GitList - GitList

save-contact.php
 <?php
 /**
  *  Copyright (C) 2021  Double Bastion LLC
  *
  *  This file is part of Roundpin, which is licensed under the
  *  GNU Affero General Public License Version 3.0. The license terms
  *  are detailed in the "LICENSE.txt" file located in the root directory.
  */
 
 session_start();
 
 if (isset($_POST['s_ajax_call']) && ($_POST['s_ajax_call'] == $_SESSION['validate_s_access'])) {
 
 
  define('ACCESSCONST', TRUE);
 
  require('db-connect.php');
 
     $username = $_POST['username'];
     $contactName = $_POST['contact_name'];
     $contactDesc = $_POST['contact_desc'];
     $extensionNumber = $_POST['extension_number'];
     $contactMobile = $_POST['contact_mobile'];
     $contactNum1 = $_POST['contact_num1'];
     $contactNum2 = $_POST['contact_num2'];
     $contact_email = $_POST['contact_email'];
 
     // Get the id of the user for which we want to insert the contact data
     $query1 = $mysqli->query("SELECT id, username, enabled FROM app_users WHERE BINARY username = '$username' AND enabled = 1");
     $queryres = $query1->fetch_array();
     $userID = $queryres[0];
 
     // Check if the contact is already in the 'contacts' table
     $query2 = $mysqli->prepare("SELECT id, user_id, contact_name FROM contacts WHERE user_id=? AND contact_name=?");
     $query2->bind_param("is", $userID, $contactName);
     $query2->execute();
     $fetchInfo = $query2->get_result();
     $contactdata = $fetchInfo->fetch_row();
     $contactExists = $contactdata[0];
 
     $currentTime = date('Y-m-d H:i:s');
 
     if ($contactExists == '') {
         $query3 = $mysqli->prepare("INSERT INTO contacts (user_id, contact_name, contact_desc, extension_number, contact_mobile, contact_num1, contact_num2,
                                     contact_email, date_added) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)");
         $query3->bind_param("issssssss", $userID, $contactName, $contactDesc, $extensionNumber, $contactMobile, $contactNum1, $contactNum2, $contact_email, $currentTime);
 
         if ($query3->execute()) {
             $messagetosend = 'success';
         } else { $messagetosend = 'An error occurred while attempting to save the contact to the database!'; }
 
     } else { $messagetosend = 'Error! A contact with the same name is already in the database!'; }
 
     $response = array('result' => $messagetosend);
     echo json_encode($response);
 
 } else {
     header("Location: roundpin-login.php");
 }
 
 ?>