xref: /web-php/submit-event.php (revision bd487306)
1<?php
2$_SERVER['BASE_PAGE'] = 'submit-event.php';
3include_once __DIR__ . '/include/prepend.inc';
4include_once __DIR__ . '/include/posttohost.inc';
5include_once __DIR__ . '/include/email-validation.inc';
6site_header("Submit an Event", ["current" => "community"]);
7
8// No errors, processing depends on POST data
9$errors = [];
10$process = [] !== $_POST;
11
12// Avoid E_NOTICE errors on incoming vars if not set
13$vars = [
14    'sday', 'smonth', 'syear', 'eday',
15    'emonth', 'eyear', 'recur', 'recur_day',
16];
17foreach ($vars as $varname) {
18    if (empty($_POST[$varname])) {
19        $_POST[$varname] = 0;
20    }
21}
22$vars = [
23    'type', 'country', 'category', 'email', 'url', 'ldesc', 'sdesc',
24];
25foreach ($vars as $varname) {
26    if (!isset($_POST[$varname])) {
27        $_POST[$varname] = "";
28    }
29}
30
31// We need to process some form data
32if ($process) {
33
34    // Clean and validate data
35    if (!is_emailable_address($_POST['email'])) {
36        $errors[] = 'You must supply a valid email address.';
37    }
38
39    /**
40     * Lockout of addresses and domains known to SPAM us.
41     * Add, edit, or remove blacklisted users or domains
42     * in include/email-validation.inc :: blacklisted().
43     */
44    $uemail = isset($_POST['email']) ? strtolower($_POST['email']) : '';
45    if (blacklisted($uemail)) {
46        $errors[] = 'An expected error has been encountered.  Please don\'t try again later.';
47    }
48
49    $_POST['sdesc'] = trim($_POST['sdesc']);
50    if (!$_POST['sdesc']) {
51        $errors[] = "You must supply a short description of the event.";
52    }
53
54    $_POST['ldesc'] = trim(strip_tags($_POST['ldesc'], '<a><i><b><br><p>'));
55    $_POST['ldesc'] = preg_replace("/(style|on\\w+?)\s*=[^>]*/i", "", $_POST['ldesc']);
56    if (!$_POST['ldesc']) {
57        $errors[] = "You must supply a long description of the event.";
58    }
59    elseif (stripos($_POST['ldesc'], 'PHP') === false) {
60        $errors[] = "This does not look like a 'PHP' event";
61    }
62
63    $valid_schemes = ['http', 'https', 'ftp'];
64
65    $_POST['url'] = trim($_POST['url']);
66    $pu = parse_url($_POST['url']);
67    $pu['host'] = isset($pu['host']) ? trim($pu['host']) : '';
68
69    if (!$_POST['url']) {
70        $errors[] = "You must supply a URL with more information about the event.";
71    }
72    elseif (empty($pu['host']) || !in_array($pu['scheme'], $valid_schemes, false)) {
73        $errors[] = "The URL you supplied was invalid.";
74    }
75
76    if (!$_POST['country']) {
77        $errors[] = 'You must specify a country for the event.';
78    }
79
80    if (!$_POST['category']) {
81        $errors[] = 'You must specify a category for the event.';
82    }
83
84    if (!checkdate($_POST['smonth'], $_POST['sday'], $_POST['syear'])) {
85      $errors[] = "You must specify a valid start date.";
86    }
87    else {
88        $sdate = mktime(0, 0, 1, $_POST['smonth'], $_POST['sday'], $_POST['syear']);
89        if ($sdate < time()) {
90            $errors[] = "You must specify a start date that is in the future.";
91        }
92    }
93
94    if ($_POST['type'] == 'multi' && !checkdate($_POST['emonth'], $_POST['eday'], $_POST['eyear'])) {
95        $errors[] = "You must specify a valid end date for a multi-day event.";
96    }
97    elseif ($_POST['type'] == 'multi' && checkdate($_POST['smonth'], $_POST['sday'], $_POST['syear'])) {
98        $sdate = mktime(0, 0, 1, $_POST['smonth'], $_POST['sday'], $_POST['syear']);
99        $edate = mktime(0, 0, 1, $_POST['emonth'], $_POST['eday'], $_POST['eyear']);
100        if ($edate < time()) {
101            $errors[] = "You must specify an end date that is in the future.";
102        }
103        elseif ($edate < $sdate) {
104            $errors[] = "You must specify an end date that is after the start date.";
105        }
106    }
107
108    if ($_POST['type'] == 'recur' && !($_POST['recur'] && $_POST['recur_day'])) {
109        $errors[] = "You must specify a valid day of the month for a recurring event.";
110    }
111
112    // Spam question
113    if ($_POST["sane"] != 3) {
114        $errors[] = "It's OK. I'm not real either";
115    }
116
117    if (isset($_POST['action']) && $_POST['action'] === 'Submit' && empty($errors)) {
118        // Submit to main.php.net
119        $result = posttohost("https://main.php.net/entry/event.php", $_POST);
120        if ($result) {
121            $errors[] = "There was an error processing your submission: $result";
122        }
123        if (count($errors) === 0) {
124            echo "<p>\n Thank you for your submission! You should hear back soon\n" .
125                 " as to whether your event has been accepted for inclusion in\n" .
126                 " our calendar.\n</p>";
127            site_footer();
128            exit;
129        }
130    }
131
132    if (count($errors) === 0) {
133        echo "<p>\n The following is a preview of your event submission.\n" .
134             " Please double-check it to make sure all of the information is correct.\n</p>";
135    }
136}
137
138// No form data to process
139else {
140    echo "<p>\n Have an upcoming PHP user group meeting?\n" .
141         " Submit your event here, and after it has been approved, it will be listed in\n" .
142         " our event calendar.\n</p>";
143    echo "<p>Please note that conference submissions should be emailed to php-webmaster@lists.php.net</p>\n";
144    echo '<div class="warning">' . "\n" .
145         "<p>\n All submissions will be <strong>reviewed by human</strong>. Do not waste " .
146         "our and your own time on submitting events unrelated to PHP. Thank you.</p>\n" .
147         "</div>\n";
148}
149
150// Display errors if found
151if (count($errors)) { display_errors($errors); }
152
153// Generate days and months arrays for form
154for ($i = 1; $i <= 7; $i++) {
155    $days[$i] = date('l', mktime(12, 0, 0, 4, $i));
156}
157for ($i = 1; $i <= 12; $i++) {
158    $months[$i] = date('F', mktime(12, 0, 0, $i, 1));
159}
160
161// Possibilities to recur
162$re = [
163    1 => 'First',
164    2 => 'Second',
165    3 => 'Third',
166    4 => 'Fourth',
167    -1 => 'Last',
168    -2 => '2nd Last',
169    -3 => '3rd Last',
170];
171
172// If we have data, display preview
173if ($process && count($errors) === 0) {
174    echo "<p><strong>Preview:</strong></p>\n";
175    display_event($_POST);
176    echo "<p><strong>Change:</strong></p>\n";
177}
178
179?>
180<form action="/submit-event.php" method="post">
181<table border="0" cellpadding="3" class="standard">
182 <tr>
183  <th class="subr">Start Date</th>
184  <td>
185   <select name="smonth"><option></option><?php display_options($months, $_POST['smonth'])?></select>
186   <input type="text" name="sday" size="2" maxlength="2" value="<?php echo htmlentities($_POST['sday'], ENT_QUOTES | ENT_IGNORE, 'UTF-8')?>">
187   <input type="text" name="syear" size="4" maxlength="4" value="<?php echo $_POST['syear'] ? htmlentities($_POST['syear'], ENT_QUOTES | ENT_IGNORE, 'UTF-8') : date("Y")?>">
188   <input type="radio" id="single" name="type" value="single"<?php if ($_POST['type'] == 'single' || !$_POST['type']) echo ' checked="checked"';?>>
189   <label for="single">One day (no end-date required)</label>
190  </td>
191 </tr>
192 <tr>
193  <th class="subr">End Date</th>
194  <td>
195   <select name="emonth"><option></option><?php display_options($months, $_POST['emonth'])?></select>
196   <input type="text" name="eday" size="2" maxlength="2" value="<?php echo htmlentities($_POST['eday'], ENT_QUOTES | ENT_IGNORE, 'UTF-8')?>">
197   <input type="text" name="eyear" size="4" maxlength="4" value="<?php echo $_POST['eyear'] ? htmlentities($_POST['eyear'], ENT_QUOTES | ENT_IGNORE, 'UTF-8') : date("Y")?>">
198   <input type="radio" id="multi" name="type" value="multi"<?php if ($_POST['type'] == 'multi') echo ' checked="checked"';?>>
199   <label for="multi">Multi-day event</label>
200  </td>
201 </tr>
202 <tr>
203  <th class="subr">OR Recurring</th>
204  <td>
205   <select name="recur"><option></option><?php display_options($re, $_POST['recur'])?></select>
206   <select name="recur_day"><option></option><?php display_options($days, $_POST['recur_day'])?></select>
207   <input type="radio" id="recur" name="type" value="recur"<?php if ($_POST['type'] == 'recur') echo ' checked="checked"';?>>
208   <label for="recur">Recurring (every month)</label>
209  </td>
210 </tr>
211 <tr>
212  <th class="subr">Short Description</th>
213  <td><input type="text" name="sdesc" class="max" value="<?php echo htmlentities($_POST['sdesc'], ENT_QUOTES | ENT_IGNORE, 'UTF-8')?>" size="32" maxlength="32"></td>
214 </tr>
215 <tr>
216  <th class="subr">URL</th>
217  <td><input type="text" name="url" size="40" maxlength="128" class="max" value="<?php echo htmlentities($_POST['url'], ENT_QUOTES | ENT_IGNORE, 'UTF-8')?>"></td>
218 </tr>
219 <tr>
220  <th class="subr">Country</th>
221  <td>
222   <select name="country" class="max">
223    <option value="">- Select a country -</option>
224    <?php display_options($COUNTRIES, $_POST['country']);?>
225   </select>
226  </td>
227 </tr>
228 <tr>
229  <th class="subr">Event Category</th>
230  <td>
231   <select name="category" class="max">
232<?php
233        $cat = ["- Select a category -", "User Group Event", 3 => "Training"]; // 2 = conference.. which should be on php.net/conferences instead
234        display_options($cat, $_POST['category']);
235?>
236   </select>
237  </td>
238 </tr>
239 <tr>
240  <th class="subr">Email</th>
241  <td>
242   <input type="text" name="email" size="40" maxlength="128" class="max" value="<?php echo htmlentities($_POST['email'], ENT_QUOTES | ENT_IGNORE, 'UTF-8')?>"><br>
243   <small>This email address is only used to contact you about the listing, it will not displayed along with the listing.</small>
244  </td>
245 </tr>
246 <tr>
247  <th class="subr">Long Description</th>
248  <td><textarea name="ldesc" cols="60" rows="10" wrap="virtual" class="max"><?php echo htmlentities($_POST['ldesc'], ENT_QUOTES | ENT_IGNORE, 'UTF-8');?></textarea></td>
249 </tr>
250 <tr>
251  <th colspan="2">
252    <input type="submit" name="action" value="Preview">
253<?php if ($process && count($errors) == 0) {?>
254    <input type="submit" name="action" value="Submit">
255<?php }?>
256  </th>
257 </tr>
258 <tr>
259  <th class="subr">Are you real?</th>
260  <td><select name="sane"><?php display_options(["I, Robot", "I used to be", "WTF?", "Yes", "No, but I'd still want to submit this"], "2"); ?></select></td>
261 </tr>
262</table>
263</form>
264<?php
265site_footer();
266
267// Display an option list with one selected
268function display_options($options, $current): void
269{
270    foreach ($options as $k => $v) {
271        echo '<option value="', $k, '"',
272             ($k == $current ? ' selected="selected"' : ''),
273             '>', htmlentities($v, ENT_QUOTES | ENT_IGNORE, 'UTF-8'), "</option>\n";
274    }
275}
276
277?>
278