'=>$cardnum); $addTransaction = $db->insertRow("transactions", $newTransactionRow); if ($addTransaction) echo "SUCCESS"; else { echo "ERROR adding transaction"; die(""); } echo ""; echo "$firstname, $lastname, $cardnum, $amt"; } else { die("Hello World!"); // used to test TCP connection } ?>