<?php
/************************************************************************************
Copyright © 2008 xhub.com
Bill Bennert
5 Hooksett Tpke
Bow, NH 03304-4414
hide@address.com
This file is part of the SCCNH Online Registration System.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Any system sensitive data such as IP addresses, usernames, and passwords
must be removed from this file before distribution.
************************************************************************************/
include 'include/config.php';
include 'include/functions.php';
function isVehicleRegistered($qVehID)
{
$today = date('Y-m-d');
$eventCheck = mysql_query("SELECT * FROM events") or die(mysql_error());
while ($eventInfo = mysql_fetch_assoc($eventCheck))
{
$eventDBName = $eventInfo['eventDB'];
$eventUserCheck = mysql_query("SELECT * FROM $eventDBName")or die(mysql_error());
while ($eventUserInfo = mysql_fetch_assoc( $eventUserCheck ))
{
$eventTempVehID = $eventUserInfo['vehicleKey'];
if ($eventTempVehID == $qVehID &&
$today <= $eventInfo['eventDate'])
{
return 1;
}
}
}
return 0;
}
function deleteVehicleFromEvents($qVehID)
{
$eventCheck = mysql_query("SELECT * FROM events") or die(mysql_error());
while ($eventInfo = mysql_fetch_assoc($eventCheck))
{
$eventDBName = $eventInfo['eventDB'];
$eventUserCheck = mysql_query("SELECT * FROM $eventDBName")or die(mysql_error());
while ($eventUserInfo = mysql_fetch_assoc( $eventUserCheck ))
{
$eventTempVehID = $eventUserInfo['vehicleKey'];
if ($eventTempVehID == $qVehID)
{
$deleteQuery = "DELETE FROM $eventDBName WHERE vehicleKey = '$qVehID'";
$delCheck = mysql_query($deleteQuery);
}
}
}
}
function displayVehiclePage()
{
$_POST['vehID'] = $_POST['vehID'];
$hashUsername = $_COOKIE['SCCNH_ID'];
$sessionID = $_COOKIE['SCCNH_Session_ID'];
$check = mysql_query("SELECT * FROM users WHERE user_hash = '$hashUsername'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
$sccnhClassArray = array("Stock", "Sticky Stock", "Street Prepared", "Prepared", "Race");
$sccaClassArray = array("Unknown",
"SS", "AS", "BS", "CS", "DS", "ES", "FS", "GS", "HS",
"ASP", "BSP", "CSP", "DSP", "ESP", "FSP",
"STS", "STS2", "STX", "STU",
"XP", "BP", "CP", "DP", "EP", "FP", "GP",
"SM", "SM2", "AM", "BM", "CM", "DM", "EM", "FM",
"F125", "FJ1", "FJ2", "FJ3 (FJB)", "FJ4 (FJA)", "FSAE");
$hillclimbClassArray = array("Regular", "Rally", "Drift");
$nehaClassArray = array("Unknown", "FL", "F2", "P1", "P2", "P3", "P4", "U1", "U2", "U3", "U4", "SP1", "SP2", "SP3", "SP4");
if(!isset($_POST['addVehicle']) && !isset($_POST['addVehicle_x']))
{
$vehicleID = $_POST['vehID'];
$vehcheck = mysql_query("SELECT * FROM vehicles WHERE vehicleID = '$vehicleID'")or die(mysql_error());
}
include 'header.php';
echo "<form name=\"theForm\" action=\"vehicle.php\" method=\"POST\">";
echo "<font size=\"5\">Edit vehicle:</font><br>";
echo "<table border=\"0\">\n";
echo "<tr><td>\n";
echo "<table border=\"1\">";
if(!isset($_POST['addVehicle']) && !isset($_POST['addVehicle_x']))
{
while ($vehinfo = mysql_fetch_array( $vehcheck ))
{
echo "<tr><td>Year:</td>\n";
echo "<td>\n";
echo "<select name=\"year\">\n";
for ($i=1893; $i<=((int)date('Y')+1); $i+=1)
{
if ($vehinfo['year'] == (string)$i)
echo "<option value=\"".$i."\" SELECTED>".$i."</option>\n";
else
echo "<option value=\"".$i."\">".$i."</option>\n";
}
echo "</select>\n";
echo "</td></tr>";
echo "<tr><td>Make:</td><td><input name=\"make\" value=\"".$vehinfo['make']."\"></td></tr>";
echo "<tr><td>Model:</td><td><input name=\"model\" value=\"".$vehinfo['model']."\"></td></tr>";
echo "<tr><td>Color:</td><td><input name=\"color\" value=\"".$vehinfo['color']."\"></td></tr>";
echo "<tr><td>Treadwear: <a href=\"http://en.wikipedia.org/wiki/Treadwear_rating\" target=\"_blank\">[wiki]</a></td>\n";
echo "<td>\n";
echo "<select name=\"treadware\">\n";
if ($vehinfo['treadware'] == "Unknown")
echo "<option value=\"Unknown\" SELECTED>Unknown</option>\n";
else
echo "<option value=\"Unknown\">Unknown</option>\n";
for ($i=0; $i<1000; $i+=10)
{
if ($vehinfo['treadware'] == (string)$i)
echo "<option value=\"".$i."\" SELECTED>".$i."</option>\n";
else
echo "<option value=\"".$i."\">".$i."</option>\n";
}
echo "</select>\n";
echo "</td></tr>";
echo "<tr><td>Requested Number:</td><td><input name=\"number\" value=\"".$vehinfo['number']."\" maxlength=\"3\"></td></tr>";
///////////////////////////////////////////////////////////////////////////////
// Build SCCA class list, select correct class stored. this part sucks
echo "<tr><td>SCCA AutoX Class:</td><td>\n";
echo "<select name=\"sccaClass\">\n";
foreach ($sccaClassArray as $tempClass)
{
if ($vehinfo['scca_class'] == $tempClass)
echo "<option value=\"".$tempClass."\" SELECTED>".$tempClass."</option>\n";
else
echo "<option value=\"".$tempClass."\">".$tempClass."</option>\n";
}
echo "</select><br>\n";
echo "<a target=\"_blank\" href=\"http://www.scca.com/documents/Solo%20Rules/2008_Solo_Rules_2.pdf\">Rules [pdf]</a>\n";
echo "</td></tr>";
///////////////////////////////////////////////////////////////////////////////
// Build SCCNH class list, select correct class stored
echo "<tr><td>SCCNH AutoX Class:</td><td>\n";
echo "<select name=\"sccnhClass\">\n";
foreach ($sccnhClassArray as $tempClass)
{
if ($vehinfo['sccnh_class'] == $tempClass)
echo "<option value=\"".$tempClass."\" SELECTED>".$tempClass."</option>\n";
else
echo "<option value=\"".$tempClass."\">".$tempClass."</option>\n";
}
echo "</select>\n";
echo "</td></tr>\n";
///////////////////////////////////////////////////////////////////////////////
// Build SCCNH hillclimb class list, select correct class stored
echo "<tr><td>SCCNH Hillclimb Class:</td><td>\n";
echo "<select name=\"hillclimbClass\">\n";
foreach ($hillclimbClassArray as $tempClass)
{
if ($vehinfo['hillclimb_class'] == $tempClass)
echo "<option value=\"".$tempClass."\" SELECTED>".$tempClass."</option>\n";
else
echo "<option value=\"".$tempClass."\">".$tempClass."</option>\n";
}
echo "</select><br>\n";
// echo "Regular/Drift: $140<br> Rally: $160\n";
echo "</td></tr>\n";
///////////////////////////////////////////////////////////////////////////////
// Build NEHA class list, select correct class stored
echo "<tr><td>NEHA Hillclimb Class:</td><td>\n";
echo "<select name=\"nehaClass\">\n";
foreach ($nehaClassArray as $tempClass)
{
if ($vehinfo['neha_class'] == $tempClass)
echo "<option value=\"".$tempClass."\" SELECTED>".$tempClass."</option>\n";
else
echo "<option value=\"".$tempClass."\">".$tempClass."</option>\n";
}
echo "</select><br>\n";
echo "<a target=\"_blank\" href=\"http://www.hillclimb.org/rules_regs/hillclimb_rules/07class.pdf\">Rules [pdf]</a>\n";
}
echo "</td></tr>\n";
echo "</table><br>\n";
echo "<input type=\"hidden\" name=\"vehicleID\" value=\"".$_POST['vehID']."\">";
}
else
{
echo "<tr><td>Year:</td>\n";
echo "<td>\n";
echo "<select name=\"year\">\n";
echo "<option value=\"\"></option>\n";
for ($i=1893; $i<=((int)date('Y')+1); $i+=1)
{
echo "<option value=\"".$i."\">".$i."</option>\n";
}
echo "</select>\n";
echo "</td></tr>";
echo "<tr><td>Make:</td><td><input name=\"make\" value=\"\"></td></tr>";
echo "<tr><td>Model:</td><td><input name=\"model\" value=\"\"></td></tr>";
echo "<tr><td>Color:</td><td><input name=\"color\" value=\"\"></td></tr>";
echo "<tr><td>Treadwear: <a href=\"http://en.wikipedia.org/wiki/Treadwear_rating\" target=\"_blank\">[wiki]</a></td>\n";
echo "<td>\n";
echo "<select name=\"treadware\">\n";
echo "<option value=\"Unknown\">Unknown</option>\n";
for ($i=0; $i<1000; $i+=10)
{
echo "<option value=\"".$i."\">".$i."</option>\n";
}
echo "</select>\n";
echo "</td></tr>";
echo "<tr><td>Requested Number:</td><td><input name=\"number\" value=\"\" maxlength=\"3\"></td></tr>";
// SCCA Class list
echo "<tr><td>SCCA AutoX Class:</td><td>\n";
echo "<select name=\"sccaClass\">\n";
foreach ($sccaClassArray as $tempClass)
{
if ($tempClass == "Unknown")
echo "<option value=\"".$tempClass."\" SELECTED>".$tempClass."</option>\n";
else
echo "<option value=\"".$tempClass."\">".$tempClass."</option>\n";
}
echo "</select><br>\n";
echo "<a target=\"_blank\" href=\"http://www.scca.com/documents/Solo%20Rules/2008_Solo_Rules_2.pdf\">Rules [pdf]</a>\n";
echo "</td></tr>";
// SCCNH class list
echo "<tr><td>SCCNH AutoX Class:</td><td>\n";
echo "<select name=\"sccnhClass\">\n";
foreach ($sccnhClassArray as $tempClass)
{
if ($tempClass == "Stock")
echo "<option value=\"".$tempClass."\" SELECTED>".$tempClass."</option>\n";
else
echo "<option value=\"".$tempClass."\">".$tempClass."</option>\n";
}
echo "</select>\n";
echo "</td></tr>\n";
// SCCNH hillclimb class list
echo "<tr><td>NEHA Hillclimb Class:</td><td>\n";
echo "<select name=\"hillclimbClass\">\n";
foreach ($hillclimbClassArray as $tempClass)
{
if ($tempClass == "Unknown")
echo "<option value=\"".$tempClass."\" SELECTED>".$tempClass."</option>\n";
else
echo "<option value=\"".$tempClass."\">".$tempClass."</option>\n";
}
echo "</select><br>\n";
// echo "Regular/Drift: $140<br> Rally: $160\n";
echo "</td></tr>\n";
// NEHA class list
echo "<tr><td>NEHA Hillclimb Class:</td><td>\n";
echo "<select name=\"nehaClass\">\n";
foreach ($nehaClassArray as $tempClass)
{
if ($tempClass == "Unknown")
echo "<option value=\"".$tempClass."\" SELECTED>".$tempClass."</option>\n";
else
echo "<option value=\"".$tempClass."\">".$tempClass."</option>\n";
}
echo "</select><br>\n";
echo "<a target=\"_blank\" href=\"http://www.hillclimb.org/rules_regs/hillclimb_rules/07class.pdf\">Rules [pdf]</a>\n";
echo "</td></tr>\n";
echo "</table><br>\n";
echo "<input type=\"hidden\" name=\"vehicleID\" value=\"\">";
}
if(isset($_POST['addVehicle']) || isset($_POST['addVehicle_x']))
{
echo "<input type=\"submit\" name=\"submitAdd\" value=\"Add Vehicle\">";
echo " <a href=\"members.php\">CANCEL</a>";
}
else
{
if (!isVehicleRegistered($_POST['vehID']))
{
echo "<input type=\"submit\" name=\"submitEdit\" value=\"Save\">";
echo "<input type=\"submit\" name=\"submitDelete\" value=\"Delete\">";
}
else
{
echo "<br><b><u>Vehicle Registered in one or more events, unable to edit or delete until after event.</u></b><br>\n";
}
echo " <a href=\"members.php\">CANCEL</a>";
}
echo "</form><br><br>";
echo "</td><td>\n";
echo "<font size=\"6\">New Autocross Class \"Sticky Stock\" in 2008!!!</font><br>\n";
echo "<font size=\"5\">\"Any vehicle which normally competes in a SCCA 'Stock' class";
echo " with a tire treadwear rating <u>Below 140</u>";
echo " with no other rule changes or modifications permitted.\"</font><br><br>\n";
echo "</td></tr></table><br>\n";
echo "<center><img src=\"http://www.xhub.com/images/2007autoxclasses.jpg\"><br>\n";
echo "</center>\n";
echo file_get_contents("footer.html");
}
}
function addVehiclePOST()
{
$hashUsername = $_COOKIE['SCCNH_ID'];
$sessionID = $_COOKIE['SCCNH_Session_ID'];
$check = mysql_query("SELECT * FROM users WHERE user_hash = '$hashUsername'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
$username = $info['username'];
$postYear = $_POST['year'];
$postMake = $_POST['make'];
$postModel = $_POST['model'];
$postColor = $_POST['color'];
$postTreadware = $_POST['treadware'];
$postNumber = $_POST['number'];
$postSccaClass = $_POST['sccaClass'];
$postSccnhClass = $_POST['sccnhClass'];
$postNehaClass = $_POST['nehaClass'];
$postHillclimbClass = $_POST['hillclimbClass'];
$vehicleID = $_POST['vehicleID'];
if (!is_numeric($postNumber))
{
echo file_get_contents("header.html");
die("Vehicle number entered is not a number. Please go back and try again.");
}
if (!isNumberAvailable($username, $postNumber))
{
echo file_get_contents("header.html");
die("Vehicle number entered is already taken. Please go back and try again.");
}
if ($postTreadware != "Unknown" && !is_numeric($postTreadware))
{
echo file_get_contents("header.html");
die("Vehicle treadwear entered is not valid. Please go back and try again.");
}
if (!is_numeric($postYear))
{
echo file_get_contents("header.html");
die("Vehicle year entered is not valid. Please go back and try again.");
}
// now we insert it into the database
$update = "INSERT INTO vehicles (userOwner, number, year, make, model, color, treadware, scca_class, sccnh_class, neha_class, hillclimb_class)
VALUES('$username', '$postNumber', '$postYear', '$postMake', '$postModel', '$postColor', '$postTreadware', '$postSccaClass', '$postSccnhClass', '$postNehaClass', '$postHillclimbClass')";
if (!mysql_query($update))
{
die(mysql_error());
}
mysql_close();
// echo "Saved?".$update."!";
}
header("Location: members.php");
}
function editVehiclePOST()
{
$hashUsername = $_COOKIE['SCCNH_ID'];
$check = mysql_query("SELECT * FROM users WHERE user_hash = '$hashUsername'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
$username = $info['username'];
$postYear = $_POST['year'];
$postMake = $_POST['make'];
$postModel = $_POST['model'];
$postColor = $_POST['color'];
$postTreadware = $_POST['treadware'];
$postNumber = $_POST['number'];
$postSccaClass = $_POST['sccaClass'];
$postSccnhClass = $_POST['sccnhClass'];
$postNehaClass = $_POST['nehaClass'];
$postHillclimbClass = $_POST['hillclimbClass'];
$vehicleID = $_POST['vehicleID'];
if (!is_numeric($postNumber))
{
echo file_get_contents("header.html");
die("Vehicle number entered is not a number. Please go back and try again.");
}
if (!isNumberAvailable($username, $postNumber))
{
echo file_get_contents("header.html");
die("Vehicle number entered is already taken. Please go back and try again.");
}
if ($postTreadware != "Unknown" && !is_numeric($postTreadware))
{
echo file_get_contents("header.html");
die("Vehicle treadwear entered is not a number. Please go back and try again.");
}
if (!is_numeric($postYear))
{
echo file_get_contents("header.html");
die("Vehicle year entered is not valid. Please go back and try again.");
}
// now we insert it into the database
$update = "UPDATE vehicles SET number='$postNumber', year='$postYear', make='$postMake', model='$postModel', color='$postColor', treadware='$postTreadware', scca_class='$postSccaClass', sccnh_class='$postSccnhClass', neha_class='$postNehaClass', hillclimb_class='$postHillclimbClass' WHERE vehicleID='$vehicleID'";
if (!mysql_query($update))
{
die(mysql_error());
}
}
// echo "Saved?".$update."!";
header("Location: members.php");
}
function deleteVehiclePOST()
{
$vehicleID = $_POST['vehicleID'];
deleteVehicleFromEvents($vehicleID);
mysql_query("DELETE FROM vehicles WHERE vehicleID = '$vehicleID'");
mysql_close();
header("Location: members.php");
}
//////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////
////////////BEGIN SCRIPT EXECUTION BELOW//////////////////////
//////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////
if (!isSSL())
{
header("Location: logout.php");
}
else
{
validateSession();
if (isset($_POST['submit']) || isset($_POST['submit_x']) ||
isset($_POST['addVehicle']) || isset($_POST['addVehicle_x']))
{
displayVehiclePage();
}
elseif (isset($_POST['submitAdd']) || isset($_POST['submitAdd_x']))
{
addVehiclePOST();
}
elseif (isset($_POST['submitEdit']) || isset($_POST['submitEdit_x']))
{
editVehiclePOST();
}
elseif (isset($_POST['submitDelete']) || isset($_POST['submitDelete_x']))
{
deleteVehiclePOST();
}
die(); // attempt to guard against any code insertion at the end of the file
}
?>