diff --git a/register_participants.php b/register_participants.php index 034a127..89f2755 100644 --- a/register_participants.php +++ b/register_participants.php @@ -54,6 +54,8 @@ } else if($_POST['action']=="continue") { + if($_POST['email']) + $_SESSION['email']=stripslashes(mysql_escape_string($_POST['email'])); $q=mysql_query("SELECT registrations.id AS regid, registrations.num AS regnum, students.id AS studentid, students.firstname FROM registrations,students ". "WHERE students.email='".$_SESSION['email']."' ". diff --git a/schoolinvite.php b/schoolinvite.php index 4e69efc..d401223 100644 --- a/schoolinvite.php +++ b/schoolinvite.php @@ -232,7 +232,7 @@ if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode']) echo "".i18n("Email Address").""; echo "".i18n("Grade").""; echo "".i18n("Registration Number").""; - echo "".i18n("Actions").""; + echo "".i18n("Actions").""; while($r=mysql_fetch_object($q)) { echo "$r->lastname$r->firstname"; @@ -240,6 +240,13 @@ if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode']) echo "$r->grade"; echo "$r->num"; echo ""; + echo "
"; + echo ""; + echo "email\">"; + echo "num\">"; + echo ""; + echo "
"; + echo ""; echo "id\">"; echo ""; echo "";