From 4fb6b706579ad324c7db27240f862941189b766b Mon Sep 17 00:00:00 2001 From: james Date: Tue, 30 Nov 2004 23:38:13 +0000 Subject: [PATCH] finish authenteication for registrations in 'open' state autoredirect back to main page if they end up back at the beginning but are already logged in --- register_participants.php | 30 ++++++++++++++++++++++++++++++ register_participants_main.php | 6 +++++- 2 files changed, 35 insertions(+), 1 deletion(-) diff --git a/register_participants.php b/register_participants.php index e5cfbb7..d90856b 100644 --- a/register_participants.php +++ b/register_participants.php @@ -9,6 +9,11 @@ $r=mysql_fetch_object($q); $_SESSION['registration_number']=$r->num; $_SESSION['registration_id']=$r->id; + mysql_query("INSERT INTO students (registrations_id,email,year) VALUES ('$r->id','".mysql_escape_string($_SESSION['email'])."','".$config['FAIRYEAR']."')"); + echo mysql_error(); + mysql_query("UPDATE registrations SET status='open' WHERE id='$r->id'"); + echo mysql_error(); + header("Location: register_participants_main.php"); exit; @@ -24,6 +29,30 @@ else if($_POST['action']=="continue") { + $q=mysql_query("SELECT registrations.id AS regid, registrations.num AS regnum, students.id AS studentid, students.name FROM registrations,students ". + "WHERE students.email='".$_SESSION['email']."' ". + "AND registrations.num='".$_POST['regnum']."' ". + "AND students.registrations_id=registrations.id ". + "AND registrations.year=".$config['FAIRYEAR']." ". + "AND students.year=".$config['FAIRYEAR']); + + if(mysql_num_rows($q)) + { + $r=mysql_fetch_object($q); + $_SESSION['registration_number']=$r->regnum; + $_SESSION['registration_id']=$r->regid; + header("Location: register_participants_main.php"); + exit; + } + + } + + + //if they've alreayd logged in, and somehow wound back up here, take them back to where they should be + if($_SESSION['registration_number'] && $_SESSION['registration_id'] && $_SESSION['email']) + { + header("Location: register_participants_main.php"); + } send_header("Participant Registration"); @@ -55,6 +84,7 @@ AND students.year=".$config['FAIRYEAR']." AND registrations.year=".$config['FAIRYEAR']." AND registrations.status='open'"); + echo mysql_error(); if(mysql_num_rows($q)>0) { echo i18n("Please enter the registration number in order to continue your registration"); diff --git a/register_participants_main.php b/register_participants_main.php index b59de4f..ab93f89 100644 --- a/register_participants_main.php +++ b/register_participants_main.php @@ -20,15 +20,19 @@ "AND students.registrations_id=registrations.id ". "AND registrations.year=".$config['FAIRYEAR']." ". "AND students.year=".$config['FAIRYEAR']); +echo mysql_error(); if(mysql_num_rows($q)==0) { - header("Location: register_participants.php"); + echo "error"; +// header("Location: register_participants.php"); exit; } $r=mysql_fetch_object($q); send_header("Participant Registration"); + echo "Welcome back $r->name"; + echo "

"; print_r($r);