From 454c3f93b6e43d61d4120ac62987359e4f9989d2 Mon Sep 17 00:00:00 2001
From: Muad Sakah <muadsakah@yahoo.com>
Date: Fri, 7 Feb 2025 03:48:16 +0000
Subject: [PATCH] pushing all register files with database line changes/fixes
---
register_participants.php | 2 +-
register_participants_project.php | 28 ++++++++---------
register_participants_signature_tcpdf.php | 38 +++++++++++++----------
register_participants_students.php | 7 ++---
4 files changed, 38 insertions(+), 37 deletions(-)
diff --git a/register_participants.php b/register_participants.php
index 8cd4e368..71421cb3 100644
--- a/register_participants.php
+++ b/register_participants.php
@@ -309,7 +309,7 @@ if (get_value_from_array($_POST, 'action') == 'login' && (get_value_from_array($
$regnum,
$_SESSION['email'],
'new',
- $schoolidquery, // Ensure $schoolidquery contains a valid integer
+ $schoolidquery,
$config['FAIRYEAR']
]);
diff --git a/register_participants_project.php b/register_participants_project.php
index f5ccccd1..c5814e1c 100644
--- a/register_participants_project.php
+++ b/register_participants_project.php
@@ -104,20 +104,20 @@ if (get_value_from_array($_POST, 'action') == 'save') {
} else
$shorttitle = stripslashes($_POST['shorttitle']);
- $stmt = $pdo->prepare('UPDATE projects SET '
- . "title=?, "
- . "shorttitle=?, "
- . "projectdivisions_id=?, "
- . "projecttype=?, "
- . "language=?, "
- . "req_table=?, "
- . "req_electricity=?, "
- . "req_special=?, "
- . "human_participants=?, "
- . "animal_participants=?, "
- . "summary=?, "
- . "summarycountok=?"
- . "WHERE id=?");
+ $stmt = $pdo->prepare('UPDATE projects SET
+ title=?,
+ shorttitle=?,
+ projectdivisions_id=?,
+ projecttype=?,
+ language=?,
+ req_table=?,
+ req_electricity=?,
+ req_special=?,
+ human_participants=?,
+ animal_participants=?,
+ summary=?,
+ summarycountok=?
+ WHERE id=?');
$stmt->execute([$title,$shorttitle,intval($_POST['projectdivisions_id']),stripslashes($_POST['projecttype']),
stripslashes($_POST['language']),stripslashes($_POST['req_table']),stripslashes($_POST['req_electricity']),
stripslashes($_POST['req_special']),stripslashes($_POST['human_participants']),stripslashes($_POST['animal_participants']),
diff --git a/register_participants_signature_tcpdf.php b/register_participants_signature_tcpdf.php
index 2190c848..a8f723ab 100644
--- a/register_participants_signature_tcpdf.php
+++ b/register_participants_signature_tcpdf.php
@@ -43,18 +43,22 @@ if (get_value_from_array($_GET, 'sample')) {
exit;
}
- $q = $pdo->prepare("SELECT registrations.id AS regid, students.id AS studentid, students.firstname
-\t \t\t\tFROM registrations,students
- \t \t\tWHERE students.email=?
- AND registrations.num=?
- AND registrations.id=?
- AND students.registrations_id=registrations.id
- AND registrations.year=?
- AND students.year=?");
- '?=?' ;
- $registration_id = $_SESSION['registration_id'];
- $q->execute([$_SESSION['email'],$_SESSION['registration_number'],$_SESSION['registration_id'],$config['FAIRYEAR'],
- $config['FAIRYEAR'],$registration_number,$_SESSION['registration_number']]);
+ $q = $pdo->prepare('SELECT registrations.id AS regid, students.id AS studentid, students.firstname
+ FROM registrations, students
+ WHERE students.email=?
+ AND registrations.num=?
+ AND registrations.id=?
+ AND students.registrations_id = registrations.id
+ AND registrations.year=?
+ AND students.year=?');
+
+ $q->execute([
+ $_SESSION['email'],
+ $_SESSION['registration_number'],
+ $_SESSION['registration_id'],
+ $config['FAIRYEAR'],
+ $config['FAIRYEAR']
+ ]);
show_pdo_errors_if_any($pdo);
@@ -86,7 +90,7 @@ if ($_GET['sample']) {
$rr->school = 'SampleSchool';
} else {
// grab the project info
- $q = $pdo->prepare("SELECT projects.*,
+ $q = $pdo->prepare('SELECT projects.*,
projectcategories.category,
projectdivisions.division
FROM projects
@@ -96,11 +100,11 @@ if ($_GET['sample']) {
AND projects.year=?
AND projectdivisions.year=?
AND projectcategories.year=?
- ");
- $q->execute([$_SESSION['registration_id'],$config['FAIRYEAR'],$config['FAIRYEAR'],$config['FAIRYEAR']]);
+ ');
+ $q->execute([$_SESSION['registration_id'], $config['FAIRYEAR'], $config['FAIRYEAR'], $config['FAIRYEAR']]);
$projectinfo = $q->fetch(PDO::FETCH_OBJ);
- $q = $pdo->prepare("SELECT * FROM students WHERE registrations_id=? AND year=?");
+ $q = $pdo->prepare('SELECT * FROM students WHERE registrations_id=? AND year=?');
$q->execute([$_SESSION['registration_id'], $config['FAIRYEAR']]);
while ($si = $q->fetch(PDO::FETCH_OBJ))
$studentinfoarray[] = $si;
@@ -117,7 +121,7 @@ $pdf->WriteHTML('<h3>' . i18n('Registration Summary') . '</h3>
$students = '';
foreach ($studentinfoarray AS $studentinfo) {
if (!$_GET['sample']) {
- $qq = $pdo->prepare("SELECT school FROM schools WHERE id=?");
+ $qq = $pdo->prepare('SELECT school FROM schools WHERE id=?');
$qq->execute([$studentinfo->schools_id]);
$rr = $qq->fetch(PDO::FETCH_OBJ);
}
diff --git a/register_participants_students.php b/register_participants_students.php
index 76fc50f0..61307218 100644
--- a/register_participants_students.php
+++ b/register_participants_students.php
@@ -109,10 +109,7 @@ if (get_value_from_array($_POST, 'action') == 'save') {
(registrations_id, firstname, lastname, pronunciation, sex, email, address, city, county, province,
postalcode, phone, dateofbirth, grade, schools_id, tshirt, medicalalert, foodreq,
teachername, teacheremail, year)
- VALUES ('
- . '?, ?, ?, ?, ?, ?, ?, ?, ?, ?, '
- . '?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)');
-
+ VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?,?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)');
$stmt->execute([
$_SESSION['registration_id'],
stripslashes($_POST['firstname'][$x]),
@@ -220,7 +217,7 @@ if (get_value_from_array($_GET, 'action') == 'removestudent') {
} else {
$students_id = intval($_GET['removestudent']);
// first make sure this is one belonging to this registration id
- $q = $pdo->prepare('SELECT id FROM students WHERE id=? AND registrations_id=/');
+ $q = $pdo->prepare('SELECT id FROM students WHERE id=? AND registrations_id=?');
$q->execute([$students_id, $_SESSION['registration_id']]);
if ($q->rowCount() == 1) {
$stmt = $pdo->prepare('DELETE FROM students WHERE id=? AND registrations_id=?');