34414-vm/submit.php

<?php
require_once __DIR__ . '/db/config.php';

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    try {
        run_migrations();
        $pdo = db();

        // Handle file uploads
        $id_image_path = 'uploads/' . basename($_FILES['id_image']['name']);
        move_uploaded_file($_FILES['id_image']['tmp_name'], $id_image_path);

        $official_letter_path = null;
        if (isset($_FILES['official_letter']) && $_FILES['official_letter']['error'] === UPLOAD_ERR_OK) {
            $official_letter_path = 'uploads/' . basename($_FILES['official_letter']['name']);
            move_uploaded_file($_FILES['official_letter']['tmp_name'], $official_letter_path);
        }

        // Insert into submissions table
        $stmt = $pdo->prepare("
            INSERT INTO submissions (full_name, id_or_passport, id_image_path, gender, birth_date, mobile_phone, mailing_address, start_visit_date, end_visit_date, purpose_of_visit, visit_category, visit_location_lat, visit_location_lon, official_letter_path)
            VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
        ");
        $stmt->execute([
            $_POST['full_name'],
            $_POST['id_or_passport'],
            $id_image_path,
            $_POST['gender'],
            $_POST['birth_date'],
            $_POST['mobile_phone'],
            $_POST['mailing_address'],
            $_POST['start_visit_date'],
            $_POST['end_visit_date'],
            $_POST['purpose_of_visit'],
            $_POST['visit_category'],
            $_POST['visit_location_lat'],
            $_POST['visit_location_lon'],
            $official_letter_path
        ]);

        $submission_id = $pdo->lastInsertId();

        // Insert into visitors table
        if (isset($_POST['visitors'])) {
            foreach ($_POST['visitors'] as $visitor) {
                $visitor_id_image_path = 'uploads/' . basename($visitor['id_image']['name']);
                move_uploaded_file($visitor['id_image']['tmp_name'], $visitor_id_image_path);

                $stmt = $pdo->prepare("
                    INSERT INTO visitors (submission_id, full_name, id_or_passport, id_image_path, mobile_phone, mailing_address)
                    VALUES (?, ?, ?, ?, ?, ?)
                ");
                $stmt->execute([
                    $submission_id,
                    $visitor['full_name'],
                    $visitor['id_or_passport'],
                    $visitor_id_image_path,
                    $visitor['mobile_phone'],
                    $visitor['mailing_address']
                ]);
            }
        }

        header('Location: /?success=true');
    } catch (Exception $e) {
        error_log($e->getMessage());
        header('Location: /?success=false');
    }
}