- conversion of judges to new user system. Mostly works.

This commit is contained in:
dave 2008-10-17 19:34:11 +00:00
parent 18f6d002a7
commit b021805246
18 changed files with 1399 additions and 353 deletions

View File

@ -189,9 +189,9 @@ if($_GET['deletecommittee'])
if($_POST['action']=="remove") if($_POST['action']=="remove")
{ {
/* user_delete takes care of unlinking the user in other tables */
user_delete($uid, 'committee'); user_delete($uid, 'committee');
mysql_query("DELETE FROM committees_link WHERE users_id='$uid'"); echo happy(i18n("Committee member deleted"));
echo happy(i18n("Committee member removed"));
} }
if($_GET['unlinkmember'] && $_GET['unlinkcommittee']) if($_GET['unlinkmember'] && $_GET['unlinkcommittee'])

View File

@ -31,18 +31,6 @@
send_header("Committee Main", array()); send_header("Committee Main", array());
switch($_GET['notice']) {
case 'password_changed':
echo happy(i18n('Your password has been successfully updated'));
break;
case 'already_logged_in':
echo error(i18n('You are already logged in, please use the [Logout] link in the upper right to logout'));
break;
case 'no_auth':
echo error(i18n('You do not have permission to view that page'));
break;
}
//only display the named greeting if we have their name //only display the named greeting if we have their name
echo i18n("Hello <b>%1</b>",array($_SESSION['name'])); echo i18n("Hello <b>%1</b>",array($_SESSION['name']));
echo "<br />"; echo "<br />";
@ -61,6 +49,7 @@
echo " <tr>\n"; echo " <tr>\n";
echo " <td><a href=\"user_personal.php\">".theme_icon("edit_profile")."<br />".i18n("Edit My Profile")."</a></td>"; echo " <td><a href=\"user_personal.php\">".theme_icon("edit_profile")."<br />".i18n("Edit My Profile")."</a></td>";
echo " <td><a href=\"user_password.php\">".theme_icon("change_password")."<br />".i18n("Change My Password")."</a></td>"; echo " <td><a href=\"user_password.php\">".theme_icon("change_password")."<br />".i18n("Change My Password")."</a></td>";
echo " <td><a href=\"user_activate.php\">".theme_icon("")."<br />".i18n("Manage My Roles")."</a></td>";
echo " </tr>\n"; echo " </tr>\n";
echo "</table>\n"; echo "</table>\n";

View File

@ -244,10 +244,6 @@ if($_GET['switchlanguage'])
} }
} }
if(!is_array($_SESSION['messages'])) {
$_SESSION['messages'] = array();
}
function i18n($str,$args=array(),$argsdesc=array(),$forcelang="") function i18n($str,$args=array(),$argsdesc=array(),$forcelang="")
{ {
if(!$str) if(!$str)
@ -453,11 +449,7 @@ if(isset($_SESSION['users_type'])) {
} else if(isset($_SESSION['email'])) { } else if(isset($_SESSION['email'])) {
/* Backwards compatible login settings */ /* Backwards compatible login settings */
if(isset($_SESSION['judges_id'])) { if(isset($_SESSION['registration_id'])) {
echo i18n('Judge');
echo " {$_SESSION['email']}: ";
echo "<a href=\"{$config['SFIABDIRECTORY']}/register_judges.php?action=logout\">[".i18n("Logout")."]</a>";
} else if(isset($_SESSION['registration_id'])) {
echo i18n('Participant'); echo i18n('Participant');
echo " {$_SESSION['email']}: "; echo " {$_SESSION['email']}: ";
echo "<a href=\"{$config['SFIABDIRECTORY']}/register_participants.php?action=logout\">[".i18n("Logout")."]</a>"; echo "<a href=\"{$config['SFIABDIRECTORY']}/register_participants.php?action=logout\">[".i18n("Logout")."]</a>";
@ -498,7 +490,7 @@ echo "</div>";
echo "<li><a href=\"{$config['SFIABDIRECTORY']}/important_dates.php\">".i18n("Important Dates").'</a></li>'; echo "<li><a href=\"{$config['SFIABDIRECTORY']}/important_dates.php\">".i18n("Important Dates").'</a></li>';
echo "<li><a href=\"{$config['SFIABDIRECTORY']}/register_participants.php\">".i18n("Participant Registration").'</a></li>'; echo "<li><a href=\"{$config['SFIABDIRECTORY']}/register_participants.php\">".i18n("Participant Registration").'</a></li>';
echo $registrationconfirmationlink; echo $registrationconfirmationlink;
echo "<li><a href=\"{$config['SFIABDIRECTORY']}/register_judges.php\">".i18n("Judges Registration").'</a></li>'; echo "<li><a href=\"{$config['SFIABDIRECTORY']}/user_login.php?type=judge\">".i18n("Judges Registration").'</a></li>';
if($config['volunteer_enable'] == 'yes') { if($config['volunteer_enable'] == 'yes') {
echo "<li><a href=\"{$config['SFIABDIRECTORY']}/user_login.php?type=volunteer\">".i18n("Volunteer Registration").'</a></li>'; echo "<li><a href=\"{$config['SFIABDIRECTORY']}/user_login.php?type=volunteer\">".i18n("Volunteer Registration").'</a></li>';
} }
@ -613,6 +605,12 @@ if($icon && theme_icon($icon)) {
else else
echo "<td>"; echo "<td>";
/* Dump any messages in the queue */
if(is_array($_SESSION['messages'])) {
foreach($_SESSION['messages'] as $m) echo $m;
}
$_SESSION['messages'] = array();
if($title) if($title)
echo "<h2>".i18n($title)."</h2>"; echo "<h2>".i18n($title)."</h2>";
@ -1135,4 +1133,11 @@ function format_datetime($dt) {
return format_date($d)." ".i18n("at")." ".format_time($t); return format_date($d)." ".i18n("at")." ".format_time($t);
} }
} }
function message_push($m)
{
if(!is_array($_SESSION['messages'])) $_SESSION['messages'] = array();
$_SESSION['messages'][] = $m;
}
?> ?>

203
db/db.update.116.php Normal file
View File

@ -0,0 +1,203 @@
<?
function db_update_116_post()
{
global $config;
/* Fix the users that have a 0 year */
$q = mysql_query("UPDATE `users` SET year={$config['FAIRYEAR']} WHERE year=0");
echo mysql_error();
/* Create volunteer database entries for any that don't exist */
$q = mysql_query("SELECT * FROM users WHERE types LIKE '%volunteer%'");
while($i = mysql_fetch_object($q)) {
mysql_query("INSERT INTO users_volunteer(`users_id`,`volunteer_active`,`volunteer_complete`)
VALUES ('{$i->id}','yes','{$i->complete}')");
}
/* Update any remaining volunteer entries */
$q = mysql_query("SELECT * FROM users WHERE types LIKE '%volunteer%'");
while($i = mysql_fetch_object($q)) {
mysql_query("UPDATE users_volunteer
SET volunteer_complete='{$i->complete}'
WHERE users_id='{$i->id}'");
echo mysql_error();
}
/* Every committee member role should be activated */
$q = mysql_query("SELECT * FROM users WHERE types LIKE '%committee%'");
while($i = mysql_fetch_object($q)) {
mysql_query("UPDATE users_committee
SET committee_active='yes'
WHERE users_id='{$i->id}'");
echo mysql_error();
}
/* Convert Judges */
$map = array();
$jtl = array();
$jsal = array();
/* Select all judges, duplicate rows for each year */
$jq = mysql_query("SELECT * FROM judges
LEFT JOIN judges_years ON judges_years.judges_id=judges.id
ORDER BY year");
while($j = mysql_fetch_object($jq)) {
if(!is_array($map[$j->id])) {
$map[$j->id] = array('uid' => '');
}
$u = array( 'id' => '',
'uid' => $map[$j->id]['uid'],
'types' => 'judge',
'firstname' => mysql_escape_string($j->firstname),
'lastname' => mysql_escape_string($j->lastname),
'username' => mysql_escape_string($j->email),
'email' => mysql_escape_string($j->email),
'sex' => '',
'password' => mysql_escape_string($j->password),
'passwordset' => $j->lastlogin,
'oldpassword' => '',
'year' => $j->year,
'phonehome' => mysql_escape_string($j->phonehome),
'phonework' => mysql_escape_string($j->phonework.(($j->phoneworkext=='') ? '' : " x{$j->phoneworkext}")),
'phonecell' => mysql_escape_string($j->phonecell),
'fax' => '',
'organization' => mysql_escape_string($j->organization),
'lang' => '', /* FIXME, or unused for judges?, this is preferred communication language, not judging languages */
'created' => $j->created,
'lastlogin' => $j->lastlogin,
'address' => mysql_escape_string($j->address),
'address2' => mysql_escape_string($j->address2),
'city' => mysql_escape_string($j->city),
'province' => mysql_escape_string($j->province),
'postalcode' => mysql_escape_string($j->postalcode),
'firstaid' => 'no',
'cpr' => 'no',
'deleted' => $j->deleted,
'deleteddatetime' => $j->deleteddatetime );
/* Insert the judge */
$fields = '`'.join('`,`', array_keys($u)).'`';
$vals = "'".join("','", array_values($u))."'";
$q = mysql_query("INSERT INTO users ($fields) VALUES ($vals)");
$id = mysql_insert_id();
if($map[$j->id]['uid'] == '') {
$map[$j->id]['uid'] = $id;
$q = mysql_query("UPDATE users SET `uid`='$id' WHERE id='$id'");
}
$uj = array( 'users_id' => "$id",
'judge_active' => 'yes',
'highest_psd' => mysql_escape_string($j->highest_psd),
'special_award_only' => ($j->typepref == 'speconly') ? 'yes' : 'no',
'expertise_other' => mysql_escape_string((($j->professional_quals != '')?($j->professional_quals."\n"):'').
$j->expertise_other),
/* These need to get pulled from the questions */
'years_school' => $j->years_school,
'years_regional' => $j->years_regional,
'years_national' => $j->years_national,
'willing_chair' => $j->willing_chair,
'judge_complete' => $j->complete,
);
// $j->attending_lunch,
/* catprefs */
$q = mysql_query("SELECT * FROM judges_catpref WHERE judges_id='{$j->id}' AND year='{$j->year}'");
$catpref = array();
while($i = mysql_fetch_object($q)) {
$catpref[$i->projectcategories_id] = $i->rank;
}
$uj['cat_prefs'] = mysql_escape_string(serialize($catpref));
/* divprefs and subdivision prefs */
$q = mysql_query("SELECT * FROM judges_expertise WHERE judges_id='{$j->id}' AND year='{$j->year}'");
$divpref = array();
$divsubpref = array();
while($i = mysql_fetch_object($q)) {
if($i->projectdivisions_id)
$divpref[$i->projectdivisions_id] = $i->val;
else if ($i->projectsubdivisions_id)
$divsubpref[$i->projectsubdivisions_id] = $i->val;
}
$uj['div_prefs'] = mysql_escape_string(serialize($divpref));
$uj['divsub_prefs'] = mysql_escape_string(serialize($divsubpref));
/* languages */
$q = mysql_query("SELECT * FROM judges_languages WHERE judges_id='{$j->id}'");
$langs = array();
while($i = mysql_fetch_object($q)) {
$langs[] = $i->languages_lang;
}
$uj['languages'] = mysql_escape_string(serialize($langs));
/* Map judges questions back to the profile. We're going to keep questions we need for
* judge scheduling as hard-coded questions so users can't erase them.
* "Years School" "Years Regional" "Years National" "Willing Chair" */
$qmap = array('years_school' => 'Years School',
'years_regional' => 'Years Regional',
'years_national' => 'Years National',
'willing_chair' => 'Willing Chair');
foreach($qmap as $field=>$head) {
/* Find the question ID */
$q = mysql_query("SELECT id FROM questions WHERE year='{$j->year}' AND db_heading='{$head}'");
if(mysql_num_rows($q) == 0) {
echo "Warning: Question '$head' for judge {$j->id} doesn't exist in year '{$j->year}', cannot copy answer.\n";
continue;
}
$i = mysql_fetch_object($q);
/* Now find the answer */
$q = mysql_query("SELECT * FROM question_answers WHERE
year='{$j->year}' AND
registrations_id='{$j->id}' AND
questions_id='{$i->id}'");
echo mysql_error();
if(mysql_num_rows($q) == 0) {
echo "Warning: Judge {$j->id} did not answer question '$head' in year '{$j->year}', cannot copy answer.\n";
continue;
}
$i = mysql_fetch_assoc($q);
$uj[$field] = $i['answer'];
}
// print_r($uj);
$fields = '`'.join('`,`', array_keys($uj)).'`';
$vals = "'".join("','", array_values($uj))."'";
$q = mysql_query("INSERT INTO users_judge ($fields) VALUES ($vals)");
echo mysql_error();
/* FIXUP all the judging tables (bit don't write back yet, we don't want to
* accidentally create a duplicate judges_id and overwrite it later) */
/* judges_teams_link */
$q = mysql_query("SELECT * FROM judges_teams_link WHERE judges_id='{$j->id}' AND year='{$j->year}'");
while($i = mysql_fetch_object($q))
$jtl[$i->id] = $id;
/* judges_specialawards_sel */
$q = mysql_query("SELECT * FROM judges_specialaward_sel WHERE judges_id='{$j->id}' AND year='{$j->year}'");
echo mysql_error();
while($i = mysql_fetch_object($q))
$jsal[$i->id] = $id;
}
/* Now write back the judge ids */
foreach($jtl as $id=>$new_id)
$q = mysql_query("UPDATE judges_teams_link SET judges_id='$new_id' WHERE id='$id' ");
foreach($jsal as $id=>$new_id)
$q = mysql_query("UPDATE judges_specialaward_sel SET judges_id='$new_id' WHERE id='$id' ");
}
?>

25
db/db.update.116.sql Normal file
View File

@ -0,0 +1,25 @@
ALTER TABLE `users` ADD `uid` INT NOT NULL AFTER `id` ;
ALTER TABLE `users_committee` CHANGE `active` `committee_active` ENUM( 'no', 'yes' ) NOT NULL DEFAULT 'no';
ALTER TABLE `users_committee` ADD `committee_complete` ENUM( 'no', 'yes' ) NOT NULL DEFAULT 'no' AFTER `committee_active` ;
ALTER TABLE `users_fair` CHANGE `active` `fair_active` ENUM( 'no', 'yes' ) NOT NULL DEFAULT 'no';
ALTER TABLE `users_fair` ADD `fair_complete` ENUM( 'no', 'yes' ) NOT NULL DEFAULT 'no' AFTER `fair_active` ;
ALTER TABLE `users_judge` CHANGE `active` `judge_active` ENUM( 'no', 'yes' ) NOT NULL DEFAULT 'no';
ALTER TABLE `users_judge` ADD `judge_complete` ENUM( 'no', 'yes' ) NOT NULL DEFAULT 'no' AFTER `judge_active` ;
ALTER TABLE `users_judge` ADD `cat_prefs` TINYTEXT NOT NULL AFTER `special_award_only` ;
ALTER TABLE `users_judge` ADD `div_prefs` TINYTEXT NOT NULL AFTER `cat_prefs` ;
ALTER TABLE `users_judge` ADD `divsub_prefs` TINYTEXT NOT NULL AFTER `div_prefs` ;
ALTER TABLE `users_judge` ADD `languages` TINYTEXT NOT NULL AFTER `divsub_prefs` ;
ALTER TABLE `users_judge` ADD `highest_psd` TINYTEXT NOT NULL AFTER `languages` ;
ALTER TABLE `users_judge` ADD `expertise_other` TINYTEXT NOT NULL AFTER `highest_psd` ;
ALTER TABLE `users_volunteer` CHANGE `active` `volunteer_active` ENUM( 'no', 'yes' ) NOT NULL DEFAULT 'no';
ALTER TABLE `users_volunteer` ADD `volunteer_complete` ENUM( 'no', 'yes' ) NOT NULL DEFAULT 'no' AFTER `volunteer_active` ;
ALTER TABLE `users_volunteer` DROP `tmp`;
DROP TABLE users_years;

152
judge.inc.php Normal file
View File

@ -0,0 +1,152 @@
<?
/*
This file is part of the 'Science Fair In A Box' project
SFIAB Website: http://www.sfiab.ca
Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
Copyright (C) 2005 James Grant <james@lightbox.org>
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public
License as published by the Free Software Foundation, version 2.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; see the file COPYING. If not, write to
the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA.
*/
?>
<?
$preferencechoices=array(
-2=>"Very Low",
-1=>"Low",
0=>"Indifferent",
1=>"Medium",
2=>"High"
);
function personalStatus()
{
global $config;
//and they also have to select at least one language to judge in
$q=mysql_query("SELECT COUNT(judges_id) AS num FROM judges_languages WHERE judges_id='".$_SESSION['judges_id']."'");
$r=mysql_fetch_object($q);
if($r->num==0)
return "incomplete";
//if it made it through without returning incomplete, then we must be complete
return "complete";
}
function judge_status_expertise($u)
{
global $config;
/* If the judging special awards are active, and the judge has
* selected "I am a special awards judge", then disable
* expertise checking */
if($config['judges_specialaward_only_enable'] == 'yes') {
if($u['special_award_only'] == 'yes')
return 'complete';
}
/* Check to see if they have ranked all project age categories, and all divisions */
$q=mysql_query("SELECT COUNT(id) AS num FROM projectcategories WHERE year='".$config['FAIRYEAR']."'");
$r=mysql_fetch_object($q);
$numcats=$r->num;
if($numcats != count($u['catprefs'])) {
return "incomplete";
}
$q=mysql_query("SELECT COUNT(id) AS num FROM projectdivisions WHERE year='".$config['FAIRYEAR']."'");
$r=mysql_fetch_object($q);
$numdivisions=$r->num;
if($numdivisions != count($u['divprefs'])) {
return "incomplete";
}
return "complete";
}
function judge_status_other($u)
{
global $config;
return 'complete';
}
function specialawardStatus()
{
global $config;
/* Complete if:
* - judge has selected (none) "no special award preferences"
* - judge has selected (pref) "i would like to specify awards", and has
* selected between min and max preferences
* - judge has selected "i am a special awards judge, and has
* selected an award */
$q = mysql_query("SELECT typepref FROM judges WHERE
id='{$_SESSION['judges_id']}'");
if(mysql_num_rows($q) != 1) return "incomplete";
$r = mysql_fetch_object($q);
$qq = mysql_query("SELECT COUNT(id) AS num FROM judges_specialaward_sel
WHERE judges_id='{$_SESSION['judges_id']}'
AND year={$config['FAIRYEAR']}");
$rr = mysql_fetch_object($qq);
$awards_selected = $rr->num;
switch($r->typepref) {
case "speconly": /* Judge for special award */
/* They may judge more than one award, so don't limit them
* to one */
if($awards_selected >= 1) return "complete";
break;
case "pref": /* Special award preferences specified */
default:
if( ($awards_selected >= $config['judges_specialaward_min'])
&&($awards_selected <= $config['judges_specialaward_max']) ){
return "complete";
}
break;
}
return "incomplete";
}
//ji = judgeinfo record from database (select * from judges where id='whatever')
function updateJudgeCompleteStatus($ji)
{
if( personalStatus()=="complete" &&
expertiseStatus()=="complete"
)
$complete="yes";
else
$complete="no";
if($complete!=$ji->complete)
{
mysql_query("UPDATE judges SET complete='$complete' WHERE id='".$ji->id."'");
}
}
//finally, if everything else is good, update their 'overall status' if it needs to be
//updateJudgeCompleteStatus($judgeinfo);
?>

185
judge_expertise.php Normal file
View File

@ -0,0 +1,185 @@
<?
/*
This file is part of the 'Science Fair In A Box' project
SFIAB Website: http://www.sfiab.ca
Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
Copyright (C) 2005 James Grant <james@lightbox.org>
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public
License as published by the Free Software Foundation, version 2.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; see the file COPYING. If not, write to
the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA.
*/
?>
<?
require_once('common.inc.php');
require_once('user.inc.php');
require_once('judge.inc.php');
$u = user_load($_SESSION['users_id'], true);
//send the header
$type = $_SESSION['users_type'];
send_header('Category and Division Preferences',
array('Judge Registration' => 'judge_main.php')
);
if($_POST['action']=="save")
{
if(!is_array($_POST['division']))
$_POST['division']=array();
if(!is_array($_POST['subdivision']))
$_POST['subdivision']=array();
$u['div_prefs'] = array();
foreach($_POST['division'] AS $key=>$val)
$u['div_prefs'][$key] = $val;
$u['div_prefs_sub'] = array();
foreach($_POST['subdivision'] AS $key=>$val)
$u['div_prefs_sub'][$key] = $val;
if($_POST['expertise_other'])
$u['expertise_other'] = stripslashes($_POST['expertise_other']);
else
$u['expertise_other'] = NULL;
$u['cat_prefs'] = array();
if(is_array($_POST['catpref'])) {
foreach($_POST['catpref'] AS $k=>$v) {
if($v == '') continue;
$u['cat_prefs'][$k] = $v;
}
}
user_save($u);
message_push(notice(i18n("Preferences successfully saved")));
$u = user_load($_SESSION['users_id'], true);
}
// updateJudgeCompleteStatus($judgeinfo);
//output the current status
$newstatus=judge_status_expertise($u);
if($newstatus!="complete")
echo error(i18n("Divisional Judging Information Incomplete"));
else
echo happy(i18n("Divisional Judging Information Complete"));
if($u['special_award_only'] == 'yes') {
echo i18n("You have specified that you are a judge for a specific special award. Divisional Judging preferences have been disabled because they do not apply to you.");
echo "<br />";
send_footer();
exit;
}
echo "<form name=\"expertiseform\" method=\"post\" action=\"judge_expertise.php\">\n";
echo "<input type=\"hidden\" name=\"action\" value=\"save\">\n";
$q=mysql_query("SELECT * FROM projectcategories WHERE year='".$config['FAIRYEAR']."' ORDER BY mingrade");
echo "<h3>".i18n("Age Category Preferences")."</h3><br>";
echo "<table>";
while($r=mysql_fetch_object($q))
{
echo "<tr><td>&nbsp;&nbsp;&nbsp;&nbsp;";
echo i18n("%1 (Grades %2-%3)",array(i18n($r->category),$r->mingrade,$r->maxgrade));
echo "</td>";
echo "<td>";
echo "<select name=\"catpref[$r->id]\">";
echo "<option value=\"\">".i18n("Choose")."</option>\n";
foreach($preferencechoices AS $val=>$str)
{
if($u['cat_prefs'][$r->id]==$val && $u['cat_prefs'][$r->id]!="")
$sel="selected=\"selected\"";
else
$sel="";
echo "<option $sel value=\"$val\">".i18n($str)."</option>\n";
}
echo "</select>".REQUIREDFIELD;
echo "</td>";
echo "</tr>";
}
echo "</table>";
echo "<br />";
echo "<br />";
echo "<h3>".i18n("Division Expertise")."</h3><br>";
echo "<table>";
echo i18n("Please rank the following divisions according to the amount of knowledge you have of each subject. A '1' indicates very little knowledge, and a '5' indicates you are very knowledgeable of the subject");
echo "<br />";
echo "<br />";
echo i18n("Once you save, any division that you specified as 3 or more might offer sub-divisions for you to choose from.");
echo "<br />";
echo "<br />";
// echo "<table>\n";
//query all of the categories
$q=mysql_query("SELECT * FROM projectdivisions WHERE year='".$config['FAIRYEAR']."' ORDER BY division");
$first = true;
while($r=mysql_fetch_object($q)) {
$trclass = ($trclass == 'odd') ? 'even' : 'odd';
if($first == true) {
echo "<tr><td></td><td colspan=\"2\">".i18n("Novice")."</td><td colspan=\"3\" align=\"right\">".i18n("Expert")."</td></tr>";
echo "<tr><th></th>";
for($x=1;$x<=5;$x++)
echo "<th>$x</th>";
echo "<th></th>";
echo "</tr>";
$first = false;
}
echo "<tr class=\"$trclass\"><td><b>".i18n($r->division)."</b></td>";
for($x=1;$x<=5;$x++) {
$sel = ($u['div_prefs'][$r->id]==$x) ? "checked=\"checked\"" : '';
echo "<td width=\"30\"><input onclick=\"fieldChanged()\" $sel type=\"radio\" name=\"division[$r->id]\" value=\"$x\" /></td>";
}
echo "<td width=\"100\"></td>";
echo "</tr>";
//only show the sub-divisions if the 'main' division is scored >=3
if($u['div_prefs'][$r->id]>=3) {
$subq=mysql_query("SELECT * FROM projectsubdivisions WHERE projectdivisions_id='$r->id' AND year='".$config['FAIRYEAR']."' ORDER BY subdivision");
while($subr=mysql_fetch_object($subq)) {
echo "<tr>";
echo "<td>&nbsp;</td>";
$ch = ($u['div_prefs_sub'][$subr->id]) ? "checked=\"checked\"" : '';
echo "<td><input onclick=\"fieldChanged()\" $ch type=\"checkbox\" name=\"subdivision[$subr->id]\" value=\"1\" /></td>";
echo "<td colspan=\"5\">";
echo "$subr->subdivision";
echo "</td>";
echo "</tr>";
}
}
}
echo "</table>";
echo "<br />";
echo "<h3>".i18n("Other Areas of Expertise not listed above")."</h3>";
echo "<textarea name=\"expertise_other\" rows=\"4\" cols=\"60\">".htmlspecialchars($u['expertise_other'])."</textarea>";
echo "<br />";
echo "<br />";
echo "<input type=\"submit\" value=\"".i18n("Save Judging Preferences")."\" />\n";
echo "</form>";
send_footer();
?>

97
judge_main.php Normal file
View File

@ -0,0 +1,97 @@
<?
/*
This file is part of the 'Science Fair In A Box' project
SFIAB Website: http://www.sfiab.ca
Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
Copyright (C) 2005 James Grant <james@lightbox.org>
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public
License as published by the Free Software Foundation, version 2.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; see the file COPYING. If not, write to
the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA.
*/
?>
<?
require_once('common.inc.php');
require_once('user.inc.php');
require_once('user_page.inc.php');
require_once('judge.inc.php');
user_auth_required('judge');
$u = user_load($_SESSION['users_id'], true);
if($u['judge_active'] == 'no') {
message_push(notice(i18n("Your judge role is not active. If you would like to participate as a judge for the %1 %2 please click the '<b>Activate Role</b>' button in the Judge section below",array($config['FAIRYEAR'],$config['fairname']))));
header('Location: user_activate.php');
exit;
}
send_header("Judge Registration", array());
//only display the named greeting if we have their name
if($u['firstname']) {
echo i18n("Hello <b>%1</b>",array($u['firstname']));
echo "<br />";
}
echo "<br />";
//first, we need to see if they havec the current FAIRYEAR activated, if not, we'll keep their acocunt 'dormant' and it wont
//be used for anything, but will still be available for them to login in the following years.
echo i18n("Please use the checklist below to complete your data. Click on an item in the table to edit that information. When you have entered all information, the <b>Status</b> field will change to <b>Complete</b>");
echo "<br />";
echo "<br />";
$overallstatus="complete";
user_page_summary_begin();
user_page_summary_item("Contact Information",
"user_personal.php", "user_personal_info_status", array($u));
user_page_summary_item("Other Information",
"judge_other.php", "judge_status_other", array($u));
user_page_summary_item("Areas of Expertise",
"judge_expertise.php", "judge_status_expertise", array($u));
if($config['judges_specialaward_enable'] == 'yes' || $u['special_award_only'] == 'yes') {
user_page_summary_item("Special Award Preferences",
"register_judges_specialawards.php", "specialawardStatus", array($u));
}
// user_page_summary_item("Areas of Expertise",
// "register_judges_expertise.php", "expertiseStatus", array($u));
$overallstatus = user_page_summary_end(true);
user_update_complete($u, $overallstatus);
echo '<br /><br />';
if($overallstatus!="complete")
echo error(i18n("You will not be marked as an active judge until your \"Overall Status\" is \"Complete\""));
else
echo happy(i18n("Thank you for completing the judge registration process. We look forward to seeing you at the fair"));
echo "<br />";
echo i18n('Other Options and Things To Do').':<br />';
echo '<ul>';
echo '<li><a href="user_password.php">'.i18n('Change Password').'</a> - '.i18n('Change your password').'</li>';
echo '<li><a href="user_activate.php">'.i18n('Activate/Deactivate Role').'</a> - '.
i18n('Activate/Deactiate/Remove/Delete roles or your entire account').
'</li>';
echo '<li>'.i18n('To logout, use the [Logout] link in the upper-right of the page').'</li>';
echo '</ul>';
send_footer();
?>

165
judge_other.php Normal file
View File

@ -0,0 +1,165 @@
<?
/*
This file is part of the 'Science Fair In A Box' project
SFIAB Website: http://www.sfiab.ca
Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
Copyright (C) 2005 James Grant <james@lightbox.org>
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public
License as published by the Free Software Foundation, version 2.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; see the file COPYING. If not, write to
the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA.
*/
?>
<?
require_once('common.inc.php');
require_once('user.inc.php');
require_once('judge.inc.php');
require_once("questions.inc.php");
$u = user_load($_SESSION['users_id'], true);
//send the header
$type = $_SESSION['users_type'];
send_header('Other Information',
array('Judge Registration' => 'judge_main.php')
);
if($_POST['action']=="save")
{
if(!is_array($_POST['division']))
$_POST['division']=array();
if(!is_array($_POST['subdivision']))
$_POST['subdivision']=array();
$u['divprefs'] = array();
foreach($_POST['division'] AS $key=>$val)
$u['divprefs'][$key] = $val;
$u['divprefs_sub'] = array();
foreach($_POST['subdivision'] AS $key=>$val)
$u['divprefs_sub'][$key] = $val;
if($_POST['other_other'])
$u['other_other'] = stripslashes($_POST['other_other']);
else
$u['other_other'] = NULL;
$u['catprefs'] = array();
if(is_array($_POST['catpref'])) {
foreach($_POST['catpref'] AS $k=>$v) {
if($v == '') continue;
$u['catprefs'][$k] = $v;
}
}
user_save($u);
message_push(notice(i18n("Preferences successfully saved")));
$u = user_load($_SESSION['users_id'], true);
}
// updateJudgeCompleteStatus($judgeinfo);
//output the current status
$newstatus=judge_status_other($u);
if($newstatus!="complete")
echo error(i18n("Other Information Incomplete"));
else
echo happy(i18n("Other Information Complete"));
echo "<form name=\"otherform\" method=\"post\" action=\"judge_other.php\">\n";
echo "<input type=\"hidden\" name=\"action\" value=\"save\">\n";
echo "<table>\n";
echo "<tr>\n";
echo " <td colspan=\"2\">".i18n("I can judge in the following languages")." ".REQUIREDFIELD."</td>";
echo " <td colspan=\"2\">";
//grab the current languages that are selected
$currentlanguages=array();
$q=mysql_query("SELECT languages_lang FROM judges_languages WHERE judges_id='".$_SESSION['judges_id']."'");
while($r=mysql_fetch_object($q))
{
$currentlanguages[]=$r->languages_lang;
}
$q=mysql_query("SELECT * FROM languages WHERE active='Y' ORDER BY langname");
while($r=mysql_fetch_object($q))
{
if(in_array($r->lang,$currentlanguages)) $ch="checked=\"checked\""; else $ch="";
echo "<input onclick=\"fieldChanged()\" $ch type=\"checkbox\" name=\"languages[]\" value=\"$r->lang\" /> $r->langname <br />";
}
echo " </td>\n";
echo "</tr>\n";
if($config['judges_specialaward_only_enable'] == 'yes') {
echo "<tr><td colspan=\"4\"><hr /></td></tr>";
echo "<tr>\n";
echo " <td colspan=\"2\">".i18n("I am a judge for a specific special award")."<br /><font size=-1>(".i18n("Check this box if you are supposed to judge a specific special award, and please select that award on the Special Award Preferences page.").")</font></td>";
if($judgeinfo->typepref == "speconly") $ch = "checked=checked";
else $ch="";
echo " <td colspan=\"2\"><input $ch type=\"checkbox\" name=\"typepref\" value=\"speconly\" />";
echo " </td>";
echo "</tr>\n";
}
echo "<tr><td colspan=\"4\"><hr /></td></tr>";
echo "<tr>\n";
echo " <td colspan=\"2\">".i18n("Years of judging experience at a School level:")."</td>";
echo " <td colspan=\"2\"><input onchange=\"fieldChanged()\" type=\"text\" name=\"years_school\" size=\"5\" value=\"{$u['years_school']}\" /></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo " <td colspan=\"2\">".i18n("Years of judging experience at a Regional level:")."</td>";
echo " <td colspan=\"2\"><input onchange=\"fieldChanged()\" type=\"text\" name=\"years_regional\" size=\"5\" value=\"{$u['years_regional']}\" /></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo " <td colspan=\"2\">".i18n("Years of judging experience at a National level:")."</td>";
echo " <td colspan=\"2\"><input onchange=\"fieldChanged()\" type=\"text\" name=\"years_national\" size=\"5\" value=\"{$u['years_national']}\" /></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo " <td colspan=\"2\">".i18n("Other professional qualifications")."</td>";
echo " <td colspan=\"2\"><input onchange=\"fieldChanged()\" type=\"text\" name=\"professional_quals\" size=\"35\" value=\"$judgeinfo->professional_quals\" /></td>\n";
echo "</tr>\n";
questions_print_answer_editor('judgereg',
$_SESSION['judges_id'], $config['FAIRYEAR'], 'questions');
echo "<tr>\n";
echo " <td colspan=\"2\">".i18n("Highest post-secondary degree")."</td>";
echo " <td colspan=\"2\"><input onchange=\"fieldChanged()\" type=\"text\" name=\"highest_psd\" size=\"35\" value=\"$judgeinfo->highest_psd\" /></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo " <td colspan=\"2\">".i18n("Other professional qualifications")."</td>";
echo " <td colspan=\"2\"><input onchange=\"fieldChanged()\" type=\"text\" name=\"professional_quals\" size=\"35\" value=\"$judgeinfo->professional_quals\" /></td>\n";
echo "</tr>\n";
echo "</table>";
echo "<br />";
echo "<br />";
echo "<input type=\"submit\" value=\"".i18n("Save Information")."\" />\n";
echo "</form>";
send_footer();
?>

View File

@ -23,6 +23,10 @@
?> ?>
<? <?
echo "register_judges.inc.php included, use judge.inc.php instead.";
exit;
$preferencechoices=array( $preferencechoices=array(
-2=>"Very Low", -2=>"Very Low",
-1=>"Low", -1=>"Low",
@ -36,20 +40,6 @@ $preferencechoices=array(
function personalStatus() function personalStatus()
{ {
global $config; global $config;
$required_fields=array("firstname","lastname","address","city","postalcode","phonehome","email");
$q=mysql_query("SELECT * FROM judges WHERE id='".$_SESSION['judges_id']."'");
while($r=mysql_fetch_object($q))
{
foreach ($required_fields AS $req)
{
if(!$r->$req)
{
return "incomplete";
}
}
}
//and they also have to select at least one language to judge in //and they also have to select at least one language to judge in
$q=mysql_query("SELECT COUNT(judges_id) AS num FROM judges_languages WHERE judges_id='".$_SESSION['judges_id']."'"); $q=mysql_query("SELECT COUNT(judges_id) AS num FROM judges_languages WHERE judges_id='".$_SESSION['judges_id']."'");
@ -62,52 +52,38 @@ function personalStatus()
return "complete"; return "complete";
} }
function expertiseStatus() function judge_status_expertise($u)
{ {
global $config; global $config;
/* If the judging special awards are active, and the judge has /* If the judging special awards are active, and the judge has
* selected "I am a special awards judge", then disable this */ * selected "I am a special awards judge", then disable
* expertise checking */
if($config['judges_specialaward_only_enable'] == 'yes') { if($config['judges_specialaward_only_enable'] == 'yes') {
$q = mysql_query("SELECT typepref FROM judges WHERE if($u['special_award_only'] == 'yes')
id='{$_SESSION['judges_id']}'");
if(mysql_num_rows($q) != 1) return "incomplete";
$r = mysql_fetch_object($q);
if($r->typepref == 'speconly')
return 'complete'; return 'complete';
} }
//and they need to rank all of the age categories /* Check to see if they have ranked all project age categories, and all divisions */
$q=mysql_query("SELECT COUNT(id) AS num FROM projectcategories WHERE year='".$config['FAIRYEAR']."'"); $q=mysql_query("SELECT COUNT(id) AS num FROM projectcategories WHERE year='".$config['FAIRYEAR']."'");
$r=mysql_fetch_object($q); $r=mysql_fetch_object($q);
$numcats=$r->num; $numcats=$r->num;
$q=mysql_query("SELECT COUNT(id) AS num FROM judges_catpref WHERE year='".$config['FAIRYEAR']."' AND judges_id='".$_SESSION['judges_id']."'"); if($numcats != count($u['catprefs'])) {
$r=mysql_fetch_object($q);
$numprefs=$r->num;
if($numcats!=$numprefs)
return "incomplete"; return "incomplete";
}
//easiest check here is to check the number of divisions, then check the number of entries
//that they have in the judges_expertise table. If they are the same, then we're good to go
//if they are different, they forgot to fill one out (because it only gets inserted if a value)
//is choosen, and they are always ALL removed before each update
$q=mysql_query("SELECT COUNT(id) AS num FROM projectdivisions WHERE year='".$config['FAIRYEAR']."'"); $q=mysql_query("SELECT COUNT(id) AS num FROM projectdivisions WHERE year='".$config['FAIRYEAR']."'");
$r=mysql_fetch_object($q); $r=mysql_fetch_object($q);
$numdivisions=$r->num; $numdivisions=$r->num;
$q=mysql_query("SELECT COUNT(id) AS num FROM judges_expertise WHERE projectdivisions_id IS NOT NULL AND judges_id='".$_SESSION['judges_id']."' AND year='".$config['FAIRYEAR']."'"); if($numdivisions != count($u['divprefs'])) {
$r=mysql_fetch_object($q);
$numjudgesexpertise=$r->num;
if($numdivisions == $numjudgesexpertise)
return "complete";
else
return "incomplete"; return "incomplete";
} }
return "complete";
}
function specialawardStatus() function specialawardStatus()
{ {
global $config; global $config;
@ -149,38 +125,6 @@ function specialawardStatus()
return "incomplete"; return "incomplete";
} }
//authenticate based on email address and registration number from the SESSION
if(! ($_SESSION['email'] && $_SESSION['judges_id']) )
{
header("Location: register_judges.php");
exit;
}
$q=mysql_query("SELECT * FROM judges WHERE email='".$_SESSION['email']."' AND id='".$_SESSION['judges_id']."' AND deleted='no'");
echo mysql_error();
if(mysql_num_rows($q)==0)
{
header("Location: register_judges.php?action=logout");
exit;
}
$judgeinfo=mysql_fetch_object($q);
//only check for password expiry if we are NOT on the change password page, otherwise we create endless redirect loops
if(!strstr($_SERVER['PHP_SELF'],"register_judges_password.php"))
{
//check for expired password
$q=mysql_query("SELECT id FROM judges WHERE email='".$_SESSION['email']."' AND id='".$_SESSION['judges_id']."' AND deleted='no' AND passwordexpiry<=NOW()");
if(mysql_num_rows($q))
{
$_SESSION['judges_password_expired']=true;
header("Location: register_judges_password.php");
}
}
//ji = judgeinfo record from database (select * from judges where id='whatever') //ji = judgeinfo record from database (select * from judges where id='whatever')
function updateJudgeCompleteStatus($ji) function updateJudgeCompleteStatus($ji)
{ {
@ -198,6 +142,6 @@ function updateJudgeCompleteStatus($ji)
} }
//finally, if everything else is good, update their 'overall status' if it needs to be //finally, if everything else is good, update their 'overall status' if it needs to be
updateJudgeCompleteStatus($judgeinfo); //updateJudgeCompleteStatus($judgeinfo);
?> ?>

View File

@ -58,6 +58,7 @@ function user_load_fair($u)
$r = mysql_fetch_object($q); $r = mysql_fetch_object($q);
$ret = array(); $ret = array();
$ret['fair_active'] = $r->fair_active;
$ret['fairs_id'] = intval($r->fairs_id); $ret['fairs_id'] = intval($r->fairs_id);
return $ret; return $ret;
} }
@ -72,8 +73,32 @@ function user_load_student($u)
function user_load_judge($u) function user_load_judge($u)
{ {
/* Double check, make sure the user is of this type */ /* Double check, make sure the user is of this type */
if(!in_array('judge', $u['types'])) return false; if(!in_array('judge', $u['types'])) {
echo 'ERROR: User is not a judge in user_load_judge';
return false;
}
$q = mysql_query("SELECT * FROM users_judge
WHERE users_id='{$u['id']}'");
if(mysql_num_rows($q)!=1) {
echo "DATABASE ERROR: User judge record not found";
print_r($u);
return false;
}
$r = mysql_fetch_object($q);
$ret = array(); $ret = array();
$ret['judge_active'] = $r->judge_active;
$ret['years_school'] = intval($r->years_school);
$ret['years_regional'] = intval($r->years_regional);
$ret['years_national'] = intval($r->years_national);
$ret['willing_chair'] = ($r->willing_chair == 'yes') ? 'yes' : 'no';
$ret['special_award_only'] = ($r->special_award_only == 'yes') ? 'yes' : 'no';
$ret['cat_prefs'] = unserialize($r->cat_prefs);
$ret['div_prefs'] = unserialize($r->div_prefs);
$ret['divsub_prefs'] = unserialize($r->divsub_prefs);
$ret['expertise_other'] = $r->expertise_other;
return $ret; return $ret;
} }
@ -88,6 +113,7 @@ function user_load_committee($u)
$r = mysql_fetch_object($q); $r = mysql_fetch_object($q);
$ret = array(); $ret = array();
$ret['committee_active'] = $r->committee_active;
$ret['emailprivate'] = $r->emailprivate; $ret['emailprivate'] = $r->emailprivate;
$ret['ord'] = intval($r->ord); $ret['ord'] = intval($r->ord);
$ret['displayemail'] = ($r->displayemail == 'yes') ? 'yes' : 'no'; $ret['displayemail'] = ($r->displayemail == 'yes') ? 'yes' : 'no';
@ -102,7 +128,18 @@ function user_load_volunteer($u)
{ {
/* Double check, make sure the user is of this type */ /* Double check, make sure the user is of this type */
if(!in_array('volunteer', $u['types'])) return false; if(!in_array('volunteer', $u['types'])) return false;
$q = mysql_query("SELECT * FROM users_volunteer
WHERE users_id='{$u['id']}'");
if(mysql_num_rows($q)!=1) {
echo "DATABASE ERROR, loading volunteer for user {$u['id']} returned ".mysql_num_rows($q)." rows.";
return false;
}
$r = mysql_fetch_object($q);
$ret = array(); $ret = array();
$ret['volunteer_active'] = $r->volunteer_active;
$ret['volunteer_complete'] = $r->volunteer_complete;
return $ret; return $ret;
} }
@ -126,6 +163,7 @@ function user_load($user, $load_full=false)
* */ * */
$where = "id='$id'"; $where = "id='$id'";
} else { } else {
echo "Can't load user by non-number id";
return false; return false;
/* Load by email */ /* Load by email */
// $e = stripslashes($user); // $e = stripslashes($user);
@ -135,13 +173,17 @@ function user_load($user, $load_full=false)
} }
if($load_base) { if($load_base) {
$q=mysql_query("SELECT * FROM users $query = "SELECT * FROM users
WHERE WHERE
$where $where
AND deleted='no' AND deleted='no'
"); ";
$q=mysql_query($query);
if(mysql_num_rows($q)!=1) return false; if(mysql_num_rows($q)!=1) {
echo "Query [$query] returned ".mysql_num_rows($q)." rows\n";
return false;
}
$ret = mysql_fetch_assoc($q); $ret = mysql_fetch_assoc($q);
@ -162,7 +204,10 @@ function user_load($user, $load_full=false)
/* These all pass $ret by reference, and can modify /* These all pass $ret by reference, and can modify
* $ret */ * $ret */
$r = call_user_func("user_load_$t", $ret); $r = call_user_func("user_load_$t", $ret);
if(!is_array($r)) return false; if(!is_array($r)) {
echo "user_load_$t didn't return an array!\n";
return false;
}
/* It is important that each type database doesn't /* It is important that each type database doesn't
have conflicting column names */ have conflicting column names */
@ -188,6 +233,7 @@ function user_load($user, $load_full=false)
// print_r($ret); // print_r($ret);
// echo "</pre>"; // echo "</pre>";
return $ret; return $ret;
} }
@ -221,44 +267,68 @@ function user_set_password($id, $password = NULL)
return $password; return $password;
} }
function user_save_type_list($u, $db, $fields)
function user_save_volunteer($u)
{ {
}
function user_save_committee($u)
{
$fields = array('emailprivate','ord','displayemail','access_admin',
'access_config','access_super');
//echo "<pre>"; //echo "<pre>";
// print_r($u); // print_r($u);
// echo "</pre>"; // echo "</pre>";
$set = ''; $set = '';
foreach($fields as $f) { foreach($fields as $f) {
/* == even works on arrays in PHP */
if($u[$f] == $u['orig'][$f]) continue; if($u[$f] == $u['orig'][$f]) continue;
if($set != '') $set .=','; if($set != '') $set .=',';
if($u[$f] == NULL) {
$set .= "$f=NULL";
continue;
}
if(is_array($u[$f]))
$data = mysql_escape_string(serialize($u[$f]));
else
$data = mysql_escape_string(stripslashes($u[$f])); $data = mysql_escape_string(stripslashes($u[$f]));
$set .= "$f='$data'"; $set .= "$f='$data'";
} }
if($set != "") { if($set != "") {
$query = "UPDATE users_committee SET $set WHERE users_id='{$u['id']}'"; $query = "UPDATE $db SET $set WHERE users_id='{$u['id']}'";
mysql_query($query); mysql_query($query);
} }
} }
function user_save_volunteer($u)
{
$fields = array('volunteer_active');
user_save_type_list($u, 'users_volunteer', $fields);
}
function user_save_committee($u)
{
$fields = array('committee_active','emailprivate','ord','displayemail','access_admin',
'access_config','access_super');
user_save_type_list($u, 'users_committee', $fields);
}
function user_save_judge($u) function user_save_judge($u)
{ {
$fields = array('judge_active','years_school','years_regional','years_national',
'willing_chair','special_award_only',
'cat_prefs','div_prefs','divsub_prefs','expertise_other');
user_save_type_list($u, 'users_judge', $fields);
} }
function user_save_student($u) function user_save_student($u)
{ {
// $fields = array('student_active',);
// user_save_type_list($u, 'users_student', $fields);
} }
function user_save_fair($u) function user_save_fair($u)
{ {
$fields = array('fair_active');
user_save_type_list($u, 'users_fair', $fields);
} }
function user_save($u) function user_save($u)
@ -303,10 +373,11 @@ function user_save($u)
} }
} }
/* Delete functions. These mark a user as deleted, and delete references to other
* tables */
function user_delete_committee($u) function user_delete_committee($u)
{ {
mysql_query("DELETE FROM users_committee WHERE users_id='{$u['id']}'");
mysql_query("DELETE FROM committees_link WHERE users_id='{$u['id']}'"); mysql_query("DELETE FROM committees_link WHERE users_id='{$u['id']}'");
} }
@ -316,6 +387,10 @@ function user_delete_volunteer($u)
function user_delete_judge($u) function user_delete_judge($u)
{ {
global $config;
$id = $u['id'];
mysql_query("DELETE FROM judges_teams_link WHERE judges_id='$id' AND year='{$config['FAIRYEAR']}'");
mysql_query("DELETE FROM judges_years WHERE judges_id='$id' AND year='{$config['FAIRYEAR']}'");
} }
function user_delete_fair($u) function user_delete_fair($u)
@ -354,14 +429,127 @@ function user_delete($u, $type=false)
} else { } else {
/* Delete the whole user */ /* Delete the whole user */
foreach($u['types'] as $t) call_user_func("user_delete_$t", $u); foreach($u['types'] as $t) call_user_func("user_delete_$t", $u);
$finish_delete = true; $finish_delete = true;
} }
if($finish_delete == true) { if($finish_delete == true) {
mysql_query("UPDATE users SET deleted='yes', deleteddatetime=NOW() WHERE id='{$u['id']}'");
}
}
/* Purge functions. These completely eliminate all traces of a user from the
* database. This action cannot be undone. We prefer the committee to use the
* "delete" functions, which simply mark the account as "deleted". */
function user_purge($u, $type=false)
{
$finish_purge = false;
if(!is_array($u)) {
$u = user_load($u);
}
if($type != false) {
if(!in_array($type, $u['types'])) {
/* Hum, type specified, but the user is not this type,
* so, i guess we're done. */
return;
}
if(count($u['types']) > 1) {
/* Don't delete the whole user */
$types='';
foreach($u['types'] as $t) {
if($t == $type) continue;
if($types != '') $types .= ',';
$types .= $t;
}
mysql_query("UPDATE users SET types='$types' WHERE id='{$u['id']}'");
} else {
$finish_purge = true;
}
/* Call the delete func to deal with table linking, then completely wipe
* out the entry */
call_user_func("user_delete_$type", $u);
// call_user_func("user_purge_$type", $u);
mysql_query("DELETE FROM users_$type WHERE users_id='{$u['id']}'");
} else {
/* Delete the whole user */
foreach($u['types'] as $t) {
call_user_func("user_delete_$t", $u);
// call_user_func("user_purge_$t", $u);
mysql_query("DELETE FROM users_$t WHERE users_id='{$u['id']}'");
}
$finish_purge = true;
}
if($finish_purge == true) {
mysql_query("DELETE FROM users WHERE id='{$u['id']}'"); mysql_query("DELETE FROM users WHERE id='{$u['id']}'");
} }
} }
function user_dupe_row($db, $key, $val, $newval)
{
$q = mysql_query("SELECT * FROM $db WHERE $key='$val'");
if(mysql_num_rows($q) != 1) {
echo "ERROR duplicating row in $db: $key=$val NOT FOUND.\n";
exit;
}
$i = mysql_fetch_assoc($q);
$i[$key] = $newval;
foreach($i as $k=>$v) {
if($v == NULL)
$i[$k] = 'NULL';
else
$i[$k] = '\''.mysql_escape_string($v).'\'';
}
$keys = '`'.join('`,`', array_keys($i)).'`';
$vals = join(',', array_values($i));
$q = "INSERT INTO $db ($keys) VALUES ($vals)";
echo "Dupe Query: [$q]";
$r = mysql_query($q);
echo mysql_error();
$id = mysql_insert_id();
return $id;
}
/* Used by the login scripts to copy one user from one year to another */
function user_dupe($u, $new_year)
{
/* Dupe a user if:
* - They don't exist in the current year
* (users->year != the target year (passed in so we can use it in the rollover script) )
* - They have a previous year entry
* (users->year DESC LIMIT 1 == 1 row)
* - That previous entry has deleted=no */
/* Find the last entry */
$q = mysql_query("SELECT id,uid,year,deleted FROM users WHERE uid='{$u['uid']}'
ORDER BY year DESC LIMIT 1");
$r = mysql_fetch_object($q);
if($r->deleted == 'yes') {
echo "Cannot duplicate user ID {$u['id']}, they are deleted. Undelete them first.\n";
exit;
}
if($r->year == $new_year) {
echo "Cannot duplicate user ID {$u['id']}, they already exist in year $new_year\n";
exit;
}
$id = user_dupe_row('users', 'id', $u['id'], NULL);
$q = mysql_query("UPDATE users SET year='$new_year' WHERE id='$id'");
/* Load the new user */
$u2 = user_load($id, false);
foreach($u2['types'] as $t) {
user_dupe_row("users_$t", 'users_id', $u['id'], $id);
}
/* Return the ID of the new user */
return $id;
}
/* Returns true if loaded user ($u) is allowed to add role type $type to their /* Returns true if loaded user ($u) is allowed to add role type $type to their
* profile. THis is intended as a last-stop mechanism, preventing, for example * profile. THis is intended as a last-stop mechanism, preventing, for example
* a student from co-existing with any other account type. */ * a student from co-existing with any other account type. */
@ -405,13 +593,19 @@ function user_create($type, $u = NULL)
switch($type) { switch($type) {
case 'volunteer': case 'volunteer':
mysql_query("INSERT INTO users_volunteer(`users_id`, `volunteer_active`) VALUES ('$uid', 'yes')");
break;
case 'student': case 'student':
// mysql_query("INSERT INTO users_student(`users_id`, `student_active`) VALUES ('$uid', 'yes')");
break;
case 'judge': case 'judge':
mysql_query("INSERT INTO users_judge(`users_id`, `judge_active`) VALUES ('$uid', 'yes')");
break;
case 'fair': case 'fair':
mysql_query("INSERT INTO users_fair(`users_id`) VALUES ('$uid')"); mysql_query("INSERT INTO users_fair(`users_id`, `fair_active`) VALUES ('$uid', 'yes')");
break; break;
case 'committee': case 'committee':
mysql_query("INSERT INTO users_committee(`users_id`) VALUES ('$uid')"); mysql_query("INSERT INTO users_committee(`users_id`, `committee_active`) VALUES ('$uid', 'yes')");
break; break;
} }
return user_load($uid, true); return user_load($uid, true);
@ -457,12 +651,14 @@ function user_auth_required($type, $access='')
{ {
global $config; global $config;
if(!isset($_SESSION['users_type'])) { if(!isset($_SESSION['users_type'])) {
header("location: {$config['SFIABDIRECTORY']}/user_login.php?type=$type&notice=auth_required"); message_push(error(i18n("You must login to view that page")));
header("location: {$config['SFIABDIRECTORY']}/user_login.php?type=$type");
exit; exit;
} }
if($_SESSION['users_type'] != $type) { if($_SESSION['users_type'] != $type) {
header("location: {$config['SFIABDIRECTORY']}/user_login.php?type=$type&notice=auth_required"); message_push(error(i18n("You must login to view that page")));
header("location: {$config['SFIABDIRECTORY']}/user_login.php?type=$type");
exit; exit;
} }
@ -478,7 +674,8 @@ function user_auth_required($type, $access='')
} }
if(committee_auth_has_access($access) == false) { if(committee_auth_has_access($access) == false) {
header("Location: {$config['SFIABDIRECTORY']}/committee_main.php?notice=no_auth"); message_push(error(i18n('You do not have permission to view that page')));
header("Location: {$config['SFIABDIRECTORY']}/committee_main.php");
exit; exit;
} }
} }
@ -597,6 +794,7 @@ function user_committee_login($u)
} }
$u = user_load($u, true); $u = user_load($u, true);
$_SESSION['access_admin'] = $u['access_admin'];// == 'yes') ? true : false; $_SESSION['access_admin'] = $u['access_admin'];// == 'yes') ? true : false;
$_SESSION['access_config'] = $u['access_config'];// == 'yes') ? true : false; $_SESSION['access_config'] = $u['access_config'];// == 'yes') ? true : false;
$_SESSION['access_super'] = $u['access_super'];// == 'yes') ? true : false; $_SESSION['access_super'] = $u['access_super'];// == 'yes') ? true : false;

145
user_activate.php Normal file
View File

@ -0,0 +1,145 @@
<?
/*
This file is part of the 'Science Fair In A Box' project
SFIAB Website: http://www.sfiab.ca
Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
Copyright (C) 2005 James Grant <james@lightbox.org>
Copyright (C) 2007 David Grant <dave@lightbox.org>
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public
License as published by the Free Software Foundation, version 2.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; see the file COPYING. If not, write to
the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA.
*/
?>
<?
require_once("common.inc.php");
require_once("user.inc.php");
if(!isset($_SESSION['users_type'])) {
/* No type set, invalid session */
echo "ERROR: session is invalid";
exit;
}
/* Validate the type */
if($_POST['action'] != '') {
$action_type = $_POST['action_type'];
if(!in_array($action_type, $user_types)) {
echo "ERROR: not an allowed type.";
exit;
}
$action_what = $user_what[$action_type];
}
switch($_POST['action']) {
case 'delete':
//okay here we go, lets get rid of them completely, since this is what theyve asked for
message_push(happy(i18n("Account successfully deleted. Goodbye")));
$u = user_load($_SESSION['users_id'], true);
user_delete($u);
header('location: user_login.php?action=logout');
exit;
case 'remove':
/* Like delete, only we're only deleting a role, not the whole account */
message_push(happy(i18n("$action_what role successfully removed.")));
$u = user_load($_SESSION['users_id'], true);
user_delete($u, $action_type);
break;
case 'activate':
$u = user_load($_SESSION['users_id'], true);
$u["{$action_type}_active"] = 'yes';
user_save($u);
message_push(happy(i18n("$action_what role for %1 successfully activated",array($config['FAIRYEAR']))));
break;
case 'deactivate':
$u = user_load($_SESSION['users_id'], true);
$u["{$action_type}_active"] = 'no';
user_save($u);
message_push(happy(i18n("$action_what role for %1 successfully deactivated",array($config['FAIRYEAR']))));
break;
default:
break;
}
$u = user_load($_SESSION['users_id'], true);
$type = $_SESSION['users_type'];
$m = $user_what[$type];
send_header("Role and Account Management",
array("$m Main" => "{$type}_main.php")
);
foreach($u['types'] as $t) {
echo '<h3>'.i18n("Role: {$user_what[$t]}").'</h3>';
if($u["{$t}_active"] == 'yes') {
echo happy(i18n('Active'));
$a = 'disabled="disabled"';
$d = '';
} else {
echo notice(i18n('Deactivated'));
$a = '';
$d = 'disabled="disabled"';
}
echo '<table><tr><td>';
echo "<form method=\"post\" action=\"".$_SERVER['PHP_SELF']."\">";
echo "<input type=\"hidden\" name=\"action\" value=\"activate\">\n";
echo "<input type=\"hidden\" name=\"action_type\" value=\"$t\">\n";
echo "<input style=\"width: 200px;\" $a type=\"submit\" value=\"".i18n("Activate Role")."\">";
echo "</form>";
echo '</td><td>';
echo "<form method=\"post\" action=\"".$_SERVER['PHP_SELF']."\">";
echo "<input type=\"hidden\" name=\"action\" value=\"deactivate\">\n";
echo "<input type=\"hidden\" name=\"action_type\" value=\"$t\">\n";
echo "<input style=\"width: 200px;\" $d type=\"submit\" value=\"".i18n("Deactivate Role")."\">";
echo "</form>";
echo '</td><td>';
echo "<form method=\"post\" action=\"".$_SERVER['PHP_SELF']."\">";
echo "<input type=\"hidden\" name=\"action\" value=\"remove\">\n";
echo "<input type=\"hidden\" name=\"action_type\" value=\"$t\">\n";
echo "<input style=\"width: 200px;\" $d onclick=\"return confirmClick('".i18n("Are you sure you want to remove this role from your account?\\nThis action cannot be undone.")."')\" type=\"submit\" value=\"".i18n("Remove Role")."\">";
echo "</form>";
echo '</td></tr></table>';
echo '<br />';
echo '<hr />';
}
echo '<ul>';
echo '<li>'.i18n("An <b>Active Role</b> indicates you would like to participate in the %1 %2 as that role (Judge, Volunteer, etc.)",array($config['FAIRYEAR'],$config['fairname']));
echo '</li><li>'.i18n("A <b>Deactivated Role</b> indicates you cannot participate in the deactivated roles this year, but would like remain on the mailing lists for future years. You can activate your deactivated role at any time.");
echo '</li><li>'.i18n("The <b>Remove Role</b> button completely deletes the role from your account. You will not receive future emails for the removed role. This action cannot be undone.");
echo '</li><li>'.i18n("The <b>Delete Entire Account</b> button below completely deletes your entire account. You will not receive any future email for any roles. It completely removes you from the system. This action cannot be undone.");
echo '</ul>';
echo "<form method=\"post\" action=\"".$_SERVER['PHP_SELF']."\">";
echo "<input type=\"hidden\" name=\"action\" value=\"delete\">\n";
echo "<input style=\"width: 300px;\" onclick=\"return confirmClick('".i18n("Are you sure you want to completely delete your account?\\nDoing so will remove you from our mailing list for future years and you will never hear from us again.\\nThis action cannot be undone.")."')\" type=\"submit\" value=\"".i18n("Delete Entire Account")."\">";
echo "</form>";
send_footer();
?>

View File

@ -30,7 +30,7 @@
{ {
/* Ensure sanity of inputs, user should be an email address, but it's stored /* Ensure sanity of inputs, user should be an email address, but it's stored
* in the username field */ * in the username field */
/* FIXME: this shoudl be user_valid_email, but can't be yet, because /* FIXME: this should be user_valid_email, but can't be yet, because
* we copy the usernames from the email field, and that field may * we copy the usernames from the email field, and that field may
* contain a name too */ * contain a name too */
if(!isEmailAddress($user)) { if(!isEmailAddress($user)) {
@ -45,16 +45,19 @@
return false; return false;
$user = mysql_escape_string($user); $user = mysql_escape_string($user);
$q = mysql_query("SELECT id,username,password $q = mysql_query("SELECT id,username,password,year,deleted
FROM users FROM users
WHERE username='$user' WHERE username='$user'
AND deleted='no'"); ORDER BY year DESC");
echo mysql_error(); echo mysql_error();
if(mysql_num_rows($q) != 1) return false; if(mysql_num_rows($q) < 1) return false;
/* Ok.. see if the passwd matches */
$r = mysql_fetch_object($q); $r = mysql_fetch_object($q);
/* See if the user account has been deleted */
if($r->deleted == 'yes') return false;
/* See if the password matches */
if($r->password != $pass) return false; if($r->password != $pass) return false;
/* Login successful */ /* Login successful */
@ -71,7 +74,8 @@
$type = $_SESSION['users_type']; $type = $_SESSION['users_type'];
/* If they're not trying to logout, don't let them see the login page */ /* If they're not trying to logout, don't let them see the login page */
if($_GET['action'] != 'logout') { if($_GET['action'] != 'logout') {
header("location: {$type}_main.php?notice=already_logged_in"); message_push(error(i18n('You are already logged in, please use the [Logout] link in the upper right to logout before logging in as different user')));
header("location: {$type}_main.php");
exit; exit;
} }
} else { } else {
@ -106,7 +110,6 @@
$reg_open = 'notpermitted'; $reg_open = 'notpermitted';
break; break;
case 'judge': case 'judge':
exit;
$reg_open = user_judge_registration_status(); $reg_open = user_judge_registration_status();
break; break;
case 'fair': case 'fair':
@ -125,10 +128,20 @@
{ {
$id = try_login($_POST['user'], $_POST['pass']); $id = try_login($_POST['user'], $_POST['pass']);
if($id == false) { if($id == false) {
header("location: user_login.php?type=$type&notice=login_failed$redirect_url"); message_push(error(i18n("Invalid Email/Password")));
header("location: user_login.php?type=$type$redirect_url");
exit; exit;
} else { }
$u = user_load($id); $u = user_load($id);
/* Make sure the user we loaded is actually for the current year, if not,
* we need to duplicate the user */
if($u['year'] != $config['FAIRYEAR']) {
$id = user_dupe($u, $config['FAIRYEAR']);
$u = user_load($id);
}
/* Make sure $type is in their types */ /* Make sure $type is in their types */
if(!in_array($type, $u['types'])) { if(!in_array($type, $u['types'])) {
/* Huh, someone is fudging with the HTML, get /* Huh, someone is fudging with the HTML, get
@ -208,7 +221,9 @@
header("location: user_multirole.php?action=add&type=$multirole_data"); header("location: user_multirole.php?action=add&type=$multirole_data");
exit; exit;
case 'roleattached': case 'roleattached':
header("location: {$type}_main.php?notice=attached"); message_push(happy(i18n('The %1 role has been attached to your account', array($user_what[$type]))));
message_push(notice(i18n('Use the [Switch Roles] link in the upper right to change roles while you are logged in')));
header("location: {$type}_main.php");
exit; exit;
} }
@ -219,14 +234,14 @@
exit; exit;
} }
} message_push(error(i18n("Invalid Email/Password")));
header("location: user_login.php?type=$type&notice=login_failed"); header("location: user_login.php?type=$type");
exit; exit;
} }
else if($_GET['action']=="logout") else if($_GET['action']=="logout")
{ {
/* Session keys to skip on logout */ /* Session keys to skip on logout */
$skip = array('debug', 'lang'); $skip = array('debug', 'lang', 'messages');
/* Do these explicitly because i'm paranoid */ /* Do these explicitly because i'm paranoid */
unset($_SESSION['name']); unset($_SESSION['name']);
@ -238,9 +253,9 @@
$keys = array_diff(array_keys($_SESSION), $skip); $keys = array_diff(array_keys($_SESSION), $skip);
foreach($keys as $k) unset($_SESSION[$k]); foreach($keys as $k) unset($_SESSION[$k]);
if($notice != 'login_multirole') $notice = 'logged_out'; message_push(notice(i18n("You have been successfully logged out")));
if($type != '') if($type != '')
header("location: user_login.php?type=$type&notice=$notice$redirect_url"); header("location: user_login.php?type=$type$redirect_url");
exit; exit;
} }
else if($_GET['action']=="recover") else if($_GET['action']=="recover")
@ -291,7 +306,8 @@
/* Check name match */ /* Check name match */
if(strcasecmp($r->firstname, $fn)!=0 || strcasecmp($r->lastname, $ln)!=0) { if(strcasecmp($r->firstname, $fn)!=0 || strcasecmp($r->lastname, $ln)!=0) {
header("Location: user_login.php?type=$type&notice=recover_name_error"); message_push(error(i18n("The name you entered does not match the one in your account")));
header("Location: user_login.php?type=$type");
exit; exit;
} }
@ -307,55 +323,23 @@
"EMAIL"=>$email) "EMAIL"=>$email)
); );
header("Location: user_login.php?type=$type&notice=recover_sent"); message_push(notice(i18n("Your password has been sent to your email address")));
header("Location: user_login.php?type=$type");
exit; exit;
} else { } else {
header("Location: user_login.php?type=$type&notice=recover_email_error"); message_push(error(i18n("Could not find your email address for recovery")));
header("Location: user_login.php?type=$type");
exit; exit;
} }
} }
header("Location: user_login.php?type=$type&notice=email_error"); message_push(error(i18n("Email address error")));
header("Location: user_login.php?type=$type");
exit; exit;
} }
else else
{ {
send_header("{$user_what[$type]} - Login", array()); send_header("{$user_what[$type]} - Login", array());
switch($notice) {
case 'created_sent':
echo happy(i18n("Your new password has been sent to your email address. Please check your email and use the password to login"));
break;
case 'recover_sent':
echo notice(i18n("Your password has been sent to your email address"));
break;
case 'recover_email_error':
echo error(i18n("Could not find your email address for recovery"));
break;
case 'recover_name_error':
echo error(i18n("The name you entered does not match the one in your account"));
break;
case 'email_error':
echo error(i18n("Email address error"));
break;
case 'login_failed':
echo error(i18n("Invalid Email/Password"));
break;
case 'auth_required':
echo error(i18n("You must login to view that page"));
break;
case 'logged_out':
echo notice(i18n("You have been successfully logged out"));
break;
case 'login_multirole':
echo notice(i18n("You have been successfully logged out"));
echo notice(i18n("Now login to finish adding the new role to your account"));
break;
case 'multirole':
echo notice(i18n("Your email address already exists. Please login to your existing account below and you will be redirected to the multi-role creation page to complete your registration request."));
break;
}
$recover_link = "user_login.php?type=$type&action=recover"; $recover_link = "user_login.php?type=$type&action=recover";
$new_link = "user_new.php?type=$type"; $new_link = "user_new.php?type=$type";

View File

@ -40,7 +40,7 @@
{ {
global $user_what; global $user_what;
if(user_add_role_allowed($type, $u) && !in_array($type, $u['types'])) { if(user_add_role_allowed($type, $u) && !in_array($type, $u['types'])) {
echo "<li><a href=\"user_new.php?type=$type\">{$user_what['volunteer']}</a>"; echo "<li><a href=\"user_new.php?type=$type\">{$user_what[$type]}</a>";
//onClick=\"return confirm('Are you sure you want to also be a {$user_what[$type]}?')\" //onClick=\"return confirm('Are you sure you want to also be a {$user_what[$type]}?')\"
echo '</li>'; echo '</li>';
return 1; return 1;
@ -77,6 +77,7 @@
echo '<ul>'; echo '<ul>';
$x += show_role('volunteer', $u); $x += show_role('volunteer', $u);
$x += show_role('judge', $u);
if($x == 0) { if($x == 0) {
echo '<li>'; echo '<li>';
echo i18n('There are no more roles that can be added to your account'); echo i18n('There are no more roles that can be added to your account');

View File

@ -26,16 +26,6 @@
require_once("common.inc.php"); require_once("common.inc.php");
require_once("user.inc.php"); require_once("user.inc.php");
$type = false;
/*
if(isset($_SESSION['users_type'])) {
send_header("Registration", array());
echo i18n("Please logout before creating a new user\n");
send_footer();
exit;
}
*/
$type = $_GET['type']; $type = $_GET['type'];
if(!in_array($type, $user_types)) { if(!in_array($type, $user_types)) {
send_header("Registration"); send_header("Registration");
@ -44,7 +34,6 @@
exit; exit;
} }
$notice = $_GET['notice'];
$action = $_GET['action']; $action = $_GET['action'];
if($action == '') $action = $_POST['action']; if($action == '') $action = $_POST['action'];
@ -69,7 +58,7 @@
$reg_mode = $config['judge_registration_type']; $reg_mode = $config['judge_registration_type'];
$reg_single_password = $config['judge_registration_singlepassword']; $reg_single_password = $config['judge_registration_singlepassword'];
$password_expiry_days = $config['judges_password_expiry_days']; $password_expiry_days = $config['judges_password_expiry_days'];
$welcome_email = "register_judges_welcome"; $welcome_email = "judge_welcome";
break; break;
case 'student': case 'student':
$reg_open = 'closed'; $reg_open = 'closed';
@ -120,7 +109,7 @@
/* Check the registration singlepassword */ /* Check the registration singlepassword */
if($reg_mode == 'singlepassword') { if($reg_mode == 'singlepassword') {
if($reg_single_password != $_POST['registrationpassword']) { if($reg_single_password != $_POST['registrationpassword']) {
$notice = 'singlepassword_wrong'; message_push(error(i18n("The {$user_what[$type]} Registration password you have entered is incorrect.")));
break; /* Don't want to create an account */ break; /* Don't want to create an account */
} }
} }
@ -133,7 +122,9 @@
$r = mysql_fetch_object($q); $r = mysql_fetch_object($q);
$types = split(',', $r->types); $types = split(',', $r->types);
if(in_array($type, $types)) { if(in_array($type, $types)) {
$notice = 'role_exists'; message_push(error(i18n("That email address has an existing {$user_what[$type]} registration")));
message_push(notice(i18n("Use the 'recover password' option on the %1 {$user_what[$type]} login page %2 if you have forgotten your password",
array("<a href=\"user_login.php?type=$type\">", "</a>"))));
break; /* Don't want to create an account */ break; /* Don't want to create an account */
} else { } else {
/* If they're already logged in, we can go ahead and /* If they're already logged in, we can go ahead and
@ -148,27 +139,30 @@
$u = user_load($_SESSION['users_id']); $u = user_load($_SESSION['users_id']);
$u = user_create($type, $u); $u = user_create($type, $u);
$_SESSION['users_type'] = $type; $_SESSION['users_type'] = $type;
header("location: user_login.php?action=logout&notice=login_multirole&redirect=roleattached"); message_push(notice(i18n("Login to finish adding the new role to your account")));
header("location: user_login.php?action=logout&redirect=roleattached");
exit; exit;
} }
/* forward the user to the login page for whatever role /* forward the user to the login page for whatever role
* they already have (it doesn't matter), and * they already have (it doesn't matter), and
* setup a login role_add redirect */ * setup a login role_add redirect */
header("location: user_login.php?type={$types[0]}&notice=multirole&redirect=roleadd&redirectdata=$type"); message_push(notice(i18n("Your email address already exists. Please login to your existing account below and you will be redirected to the multi-role creation page to complete your registration request.")));
header("location: user_login.php?type={$types[0]}&redirect=roleadd&redirectdata=$type");
exit; exit;
} }
} }
/* Strict validate the email */ /* Strict validate the email */
if(!user_valid_email($data_email)) { if(!user_valid_email($data_email)) {
$notice = 'email_invalid'; message_push(error(i18n("The email address is invalid")));
$data_email = ''; $data_email = '';
break; /* Don't want to create an account */ break; /* Don't want to create an account */
} }
/* Check the names */ /* Check the names */
if($data_fn == '' or $data_ln == '') { if($data_fn == '' or $data_ln == '') {
$notice = 'name_invalid'; message_push(error(i18n("You must enter your first and last name")));
break; /* Don't want to create an account */ break; /* Don't want to create an account */
} }
@ -192,38 +186,14 @@
); );
/* now redirect to the login page */ /* now redirect to the login page */
header("Location: user_login.php?type=$type&notice=created_sent"); message_push(happy(i18n("Your new password has been sent to your email address. Please check your email and use the password to login")));
header("Location: user_login.php?type=$type");
exit; exit;
} }
send_header("{$user_what[$type]} Registration", send_header("{$user_what[$type]} Registration",
array("{$user_what[$type]} Login" => "user_login.php?type=$type") ); array("{$user_what[$type]} Login" => "user_login.php?type=$type") );
switch($notice) {
case 'email_invalid':
echo '<br />';
echo error(i18n("The email address is invalid"));
echo '<br />';
break;
case 'name_invalid':
echo '<br />';
echo error(i18n("You must enter your first and last name"));
echo '<br />';
break;
case 'singlepassword_wrong':
echo '<br />';
echo error(i18n("The {$user_what[$type]} Registration Password you have entered is incorrect."));
echo '<br />';
break;
case 'role_exists':
echo '<br />';
echo error(i18n("That email address has an existing {$user_what[$type]} registration"));
echo notice(i18n("Use the 'recover password' option on the %1 {$user_what[$type]} login page %2 if you have forgotten your password",
array("<a href=\"user_login.php?type=$type\">", "</a>")));
echo '<br />';
break;
}
?> ?>
<form method="post" action="user_new.php?type=<?=$type?>"> <form method="post" action="user_new.php?type=<?=$type?>">
<input type="hidden" name="action" value="new" /> <input type="hidden" name="action" value="new" />
@ -239,8 +209,9 @@
</table> </table>
<? } else { <? } else {
echo "<br />"; echo "<br />";
echo i18n("Remember, once you click the Register button below, you will be logged out. You can immediately log back in."); echo i18n("Remember, once you click the Register button below, you will be logged out. Log back in to complete the registration.");
echo "<br />"; echo "<br />";
echo "<input type=\"hidden\" name=\"email\" value=\"{$_SESSION['email']}\"";
} }
if($reg_mode == 'singlepassword') { if($reg_mode == 'singlepassword') {
echo '<br />'; echo '<br />';

View File

@ -31,24 +31,25 @@
if(isset($_SESSION['users_type'])) { if(isset($_SESSION['users_type'])) {
$type = $_SESSION['users_type']; $type = $_SESSION['users_type'];
} else { } else {
header("location: {$config['SFIABDIRECTORY']}/index.php?notice=auth_required"); message_push(error(i18n("You must login to view that page")));
header("location: {$config['SFIABDIRECTORY']}/index.php");
exit; exit;
} }
/* Make sure the user is logged in, but don't check passwd expiry */ /* Make sure the user is logged in, but don't check passwd expiry */
if(!isset($_SESSION['users_type'])) { if(!isset($_SESSION['users_type'])) {
header("location: {$config['SFIABDIRECTORY']}/user_login.php?type=$type&notice=auth_required"); message_push(error(i18n("You must login to view that page")));
header("location: {$config['SFIABDIRECTORY']}/user_login.php?type=$type");
exit; exit;
} }
if($_SESSION['users_type'] != $type) { if($_SESSION['users_type'] != $type) {
header("location: {$config['SFIABDIRECTORY']}/user_login.php?type=$type&notice=auth_required"); message_push(error(i18n("You must login to view that page")));
header("location: {$config['SFIABDIRECTORY']}/user_login.php?type=$type");
exit; exit;
} }
$notice=$_GET['notice'];
$back_link = "{$type}_main.php"; $back_link = "{$type}_main.php";
$password_expiry_days = $config["{$type}_password_expiry_days"]; $password_expiry_days = $config["{$type}_password_expiry_days"];
@ -61,15 +62,20 @@
id='{$_SESSION['users_id']}' id='{$_SESSION['users_id']}'
AND password='$pass'"); AND password='$pass'");
if(mysql_num_rows($q)) $notice = 'same'; if(mysql_num_rows($q))
else if(!$_POST['pass1']) $notice = 'passwordrequired'; message_push(error(i18n("You cannot choose the same password again. Please choose a different password")));
else if($_POST['pass1'] != $_POST['pass2']) $notice = 'nomatch'; else if(!$_POST['pass1'])
else if(user_valid_password($_POST['pass1']) == false) $notice = 'invalidchars'; message_push(error(i18n("New Password is required")));
else if($_POST['pass1'] != $_POST['pass2'])
message_push(error(i18n("Passwords do not match")));
else if(user_valid_password($_POST['pass1']) == false)
message_push(error(i18n("The password contains invalid characters or is not long enough")));
else { else {
user_set_password($_SESSION['users_id'], $pass); user_set_password($_SESSION['users_id'], $pass);
unset($_SESSION['password_expired']); unset($_SESSION['password_expired']);
header("location: $back_link?notice=password_changed"); message_push(happy(i18n('Your password has been successfully updated')));
header("location: $back_link");
exit; exit;
} }
} }
@ -84,22 +90,6 @@
echo i18n('Your password has expired. You must choose a new password now.'); echo i18n('Your password has expired. You must choose a new password now.');
} }
switch($notice) {
case 'same':
echo error(i18n("You cannot choose the same password again. Please choose a different password"));
break;
case 'passwordrequired':
echo error(i18n("New Password is required"));
break;
case 'nomatch':
echo error(i18n("Passwords do not match"));
break;
case 'invalidchars':
echo error(i18n("The password contains invalid characters or is not long enough"));
default:
}
echo "<form name=\"changepassform\" method=\"post\" action=\"user_password.php\">\n"; echo "<form name=\"changepassform\" method=\"post\" action=\"user_password.php\">\n";
echo "<input type=\"hidden\" name=\"action\" value=\"save\" />\n"; echo "<input type=\"hidden\" name=\"action\" value=\"save\" />\n";
echo "<table>\n"; echo "<table>\n";

View File

@ -148,7 +148,7 @@
$em = mysql_escape_string(stripslashes($_POST['email'])); $em = mysql_escape_string(stripslashes($_POST['email']));
$q=mysql_query("SELECT id FROM users WHERE email='$em' AND id!='{$u['id']}'"); $q=mysql_query("SELECT id FROM users WHERE email='$em' AND id!='{$u['id']}'");
if(mysql_num_rows($q) > 0) { if(mysql_num_rows($q) > 0) {
$notice = 'email_exists'; message_push(error(i18n("That email address is in use by another user")));
$save = false; $save = false;
} }
@ -158,7 +158,7 @@
header("location: {$config['SFIABDIRECTORY']}/admin/committees.php"); header("location: {$config['SFIABDIRECTORY']}/admin/committees.php");
exit; exit;
} }
$notice = 'success'; message_push(notice(i18n("%1 %2 successfully updated",array($_POST['firstname'],$_POST['lastname']))));
} }
@ -188,15 +188,6 @@
} }
} }
switch($notice) {
case 'success':
echo notice(i18n("%1 %2 successfully updated",array($_POST['firstname'],$_POST['lastname'])));
break;
case 'email_exists':
echo error(i18n("That email address is in use by another user"));
break;
}
foreach($errorfields as $f) { foreach($errorfields as $f) {
echo error(i18n('\'%1\' must use the format: %2', echo error(i18n('\'%1\' must use the format: %2',
array(i18n($user_personal_fields[$f]['name']), array(i18n($user_personal_fields[$f]['name']),

View File

@ -30,20 +30,16 @@
user_auth_required('volunteer'); user_auth_required('volunteer');
send_header("Volunteer Registration", array()); $u = user_load($_SESSION['users_id'], true);
switch($_GET['notice']) { if($u['volunteer_active'] == 'no') {
case 'password_changed': message_push(notice(i18n("Your volunteer role is not active. If you would like to participate as a volunteer for the %1 %2 please click the '<b>Activate Role</b>' button in the Volunteer section below",array($config['FAIRYEAR'],$config['fairname']))));
echo happy(i18n('Your password has been successfully updated')); header('Location: user_activate.php');
break; exit;
case 'already_logged_in':
echo error(i18n('You are already logged in, please use the [Logout] link in the upper right to logout before loggin in as different user'));
break;
case 'attached':
echo happy(i18n('The Volunteer role has been attached to your account. Use the [Switch Roles] link in the upper right to change roles while you are logged in'));
break;
} }
send_header("Volunteer Main", array());
//only display the named greeting if we have their name //only display the named greeting if we have their name
echo i18n("Hello <b>%1</b>",array($_SESSION['name'])); echo i18n("Hello <b>%1</b>",array($_SESSION['name']));
echo "<br />"; echo "<br />";
@ -66,6 +62,7 @@
this page, they will never be marked as complete. Not sure how to handle this page, they will never be marked as complete. Not sure how to handle
this, it's kinda hackey to call EVERY status() fucntion within EACH page to this, it's kinda hackey to call EVERY status() fucntion within EACH page to
get teh overall status. */ get teh overall status. */
/* Change this to volunteer_status */
user_update_complete($u, $overallstatus); user_update_complete($u, $overallstatus);
echo "<br />"; echo "<br />";
@ -82,7 +79,11 @@
echo "<br />"; echo "<br />";
echo i18n('Other Options and Things To Do').':<br />'; echo i18n('Other Options and Things To Do').':<br />';
echo '<ul>'; echo '<ul>';
echo '<li><a href="user_password.php">'.i18n('Change My Password').'</a></li>'; echo '<li><a href="user_password.php">'.i18n('Change Password').'</a> - '.i18n('Change your password').'</li>';
echo '<li><a href="user_activate.php">'.i18n('Activate/Deactivate Roles').'</a> - '.
i18n('Activate/Deactiate/Remove/Delete roles or your entire account').
'</li>';
echo '<li>'.i18n('To logout, use the [Logout] link in the upper-right of the page').'</li>';
echo '</ul>'; echo '</ul>';
send_footer(); send_footer();