finish authenteication for registrations in 'open' state

autoredirect back to main page if they end up back at the beginning but are already logged in
2004-11-30 23:38:13 +00:00 · 2004-11-30 23:38:13 +00:00 · 4fb6b70657
commit 4fb6b70657
parent 5edecbdea5
2 changed files with 35 additions and 1 deletions
--- a/register_participants.php
+++ b/register_participants.php
@ -9,6 +9,11 @@
 		$r=mysql_fetch_object($q);
 		$_SESSION['registration_number']=$r->num;
 		$_SESSION['registration_id']=$r->id;
+		mysql_query("INSERT INTO students (registrations_id,email,year) VALUES ('$r->id','".mysql_escape_string($_SESSION['email'])."','".$config['FAIRYEAR']."')");
+		echo mysql_error();
+		mysql_query("UPDATE registrations SET status='open' WHERE id='$r->id'");
+		echo mysql_error();
+
 		header("Location: register_participants_main.php");
 		exit;

@ -24,6 +29,30 @@
 else if($_POST['action']=="continue")
 {

+	 $q=mysql_query("SELECT registrations.id AS regid, registrations.num AS regnum, students.id AS studentid, students.name FROM registrations,students ".
+ 	"WHERE students.email='".$_SESSION['email']."' ".
+	"AND registrations.num='".$_POST['regnum']."' ". 
+	"AND students.registrations_id=registrations.id ".
+	"AND registrations.year=".$config['FAIRYEAR']." ".
+	"AND students.year=".$config['FAIRYEAR']);
+
+	if(mysql_num_rows($q))
+	{
+		$r=mysql_fetch_object($q);
+		$_SESSION['registration_number']=$r->regnum;
+		$_SESSION['registration_id']=$r->regid;
+		header("Location: register_participants_main.php");
+		exit;
+	}
+
+ }
+
+ 
+ //if they've alreayd logged in, and somehow wound back up here, take them back to where they should be
+ if($_SESSION['registration_number'] && $_SESSION['registration_id'] && $_SESSION['email'])
+ {
+	header("Location: register_participants_main.php");
+
 }

 send_header("Participant Registration");
@ -55,6 +84,7 @@
 					AND students.year=".$config['FAIRYEAR']."
 					AND registrations.year=".$config['FAIRYEAR']."
 					AND registrations.status='open'");
+		echo mysql_error();
 		if(mysql_num_rows($q)>0)
 		{
 			echo i18n("Please enter the <b>registration number</b> in order to continue your registration");
--- a/register_participants_main.php
+++ b/register_participants_main.php
@ -20,15 +20,19 @@
 	"AND students.registrations_id=registrations.id ".
 	"AND registrations.year=".$config['FAIRYEAR']." ".
 	"AND students.year=".$config['FAIRYEAR']);
+echo mysql_error();

 if(mysql_num_rows($q)==0)
 {
- 	header("Location: register_participants.php");
+ 	echo "error";
+// 	header("Location: register_participants.php");
 	exit;
 
 }
 $r=mysql_fetch_object($q);
 send_header("Participant Registration");
+ echo "Welcome back <b>$r->name</b>";
+ echo "<br><br>";
 print_r($r);