<?php
include('../includes/header.php');
// code
error_reporting(E_ALL); // set error reporting to all
echo('<h1>Gabriel\'s Interest Rate Calculator</h1>');
// Note the variables being passed via the POST ternary operators.
$step = isset($_POST['step']) ? $_POST['step'] : 0;
$principal = isset($_POST['principal']) ? $_POST['principal'] : '';
$interest = isset($_POST['interest']) ? $_POST['interest'] : '';
$term = isset($_POST['term']) ? $_POST['term'] : '';
// filter all input taken from the Browser
$step = htmlentities($step);
$principal = htmlentities($principal);
$interest = htmlentities($interest);
$term = htmlentities($term);
if ($step == 0) // first time into this form
{
?>
<form action="interestrate.php" method="POST">
<label for="name">Principal</label>
<input type="text" size="36" id="name" name="principal" value="">
<br><br>
<label for="name">Interest Rate as Decimal Number</label>
<input type="text" size="36" id="name" name="interest" value="">
<br><br>
<label for="name">Loan Term in Years</label>
<input type="text" size="36" id="name" name="term" value="">
<br><br>
<input type="hidden" name="step" value="1">
<input type="submit" name="submit" value="Submit">
</form>
<?php
} else // else show what the form gathered
{
echo('<p>The following is what the form gathered</p>');
echo('<p>Please note: The POST array has not been scrubbed</p>');
echo('<p>Thus, it is open to javascript insertion.</p>');
echo('<pre>');
print_r($_POST); // note this dumps the entire contents of the $_POST array
echo('</pre>');
$total = $interest * $principal * $term + $principal;
$interesttotal = $total - $principal;
$payment = round(($total / ($term * 12)),2);
echo("<h3>Total Repayment = $total</h3>");
echo("<h3>Total Interest Paid = $interesttotal</h3>");
echo("<h3>Monthly Payment = $payment</h3>");
// provide a form to try again
?>
<form action="interestrate.php" method="POST">
<input type="hidden" name="step" value="0">
<input type="submit" name="submit" value="Try Again">
</form>
<?php
}
include('../includes/footer.php');
?>