arman/science-ation
1
1
Fork 0
forked from science-ation/science-ation
Code Pull Requests Activity

Added an optionally included county field to the student data.

Browse Source
This commit is contained in:
james 2015-01-14 18:06:07 +00:00
parent 2a6ea9b350
commit 2b8416ed8e
4 changed files with 102 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
admin/reports_students.inc.php
View File

@ -282,6 +282,12 @@ $report_students_fields = array(
'width' => 1.5,
'table' => 'students.city' ),
'county' => array(
'name' => 'Student -- County',
'header' => 'County',
'width' => 1.5,
'table' => 'students.county' ),
'province' => array(
'name' => 'Student -- '.$config['provincestate'],
'header' => $config['provincestate'],
@ -301,6 +307,12 @@ $report_students_fields = array(
'scalable' => true,
'table' => "CONCAT(students.address, ', ', students.city, ', ', students.province, ', ', students.postalcode)" ),
'address_full_with_county' => array(
'name' => 'Student -- Full Address Including County',
'header' => 'Address',
'width' => 3.0,
'scalable' => true,
'table' => "CONCAT(students.address, ', ', students.city, ', ', students.county, ', ', students.province, ', ', students.postalcode)" ),
'grade' => array(
'start_option_group' => 'Other Student Information',

2
db/db.code.version.txt
View File

@ -1 +1 @@
176
177

14
db/db.update.177.sql Normal file
View File

@ -0,0 +1,14 @@
ALTER TABLE `students` ADD `county` VARCHAR( 64 ) NULL DEFAULT NULL AFTER `city`;
INSERT INTO `sfiabhosting_38_ncsef`.`config` (
`var` ,
`val` ,
`category` ,
`type` ,
`type_values` ,
`ord` ,
`description` ,
`year`
)
VALUES (
'participant_address_include_county', 'no', 'Participant Registration', 'yesno', '', '2100', 'Require that participants includes their county in their address.', '-1'
);

128
register_participants_students.php
View File

@ -24,7 +24,7 @@
<?
require("common.inc.php");
include "register_participants.inc.php";
define('_THISFILE', pathinfo(__FILE__, PATHINFO_BASENAME));
//authenticate based on email address and registration number from the SESSION
if(!$_SESSION['email'])
{
@ -36,15 +36,16 @@
header("Location: register_participants.php");
exit;
}
$fairyear = intval($config['FAIRYEAR']);
$q=mysql_query("SELECT registrations.id AS regid, students.id AS studentid, students.firstname FROM registrations,students ".
"WHERE students.email='".$_SESSION['email']."' ".
"AND registrations.num='".$_SESSION['registration_number']."' ".
"AND registrations.id='".$_SESSION['registration_id']."' ".
"WHERE students.email='" . mysql_real_escape_string($_SESSION['email']) . "' ".
"AND registrations.num='" . mysql_real_escape_string($_SESSION['registration_number']) . "' ".
"AND registrations.id='" . mysql_real_escape_string($_SESSION['registration_id']) . "' ".
"AND students.registrations_id=registrations.id ".
"AND registrations.year=".$config['FAIRYEAR']." ".
"AND students.year=".$config['FAIRYEAR']);
echo mysql_error();
"AND registrations.year=" . $fairyear . " ".
"AND students.year=" . $fairyear);
echo mysql_error();
if(mysql_num_rows($q)==0)
{
@ -97,30 +98,31 @@ if($_POST['action']=="save")
}
else
{
$schoolvalue="'".mysql_escape_string(stripslashes($_POST['schools_id'][$x]))."', ";
$schoolvalue="'".mysql_real_escape_string(stripslashes($_POST['schools_id'][$x]))."', ";
}
//INSERT new record
$dob=$_POST['year'][$x]."-".$_POST['month'][$x]."-".$_POST['day'][$x];
mysql_query("INSERT INTO students (registrations_id,firstname,lastname,pronunciation,sex,email,address,city,province,postalcode,phone,dateofbirth,grade,schools_id,tshirt,medicalalert,foodreq,teachername,teacheremail,year) VALUES (".
mysql_query("INSERT INTO students (registrations_id,firstname,lastname,pronunciation,sex,email,address,city,county,province,postalcode,phone,dateofbirth,grade,schools_id,tshirt,medicalalert,foodreq,teachername,teacheremail,year) VALUES (".
"'".$_SESSION['registration_id']."', ".
"'".mysql_escape_string(stripslashes($_POST['firstname'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['lastname'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['pronunciation'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['sex'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['email'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['address'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['city'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['province'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['postalcode'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['phone'][$x]))."', ".
"'".mysql_real_escape_string(stripslashes($_POST['firstname'][$x]))."', ".
"'".mysql_real_escape_string(stripslashes($_POST['lastname'][$x]))."', ".
"'".mysql_real_escape_string(stripslashes($_POST['pronunciation'][$x]))."', ".
"'".mysql_real_escape_string(stripslashes($_POST['sex'][$x]))."', ".
"'".mysql_real_escape_string(stripslashes($_POST['email'][$x]))."', ".
"'".mysql_real_escape_string(stripslashes($_POST['address'][$x]))."', ".
"'".mysql_real_escape_string(stripslashes($_POST['city'][$x]))."', ".
"'".mysql_real_escape_string(stripslashes($_POST['county'][$x]))."', ".
"'".mysql_real_escape_string(stripslashes($_POST['province'][$x]))."', ".
"'".mysql_real_escape_string(stripslashes($_POST['postalcode'][$x]))."', ".
"'".mysql_real_escape_string(stripslashes($_POST['phone'][$x]))."', ".
"'$dob', ".
"'".mysql_escape_string(stripslashes($_POST['grade'][$x]))."', ".
"'".mysql_real_escape_string(stripslashes($_POST['grade'][$x]))."', ".
$schoolvalue.
"'".mysql_escape_string(stripslashes($_POST['tshirt'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['medicalalert'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['foodreq'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['teachername'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['teacheremail'][$x]))."', ".
"'".mysql_real_escape_string(stripslashes($_POST['tshirt'][$x]))."', ".
"'".mysql_real_escape_string(stripslashes($_POST['medicalalert'][$x]))."', ".
"'".mysql_real_escape_string(stripslashes($_POST['foodreq'][$x]))."', ".
"'".mysql_real_escape_string(stripslashes($_POST['teachername'][$x]))."', ".
"'".mysql_real_escape_string(stripslashes($_POST['teacheremail'][$x]))."', ".
"'".$config['FAIRYEAR']."')");
$students_id = mysql_insert_id();
@ -137,31 +139,32 @@ if($_POST['action']=="save")
}
else
{
$schoolquery="schools_id='".mysql_escape_string(stripslashes($_POST['schools_id'][$x]))."', ";
$schoolquery="schools_id='".mysql_real_escape_string(stripslashes($_POST['schools_id'][$x]))."', ";
}
//UPDATE existing record
$dob=$_POST['year'][$x]."-".$_POST['month'][$x]."-".$_POST['day'][$x];
mysql_query("UPDATE students SET ".
"firstname='".mysql_escape_string(stripslashes($_POST['firstname'][$x]))."', ".
"lastname='".mysql_escape_string(stripslashes($_POST['lastname'][$x]))."', ".
"pronunciation='".mysql_escape_string(stripslashes($_POST['pronunciation'][$x]))."', ".
"sex='".mysql_escape_string(stripslashes($_POST['sex'][$x]))."', ".
"email='".mysql_escape_string(stripslashes($_POST['email'][$x]))."', ".
"address='".mysql_escape_string(stripslashes($_POST['address'][$x]))."', ".
"city='".mysql_escape_string(stripslashes($_POST['city'][$x]))."', ".
"province='".mysql_escape_string(stripslashes($_POST['province'][$x]))."', ".
"postalcode='".mysql_escape_string(stripslashes($_POST['postalcode'][$x]))."', ".
"phone='".mysql_escape_string(stripslashes($_POST['phone'][$x]))."', ".
"firstname='".mysql_real_escape_string(stripslashes($_POST['firstname'][$x]))."', ".
"lastname='".mysql_real_escape_string(stripslashes($_POST['lastname'][$x]))."', ".
"pronunciation='".mysql_real_escape_string(stripslashes($_POST['pronunciation'][$x]))."', ".
"sex='".mysql_real_escape_string(stripslashes($_POST['sex'][$x]))."', ".
"email='".mysql_real_escape_string(stripslashes($_POST['email'][$x]))."', ".
"address='".mysql_real_escape_string(stripslashes($_POST['address'][$x]))."', ".
"city='".mysql_real_escape_string(stripslashes($_POST['city'][$x]))."', ".
"county='".mysql_real_escape_string(stripslashes($_POST['county'][$x]))."', ".
"province='".mysql_real_escape_string(stripslashes($_POST['province'][$x]))."', ".
"postalcode='".mysql_real_escape_string(stripslashes($_POST['postalcode'][$x]))."', ".
"phone='".mysql_real_escape_string(stripslashes($_POST['phone'][$x]))."', ".
"dateofbirth='$dob', ".
"grade='".mysql_escape_string(stripslashes($_POST['grade'][$x]))."', ".
"grade='".mysql_real_escape_string(stripslashes($_POST['grade'][$x]))."', ".
$schoolquery.
"medicalalert='".mysql_escape_string(stripslashes($_POST['medicalalert'][$x]))."', ".
"foodreq='".mysql_escape_string(stripslashes($_POST['foodreq'][$x]))."', ".
"teachername='".mysql_escape_string(stripslashes($_POST['teachername'][$x]))."', ".
"teacheremail='".mysql_escape_string(stripslashes($_POST['teacheremail'][$x]))."', ".
"tshirt='".mysql_escape_string(stripslashes($_POST['tshirt'][$x]))."' ".
"medicalalert='".mysql_real_escape_string(stripslashes($_POST['medicalalert'][$x]))."', ".
"foodreq='".mysql_real_escape_string(stripslashes($_POST['foodreq'][$x]))."', ".
"teachername='".mysql_real_escape_string(stripslashes($_POST['teachername'][$x]))."', ".
"teacheremail='".mysql_real_escape_string(stripslashes($_POST['teacheremail'][$x]))."', ".
"tshirt='".mysql_real_escape_string(stripslashes($_POST['tshirt'][$x]))."' ".
"WHERE id='$students_id'");
echo notice(i18n("%1 %2 successfully updated",array($_POST['firstname'][$x],$_POST['lastname'][$x])));
@ -238,7 +241,7 @@ else if($newstatus=="complete")
//uhh oh, we didnt find any, this isnt possible! lets insert one using the logged in persons email address
//although... this can never really happen, since the above queries only allow the page to view if the student
//is found in the students table... soo... well, lets leave it here as a fallback anyways, just incase
mysql_query("INSERT INTO students (registrations_id,email,year) VALUES ('".$_SESSION['registration_id']."','".mysql_escape_string($_SESSION['email'])."','".$config['FAIRYEAR']."')");
mysql_query("INSERT INTO students (registrations_id,email,year) VALUES ('".$_SESSION['registration_id']."','".mysql_real_escape_string($_SESSION['email'])."','".$config['FAIRYEAR']."')");
//if we just inserted it, then we will obviously find 1
$numfound=1;
}
@ -252,7 +255,7 @@ else if($newstatus=="complete")
else
$numtoshow=$numfound;
echo "<form name=\"numstudentsform\" method=\"get\" action=\"register_participants_students.php\">";
echo "<form name=\"numstudentsform\" method=\"get\" action=\"" . _THISFILE . "\">";
echo i18n("Number of students that worked on the project: ");
echo "<select name=\"numstudents\" onchange=\"document.forms.numstudentsform.submit()\">\n";
for($x=$config['minstudentsperproject'];$x<=$config['maxstudentsperproject'];$x++)
@ -270,7 +273,7 @@ else if($newstatus=="complete")
if($numtoshow>$config['maxstudentsperproject'])
$numtoshow=$config['maxstudentsperproject'];
echo "<form name=\"studentdata\" method=\"post\" action=\"register_participants_students.php\">";
echo "<form name=\"studentdata\" method=\"post\" action=\"" . _THISFILE . "\">";
echo "<input type=\"hidden\" name=\"action\" value=\"save\" />";
for($x=1;$x<=$numtoshow;$x++)
{
@ -331,14 +334,23 @@ else
if($config['participant_student_personal']=="yes")
{
echo "<tr>\n";
echo " <td>".i18n("Address")."</td><td><input type=\"text\" name=\"address[$x]\" value=\"$studentinfo->address\" />".REQUIREDFIELD."</td>\n";
echo " <td>".i18n($config['provincestate'])."</td><td>";
echo " <td>".i18n("Address")."</td>";
echo " <td><input type=\"text\" name=\"address[$x]\" value=\"$studentinfo->address\" />".REQUIREDFIELD."</td>\n";
echo " <td>".i18n($config['provincestate'])."</td>";
echo "<td>";
emit_province_selector("province[$x]",$studentinfo->province);
echo REQUIREDFIELD."</td>\n";
echo REQUIREDFIELD;
echo "</td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo " <td>".i18n($config['postalzip'])."</td><td><input type=\"text\" name=\"postalcode[$x]\" value=\"$studentinfo->postalcode\" />".REQUIREDFIELD."</td>\n";
echo " <td>".i18n("Phone")."</td><td><input type=\"text\" name=\"phone[$x]\" value=\"$studentinfo->phone\" />".REQUIREDFIELD."</td>\n";
echo " <td>".i18n($config['postalzip'])."</td>";
echo "<td><input type=\"text\" name=\"postalcode[$x]\" value=\"$studentinfo->postalcode\" />".REQUIREDFIELD."</td>\n";
echo " <td>".i18n("Phone")."</td>";
echo " <td><input type=\"text\" name=\"phone[$x]\" value=\"$studentinfo->phone\" />".REQUIREDFIELD."</td>\n";
echo "</tr>\n";
echo "<tr>\n";
@ -375,6 +387,16 @@ else
echo REQUIREDFIELD."</td>";
echo "</tr>";
if($config['participant_address_include_county'] == 'yes'){
?>
<tr>
<td colspan=2></td>
<td><?=i18n('County')?></td>
<td><input type="text" name="county[<?=$x?>]" value="<?=$studentinfo->county?>"></input><?=REQUIREDFIELD?></td>
</tr>
<?
}
if($config['participant_student_tshirt']=="yes")
{
$tshirt_cost = floatval($config['participant_student_tshirt_cost']);
@ -462,7 +484,7 @@ if($config['participant_student_personal']=="yes")
echo "<tr><td align=\"right\">\n";
$checked = array_key_exists($rfi['id'], $sel) ? 'checked="checked"' : '';
echo "<input type=\"checkbox\" name=\"regfee_item[$x][{$rfi['id']}]\" $checked />";
echo '</td><td colspan=\"2\">';
echo '</td><td colspan=\"3\">';
echo i18n($rfi['description']);
echo '</td></tr>';
}
@ -473,7 +495,7 @@ if($config['participant_student_personal']=="yes")
if($numfound>$config['minstudentsperproject'] && $studentinfo->id)
{
echo "<div align=\"right\"><a onclick=\"return confirmClick('".i18n("Are you sure you want to remove this student from the project?")."');\" class=\"caution\" href=\"register_participants_students.php?action=removestudent&amp;removestudent=$studentinfo->id\">".i18n("Remove this student from project")."</a></div>";
echo "<div align=\"right\"><a onclick=\"return confirmClick('".i18n("Are you sure you want to remove this student from the project?")."');\" class=\"caution\" href=\"" . _THISFILE . "?action=removestudent&amp;removestudent=$studentinfo->id\">".i18n("Remove this student from project")."</a></div>";
}
echo "<br />";