diff --git a/admin/schools.php b/admin/schools.php index 3250542..d098b8b 100644 --- a/admin/schools.php +++ b/admin/schools.php @@ -53,6 +53,7 @@ "sciencehead='".mysql_escape_string(stripslashes($_POST['sciencehead']))."', ". "scienceheadphone='".mysql_escape_string(stripslashes($_POST['scienceheadphone']))."', ". "scienceheademail='".mysql_escape_string(stripslashes($_POST['scienceheademail']))."', ". + "registration_password='".mysql_escape_string(stripslashes($_POST['registration_password']))."', ". "accesscode='".mysql_escape_string(stripslashes($_POST['accesscode']))."' ". "WHERE id='$id'"; mysql_query($exec); @@ -109,6 +110,13 @@ echo "".i18n("Name")."sciencehead)."\" size=\"60\" maxlength=\"64\" />\n"; echo "".i18n("Phone")."scienceheadphone)."\" size=\"16\" maxlength=\"16\" />\n"; echo "".i18n("Email")."scienceheademail)."\" size=\"60\" maxlength=\"128\" />\n"; + + if($config['participant_registration_type']=="schoolpassword") + { + echo "
".i18n("Participant Registration Password").""; + echo "".i18n("Password")."registration_password)."\" size=\"32\" maxlength=\"32\" />\n"; + } + echo " "; echo "\n"; echo "\n"; @@ -130,6 +138,8 @@ echo " Address"; echo " Phone"; echo " Contact"; + if($config['participant_registration_type']=="schoolpassword") + echo " Reg Pass"; echo " Action"; echo "\n"; @@ -141,6 +151,8 @@ echo " $r->address, $r->city, $r->postalcode\n"; echo " $r->phone\n"; echo " $r->sciencehead\n"; + if($config['participant_registration_type']=="schoolpassword") + echo " $r->registration_password\n"; echo " "; echo "id\">"; diff --git a/db/db.code.version.txt b/db/db.code.version.txt index 45a4fb7..ec63514 100644 --- a/db/db.code.version.txt +++ b/db/db.code.version.txt @@ -1 +1 @@ -8 +9 diff --git a/db/db.update.9.sql b/db/db.update.9.sql new file mode 100644 index 0000000..05b10e5 --- /dev/null +++ b/db/db.update.9.sql @@ -0,0 +1,7 @@ +ALTER TABLE `config` ADD UNIQUE (`var`,`year`); +INSERT INTO `config` ( `var` , `val` , `description` , `year` ) VALUES ( 'participant_registration_type', 'open', 'The type of Participant Registration to use: open | singlepassword | schoolpassword | invite', '-1'); +INSERT INTO `config` ( `var` , `val` , `description` , `year` ) VALUES ( 'judge_registration_type', 'open', 'The type of Judge Registration to use: open | singlepassword | invite', '-1'); +INSERT INTO `config` ( `var` , `val` , `description` , `year` ) VALUES ( 'participant_registration_singlepassword', '', 'The single password to use for participant registraiton if participant_registration_type is singlepassword. Leave blank if not using singlepassword participant registration','-1'); +INSERT INTO `config` ( `var` , `val` , `description` , `year` ) VALUES ( 'judge_registration_singlepassword', '', 'The single password to use for judge registration if judge_registration_type is singlepassword. Leave blank if not using singlepassword judge registraiton', '-1'); +ALTER TABLE `schools` ADD `registration_password` VARCHAR( 32 ) NOT NULL; + diff --git a/register_participants.php b/register_participants.php index 3bffc02..a78d1eb 100644 --- a/register_participants.php +++ b/register_participants.php @@ -78,13 +78,40 @@ } else if($_GET['action']=="resend" && $_SESSION['email']) { - $q=mysql_query("SELECT registrations.num FROM registrations, students WHERE students.email='".$_SESSION['email']."' AND students.registrations_id=registrations.id"); - $r=mysql_fetch_object($q); + //first see if the email matches directly from the registrations table + $q=mysql_query("SELECT registrations.num FROM + registrations + WHERE + registrations.email='".$_SESSION['email']."' + AND registrations.year='".$config['FAIRYEAR']."'"); + if(mysql_num_rows($q)) + $r=mysql_fetch_object($q); + else + { - email_send("register_participants_resend_regnum",$_SESSION['email'],array("FAIRNAME"=>i18n($config['fairname'])),array("REGNUM"=>$r->num)); + //no match from registrations, so lets see if it matches from the students table + $q=mysql_query("SELECT registrations.num FROM + registrations, + students + WHERE + students.email='".$_SESSION['email']."' + AND students.registrations_id=registrations.id + AND registrations.year='".$config['FAIRYEAR']."'"); + $r=mysql_fetch_object($q); - send_header("Participant Registration"); - echo notice(i18n("Your registration number has been resent to your email addess %1",array($_SESSION['email']))); + } + + if($r) + { + email_send("register_participants_resend_regnum",$_SESSION['email'],array("FAIRNAME"=>i18n($config['fairname'])),array("REGNUM"=>$r->num)); + send_header("Participant Registration"); + echo notice(i18n("Your registration number has been resent to your email addess %1",array($_SESSION['email']))); + } + else + { + send_header("Participant Registration"); + echo error(i18n("Could not find a registration for your email address")); + } } else if($_GET['action']=="logout") { @@ -113,8 +140,11 @@ echo "
"; $allownew=true; + $showform=true; + + //first, check if they have any registrations waiting to be opened - $q=mysql_query("SELECT * FROM registrations WHERE email='".$_SESSION['email']."' AND status='new' AND year=".$config['FAIRYEAR']); + $q=mysql_query("SELECT * FROM registrations WHERE email='".$_SESSION['email']."' AND status='new' AND year='".$config['FAIRYEAR']."'"); if(mysql_num_rows($q)>0) { echo i18n("Please enter your registration number that you received in your email, in order to begin your new registration"); @@ -123,24 +153,143 @@ } else { - $q=mysql_query("SELECT students.email, - registrations.status - FROM students, + + //check if they have an already open registration + $q=mysql_query("SELECT + students.email, + registrations.status, + registrations.id + FROM + students, registrations WHERE students.email='".$_SESSION['email']."' AND students.year=".$config['FAIRYEAR']." AND registrations.year=".$config['FAIRYEAR']." - AND registrations.status='open'"); + AND registrations.status='open' + AND students.registrations_id=registrations.id"); if(mysql_num_rows($q)>0) { + $r=mysql_fetch_object($q); + print_r($r); echo i18n("Please enter your registration number in order to continue your registration"); echo ""; $allownew=false; echo "
"; } + else + { + //they dont have a 'new' and they dont have an 'open' so that means that they want to create a new one... BUT... + + if($config['participant_registration_type']=="invite") + { + $allownew=false; + $showform=false; + + echo i18n("Participant registration is by invite only. You can not create a new account. If you have been invited by your school/region, you need to use the same email address that you were invited with."); + echo "
"; + echo "
"; + echo "Back to Participant Registration"; + + } + else if($config['participant_registration_type']=="singlepassword") + { + $showsinglepasswordform=true; + if($_POST['singlepassword']) + { + if($_POST['singlepassword']==$config['participant_registration_singlepassword']) + { + $allownew=true; + $showform=true; + $showsinglepasswordform=false; + } + else + { + echo error(i18n("Invalid registration password, please try again")); + $allownew=false; + $showform=false; + } + } + + if($showsinglepasswordform) + { + echo i18n("Participant registration is protected by a password. You must know the registration password in order to create an account."); + echo "
"; + echo "
"; + echo ""; + echo i18n("Email Address:")." ".$_SESSION['email']."
"; + echo i18n("Registration Password:"); + echo ""; + echo "
"; + echo "
"; + echo ""; + echo "
"; + $allownew=false; + $showform=false; + } + } + else if($config['participant_registration_type']=="schoolpassword") + { + $showschoolpasswordform=true; + if($_POST['schoolpassword'] && $_POST['schoolid']) + { + $q=mysql_query("SELECT registration_password FROM schools WHERE id='".$_POST['schoolid']."' AND year='".$config['FAIRYEAR']."'"); + $r=mysql_fetch_object($q); + + if($_POST['schoolpassword']==$r->registration_password) + { + $allownew=true; + $showform=true; + $showschoolpasswordform=false; + } + else + { + echo error(i18n("Invalid school registration password, please try again")); + $allownew=false; + $showform=false; + } + } + + if($showschoolpasswordform) + { + echo i18n("Participant registration is protected by a password for each school. You must know your school registration password in order to create an account."); + echo "
"; + echo "
"; + echo ""; + echo i18n("Email Address:")." ".$_SESSION['email']."
"; + echo i18n("School: "); + $q=mysql_query("SELECT id,school FROM schools WHERE year='".$config['FAIRYEAR']."'"); + echo ""; + echo "
"; + echo i18n("School Registration Password: "); + echo ""; + echo "
"; + echo "
"; + echo ""; + echo ""; + $allownew=false; + $showform=false; + } + } + else if($config['participant_registration_type']=="open") + { + //thats fine, continue on and create them the account. + + } + else + { + echo error(i18n("There is an error with the SFIAB configuration. participant_registration_type is not defined. Contact the fair organizers to get this fixed.")); + $allownew=false; + $showform=false; + } + + } } - $showform=true; + if($allownew) { @@ -189,9 +338,12 @@ } if($showform) { + echo "
"; echo "
"; echo i18n("Registration Number:"); echo ""; + echo "
"; + echo "
"; echo ""; echo ""; echo "
"; @@ -215,9 +367,22 @@ else { - echo i18n("Please enter your email address to :"); - echo "