2005-05-13 18:23:31 +00:00
< ?
include " common.inc.php " ;
if ( $_POST [ 'schoolid' ] && $_POST [ 'accesscode' ])
{
$q = mysql_query ( " SELECT * FROM schools WHERE id=' " . $_POST [ 'schoolid' ] . " ' AND accesscode=' " . $_POST [ 'accesscode' ] . " ' AND year=' " . $config [ 'FAIRYEAR' ] . " ' " );
if ( mysql_num_rows ( $q ) == 1 )
{
$_SESSION [ 'schoolid' ] = $_POST [ 'schoolid' ];
$_SESSION [ 'schoolaccesscode' ] = $_POST [ 'accesscode' ];
mysql_query ( " UPDATE schools SET lastlogin=NOW() WHERE id=' " . $_POST [ 'schoolid' ] . " ' " );
}
else
$errormsg = " Invalid School ID or Access Code " ;
}
send_header ( i18n ( " School Access " ));
if ( $_GET [ 'action' ] == " logout " )
{
unset ( $_SESSION [ 'schoolid' ]);
unset ( $_SESSION [ 'schoolaccesscode' ]);
echo happy ( i18n ( " You have been logged out from the school access page " ));
}
if ( $_SESSION [ 'schoolid' ] && $_SESSION [ 'schoolaccesscode' ])
{
$q = mysql_query ( " SELECT * FROM schools WHERE id=' " . $_SESSION [ 'schoolid' ] . " ' AND accesscode=' " . $_SESSION [ 'schoolaccesscode' ] . " ' AND year=' " . $config [ 'FAIRYEAR' ] . " ' " );
echo mysql_error ();
$school = mysql_fetch_object ( $q );
if ( $school )
{
if ( $_POST [ 'action' ] == " save " )
{
mysql_query ( " UPDATE schools SET
school = '".mysql_escape_string(stripslashes($_POST[' school ']))."' ,
address = '".mysql_escape_string(stripslashes($_POST[' address ']))."' ,
city = '".mysql_escape_string(stripslashes($_POST[' city ']))."' ,
province_code = '".mysql_escape_string(stripslashes($_POST[' province_code ']))."' ,
postalcode = '".mysql_escape_string(stripslashes($_POST[' postalcode ']))."' ,
phone = '".mysql_escape_string(stripslashes($_POST[' phone ']))."' ,
fax = '".mysql_escape_string(stripslashes($_POST[' fax ']))."' ,
sciencehead = '".mysql_escape_string(stripslashes($_POST[' sciencehead ']))."' ,
scienceheademail = '".mysql_escape_string(stripslashes($_POST[' scienceheademail ']))."' ,
scienceheadphone = '".mysql_escape_string(stripslashes($_POST[' scienceheadphone ']))."'
WHERE id = '$school->id' " );
if ( mysql_error ())
echo error ( i18n ( " An Error occured trying to save the school information " ));
else
echo happy ( i18n ( " School information successfully updated " ));
//and reselect it
$q = mysql_query ( " SELECT * FROM schools WHERE id=' " . $_SESSION [ 'schoolid' ] . " ' AND accesscode=' " . $_SESSION [ 'schoolaccesscode' ] . " ' AND year=' " . $config [ 'FAIRYEAR' ] . " ' " );
echo mysql_error ();
$school = mysql_fetch_object ( $q );
}
/*
if ( $_POST [ 'action' ] == " numbers " )
{
mysql_query ( " UPDATE schools SET
junior = '".$_POST[' junior ']."' ,
intermediate = '".$_POST[' intermediate ']."' ,
senior = '".$_POST[' senior ']."'
WHERE id = '$school->id' " );
echo mysql_error ();
$q = mysql_query ( " SELECT * FROM schools WHERE id=' " . $_SESSION [ 'schoolid' ] . " ' AND accesscode=' " . $_SESSION [ 'schoolaccesscode' ] . " ' " );
echo " <font color=blue><b>Participation Information Successfully Updated</b></font><br> \n " ;
$school = mysql_fetch_object ( $q );
}
*/
if ( $_POST [ 'action' ] == " feedback " )
{
$body = " " ;
$body .= $_SERVER [ 'REMOTE_ADDR' ] . " ( " . $_SERVER [ 'REMOTE_HOST' ] . " ) \n " ;
$body .= date ( " r " ) . " \n " ;
$body .= " School ID: $school->id\n " ;
$body .= " School Name: $school->school\n " ;
$body .= " Feedback: \n " . $_POST [ 'feedbacktext' ] . " \n " ;
echo " mailing " . $config [ 'fairmanageremail' ];
mail ( $config [ 'fairmanageremail' ], " School Feedback " , $body , " From: webpage@ " . $_SERVER [ 'SERVER_NAME' ]);
echo happy ( i18n ( " Thanks for your feedback! " ));
}
2005-11-25 19:37:10 +00:00
if ( $_POST [ 'action' ] == " invite " )
{
if ( $_POST [ 'firstname' ] && $_POST [ 'lastname' ] && $_POST [ 'email' ])
{
$regnum = 0 ;
//now create the new registration record, and assign a random/unique registration number to then.
do
{
//random number between
//100000 and 999999 (six digit integer)
$regnum = rand ( 100000 , 999999 );
$q = mysql_query ( " SELECT * FROM registrations WHERE num=' $regnum ' AND year= " . $config [ 'FAIRYEAR' ]);
} while ( mysql_num_rows ( $q ) > 0 );
//actually insert it
mysql_query ( " INSERT INTO registrations (num,email,start,status,year) VALUES ( " .
" ' $regnum ', " .
" ' " . $_POST [ 'email' ] . " ', " .
" NOW(), " .
" 'open', " .
$config [ 'FAIRYEAR' ] .
" ) " );
$regid = mysql_insert_id ();
mysql_query ( " INSERT INTO students (registrations_id,email,firstname,lastname,schools_id,year) VALUES (
'$regid' ,
'".mysql_escape_string($_POST[' email '])."' ,
'".mysql_escape_string($_POST[' firstname '])."' ,
'".mysql_escape_string($_POST[' lastname '])."' ,
'".mysql_escape_string($_SESSION[' schoolid '])."' ,
'".$config[' FAIRYEAR ']."' ) " );
email_send ( " new_participant " , $_POST [ 'email' ], array ( " FAIRNAME " => i18n ( $config [ 'fairname' ])), array ( " REGNUM " => " $regnum " ));
echo happy ( i18n ( " The participant has been successfully invited " ));
}
}
2005-05-13 18:23:31 +00:00
echo " <h3> $school->school </h3> " ;
echo " <h4>School Information</h4> " ;
echo " Please make sure your school contact information is correct, make any necessary changes: " ;
echo " <form method=POST action= \" schoolaccess.php \" > " ;
echo " <input type=hidden name=action value= \" save \" > " ;
echo " <table border=0 cellspacing=0 cellpadding=3> " ;
echo " <tr><td>School Name</td><td><input value= \" $school->school\ " type = text name = school size = 40 ></ td ></ tr > " ;
2005-11-24 20:21:55 +00:00
// echo "<tr><td>Registration Password</td><td><input value=\"$school->registration_password\" type=text name=\"registration_password\" size=\"20\"></td></tr>";
2005-05-13 18:23:31 +00:00
echo " <tr><td>Address</td><td><input value= \" $school->address\ " type = text name = address size = 40 ></ td ></ tr > " ;
echo " <tr><td>City</td><td><input value= \" $school->city\ " type = text name = city size = 30 ></ td ></ tr > " ;
echo " <tr><td> " . i18n ( " Province " ) . " </td><td> " ;
emit_province_selector ( " province_code " , $school -> province_code );
echo " </td></tr> \n " ;
echo " <tr><td>Postalcode</td><td><input value= \" $school->postalcode\ " type = text name = postalcode size = 10 ></ td ></ tr > " ;
echo " <tr><td>Phone Number</td><td><input value= \" $school->phone\ " type = text name = phone size = 30 ></ td ></ tr > " ;
echo " <tr><td>Fax Number</td><td><input value= \" $school->fax\ " type = text name = fax size = 30 ></ td ></ tr > " ;
echo " <tr><td>Science Teacher</td><td><input value= \" $school->sciencehead\ " type = text name = sciencehead size = 40 ></ td ></ tr > " ;
echo " <tr><td>Science Teacher Email</td><td><input value= \" $school->scienceheademail\ " type = text name = scienceheademail size = 40 ></ td ></ tr > " ;
echo " <tr><td>Science Teacher Phone <br><font size=1>(If different than above)</font></td><td><input value= \" $school->scienceheadphone\ " type = text name = scienceheadphone size = 30 ></ td ></ tr > " ;
echo " </table> " ;
echo " <input type=submit value= \" Save Changes \" > " ;
echo " </form> " ;
echo " <br> " ;
2005-11-24 20:21:55 +00:00
if ( $config [ 'participant_registration_type' ] == " schoolpassword " )
{
echo " <h4> " . i18n ( " Participant Registration Password " ) . " </h4> " ;
echo i18n ( " In order for your school's students to register for the fair, they will need to know your specific school registration password " );
echo " <br /> " ;
echo " <br /> " ;
echo i18n ( " Registration Password: <b>%1</b> " , array ( $school -> registration_password ));
echo " <br /> " ;
echo " <br /> " ;
}
2005-11-25 19:37:10 +00:00
else if ( $config [ 'participant_registration_type' ] == " invite " )
{
$q = mysql_query ( " SELECT (NOW()>' " . $config [ 'dates' ][ 'regopen' ] . " ' AND NOW()<' " . $config [ 'dates' ][ 'regclose' ] . " ') AS datecheck " );
$datecheck = mysql_fetch_object ( $q );
if ( $datecheck != 0 )
{
echo " <h4> " . i18n ( " Participant Registration Invitations " ) . " </h4> " ;
echo i18n ( " In order for your school's students to register for the fair, you will need to invite them to register. Simply enter their email address below to invite them to register. <b>Important</b>: for group projects, only add one of the participants, that participant will then add the other group member(s) to the project " );
echo " <br /> " ;
echo " <br /> " ;
echo " <form method=POST action= \" schoolaccess.php \" > " ;
echo " <input type=hidden name=action value= \" invite \" > " ;
echo " <table> " ;
echo " <tr><td> " . i18n ( " Email Address " ) . " </td><td><input type= \" text \" name= \" email \" /></td></tr> " ;
echo " <tr><td> " . i18n ( " First Name " ) . " </td><td><input type= \" text \" name= \" firstname \" /></td></tr> " ;
echo " <tr><td> " . i18n ( " Last Name " ) . " </td><td><input type= \" text \" name= \" lastname \" /></td></tr> " ;
echo " </table> " ;
echo " <input type= \" submit \" value= \" Invite Participant \" > " ;
echo " </form> " ;
}
echo " <br /> " ;
echo " <h4> " . i18n ( " Invited participants from your school " ) . " </h4> " ;
2006-01-16 22:25:21 +00:00
$q = mysql_query ( " SELECT students.*,registrations.num FROM students,registrations WHERE schools_id=' " . $school -> id . " ' AND students.year=' " . $config [ 'FAIRYEAR' ] . " ' AND students.registrations_id=registrations.id ORDER BY lastname,firstname " );
2005-11-25 19:37:10 +00:00
echo " <table class= \" summarytable \" > " ;
2006-01-16 22:25:21 +00:00
echo " <tr><th> " . i18n ( " Last Name " ) . " </th><th> " . i18n ( " First Name " ) . " </th><th> " . i18n ( " Email Address " ) . " </th><th> " . i18n ( " Registration Number " ) . " </th></tr> " ;
2005-11-25 19:37:10 +00:00
while ( $r = mysql_fetch_object ( $q ))
{
2006-01-16 22:25:21 +00:00
echo " <tr><td> $r->lastname </td><td> $r->firstname </td><td> $r->email </td><td align= \" center \" > $r->num </td></tr> " ;
2005-11-25 19:37:10 +00:00
}
echo " </table> " ;
}
2005-11-24 20:21:55 +00:00
2005-05-13 18:23:31 +00:00
/*
//the participation section needs to be updated to handle the age categories as specified
//in the categories table and the numbers from configuration, for now, lets just not do it.
//this code is copied from the ORSF schoolaccess page, thats why its here, but just commented out.
echo " <h4>Participation Information</h4> " ;
echo " Please select the number of <b>projects</b> you anticipate on sending to the fair in each of the age categories " ;
echo " <form method=POST action= \" schoolaccess.php \" > " ;
echo " <input type=hidden name=action value= \" numbers \" > " ;
echo " <table border=0 cellspacing=0 cellpadding=3> " ;
echo " <tr><td>Junior (Grades 7-8)</td><td> " ;
echo " <select name=junior> " ;
for ( $x = 0 ; $x <= 12 ; $x ++ )
{
if ( $school -> junior == $x ) $sel = " selected " ; else $sel = " " ;
echo " <option $sel value= \" $x\ " > $x </ option > \n " ;
}
echo " </select> " ;
echo " </td></tr> " ;
echo " <tr><td>Intermediate (Grades 9-10)</td><td> " ;
echo " <select name=intermediate> " ;
for ( $x = 0 ; $x <= 12 ; $x ++ )
{
if ( $school -> intermediate == $x ) $sel = " selected " ; else $sel = " " ;
echo " <option $sel value= \" $x\ " > $x </ option > \n " ;
}
echo " </select> " ;
echo " </td></tr> " ;
echo " <tr><td>Senior (Grades 11-12)</td><td> " ;
echo " <select name=senior> " ;
for ( $x = 0 ; $x <= 12 ; $x ++ )
{
if ( $school -> senior == $x ) $sel = " selected " ; else $sel = " " ;
echo " <option $sel value= \" $x\ " > $x </ option > \n " ;
}
echo " </select> " ;
echo " </td></tr> " ;
echo " </table> " ;
echo " <input type=submit value= \" Save Participation Numbers \" > " ;
echo " <br>Please note, these numbers are only an <b>estimate</b> to help us plan the fair. Choosing small numbers here in <b>no way</b> limits your actual participation.<br> \n " ;
echo " </form> " ;
*/
echo " <br> " ;
echo " <h4>School Feedback / Questions</h4> " ;
echo " <form method=POST action= \" schoolaccess.php \" > " ;
echo " <input type=hidden name=action value= \" feedback \" > " ;
echo " We are always welcome to any feedback (both positive and constructive crisicism!), or any questions you may have. Please use the following box to communicate with us! " ;
echo " <br><textarea name=feedbacktext rows=8 cols=60></textarea><br> " ;
echo " <input type=submit value= \" Send Feedback \" > " ;
echo " </form> " ;
}
else
{
echo " Invalid School ID or Access Code (2) " ;
}
}
else
{
if ( $errormsg ) echo " <font color=red><b> $errormsg </b></font> " ;
2005-11-24 20:21:55 +00:00
echo " <form method=POST action= \" schoolaccess.php \" > \n " ;
echo i18n ( " Welcome to the School Access Page. This page allows your school to provide several key pieces of information for the fair, as well as feedback about the schools experience with/at the fair. " );
echo " <br><br> \n " ;
echo i18n ( " Please login below by selecting your school and entering your school <b>Access Code</b> that you received in your package " );
?>
2005-05-13 18:23:31 +00:00
< br >< br >
< table border = 0 cellspacing = 0 cellpadding = 5 >
2005-11-25 19:37:10 +00:00
< tr >< td >< ? = i18n ( " School " ) ?> :</td><td>
2005-11-24 20:21:55 +00:00
< select name = " schoolid " >
2005-11-25 19:37:10 +00:00
< option value = " " >< ? = i18n ( " Choose your school " ) ?> </option>
2005-11-24 20:21:55 +00:00
< ?
$q = mysql_query ( " SELECT id,school FROM schools WHERE year=' " . $config [ 'FAIRYEAR' ] . " ' " );
while ( $r = mysql_fetch_object ( $q ))
{
echo " <option value= \" $r->id\ " > $r -> school </ option > \n " ;
}
?>
</ select >
</ td ></ tr >
2005-11-25 19:37:10 +00:00
< tr >< td >< ? = i18n ( " Access Code " ) ?> :</td><td><input type=text name=accesscode></td></tr>
< tr >< td align = center >< input type = submit value = " <?=i18n( " Login " )?> " ></ td ></ tr >
2005-05-13 18:23:31 +00:00
</ table >
</ form >
< br >< br >
< ?
}
send_footer ();
?>