';
}
}
// Generate Member ID
function generateMemberID($membership_type) {
$prefix = '';
switch($membership_type) {
case 'full_member': $prefix = 'FM'; break;
case 'associate_one': $prefix = 'AM1'; break;
case 'associate_two': $prefix = 'AM2'; break;
case 'student': $prefix = 'SM'; break;
case 'local_affiliate': $prefix = 'LA'; break;
case 'foreign_affiliate': $prefix = 'FA'; break;
default: $prefix = 'MB'; break;
}
$year = date('Y');
$random = strtoupper(substr(md5(uniqid()), 0, 6));
return $prefix . $year . $random;
}
// Generate OTP
function generateOTP() {
return str_pad(rand(0, 999999), 6, '0', STR_PAD_LEFT);
}
// Handle form submissions
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$action = $_POST['action'] ?? '';
switch ($action) {
case 'register':
if (!CSRFProtection::validateToken($_POST['csrf_token'] ?? '')) {
$_SESSION['error'] = 'Invalid CSRF token';
header("Location: registration.php");
exit();
}
// Validate and sanitize input
$fullname = trim(htmlspecialchars($_POST['fullname'] ?? '', ENT_QUOTES, 'UTF-8'));
$email = filter_var($_POST['email'] ?? '', FILTER_SANITIZE_EMAIL);
$phone = trim(htmlspecialchars($_POST['phone'] ?? '', ENT_QUOTES, 'UTF-8'));
$membership_type = trim(htmlspecialchars($_POST['membership_type'] ?? '', ENT_QUOTES, 'UTF-8'));
// Validation
$errors = [];
if (empty($fullname)) $errors[] = "Full name is required";
if (empty($email) || !filter_var($email, FILTER_VALIDATE_EMAIL)) $errors[] = "Valid email is required";
if (empty($phone)) $errors[] = "Phone number is required";
if (empty($membership_type)) $errors[] = "Membership type is required";
// Check if email exists
if ($conn) {
$stmt = $conn->prepare("SELECT id FROM users WHERE email = ?");
$stmt->execute([$email]);
if ($stmt->rowCount() > 0) {
$errors[] = "Email already registered";
}
// Check if phone exists
$stmt = $conn->prepare("SELECT id FROM users WHERE phone = ?");
$stmt->execute([$phone]);
if ($stmt->rowCount() > 0) {
$errors[] = "Phone number already registered";
}
} else {
$errors[] = "Database connection failed";
}
if (empty($errors)) {
// Generate OTP using SMS helper
$otp = generateOTP();
$member_id = generateMemberID($membership_type);
$password = strtolower($member_id); // Password same as member ID
// Store registration data in session for OTP verification
$_SESSION['registration_data'] = [
'fullname' => $fullname,
'email' => $email,
'phone' => $phone,
'membership_type' => $membership_type,
'member_id' => $member_id,
'password' => $password,
'otp' => $otp,
'otp_expires' => time() + 300 // 5 minutes expiry
];
// Send OTP via SMS using NEXTSMS
$otpMessage = "Your TAPA registration OTP is: $otp. Valid for 5 minutes.";
if (function_exists('sendSMS') && sendSMS($phone, $otpMessage)) {
$_SESSION['success'] = "OTP sent to your phone number. Please verify to complete registration.";
header("Location: verify_otp.php");
exit();
} else {
$_SESSION['error'] = "Failed to send OTP. Please check your phone number and try again.";
}
} else {
$_SESSION['error'] = implode("
", $errors);
}
break;
}
}
?>
Join the Tanzanian Psychological Association
Already have an account? Sign in here