pushing all register files with database line changes/fixes

2025-02-07 03:48:16 +00:00 · 2025-02-07 03:48:16 +00:00 · 454c3f93b6
commit 454c3f93b6
parent 050db396cd
4 changed files with 38 additions and 37 deletions
--- a/register_participants.php
+++ b/register_participants.php
@ -309,7 +309,7 @@ if (get_value_from_array($_POST, 'action') == 'login' && (get_value_from_array($
 					$regnum,
 					$_SESSION['email'],
 					'new',
-					$schoolidquery,  // Ensure $schoolidquery contains a valid integer
+					$schoolidquery,  
 					$config['FAIRYEAR']
 				]);
--- a/register_participants_project.php
+++ b/register_participants_project.php
@ -104,20 +104,20 @@ if (get_value_from_array($_POST, 'action') == 'save') {
 			} else
 				$shorttitle = stripslashes($_POST['shorttitle']);
-			$stmt = $pdo->prepare('UPDATE projects SET '
+			$stmt = $pdo->prepare('UPDATE projects SET 
-				. "title=?, "
+				title=?, 
-				. "shorttitle=?, "
+				shorttitle=?, 
-				. "projectdivisions_id=?, "
+				projectdivisions_id=?, 
-				. "projecttype=?, "
+				projecttype=?, 
-				. "language=?, "
+				language=?, 
-				. "req_table=?, "
+				req_table=?, 
-				. "req_electricity=?, "
+				req_electricity=?, 
-				. "req_special=?, "
+				req_special=?, 
-				. "human_participants=?, "
+				human_participants=?, 
-				. "animal_participants=?, "
+				animal_participants=?, 
-				. "summary=?, "
+				summary=?,
-				. "summarycountok=?"
+				summarycountok=?
-				. "WHERE id=?");
+				WHERE id=?');
 			$stmt->execute([$title,$shorttitle,intval($_POST['projectdivisions_id']),stripslashes($_POST['projecttype']),
 			stripslashes($_POST['language']),stripslashes($_POST['req_table']),stripslashes($_POST['req_electricity']),
 			stripslashes($_POST['req_special']),stripslashes($_POST['human_participants']),stripslashes($_POST['animal_participants']),
--- a/register_participants_signature_tcpdf.php
+++ b/register_participants_signature_tcpdf.php
@ -43,18 +43,22 @@ if (get_value_from_array($_GET, 'sample')) {
 		exit;
 	}
-	$q = $pdo->prepare("SELECT registrations.id AS regid, students.id AS studentid, students.firstname 
+	$q = $pdo->prepare('SELECT registrations.id AS regid, students.id AS studentid, students.firstname 
-\t \t\t\tFROM registrations,students
+                    FROM registrations, students
-	\t \t\tWHERE students.email=? 
+                    WHERE students.email=? 
                        AND registrations.num=?
                        AND registrations.id=?
-				AND students.registrations_id=registrations.id
+                        AND students.registrations_id = registrations.id
                        AND registrations.year=?
-				AND students.year=?");
+                        AND students.year=?');
-				'?=?' ;
+
-	$registration_id = $_SESSION['registration_id'];
+	$q->execute([
-	$q->execute([$_SESSION['email'],$_SESSION['registration_number'],$_SESSION['registration_id'],$config['FAIRYEAR'],
+		$_SESSION['email'],
-	$config['FAIRYEAR'],$registration_number,$_SESSION['registration_number']]);
+		$_SESSION['registration_number'],
 		$_SESSION['registration_id'],
 		$config['FAIRYEAR'],
 		$config['FAIRYEAR']
 	]);
 	show_pdo_errors_if_any($pdo);
@ -86,7 +90,7 @@ if ($_GET['sample']) {
 	$rr->school = 'SampleSchool';
 } else {
 	// grab the project info
-	$q = $pdo->prepare("SELECT projects.*, 
+	$q = $pdo->prepare('SELECT projects.*, 
                        projectcategories.category, 
                        projectdivisions.division
                 FROM projects
@ -96,11 +100,11 @@ if ($_GET['sample']) {
                        AND projects.year=?
                        AND projectdivisions.year=?
                        AND projectcategories.year=?
-                        ");
+                        ');
-	$q->execute([$_SESSION['registration_id'],$config['FAIRYEAR'],$config['FAIRYEAR'],$config['FAIRYEAR']]);
+	$q->execute([$_SESSION['registration_id'], $config['FAIRYEAR'], $config['FAIRYEAR'], $config['FAIRYEAR']]);
 	$projectinfo = $q->fetch(PDO::FETCH_OBJ);
-	$q = $pdo->prepare("SELECT * FROM students WHERE registrations_id=? AND year=?");
+	$q = $pdo->prepare('SELECT * FROM students WHERE registrations_id=? AND year=?');
 	$q->execute([$_SESSION['registration_id'], $config['FAIRYEAR']]);
 	while ($si = $q->fetch(PDO::FETCH_OBJ))
 		$studentinfoarray[] = $si;
@ -117,7 +121,7 @@ $pdf->WriteHTML('<h3>' . i18n('Registration Summary') . '</h3>
 $students = '';
 foreach ($studentinfoarray AS $studentinfo) {
 	if (!$_GET['sample']) {
-		$qq = $pdo->prepare("SELECT school FROM schools WHERE id=?");
+		$qq = $pdo->prepare('SELECT school FROM schools WHERE id=?');
 		$qq->execute([$studentinfo->schools_id]);
 		$rr = $qq->fetch(PDO::FETCH_OBJ);
 	}
--- a/register_participants_students.php
+++ b/register_participants_students.php
@ -109,10 +109,7 @@ if (get_value_from_array($_POST, 'action') == 'save') {
    (registrations_id, firstname, lastname, pronunciation, sex, email, address, city, county, province, 
     postalcode, phone, dateofbirth, grade, schools_id, tshirt, medicalalert, foodreq, 
     teachername, teacheremail, year) 
-    VALUES ('
+    VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?,?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)');
 					. '?, ?, ?, ?, ?, ?, ?, ?, ?, ?, '
 					. '?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)');
 				$stmt->execute([
 					$_SESSION['registration_id'],
 					stripslashes($_POST['firstname'][$x]),
@ -220,7 +217,7 @@ if (get_value_from_array($_GET, 'action') == 'removestudent') {
 	} else {
 		$students_id = intval($_GET['removestudent']);
 		// first make sure this is one belonging to this registration id
-		$q = $pdo->prepare('SELECT id FROM students WHERE id=? AND registrations_id=/');
+		$q = $pdo->prepare('SELECT id FROM students WHERE id=? AND registrations_id=?');
 		$q->execute([$students_id, $_SESSION['registration_id']]);
 		if ($q->rowCount() == 1) {
 			$stmt = $pdo->prepare('DELETE FROM students WHERE id=? AND registrations_id=?');