arman/science-ation
1
1
Fork 0
forked from science-ation/science-ation
Code Pull Requests Activity

- Add user/pass support to the fair info

Browse Source 
- Add a generic fair stats uploader, can't do YSF stats yet, but it will soon
  (and when it does it can replace the YSF specific stats uploader)
- Add better authentication to the incoming xml transport.
This commit is contained in:
dave 2009-04-20 05:02:23 +00:00
parent d2e9a4e64e
commit b5745656c1
3 changed files with 399 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

382
admin/fair_stats.php Normal file
View File

@ -0,0 +1,382 @@
<?
/*
This file is part of the 'Science Fair In A Box' project
SFIAB Website: http://www.sfiab.ca
Copyright (C) 2007 James Grant <james@lightbox.org>
Copyright (C) 2009 David Grant <dave@lightbox.org>
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public
License as published by the Free Software Foundation, version 2.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; see the file COPYING. If not, write to
the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA.
*/
?>
<?
require_once('../common.inc.php');
require_once('../user.inc.php');
user_auth_required('committee', 'admin');
require_once('xml.inc.php');
send_header("Fair Stats",
array('Committee Main' => 'committee_main.php',
'Administration' => 'admin/index.php'),
"one-click_ysf_affiliation_stats"
);
echo "<br />";
/* SFIAB config options server side */
$server_config = array();
$server_config['fair_stats_participation'] = 'no';
$server_config['fair_stats_schools_ext'] = 'no';
$server_config['fair_stats_minorities'] = 'no';
$server_config['fair_stats_guests'] = 'no';
function curl_query($fair, $xml)
{
switch($fair['type']) {
case 'sfiab':
$url = $fair['url'].'/xmltransport.php';
break;
case 'ysf':
$url = "https://secure.ysf-fsj.ca/registration/xmlaffiliation.php";
break;
}
$ch = curl_init(); /// initialize a cURL session
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_HEADER, 0); /// Header control
curl_setopt ($ch, CURLOPT_POST, 1); /// tell it to make a POST, not a GET
curl_setopt ($ch, CURLOPT_POSTFIELDS, "xml=".urlencode($xml)); /// put the query string here starting with "?"
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); /// This allows the output to be set into a variable $datastream
curl_setopt ($ch, CURLOPT_POSTFIELDSIZE, 0);
curl_setopt ($ch, CURLOPT_TIMEOUT, 360);
curl_setopt ($ch, CURLOPT_SSLVERSION, 3);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, false);
$datastream = curl_exec ($ch); /// execute the curl session and return the output to a variable $datastream
$datastream = str_replace(" standalone=\"yes\"","",$datastream);
curl_close ($ch); /// close the curl session
switch($fair['type']) {
case 'sfiab':
$d=xml_parsexml(urldecode($datastream));
$datastream = $d['sfiab'][0];
break;
case 'ysf':
break;
}
return $datastream;
}
if($_GET['year']) $year=intval($_GET['year']);
else $year=$config['FAIRYEAR'];
if($_GET['id']) $fairs_id=intval($_GET['id']);
else if($_POST['id']) $fairs_id=intval($_POST['id']);
else $fairs_id = -1;
if($fairs_id != -1) {
$q = mysql_query("SELECT * FROM fairs WHERE id='$fairs_id'");
$fair = mysql_fetch_assoc($q);
}
if($_POST['action']=="sendstats" && $_POST['xml']) {
if(function_exists('curl_init')) {
$r = curl_query($fair, $_POST['xml']);
if($r['error'][0] == 0)
echo happy(i18n("The %1 Server said:", array($fair['name'])).' '.$r['message'][0]);
else
echo error(i18n("The %1 Server said:", array($fair['name'])).' '.$r['message'][0]);
$fairs_id = -1;
$year = $config['FAIRYEAR'];
} else {
echo error("CURL Support Missing");
echo i18n("Your PHP installation does not support CURL. You will need to login to the YSF system as the regional coodinator and upload the XML data manually");
send_footer();
exit;
}
}
echo "<form name=\"fairselect\" action=\"$PHPSELF\" method=\"get\">";
$q=mysql_query("SELECT * FROM fairs WHERE `type`='sfiab' OR `type`='ysf'");
echo "<select name=\"id\" \">";
echo "<option value=\"\">".i18n("Choose a fair")."</option>\n";
while($r=mysql_fetch_object($q)) {
if($fairs_id==$r->id) $sel="selected=\"selected\""; else $sel="";
echo "<option $sel value=\"{$r->id}\">{$r->name} ({$r->abbrv})</option>\n";
}
$q=mysql_query("SELECT DISTINCT(year) AS year FROM config WHERE year>0 ORDER BY year");
echo "<select name=\"year\" >";
echo "<option value=\"\">".i18n("Choose a year")."</option>\n";
while($r=mysql_fetch_object($q)) {
if($year==$r->year) $sel="selected=\"selected\""; else $sel="";
echo "<option $sel value=\"$r->year\">$r->year</option>\n";
}
echo "</select>\n";
echo "<input type=\"submit\" name=\"submit\" value=\"".i18n('Prepare Stats')."\" />";
echo "</form>";
echo "<br />";
echo "<hr />";
if($fairs_id == -1) {
echo i18n('Statistics will be shown below this line before being sent. Please select a fair and year first.');
/* Wait for them to select somethign before generating stats */
send_footer();
exit;
}
/* Query the server to see what stats we need */
$xmldata=array("sfiab"=>array(
"username"=>$fair['username'],
"password"=>$fair['password'],
"getstats"=>array('year'=>$year)));
$output="";
xmlCreateRecurse($xmldata);
$xml=$output;
$data = curl_query($fair, $xml);
if($data['error'][0] != 0) {
echo error("Server said: {$data['message'][0]}<br />");
send_footer();
exit;
}
foreach($server_config as $k=>$v) {
$server_config[$k] = $data['statconfig'][0][$k][0];
}
/* Gather all stats, then we'll decide what to send */
$stats = array();
$stats['year'] = $year;
/* Now, overwrite all the stats with what we pulled down from the server */
if(is_array($data['stats'][0])) {
foreach($data['stats'][0] as $k=>$v) {
$stats[$k] = $v[0];
}
}
/* And now, overwrite all the stuff we pulled down with stats we can compute */
//number of schools
$q=mysql_query("SELECT COUNT(id) AS num FROM schools WHERE year='$year'");
$r=mysql_fetch_object($q);
$stats['schools_total']=$r->num;
//number of schools participating
$q=mysql_query("SELECT DISTINCT(students.schools_id) AS sid, schools.*
FROM students
LEFT JOIN registrations ON students.registrations_id=registrations.id
LEFT JOIN schools ON students.schools_id=schools.id
WHERE students.year='$year'
AND registrations.year='$year'
AND (registrations.status='complete' OR registrations.status='paymentpending')");
$stats['schools_active']=mysql_num_rows($q);
$stats['students_public'] = 0;
$stats['students_private'] = 0;
$stats['schools_atrisk'] = 0;
while($si=mysql_fetch_assoc($q)) {
if($si['designate'] == 'public')
$stats['students_public']++;
if($si['designate'] == 'independent')
$stats['students_private']++;
if($si['atrisk'] == 'yes')
$stats['schools_atrisk']++;
}
//numbers of students:
$q=mysql_query("SELECT students.*,schools.*
FROM students
LEFT JOIN registrations ON students.registrations_id=registrations.id
LEFT JOIN schools on students.schools_id=schools.id
WHERE students.year='$year'
AND registrations.year='$year'
AND (registrations.status='complete' OR registrations.status='paymentpending')");
echo mysql_error();
$stats['students_total'] = mysql_num_rows($q);
$stats['students_public'] = 0;
$stats['students_private'] = 0;
$stats['students_atrisk'] = 0;
$grademap = array(1=>1, 2=>1, 3=>1, 4=>4, 5=>4, 6=>4, 7=>7, 8=>7,
9=>9, 10=>9, 11=>11, 12=>11, 13=>11);
foreach($grademap as $k=>$g) {
$stats["male_$g"] = 0;
$stats["female_$g"] = 0;
$stats["projects_$g"] = 0;
}
$unknown = array();
while($s=mysql_fetch_assoc($q)) {
if(!in_array($s['sex'], array('male','female')))
$unknown[$grademap[$s['grade']]]++;
else
$stats["{$s['sex']}_{$grademap[$s['grade']]}"]++;
if($s['designate'] == 'public')
$stats['students_public']++;
if($s['designate'] == 'independent')
$stats['students_private']++;
if($s['atrisk'] == 'yes')
$stats['students_atrisk']++;
}
foreach($unknown as $g=>$a) {
$m = round($a/2);
$f = $a - $m;
$stats["male_$g"] += $m;
$stats["female_$g"] += $f;
}
//projects
$q=mysql_query("SELECT MAX(students.grade) AS grade FROM students
LEFT JOIN registrations ON students.registrations_id=registrations.id
LEFT JOIN projects ON projects.registrations_id=registrations.id
WHERE students.year='$year'
AND registrations.year='$year'
AND projects.year='$year'
AND (registrations.status='complete' OR registrations.status='paymentpending')
GROUP BY projects.id");
echo mysql_error();
while($r=mysql_fetch_assoc($q)) {
$stats["projects_{$grademap[$r['grade']]}"]++;
}
$q=mysql_query("SELECT COUNT(id) AS num FROM users
LEFT JOIN users_committee ON users_committee.users_id=users.id
WHERE types LIKE '%committee%'
AND year='$year'
AND users_committee.committee_active='yes'
AND deleted='no'");
$r = mysql_fetch_object($q);
$stats['committee_members'] = $r->num;
$q=mysql_query("SELECT COUNT(id) AS num FROM users LEFT JOIN users_judge ON users_judge.users_id=users.id
WHERE users.year='$year'
AND users.types LIKE '%judge%'
AND users.deleted='no'
AND users_judge.judge_complete='yes'
AND users_judge.judge_active='yes'");
$r=mysql_fetch_object($q);
$stats['judges'] = $r->num;
/* Print all blocks the server requests */
if($server_config['fair_stats_participation'] == 'yes') {
$rangemap = array(1=>'1-3', 4=>'4-6', 7=>'7-8', 9=>'9-10', 11=>'11-12');
echo '<b>'.i18n('Fair participation').'</b><br />';
echo '<br />';
echo i18n("Number of students: %1", array($stats['students_total']));
echo '<table><tr><td></td><td></td><td></td><td align=\"center\">'.i18n('Grade').'</td><td></td><td></td></tr>';
echo '<tr><td></td>';
foreach($rangemap as $k=>$v) echo "<td align=\"center\" width=\"50px\" >$v</td>";
echo '</tr><tr>';
echo '<td>'.i18n('Male').'</td>';
foreach($rangemap as $k=>$v) echo "<td align=\"right\">{$stats["male_$k"]}</td>";
echo '</tr><tr>';
echo '<td>'.i18n('Female').'</td>';
foreach($rangemap as $k=>$v) echo "<td align=\"right\">{$stats["female_$k"]}</td>";
echo '</tr><tr>';
echo '<td>'.i18n('Projects').'</td>';
foreach($rangemap as $k=>$v) echo "<td align=\"right\">{$stats["projects_$k"]}</td>";
echo '</tr>';
echo '</table>';
echo '<br />';
echo i18n("Number of schools: %1",array($stats['schools_total']));
echo '<br />';
echo i18n("Number of active schools: %1",array($stats['schools_active']));
echo '<br />';
echo '<br />';
echo i18n("Number of committee members: %1 (note: this is number of committee members who logged in to SFIAB for the year, anyone who was active but didn't log in to SFIAB will NOT be counted)",array($stats['committee_members']));
echo '<br />';
echo i18n("Number of judges: %1",array($stats['judges']));
echo '<br />';
echo '<br />';
echo '<br />';
}
if($server_config['fair_stats_schools_ext'] == 'yes') {
echo '<b>'.i18n('Extended School/Participant data').'</b><br />';
echo '<br />';
echo i18n('Public schools: %1 (%2 students).',array(
$stats['schools_public'], $stats['students_public']));
echo '<br />';
echo i18n('Private/Independent schools: %1 (%2 students).',array(
$stats['schools_private'], $stats['students_private']));
echo '<br />';
echo i18n('At-risk/inner city schools: %1 (%2 students).',array(
$stats['schools_atrisk'], $stats['students_atrisk']));
echo '<br />';
echo '<br />';
echo '<br />';
}
if($server_config['fair_stats_minorities'] != '') {
echo '<b>'.i18n('Data on minority groups').'</b><br />';
echo '<br />';
echo '<br />';
echo '<br />';
}
if($server_config['fair_stats_guests'] == 'yes' ) {
echo '<b>'.i18n('Guests visiting the fair').'</b><br />';
echo '<br />';
echo '<br />';
echo '<br />';
}
echo "<br />";
echo "<br />";
/* Format XML output, and print it, last chance for the user to edit it */
if($fair['type'] == 'ysf') {
/* Map data into YSF tags */
} else {
$xmldata=array("sfiab"=>array(
"username"=>$fair['username'],
"password"=>$fair['password'],
"stats"=>$stats));
}
$output="";
xmlCreateRecurse($xmldata);
$xml=$output;
echo "<h3>".i18n("The following data will be sent to")." {$fair['name']}</h3>";
echo "<form method=\"post\" action=\"$PHPSELF\">";
echo "<input type=\"hidden\" name=\"action\" value=\"sendstats\">";
echo "<input type=\"hidden\" name=\"id\" value=\"$fairs_id\">";
echo "<textarea rows=\"15\" cols=\"80\" name=\"xml\">";
echo $xml;
echo "</textarea>";
echo "<br />";
echo "<br />";
echo "<input type=\"submit\" value=\"".i18n("Send stats to")." {$fair['name']}\">";
echo "</form>";
echo "<hr /><pre>";
print_r($fair);
print_r($server_config);
print_r($stats);
echo "</pre>";
send_footer();
?>

14
fair_info.php
View File

@ -51,10 +51,14 @@
$abbrv = mysql_escape_string(stripslashes($_POST['abbrv']));
$url = mysql_escape_string($_POST['url']);
$type = array_key_exists($_POST['type'], $fair_type) ? $_POST['type'] : '';
$username = mysql_escape_string(stripslashes($_POST['username']));
$password = mysql_escape_string(stripslashes($_POST['password']));
$q = mysql_query("UPDATE fairs SET `name`='$name',
`abbrv`='$abbrv', `url`='$url',
`type`='$type' WHERE id=$id");
`type`='$type' , `username`='$username',
`password`='$password'
WHERE id=$id");
$u['fairs_id'] = $id;
user_save($u);
@ -111,7 +115,13 @@ if($_SESSION['embed'] == true) {
echo '<tr><td>'.i18n('URL').'</td><td>';
if($f['url'] == '') $f['url'] = 'http://';
echo "<input type=\"text\" name=\"url\" value=\"{$f['url']}\" size=\"40\" />";
echo '</td><td>';
echo '</td></tr>';
echo '<tr><td>'.i18n('Username').'</td><td>';
echo "<input type=\"text\" name=\"username\" value=\"{$f['username']}\" size=\"20\" />";
echo '</td></tr>';
echo '<tr><td>'.i18n('Password').'</td><td>';
echo "<input type=\"text\" name=\"password\" value=\"{$f['password']}\" size=\"15\" />";
echo '</td></tr>';
echo "</table>";
echo "<br />";

5
xmltransport.php
View File

@ -42,6 +42,11 @@
}
$i = mysql_fetch_assoc($q);
$u = user_load_by_uid($i['uid']);
if(!is_array($u) || $u['password'] == '') {
echo "<sfiab><error>1</error><message>authentication failed</message></sfiab>";
exit;
}
if($u['password'] != $password) {
echo "<sfiab><error>1</error><message>authentication failed</message></sfiab>";
exit;