Add the school access page for schools to login and update their own information

2005-05-13 18:23:31 +00:00 · 2005-05-13 18:23:31 +00:00 · b30e70aaad
commit b30e70aaad
parent 9ea5843646
2 changed files with 233 additions and 1 deletions
--- a/common.inc.php
+++ b/common.inc.php
@ -312,6 +312,23 @@ else
 }
 ?>
 </ul>
+<br />
+<ul class="mainnav">
+<?
+if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode'])
+{
+?>
+<li><a href="<?=$config['SFIABDIRECTORY']?>/schoolaccess.php?action=logout"><?=i18n("School Logout")?></a></li>
+<?
+}
+else
+{
+?>
+<li><a href="<?=$config['SFIABDIRECTORY']?>/schoolaccess.php"><?=i18n("School Login")?></a></li>
+<?
+}
+?>
+</ul>

 <div class="aligncenter">

@ -537,7 +554,8 @@ function emit_province_selector($name,$selected="",$extra="")
 		{
 			if($r->code == $selected) $sel="selected=\"selected\""; else $sel="";

-			echo "<option $sel value=\"$r->code\">".i18n($r->province)."</option>\n";
+			echo "<option $sel value=\"$r->code\">".i18n($r->province);
+			echo "</option>\n";
 		}

 		echo "</select>\n";
--- a/schoolaccess.php
+++ b/schoolaccess.php
@ -0,0 +1,214 @@
+<?
+include "common.inc.php";
+if($_POST['schoolid'] && $_POST['accesscode'])
+{
+	$q=mysql_query("SELECT * FROM schools WHERE id='".$_POST['schoolid']."' AND accesscode='".$_POST['accesscode']."' AND year='".$config['FAIRYEAR']."'");
+	if(mysql_num_rows($q)==1)
+	{
+		$_SESSION['schoolid']=$_POST['schoolid'];
+		$_SESSION['schoolaccesscode']=$_POST['accesscode'];
+		mysql_query("UPDATE schools SET lastlogin=NOW() WHERE id='".$_POST['schoolid']."'");
+
+	}
+	else
+		$errormsg="Invalid School ID or Access Code";
+}
+send_header(i18n("School Access"));
+
+if($_GET['action']=="logout")
+{
+	unset($_SESSION['schoolid']);
+	unset($_SESSION['schoolaccesscode']);
+	echo happy(i18n("You have been logged out from the school access page"));
+}
+
+
+if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode'])
+{
+	$q=mysql_query("SELECT * FROM schools WHERE id='".$_SESSION['schoolid']."' AND accesscode='".$_SESSION['schoolaccesscode']."' AND year='".$config['FAIRYEAR']."'");
+	echo mysql_error();
+	$school=mysql_fetch_object($q);
+	if($school)
+	{
+		if($_POST['action']=="save")
+		{
+			mysql_query("UPDATE schools SET 
+				school='".mysql_escape_string(stripslashes($_POST['school']))."', 
+				address='".mysql_escape_string(stripslashes($_POST['address']))."', 
+				city='".mysql_escape_string(stripslashes($_POST['city']))."', 
+				province_code='".mysql_escape_string(stripslashes($_POST['province_code']))."', 
+				postalcode='".mysql_escape_string(stripslashes($_POST['postalcode']))."', 
+				phone='".mysql_escape_string(stripslashes($_POST['phone']))."', 
+				fax='".mysql_escape_string(stripslashes($_POST['fax']))."', 
+				sciencehead='".mysql_escape_string(stripslashes($_POST['sciencehead']))."', 
+				scienceheademail='".mysql_escape_string(stripslashes($_POST['scienceheademail']))."', 
+				scienceheadphone='".mysql_escape_string(stripslashes($_POST['scienceheadphone']))."' 
+				WHERE id='$school->id'");
+
+				if(mysql_error())
+					echo error(i18n("An Error occured trying to save the school information"));
+				else
+					echo happy(i18n("School information successfully updated"));
+
+				//and reselect it
+				$q=mysql_query("SELECT * FROM schools WHERE id='".$_SESSION['schoolid']."' AND accesscode='".$_SESSION['schoolaccesscode']."' AND year='".$config['FAIRYEAR']."'");
+				echo mysql_error();
+				$school=mysql_fetch_object($q);
+		}
+
+/*
+		if($_POST['action']=="numbers")
+		{
+			mysql_query("UPDATE schools SET 
+						junior='".$_POST['junior']."', 
+						intermediate='".$_POST['intermediate']."', 
+						senior='".$_POST['senior']."'  
+						WHERE id='$school->id'");
+
+				echo mysql_error();
+
+				$q=mysql_query("SELECT * FROM schools WHERE id='".$_SESSION['schoolid']."' AND accesscode='".$_SESSION['schoolaccesscode']."'");
+				echo "<font color=blue><b>Participation Information Successfully Updated</b></font><br>\n";
+				$school=mysql_fetch_object($q);
+
+		}
+		*/
+		if($_POST['action']=="feedback")
+		{
+			$body="";
+			$body.=$_SERVER['REMOTE_ADDR']." (".$_SERVER['REMOTE_HOST'].")\n";
+			$body.=date("r")."\n";
+			$body.="School ID: $school->id\n";
+			$body.="School Name: $school->school\n";
+			$body.="Feedback:\n".$_POST['feedbacktext']."\n";
+			echo "mailing ".$config['fairmanageremail'];
+			mail($config['fairmanageremail'],"School Feedback",$body,"From: webpage@".$_SERVER['SERVER_NAME']);
+			echo happy(i18n("Thanks for your feedback!"));
+
+		}
+
+		echo "<h3>$school->school</h3>";
+		echo "<h4>School Information</h4>";
+		echo "Please make sure your school contact information is correct, make any necessary changes:";
+		echo "<form method=POST action=\"schoolaccess.php\">";
+		echo "<input type=hidden name=action value=\"save\">";
+		echo "<table border=0 cellspacing=0 cellpadding=3>";
+		echo "<tr><td>School Name</td><td><input value=\"$school->school\" type=text name=school size=40></td></tr>";
+		echo "<tr><td>Address</td><td><input value=\"$school->address\" type=text name=address size=40></td></tr>";
+		echo "<tr><td>City</td><td><input value=\"$school->city\" type=text name=city size=30></td></tr>";
+		echo "<tr><td>".i18n("Province")."</td><td>";
+		emit_province_selector("province_code",$school->province_code);
+		echo "</td></tr>\n";
+		echo "<tr><td>Postalcode</td><td><input value=\"$school->postalcode\"  type=text name=postalcode size=10></td></tr>";
+		echo "<tr><td>Phone Number</td><td><input value=\"$school->phone\" type=text name=phone size=30></td></tr>";
+		echo "<tr><td>Fax Number</td><td><input value=\"$school->fax\" type=text name=fax size=30></td></tr>";
+		echo "<tr><td>Science Teacher</td><td><input value=\"$school->sciencehead\" type=text name=sciencehead size=40></td></tr>";
+		echo "<tr><td>Science Teacher Email</td><td><input value=\"$school->scienceheademail\" type=text name=scienceheademail size=40></td></tr>";
+		echo "<tr><td>Science Teacher Phone <br><font size=1>(If different than above)</font></td><td><input value=\"$school->scienceheadphone\" type=text name=scienceheadphone size=30></td></tr>";
+		echo "</table>";
+		echo "<input type=submit value=\"Save Changes\">";
+		echo "</form>";
+		echo "<br>";
+
+	/*
+		//the participation section needs to be updated to handle the age categories as specified
+		//in the categories table and the numbers from configuration, for now, lets just not do it.
+		//this code is copied from the ORSF schoolaccess page, thats why its here, but just commented out.
+
+		echo "<h4>Participation Information</h4>";
+		echo "Please select the number of <b>projects</b> you anticipate on sending to the fair in each of the age categories";
+		echo "<form method=POST action=\"schoolaccess.php\">";
+		echo "<input type=hidden name=action value=\"numbers\">";
+		echo "<table border=0 cellspacing=0 cellpadding=3>";
+
+
+		echo "<tr><td>Junior (Grades 7-8)</td><td>"; 
+		echo "<select name=junior>";
+		for($x=0;$x<=12;$x++)
+		{	
+			if($school->junior==$x) $sel="selected"; else $sel="";
+			echo "<option $sel value=\"$x\">$x</option>\n";
+		}
+		echo "</select>";
+		echo "</td></tr>";
+
+
+		echo "<tr><td>Intermediate (Grades 9-10)</td><td>"; 
+		echo "<select name=intermediate>";
+		for($x=0;$x<=12;$x++)
+		{	
+			if($school->intermediate==$x) $sel="selected"; else $sel="";
+			echo "<option $sel value=\"$x\">$x</option>\n";
+		}
+		echo "</select>";
+		echo "</td></tr>";
+
+
+		echo "<tr><td>Senior (Grades 11-12)</td><td>"; 
+		echo "<select name=senior>";
+		for($x=0;$x<=12;$x++)
+		{	
+			if($school->senior==$x) $sel="selected"; else $sel="";
+			echo "<option $sel value=\"$x\">$x</option>\n";
+		}
+		echo "</select>";
+		echo "</td></tr>";
+
+
+		echo "</table>";
+
+		echo "<input type=submit value=\"Save Participation Numbers\">";
+		echo "<br>Please note, these numbers are only an <b>estimate</b> to help us plan the fair.  Choosing small numbers here in <b>no way</b> limits your actual participation.<br>\n";
+		echo "</form>";
+
+		*/
+		echo "<br>";
+		echo "<h4>School Feedback / Questions</h4>";
+
+		echo "<form method=POST action=\"schoolaccess.php\">";
+		echo "<input type=hidden name=action value=\"feedback\">";
+		echo "We are always welcome to any feedback (both positive and constructive crisicism!), or any questions you may have.  Please use the following box to communicate with us!";
+		echo "<br><textarea name=feedbacktext rows=8 cols=60></textarea><br>";
+		echo "<input type=submit value=\"Send Feedback\">";
+		echo "</form>";
+
+
+
+	}
+	else
+	{
+		echo "Invalid School ID or Access Code (2)";
+	}
+
+
+
+
+}
+else
+{
+	if($errormsg) echo "<font color=red><b>$errormsg</b></font>";
+?>
+	<form method=POST action="schoolaccess.php">
+	Welcome to the School Access Page.  This page allows your school to provide several key pieces of information for the fair, as well as feedback about the schools experience with/at the fair.
+
+	<br><br>
+	Please login below using the <b>School ID</b> and <b>Access Code</b> that you received in your package.
+
+	<br><br>
+	<table border=0 cellspacing=0 cellpadding=5>
+	<tr><td>School ID</td><td><input type=text name=schoolid></td></tr>
+	<tr><td>Access Code</td><td><input type=text name=accesscode></td></tr>
+	<tr><td align=center><input type=submit value="Login"></td></tr>
+	</table>
+
+	</form>
+
+	<br><br>
+
+<?
+}
+
+
+send_footer();
+
+?>