arman/science-ation
1
1
Fork 0
forked from science-ation/science-ation
Code Pull Requests Activity

Added emergency contact info as an array member of the user object.

Browse Source 
Updated register_participants_emergencycontact.php to link emergency contacts directly to the users, and allow multiple emergency contacts for a single user.
Added the users_id field to the emergencycontact table, allowing that direct link.
This commit is contained in:
jacob 2011-02-22 20:52:54 +00:00
parent ab566836e7
commit 6c0e0cb0ca
4 changed files with 185 additions and 136 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
db/db.code.version.txt
View File

@ -1 +1 @@
228
229

1
db/db.update.229.sql Normal file
View File

@ -0,0 +1 @@
ALTER TABLE `emergencycontact` ADD `users_id` INT NULL DEFAULT NULL AFTER `registrations_id`;

280
register_participants_emergencycontact.php
View File

@ -22,113 +22,37 @@
*/
?>
<?
require("common.inc.php");
include "register_participants.inc.php";
include "user.inc.php";
//authenticate based on email address and registration number from the SESSION
if(!$_SESSION['email'])
{
header("Location: register_participants.php");
exit;
}
if(!$_SESSION['registration_number'])
{
header("Location: register_participants.php");
exit;
}
require("common.inc.php");
include "register_participants.inc.php";
include "user.inc.php";
$q=mysql_query("SELECT registrations.id AS regid, students.id AS studentid, students.firstname FROM registrations,students ".
"WHERE students.email='".$_SESSION['email']."' ".
"AND registrations.num='".$_SESSION['registration_number']."' ".
"AND registrations.id='".$_SESSION['registration_id']."' ".
"AND students.registrations_id=registrations.id ".
"AND registrations.conferences_id=".$conference['id']." ".
"AND students.conferences_id=".$conference['id']);
echo mysql_error();
$edit_id = isset($_GET['users_id']) ? intval($_GET['users_id']) : $_SESSION['users_id'];
if($edit_id != $_SESSION['users_id'])
user_auth_required('admin');
else
user_auth_required();
if(mysql_num_rows($q)==0)
{
header("Location: register_participants.php");
exit;
}
$authinfo=mysql_fetch_object($q);
//send the header
send_header("Participant Registration - Emergency Contact Information");
if(array_key_exists('action', $_POST)){
switch($_POST['action']){
case 'save':
saveData();
break;
}
}
echo "<a href=\"register_participants_main.php\">&lt;&lt; ".i18n("Back to Participant Registration Summary")."</a><br />";
echo "<br />";
send_header("Participant Registration - Emergency Contact Information");
$studentstatus=studentStatus();
if($studentstatus!="complete")
{
echo "<a href=\"register_participants_main.php\">&lt;&lt; ".i18n("Back to Participant Registration Summary")."</a><br />";
echo "<br />";
$studentstatus=studentStatus();
if($studentstatus!="complete")
{
echo error(i18n("Please complete the <a href=\"register_participants_students.php\">Student Information Page</a> first"));
send_footer();
exit;
}
if($_POST['action']=="save")
{
if(registrationFormsReceived()) {
echo error(i18n("Cannot make changes to forms once they have been received by the fair"));
}
else if(registrationDeadlinePassed()) {
echo error(i18n("Cannot make changes to forms after registration deadline"));
}
else {
//first, lets make sure this emergency contact really does belong to them
foreach($_POST['ids'] AS $id)
{
$q=mysql_query("SELECT * FROM emergencycontact WHERE id='$id' AND registrations_id='".$_SESSION['registration_id']."' AND conferences_id='".$conference['id']."'");
if(mysql_num_rows($q)==1) {
$e=stripslashes($_POST['email'][$id]);
if($_POST['relation'][$id]=="Parent" && $e && user_valid_email($e)) {
if($u=user_load_by_email($e)) {
$u['firstname']=stripslashes($_POST['firstname'][$id]);
$u['lastname']=stripslashes($_POST['lastname'][$id]);
$u['phonehome']=stripslashes($_POST['phone1'][$id]);
$u['phonework']=stripslashes($_POST['phone2'][$id]);
$u['email']=$e;
$u['types'][]="parent";
user_save($u);
}
else {
$u=user_create("parent",$e);
$u['firstname']=stripslashes($_POST['firstname'][$id]);
$u['lastname']=stripslashes($_POST['lastname'][$id]);
$u['phonehome']=stripslashes($_POST['phone1'][$id]);
$u['phonework']=stripslashes($_POST['phone2'][$id]);
$u['email']=$e;
user_save($u);
}
}
mysql_query("UPDATE emergencycontact SET ".
"firstname='".mysql_escape_string(stripslashes($_POST['firstname'][$id]))."', ".
"lastname='".mysql_escape_string(stripslashes($_POST['lastname'][$id]))."', ".
"relation='".mysql_escape_string(stripslashes($_POST['relation'][$id]))."', ".
"phone1='".mysql_escape_string(stripslashes($_POST['phone1'][$id]))."', ".
"phone2='".mysql_escape_string(stripslashes($_POST['phone2'][$id]))."', ".
"phone3='".mysql_escape_string(stripslashes($_POST['phone3'][$id]))."', ".
"phone4='".mysql_escape_string(stripslashes($_POST['phone4'][$id]))."', ".
"email='".mysql_escape_string(stripslashes($_POST['email'][$id]))."' ".
"WHERE id='$id'");
echo mysql_error();
echo notice(i18n("Emergency contact information successfully updated"));
}
else
{
echo error(i18n("Invalid emergency contact to update (%1)"),array($id));
}
}
}
}
}
//output the current status
$newstatus=emergencycontactStatus();
if($newstatus!="complete")
@ -140,8 +64,9 @@ else if($newstatus=="complete")
echo happy(i18n("Emergency Contact Information Complete"));
}
$sq=mysql_query("SELECT id,firstname,lastname FROM students WHERE registrations_id='".$_SESSION['registration_id']."' AND conferences_id='".$conference['id']."'");
$user = user_load($_SESSION['users_id']);
$registrations_id = $user['registrations_id'];
$sq=mysql_query("SELECT id,firstname,lastname FROM users WHERE registrations_id='$registrations_id' AND conferences_id='".$conference['id']."'");
$numstudents=mysql_num_rows($sq);
echo "<form name=\"emergencycontactform\" method=\"post\" action=\"register_participants_emergencycontact.php\">\n";
@ -149,54 +74,139 @@ echo "<input type=\"hidden\" name=\"action\" value=\"save\">\n";
while($sr=mysql_fetch_object($sq))
{
$q=mysql_query("SELECT * FROM emergencycontact WHERE registrations_id='".$_SESSION['registration_id']."' AND conferences_id='".$conference['id']."' AND students_id='$sr->id'");
if(mysql_num_rows($q)==0) {
mysql_query("INSERT INTO emergencycontact (registrations_id,students_id,conferences_id) VALUES ('".$_SESSION['registration_id']."','".$sr->id."','".$conference['id']."')");
$id=mysql_insert_id();
unset($r);
}
else {
$r=mysql_fetch_object($q);
$id=$r->id;
}
$u = user_load($sr->id);
echo "<h3>".i18n("Emergency Contact for %1 %2",array($sr->firstname,$sr->lastname))."</h3>";
echo "<input type=\"hidden\" name=\"ids[]\" value=\"$id\">";
foreach($u['emergencycontacts'] as $contact){
drawEmergencyContactForm($sr->id, $contact);
}
echo "<h5>" . i18n("Add a new emergency contact") . "</h5>";
drawEmergencyContactForm($sr->id);
}
echo "<input type=\"submit\" value=\"".i18n("Save Emergency Contact Information")."\" />\n";
echo "</form>";
send_footer();
/***************** function definitions *****************/
// draw the form in which emergency contact data is populated/edited
function drawEmergencyContactForm($userId, $contactInfo = null){
static $index = 0;
$index++;
$showDeleteBox = true;
if($contactInfo == null){
// we'll use the same variables for drawing the form regardless,
// just need to make sure they're defined
$contactInfo = array(
'firstname' => '',
'lastname' => '',
'relation' => '',
'email' => '',
'phone1' => '',
'phone2' => '',
'phone3' => '',
'phone4' => ''
);
$showDeleteBox = false;
}
echo "<input type=\"hidden\" name=\"ids[]\" value=\"$index\">";
echo "<input type=\"hidden\" name=\"userId[$index]\" value=\"$userId\">";
echo "<table>\n";
echo "<tr>";
echo " <td>".i18n("First Name").": </td><td><input type=\"text\" name=\"firstname[$id]\" size=\"20\" value=\"$r->firstname\" />".REQUIREDFIELD."</td>";
echo " <td>".i18n("Last Name").": </td><td><input type=\"text\" name=\"lastname[$id]\" size=\"20\" value=\"$r->lastname\" />".REQUIREDFIELD."</td>";
echo " <td>".i18n("First Name").": </td><td><input type=\"text\" name=\"firstname[$index]\" size=\"20\" value=\"{$contactInfo['firstname']}\" />".REQUIREDFIELD."</td>";
echo " <td>".i18n("Last Name").": </td><td><input type=\"text\" name=\"lastname[$index]\" size=\"20\" value=\"{$contactInfo['lastname']}\" />".REQUIREDFIELD."</td>";
echo "</tr>\n";
echo "<tr>";
echo " <td>".i18n("Relation").": </td><td>";
echo " <select name=\"relation[$id]\">\n";
echo " <option value=\"\">".i18n("Choose a relation")."</option>\n";
$relations=array("Parent","Legal Guardian","Grandparent","Family Friend", "Other");
foreach($relations AS $rel) {
if($r->relation==$rel) $sel="selected=\"selected\""; else $sel="";
echo "<option $sel value=\"$rel\">".i18n($rel)."</option>\n";
}
echo " </select>\n";
echo REQUIREDFIELD."</td>";
echo " <td>".i18n("Email Address").": </td><td><input type=\"text\" name=\"email[$id]\" size=\"20\" value=\"$r->email\" /></td>";
echo " <select name=\"relation[$index]\">\n";
echo " <option value=\"\">".i18n("Choose a relation")."</option>\n";
$relations=array("Parent","Legal Guardian","Grandparent","Family Friend", "Other");
foreach($relations AS $rel) {
if($contactInfo['relation'] == $rel) $sel="selected=\"selected\"";
else $sel="";
echo "<option $sel value=\"$rel\">".i18n($rel)."</option>\n";
}
echo " </select>\n";
echo REQUIREDFIELD."</td>";
echo " <td>".i18n("Email Address").": </td><td><input type=\"text\" name=\"email[$index]\" size=\"20\" value=\"{$contactInfo['email']}\" /></td>";
echo "</tr>\n";
echo "<tr>";
echo " <td>".i18n("Phone 1").": </td><td><input type=\"text\" name=\"phone1[$id]\" size=\"20\" value=\"$r->phone1\" />".REQUIREDFIELD."</td>";
echo " <td>".i18n("Phone 2").": </td><td><input type=\"text\" name=\"phone2[$id]\" size=\"20\" value=\"$r->phone2\" /></td>";
echo " <td>".i18n("Phone 1").": </td><td><input type=\"text\" name=\"phone1[$index]\" size=\"20\" value=\"{$contactInfo['phone1']}\" />".REQUIREDFIELD."</td>";
echo " <td>".i18n("Phone 2").": </td><td><input type=\"text\" name=\"phone2[$index]\" size=\"20\" value=\"{$contactInfo['phone2']}\" /></td>";
echo "</tr>\n";
echo "<tr>";
echo " <td>".i18n("Phone 3").": </td><td><input type=\"text\" name=\"phone3[$id]\" size=\"20\" value=\"$r->phone3\" /></td>";
echo " <td>".i18n("Phone 4").": </td><td><input type=\"text\" name=\"phone4[$id]\" size=\"20\" value=\"$r->phone4\" /></td>";
echo " <td>".i18n("Phone 3").": </td><td><input type=\"text\" name=\"phone3[$index]\" size=\"20\" value=\"{$contactInfo['phone3']}\" /></td>";
echo " <td>".i18n("Phone 4").": </td><td><input type=\"text\" name=\"phone4[$index]\" size=\"20\" value=\"{$contactInfo['phone4']}\" /></td>";
echo "</tr>\n";
if($showDeleteBox){
echo "<tr><td colspan = 2><label>" . i18n("Remove this contact") . " <input type=\"checkbox\" name=\"delete[$index]\" value=\"yes\"></label></td></tr>";
}
echo "</table>";
echo "<br />";
echo "<br />";
}
}
echo "<input type=\"submit\" value=\"".i18n("Save Emergency Contact Information")."\" />\n";
echo "</form>";
// save the posted contact info data
function saveData(){
global $conference;
$currentUser = user_load($_SESSION['users_id']);
$registrations_id = $currentUser['registrations_id'];
$newContacts = array();
foreach($_POST['ids'] as $postIndex){
if(substr($postIndex, 0, 4) == 'new_'){
// we're creating a new contact, and linking them to the user whose ID is in the contactId tag
$userId = intval(substr($postIndex, 4));
}else if(is_numeric($postIndex)){
// we're updating an existing contact
$userId = $_POST['userId'][$postIndex];
}else{
// invalid contact Id
continue;
}
// let's make sure this user ID is a valid one and one which we can update with this post
$query = "SELECT COUNT(*) AS tally FROM users WHERE id = $userId AND registrations_id='$registrations_id' AND conferences_id='{$conference['id']}'";
$row = mysql_fetch_assoc(mysql_query($query));
if($row['tally'] != 1){
// not a user whose contacts we're allowed to update
continue;
}
// don't add contact info from an empty form
$emptyFields = true;
foreach(array('firstname', 'lastname', 'relation', 'email', 'phone1', 'phone2', 'phone3', 'phone4') as $idx){
if($_POST[$idx][$postIndex] != ''){
$emptyFields = false;
break;
}
}
if($emptyFields) continue;
if(array_key_exists('delete', $_POST) && array_key_exists($postIndex, $_POST['delete'])){
if($_POST['delete'][$postIndex] == 'yes'){
continue;
}
}
if(!array_key_exists($userId, $newContacts)){
$newContacts[$userId] = array();
}
$newContacts[$userId][] = array(
'firstname' => mysql_real_escape_string($_POST['firstname'][$postIndex]),
'lastname' => mysql_real_escape_string($_POST['lastname'][$postIndex]),
'relation' => mysql_real_escape_string($_POST['relation'][$postIndex]),
'email' => mysql_real_escape_string($_POST['email'][$postIndex]),
'phone1' => mysql_real_escape_string($_POST['phone1'][$postIndex]),
'phone2' => mysql_real_escape_string($_POST['phone2'][$postIndex]),
'phone3' => mysql_real_escape_string($_POST['phone3'][$postIndex]),
'phone4' => mysql_real_escape_string($_POST['phone4'][$postIndex])
);
}
// we've scraped together the new contact info, now let's update each of the users
foreach($newContacts as $userId => $contactList){
$u = user_load($userId);
$u['emergencycontacts'] = $contactList;
user_save($u);
}
}
send_footer();
?>

38
user.inc.php
View File

@ -93,6 +93,16 @@ function user_load($users_id, $accounts_id = false)
* a new role */
}
// not sure if this is the best place to add it, but if the user is a student, add their emergency contacts
if(array_key_exists('participant', $u['roles'])){
$u['emergencycontacts'] = array();
$fields = array('id', 'firstname', 'lastname', 'relation', 'phone1', 'phone2', 'phone3', 'phone4', 'email');
$q = mysql_query("SELECT " . implode(',', $fields) . " FROM emergencycontact WHERE users_id = $users_id");
while($row = mysql_fetch_assoc($q)){
$u['emergencycontacts'][] = $row;
}
}
// get a list of all fields relevant to this user
$fieldDat = user_get_fields(array_keys($u['roles']));
// we need to separate the fields that are in the users table from those in separate tables
@ -809,6 +819,34 @@ function user_save(&$u)
}
}
if( // if this user has emergency contacts ...
// not sure if this is the best place to add it, but if the user is a student, add their emergency contacts
array_key_exists('emergencycontacts', $u)
){
mysql_query("DELETE FROM emergencycontact WHERE users_id = {$u['id']}");
if(mysql_error() != '') return "SQLERR6: " . mysql_error();
if(count($u['emergencycontacts']) > 0){
$query = "INSERT INTO emergencycontact (users_id, firstname, lastname, relation, phone1, phone2, phone3, phone4, email, conferences_id) VALUES ";
$queryParts = array();
foreach($u['emergencycontacts'] as $contact){
$queryParts[] = "(". $u['id'] . ",'" .
$contact['firstname'] . "','" .
$contact['lastname'] . "','" .
$contact['relation'] . "','" .
$contact['phone1'] . "','" .
$contact['phone2'] . "','" .
$contact['phone3'] . "','" .
$contact['phone4'] . "','" .
$contact['email'] . "'," .
$conference['id'] . ") ";
}
$query .= implode(',', $queryParts);
mysql_query($query);
}
if(mysql_error() != '') return "SQLERR7: " . mysql_error();
}
/* Record all the data in orig that we saved so subsequent
* calls to user_save don't try to overwrite data already
* saved to the database */