From 890d8a23ff782299e0a3e50452191ec813b1cb42 Mon Sep 17 00:00:00 2001
From: patrick <patrick@algolibre.io>
Date: Mon, 24 Feb 2025 04:55:45 +0000
Subject: [PATCH] Fixes for Participant Registration

---
 common.inc.php                             |   6 +-
 register_participants.inc.php              |   6 +-
 register_participants_emergencycontact.php |   2 +-
 register_participants_project.php          |   6 +-
 register_participants_students.php         | 115 +++++++++++----------
 theme/science_ation/style.css              |   1 +
 6 files changed, 75 insertions(+), 61 deletions(-)

diff --git a/common.inc.php b/common.inc.php
index dd311e8c..b5195450 100644
--- a/common.inc.php
+++ b/common.inc.php
@@ -737,7 +737,7 @@ function emit_month_selector($name, $selected = '')
 {
 	echo "<select name=\"$name\">\n";
 	$months = array('', 'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug', 'Sep', 'Oct', 'Nov', 'Dec');
-	echo '<option value="">' . i18n('Month') . "</option>\n";
+	echo '<option value="00">' . i18n('Month') . "</option>\n";
 	for ($x = 1; $x <= 12; $x++) {
 		if ($x == $selected)
 			$s = 'selected="selected"';
@@ -752,7 +752,7 @@ function emit_month_selector($name, $selected = '')
 function emit_day_selector($name, $selected = '')
 {
 	echo "<select name=\"$name\">\n";
-	echo '<option value="">' . i18n('Day') . "</option>\n";
+	echo '<option value="00">' . i18n('Day') . "</option>\n";
 
 	for ($x = 1; $x <= 31; $x++)
 		echo '<option value="' . ($x < 10 ? '0' : '') . "$x\" " . ($selected == $x ? 'selected="selected"' : '') . ">$x</option>\n";
@@ -764,7 +764,7 @@ function emit_year_selector($name, $selected = '', $min = 0, $max = 0)
 {
 	$curyear = date('Y');
 	echo "<select name=\"$name\">\n";
-	echo '<option value="">' . i18n('Year') . "</option>\n";
+	echo '<option value="0000">' . i18n('Year') . "</option>\n";
 
 	if ($min && $max) {
 		for ($x = $min; $x <= $max; $x++)
diff --git a/register_participants.inc.php b/register_participants.inc.php
index 02cafed9..981cc788 100644
--- a/register_participants.inc.php
+++ b/register_participants.inc.php
@@ -66,9 +66,9 @@ function studentStatus($reg_id = '')
 {
 	global $config, $pdo;
 	if ($config['participant_student_personal'] == 'yes')
-		$required_fields = array('firstname', 'lastname', 'address', 'city', 'postalcode', 'phone', 'email', 'grade', 'dateofbirth', 'schools_id');
+		$required_fields = array('firstname', 'lastname', 'address', 'city', 'postalcode', 'phone', 'email', 'grade', 'dateofbirth', 'schools_id', 'teachername', 'teacheremail');
 	else
-		$required_fields = array('firstname', 'lastname', 'email', 'grade', 'schools_id');
+		$required_fields = array('firstname', 'lastname', 'email', 'grade', 'schools_id', 'teachername', 'teacheremail');
 
 	if ($config['participant_student_tshirt'] == 'yes')
 		$required_fields[] = 'tshirt';
@@ -103,7 +103,7 @@ function studentStatus($reg_id = '')
 function emergencycontactStatus($reg_id = '')
 {
 	global $config, $pdo;
-	$required_fields = array('firstname', 'lastname', 'relation', 'phone1');
+	$required_fields = array('firstname', 'lastname', 'relation', 'email', 'phone1');
 
 	if ($reg_id)
 		$rid = $reg_id;
diff --git a/register_participants_emergencycontact.php b/register_participants_emergencycontact.php
index ec82c4e8..484f4575 100644
--- a/register_participants_emergencycontact.php
+++ b/register_participants_emergencycontact.php
@@ -173,7 +173,7 @@ while ($sr = $sq->fetch(PDO::FETCH_OBJ)) {
 	}
 	echo "  </select>\n";
 	echo REQUIREDFIELD . '</td>';
-	echo ' <td>' . i18n('Email Address') . ": </td><td><input type=\"text\" name=\"email[$id]\" size=\"20\" value=\"$r->email\" /></td>";
+	echo ' <td>' . i18n('Email Address') . ": </td><td><input type=\"text\" name=\"email[$id]\" size=\"20\" value=\"$r->email\" />". REQUIREDFIELD ."</td>";
 	echo "</tr>\n";
 	echo '<tr>';
 	echo ' <td>' . i18n('Phone 1') . ": </td><td><input type=\"text\" name=\"phone1[$id]\" size=\"20\" value=\"$r->phone1\" />" . REQUIREDFIELD . '</td>';
diff --git a/register_participants_project.php b/register_participants_project.php
index 732f8731..538062cc 100644
--- a/register_participants_project.php
+++ b/register_participants_project.php
@@ -77,6 +77,7 @@ if (get_value_from_array($_POST, 'action') == 'save') {
 	} else if (registrationDeadlinePassed()) {
 		echo error(i18n('Cannot make changes to forms after registration deadline'));
 	} else {
+		try {
 		// first, lets make sure this project really does belong to them
 		$q = $pdo->prepare('SELECT * FROM projects WHERE id=? AND registrations_id=? AND year=?');
 		$q->execute([$_POST['id'], $_SESSION['registration_id'], $config['FAIRYEAR']]);
@@ -122,11 +123,14 @@ if (get_value_from_array($_POST, 'action') == 'save') {
 				stripslashes($_POST['language']), stripslashes($_POST['req_table']), stripslashes($_POST['req_electricity']),
 				stripslashes($_POST['req_special']), stripslashes($_POST['human_participants']), stripslashes($_POST['animal_participants']),
 				stripslashes($_POST['summary']), $summarycountok, $_POST['id']]);
-			show_pdo_errors_if_any($pdo);
+			
 			echo notice(i18n('Project information successfully updated'));
 		} else {
 			echo error(i18n('Invalid project to update'));
 		}
+		} catch (PDOException $exception) {
+			echo error(i18n('Failed to update project information. Please ensure all mandatory fields have values.'));
+		}
 	}
 }
 
diff --git a/register_participants_students.php b/register_participants_students.php
index dfb28448..39c64af4 100644
--- a/register_participants_students.php
+++ b/register_participants_students.php
@@ -102,33 +102,38 @@ if (get_value_from_array($_POST, 'action') == 'save') {
 				} else {
 					$schoolvalue = "'" . stripslashes($_POST['schools_id'][$x]) . "', ";
 				}
-				// INSERT new record
-				$dob = $_POST['year'][$x] . '-' . $_POST['month'][$x] . '-' . $_POST['day'][$x];
-				$stmt = $pdo->prepare('INSERT INTO students (registrations_id,firstname,lastname,pronunciation,email,address,city,county,province,postalcode,phone,dateofbirth,grade,schools_id,tshirt,medicalalert,foodreq,teachername,teacheremail,year) VALUES ('
-					. "'" . $_SESSION['registration_id'] . "', "
-					. "'" . stripslashes($_POST['firstname'][$x]) . "', "
-					. "'" . stripslashes($_POST['lastname'][$x]) . "', "
-					. "'" . stripslashes($_POST['pronunciation'][$x]) . "', "
-					. "'" . stripslashes($_POST['email'][$x]) . "', "
-					. "'" . stripslashes($_POST['address'][$x]) . "', "
-					. "'" . stripslashes($_POST['city'][$x]) . "', "
-					. "'" . stripslashes($_POST['county'][$x]) . "', "
-					. "'" . stripslashes($_POST['province'][$x]) . "', "
-					. "'" . stripslashes($_POST['postalcode'][$x]) . "', "
-					. "'" . stripslashes($_POST['phone'][$x]) . "', "
-					. "'$dob', "
-					. "'" . stripslashes($_POST['grade'][$x]) . "', "
-					. $schoolvalue
-					. "'" . stripslashes($_POST['tshirt'][$x]) . "', "
-					. "'" . stripslashes($_POST['medicalalert'][$x]) . "', "
-					. "'" . stripslashes($_POST['foodreq'][$x]) . "', "
-					. "'" . stripslashes($_POST['teachername'][$x]) . "', "
-					. "'" . stripslashes($_POST['teacheremail'][$x]) . "', "
-					. "'" . $config['FAIRYEAR'] . "')");
-				$stmt->execute();
-				$students_id = $pdo->lastInsertId();
 
-				echo notice(i18n('%1 %2 successfully added', array($_POST['firstname'][$x], $_POST['lastname'][$x])));
+				try {
+					// INSERT new record
+					$dob = $_POST['year'][$x] . '-' . $_POST['month'][$x] . '-' . $_POST['day'][$x];
+					$stmt = $pdo->prepare('INSERT INTO students (registrations_id,firstname,lastname,pronunciation,email,address,city,county,province,postalcode,phone,dateofbirth,grade,schools_id,tshirt,medicalalert,foodreq,teachername,teacheremail,year) VALUES ('
+						. "'" . $_SESSION['registration_id'] . "', "
+						. "'" . stripslashes($_POST['firstname'][$x]) . "', "
+						. "'" . stripslashes($_POST['lastname'][$x]) . "', "
+						. "'" . stripslashes($_POST['pronunciation'][$x]) . "', "
+						. "'" . stripslashes($_POST['email'][$x]) . "', "
+						. "'" . stripslashes($_POST['address'][$x]) . "', "
+						. "'" . stripslashes($_POST['city'][$x]) . "', "
+						. "'" . stripslashes($_POST['county'][$x]) . "', "
+						. "'" . stripslashes($_POST['province'][$x]) . "', "
+						. "'" . stripslashes($_POST['postalcode'][$x]) . "', "
+						. "'" . stripslashes($_POST['phone'][$x]) . "', "
+						. "'$dob', "
+						. "'" . stripslashes($_POST['grade'][$x]) . "', "
+						. $schoolvalue
+						. "'" . stripslashes($_POST['tshirt'][$x]) . "', "
+						. "'" . stripslashes($_POST['medicalalert'][$x]) . "', "
+						. "'" . stripslashes($_POST['foodreq'][$x]) . "', "
+						. "'" . stripslashes($_POST['teachername'][$x]) . "', "
+						. "'" . stripslashes($_POST['teacheremail'][$x]) . "', "
+						. "'" . $config['FAIRYEAR'] . "')");
+					$stmt->execute();
+					$students_id = $pdo->lastInsertId();
+
+					echo notice(i18n('%1 %2 successfully added', array($_POST['firstname'][$x], $_POST['lastname'][$x])));
+				} catch (PDOException $exception) {
+					echo error(i18n('Failed to add student %1 %2. Please ensure all mandatory fields are complete.', array($_POST['firstname'][$x], $_POST['lastname'][$x])));
+				}
 			} else {
 				// if they use schoolpassword or singlepassword, then we dont need to save teh schools_id because its already set when they inserted the record, and we dont allow them to change their school.
 				if (($config['participant_registration_type'] == 'schoolpassword' || $config['participant_registration_type'] == 'invite') && !$_POST['schools_id'][$x]) {
@@ -137,31 +142,35 @@ if (get_value_from_array($_POST, 'action') == 'save') {
 					$schoolquery = "schools_id='" . stripslashes($_POST['schools_id'][$x]) . "', ";
 				}
 
-				// UPDATE existing record
-				$dob = $_POST['year'][$x] . '-' . $_POST['month'][$x] . '-' . $_POST['day'][$x];
-				$stmt = $pdo->prepare('UPDATE students SET '
-					. "firstname='" . stripslashes($_POST['firstname'][$x]) . "', "
-					. "lastname='" . stripslashes($_POST['lastname'][$x]) . "', "
-					. "pronunciation='" . stripslashes($_POST['pronunciation'][$x]) . "', "
-					. "email='" . stripslashes($_POST['email'][$x]) . "', "
-					. "address='" . stripslashes($_POST['address'][$x]) . "', "
-					. "city='" . stripslashes($_POST['city'][$x]) . "', "
-					. "county='" . stripslashes($_POST['county'][$x]) . "', "
-					. "province='" . stripslashes($_POST['province'][$x]) . "', "
-					. "postalcode='" . stripslashes($_POST['postalcode'][$x]) . "', "
-					. "phone='" . stripslashes($_POST['phone'][$x]) . "', "
-					. "dateofbirth='$dob', "
-					. "grade='" . stripslashes($_POST['grade'][$x]) . "', "
-					. $schoolquery
-					. "medicalalert='" . stripslashes($_POST['medicalalert'][$x]) . "', "
-					. "foodreq='" . stripslashes($_POST['foodreq'][$x]) . "', "
-					. "teachername='" . stripslashes($_POST['teachername'][$x]) . "', "
-					. "teacheremail='" . stripslashes($_POST['teacheremail'][$x]) . "', "
-					. "tshirt='" . stripslashes($_POST['tshirt'][$x]) . "' "
-					. "WHERE id='$students_id'");
-				$stmt->execute();
-					
-				echo notice(i18n('%1 %2 successfully updated', array($_POST['firstname'][$x], $_POST['lastname'][$x])));
+				try {
+					// UPDATE existing record
+					$dob = $_POST['year'][$x] . '-' . $_POST['month'][$x] . '-' . $_POST['day'][$x];
+					$stmt = $pdo->prepare('UPDATE students SET '
+						. "firstname='" . stripslashes($_POST['firstname'][$x]) . "', "
+						. "lastname='" . stripslashes($_POST['lastname'][$x]) . "', "
+						. "pronunciation='" . stripslashes($_POST['pronunciation'][$x]) . "', "
+						. "email='" . stripslashes($_POST['email'][$x]) . "', "
+						. "address='" . stripslashes($_POST['address'][$x]) . "', "
+						. "city='" . stripslashes($_POST['city'][$x]) . "', "
+						. "county='" . stripslashes($_POST['county'][$x]) . "', "
+						. "province='" . stripslashes($_POST['province'][$x]) . "', "
+						. "postalcode='" . stripslashes($_POST['postalcode'][$x]) . "', "
+						. "phone='" . stripslashes($_POST['phone'][$x]) . "', "
+						. "dateofbirth='$dob', "
+						. "grade='" . stripslashes($_POST['grade'][$x]) . "', "
+						. $schoolquery
+						. "medicalalert='" . stripslashes($_POST['medicalalert'][$x]) . "', "
+						. "foodreq='" . stripslashes($_POST['foodreq'][$x]) . "', "
+						. "teachername='" . stripslashes($_POST['teachername'][$x]) . "', "
+						. "teacheremail='" . stripslashes($_POST['teacheremail'][$x]) . "', "
+						. "tshirt='" . stripslashes($_POST['tshirt'][$x]) . "' "
+						. "WHERE id='$students_id'");
+					$stmt->execute();
+
+					echo notice(i18n('%1 %2 successfully updated', array($_POST['firstname'][$x], $_POST['lastname'][$x])));
+				} catch (PDOException $exception) {
+					echo error(i18n('Failed to update student %1 %2. Please ensure all mandatory fields are complete.', array($_POST['firstname'][$x], $_POST['lastname'][$x])));
+				}
 			}
 			/* Update the regfee items link */
 			if ($config['participant_regfee_items_enable'] == 'yes') {
@@ -455,8 +464,8 @@ for ($x = 1; $x <= $numtoshow; $x++) {
 	echo "</tr>\n";
 
 	echo "<tr>\n";
-	echo ' <td>' . i18n('Teacher Name') . "</td><td><input type=\"text\" name=\"teachername[$x]\" value=\"" . get_value_property_or_default($studentinfo, 'teachername') . "\" /></td>\n";
-	echo ' <td>' . i18n('Teacher Email') . "</td><td><input type=\"email\" name=\"teacheremail[$x]\" value=\"" . get_value_property_or_default($studentinfo, 'teacheremail') . "\" /></td>\n";
+	echo ' <td>' . i18n('Teacher Name') . "</td><td><input type=\"text\" name=\"teachername[$x]\" value=\"" . get_value_property_or_default($studentinfo, 'teachername') . "\" />". REQUIREDFIELD ."</td>\n";
+	echo ' <td>' . i18n('Teacher Email') . "</td><td><input type=\"email\" name=\"teacheremail[$x]\" value=\"" . get_value_property_or_default($studentinfo, 'teacheremail') . "\" />". REQUIREDFIELD ."</td>\n";
 	echo "</tr>\n";
 
 	if ($config['participant_regfee_items_enable'] == 'yes') {
diff --git a/theme/science_ation/style.css b/theme/science_ation/style.css
index 0280d28a..8e16254c 100644
--- a/theme/science_ation/style.css
+++ b/theme/science_ation/style.css
@@ -195,6 +195,7 @@ a:hover {
 	padding: 0px;
 	margin-left: 30px;
 	margin-right: 30px;
+	width: fit-content;
 
 }