<?php

include("common.inc");
include("db.inc");

if(!isset($_POST['submitok'])) {
  // Display the user signup form
  ?>
  <html>
  <head>
    <title> New User Registration </title>
  </head>
  <body>

  <h3>New User Registration Form</h3>
  <p><font color="orangered" size="+1"><tt><b>*</b></tt></font>
     indicates a required field</p>
  <form method="post" action="<?=$_SERVER['PHP_SELF']?>">
  <table border="0" cellpadding="0" cellspacing="5">
    <tr>
       <td align="right">
         <p>User ID</p>
       </td>
       <td>
         <input name="newid" type="text" maxlength="100" size="25"/>
         <font color="orangered" size="+1"><tt><b>*</b></tt></font>
       </td>
    </tr>
    <tr>
       <td align="right">
         <p>Full Name</p>
       </td>
       <td>
         <input name="newname" type="text" maxlength="100" size="25"/>
         <font color="orangered" size="+1"><tt><b>*</b></tt></font>
       </td>
     </tr>
     <tr>
       <td align="right">
         <p>E-Mail Address</p>
       </td>
       <td>
         <input name="newemail" type="text" maxlength="100" size="25"/>
         <font color="orangered" size="+1"><tt><b>*</b></tt></font>
       </td>
     </tr>
     <tr valign="top">
        <td align="right">
          <p>Other Notes</p>
        </td>
        <td>
          <textarea wrap="soft" name="newnotes" rows="5" cols="30"></textarea>
        </td>
     </tr>
     <tr>
        <td align="right" colspan="2">
           <hr noshade="noshade"/>
              <input type="reset" value="Reset Form"/>
              <input type="submit" name="submitok" value="   OK   "/>
        </td>
     </tr>
  </table>
  </form>

  </body>
  </html>

  <?php
} 
else {
  // Process signup submission
  $db = dbconnect($connection_string);  

  if( $_POST['newid']    == '' or 
      $_POST['newname']  == '' or 
      $_POST['newemail'] == '' )
    error('One or more required fields were left blank.\\n'.
          'Please fill them in and try again.');
    
  // Check for existing user with the new id
  $query = "SELECT COUNT(*) FROM users WHERE userid = '$_POST[newid]'";
  $result = pg_query($db,$query);
  if(!$result)
     error('A database error occurred in processing your submission');

  if(pg_result($result,0,0)>0)
     error('A user already exists with your chosen userid.\\n'.
           'Please try another.');
    
  $userid   = $_POST[newid];
  $password = substr(md5(time()),0,6);
  $fullname = $_POST[newname];
  $email    = $_POST[newemail];
  $notes    = $_POST[newnotes];

  $sql_insert = "INSERT INTO users(userid,password,fullname,email,notes) 
                 VALUES('$userid','$password','$fullname','$email','$notes')";

  if(!pg_query($db,$sql_insert))
     error('A database error occurred in processing your submission');
              
  // Email the new password to the person.
  $message = "Hello

Your personal account for the Project Web Site
has been created! 

Your personal login ID and password are as
follows:

    userid: $_POST[newid]
    password: $password

- Figo
";

  mail($_POST['newemail'],"Your Password for the Website",
       $message, "From:Figo <figo@blabla.com>");
         
  ?>
  <html>
  <head>
    <title> Registration Complete </title>
  </head>
  <body>
  <p><strong>User registration successful!</strong></p>
  <p>Your userid and password have been emailed to
     <strong><?=$_POST['newemail']?></strong>, the email address
     you just provided in your registration form. To log in,
     click <a href="login.html">here</a>, and enter 
     your new personal userid and password.</p>
  </body>
  </html>
<?php
}
?>