<?php
ob_start();
require_once('../connect.php');
$db=db_connect();
extract($_POST);
if ($formTypea=='utmeFormn'){
    die("An Error Occured");
}

$trans=substr($phoneNumber,7);
$sql=$db->query("select * from ace_entrancetable where gsm='$phoneNumber' and formType='$formTypea'");
$sql_fetch=$sql->fetch(PDO::FETCH_BOTH);
$num_phone=$sql->rowCount();
if ($num_phone>0){
    header('location:createAccount.php?id=5');
}elseif ($pass1<>$pass2) {
    header('location:createAccount.php?id=1');
}elseif (strlen($trans)<>4) {
   header('location:createAccount.php?id=3');
  //  echo count($trans);
}elseif ($dept==0) {
    header('location:createAccount.php?id=4');
}else {
    $transID = mt_rand(100000, 999999) . $trans;
    $surName = str_replace("'", "''", $surName);
    $otherNames = str_replace("'", "''", $otherNames);
   $pass2=md5($pass1);
 /*   echo $formTypea.'<br>';
    echo $surName.'<br>';
    echo $otherNames.'<br>';
    echo $pass2.'<br>';
    echo $phoneNumber.'<br>';
    echo $eMail.'<br>';
    echo $dept.'<br>';
    echo $transID.'<br>';*/

    // $sql_a->execute();
    //INSERT INTO `entrancetable` (`sn`, `surname`, `othernames`, `password`, `gsm`, `email`, `course`, `transID`, `dateCreated`, `formType`, `dept`, `formNo`) VALUES (NULL, 'wq', '1', '2', '3', '4', '5', '6', CURRENT_TIMESTAMP, '7', '8', '9');

    $sql_query="INSERT INTO ace_entrancetable (`sn`, `surname`, `othernames`, `password`, `gsm`, `email`, `course`, `transID`,`formType`,`dept`,`formNo`) VALUES (?,?,?,?,?,?,?,?,?,?,?)";
    $sql_a = $db->prepare($sql_query);
   $sql_a->execute([NULL,$surName,$otherNames,$pass2,$phoneNumber,$eMail,$dept,$transID,$formTypea,$dept,'']);

  // $sql_a = $db->query("INSERT INTO `fedpoly`.`entrancetable` (`sn`, `surname`, `othernames`, `password`, `gsm`, `email`, `course`, `transID`,`formType`,`dept`,`formNo`)
 //VALUES (NULL, '$surName', '$otherNames', '$pass2', '$phoneNumber', '$eMail', '$dept', '$transID','$formTypea','$dept','')");
    //  $result = mysql_query($sql);
    if ($sql_a) {
    //=================================
   $sent = "[email protected]";
    $header  = "MIME-Version: 1.0" . "\r\n";
    $header .= "Content-type: text/html; charset=iso-8859-1" . "\r\n";
    $header .= "To: <".$eMail.">" . "\r\n";
    $subject="Federal Poly Ede | Account Creation";
        $message="<img src='../images/ace_logoOriginal_color.png'><h2><br>Your Account Created Successfully</h2>";

//    $message="<img src='http://federalpolyede.edu.ng/images/ace_logo.png'><h2><br>Your Account Created Successfully</h2>";
    $message.="<br><b>Name:</b> ".strtoupper($surName)." ".$otherNames;
    $message.=" <br><b>Transaction ID:</b> ".$transID;
        $message.=" <br><b>Password:</b> ".$pass1;
    $message.=" <br><b>Date:</b> ".DATE("d-m-y H:i:s");

   $sql_dept=$db->query("select * from dept where sn=$dept");
        $sql_fetch_dept=$sql_dept->fetch(PDO::FETCH_BOTH);
    $deptName=  $sql_fetch_dept['dOption'];
    $message.="<br><b>Department:</b> ".$deptName;
   $message.="<a href=login_process.php?user=".$transID ."&pass=".$pass1."><p>Click Here to Proceed</a>";
//        $message.="<a href=http://federalpolyede.edu.ng/ace_entranceForm/login_process.php?user=".$transID ."&pass=".$pass1."><p>Click Here to Proceed</a>";
//        $message.="<a href=login_process.php?user=".$transID ."&pass=".$pass1."><p>Click Here to Proceed</a>";
        $message = str_replace("\n.", "\n..", $message);

   $header .= "From: ".$sent."\r\n";
   $header .= "Reply-to: ".$sent."\r\n";
//    mail($eMail, $subject, $message,$header);
        @mail($eMail,$subject,$message,$header);
//        mail($eMail,"My subject","hello");
        echo $message;
    //===============================
}
}
ob_end_flush();
?>
<div style="color: #FF0000;"><h1>Write Down Your Details Before You Proceed</h1></div>
<form>

    <input type="button"  value="Click to Print" onclick="print()" >
</form>