", "*", "|", "?", "!", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0", "."); $field = str_replace($forbid_arr, "", $field); $forbid_arr = array(); return $field; } function filterSport1($field){ // Sanitize Sport1: remove spaces, tags, and special characters $field = filter_var(trim($field), FILTER_SANITIZE_STRING); // Strip out forbidden characters $forbid_arr = array(";", "/", chr(92), chr(34), "$", "%", "#", "&", "<", ">", "*", "^", "|", "!", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0", "."); // next line not needed if select sport option used?? $field = str_replace($forbid_arr, "", $field); return $field; } function filterEmail($field){ // Validate e-mail address if(filter_var($field, FILTER_VALIDATE_EMAIL)){ return $field; } else { return FALSE; } } function filterString($field, $arr){ // Sanitize string: remove spaces, tags, and special characters $field = filter_var(trim($field), FILTER_SANITIZE_STRING); // Strip out forbidden characters $field = str_replace($arr, "", $field); return $field; } // Define variables with empty values $Firstname = $Lastname = $Sport1 = $SocialSecurityNumber = $ID = $Birthdate = $AthletePrimaryAddress1 = $AthletePrimaryCity = $AthletePrimaryState = $AthletePrimaryZip = $AthletePrimaryCountry = $AthleteSecondaryAddress1 = $AthleteSecondaryCity = $AthleteSecondaryState = $AthleteSecondaryZip = $AthleteSecondaryCountry = $AthletePrimaryCellPhone = $AthletePrimaryeMail = $EmergContactSecondaryFirstName = $EmergContactSecondaryAddress1 = $EmergContactSecondaryCity = $EmergContactSecondaryState = $EmergContactSecondaryZip = $EmergContactSecondaryCountry = $EmergContactSecondaryHomePhone = $EmergContactSecondaryCellPhone = $EmergContactSecondaryeMail = $EmergContactPrimaryFirstName = $EmergContactCellPhone = $EmergContactPrimaryWorkPhone = $insured = $InsurancePrimaryPolicyHolderFirst = $insured_ssn = $InsurancePrimaryDateofBirth = $InsurancePrimaryPolicyHolderPhone = $insured_relation = $insured_employer = $insured_employer_address = $InsurancePrimaryCompany = $InsurancePrimaryPhone = $InsurancePrimaryAddress1 = $insurance_company_website = $InsurancePrimaryGroup = $InsurancePrimaryPolicy = $InsurancePrimaryPolicy = $InsurancePrimaryID = $InsurancePrimaryType = $InsurancePrimaryPlan = $insur_type_hmo = $insur_type_ppo = $insur_type_medicaid = $insur_type_other = $insurance_rx = ""; $input_array = $forbid_arr = $errors = $_Files = array(); $nameErr = $sport1Err = $stringErr = $messageErr = $athletebirthErr = $athleteemailErr = $URLErr = $ssnErr = $localaddressErr = $localcityErr = $localstateErr = $localzipErr = $localcountryErr = $homeaddressErr = $homecityErr = $homestateErr = $homezipErr = $homecountryErr = $athletecellErr = $athleteeMailErr = $parentnameErr = $parentaddressErr = $parentcityErr = $parentstateErr = $parentzipErr = $parentcountryErr = $parenthomephoneErr = $parentcellErr = $parenteMailErr = $emergcontactnameErr = $emergcontactrelationErr = $emergcontactcellErr = $emergworkphoneErr = $insurednameErr = $insuredrelationErr = $insuredssnErr = $insuredphoneErr = $insuredemployaddressErr = $insureddobErr = $insuredemployErr = $insurcoErr = $insurphoneErr = $insuraddressErr = $groupErr = $policyErr = $planErr = $idErr = $insurotherErr = $commentErr = ""; $send = $lsuccess = $csvFile = $pdfFile = $Yval = $to = $from = $subject = $sender_email = $message = $attachments = $body = $headers = $content = $sentMail = $mime_boundary = $headers = ""; // Processing form data when form is submitted if ($_SERVER["REQUEST_METHOD"] == "POST") { // clear out form errors $errors = array(); // Validate first and last name: // first check for blanks if (empty($_POST["FirstName"])) { $nameErr = "Please enter your FIRST NAME."; // echo "

$nameErr

"; } elseif (empty($_POST["LastName"])) { $nameErr = "Please enter your LAST NAME."; // echo "

$nameErr

"; } else { // then check for forbidden characters if (strpbrk($_POST["FirstName"],"/\;$%#|!?.1234567890") != FALSE) { $nameErr = "<-- *Forbidden character or string found. Please enter a valid FIRST NAME.
"; echo "

".substr_replace($nameErr,'',0,4)."

"; } else { if (strpbrk($_POST["LastName"],"/\;$%#|!?.1234567890") != FALSE) { $nameErr = "<-- *Forbidden character or string found. Please enter a valid LAST NAME.
"; echo "

".substr_replace($nameErr,'',0,4)."

"; } } $_POST["FirstName"] = filterName($_POST["FirstName"]); $_POST["LastName"] = filterName($_POST["LastName"]); } // Validate and sanitize sport: not blank, no forbidden characters if(empty($_POST["Sport1"])){ $sport1Err = "Please enter your PRIMARY SPORT."; echo "

$sport1Err

"; } else { if (strpbrk($_POST["Sport1"],"/\;$%#.|!1234567890") != FALSE) { $sport1Err = "*Forbidden characters found. Please enter a valid SPORT."; echo "

$sport1Err

"; } $_POST["Sport1"] = filterSport1($_POST["Sport1"]); } // Validate and sanitize birthdate(s): no forbidden characters if(!empty($_POST["BirthDate"])){ if (strpbrk($_POST["BirthDate"],";$^:~%()?*@#.|!".chr(34)) != FALSE) { $errors["athletebirthErr"] = $athletebirthErr = "<-- *Forbidden characters found. Please enter a valid BIRTH DATE.
"; echo "

".substr_replace($errors["athletebirthErr"],'',0,4)."

"; } $_POST["BirthDate"] = filter_var(trim($_POST["BirthDate"]), FILTER_SANITIZE_STRING); $_POST["BirthDate"] = str_replace([";", chr(34), "$", "%", "(", ")", "#", "?", "^", "&", "<", ">", "*", "|", ":", "?", "!", "'", "."], "", $_POST["BirthDate"]); } if(!empty($_POST["I1_DOB"])){ if (strpbrk($_POST["I1_DOB"],";$^%()?*@#.|!".chr(34)) != FALSE) { $errors["insureddobErr"] = $insureddobErr = "<-- *Forbidden characters found. Please enter a valid DATE OF BIRTH.
"; echo "

".substr_replace($errors["insureddobErr"],'',0,4)."

"; } $_POST["I1_DOB"] = filter_var(trim($_POST["I1_DOB"]), FILTER_SANITIZE_STRING); $_POST["I1_DOB"] = str_replace([";", chr(34), "$", "%", "(", ")", "#", "?", "^", ":", "&", "<", ">", "*", "|", "?", "!", "'", "."], "", $_POST["I1_DOB"]); } // Validate and sanitize address text fields if(!empty($_POST["A1_Address1"])){ if (strpbrk($_POST["A1_Address1"],"$%?/\^*[]{}@|".chr(34)) != FALSE) { $errors["localaddressErr"] = $localaddressErr = "<-- *Forbidden characters found. Please enter a valid LOCAL ADDRESS.
"; echo "

".substr_replace($errors["localaddressErr"],'',0,4)."

"; // echo "

".substr_replace($localaddressErr,'',0,4)."

"; } $forbid_arr = array("$", chr(34), "%", "?", chr(92), chr(47), "*", "[", "]", "{", "}", "@", "<", ">", "|"); $_POST["A1_Address1"] = filterString($_POST["A1_Address1"],$forbid_arr); } if(!empty($_POST["A2_Address1"])){ if (strpbrk($_POST["A2_Address1"],"$%?/\^*[]{}@|".chr(34)) != FALSE) { $errors["homeaddressErr"] = $homeaddressErr = "<-- *Forbidden characters found. Please enter a valid HOME ADDRESS.
"; echo "

".substr_replace($errors["homeaddressErr"],'',0,4)."

"; // echo "

".substr_replace($homeaddressErr,'',0,4)."

"; } $forbid_arr = array("$", chr(34), "%", "?", chr(92), chr(47), "*", "[", "]", "{", "}", "@", "<", ">", "|"); $_POST["A2_Address1"] = filterString($_POST["A2_Address1"],$forbid_arr); } if(!empty($_POST["C2_Address1"])){ if (strpbrk($_POST["C2_Address1"],"$%?/\^*[]{}@|".chr(34)) != FALSE) { $errors["parentaddressErr"] = $parentaddressErr = "<-- *Forbidden characters found. Please enter a valid PARENT/GUARDIAN ADDRESS.
"; echo "

".substr_replace($errors["parentaddressErr"],'',0,4)."

"; } $forbid_arr = array("$", chr(34), "%", "?", chr(92), chr(47), "*", "[", "]", "{", "}", "@", "<", ">", "|"); $_POST["C2_Address1"] = filterString($_POST["C2_Address1"],$forbid_arr); } if(!empty($_POST["A1_City"])){ if (strpbrk($_POST["A1_City"],"$%?/\^*[]{}@|".chr(34)) != FALSE) { $errors["localcityErr"] = $localcityErr = "<-- *Forbidden characters found in LOCAL CITY name - use letters, spaces, dashes, apostrophes only.
"; echo "

".substr_replace($errors["localcityErr"],'',0,4)."

"; } $forbid_arr = array("$", chr(34), "%", "?", chr(92), chr(47), "*", "[", "]", "{", "}", "@", "<", ">", "|"); $_POST["A1_City"] = filterString($_POST["A1_City"],$forbid_arr); } if(!empty($_POST["A2_City"])){ if (strpbrk($_POST["A2_City"],"$%?/\*^[]{}@|".chr(34)) != FALSE) { $errors["homecityErr"] = $homecityErr = "<-- *Forbidden characters found in HOME CITY name - use letters, spaces, dashes, apostrophes only.
"; echo "

".substr_replace($errors["homecityErr"],'',0,4)."

"; } $forbid_arr = array("$", chr(34), "%", "?", chr(92), chr(47), "*", "[", "]", "{", "}", "@", "<", ">", "|"); $_POST["A2_City"] = filterString($_POST["A2_City"],$forbid_arr); } if(!empty($_POST["C2_City"])){ if (strpbrk($_POST["C2_City"],"$%?/\^*[]{}@|".chr(34)) != FALSE) { $errors["parentcityErr"] = $parentcityErr = "<-- *Forbidden characters found in PARENT/GUARDIAN CITY - use letters, spaces, dashes, apostrophes only.
"; echo "

".substr_replace($errors["parentcityErr"],'',0,4)."

"; } $forbid_arr = array("$", chr(34), "%", "?", chr(92), chr(47), "*", "[", "]", "{", "}", "@", "<", ">", "|"); $_POST["C2_City"] = filterString($_POST["C2_City"],$forbid_arr); } if(!empty($_POST["A1_State"])){ if (strpbrk($_POST["A1_State"],"$%?/\^*&#[]{}@|".chr(34)) != FALSE) { $errors["localstateErr"] = $localstateErr = "<-- *Forbidden characters found in LOCAL STATE name - use letters, spaces, dashes, apostrophes only.
"; echo "

".substr_replace($errors["localstateErr"],'',0,4)."

"; } $forbid_arr = array("$", chr(34), "%", "?", chr(92), chr(47), "^", "*", "&", "#", "[", "]", "{", "}", "@", "<", ">", "|"); $_POST["A1_State"] = filterString($_POST["A1_State"],$forbid_arr); } if(!empty($_POST["A2_State"])){ if (strpbrk($_POST["A2_State"],"$%?/\^*&#[]{}@|".chr(34)) != FALSE) { $errors["homestateErr"] = $homestateErr = "<-- *Forbidden characters found in HOME STATE name - use letters, spaces, dashes, apostrophes only.
"; echo "

".substr_replace($errors["homestateErr"],'',0,4)."

"; } $forbid_arr = array("$", chr(34), "%", "?", chr(92), chr(47), "*", "&", "#", "[", "]", "{", "}", "@", "<", ">", "|"); $_POST["A2_State"] = filterString($_POST["A2_State"],$forbid_arr); } if(!empty($_POST["C2_State"])){ if (strpbrk($_POST["C2_State"],"$%?/\^*&#[]{}@|".chr(34)) != FALSE) { $errors["parentstateErr"] = $parentstateErr = "<-- *Forbidden characters found PARENT/GUARDIAN STATE name - use letters, spaces, dashes, apostrophes only.
"; echo "

".substr_replace($errors["parentstateErr"],'',0,4)."

"; } $forbid_arr = array("$", chr(34), "%", "?", chr(92), chr(47), "*", "&", "#", "[", "]", "{", "}", "@", "<", ">", "|"); $_POST["C2_State"] = filterString($_POST["C2_State"],$forbid_arr); } if(!empty($_POST["A1_ZipCode"])){ if (strpbrk($_POST["A1_ZipCode"],"$%?/\^*@|".chr(34)) != FALSE) { $errors["localzipErr"] = $localzipErr = "<-- *Forbidden characters found LOCAL ZIP/POST code - use numbers, letters, spaces, dash only.
"; echo "

".substr_replace($errors["localzipErr"],'',0,4)."

"; } $forbid_arr = array("$", chr(34), "%", "?", chr(92), chr(47), "*", "@", "<", ">", "|"); $_POST["A1_ZipCode"] = filterString($_POST["A1_ZipCode"],$forbid_arr); } if(!empty($_POST["A2_ZipCode"])){ if (strpbrk($_POST["A2_ZipCode"],"$%?/\^*@|".chr(34)) != FALSE) { $errors["homezipErr"] = $homezipErr = "<-- *Forbidden characters found in HOME ZIP/POST code - use numbers, letters, spaces, dash only.
"; echo "

".substr_replace($errors["homezipErr"],'',0,4)."

"; } $forbid_arr = array("$", chr(34), "%", "?", chr(92), chr(47), "*", "@", "<", ">", "|"); $_POST["A2_ZipCode"] = filterString($_POST["A2_ZipCode"],$forbid_arr); } if(!empty($_POST["C2_ZipCode"])){ if (strpbrk($_POST["C2_ZipCode"],"$%?/\^*@|".chr(34)) != FALSE) { $errors["parentzipErr"] = $parentzipErr = "<-- *Forbidden characters found in PARENT/GUARDIAN ZIP/POST code - use numbers, letters, spaces, dash only.
"; echo "

".substr_replace($errors["parentzipErr"],'',0,4)."

"; } $forbid_arr = array("$", chr(34), "%", "?", chr(92), chr(47), "*", "@", "<", ">", "|"); $_POST["C2_ZipCode"] = filterString($_POST["C2_ZipCode"],$forbid_arr); } if(!empty($_POST["A1_Country"])){ if (strpbrk($_POST["A1_Country"],"$%?/\^*&#@|1234567890".chr(34)) != FALSE) { $errors["localcountryErr"] = $localcountryErr = "<-- *Forbidden characters found - use letters, spaces, dash only.
"; echo "

".substr_replace($errors["localcountryErr"],'',0,4)."

"; } $forbid_arr = array("$", chr(34), "%", "?", chr(92), chr(47), "*", "&", "#", "@", "<", ">", "|", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0"); $_POST["A1_Country"] = filterString($_POST["A1_Country"],$forbid_arr); } if(!empty($_POST["C2_Country"])){ if (strpbrk($_POST["C2_Country"],"$%?/\^*&#@|1234567890".chr(34)) != FALSE) { $errors["parentcountryErr"] = $parentcountryErr = "<-- *Forbidden characters found - use letters, spaces, dash only.
"; echo "

".substr_replace($errors["parentcountryErr"],'',0,4)."

"; } $forbid_arr = array("$", chr(34), "%", "?", chr(92), chr(47), "*", "&", "#", "@", "<", ">", "|", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0"); $_POST["C2_Country"] = filterString($_POST["C2_Country"],$forbid_arr); } // Telephone number validation and sanitization if(!empty($_POST["A1_CellPhone"])){ if (preg_match("/[^0-9-).+( ]/", $_POST["A1_CellPhone"])) { $errors["athletecellErr"] = $athletecellErr = "<-- *Forbidden characters found - use numbers, parenthesis, spaces, periods, and dash only.
"; echo "

".substr_replace($errors["athletecellErr"],'',0,4)."

"; } $_POST["A1_CellPhone"] = filter_var(trim($_POST["A1_CellPhone"]), FILTER_SANITIZE_STRING); $_POST["A1_CellPhone"] = preg_replace("/[^0-9-).+( ]/", "", $_POST["A1_CellPhone"]); } if(!empty($_POST["C2_HomePhone"])){ if (preg_match("/[^0-9-).+( ]/", $_POST["C2_HomePhone"])) { $errors["parenthomephoneErr"] = $parenthomephoneErr = "<-- *Forbidden characters found - use numbers, parenthesis, spaces, periods, and dash only.
"; echo "

".substr_replace($errors["parenthomephoneErr"],'',0,4)."

"; } $_POST["C2_HomePhone"] = filter_var(trim($_POST["C2_HomePhone"]), FILTER_SANITIZE_STRING); $_POST["C2_HomePhone"] = preg_replace("/[^0-9-).+( ]/", "", $_POST["C2_HomePhone"]); } if(!empty($_POST["C2_CellPhone"])){ if (preg_match("/[^0-9-).+( ]/", $_POST["C2_CellPhone"])) { $errors["parentcellErr"] = $parentcellErr = "<-- *Forbidden characters found - use numbers, parenthesis, spaces, periods, and dash only.
"; echo "

".substr_replace($errors["parentcellErr"],'',0,4)."

"; } $_POST["C2_CellPhone"] = filter_var(trim($_POST["C2_CellPhone"]), FILTER_SANITIZE_STRING); $_POST["C2_CellPhone"] = preg_replace("/[^0-9-).+( ]/", "", $_POST["C2_CellPhone"]); } if(!empty($_POST["C1_CellPhone"])){ if (preg_match("/[^0-9-).+( ]/", $_POST["C1_CellPhone"])) { $errors["emergcontactcellErr"] = $emergcontactcellErr = "<-- *Forbidden characters found - use numbers, parenthesis, spaces, periods, and dash only.
"; echo "

".substr_replace($errors["emergcontactcellErr"],'',0,4)."

"; } $_POST["C1_CellPhone"] = filter_var(trim($_POST["C1_CellPhone"]), FILTER_SANITIZE_STRING); $_POST["C1_CellPhone"] = preg_replace("/[^0-9-).+( ]/", "", $_POST["C1_CellPhone"]); } if(!empty($_POST["C1_WorkPhone"])){ if (preg_match("/[^0-9-).+( ]/", $_POST["C1_WorkPhone"])) { $errors["emergworkphoneErr"] = $emergworkphoneErr = "<-- *Forbidden characters found - use numbers, parenthesis, spaces, periods, and dash only.
"; echo "

".substr_replace($errors["emergworkphoneErr"],'',0,4)."

"; } $_POST["C1_WorkPhone"] = filter_var(trim($_POST["C1_WorkPhone"]), FILTER_SANITIZE_STRING); $_POST["C1_WorkPhone"] = preg_replace("/[^0-9-).+( ]/", "", $_POST["C1_WorkPhone"]); } if(!empty($_POST["I1_PolicyHolder_Phone"])){ if (preg_match("/[^0-9-).+( ]/", $_POST["I1_PolicyHolder_Phone"])) { $errors["insuredphoneErr"] = $insuredphoneErr = "<-- *Forbidden characters found - use numbers, parenthesis, spaces, periods, and dash only.
"; echo "

".substr_replace($errors["insuredphoneErr"],'',0,4)."

"; } $_POST["I1_PolicyHolder_Phone"] = filter_var(trim($_POST["I1_PolicyHolder_Phone"]), FILTER_SANITIZE_STRING); $_POST["I1_PolicyHolder_Phone"] = preg_replace("/[^0-9-).+( ]/", "", $_POST["I1_PolicyHolder_Phone"]); } if(!empty($_POST["I1_Phone"])){ if (preg_match("/[^0-9-).+( ]/", $_POST["I1_Phone"])) { $errors["insurphoneErr"] = $insurphoneErr = "<-- *Forbidden characters found - use numbers, parenthesis, spaces, periods, and dash only.
"; echo "

".substr_replace($errors["insurphoneErr"],'',0,4)."

"; } $_POST["I1_Phone"] = filter_var(trim($_POST["I1_Phone"]), FILTER_SANITIZE_STRING); $_POST["I1_Phone"] = preg_replace("/[^0-9-).+( ]/", "", $_POST["I1_Phone"]); } // Validate and sanitize email fields if(!empty($_POST["A1_eMail"])){ if(!filter_var($_POST["A1_eMail"], FILTER_VALIDATE_EMAIL)) { $errors["athleteeMailErr"] = $athleteeMailErr = "<-- *eMail address does not appear to be properly formatted: ".$_POST["A1_eMail"]."
"; echo "

".substr_replace($errors["athleteeMailErr"],'',0,4)."

"; // Strip out forbidden characters $forbid_arr = array(chr(34), "<", ">", ")", ",", ":", ";", "]", "(", chr(92), "["); $_POST["A1_eMail"] = str_replace($forbid_arr, "", $_POST["A1_eMail"]); } // Sanitize e-mail address $_POST["A1_eMail"] = filter_var(trim($_POST["A1_eMail"]), FILTER_SANITIZE_EMAIL); } if(!empty($_POST["C2_eMail"])){ if(!filter_var($_POST["C2_eMail"], FILTER_VALIDATE_EMAIL)) { $errors["parenteMailErr"] = $parenteMailErr = "<-- *eMail address does not appear to be properly formatted: ".$_POST["C2_eMail"]."
"; echo "

".substr_replace($errors["parenteMailErr"],'',0,4)."

"; // Strip out forbidden characters $forbid_arr = array(chr(34), "<", ">", ")", ",", ":", ";", "]", "(", chr(92), "["); $_POST["C2_eMail"] = str_replace($forbid_arr, "", $_POST["C2_eMail"]); } // Sanitize e-mail address $_POST["C2_eMail"] = filter_var(trim($_POST["C2_eMail"]), FILTER_SANITIZE_EMAIL); } // general string validation and sanitization if(!empty($_POST["SSN"])){ if (strpbrk($_POST["SSN"],"$%?/\^*:;&[](){}#@=+~,.|".chr(34).chr(32)) != FALSE) { $errors["ssnErr"] = $ssnErr = "<-- *Forbidden characters found - use numbers, dash only.
"; echo "

".substr_replace($errors["ssnErr"],'',0,4)."

"; } $forbid_arr = array("$", chr(34), chr(32), "%", "?", chr(92), chr(47), "*", "~", "&", "#", "@", "}", "{", "<", ";", "=", "+", "(", ")", "]", "[", ":", ".", ",", ">", "|"); $_POST["SSN"] = filterString($_POST["SSN"],$forbid_arr); } if(!empty($_POST["I1_InsuredID"])){ if (strpbrk($_POST["I1_InsuredID"],"$%?/\^*:;&[](){}#@=+~,.|".chr(34).chr(32)) != FALSE) { $errors["insuredssnErr"] = $insuredssnErr = "<-- *Forbidden characters found - use numbers, dash only.
"; echo "

".substr_replace($errors["insuredssnErr"],'',0,4)."

"; } $forbid_arr = array("$", chr(34), chr(32), "%", "?", chr(92), chr(47), "*", "~", "&", "#", "@", "}", "{", "<", ";", "=", "+", "(", ")", "]", "[", ":", ".", ",", ">", "|"); $_POST["I1_InsuredID"] = filterString($_POST["I1_InsuredID"],$forbid_arr); } if(!empty($_POST["C2_FirstName"])){ if (strpbrk($_POST["C2_FirstName"],"$%?/\*:;&[](){}#@=+~,.|1234567890".chr(34)) != FALSE) { $errors["parentnameErr"] = $parentnameErr = "<-- *Forbidden characters found - use letters, spaces, dash only.
"; echo "

".substr_replace($errors["parentnameErr"],'',0,4)."

"; } $forbid_arr = array("$", chr(34), "%", "?", chr(92), chr(47), "*", "~", "&", "#", "@", "}", "{", "<", ";", "=", "+", "(", ")", "]", "[", ":", ".", ",", ">", "|", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0"); $_POST["C2_FirstName"] = filterString($_POST["C2_FirstName"],$forbid_arr); } if(!empty($_POST["C1_FirstName"])){ if (strpbrk($_POST["C1_FirstName"],"$%?/\*:;&[](){}#@=+~,.|1234567890".chr(34)) != FALSE) { $errors["emergcontactnameErr"] = $emergcontactnameErr = "<-- *Forbidden characters found - use letters, spaces, dash only.
"; echo "

".substr_replace($errors["emergcontactnameErr"],'',0,4)."

"; } $forbid_arr = array("$", chr(34), "%", "?", chr(92), chr(47), "*", "~", "&", "#", "@", "}", "{", "<", ";", "=", "+", "(", ")", "]", "[", ":", ".", ",", ">", "|", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0"); $_POST["C1_FirstName"] = filterString($_POST["C1_FirstName"],$forbid_arr); } if(!empty($_POST["C1_Relationship"])){ if (strpbrk($_POST["C1_Relationship"],"$%?/\^*:;&[](){}#@=+~,.|1234567890".chr(34)) != FALSE) { $errors["emergcontactrelationErr"] = $emergcontactrelationErr = "<-- *Forbidden characters found - use letters, spaces, dash only.
"; echo "

".substr_replace($errors["emergcontactrelationErr"],'',0,4)."

"; } $forbid_arr = array("$", chr(34), "%", "?", chr(92), chr(47), "*", "~", "&", "#", "@", "}", "{", "<", ";", "=", "+", "(", ")", "]", "[", ":", ".", ",", ">", "|", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0"); $_POST["C1_Relationship"] = filterString($_POST["C1_Relationship"],$forbid_arr); } if(!empty($_POST["I1_PolicyHolder_First"])){ if (strpbrk($_POST["I1_PolicyHolder_First"],"$%?/\*:;&[](){}#@=+~,.|1234567890".chr(34)) != FALSE) { $errors["insurednameErr"] = $insurednameErr = "<-- *Forbidden characters found - use letters, spaces, dash only.
"; echo "

".substr_replace($errors["insurednameErr"],'',0,4)."

"; } $forbid_arr = array("$", chr(34), "%", "?", chr(92), chr(47), "*", "~", "&", "#", "@", "}", "{", "<", ";", "=", "+", "(", ")", "]", "[", ":", ".", ",", ">", "|", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0"); $_POST["I1_PolicyHolder_First"] = filterString($_POST["I1_PolicyHolder_First"],$forbid_arr); } if(!empty($_POST["insured_relation"])){ if (strpbrk($_POST["insured_relation"],"$%?/\^*:;&[](){}#@=+~,.|1234567890".chr(34)) != FALSE) { $errors["insuredrelationErr"] = $insuredrelationErr = "<-- *Forbidden characters found - use letters, spaces, dash only.
"; echo "

".substr_replace($errors["insuredrelationErr"],'',0,4)."

"; } $forbid_arr = array("$", chr(34), "%", "?", chr(92), chr(47), "*", "~", "&", "#", "@", "}", "{", "<", ";", "=", "+", "(", ")", "]", "[", ":", ".", ",", ">", "|", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0"); $_POST["insured_relation"] = filterString($_POST["insured_relation"],$forbid_arr); } if(!empty($_POST["insured_employer"])){ if (strpbrk($_POST["insured_employer"],"%/\;[]{}~|") != FALSE) { $errors["insuredemployErr"] = $insuredemployErr = "<-- *Forbidden characters found: ".$_POST["insured_employer"]."
"; echo "

".substr_replace($errors["insuredemployErr"],'',0,4)."

"; } $forbid_arr = array( "%", chr(92), "~", "}", "{", "<", "]", "[", ";", ">", "|"); $_POST["insured_employer"] = filterString($_POST["insured_employer"],$forbid_arr); } if(!empty($_POST["insured_employer_address"])){ if (strpbrk($_POST["insured_employer_address"],"$%\*[]{}@=+|".chr(34)) != FALSE) { $errors["insuredemployaddressErr"] = $insuredemployaddressErr = "<-- *Forbidden characters found: ".$_POST["insured_employer_address"]; echo "

".substr_replace($errors["insuredemployaddressErr"],'',0,4)."

"; } $forbid_arr = array("$", chr(34), "%", chr(92), "*", "@", "<", "=", "+", "]", "[", ">", "|"); $_POST["insured_employer_address"] = filterString($_POST["insured_employer_address"],$forbid_arr); } if(!empty($_POST["I1_Company"])){ if (strpbrk($_POST["I1_Company"],"%/\;[]{}~|") != FALSE) { $errors["insurcoErr"] = $insurcoErr = "<-- *Forbidden characters found: ".$_POST["I1_Company"]."
"; echo "

".substr_replace($errors["insurcoErr"],'',0,4)."

"; } $forbid_arr = array( "%", chr(92), "~", "}", "{", "<", "]", "[", ";", ">", "|"); $_POST["I1_Company"] = filterString($_POST["I1_Company"],$forbid_arr); } if(!empty($_POST["I1_Address1"])){ if (strpbrk($_POST["I1_Address1"],"$%\*[]{}@=+|".chr(34)) != FALSE) { $errors["insuraddressErr"] = $insuraddressErr = "<-- *Forbidden characters found: ".$_POST["I1_Address1"]."
"; echo "

".substr_replace($errors["insuraddressErr"],'',0,4)."

"; } $forbid_arr = array("$", chr(34), "%", chr(92), "*", "@", "<", "=", "+", "]", "[", ">", "|"); $_POST["I1_Address1"] = filterString($_POST["I1_Address1"],$forbid_arr); } if(!empty($_POST["I1_Group"])){ if (strpbrk($_POST["I1_Group"],"%\^=;[]{}~|".chr(34)) != FALSE) { $errors["groupErr"] = $groupErr = "<-- *Forbidden characters found: ".$_POST["I1_Group"]."
"; echo "

".substr_replace($errors["groupErr"],'',0,4)."

"; } $forbid_arr = array( "%", chr(92), "~", "}", "{", "^", "=", "<", "]", "[", ";", ">", "|"); $_POST["I1_Group"] = filterString($_POST["I1_Group"],$forbid_arr); } if(!empty($_POST["I1_Policy"])){ if (strpbrk($_POST["I1_Policy"],"%\^=;[]{}~|".chr(34)) != FALSE) { $errors["policyErr"] = $policyErr = "<-- *Forbidden characters found: ".$_POST["I1_Policy"]."
"; echo "

".substr_replace($errors["policyErr"],'',0,4)."

"; } $forbid_arr = array( "%", chr(92), "~", "}", "{", "^", "=", "<", "]", "[", ";", ">", "|"); $_POST["I1_Policy"] = filterString($_POST["I1_Policy"],$forbid_arr); } if(!empty($_POST["I1_Plan"])){ if (strpbrk($_POST["I1_Plan"],"%\^=;[]{}~|".chr(34)) != FALSE) { $errors["planErr"] = $planErr = "<-- *Forbidden characters found: ".$_POST["I1_Plan"]."
"; echo "

".substr_replace($errors["planErr"],'',0,4)."

"; } $forbid_arr = array( "%", chr(92), "~", "}", "{", "^", "=", "<", "]", "[", ";", ">", "|"); $_POST["I1_Plan"] = filterString($_POST["I1_Plan"],$forbid_arr); } if(!empty($_POST["I1_ID"])){ if (strpbrk($_POST["I1_ID"],"%\^=;[]{}~|".chr(34)) != FALSE) { $errors["idErr"] = $idErr = "<-- *Forbidden characters found: ".$_POST["I1_ID"]."
"; echo "

".substr_replace($errors["idErr"],'',0,4)."

"; } $forbid_arr = array( "%", chr(92), "~", "}", "{", "^", "=", "<", "]", "[", ";", ">", "|"); $_POST["I1_ID"] = filterString($_POST["I1_ID"],$forbid_arr); } // insert strings from checkboxes (if selected) if(isset($_POST["insur_type_hmo"])) { if(empty($_POST["I1_Type"])) { $_POST["I1_Type"] .= $_POST["insur_type_hmo"]; } else { $_POST["I1_Type"] .= ", ".$_POST["insur_type_hmo"]; } } if(isset($_POST["insur_type_ppo"])) { if(empty($_POST["insur_type_hmo"]) && empty($_POST["I1_Type"])) { $_POST["I1_Type"] .= $_POST["insur_type_ppo"]; } else { $_POST["I1_Type"] .= ", ".$_POST["insur_type_ppo"]; } } if(isset($_POST["insur_type_pos"])) { if(empty($_POST["insur_type_hmo"]) && empty($_POST["insur_type_ppo"]) && empty($_POST["I1_Type"])) { $_POST["I1_Type"] .= $_POST["insur_type_pos"]; } else { $_POST["I1_Type"] .= ", ".$_POST["insur_type_pos"]; } } if(isset($_POST["insur_type_medicaid"])) { if(empty($_POST["insur_type_hmo"]) && empty($_POST["I1_Type"]) && empty($_POST["insur_type_ppo"]) && empty($_POST["insur_type_pos"])) { $_POST["I1_Type"] .= $_POST["insur_type_medicaid"]; } else { $_POST["I1_Type"] .= ", ".$_POST["insur_type_medicaid"]; } } if(!empty($_POST["I1_Type"])){ if (strpbrk($_POST["I1_Type"],"%/\;[]{}~|") != FALSE) { $errors["insurotherErr"] = $insurotherErr = "<-- *Forbidden characters found: ".$_POST["I1_Type"]."
"; echo "

".substr_replace($errors["insurotherErr"],'',0,4)."

"; } $forbid_arr = array( "%", chr(92), "~", "}", "{", "<", "]", "[", ";", ">", "|"); $_POST["I1_Type"] = filterString($_POST["I1_Type"],$forbid_arr); } if(!empty($_POST["Notes"])){ if (strpbrk($_POST["Notes"],"[]{}|") != FALSE) { $errors["commentErr"] = $commentErr = "<-- *Forbidden characters found: ".$_POST["Notes"]; echo "

".substr_replace($errors["commentErr"],'',0,4)."

"; } $forbid_arr = array( "%", chr(92), "}", "{", "<", "]", "[", ">", "|"); $_POST["Notes"] = filterString($_POST["Notes"],$forbid_arr); } // validate and sanitize URL if(!empty($_POST["I1_Address2"])){ if(!filter_var($_POST["I1_Address2"], FILTER_VALIDATE_URL)) { $errors["URLErr"] = $URLErr = "<-- *Website URL does not appear to be properly formatted: ".$_POST["I1_Address2"]."
"; echo "

".substr_replace($errors["URLErr"],'',0,4)."

"; // Strip out forbidden characters $forbid_arr = array(chr(34), "<", ">", ")", ",", ":", ";", "]", "(", "["); $_POST["insurance_company_website"] = str_replace($forbid_arr, "", $_POST["I1_Address2"]); } // Sanitize e-mail address $_POST["I1_Address2"] = filter_var(trim($_POST["I1_Address2"]), FILTER_SANITIZE_URL); } } $input_array = $_POST; // foreach ($input_array as $value) { foreach($input_array as $key=>$value) { if(!empty($value)) { // echo "$value
"; } } // echo "
"; // echo "********************************************************************************************
"; // echo "********************************************************************************************
"; // echo "
"; if(!empty($_POST)) { // Check for input errors, set $send value $send = TRUE; foreach ($errors as $key=>$value){ if(!empty($value)) { $send = FALSE; echo $key." set to false"; echo "
"; } } } if($send) { // create csv file with unique filename $csvFile = $_POST["LastName"].date("dmyHis").".csv"; $csv_data = $csv_head = array(); foreach($_POST as $key=>$value) { // skip fields not in SW if($key != "insured" && $key != "insured_relation" && $key != "insured_employer" && $key != "insured_employer_address" && $key != "I1_ID" && $key != "insurance_rx" && $key != "send") { // skip empty fields (SW compatability) if(!empty($value)) { $csv_head[$key] = $key; $csv_data[$key] = $value; } } } $file_open = fopen($csvFile, "w"); fputcsv($file_open, $csv_head); if(fputcsv($file_open, $csv_data) == FALSE) { // something went wrong } else { echo $csvFile; echo "
"; } fclose($file_open); } if($send) { // CREATE PDF FILE! ob_start(); require ('fpdf.php'); $pdf = new FPDF('P','mm','Letter'); $pdf->AddPage(); $pdf->SetMargins(3, 20, 3); // Logo $pdf->Image("CSU_logoBW.png", 7, 5); //$pdf->Ln(13); // page heading $pdf->SetY(5); $pdf->SetFont('Times', 'B', 14); $pdf->Cell(216, 5, "CLEVELAND STATE UNIVERSITY", 0, 1, 'C'); $pdf->SetFont('Times', 'B', 12); $pdf->Cell(215, 4, "Sports Medicine", 0, 1, 'C'); $pdf->Cell(215, 4, "(2020-21)", 0, 1, 'C'); // body $pdf->Ln(18); $pdf->SetLeftMargin(7); $pdf->SetFont('Times', 'BU', 10); $pdf->Write(4, 'General Athete Information:'); $pdf->SetFont('Times', '', 9); $pdf->Ln(); $pdf->Ln(); $pdf->Cell(16, 3, 'First Name:', 0, 0); $pdf->Cell(38, 3, " ".$_POST["FirstName"], 'B', 0); $pdf->Cell(16, 3, 'Last Name:', 0, 0); $pdf->Cell(50, 3, " ".$_POST["LastName"], 'B', 0); $pdf->Cell(9, 3, 'Sport:', 0, 0); $pdf->Cell(45, 3, " ".$_POST["Sport1"], 'B', 1); $pdf->Ln(); $pdf->Cell(33, 3, 'Social Security Number:', 0, 0); $pdf->Cell(28, 3, " ".$_POST["SSN"], 'B', 0); $pdf->Cell(15, 3, 'CSU ID #:', 0, 0); $pdf->Cell(30, 3, " ".$_POST["ID"], 'B', 0); $pdf->Cell(16, 3, 'Birth Date:', 0, 0); $pdf->Cell(33, 3, " ".$_POST["BirthDate"], 'B', 1); $pdf->Ln(); $pdf->Ln(); $pdf->Cell(26, 3, 'CAMPUS Address:', 0, 0); $pdf->Cell(65, 3, " ".$_POST["A1_Address1"], 'B', 0); $pdf->Cell(40, 3, $_POST["A1_City"], 'B', 0); $pdf->Cell(32, 3, $_POST["A1_State"], 'B', 0); $pdf->Cell(20, 3, $_POST["A1_ZipCode"], 'B', 1); $pdf->SetFont('Times', '', 7); $pdf->Cell(38, 2, "Street", 0, 0, 'R'); $pdf->Cell(62, 2, "City", 0, 0, 'R'); $pdf->Cell(42, 2, "State", 0, 0, 'R'); $pdf->Cell(40, 2, "Zip/Postal Code", 0, 1, 'R'); $pdf->SetFont('Times', '', 9); $pdf->Ln(); $pdf->Cell(23, 3, 'HOME Address:', 0, 0); $pdf->Cell(56, 3, " ".$_POST["A2_Address1"], 'B', 0); $pdf->Cell(29, 3, " ".$_POST["A2_City"], 'B', 0); $pdf->Cell(32, 3, " ".$_POST["A2_State"], 'B', 0); $pdf->Cell(18, 3, " ".$_POST["A2_ZipCode"], 'B', 0); $pdf->Cell(26, 3, " ".$_POST["A2_Country"], 'B', 1); $pdf->SetFont('Times', '', 7); $pdf->Cell(36, 2, "Street", 0, 0, 'R'); $pdf->Cell(55, 2, "City", 0, 0, 'R'); $pdf->Cell(27, 2, "State", 0, 0, 'R'); $pdf->Cell(41, 2, "Zip/Postal Code", 0, 0, 'R'); $pdf->Cell(12, 2, "Country", 0, 1, 'R'); $pdf->SetFont('Times', '', 9); $pdf->Ln(); $pdf->Ln(); $pdf->Cell(30, 3, 'Cell or Home Phone #:', 0, 0); $pdf->Cell(50, 3, " ".$_POST["A1_CellPhone"], 'B', 0); $pdf->Cell(21, 3, 'E-mail address:', 0, 0); $pdf->Cell(60, 3, " ".$_POST["A1_eMail"], 'B', 1); $pdf->Ln(); $pdf->Ln(); $pdf->Ln(); $pdf->SetFont('Times', 'BU', 10); $pdf->Write(4, 'Parent/Guardian Information:'); $pdf->SetFont('Times', '', 9); $pdf->Ln(); $pdf->Ln(); $pdf->Cell(31, 3, 'Parent/Guardian Name:', 0, 0); $pdf->Cell(70, 3, " ".$_POST["C2_FirstName"], 'B', 1); $pdf->Ln(); $pdf->Cell(34, 3, 'Parent/Guardian Address:', 0, 0); $pdf->Cell(56, 3, " ".$_POST["C2_Address1"], 'B', 0); $pdf->Cell(29, 3, " ".$_POST["C2_City"], 'B', 0); $pdf->Cell(32, 3, " ".$_POST["C2_State"], 'B', 0); $pdf->Cell(18, 3, " ".$_POST["C2_ZipCode"], 'B', 0); $pdf->Cell(26, 3, " ".$_POST["C2_Country"], 'B', 1); $pdf->SetFont('Times', '', 7); $pdf->Cell(44, 2, "Street", 0, 0, 'R'); $pdf->Cell(55, 2, "City", 0, 0, 'R'); $pdf->Cell(30, 2, "State", 0, 0, 'R'); $pdf->Cell(41, 2, "Zip/Postal Code", 0, 0, 'R'); $pdf->Cell(12, 2, "Country", 0, 1, 'R'); $pdf->SetFont('Times', '', 9); $pdf->Ln(); $pdf->Cell(21, 3, 'Home Phone #:', 0, 0); $pdf->Cell(36, 3, " ".$_POST["C2_HomePhone"], 'B', 0); $pdf->Cell(18, 3, 'Cell Phone #:', 0, 0); $pdf->Cell(36, 3, " ".$_POST["C2_CellPhone"], 'B', 0); $pdf->Cell(21, 3, 'E-mail address:', 0, 0); $pdf->Cell(60, 3, " ".$_POST["C2_eMail"], 'B', 1); $pdf->Ln(); $pdf->Ln(); $pdf->SetFont('Times', 'B', 9); $pdf->Cell(38, 3, 'Emergency Contact Name:', 0, 0); $pdf->SetFont('Times', '', 9); $pdf->Cell(70, 3, " ".$_POST["C1_FirstName"], 'B', 0); $pdf->SetFont('Times', 'B', 9); $pdf->Cell(19, 3, 'Relationship:', 0, 0); $pdf->SetFont('Times', '', 9); $pdf->Cell(68, 3, " ".$_POST["C1_Relationship"], 'B', 1); $pdf->Ln(); $pdf->SetFont('Times', 'B', 9); $pdf->Cell(47, 3, 'Emergency Contact Cell Phone #:', 0, 0); $pdf->SetFont('Times', '', 9); $pdf->Cell(48, 3, " ".$_POST["C1_CellPhone"], 'B', 0); $pdf->SetFont('Times', 'B', 9); $pdf->Cell(50, 3, 'Emergency Contact Work Phone #:', 0, 0); $pdf->SetFont('Times', '', 9); $pdf->Cell(48, 3, " ".$_POST["C1_WorkPhone"], 'B', 1); $pdf->Ln(); $pdf->Ln(); // draw double horizontal line $Yval = $pdf->GetY(); $pdf->Line(7, $Yval, 200, $Yval); $pdf->Ln(.4); $Yval = $pdf->GetY(); $pdf->Line(7, $Yval, 200, $Yval); $pdf->Ln(); $pdf->Ln(); $pdf->SetFont('Times', 'BU', 10); $pdf->Ln(); $pdf->Write(4, 'Health Insurance Information:'); $pdf->Ln(); $pdf->Ln(); $pdf->SetFont('Times', 'B', 10); $pdf->Write(4, "Is the student-athlete currently covered by parents or any medical insurance policy? "); $Xval = $pdf->GetX(); $pdf->SetX($Xval+3); $pdf->Cell(10, 4, "YES:", 0, 0); $pdf->SetFont('zapfdingbats', '', 9); $pdf->SetLineWidth(0.3); // add radio buttons - depending on which one was selected if($_POST["insured"] == "yes: Insured") { $pdf->Cell(5, 4, '4', 1, 0); $Xval = $pdf->GetX(); $pdf->SetFont('Times', 'B', 10); $pdf->SetX($Xval+4); $pdf->Cell(8, 4, "NO:", 0, 0); $pdf->SetFont('zapfdingbats', '', 9); $pdf->Cell(5, 4, '', 1, 1); } elseif($_POST["insured"] == "no: UNINSURED") { $pdf->Cell(5, 4, '', 1, 0); $Xval = $pdf->GetX(); $pdf->SetFont('Times', 'B', 10); $pdf->SetX($Xval+4); $pdf->Cell(8, 4, "NO:", 0, 0); $pdf->SetFont('zapfdingbats', '', 10); $pdf->Cell(5, 4, '6', 1, 1); } $pdf->SetFont('Times', '', 8); $pdf->Cell(23, 3, "** If you answered ", 0, 0); $pdf->SetFont('Times', 'B', 9); $pdf->Cell(5, 3, "NO", 0, 0); $pdf->SetFont('Times', '', 8); $pdf->Cell(66, 3, ", please refer to the page in the information packet for the ", 0, 0); $pdf->SetFont('Times', 'B', 8); $pdf->Cell(85, 3, "Statement Declaring Lack Of Health Insurance Form (MUST BE NOTARIZED).", 0, 1); $pdf->SetFont('Times', '', 8); $pdf->Cell(23, 3, "** If you answered ", 0, 0); $pdf->SetFont('Times', 'B', 9); $pdf->Cell(6, 3, "YES", 0, 0); $pdf->SetFont('Times', '', 8); $pdf->Cell(50, 3, ", please complete the following information ", 0, 0); $pdf->SetFont('Times', 'B', 8); $pdf->Cell(73, 3, "and provide a copy of the insurance card (front AND back).", 0, 1); $pdf->SetFont('Times', '', 9); $pdf->SetLineWidth(.2); $pdf->Ln(); $pdf->Ln(); $pdf->Cell(23, 3, 'Name of Insured:', 0, 0); $pdf->Cell(70, 3, " ".$_POST["I1_PolicyHolder_First"], 'B', 1); $pdf->Ln(); $pdf->Cell(32, 3, 'Social Security Number:', 0, 0); $pdf->Cell(28, 3, " ".$_POST["I1_InsuredID"], 'B', 0); $pdf->Cell(19, 3, 'Date of Birth:', 0, 0); $pdf->Cell(33, 3, " ".$_POST["I1_DOB"], 'B', 0); $pdf->Cell(27, 3, 'Telephone Number:', 0, 0); $pdf->Cell(43, 3, " ".$_POST["I1_PolicyHolder_Phone"], 'B', 1); $pdf->Ln(); $pdf->Cell(32, 3, 'Relationship to Athlete:', 0, 0); $pdf->Cell(45, 3, " ".$_POST["insured_relation"], 'B', 0); $pdf->Cell(27, 3, "Insured's Employer:", 0, 0); $pdf->Cell(55, 3, " ".$_POST["insured_employer"], 'B', 1); $pdf->Ln(); $pdf->Cell(27, 3, 'Employers Address:', 0, 0); $pdf->Cell(145, 3, " ".$_POST["insured_employer_address"], 'B', 1); $pdf->Ln(); $pdf->Ln(); $pdf->Cell(39, 3, 'Name of Insurance Company:', 0, 0); $pdf->Cell(65, 3, " ".$_POST["I1_Company"], 'B', 0); $pdf->Cell(31, 3, 'Insurance Telephone #:', 0, 0); $pdf->Cell(40, 3, " ".$_POST["I1_Phone"], 'B', 1); $pdf->Ln(); $pdf->Cell(38, 3, 'Insurance Company Address:', 0, 0); $pdf->Cell(143, 3, " ".$_POST["I1_Address1"], 'B', 1); $pdf->Ln(); $pdf->Cell(25, 3, 'Insurance Website:', 0, 0); $pdf->Cell(80, 3, " ".$_POST["I1_Address2"], 'B', 1); $pdf->Ln(); $pdf->Cell(12, 3, 'Group #:', 0, 0); $pdf->Cell(33, 3, " ".$_POST["I1_Group"], 'B', 0); $pdf->Cell(12, 3, 'Policy #:', 0, 0); $pdf->Cell(33, 3, " ".$_POST["I1_Policy"], 'B', 0); $pdf->Cell(10, 3, 'Plan #:', 0, 0); $pdf->Cell(32, 3, " ".$_POST["I1_Plan"], 'B', 0); $pdf->Cell(19, 3, 'Member/ID #:', 0, 0); $pdf->Cell(36, 3, " ".$_POST["I1_ID"], 'B', 1); $pdf->Ln(); $pdf->Ln(); $pdf->Cell(25, 3, 'Type of Insurance:', 0, 0); $Xval = $pdf->GetX(); $pdf->SetX($Xval+6); $pdf->SetFont('Times', 'B', 9); $pdf->Cell(11, 3, "HMO:", 0, 0); $pdf->SetFont('zapfdingbats', '', 9); $pdf->SetLineWidth(0.3); if(empty($_POST["insur_type_hmo"])) { $pdf->Cell(4, 3, '', 1, 0); } else { $pdf->Cell(4, 3, '4', 1, 0); } $pdf->SetFont('Times', 'B', 9); $Xval = $pdf->GetX(); $pdf->SetX($Xval+5); $pdf->Cell(10, 3, "PPO:", 0, 0); $pdf->SetFont('zapfdingbats', '', 9); if(empty($_POST["insur_type_ppo"])) { $pdf->Cell(4, 3, '', 1, 0); } else { $pdf->Cell(4, 3, '4', 1, 0); } $Xval = $pdf->GetX(); $pdf->SetX($Xval+5); $pdf->SetFont('Times', 'B', 9); $pdf->Cell(10, 3, "POS:", 0, 0); $pdf->SetFont('zapfdingbats', '', 9); if(empty($_POST["insur_type_pos"])) { $pdf->Cell(4, 3, '', 1, 0); } else { $pdf->Cell(4, 3, '4', 1, 0); } $Xval = $pdf->GetX(); $pdf->SetX($Xval+4); $pdf->SetFont('Times', 'B', 9); $pdf->Cell(16, 3, "Medicaid:", 0, 0); $pdf->SetFont('zapfdingbats', '', 9); if(empty($_POST["insur_type_medicaid"])) { $pdf->Cell(4, 3, '', 1, 0); } else { $pdf->Cell(4, 3, '4', 1, 0); } $Xval = $pdf->GetX(); $pdf->SetX($Xval+6); $pdf->SetLineWidth(0.2); $pdf->SetFont('Times', 'B', 9); $pdf->Cell(10, 3, "Other:", 0, 0); $pdf->SetFont('Times', '', 9); $pdf->Cell(60, 3, " ".$_POST["I1_Type"], 'B', 1); $pdf->Ln(); $pdf->Write(3, 'Does the insurance plan include prescription medication coverage?'); $Xval = $pdf->GetX(); $pdf->SetX($Xval+5); $pdf->Cell(10, 3, "YES:", 0, 0); $pdf->SetFont('zapfdingbats', '', 9); $pdf->SetLineWidth(0.3); // add radio buttons - depending on which one was selected if(!empty($_POST["insurance_rx"])) { if($_POST["insurance_rx"] == "yes") { $pdf->Cell(4, 3, '4', 1, 0); $Xval = $pdf->GetX(); $pdf->SetFont('Times', '', 9); $pdf->SetX($Xval+5); $pdf->Cell(8, 3, "NO:", 0, 0); $pdf->SetFont('zapfdingbats', '', 9); $pdf->Cell(4, 3, '', 1, 1); } elseif($_POST["insurance_rx"] == "no") { $pdf->Cell(4, 3, '', 1, 0); $Xval = $pdf->GetX(); $pdf->SetFont('Times', '', 9); $pdf->SetX($Xval+5); $pdf->Cell(8, 3, "NO:", 0, 0); $pdf->SetFont('zapfdingbats', '', 9); $pdf->Cell(4, 3, '6', 1, 1); } } else { $pdf->Cell(4, 3, '', 1, 0); $Xval = $pdf->GetX(); $pdf->SetFont('Times', '', 9); $pdf->SetX($Xval+5); $pdf->Cell(8, 3, "NO:", 0, 0); $pdf->Cell(4, 3, '', 1, 1); } $pdf->SetLineWidth(0.2); $pdf->SetFont('Times', '', 9); $pdf->Ln(); $pdf->Ln(); $pdf->Ln(); $pdf->Setfont('Times', 'B', 10); $pdf->Write(5, "** A COPY OF THE INSURANCE CARD (FRONT AND BACK) MUST BE INCLUDED WITH THIS FORM AND BE ON FILE IN THE CLEVELAND STATE UNIVERSITY ATHLETIC TRAINING ROOM **"); $pdf->Setfont('Times', '', 9); $pdf->Ln(); $pdf->Ln(); $pdf->Write(3, " Notes: ".$_POST["Notes"]); $pdf->Output( $_POST["LastName"]."_20-21_general_athlete_information.pdf", "F" ); ob_end_flush(); $pdfFile = $_POST["LastName"]."_20-21_general_athlete_information.pdf"; echo $pdfFile; echo "
"; } // /* if($send) { $_Files = [$csvFile, $pdfFile]; // Recipient email address $to = 'r.beninghof@csuohio.edu'; // $to = 'root@localhost'; // $from_email = "info@your_domain.com"; //from email using site domain. $subject = "General Athlete Information e-mail with attachment!"; //email subject line // $sender_email = "<".stripslashes($_POST['A1_eMail']).">"; if (!empty($_POST['A1_eMail'])) { $from = "<".stripslashes($_POST['A1_eMail']).">"; } else { // replace value in athlete email field - its aleady in the files! // $_POST["A1_eMail"] = "CSU athlete ".trim($_POST["FirstName"]).' '.trim($_POST["LastName"]); $_POST["A1_eMail"] = "athlete@website.com"; $from = "<".stripslashes($_POST['A1_eMail']).">"; } // generate a random string to be used as the boundary marker $mime_boundary = "==Multipart_Boundary_x".md5(mt_rand())."x"; // now we'll build the message headers $headers = "From: $from\r\n"."MIME-Version: 1.0\r\n"."Content-Type: multipart/mixed;\r\n". " boundary=\"{$mime_boundary}\""; // here, we'll start the message body. // this is the text that will be displayed // in the e-mail $message = "General athlete and insurance information for "; $message .= $_POST["FirstName"]." ".$_POST["LastName"]." (".$_POST["Sport1"].")"; // next, we'll build the invisible portion of the message body // note that we insert two dashes in front of the MIME boundary // when we use it $message = "This is a multi-part message in MIME format.\n\n" . "--{$mime_boundary}\n" . "Content-Type: text/plain; charset=\"iso-8859-1\"\n" . "Content-Transfer-Encoding: 7bit\n\n" . $message . "\n\n"; // now we'll process our uploaded files foreach($_Files as $userfile){ // store the file information to variables for easier access $tmp_name = $userfile; $type = filetype($userfile); $name = $userfile; // $size = $userfile['size']; // open the file for a binary read $file = fopen($userfile,'rb'); // read the file content into a variable $data = fread($file,filesize($userfile)); // close the file fclose($file); // now encode it and split it into acceptable length lines $data = chunk_split(base64_encode($data)); // now insert a boundary to indicate we're starting the attachment // we have to specify the content type, file name, and disposition as // an attachment, then add the file content. // NOTE: we don't set another boundary to indicate that the end of the // file has been reached here. we only want one boundary between each file // we'll add the final one after the loop finishes. $message .= "--{$mime_boundary}\n" . "Content-Type: {$type};\n" . " name=\"{$name}\"\n" . "Content-Disposition: attachment;\n" . " filename=\"{$userfile}\"\n" . "Content-Transfer-Encoding: base64\n\n" . $data . "\n\n"; } // closing mime boundary that indicates the last of the message $message.="--{$mime_boundary}--\n"; // now send the message // $sentMail = mail($to, $subject, $body, $headers); // sleep(2); if (@mail($to, $subject, $message, $headers)) { //output success or failure messages echo "
"; echo "Message sent - you may now close this window or tab."; $lsuccess = unlink($csvFile); $lsuccess = unlink($pdfFile); // reset athlete email if changed $_POST['A1_eMail'] = ""; exit(' Thank you for submitting your information'); } else { // die('Could not send mail! Please check your PHP mail configuration.'); } } // */ ?>

CLEVELAND STATE UNIVERSITY
Sports Medicine

General Athlete Information (2020-21):

First Name: " type="text" pattern="[A-Za-z' -.]+" title="Field cannot be blank and may contain letters, dashes, apostrophes only - no numbers, punctuation, or special characters" required onkeydown="EnterTab(this, event)"> Last Name: " type="text" pattern="[A-Za-z' -.]+" title="Field cannot be blank and may contain letters, dashes, apostrophes only - no numbers, punctuation, or special characters" required onkeydown="EnterTab(this, event)"> Sport: Select... >Cheerleading >Dance >Lacrosse >Men's Basketball >Men's Fencing >Men's Golf >Men's Soccer >Men's Swimming and Diving >Men's Tennis >Softball >Women's Basketball >Women's Cross Country >Women's Fencing >Women's Golf >Women's Soccer >Women's Swimming and Diving >Women's Tennis >Women's Track and Field >Women's Volleyball >Wrestling >Administration >Athletic Trainer >Coach >Manager >Staff
Social Security Number: Relationship to Athlete: " onkeydown="EnterTab(this, event)"> $insuredrelationErr"; ?> Insured's Employer: " onkeydown="EnterTab(this, event)">
$insuredemployErr"; ?> Employers Address: " onkeydown="EnterTab(this, event)"> $insuredemployaddressErr"; ?>

Insurance Company: " onkeydown="EnterTab(this, event)"> $insurcoErr"; ?> Insurance Telephone#: " onkeydown="EnterTab(this, event)">
$insurphoneErr"; ?> Insurance Company Address: " onkeydown="EnterTab(this, event)">
$insuraddressErr"; ?> Insurance Website: " onkeydown="EnterTab(this, event)">
$URLErr"; ?> Group#: " onkeydown="EnterTab(this, event)"> $groupErr"; ?> Policy#: " onkeydown="EnterTab(this, event)"> $policyErr"; ?> Plan#: " onkeydown="EnterTab(this, event)"> $planErr"; ?> Member/ID#: " onkeydown="EnterTab(this, event)">
$idErr"; ?>
Type of Insurance:HMO value="HMO" title="Click or use spacebar to select/deselect."> PPO value="PPO" title="Click or use spacebar to select/deselect."> POS value="POS" title="Click or use spacebar to select/deselect."> Medicaid value="Medicaid" title="Click or use spacebar to select/deselect."> Other: " onkeydown="EnterTab(this, event)">
$insurotherErr"; ?>
Does the insurance plan include prescription medication coverage? YES: title="Click, use spacebar or arrow keys to select."> NO: title="Click, use spacebar or arrow keys to select.">

** A COPY OF THE INSURANCE CARD (FRONT AND BACK) MUST BE INCLUDED WITH THIS FORM AND
BE ON FILE IN THE CLEVELAND STATE UNIVERSITY ATHLETIC TRAINING ROOM **

Comments: <?php echo (!empty($_POST))?$_POST["Notes"]:""; ?>
$commentErr"; ?>

[browse] [edit] [decorator] [stylesheet] [stylesheet] [stylesheet] [add] [upgrade]