<?php
include('../includes/header.php');
// code
error_reporting(E_ALL); // set error reporting to all
echo('<h1>Tip Calculator</h1>');
// Note the variables being passed via the POST ternary operators.
$step = isset($_POST['step']) ? $_POST['step'] : 0;
$bill = isset($_POST['bill']) ? $_POST['bill'] : '';
$tip_percent = isset($_POST['tip_percent']) ? $_POST['tip_percent'] : '';
// filter all input taken from the Browser
$step = htmlentities($step);
$bill = htmlentities($bill);
$tip_percent = htmlentities($tip_percent);
if ($step == 0) // first time into this form
{
?>
<form action="tip_calculator.php" method="POST">
<label for="bill">Bill Total</label>
<input type="text" size="36" id="bill" name="bill" value="">
<br><br>
<label for="tip_percent">Tip Percentage</label>
<input type="text" size="36" id="tip_percent" name="tip_percent" value="">
<br><br>
<input type="hidden" name="step" value="1">
<input type="submit" name="submit" value="Submit">
</form>
<?php
} else // else show what the form gathered
{
echo('<p>The following is what the form gathered</p>');
echo('<p>Please note: The POST array has not been scrubbed</p>');
echo('<p>Thus, it is open to javascript insertion.</p>');
echo('<pre>');
print_r($_POST); // dump contents of the $_POST array
echo('</pre>');
// tip calculations
$tip_amount = $bill * ($tip_percent / 100);
$total = $bill + $tip_amount;
echo("<h3>Tip Amount = $" . number_format($tip_amount, 2) . "</h3>");
echo("<h3>Total Bill = $" . number_format($total, 2) . "</h3>");
// provide a form to try again
?>
<form action="tip_calculator.php" method="POST">
<input type="hidden" name="step" value="0">
<input type="submit" name="submit" value="Try Again">
</form>
<?php
}
include('../includes/footer.php');
?>