From 5f289a67619f078eebdbdf5782c4bac1947a7f2c Mon Sep 17 00:00:00 2001
From: james <james>
Date: Wed, 2 Mar 2011 14:41:32 +0000
Subject: [PATCH] Update signature page to properly pull student info from
 `users` instead of `students`

---
 register_participants_signature.php | 35 +++++++++++++++--------------
 1 file changed, 18 insertions(+), 17 deletions(-)

diff --git a/register_participants_signature.php b/register_participants_signature.php
index bd0714a..db6186c 100644
--- a/register_participants_signature.php
+++ b/register_participants_signature.php
@@ -31,25 +31,17 @@
 	$registration_number=12345;
 	$registration_id=0;
  } else {
-	//authenticate based on email address and registration number from the SESSION
-	if(!$_SESSION['email']) {
-		header("Location: register_participants.php");
-		exit;
-	}
-	if(!$_SESSION['registration_number']) {
-	 	header("Location: register_participants.php");
-		exit;
-	}
+	//they must be a participant
+	user_auth_required('participant');
+	$u=user_load($_SESSION['users_id']);
 
-	 $q=mysql_query("SELECT registrations.id AS regid
+	 $q=mysql_query("SELECT registrations.id AS regid,
+	 				registrations.num AS regnum
 	 			FROM registrations
-				WHERE registrations.num='{$_SESSION['registration_number']}'
-				AND registrations.id='{$_SESSION['registration_id']}'
+				WHERE 
+				registrations.id='{$u['registration_id']}'
 				AND registrations.conferences_id={$conference['id']}");
 
-	$registration_number=$_SESSION['registration_number'];
-	$registration_id=$_SESSION['registration_id'];
-
 	echo mysql_error();
 
 	if(mysql_num_rows($q)==0) {
@@ -58,6 +50,8 @@
  
 	}
 	$authinfo=mysql_fetch_object($q);
+	$registration_number=$authinfo->regnum;
+	$registration_id=$authinfo->regid;
 
 }
  //END OF AUTH, now lets try to generate a PDF using only PHP :) this should be fun!
@@ -88,14 +82,21 @@ $pdf->AddPage();
                  FROM projects
                  JOIN projectdivisions ON projects.projectdivisions_id=projectdivisions.id
                  JOIN projectcategories ON projects.projectcategories_id=projectcategories.id
-                 WHERE registrations_id='".$_SESSION['registration_id']."' 
+                 WHERE registrations_id='".$registration_id."' 
                         AND projects.conferences_id='".$conference['id']."'
                         AND projectdivisions.conferences_id='".$conference['id']."'
                         AND projectcategories.conferences_id='".$conference['id']."'
                         ");
 	 $projectinfo=mysql_fetch_object($q);
 
-	 $q=mysql_query("SELECT * FROM students WHERE registrations_id='".$_SESSION['registration_id']."' AND conferences_id='".$conference['id']."'");
+	 $q=mysql_query("SELECT firstname, lastname, grade, schools_id
+	 	FROM users 
+	 	JOIN user_roles ON users.id=user_roles.id
+		JOIN roles ON user_roles.roles_id=roles.id
+	 	WHERE registrations_id='".$registration_id."' 
+		AND conferences_id='".$conference['id']."'
+		AND roles.type='participant'");
+
 	 while($si=mysql_fetch_object($q))
 		$studentinfoarray[]=$si;
  }