diff --git a/db/db.code.version.txt b/db/db.code.version.txt index 7296f257..065fd3e7 100644 --- a/db/db.code.version.txt +++ b/db/db.code.version.txt @@ -1 +1 @@ -136 +137 diff --git a/db/db.update.137.sql b/db/db.update.137.sql new file mode 100644 index 00000000..8d72b423 --- /dev/null +++ b/db/db.update.137.sql @@ -0,0 +1,3 @@ +ALTER TABLE `winners` ADD `fairs_id` INT NOT NULL; +ALTER TABLE `projects` ADD `fairs_id` INT NOT NULL; +ALTER TABLE `students` ADD `fairs_id` INT NOT NULL AFTER `schools_id` ; diff --git a/xmltransport.php b/xmltransport.php index e6369e3d..7f10274d 100644 --- a/xmltransport.php +++ b/xmltransport.php @@ -114,6 +114,194 @@ function handle_getawards(&$u, $fair, &$data, &$response) $response['postback'] = 'http://localhost'; } +function award_upload_update_school(&$mysql_query, &$school, $school_id = -1) +{ + + /* transport name => mysql name */ + $school_fields = array( //'schoolname'=>'school', + 'schoollang'=>'schoollang', + 'schoollevel'=>'schoollevel', + 'board'=>'board', + 'district'=>'district', + 'phone'=>'phone', + 'fax'=>'fax', + 'address'=>'address', + 'city'=>'city', + 'province_code'=>'province_code', + 'postalcode'=>'postalcode', + 'principal'=>'principal', + 'schoolemail'=>'schoolemail', + 'sciencehead'=>'sciencehead', + 'scienceheademail'=>'scienceheademail', + 'scienceheadphone'=>'scienceheadphone'); + + if($school_id == -1) { + $our_school = mysql_fetch_assoc($mysql_query); + $sid = $our_school['id']; + } else { + $sid = $school_id; + $our_school = array(); + } + $set = ''; + foreach($school_fields as $t=>$m) { + if($our_school[$m] == $school[$t]) continue; + if($set != '') $set.=','; + $set .= "`$m`='".mysql_real_escape_string($school[$t])."'"; + } + mysql_query("UPDATE schools SET $set WHERE id='$sid'"); + return $sid; +} + +function award_upload_school(&$student, &$school, $year) +{ + + $school_name = mysql_real_escape_string($school['schoolname']); + $school_city = mysql_real_escape_string($school['city']); + $school_phone = mysql_real_escape_string($school['phone']); + $school_addr = mysql_real_escape_string($school['address']); + $student_city = $student['city']; + + /* Find school by matching name, city, phone, year */ + $q = mysql_query("SELECT * FROM schools WHERE school='$school_name' AND city='$school_city' AND phone='$school_phone' AND year='$year'"); + if(mysql_num_rows($q) == 1) return award_upload_update_school($q, $school); + + /* Find school by matching name, city, address, year */ + $q = mysql_query("SELECT * FROM schools WHERE school='$school_name' AND city='$school_city' AND address='$school_addr' AND year='$year'"); + if(mysql_num_rows($q) == 1) return award_upload_update_school($q, $school); + + /* Find school by matching name, city, year */ + $q = mysql_query("SELECT * FROM schools WHERE school='$school_name' AND city='$school_city' AND year='$year'"); + if(mysql_num_rows($q) == 1) return award_upload_update_school($q, $school); + + /* Find school by matching name, student city, year */ + $q = mysql_query("SELECT * FROM schools WHERE school='$school_name' AND city='$student_city' AND year='$year'"); + if(mysql_num_rows($q) == 1) return award_upload_update_school($q, $school); + + /* No? ok, make a new school */ + mysql_query("INSERT INTO schools(`school`,`year`) VALUES ('".mysql_real_escape_string($school['schoolname'])."','$year')"); + $school_id = mysql_insert_id(); + return award_upload_update_school($q, $school, $school_id); +} + +function award_upload_assign(&$fair, &$prize, &$project, $year) +{ + /* Copied from admin/award_upload.php, this is the + * transport name => sql name mapping */ + $student_fields = array('firstname'=>'firstname', + 'lastname'=>'lastname', + 'email'=>'email', + 'gender'=>'sex', + 'grade'=>'grade', + 'language'=>'lang', + 'birthdate'=>'dateofbirth', + 'address'=>'address', + 'city'=>'city', + 'province'=>'province', + 'postalcode'=>'postalcode', + 'phone'=>'phone', + 'teachername'=>'teachername', + 'teacheremail'=>'teacheremail'); + + /* See if this project already exists */ + $pn = mysql_real_escape_string($project['projectnumber']); + $q = mysql_query("SELECT * FROM projects WHERE projectnumber='$pn' AND fairs_id='{$fair['id']}' AND year='$year'"); + echo mysql_error(); + if(mysql_num_rows($q) == 1) { + $our_project = mysql_fetch_assoc($q); + echo "Found existing project"; + $registrations_id = $our_project['registrations_id']; + $pid = $our_project['id']; + } else { + /* Create a registration */ + $regnum=0; + //now create the new registration record, and assign a random/unique registration number to then. + do { + //random number between + //100000 and 999999 (six digit integer) + $regnum=rand(100000,999999); + $q=mysql_query("SELECT * FROM registrations WHERE num='$regnum' AND year=$year"); + echo mysql_error(); + }while(mysql_num_rows($q)>0); + + //actually insert it + mysql_query("INSERT INTO registrations (num,email,start,status,schools_id,year) VALUES (". + "'$regnum','$regnum',NOW(),'new',NULL,'$year')"); + $registrations_id = mysql_insert_id(); + /* We'll fill in the email address later */ + + /* Add the project */ + mysql_query("INSERT INTO projects (`registrations_id`,`projectnumber`,`year`,`fairs_id`) + VALUES('$registrations_id', + '".mysql_real_escape_string($project['projectnumber'])."', + '$year', '{$fair['id']}');"); + $pid = mysql_insert_id(); + } + /* Update the project in case anythign changed */ + mysql_query("UPDATE projects SET title='".mysql_real_escape_string($project['title'])."', + summary='".mysql_real_escape_string($project['abstract'])."' + WHERE id='$pid'"); + + /* Delete the students attached to this project */ + mysql_query("DELETE FROM students WHERE registrations_id='$registrations_id'"); + + /* Add new */ + foreach($project['students'] as &$student) { + + $schools_id = award_upload_school($student, $student['school'], $year); + + $keys = ",`".join("`,`", array_values($student_fields))."`"; + $values = ""; + foreach($student_fields as $k=>$v) + $values .= ",'".mysql_real_escape_string($student[$k])."'"; + /* Note lack of comma before $keys, we added it above for both keys and values */ + mysql_query("INSERT INTO students (`registrations_id`,`fairs_id`, `schools_id` $keys) + VALUES('$registrations_id','{$fair['id']}','$schools_id' $values )"); + } + +} + +function handle_award_upload(&$u, &$fair, &$data, &$response) +{ + + $external_identifier = $data['award_upload']['external_identifier']; + $year = intval($data['award_upload']['year']); + $prizes = $data['award_upload']['prizes']; + + /* Find the award */ + $eid = mysql_real_escape_string($external_identifier); + + $q = mysql_query("SELECT * FROM award_awards WHERE external_identifier='$eid' AND year='$year'"); + if(mysql_num_rows($q) != 1) { + $response['message'] = "Unknown award identifier '$eid'"; + $response['error'] = 1; + return; + } + $award = mysql_fetch_assoc($q); + $aaid = $award['id']; + + /* Load prizes, we fetched the right award by year, so we don't need to + * check the year as long as we query by aaid */ + $prizes = array(); + $q = mysql_query("SELECT * FROM award_prizes WHERE award_awards_id='$aaid'"); + while($prize = mysql_fetch_assoc($q)) { + /* Clean out existing winners for this prize */ + mysql_query("DELETE FROM winners WHERE + award_prize_id='{$prize['id']}' + AND fairs_id='{$fair['id']}'"); + + /* Assign projects to this prize */ + $ul_p =& $data['award_upload']['prizes'][$prize['prize']]; + if(!is_array($ul_p['projects'])) continue; + + foreach($ul_p['projects'] as &$project) { + award_upload_assign($fair, $prize, $project, $year); + } + } + + $response['message'] = 'Award winners saved'; + $response['error'] = 0; +} + /* magic quotes DEPRECATED as of PHP 5.3.0, REMOVE as of 6.0, on by default * * for any PHP < 5.3.0. Pain in the ASS. php is running the urldecode for us, @@ -170,6 +358,7 @@ function handle_getawards(&$u, $fair, &$data, &$response) if(array_key_exists('getstats', $data)) handle_getstats($u,$fair, $data, $response); if(array_key_exists('stats', $data)) handle_stats($u,$fair, $data, $response); if(array_key_exists('getawards', $data)) handle_getawards($u,$fair,$data, $response); + if(array_key_exists('award_upload', $data)) handle_award_upload($u,$fair,$data, $response); echo urlencode(json_encode($response)); // echo "Success!
";