I have a form which pushes data to this page:
<?php
session_start();
if(!isset($_SESSION['sess_user_id']) || (trim($_SESSION['sess_user_id']) == '')) {
header("location: login.php");
exit();
}
if($_SESSION['sess_status'] < 0){
header("location: sorry.php");
exit();
}
$tz = new DateTimeZone('America/Chicago');
$age = new DateTime(filter_input(INPUT_POST, 'dob', FILTER_SANITIZE_STRING));
$checked = filter_input(INPUT_POST, 'minor', FILTER_SANITIZE_STRING);
$now = new DateTime('NOW');
$y = date_diff($age, $now);
if ($y->format("%y") <= 18 && $checked != 1){ //On this line I changed $y to $y->format("%y") because I needed to just check the year not everything else and it was always sending me to sorry19.php though the date I used was 19
header("location: sorry19.php");
}
$dbh = new PDO('mysql:host=localhost;dbname=*******;charset=utf8','*******', '**********');
$db1 = $dbh->prepare("SELECT rcdnum FROM users WHERE uid=?");
$db1->BindParam(1, $_SESSION['sess_user_id']);
$execute;
$rcdnum = $db1->fetch(PDO::FETCH_OBJ);
if ($rcdmum->rcdmum == 1 && $_SESSION['sess_status'] == 0){
header("location: volunForm.php?error=volunteer was not added.");
}
$valuesClause = array();
$fieldsClause = array();
$bindArray = array();
//the code from here to the next comment is what I was writing, starting with just the EVC are that is why the others besides general are just blank.
$counter1 = 0;
$VolFields = array('dataentry', 'identification','phone','runner','greeter','interviewer','safety');
foreach($VolFields as $volField){
if($san1 = filter_input(INPUT_POST, $volField, FILTER_SANITIZE_STRING)){
if($counter1){
$evcBind = "evc";
$bindArray[":EVC"] = "EVC";
}
$counter1++;
}
}
$generalBind = "general";
$bindArray[':General'] = "General";
$mrcBind = "mrc";
$bindArray[':MRC'] = "";
$evcBind = "bhv";
$bindArray[':BHV'] = "";
//End of work
$fields = array('status','fname','middle','lname','address','city','state','zip','county','mailing','hphone','mphone','wphone','ext','fax','email','ethgroup','other1','occupation','poe','dob','gender','bhv','mrc','general','evc','allCounties','fillmore','johnson','otoe','richardson','seward','butler','gage','lancaster','pawnee','saline','thayer','cass','jefferson','nemaha','polk','saunders','york','other2','aro','clergy','intskills','bus','child','law','cpr','data','security','emergency','computer','mechanical','administration','firstaid','translation','construction','basicclean','foodprep','animalcare','heavy','dataentry','identification','phone','runner','greeter','interviewer','safety','interpt','cdl','cpryn','translate','other3','license1','verf1','num1','exp1','license2','verf2','num2','exp2','license3','verf3','num3','exp3','license4','verf4','num4','exp4','license5','verf5','num5','exp5','lsrd','syes','bcert','pauth','dist1','tdate1','dist2','tdate2','dist3','tdate3','dist4','tdate4','dist5','tdate5','felony','felonys','ename','erelation','ehphone','emphone','eaddress','ecity','estate','ezip','hdyhau','bdesc','record','minor', 'adminComment');
foreach($fields as $field){
if($san = filter_input(INPUT_POST, $field, FILTER_SANITIZE_STRING)) {
if ($san == "") {
$field = "";
}
$fieldClause[] = "`$field`";
$valuesClause[] = ":$field";
$bindArray[":$field"] = $san;
}
}
if ($_SESSION['sess_status'] == 0) {
$regDate = "regDateU";
$bindArray[":approved"] .= 0;
$bindArray[":date"] .= date("Y-m-d");
}
if($_SESSION['sess_status'] == 2){
$regDate = "regDateA";
$bindArray[":approved"] .= 1;
$bindArray[":date"] .= date("Y-m-d");
}
$sql = "INSERT INTO VolunDB(";
if (!empty($fieldClause)) $sqlF = implode(', ', $fieldClause);
if (!empty($valuesClause)) $sqlV = implode(', ', $valuesClause);
$stmtString = $sql;
if(isset($sqlF)) {
$stmtString .= $sqlF .", approved," . $regDate . "," . $evcBind . "," . $generalBind . "," . $mrcBind . "," . $bhvBid . ") VALUES (" . $sqlV . ", :approved, :date, :EVC, :General, :BHV, :MRC)"; //I added the $evcBind through $bhvBind and the :EVC throug :MRC on this line to work with the other coe above.
}
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$dbh->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
$stmt = $dbh->prepare($stmtString);
$stmt->execute($bindArray);
$query = $dbh->prepare("UPDATE users SET rcdnum = ? WHERE uid = ?");
$one = 1;
$query->bindParam(1, $one);
$query->bindParam(2, $_SESSION['sess_user_id']);
$query->execute();
$top = $dbh->prepare("SELECT `county`, `state` FROM VolunDB");
$top->execute();
$things = $top->fetchAll(PDO::FETCH_ASSOC);
foreach($things as $thing){
$bottom = $dbh->prepare("SELECT * FROM counties WHERE county = :county AND state = :state");
$bottom->bindValue(":county", $thing['county']);
$bottom->bindValue(":state", $thing['state']);
$bottom->execute();
if($bottom->rowCount() == 0){
$insert = $dbh->prepare("insert into counties(county, state) values (:county, :state)");
$insert->bindValue(":county", $thing['county']);
$insert->bindValue(":state", $thing['state']);
$insert->execute();
}
}
if ($_SESSION['sess_status'] != 2) {
$db1 = $dbh->prepare("SELECT * FROM email");
$db1->execute();
$info = $db1->fetchAll(PDO::FETCH_ASSOC);
foreach($info as $emailaddress){
$mailgroup = $emailaddress['email'];
$to = $mailgroup;
$from = '********';
$message = "There has been a new volunteer registered. by:</br>";
$message .= $_SESSION['sess_email'];
$subject = 'Region 5 Systems Volunteer Database New Record needing approval';
$headers = "From: $from\r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";
mail($to, $subject, $message, $headers);
}
}
header("location: volunForm.php?message=volunteer successfully added.");
The only problem is that it is giving me a 404 error and I can't figure out why, the page is there, it is in the right folder and yes it is spelled correctly when referenced by the previous page. This page was working up until now, I have been working on the $VolFields area (See the comments in the code for what I just did). It is a lot of code and I am sure most of it works so the few parts with the comments probably have some impact on it but I can't be sure. Any help would be nice as I am seriously stumped.