science-ation/register_participants.php

<?
/* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca

   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
   Copyright (C) 2005 James Grant <james@lightbox.org>

   This program is free software; you can redistribute it and/or
   modify it under the terms of the GNU General Public
   License as published by the Free Software Foundation, version 2.

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    General Public License for more details.

   You should have received a copy of the GNU General Public License
   along with this program; see the file COPYING.  If not, write to
   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
   Boston, MA 02111-1307, USA.
*/
?>
<?
 require("common.inc.php");

 if($_POST['action']=="new")
 {
 	$q=mysql_query("SELECT email,num,id FROM registrations WHERE email='".$_SESSION['email']."' AND num='".$_POST['regnum']."' AND year=".$config['FAIRYEAR']);
	if(mysql_num_rows($q))
	{
		$r=mysql_fetch_object($q);
		$_SESSION['registration_number']=$r->num;
		$_SESSION['registration_id']=$r->id;
		mysql_query("INSERT INTO students (registrations_id,email,year) VALUES ('$r->id','".mysql_escape_string($_SESSION['email'])."','".$config['FAIRYEAR']."')");
		mysql_query("UPDATE registrations SET status='open' WHERE id='$r->id'");

		header("Location: register_participants_main.php");
		exit;

	}
	else
	{
 		send_header("Participant Registration");
		echo error(i18n("Invalid registration number (%1) for email address %2",array($_POST['regnum'],$_SESSION['email'])));
		$_POST['action']="login";
	}

 }
 else if($_POST['action']=="continue")
 {

	 $q=mysql_query("SELECT registrations.id AS regid, registrations.num AS regnum, students.id AS studentid, students.firstname FROM registrations,students ".
 	"WHERE students.email='".$_SESSION['email']."' ".
	"AND registrations.num='".$_POST['regnum']."' ". 
	"AND students.registrations_id=registrations.id ".
	"AND registrations.year=".$config['FAIRYEAR']." ".
	"AND students.year=".$config['FAIRYEAR']);

	if(mysql_num_rows($q))
	{
		$r=mysql_fetch_object($q);
		$_SESSION['registration_number']=$r->regnum;
		$_SESSION['registration_id']=$r->regid;
		header("Location: register_participants_main.php");
		exit;
	}
	else
	{
 		send_header("Participant Registration");
		echo error(i18n("Invalid registration number (%1) for email address %2",array($_POST['regnum'],$_SESSION['email'])));
		$_POST['action']="login";
	}

 }
 else if($_GET['action']=="resend" && $_SESSION['email'])
 {
 	$q=mysql_query("SELECT registrations.num FROM registrations, students WHERE students.email='".$_SESSION['email']."' AND students.registrations_id=registrations.id");
	$r=mysql_fetch_object($q);

		$mailbody=	"We have received a request for the retrieval\n".
				"if your registration number from this email\n".
				"address.  Please find your existing registration\n".
				"number below:\n\n".
				"\n".
				"Registration Number: $r->num\n".
				"\n";
	mail($_SESSION['email'],i18n("Registration for %1",array(i18n($config['fairname']))),$mailbody);

	send_header("Participant Registration");
	echo notice(i18n("Your registration number has been resent to your email addess <b>%1</b>",array($_SESSION['email'])));
 }
 else if($_GET['action']=="logout")
 {
 	unset($_SESSION['email']);
	unset($_SESSION['registration_number']);
	unset($_SESSION['registration_id']);
	send_header("Participant Registration");
	echo notice(i18n("You have been successfully logged out"));
 }

 
 //if they've alreayd logged in, and somehow wound back up here, take them back to where they should be
 if($_SESSION['registration_number'] && $_SESSION['registration_id'] && $_SESSION['email'])
 {
	header("Location: register_participants_main.php");

 }

 send_header("Participant Registration");
 
 if($_POST['action']=="login" && ( $_POST['email'] || $_SESSION['email']) )
 {
 	if($_POST['email'])
	 	$_SESSION['email']=$_POST['email'];

 	echo "<form method=\"post\" action=\"register_participants.php\">";

 	$allownew=true;
 	//first, check if they have any registrations waiting to be opened
	$q=mysql_query("SELECT * FROM registrations WHERE email='".$_SESSION['email']."' AND status='new' AND year=".$config['FAIRYEAR']);
	if(mysql_num_rows($q)>0)
	{
		echo i18n("Please enter your <b>registration number</b> that you received in your email, in order to begin your new registration");
		echo "<input type=\"hidden\" name=\"action\" value=\"new\">";
		$allownew=false;
	}
	else
	{
		$q=mysql_query("SELECT students.email,
					registrations.status
				FROM students,
					registrations
				WHERE 
					students.email='".$_SESSION['email']."' 
					AND students.year=".$config['FAIRYEAR']."
					AND registrations.year=".$config['FAIRYEAR']."
					AND registrations.status='open'");
		if(mysql_num_rows($q)>0)
		{
			echo i18n("Please enter your <b>registration number</b> in order to continue your registration");
			echo "<input type=\"hidden\" name=\"action\" value=\"continue\">";
			$allownew=false;
			echo "<br />";
		}
	}

	if($allownew)
	{
		$regnum=0;
		//now create the new registration record, and assign a random/unique registration number to then.
		do
		{
			//random number between
			//100000 and 999999  (six digit integer)
			$regnum=rand(100000,999999);
			$q=mysql_query("SELECT * FROM registrations WHERE num='$regnum' AND year=".$config['FAIRYEAR']);
		}while(mysql_num_rows($q)>0);

		//actually insert it
		mysql_query("INSERT INTO registrations (num,email,start,status,year) VALUES (".
				"'$regnum',".
				"'".$_SESSION['email']."',".
				"NOW(),".
				"'new',".
				$config['FAIRYEAR'].
				")");


		$mailbody=	"A new registration account has been created for you.\n".
			  	"To access your registration account, please enter\n".
			  	"enter the following registration number into the\n".
				"registration website:\n".
				"\n".
				"Registration Number: $regnum\n".
				"\n";
		mail($_SESSION['email'],i18n("Registration for %1",array(i18n($config['fairname']))),$mailbody);

		echo i18n("You have been identified as a new registrant.  An email has been sent to <b>%1</b> which contains your new <b>registration number</b>.  Please check your email to obtain your <b>registration number</b> and then enter it below:",array($_SESSION['email'])); 
		echo "<input type=\"hidden\" name=\"action\" value=\"new\">";

	}
	echo "<br />";
	echo i18n("Registration Number:");
	echo "<input type=\"text\" size=\"10\" name=\"regnum\">";
	echo "<input type=\"submit\" value=\"Submit\">";
	echo "</form>";
	echo "<br />";
	echo i18n("If you have lost or forgotten your <b>registration number</b>, pleaes <a href=\"register_participants.php?action=resend\">click here to resend</a> it to your email address");
 }
 else
 {

	 echo i18n("Please enter your email address to :");
	 echo "<ul>";
	 echo "<li>".i18n("Begin a new registration")."</li>";
	 echo "<li>".i18n("Continue a previously started registration")."</li>";
	 echo "<li>".i18n("Modify an existing registration")."</li>";
	 echo "</ul>";
	 echo i18n("Please enter a valid email address.  We will be emailing you information which you will need to complete the registration process!");
	 echo "<br />";
	 echo "<br />";

	?>
	 <form method="post" action="register_participants.php">
	 <input type="hidden" name="action" value="login" />
	 <?=i18n("Email")?>: <input type="text" name="email" size="30" />
	 <input type="submit" value="Begin" />
	 </form>
	<?
 }
 send_footer();
?>
Add GPL headers to ALL PHP files 2005-01-24 18:00:03 +00:00			`<?`
			`/*`
			`This file is part of the 'Science Fair In A Box' project`
			`SFIAB Website: http://www.sfiab.ca`

			`Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>`
			`Copyright (C) 2005 James Grant <james@lightbox.org>`

			`This program is free software; you can redistribute it and/or`
			`modify it under the terms of the GNU General Public`
			`License as published by the Free Software Foundation, version 2.`

			`This program is distributed in the hope that it will be useful,`
			`but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU`
			`General Public License for more details.`

			`You should have received a copy of the GNU General Public License`
			`along with this program; see the file COPYING. If not, write to`
			`the Free Software Foundation, Inc., 59 Temple Place - Suite 330,`
			`Boston, MA 02111-1307, USA.`
			`*/`
			`?>`
add registration pages 2004-11-30 18:55:39 +00:00			`<?`
			`require("common.inc.php");`
participant registration authentication 2004-11-30 22:59:27 +00:00
			`if($_POST['action']=="new")`
			`{`
			`$q=mysql_query("SELECT email,num,id FROM registrations WHERE email='".$_SESSION['email']."' AND num='".$_POST['regnum']."' AND year=".$config['FAIRYEAR']);`
			`if(mysql_num_rows($q))`
			`{`
			`$r=mysql_fetch_object($q);`
			`$_SESSION['registration_number']=$r->num;`
			`$_SESSION['registration_id']=$r->id;`
finish authenteication for registrations in 'open' state autoredirect back to main page if they end up back at the beginning but are already logged in 2004-11-30 23:38:13 +00:00			`mysql_query("INSERT INTO students (registrations_id,email,year) VALUES ('$r->id','".mysql_escape_string($_SESSION['email'])."','".$config['FAIRYEAR']."')");`
			`mysql_query("UPDATE registrations SET status='open' WHERE id='$r->id'");`

participant registration authentication 2004-11-30 22:59:27 +00:00			`header("Location: register_participants_main.php");`
			`exit;`

			`}`
			`else`
			`{`
			`send_header("Participant Registration");`
			`echo error(i18n("Invalid registration number (%1) for email address %2",array($_POST['regnum'],$_SESSION['email'])));`
			`$_POST['action']="login";`
			`}`

			`}`
			`else if($_POST['action']=="continue")`
			`{`

Add emit month/day/year functions to common Make students page show the number of forms for the number of students 2004-12-03 04:28:18 +00:00			`$q=mysql_query("SELECT registrations.id AS regid, registrations.num AS regnum, students.id AS studentid, students.firstname FROM registrations,students ".`
finish authenteication for registrations in 'open' state autoredirect back to main page if they end up back at the beginning but are already logged in 2004-11-30 23:38:13 +00:00			`"WHERE students.email='".$_SESSION['email']."' ".`
			`"AND registrations.num='".$_POST['regnum']."' ".`
			`"AND students.registrations_id=registrations.id ".`
			`"AND registrations.year=".$config['FAIRYEAR']." ".`
			`"AND students.year=".$config['FAIRYEAR']);`

			`if(mysql_num_rows($q))`
			`{`
			`$r=mysql_fetch_object($q);`
			`$_SESSION['registration_number']=$r->regnum;`
			`$_SESSION['registration_id']=$r->regid;`
			`header("Location: register_participants_main.php");`
			`exit;`
			`}`
Add counter Fix CSS fix XHTML start of code for student info 2004-12-02 23:15:42 +00:00			`else`
			`{`
			`send_header("Participant Registration");`
			`echo error(i18n("Invalid registration number (%1) for email address %2",array($_POST['regnum'],$_SESSION['email'])));`
			`$_POST['action']="login";`
			`}`
finish authenteication for registrations in 'open' state autoredirect back to main page if they end up back at the beginning but are already logged in 2004-11-30 23:38:13 +00:00
			`}`
retreival of lost/forgotten registration number 2004-12-02 17:53:31 +00:00			`else if($_GET['action']=="resend" && $_SESSION['email'])`
			`{`
Allow non-primary user to request registration number be emailed to them 2004-12-06 18:30:11 +00:00			`$q=mysql_query("SELECT registrations.num FROM registrations, students WHERE students.email='".$_SESSION['email']."' AND students.registrations_id=registrations.id");`
retreival of lost/forgotten registration number 2004-12-02 17:53:31 +00:00			`$r=mysql_fetch_object($q);`

			`$mailbody= "We have received a request for the retrieval\n".`
			`"if your registration number from this email\n".`
			`"address. Please find your existing registration\n".`
			`"number below:\n\n".`
			`"\n".`
			`"Registration Number: $r->num\n".`
			`"\n";`
			`mail($_SESSION['email'],i18n("Registration for %1",array(i18n($config['fairname']))),$mailbody);`

			`send_header("Participant Registration");`
			`echo notice(i18n("Your registration number has been resent to your email addess <b>%1</b>",array($_SESSION['email'])));`
Add counter Fix CSS fix XHTML start of code for student info 2004-12-02 23:15:42 +00:00			`}`
			`else if($_GET['action']=="logout")`
			`{`
			`unset($_SESSION['email']);`
			`unset($_SESSION['registration_number']);`
			`unset($_SESSION['registration_id']);`
			`send_header("Participant Registration");`
			`echo notice(i18n("You have been successfully logged out"));`
retreival of lost/forgotten registration number 2004-12-02 17:53:31 +00:00			`}`
finish authenteication for registrations in 'open' state autoredirect back to main page if they end up back at the beginning but are already logged in 2004-11-30 23:38:13 +00:00

			`//if they've alreayd logged in, and somehow wound back up here, take them back to where they should be`
			`if($_SESSION['registration_number'] && $_SESSION['registration_id'] && $_SESSION['email'])`
			`{`
			`header("Location: register_participants_main.php");`

participant registration authentication 2004-11-30 22:59:27 +00:00			`}`

add registration pages 2004-11-30 18:55:39 +00:00			`send_header("Participant Registration");`
participant registration authentication 2004-11-30 22:59:27 +00:00
			`if($_POST['action']=="login" && ( $_POST['email'] \|\| $_SESSION['email']) )`
			`{`
			`if($_POST['email'])`
			`$_SESSION['email']=$_POST['email'];`

			`echo "<form method=\"post\" action=\"register_participants.php\">";`

			`$allownew=true;`
			`//first, check if they have any registrations waiting to be opened`
			`$q=mysql_query("SELECT * FROM registrations WHERE email='".$_SESSION['email']."' AND status='new' AND year=".$config['FAIRYEAR']);`
			`if(mysql_num_rows($q)>0)`
			`{`
retreival of lost/forgotten registration number 2004-12-02 17:53:31 +00:00			`echo i18n("Please enter your <b>registration number</b> that you received in your email, in order to begin your new registration");`
participant registration authentication 2004-11-30 22:59:27 +00:00			`echo "<input type=\"hidden\" name=\"action\" value=\"new\">";`
			`$allownew=false;`
			`}`
			`else`
			`{`
			`$q=mysql_query("SELECT students.email,`
			`registrations.status`
			`FROM students,`
			`registrations`
			`WHERE`
			`students.email='".$_SESSION['email']."'`
			`AND students.year=".$config['FAIRYEAR']."`
			`AND registrations.year=".$config['FAIRYEAR']."`
			`AND registrations.status='open'");`
			`if(mysql_num_rows($q)>0)`
			`{`
retreival of lost/forgotten registration number 2004-12-02 17:53:31 +00:00			`echo i18n("Please enter your <b>registration number</b> in order to continue your registration");`
participant registration authentication 2004-11-30 22:59:27 +00:00			`echo "<input type=\"hidden\" name=\"action\" value=\"continue\">";`
			`$allownew=false;`
retreival of lost/forgotten registration number 2004-12-02 17:53:31 +00:00			`echo "<br />";`
participant registration authentication 2004-11-30 22:59:27 +00:00			`}`
			`}`

			`if($allownew)`
			`{`
			`$regnum=0;`
			`//now create the new registration record, and assign a random/unique registration number to then.`
			`do`
			`{`
			`//random number between`
			`//100000 and 999999 (six digit integer)`
			`$regnum=rand(100000,999999);`
			`$q=mysql_query("SELECT * FROM registrations WHERE num='$regnum' AND year=".$config['FAIRYEAR']);`
			`}while(mysql_num_rows($q)>0);`

			`//actually insert it`
			`mysql_query("INSERT INTO registrations (num,email,start,status,year) VALUES (".`
			`"'$regnum',".`
			`"'".$_SESSION['email']."',".`
			`"NOW(),".`
			`"'new',".`
			`$config['FAIRYEAR'].`
			`")");`


			`$mailbody= "A new registration account has been created for you.\n".`
			`"To access your registration account, please enter\n".`
			`"enter the following registration number into the\n".`
			`"registration website:\n".`
			`"\n".`
			`"Registration Number: $regnum\n".`
			`"\n";`
			`mail($_SESSION['email'],i18n("Registration for %1",array(i18n($config['fairname']))),$mailbody);`

			`echo i18n("You have been identified as a new registrant. An email has been sent to <b>%1</b> which contains your new <b>registration number</b>. Please check your email to obtain your <b>registration number</b> and then enter it below:",array($_SESSION['email']));`
			`echo "<input type=\"hidden\" name=\"action\" value=\"new\">";`

			`}`
			`echo "<br />";`
			`echo i18n("Registration Number:");`
			`echo "<input type=\"text\" size=\"10\" name=\"regnum\">";`
			`echo "<input type=\"submit\" value=\"Submit\">";`
			`echo "</form>";`
retreival of lost/forgotten registration number 2004-12-02 17:53:31 +00:00			`echo "<br />";`
			`echo i18n("If you have lost or forgotten your <b>registration number</b>, pleaes <a href=\"register_participants.php?action=resend\">click here to resend</a> it to your email address");`
participant registration authentication 2004-11-30 22:59:27 +00:00			`}`
			`else`
			`{`

			`echo i18n("Please enter your email address to :");`
			`echo "<ul>";`
			`echo "<li>".i18n("Begin a new registration")."</li>";`
			`echo "<li>".i18n("Continue a previously started registration")."</li>";`
			`echo "<li>".i18n("Modify an existing registration")."</li>";`
			`echo "</ul>";`
tell them to use a valid email address 2005-01-21 18:42:31 +00:00			`echo i18n("Please enter a valid email address. We will be emailing you information which you will need to complete the registration process!");`
			`echo "<br />";`
			`echo "<br />";`
add registration pages 2004-11-30 18:55:39 +00:00
participant registration authentication 2004-11-30 22:59:27 +00:00			`?>`
			`<form method="post" action="register_participants.php">`
			`<input type="hidden" name="action" value="login" />`
			`<?=i18n("Email")?>: <input type="text" name="email" size="30" />`
			`<input type="submit" value="Begin" />`
			`</form>`
			`<?`
			`}`
add registration pages 2004-11-30 18:55:39 +00:00			`send_footer();`
			`?>`