diff --git a/register_participants.php b/register_participants.php
index a402d0e5..323888db 100644
--- a/register_participants.php
+++ b/register_participants.php
@@ -29,11 +29,9 @@
NOW()>'".$config['dates']['regclose']."' AS datecheckafter");
$datecheck=mysql_fetch_object($q);
- if($_POST['action']=="new")
- {
+ if($_POST['action']=="new") {
$q=mysql_query("SELECT email,num,id,schools_id FROM registrations WHERE email='".$_SESSION['email']."' AND num='".$_POST['regnum']."' AND year=".$config['FAIRYEAR']);
- if(mysql_num_rows($q))
- {
+ if(mysql_num_rows($q)) {
$r=mysql_fetch_object($q);
$_SESSION['registration_number']=$r->num;
$_SESSION['registration_id']=$r->id;
@@ -44,28 +42,25 @@
exit;
}
- else
- {
+ else {
send_header("Participant Registration");
echo error(i18n("Invalid registration number (%1) for email address %2",array($_POST['regnum'],$_SESSION['email']),array("registration number","email address")));
$_POST['action']="login";
}
}
- else if($_POST['action']=="continue")
- {
+ else if($_POST['action']=="continue") {
if($_POST['email'])
$_SESSION['email']=stripslashes(mysql_escape_string($_POST['email']));
$q=mysql_query("SELECT registrations.id AS regid, registrations.num AS regnum, students.id AS studentid, students.firstname FROM registrations,students ".
- "WHERE students.email='".$_SESSION['email']."' ".
- "AND registrations.num='".$_POST['regnum']."' ".
+ "WHERE students.email='".$_SESSION['email']."'".
+ "AND registrations.num='".intval($_POST['regnum'])."' ".
"AND students.registrations_id=registrations.id ".
"AND registrations.year=".$config['FAIRYEAR']." ".
"AND students.year=".$config['FAIRYEAR']);
- if(mysql_num_rows($q))
- {
+ if(mysql_num_rows($q)) {
$r=mysql_fetch_object($q);
$_SESSION['registration_number']=$r->regnum;
$_SESSION['registration_id']=$r->regid;
@@ -73,16 +68,14 @@
header("Location: register_participants_main.php");
exit;
}
- else
- {
+ else {
send_header("Participant Registration");
echo error(i18n("Invalid registration number (%1) for email address %2",array($_POST['regnum'],$_SESSION['email']),array("registration number","email address")));
$_POST['action']="login";
}
}
- else if($_GET['action']=="resend" && $_SESSION['email'])
- {
+ else if($_GET['action']=="resend" && $_SESSION['email']) {
//first see if the email matches directly from the registrations table
$q=mysql_query("SELECT registrations.num FROM
registrations
@@ -91,8 +84,7 @@
AND registrations.year='".$config['FAIRYEAR']."'");
if(mysql_num_rows($q))
$r=mysql_fetch_object($q);
- else
- {
+ else {
//no match from registrations, so lets see if it matches from the students table
$q=mysql_query("SELECT registrations.num FROM
@@ -106,20 +98,17 @@
}
- if($r)
- {
+ if($r) {
email_send("register_participants_resend_regnum",$_SESSION['email'],array(),array("REGNUM"=>$r->num));
send_header("Participant Registration");
echo notice(i18n("Your registration number has been resent to your email address <b>%1</b>",array($_SESSION['email']),array("email address")));
}
- else
- {
+ else {
send_header("Participant Registration");
echo error(i18n("Could not find a registration for your email address"));
}
}
- else if($_GET['action']=="logout")
- {
+ else if($_GET['action']=="logout") {
unset($_SESSION['email']);
unset($_SESSION['registration_number']);
unset($_SESSION['registration_id']);
@@ -129,8 +118,7 @@
//if they've alreayd logged in, and somehow wound back up here, take them back to where they should be
- if($_SESSION['registration_number'] && $_SESSION['registration_id'] && $_SESSION['email'])
- {
+ if($_SESSION['registration_number'] && $_SESSION['registration_id'] && $_SESSION['email']) {
header("Location: register_participants_main.php");
exit;
@@ -138,8 +126,7 @@
send_header("Participant Registration");
- if($_POST['action']=="login" && ( $_POST['email'] || $_SESSION['email']) )
- {
+ if($_POST['action']=="login" && ( $_POST['email'] || $_SESSION['email']) ) {
if($_POST['email'])
$_SESSION['email']=stripslashes(mysql_escape_string($_POST['email']));
@@ -151,15 +138,12 @@
//first, check if they have any registrations waiting to be opened
$q=mysql_query("SELECT * FROM registrations WHERE email='".$_SESSION['email']."' AND status='new' AND year='".$config['FAIRYEAR']."'");
- if(mysql_num_rows($q)>0)
- {
+ if(mysql_num_rows($q)>0) {
echo i18n("Please enter your <b>registration number</b> that you received in your email, in order to begin your new registration");
echo "<input type=\"hidden\" name=\"action\" value=\"new\">";
$allownew=false;
}
- else
- {
-
+ else {
//check if they have an already open registration
$q=mysql_query("SELECT
students.email,
@@ -169,7 +153,7 @@
students,
registrations
WHERE
- students.email='".$_SESSION['email']."'
+ students.email='".$_SESSION['email']."'
AND students.year=".$config['FAIRYEAR']."
AND registrations.year=".$config['FAIRYEAR']."
AND
@@ -178,8 +162,7 @@
OR registrations.status='complete'
)
AND students.registrations_id=registrations.id");
- if(mysql_num_rows($q)>0)
- {
+ if(mysql_num_rows($q)>0) {
$r=mysql_fetch_object($q);
// print_r($r);
echo i18n("Please enter your <b>registration number</b> in order to login");
@@ -187,12 +170,9 @@
$allownew=false;
echo "<br />";
}
- else
- {
+ else {
//they dont have a 'new' and they dont have an 'open/paymentpending/complete' so that means that they want to create a new one... BUT...
-
- if($config['participant_registration_type']=="invite")
- {
+ if($config['participant_registration_type']=="invite") {
$allownew=false;
$showform=false;
@@ -202,27 +182,22 @@
echo "<a href=\"register_participants.php\">Back to Participant Registration</a>";
}
- else if($config['participant_registration_type']=="singlepassword")
- {
+ else if($config['participant_registration_type']=="singlepassword") {
$showsinglepasswordform=true;
- if($_POST['singlepassword'])
- {
- if($_POST['singlepassword']==$config['participant_registration_singlepassword'])
- {
+ if($_POST['singlepassword']) {
+ if($_POST['singlepassword']==$config['participant_registration_singlepassword']) {
$allownew=true;
$showform=true;
$showsinglepasswordform=false;
}
- else
- {
+ else {
echo error(i18n("Invalid registration password, please try again"));
$allownew=false;
$showform=false;
}
}
- if($showsinglepasswordform)
- {
+ if($showsinglepasswordform) {
echo i18n("Participant registration is protected by a password. You must know the <b>registration password</b> in order to create an account.");
echo "<br />";
echo "<br />";
@@ -238,31 +213,26 @@
$showform=false;
}
}
- else if($config['participant_registration_type']=="schoolpassword")
- {
+ else if($config['participant_registration_type']=="schoolpassword") {
$showschoolpasswordform=true;
- if($_POST['schoolpassword'] && $_POST['schoolid'])
- {
+ if($_POST['schoolpassword'] && $_POST['schoolid']) {
$q=mysql_query("SELECT registration_password FROM schools WHERE id='".$_POST['schoolid']."' AND year='".$config['FAIRYEAR']."'");
$r=mysql_fetch_object($q);
- if($_POST['schoolpassword']==$r->registration_password)
- {
+ if($_POST['schoolpassword']==$r->registration_password) {
$allownew=true;
$showform=true;
$showschoolpasswordform=false;
$schoolidquery="'".$_POST['schoolid']."'";
}
- else
- {
+ else {
echo error(i18n("Invalid school registration password, please try again"));
$allownew=false;
$showform=false;
}
}
- if($showschoolpasswordform)
- {
+ if($showschoolpasswordform) {
echo i18n("Participant registration is protected by a password for each school. You must know your <b>school registration password</b> in order to create an account.");
echo "<br />";
echo "<br />";
@@ -286,16 +256,13 @@
$showform=false;
}
}
- else if($config['participant_registration_type']=="open")
- {
+ else if($config['participant_registration_type']=="open") {
//thats fine, continue on and create them the account.
}
- else if($config['participant_registration_type']=="openorinvite")
- {
+ else if($config['participant_registration_type']=="openorinvite") {
//thats fine too, continue on and create them the account.
}
- else
- {
+ else {
echo error(i18n("There is an error with the SFIAB configuration. participant_registration_type is not defined. Contact the fair organizers to get this fixed."));
$allownew=false;
$showform=false;
@@ -305,10 +272,8 @@
}
- if($allownew)
- {
- if($datecheck->datecheck==0)
- {
+ if($allownew) {
+ if($datecheck->datecheck==0) {
if($datecheck->datecheckbefore)
echo error(i18n("Registration is not open yet. You can not create a new account"));
else if($datecheck->datecheckafter)
@@ -317,16 +282,13 @@
echo "<A href=\"register_participants.php\">Back to Participant Registration Login Page</a>";
}
- else
- {
+ else {
//they can only create a new registraiton if they have a valid email address, so lets do a quick ereg check on their email
- if(isEmailAddress($_SESSION['email']))
- {
+ if(isEmailAddress($_SESSION['email'])) {
$regnum=0;
//now create the new registration record, and assign a random/unique registration number to then.
- do
- {
+ do {
//random number between
//100000 and 999999 (six digit integer)
$regnum=rand(100000,999999);
@@ -350,8 +312,7 @@
echo i18n("You have been identified as a new registrant. An email has been sent to <b>%1</b> which contains your new <b>registration number</b>. Please check your email to obtain your <b>registration number</b> and then enter it below:",array($_SESSION['email']),array("email address"));
echo "<input type=\"hidden\" name=\"action\" value=\"new\">";
}
- else
- {
+ else {
echo error(i18n("The email address you entered (%1) appears to be invalid. You must use a proper email address in order to create an account",array($_SESSION['email'])));
echo "<a href=\"register_participants.php\">".i18n("Return to participant registration")."</a>";
$showform=false;
@@ -359,8 +320,7 @@
}
}
- if($showform)
- {
+ if($showform) {
echo "<br />";
echo "<br />";
echo i18n("Registration Number:");
@@ -373,18 +333,15 @@
echo i18n("If you have lost or forgotten your <b>registration number</b>, please <a href=\"register_participants.php?action=resend\">click here to resend</a> it to your email address");
}
}
- else
- {
+ else {
//Lets check the date - if we are AFTER 'regopen' and BEFORE 'regclose' then we can login
//otherwise, registration is closed - no logins!
//this will return 1 if its between the dates, 0 otherwise.
- if($datecheck->datecheck==0)
- {
+ if($datecheck->datecheck==0) {
if($datecheck->datecheckbefore)
echo notice(i18n("Registration for the %1 %2 is not open yet. Registration will open on %3.",array($config['FAIRYEAR'],$config['fairname'],format_datetime($config['dates']['regopen'])),array("fair year","fair name","registration open date")));
- else if($datecheck->datecheckafter)
- {
+ else if($datecheck->datecheckafter) {
echo notice(i18n("Registration for the %1 %2 is now closed. Existing registrants can login and view (read only) their information, as well as apply for special awards (if applicable).",array($config['FAIRYEAR'],$config['fairname']),array("fair year","fair name")));
echo i18n("Please enter your email address to login");
}
@@ -392,11 +349,8 @@
echo "<br />";
$buttontext=i18n("Login");
}
- else
- {
-
- if($config['participant_registration_type']=="invite")
- {
+ else {
+ if($config['participant_registration_type']=="invite") {
echo i18n("Registration is by invitation only. As soon as you are invited by your school or the science fair committee, you will receive a welcoming email with your Registration Number");
echo "<br />";
echo "<br />";
@@ -404,8 +358,7 @@
echo i18n("Please enter your email address to:");
echo "<ul>";
}
- else
- {
+ else {
echo i18n("Please enter your email address to :");
echo "<ul>";
echo "<li>".i18n("Begin a new registration")."</li>";
@@ -421,8 +374,7 @@
}
//only show the email login box if registration is open, or we're past the registration deadline (so they can login and view / apply for special awards). if we're before the registration deadline then they cant create an account or login anwyays so no point in showing the box
- if(!$datecheck->datecheckbefore)
- {
+ if(!$datecheck->datecheckbefore) {
?>
<form method="post" action="register_participants.php">
<input type="hidden" name="action" value="login" />