From afdc22a2b2a00771d39ce25afda21438050cf68f Mon Sep 17 00:00:00 2001 From: james Date: Thu, 13 Jan 2005 18:50:07 +0000 Subject: [PATCH] Don't allow any changes to any forms once the forms have been received by the fair Also, update the CSS to make teh h1-h4's smaller and reduce the margin-bottom size for them --- register_participants.inc.php | 12 ++ register_participants_emergencycontact.php | 47 ++++--- register_participants_main.php | 27 +++- register_participants_mentor.php | 94 +++++++------ register_participants_project.php | 37 +++-- register_participants_safety.php | 30 ++-- register_participants_students.php | 155 +++++++++++---------- sfiab.css | 11 +- 8 files changed, 250 insertions(+), 163 deletions(-) diff --git a/register_participants.inc.php b/register_participants.inc.php index 6e64918f..60b982c4 100644 --- a/register_participants.inc.php +++ b/register_participants.inc.php @@ -1,4 +1,16 @@ status=="complete" || $r->status=="paymentpending") + return true; + else + return false; + +} function studentStatus($reg_id="") { diff --git a/register_participants_emergencycontact.php b/register_participants_emergencycontact.php index f89c48ff..f98817ae 100644 --- a/register_participants_emergencycontact.php +++ b/register_participants_emergencycontact.php @@ -48,28 +48,35 @@ echo mysql_error(); if($_POST['action']=="save") { - //first, lets make sure this emergency contact really does belong to them - foreach($_POST['ids'] AS $id) + if(registrationFormsReceived()) { - $q=mysql_query("SELECT * FROM emergencycontact WHERE id='$id' AND registrations_id='".$_SESSION['registration_id']."' AND year='".$config['FAIRYEAR']."'"); - if(mysql_num_rows($q)==1) + echo error(i18n("Cannot make changes to forms once they have been received by the fair")); + } + else + { + //first, lets make sure this emergency contact really does belong to them + foreach($_POST['ids'] AS $id) { - mysql_query("UPDATE emergencycontact SET ". - "firstname='".mysql_escape_string(stripslashes($_POST['firstname'][$id]))."', ". - "lastname='".mysql_escape_string(stripslashes($_POST['lastname'][$id]))."', ". - "relation='".mysql_escape_string(stripslashes($_POST['relation'][$id]))."', ". - "phone1='".mysql_escape_string(stripslashes($_POST['phone1'][$id]))."', ". - "phone2='".mysql_escape_string(stripslashes($_POST['phone2'][$id]))."', ". - "phone3='".mysql_escape_string(stripslashes($_POST['phone3'][$id]))."', ". - "phone4='".mysql_escape_string(stripslashes($_POST['phone4'][$id]))."', ". - "email='".mysql_escape_string(stripslashes($_POST['email'][$id]))."' ". - "WHERE id='$id'"); - echo mysql_error(); - echo notice(i18n("Emergency contact information successfully updated")); - } - else - { - echo error(i18n("Invalid emergency contact to update (%1)"),array($id)); + $q=mysql_query("SELECT * FROM emergencycontact WHERE id='$id' AND registrations_id='".$_SESSION['registration_id']."' AND year='".$config['FAIRYEAR']."'"); + if(mysql_num_rows($q)==1) + { + mysql_query("UPDATE emergencycontact SET ". + "firstname='".mysql_escape_string(stripslashes($_POST['firstname'][$id]))."', ". + "lastname='".mysql_escape_string(stripslashes($_POST['lastname'][$id]))."', ". + "relation='".mysql_escape_string(stripslashes($_POST['relation'][$id]))."', ". + "phone1='".mysql_escape_string(stripslashes($_POST['phone1'][$id]))."', ". + "phone2='".mysql_escape_string(stripslashes($_POST['phone2'][$id]))."', ". + "phone3='".mysql_escape_string(stripslashes($_POST['phone3'][$id]))."', ". + "phone4='".mysql_escape_string(stripslashes($_POST['phone4'][$id]))."', ". + "email='".mysql_escape_string(stripslashes($_POST['email'][$id]))."' ". + "WHERE id='$id'"); + echo mysql_error(); + echo notice(i18n("Emergency contact information successfully updated")); + } + else + { + echo error(i18n("Invalid emergency contact to update (%1)"),array($id)); + } } } } diff --git a/register_participants_main.php b/register_participants_main.php index c0ae7e48..93b2290b 100644 --- a/register_participants_main.php +++ b/register_participants_main.php @@ -14,7 +14,7 @@ exit; } - $q=mysql_query("SELECT registrations.id AS regid, students.id AS studentid, students.firstname FROM registrations,students ". + $q=mysql_query("SELECT registrations.status AS status, registrations.id AS regid, students.id AS studentid, students.firstname FROM registrations,students ". "WHERE students.email='".$_SESSION['email']."' ". "AND registrations.num='".$_SESSION['registration_number']."' ". "AND registrations.id='".$_SESSION['registration_id']."' ". @@ -39,7 +39,25 @@ echo mysql_error(); echo "
"; } echo "
"; - echo i18n("Please use the checklist below to complete your registration. Click on an item in the table to edit that information. When you have entered all information, the Status field will change to Complete"); + + if(registrationFormsReceived()) + { + if($r->status=="complete") + { + echo i18n("Congratulations, You are successfully registered for the %1",array($config['fairname'])); + + } + else if($r->status=="paymentpending") + { + echo i18n("We have received your forms but are missing your registration fee. You are NOT registered for the fair until your registration fee has been received"); + + } + + } + else + { + echo i18n("Please use the checklist below to complete your registration. Click on an item in the table to edit that information. When you have entered all information, the Status field will change to Complete"); + } echo "
"; echo "
"; @@ -119,6 +137,11 @@ echo ""; //received information echo "".i18n("Signature Page Received").""; +if(registrationFormsReceived()) + echo outputStatus("complete"); +else + echo outputStatus("incomplete"); + //check to see if its complete echo ""; diff --git a/register_participants_mentor.php b/register_participants_mentor.php index cf0dc847..0316852c 100644 --- a/register_participants_mentor.php +++ b/register_participants_mentor.php @@ -40,63 +40,77 @@ echo mysql_error(); if($_POST['action']=="save") { - $x=1; - while($_POST["num"][$x]) + if(registrationFormsReceived()) { - if($_POST['id'][$x]==0) + echo error(i18n("Cannot make changes to forms once they have been received by the fair")); + } + else + { + $x=1; + while($_POST["num"][$x]) { - //only insert if we have a name - if($_POST['firstname'][$x] && $_POST['lastname'][$x]) + if($_POST['id'][$x]==0) { - //INSERT new record - mysql_query("INSERT INTO mentors (registrations_id,firstname,lastname,email,phone,organization,position,description,year) VALUES (". - "'".$_SESSION['registration_id']."', ". - "'".mysql_escape_string(stripslashes($_POST['firstname'][$x]))."', ". - "'".mysql_escape_string(stripslashes($_POST['lastname'][$x]))."', ". - "'".mysql_escape_string(stripslashes($_POST['email'][$x]))."', ". - "'".mysql_escape_string(stripslashes($_POST['phone'][$x]))."', ". - "'".mysql_escape_string(stripslashes($_POST['organization'][$x]))."', ". - "'".mysql_escape_string(stripslashes($_POST['position'][$x]))."', ". - "'".mysql_escape_string(stripslashes($_POST['description'][$x]))."', ". - "'".$config['FAIRYEAR']."')"); - echo mysql_error(); + //only insert if we have a name + if($_POST['firstname'][$x] && $_POST['lastname'][$x]) + { + //INSERT new record + mysql_query("INSERT INTO mentors (registrations_id,firstname,lastname,email,phone,organization,position,description,year) VALUES (". + "'".$_SESSION['registration_id']."', ". + "'".mysql_escape_string(stripslashes($_POST['firstname'][$x]))."', ". + "'".mysql_escape_string(stripslashes($_POST['lastname'][$x]))."', ". + "'".mysql_escape_string(stripslashes($_POST['email'][$x]))."', ". + "'".mysql_escape_string(stripslashes($_POST['phone'][$x]))."', ". + "'".mysql_escape_string(stripslashes($_POST['organization'][$x]))."', ". + "'".mysql_escape_string(stripslashes($_POST['position'][$x]))."', ". + "'".mysql_escape_string(stripslashes($_POST['description'][$x]))."', ". + "'".$config['FAIRYEAR']."')"); + echo mysql_error(); + + echo notice(i18n("%1 %2 successfully added",array($_POST['firstname'][$x],$_POST['lastname'][$x]))); + } - echo notice(i18n("%1 %2 successfully added",array($_POST['firstname'][$x],$_POST['lastname'][$x]))); } + else + { + //UPDATE existing record + mysql_query("UPDATE mentors SET ". + "firstname='".mysql_escape_string(stripslashes($_POST['firstname'][$x]))."', ". + "lastname='".mysql_escape_string(stripslashes($_POST['lastname'][$x]))."', ". + "email='".mysql_escape_string(stripslashes($_POST['email'][$x]))."', ". + "phone='".mysql_escape_string(stripslashes($_POST['phone'][$x]))."', ". + "organization='".mysql_escape_string(stripslashes($_POST['organization'][$x]))."', ". + "position='".mysql_escape_string(stripslashes($_POST['position'][$x]))."', ". + "description='".mysql_escape_string(stripslashes($_POST['description'][$x]))."' ". + "WHERE id='".$_POST['id'][$x]."'"); + echo notice(i18n("%1 %2 successfully updated",array($_POST['firstname'][$x],$_POST['lastname'][$x]))); + } + $x++; } - else - { - //UPDATE existing record - mysql_query("UPDATE mentors SET ". - "firstname='".mysql_escape_string(stripslashes($_POST['firstname'][$x]))."', ". - "lastname='".mysql_escape_string(stripslashes($_POST['lastname'][$x]))."', ". - "email='".mysql_escape_string(stripslashes($_POST['email'][$x]))."', ". - "phone='".mysql_escape_string(stripslashes($_POST['phone'][$x]))."', ". - "organization='".mysql_escape_string(stripslashes($_POST['organization'][$x]))."', ". - "position='".mysql_escape_string(stripslashes($_POST['position'][$x]))."', ". - "description='".mysql_escape_string(stripslashes($_POST['description'][$x]))."' ". - "WHERE id='".$_POST['id'][$x]."'"); - echo notice(i18n("%1 %2 successfully updated",array($_POST['firstname'][$x],$_POST['lastname'][$x]))); - - } - $x++; } } if($_GET['action']=="removementor") { - //first make sure this is one belonging to this registration id - $q=mysql_query("SELECT id FROM mentors WHERE id='".$_GET['removementor']."' AND registrations_id='".$_SESSION['registration_id']."'"); - if(mysql_num_rows($q)==1) + if(registrationFormsReceived()) { - mysql_query("DELETE FROM mentors WHERE id='".$_GET['removementor']."' AND registrations_id='".$_SESSION['registration_id']."'"); - echo notice(i18n("Mentor successfully removed")); + echo error(i18n("Cannot make changes to forms once they have been received by the fair")); } else { - echo error(i18n("Invalid mentor to remove")); + //first make sure this is one belonging to this registration id + $q=mysql_query("SELECT id FROM mentors WHERE id='".$_GET['removementor']."' AND registrations_id='".$_SESSION['registration_id']."'"); + if(mysql_num_rows($q)==1) + { + mysql_query("DELETE FROM mentors WHERE id='".$_GET['removementor']."' AND registrations_id='".$_SESSION['registration_id']."'"); + echo notice(i18n("Mentor successfully removed")); + } + else + { + echo error(i18n("Invalid mentor to remove")); + } } } diff --git a/register_participants_project.php b/register_participants_project.php index 5a6f9d4c..d99f2827 100644 --- a/register_participants_project.php +++ b/register_participants_project.php @@ -48,25 +48,32 @@ echo mysql_error(); if($_POST['action']=="save") { - //first, lets make sure this project really does belong to them - $q=mysql_query("SELECT * FROM projects WHERE id='".$_POST['id']."' AND registrations_id='".$_SESSION['registration_id']."' AND year='".$config['FAIRYEAR']."'"); - if(mysql_num_rows($q)==1) + if(registrationFormsReceived()) { - mysql_query("UPDATE projects SET ". - "title='".mysql_escape_string(stripslashes($_POST['title']))."', ". - "projectdivisions_id='".$_POST['projectdivisions_id']."', ". - "language='".mysql_escape_string(stripslashes($_POST['language']))."', ". - "req_table='".mysql_escape_string(stripslashes($_POST['req_table']))."', ". - "req_electricity='".mysql_escape_string(stripslashes($_POST['req_electricity']))."', ". - "req_special='".mysql_escape_string(stripslashes($_POST['req_special']))."', ". - "summary='".mysql_escape_string(stripslashes($_POST['summary']))."' ". - "WHERE id='".$_POST['id']."'"); - echo mysql_error(); - echo notice(i18n("Project information successfully updated")); + echo error(i18n("Cannot make changes to forms once they have been received by the fair")); } else { - echo error(i18n("Invalid project to update")); + //first, lets make sure this project really does belong to them + $q=mysql_query("SELECT * FROM projects WHERE id='".$_POST['id']."' AND registrations_id='".$_SESSION['registration_id']."' AND year='".$config['FAIRYEAR']."'"); + if(mysql_num_rows($q)==1) + { + mysql_query("UPDATE projects SET ". + "title='".mysql_escape_string(stripslashes($_POST['title']))."', ". + "projectdivisions_id='".$_POST['projectdivisions_id']."', ". + "language='".mysql_escape_string(stripslashes($_POST['language']))."', ". + "req_table='".mysql_escape_string(stripslashes($_POST['req_table']))."', ". + "req_electricity='".mysql_escape_string(stripslashes($_POST['req_electricity']))."', ". + "req_special='".mysql_escape_string(stripslashes($_POST['req_special']))."', ". + "summary='".mysql_escape_string(stripslashes($_POST['summary']))."' ". + "WHERE id='".$_POST['id']."'"); + echo mysql_error(); + echo notice(i18n("Project information successfully updated")); + } + else + { + echo error(i18n("Invalid project to update")); + } } } diff --git a/register_participants_safety.php b/register_participants_safety.php index 8595e870..801cf4f4 100644 --- a/register_participants_safety.php +++ b/register_participants_safety.php @@ -39,22 +39,30 @@ echo mysql_error(); if($_POST['action']=="save") { - //first we will delete all their old answer, its easier to delete and re-insert in this case then it would be to find the corresponding answers and update them - mysql_query("DELETE FROM safety WHERE registrations_id='".$_SESSION['registration_id']."' AND year='".$config['FAIRYEAR']."'"); - $safetyids=array_keys($_POST['safety']); - foreach($safetyids AS $key=>$val) + if(registrationFormsReceived()) { - mysql_query("INSERT INTO safety (registrations_id,safetyquestions_id,year,answer) VALUES (". - "'".$_SESSION['registration_id']."', ". - "'$val', ". - "'".$config['FAIRYEAR']."', ". - "'".mysql_escape_string(stripslashes($_POST['safety'][$val]))."')"); - echo mysql_error(); - + echo error(i18n("Cannot make changes to forms once they have been received by the fair")); } + else + { + //first we will delete all their old answer, its easier to delete and re-insert in this case then it would be to find the corresponding answers and update them + mysql_query("DELETE FROM safety WHERE registrations_id='".$_SESSION['registration_id']."' AND year='".$config['FAIRYEAR']."'"); + $safetyids=array_keys($_POST['safety']); + foreach($safetyids AS $key=>$val) + { + mysql_query("INSERT INTO safety (registrations_id,safetyquestions_id,year,answer) VALUES (". + "'".$_SESSION['registration_id']."', ". + "'$val', ". + "'".$config['FAIRYEAR']."', ". + "'".mysql_escape_string(stripslashes($_POST['safety'][$val]))."')"); + echo mysql_error(); + + } + } } + //output the current status $newstatus=safetyStatus(); if($newstatus!="complete") diff --git a/register_participants_students.php b/register_participants_students.php index 5b52dac9..775566d8 100644 --- a/register_participants_students.php +++ b/register_participants_students.php @@ -40,88 +40,101 @@ echo mysql_error(); if($_POST['action']=="save") { - $x=1; - while($_POST["num"][$x]) + if(registrationFormsReceived()) { - if($_POST['id'][$x]==0) - { - //INSERT new record - $dob=$_POST['year'][$x]."-".$_POST['month'][$x]."-".$_POST['day'][$x]; - mysql_query("INSERT INTO students (registrations_id,firstname,lastname,sex,email,address,city,province,postalcode,phone,dateofbirth,grade,schools_id,tshirt,medicalalert,foodreq,teachername,teacheremail,year) VALUES (". - "'".$_SESSION['registration_id']."', ". - "'".mysql_escape_string(stripslashes($_POST['firstname'][$x]))."', ". - "'".mysql_escape_string(stripslashes($_POST['lastname'][$x]))."', ". - "'".mysql_escape_string(stripslashes($_POST['sex'][$x]))."', ". - "'".mysql_escape_string(stripslashes($_POST['email'][$x]))."', ". - "'".mysql_escape_string(stripslashes($_POST['address'][$x]))."', ". - "'".mysql_escape_string(stripslashes($_POST['city'][$x]))."', ". - "'".mysql_escape_string(stripslashes($_POST['province'][$x]))."', ". - "'".mysql_escape_string(stripslashes($_POST['postalcode'][$x]))."', ". - "'".mysql_escape_string(stripslashes($_POST['phone'][$x]))."', ". - "'$dob', ". - "'".mysql_escape_string(stripslashes($_POST['grade'][$x]))."', ". - "'".mysql_escape_string(stripslashes($_POST['schools_id'][$x]))."', ". - "'".mysql_escape_string(stripslashes($_POST['tshirt'][$x]))."', ". - "'".mysql_escape_string(stripslashes($_POST['medicalalert'][$x]))."', ". - "'".mysql_escape_string(stripslashes($_POST['foodreq'][$x]))."', ". - "'".mysql_escape_string(stripslashes($_POST['teachername'][$x]))."', ". - "'".mysql_escape_string(stripslashes($_POST['teacheremail'][$x]))."', ". - "'".$config['FAIRYEAR']."')"); - - echo notice(i18n("%1 %2 successfully added",array($_POST['firstname'][$x],$_POST['lastname'][$x]))); - - } - else - { - //UPDATE existing record - $dob=$_POST['year'][$x]."-".$_POST['month'][$x]."-".$_POST['day'][$x]; - mysql_query("UPDATE students SET ". - "firstname='".mysql_escape_string(stripslashes($_POST['firstname'][$x]))."', ". - "lastname='".mysql_escape_string(stripslashes($_POST['lastname'][$x]))."', ". - "sex='".mysql_escape_string(stripslashes($_POST['sex'][$x]))."', ". - "email='".mysql_escape_string(stripslashes($_POST['email'][$x]))."', ". - "address='".mysql_escape_string(stripslashes($_POST['address'][$x]))."', ". - "city='".mysql_escape_string(stripslashes($_POST['city'][$x]))."', ". - "province='".mysql_escape_string(stripslashes($_POST['province'][$x]))."', ". - "postalcode='".mysql_escape_string(stripslashes($_POST['postalcode'][$x]))."', ". - "phone='".mysql_escape_string(stripslashes($_POST['phone'][$x]))."', ". - "dateofbirth='$dob', ". - "grade='".mysql_escape_string(stripslashes($_POST['grade'][$x]))."', ". - "schools_id='".mysql_escape_string(stripslashes($_POST['schools_id'][$x]))."', ". - "medicalalert='".mysql_escape_string(stripslashes($_POST['medicalalert'][$x]))."', ". - "foodreq='".mysql_escape_string(stripslashes($_POST['foodreq'][$x]))."', ". - "teachername='".mysql_escape_string(stripslashes($_POST['teachername'][$x]))."', ". - "teacheremail='".mysql_escape_string(stripslashes($_POST['teacheremail'][$x]))."', ". - "tshirt='".mysql_escape_string(stripslashes($_POST['tshirt'][$x]))."' ". - "WHERE id='".$_POST['id'][$x]."'"); - echo notice(i18n("%1 %2 successfully updated",array($_POST['firstname'][$x],$_POST['lastname'][$x]))); - - } - $x++; + echo error(i18n("Cannot make changes to forms once they have been received by the fair")); } + else + { + $x=1; + while($_POST["num"][$x]) + { + if($_POST['id'][$x]==0) + { + //INSERT new record + $dob=$_POST['year'][$x]."-".$_POST['month'][$x]."-".$_POST['day'][$x]; + mysql_query("INSERT INTO students (registrations_id,firstname,lastname,sex,email,address,city,province,postalcode,phone,dateofbirth,grade,schools_id,tshirt,medicalalert,foodreq,teachername,teacheremail,year) VALUES (". + "'".$_SESSION['registration_id']."', ". + "'".mysql_escape_string(stripslashes($_POST['firstname'][$x]))."', ". + "'".mysql_escape_string(stripslashes($_POST['lastname'][$x]))."', ". + "'".mysql_escape_string(stripslashes($_POST['sex'][$x]))."', ". + "'".mysql_escape_string(stripslashes($_POST['email'][$x]))."', ". + "'".mysql_escape_string(stripslashes($_POST['address'][$x]))."', ". + "'".mysql_escape_string(stripslashes($_POST['city'][$x]))."', ". + "'".mysql_escape_string(stripslashes($_POST['province'][$x]))."', ". + "'".mysql_escape_string(stripslashes($_POST['postalcode'][$x]))."', ". + "'".mysql_escape_string(stripslashes($_POST['phone'][$x]))."', ". + "'$dob', ". + "'".mysql_escape_string(stripslashes($_POST['grade'][$x]))."', ". + "'".mysql_escape_string(stripslashes($_POST['schools_id'][$x]))."', ". + "'".mysql_escape_string(stripslashes($_POST['tshirt'][$x]))."', ". + "'".mysql_escape_string(stripslashes($_POST['medicalalert'][$x]))."', ". + "'".mysql_escape_string(stripslashes($_POST['foodreq'][$x]))."', ". + "'".mysql_escape_string(stripslashes($_POST['teachername'][$x]))."', ". + "'".mysql_escape_string(stripslashes($_POST['teacheremail'][$x]))."', ". + "'".$config['FAIRYEAR']."')"); + echo notice(i18n("%1 %2 successfully added",array($_POST['firstname'][$x],$_POST['lastname'][$x]))); + + } + else + { + //UPDATE existing record + $dob=$_POST['year'][$x]."-".$_POST['month'][$x]."-".$_POST['day'][$x]; + mysql_query("UPDATE students SET ". + "firstname='".mysql_escape_string(stripslashes($_POST['firstname'][$x]))."', ". + "lastname='".mysql_escape_string(stripslashes($_POST['lastname'][$x]))."', ". + "sex='".mysql_escape_string(stripslashes($_POST['sex'][$x]))."', ". + "email='".mysql_escape_string(stripslashes($_POST['email'][$x]))."', ". + "address='".mysql_escape_string(stripslashes($_POST['address'][$x]))."', ". + "city='".mysql_escape_string(stripslashes($_POST['city'][$x]))."', ". + "province='".mysql_escape_string(stripslashes($_POST['province'][$x]))."', ". + "postalcode='".mysql_escape_string(stripslashes($_POST['postalcode'][$x]))."', ". + "phone='".mysql_escape_string(stripslashes($_POST['phone'][$x]))."', ". + "dateofbirth='$dob', ". + "grade='".mysql_escape_string(stripslashes($_POST['grade'][$x]))."', ". + "schools_id='".mysql_escape_string(stripslashes($_POST['schools_id'][$x]))."', ". + "medicalalert='".mysql_escape_string(stripslashes($_POST['medicalalert'][$x]))."', ". + "foodreq='".mysql_escape_string(stripslashes($_POST['foodreq'][$x]))."', ". + "teachername='".mysql_escape_string(stripslashes($_POST['teachername'][$x]))."', ". + "teacheremail='".mysql_escape_string(stripslashes($_POST['teacheremail'][$x]))."', ". + "tshirt='".mysql_escape_string(stripslashes($_POST['tshirt'][$x]))."' ". + "WHERE id='".$_POST['id'][$x]."'"); + echo notice(i18n("%1 %2 successfully updated",array($_POST['firstname'][$x],$_POST['lastname'][$x]))); + + } + $x++; + } + } } if($_GET['action']=="removestudent") { - //first make sure this is one belonging to this registration id - $q=mysql_query("SELECT id FROM students WHERE id='".$_GET['removestudent']."' AND registrations_id='".$_SESSION['registration_id']."'"); - if(mysql_num_rows($q)==1) + if(registrationFormsReceived()) { - mysql_query("DELETE FROM students WHERE id='".$_GET['removestudent']."' AND registrations_id='".$_SESSION['registration_id']."'"); - - //now see if they have an emergency contact that also needs to be removed - - $q=mysql_query("SELECT id FROM emergencycontact WHERE students_id='".$_GET['removestudent']."' AND registrations_id='".$_SESSION['registration_id']."' AND year='".$config['FAIRYEAR']."'"); - //no need to error message if this doesnt exist - if(mysql_num_rows($q)==1) - mysql_query("DELETE FROM emergencycontact WHERE students_id='".$_GET['removestudent']."' AND registrations_id='".$_SESSION['registration_id']."' AND year='".$config['FAIRYEAR']."'"); - - echo notice(i18n("Student successfully removed")); + echo error(i18n("Cannot make changes to forms once they have been received by the fair")); } else { - echo error(i18n("Invalid student to remove")); + //first make sure this is one belonging to this registration id + $q=mysql_query("SELECT id FROM students WHERE id='".$_GET['removestudent']."' AND registrations_id='".$_SESSION['registration_id']."'"); + if(mysql_num_rows($q)==1) + { + mysql_query("DELETE FROM students WHERE id='".$_GET['removestudent']."' AND registrations_id='".$_SESSION['registration_id']."'"); + + //now see if they have an emergency contact that also needs to be removed + + $q=mysql_query("SELECT id FROM emergencycontact WHERE students_id='".$_GET['removestudent']."' AND registrations_id='".$_SESSION['registration_id']."' AND year='".$config['FAIRYEAR']."'"); + //no need to error message if this doesnt exist + if(mysql_num_rows($q)==1) + mysql_query("DELETE FROM emergencycontact WHERE students_id='".$_GET['removestudent']."' AND registrations_id='".$_SESSION['registration_id']."' AND year='".$config['FAIRYEAR']."'"); + + echo notice(i18n("Student successfully removed")); + } + else + { + echo error(i18n("Invalid student to remove")); + } } } diff --git a/sfiab.css b/sfiab.css index 10deaf77..d215f8c6 100644 --- a/sfiab.css +++ b/sfiab.css @@ -72,24 +72,27 @@ td { } h1 { - font-size: 2.2em; + font-size: 2.1em; font-weight: bold; margin-top: 0; } h2 { - font-size: 1.8em; + font-size: 1.6em; font-weight: bold; margin-top: 0; + margin-bottom: .3em; } h3 { - font-size: 1.5em; + font-size: 1.4em; font-weight: bold; margin-top: 0; + margin-bottom: .2em; } h4 { - font-size: 1.3em; + font-size: 1.2em; font-weight: bold; margin-top: 0; + margin-bottom: .1em; } ul.mainnav {