Separated the school access pages into separate documents

This commit is contained in:
jacob 2010-06-15 16:57:50 +00:00
parent 3b0ad48451
commit ebe9f4b522
5 changed files with 427 additions and 429 deletions

View File

@ -2,7 +2,7 @@
require_once('common.inc.php'); require_once('common.inc.php');
require_once('user.inc.php'); require_once('user.inc.php');
if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode']){ if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode'] && $conference['type'] == 'scienceolympics'){
switch($_GET['action']){ switch($_GET['action']){
case 'saveNew': case 'saveNew':
$teamName = mysql_real_escape_string($_POST['teamname']); $teamName = mysql_real_escape_string($_POST['teamname']);
@ -27,10 +27,10 @@ if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode']){
$success = mysql_query($query); $success = mysql_query($query);
} }
if($success){ if($success){
happy_(i18n("Team successfully updated")); happy_("Team successfully updated");
echo("<script type=\"text/javascript\">newname = '$teamName';</script>"); echo("<script type=\"text/javascript\">newname = '$teamName';</script>");
}else{ }else{
error_(i18n("Unable to update record")); error_("Unable to update record");
echo("<script type=\"text/javascript\">newname = null;</script>"); echo("<script type=\"text/javascript\">newname = null;</script>");
} }
break; break;
@ -53,10 +53,10 @@ if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode']){
} }
} }
if($success){ if($success){
happy_(i18n("Team successfully deleted")); happy_("Team successfully deleted");
echo("<script type=\"text/javascript\">deleteId = '$teamId';</script>"); echo("<script type=\"text/javascript\">deleteId = '$teamId';</script>");
}else{ }else{
error_(i18n("Unable to delete record")); error_("Unable to delete record");
echo("<script type=\"text/javascript\">deleteId = null;</script>"); echo("<script type=\"text/javascript\">deleteId = null;</script>");
} }
break; break;
@ -65,7 +65,7 @@ if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode']){
draw_page(); draw_page();
} }
}else{ }else{
echo "this should be redirecting to shcoolaccess.php"; header('Location: schoolaccess.php');
} }
function draw_page(){ function draw_page(){

View File

@ -2,10 +2,7 @@
require_once('common.inc.php'); require_once('common.inc.php');
require_once('user.inc.php'); require_once('user.inc.php');
$parts = explode('/', $_SERVER['PHP_SELF']); // authenticate the login
define("_THISFILE", $parts[count($parts) - 1]);
if($_POST['schoolid'] && $_POST['accesscode']) if($_POST['schoolid'] && $_POST['accesscode'])
{ {
$q=mysql_query("SELECT * FROM schools WHERE id='".$_POST['schoolid']."' AND accesscode='".$_POST['accesscode']."' AND year='".$config['FAIRYEAR']."'"); $q=mysql_query("SELECT * FROM schools WHERE id='".$_POST['schoolid']."' AND accesscode='".$_POST['accesscode']."' AND year='".$config['FAIRYEAR']."'");
@ -20,6 +17,7 @@ if($_POST['schoolid'] && $_POST['accesscode'])
$errormsg="Invalid School ID or Access Code"; $errormsg="Invalid School ID or Access Code";
} }
// handle a logout request
if($_GET['action']=="logout") if($_GET['action']=="logout")
{ {
unset($_SESSION['schoolid']); unset($_SESSION['schoolid']);
@ -28,147 +26,40 @@ if($_GET['action']=="logout")
} }
if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode']) if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode']){
{ // we're logged in, draw the dashboard
$q=mysql_query("SELECT * FROM schools WHERE id='".$_SESSION['schoolid']."' AND accesscode='".$_SESSION['schoolaccesscode']."' AND year='".$config['FAIRYEAR']."'"); $q=mysql_query("SELECT * FROM schools WHERE id='".$_SESSION['schoolid']."' AND accesscode='".$_SESSION['schoolaccesscode']."' AND year='".$config['FAIRYEAR']."'");
echo mysql_error(); echo mysql_error();
$school=mysql_fetch_object($q); $school=mysql_fetch_object($q);
if($school) { if($school) {
if($_POST['action']=="save") { draw_dashboard();
/* Get info about science head */
$sciencehead_update = '';
list($first, $last) = split(' ', $_POST['sciencehead'], 2);
$em = $_POST['scienceheademail'];
if($em == '' && ($first != '' || $last != '')) $em = "*$first$last".user_generate_password();
/* Load existing record, or create new if there's something
* to insert */
if($school->sciencehead_uid > 0)
$sh = user_load_by_uid($school->sciencehead_uid);
else if($em != '') {
$sh = user_create('teacher', $em);
$sciencehead_update = "sciencehead_uid='{$sh['uid']}',";
} else
$sh = false;
/* If we have a record, either delete it or update it */
if(is_array($sh)) {
if($em == '') {
user_purge($sh, 'teacher');
$sciencehead_update = 'sciencehead_uid=NULL,';
} else {
$sh['firstname'] = $first;
$sh['lastname'] = $last;
$sh['phonework'] = $_POST['scienceheadphone'];
$sh['email'] = $em;
$sh['username'] = $em;
user_save($sh);
}
}
mysql_query("UPDATE schools SET
school='".mysql_escape_string(stripslashes($_POST['school']))."',
address='".mysql_escape_string(stripslashes($_POST['address']))."',
city='".mysql_escape_string(stripslashes($_POST['city']))."',
province_code='".mysql_escape_string(stripslashes($_POST['province_code']))."',
postalcode='".mysql_escape_string(stripslashes($_POST['postalcode']))."',
phone='".mysql_escape_string(stripslashes($_POST['phone']))."',
$sciencehead_update
fax='".mysql_escape_string(stripslashes($_POST['fax']))."'
WHERE id='$school->id'");
echo mysql_error();
if(mysql_error())
echo error(i18n("An Error occured trying to save the school information"));
else
echo happy(i18n("School information successfully updated"));
//and reselect it
$q=mysql_query("SELECT * FROM schools WHERE id='".$_SESSION['schoolid']."' AND accesscode='".$_SESSION['schoolaccesscode']."' AND year='".$config['FAIRYEAR']."'");
echo mysql_error();
$school=mysql_fetch_object($q);
}
/*
if($_POST['action']=="numbers")
{
mysql_query("UPDATE schools SET
junior='".$_POST['junior']."',
intermediate='".$_POST['intermediate']."',
senior='".$_POST['senior']."'
WHERE id='$school->id'");
echo mysql_error();
$q=mysql_query("SELECT * FROM schools WHERE id='".$_SESSION['schoolid']."' AND accesscode='".$_SESSION['schoolaccesscode']."'");
echo "<font color=blue><b>Participation Information Successfully Updated</b></font><br>\n";
$school=mysql_fetch_object($q);
}
*/
if($school->sciencehead_uid > 0)
$sh = user_load_by_uid($school->sciencehead_uid);
else
$sh = array();
$sh_email = ($sh['email'] != '' && $sh['email'][0] != '*') ? $sh['email'] : '';
if($_POST['action'] == "feedback"){
$body="";
$body.=date("r")."\n";
$body.=$_SERVER['REMOTE_ADDR']." (".$_SERVER['REMOTE_HOST'].")\n";
$body.="School ID: $school->id\n";
$body.="School Name: $school->school\n";
if($sh['name']) $body.="Science Teacher: {$sh['name']}\n";
if($sh['phonework']) $body.="Science Teacher Phone: {$sh['phonework']}\n";
if($sh_email) $body.="Science Teacher Email: $sh_email\n";
$body.="\nFeedback:\n".stripslashes($_POST['feedbacktext'])."\n";
$returnEmailAddress = $sh_email;
mail($config['fairmanageremail'],"School Feedback",$body,"From: ". $returnEmailAddress."\nReply-To: ".$returnEmailAddress."\nReturn-Path: ".$returnEmailAddress);
echo happy(i18n("Your feedback has been sent"));
}
switch($_GET['action']){
case "givefeedback":
draw_feedback();
break;
case "schoolinfo":
draw_schoolInfo();
break;
case "participantreg":
draw_participantReg();
break;
default:
draw_dashboard();
break;
}
}else{ }else{
echo error(i18n("Invalid School ID or Access Code")); echo error(i18n("Invalid School ID or Access Code"));
} }
} }else {
else {
draw_login(); draw_login();
} }
send_footer(); send_footer();
// FIXME - this needs to be beautified // FIXME - this needs to be beautified
function draw_dashboard(){ function draw_dashboard(){
send_header("School Access"); send_header("School Access");
global $config; global $config;
global $conference; global $conference;
echo "<ul>\n"; echo "<ul>\n";
echo '<li><a href="' . $_SERVER['PHP_SELF'] . '?action=schoolinfo">' . i18n("School Information") . "</a></li>\n"; echo '<li><a href="schoolinfo.php">' . i18n("School Information") . "</a></li>\n";
if($conference['id'] == 0){ if($conference['id'] == 0 || $conference['type'] == 'sciencefair'){
if($config['participant_registration_type']=="schoolpassword" if($config['participant_registration_type']=="schoolpassword"
|| $config['participant_registration_type']=="invite" || $config['participant_registration_type']=="invite"
|| $config['participant_registration_type']=="openorinvite" || $config['participant_registration_type']=="openorinvite"
){ ){
echo '<li><a href="' . $_SERVER['PHP_SELF'] . '?action=participantreg">' . i18n("Participant Registration") . "</a></li>\n"; echo '<li><a href="schoolinvite.php">' . i18n("Participant Registration") . "</a></li>\n";
} }
}else{ }else if($conference['type'] == 'scienceolympics'){
echo '<li><a href="manage_teams.php">' . i18n("Manage Teams") . "</a></li>\n"; echo '<li><a href="manage_teams.php">' . i18n("Manage Teams") . "</a></li>\n";
} }
echo '<li><a href="' . $_SERVER['PHP_SELF'] . '?action=givefeedback">' . i18n("School Feedback / Questions") . "</a></li>"; echo '<li><a href="schoolfeedback.php">' . i18n("School Feedback / Questions") . "</a></li>";
echo "</ul>\n"; echo "</ul>\n";
} }
@ -223,86 +114,3 @@ function draw_login(){
<? <?
} }
function draw_feedback(){
global $sh_email;
$title = i18n("School Feedback / Questions");
send_header($title, array("School Access" => _THISFILE));
echo i18n("We are always welcome to any feedback (both positive and constructive criticism!), or any questions you may have. Please use the following form to communicate with the science fair committee!");
if($sh_email != '') {
echo "<form method=POST action=\"schoolaccess.php\">";
echo "<input type=hidden name=action value=\"feedback\">";
echo "<br><textarea name=feedbacktext rows=8 cols=60></textarea><br>";
echo "<input type=submit value=\"Send Feedback\">";
echo "</form>";
}else{
echo error(i18n("Feedback is disabled until a science teacher email address is entered above"));
}
}
function draw_schoolInfo(){
global $school, $sh, $sh_email, $config;
$title = i18n("School Information");
send_header($title, array("School Access" => _THISFILE));
echo "<h3>$school->school</h3>";
echo i18n("Please make sure your school contact information is correct, make any necessary changes:");
echo "<form method=POST action=\"schoolaccess.php\">";
echo "<input type=hidden name=action value=\"save\">";
echo "<table border=0 cellspacing=0 cellpadding=3>";
echo "<tr><td>".i18n("School Name")."</td><td><input value=\"$school->school\" type=text name=school size=40></td></tr>";
// echo "<tr><td>Registration Password</td><td><input value=\"$school->registration_password\" type=text name=\"registration_password\" size=\"20\"></td></tr>";
echo "<tr><td>".i18n("Address")."</td><td><input value=\"$school->address\" type=text name=address size=40></td></tr>";
echo "<tr><td>".i18n("City")."</td><td><input value=\"$school->city\" type=text name=city size=30></td></tr>";
echo "<tr><td>".i18n($config['provincestate'])."</td><td>";
emit_province_selector("province_code",$school->province_code);
echo "</td></tr>\n";
echo "<tr><td>".i18n($config['postalzip'])."</td><td><input value=\"$school->postalcode\" type=text name=postalcode size=10></td></tr>";
echo "<tr><td>".i18n("Phone Number")."</td><td><input value=\"$school->phone\" type=text name=phone size=30></td></tr>";
echo "<tr><td>".i18n("Fax Number")."</td><td><input value=\"$school->fax\" type=text name=fax size=30></td></tr>";
echo "<tr><td>".i18n("Science Teacher")."</td><td><input value=\"{$sh['name']}\" type=text name=sciencehead size=40></td></tr>";
echo "<tr><td>".i18n("Science Teacher Email")."</td><td><input value=\"$sh_email\" type=text name=scienceheademail size=40></td></tr>";
echo "<tr><td>".i18n("Science Teacher Phone")."<br><font size=1>(".i18n("If different than above").")</font></td><td><input value=\"{$sh['phonework']}\" type=text name=scienceheadphone size=30></td></tr>";
echo "</table>";
echo "<input type=submit value=\"".i18n("Save Changes")."\">";
echo "</form>";
echo "<br>";
}
function draw_participantReg(){
global $school, $config;
$title = i18n("Participant Registration");
send_header($title, array("School Access" => _THISFILE));
if($config['participant_registration_type']=="schoolpassword")
{
echo "<h4>".i18n("Participant Registration Password")."</h4>";
echo i18n("In order for your school's students to register for the fair, they will need to know your specific school registration password");
echo "<br />";
echo "<br />";
echo i18n("Registration Password: <b>%1</b>",array($school->registration_password));
echo "<br />";
echo "<br />";
}
else if($config['participant_registration_type']=="invite" || $config['participant_registration_type']=="openorinvite" )
{
echo "<h4>".i18n("Participant Registration Invitations")."</h4>";
if($config['participant_registration_type']=="invite")
echo i18n("In order for your school's students to register for the fair, you must first invite them via email. Use the 'Participant Registration Invitations' link below to invite your students to the fair");
else if($config['participant_registration_type']=="openorinvite" )
echo i18n("In order for your school's students to register for the fair, you can invite them via email using the 'Participant Registration Invitations' link below, or they can register on their own by accessing the 'Participant Registration' link in the menu.");
echo "<br />";
echo "<br />";
echo "&nbsp;&nbsp;&nbsp;<a href=\"schoolinvite.php\">".i18n("Participant Registration Invitations")."</a>";
echo "<br />";
}
}

53
schoolfeedback.php Normal file
View File

@ -0,0 +1,53 @@
<?php
require_once('common.inc.php');
require_once('user.inc.php');
if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode'])
{
$title = i18n("Feedback / Questions");
send_header($title, array("School Access" => "schoolaccess.php"));
// load the school info
$q=mysql_query("SELECT * FROM schools WHERE id='".$_SESSION['schoolid']."' AND accesscode='".$_SESSION['schoolaccesscode']."' AND year='".$config['FAIRYEAR']."'");
echo mysql_error();
$school=mysql_fetch_object($q);
if($school->sciencehead_uid > 0)
$sh = user_load_by_uid($school->sciencehead_uid);
else
$sh = array();
$sh_email = ($sh['email'] != '' && $sh['email'][0] != '*') ? $sh['email'] : '';
// send the e-mail if we're receiving a post
if(array_key_exists('feedbacktext', $_POST)){
$body="";
$body.=date("r")."\n";
$body.=$_SERVER['REMOTE_ADDR']." (".$_SERVER['REMOTE_HOST'].")\n";
$body.="School ID: $school->id\n";
$body.="School Name: $school->school\n";
if($sh['name']) $body.="Science Teacher: {$sh['name']}\n";
if($sh['phonework']) $body.="Science Teacher Phone: {$sh['phonework']}\n";
if($sh_email) $body.="Science Teacher Email: $sh_email\n";
$body.="\nFeedback:\n".stripslashes($_POST['feedbacktext'])."\n";
$returnEmailAddress = $sh_email;
mail($config['fairmanageremail'],"School Feedback",$body,"From: ". $returnEmailAddress."\nReply-To: ".$returnEmailAddress."\nReturn-Path: ".$returnEmailAddress);
echo happy_("Your feedback has been sent");
}
// draw the feedback form
echo i18n("We are always welcome to any feedback (both positive and constructive criticism!), or any questions you may have. Please use the following form to communicate with the science fair committee!");
if($sh_email != '') {
echo "<form method=POST action=\"schoolfeedback.php\">";
echo "<br><textarea name=feedbacktext rows=8 cols=60></textarea><br>";
echo "<input type=submit value=\"Send Feedback\">";
echo "</form>";
}else{
echo error("Feedback is disabled until a science teacher email address is entered above");
}
send_footer();
}else{
header('Location: schoolaccess.php');
}
?>

118
schoolinfo.php Normal file
View File

@ -0,0 +1,118 @@
<?php
require_once('common.inc.php');
require_once('user.inc.php');
if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode'])
{
$title = i18n("School Information");
send_header($title, array("School Access" => "schoolaccess.php"));
$q=mysql_query("SELECT * FROM schools WHERE id='".$_SESSION['schoolid']."' AND accesscode='".$_SESSION['schoolaccesscode']."' AND year='".$config['FAIRYEAR']."'");
echo mysql_error();
$school=mysql_fetch_object($q);
if($school->sciencehead_uid > 0)
$sh = user_load_by_uid($school->sciencehead_uid);
else
$sh = array();
$sh_email = ($sh['email'] != '' && $sh['email'][0] != '*') ? $sh['email'] : '';
if($_POST['action']=="save") {
/* Get info about science head */
$sciencehead_update = '';
list($first, $last) = split(' ', $_POST['sciencehead'], 2);
$em = $_POST['scienceheademail'];
if($em == '' && ($first != '' || $last != '')) $em = "*$first$last".user_generate_password();
if($school->sciencehead_uid > 0)
$sh = user_load_by_uid($school->sciencehead_uid);
else if($em != '') {
$sh = user_create('teacher', $em);
$sciencehead_update = "sciencehead_uid='{$sh['uid']}',";
} else
$sh = false;
/* If we have a record, either delete it or update it */
if(is_array($sh)) {
if($em == '') {
user_purge($sh, 'teacher');
$sciencehead_update = 'sciencehead_uid=NULL,';
} else {
$sh['firstname'] = $first;
$sh['lastname'] = $last;
$sh['phonework'] = $_POST['scienceheadphone'];
$sh['email'] = $em;
$sh['username'] = $em;
user_save($sh);
}
}
mysql_query("UPDATE schools SET
school='".mysql_escape_string(stripslashes($_POST['school']))."',
address='".mysql_escape_string(stripslashes($_POST['address']))."',
city='".mysql_escape_string(stripslashes($_POST['city']))."',
province_code='".mysql_escape_string(stripslashes($_POST['province_code']))."',
postalcode='".mysql_escape_string(stripslashes($_POST['postalcode']))."',
phone='".mysql_escape_string(stripslashes($_POST['phone']))."',
$sciencehead_update
fax='".mysql_escape_string(stripslashes($_POST['fax']))."'
WHERE id='$school->id'");
echo mysql_error();
if(mysql_error())
echo error(i18n("An Error occured trying to save the school information"));
else
echo happy(i18n("School information successfully updated"));
}
}else{
header('Location: schoolaccess.php');
exit();
}
// load the school info
$q=mysql_query("SELECT * FROM schools WHERE id='".$_SESSION['schoolid']."' AND accesscode='".$_SESSION['schoolaccesscode']."' AND year='".$config['FAIRYEAR']."'");
echo mysql_error();
$school=mysql_fetch_object($q);
if($school->sciencehead_uid > 0)
$sh = user_load_by_uid($school->sciencehead_uid);
else
$sh = array();
$sh_email = ($sh['email'] != '' && $sh['email'][0] != '*') ? $sh['email'] : '';
draw_page();
send_footer();
function draw_page(){
global $config, $school, $sh_email, $sh_email, $sh;
echo i18n("Please make sure your school contact information is correct, make any necessary changes:");
echo "<form method=POST action=\"schoolinfo.php\">";
echo "<input type=hidden name=action value=\"save\">";
echo "<table border=0 cellspacing=0 cellpadding=3>";
echo "<tr><td>".i18n("School Name")."</td><td><input value=\"$school->school\" type=text name=school size=40></td></tr>";
// echo "<tr><td>Registration Password</td><td><input value=\"$school->registration_password\" type=text name=\"registration_password\" size=\"20\"></td></tr>";
echo "<tr><td>".i18n("Address")."</td><td><input value=\"$school->address\" type=text name=address size=40></td></tr>";
echo "<tr><td>".i18n("City")."</td><td><input value=\"$school->city\" type=text name=city size=30></td></tr>";
echo "<tr><td>".i18n($config['provincestate'])."</td><td>";
emit_province_selector("province_code",$school->province_code);
echo "</td></tr>\n";
echo "<tr><td>".i18n($config['postalzip'])."</td><td><input value=\"$school->postalcode\" type=text name=postalcode size=10></td></tr>";
echo "<tr><td>".i18n("Phone Number")."</td><td><input value=\"$school->phone\" type=text name=phone size=30></td></tr>";
echo "<tr><td>".i18n("Fax Number")."</td><td><input value=\"$school->fax\" type=text name=fax size=30></td></tr>";
echo "<tr><td>".i18n("Science Teacher")."</td><td><input value=\"{$sh['name']}\" type=text name=sciencehead size=40></td></tr>";
echo "<tr><td>".i18n("Science Teacher Email")."</td><td><input value=\"$sh_email\" type=text name=scienceheademail size=40></td></tr>";
echo "<tr><td>".i18n("Science Teacher Phone")."<br><font size=1>(".i18n("If different than above").")</font></td><td><input value=\"{$sh['phonework']}\" type=text name=scienceheadphone size=30></td></tr>";
echo "</table>";
echo "<input type=submit value=\"".i18n("Save Changes")."\">";
echo "</form>";
echo "<br>";
}
?>

View File

@ -1,269 +1,288 @@
<? <?
include "common.inc.php"; include "common.inc.php";
if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode']) if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode'] && $conference['type'] != 'scienceolympics'){
{
send_header("School Participant Invitations"); send_header("School Participant Invitations");
echo "<a href=\"schoolaccess.php\">&lt;&lt; ".i18n("Return to school access main page")."</a><br />";
echo "<br />";
$q=mysql_query("SELECT * FROM schools WHERE id='".$_SESSION['schoolid']."' AND accesscode='".$_SESSION['schoolaccesscode']."' AND year='".$config['FAIRYEAR']."'"); $q=mysql_query("SELECT * FROM schools WHERE id='".$_SESSION['schoolid']."' AND accesscode='".$_SESSION['schoolaccesscode']."' AND year='".$config['FAIRYEAR']."'");
echo mysql_error(); echo mysql_error();
$school=mysql_fetch_object($q); $school=mysql_fetch_object($q);
if($school) if($school)
{ {
if($config['participant_registration_type']=="invite" || $config['participant_registration_type']=="openorinvite" )
if($config['participant_registration_type']=="schoolpassword")
{ {
if($_POST['action']=="invite") echo "<h4>".i18n("Participant Registration Password")."</h4>";
echo i18n("In order for your school's students to register for the fair, they will need to know your specific school registration password");
echo "<br />";
echo "<br />";
echo i18n("Registration Password: <b>%1</b>",array($school->registration_password));
echo "<br />";
echo "<br />";
}
else if($config['participant_registration_type']=="invite" || $config['participant_registration_type']=="openorinvite" )
{
echo "<h4>".i18n("Participant Registration Invitations")."</h4>";
if($config['participant_registration_type']=="invite")
echo i18n("In order for your school's students to register for the fair, you must first invite them via email. Use the 'Participant Registration Invitations' link below to invite your students to the fair");
else if($config['participant_registration_type']=="openorinvite" )
echo i18n("In order for your school's students to register for the fair, you can invite them via email using the 'Participant Registration Invitations' link below, or they can register on their own by accessing the 'Participant Registration' link in the menu.");
echo "<br />";
echo "<br />";
echo "&nbsp;&nbsp;&nbsp;<a href=\"schoolinvite.php\">".i18n("Participant Registration Invitations")."</a>";
echo "<br />";
echo "<a href=\"schoolaccess.php\">&lt;&lt; ".i18n("Return to school access main page")."</a><br />";
echo "<br />";
if($config['participant_registration_type']=="invite" || $config['participant_registration_type']=="openorinvite" )
{ {
if($_POST['firstname'] && $_POST['lastname'] && $_POST['email'] && $_POST['grade']) if($_POST['action']=="invite")
{ {
//make sure they arent already invited! if($_POST['firstname'] && $_POST['lastname'] && $_POST['email'] && $_POST['grade'])
$q=mysql_query("SELECT firstname, lastname FROM students WHERE year='".$config['FAIRYEAR']."' AND email='".$_POST['email']."'");
if(mysql_num_rows($q))
{ {
echo error(i18n("That students email address has already been invited")); //make sure they arent already invited!
$q=mysql_query("SELECT firstname, lastname FROM students WHERE year='".$config['FAIRYEAR']."' AND email='".$_POST['email']."'");
if(mysql_num_rows($q))
{
echo error(i18n("That students email address has already been invited"));
}
else
{
$regnum=0;
//now create the new registration record, and assign a random/unique registration number to then.
do{
//random number between
//100000 and 999999 (six digit integer)
$regnum=rand(100000,999999);
$q=mysql_query("SELECT * FROM registrations WHERE num='$regnum' AND year=".$config['FAIRYEAR']);
}while(mysql_num_rows($q)>0);
//actually insert it
mysql_query("INSERT INTO registrations (num,email,emailcontact,start,status,year) VALUES (".
"'$regnum',".
"'".$_POST['email']."',".
"'".$_POST['emailcontact']."',".
"NOW(),".
"'open',".
$config['FAIRYEAR'].
")");
$regid=mysql_insert_id();
mysql_query("INSERT INTO students (registrations_id,email,firstname,lastname,schools_id,grade,year) VALUES (
'$regid',
'".mysql_escape_string($_POST['email'])."',
'".mysql_escape_string($_POST['firstname'])."',
'".mysql_escape_string($_POST['lastname'])."',
'".mysql_escape_string($_SESSION['schoolid'])."',
'".mysql_escape_string($_POST['grade'])."',
'".$config['FAIRYEAR']."')");
email_send("new_participant",$_POST['email'],array(),array("REGNUM"=>$regnum, "EMAIL"=>$_POST['email']));
if($_POST['emailcontact'])
email_send("new_participant",$_POST['emailcontact'],array(),array("REGNUM"=>$regnum, "EMAIL"=>$_POST['email']));
echo happy(i18n("The participant has been successfully invited"));
}
} }
else else
{ echo error(i18n("All fields are required for invitations"));
$regnum=0;
//now create the new registration record, and assign a random/unique registration number to then.
do
{
//random number between
//100000 and 999999 (six digit integer)
$regnum=rand(100000,999999);
$q=mysql_query("SELECT * FROM registrations WHERE num='$regnum' AND year=".$config['FAIRYEAR']);
}while(mysql_num_rows($q)>0);
//actually insert it
mysql_query("INSERT INTO registrations (num,email,emailcontact,start,status,year) VALUES (".
"'$regnum',".
"'".$_POST['email']."',".
"'".$_POST['emailcontact']."',".
"NOW(),".
"'open',".
$config['FAIRYEAR'].
")");
$regid=mysql_insert_id();
mysql_query("INSERT INTO students (registrations_id,email,firstname,lastname,schools_id,grade,year) VALUES (
'$regid',
'".mysql_escape_string($_POST['email'])."',
'".mysql_escape_string($_POST['firstname'])."',
'".mysql_escape_string($_POST['lastname'])."',
'".mysql_escape_string($_SESSION['schoolid'])."',
'".mysql_escape_string($_POST['grade'])."',
'".$config['FAIRYEAR']."')");
email_send("new_participant",$_POST['email'],array(),array("REGNUM"=>$regnum, "EMAIL"=>$_POST['email']));
if($_POST['emailcontact'])
email_send("new_participant",$_POST['emailcontact'],array(),array("REGNUM"=>$regnum, "EMAIL"=>$_POST['email']));
echo happy(i18n("The participant has been successfully invited"));
}
} }
else
echo error(i18n("All fields are required for invitations"));
}
if($_GET['action']=="uninvite") if($_GET['action']=="uninvite")
{
//first, make sure that this is really their student, and it sfor this year.
$q=mysql_query("SELECT * FROM students WHERE id='".$_GET['uninvite']."' AND year='".$config['FAIRYEAR']."' AND schools_id='".$_SESSION['schoolid']."'");
if(mysql_num_rows($q))
{ {
$r=mysql_fetch_object($q); //first, make sure that this is really their student, and it sfor this year.
$registrations_id=$r->registrations_id; $q=mysql_query("SELECT * FROM students WHERE id='".$_GET['uninvite']."' AND year='".$config['FAIRYEAR']."' AND schools_id='".$_SESSION['schoolid']."'");
if($registrations_id) //just to be safe! if(mysql_num_rows($q))
{ {
mysql_query("DELETE FROM students WHERE registrations_id='$registrations_id'"); $r=mysql_fetch_object($q);
mysql_query("DELETE FROM projects WHERE registrations_id='$registrations_id'"); $registrations_id=$r->registrations_id;
mysql_query("DELETE FROM mentors WHERE registrations_id='$registrations_id'"); if($registrations_id) //just to be safe!
mysql_query("DELETE FROM safety WHERE registrations_id='$registrations_id'");
mysql_query("DELETE FROM emergencycontact WHERE registrations_id='$registrations_id'");
mysql_query("DELETE FROM registrations WHERE id='$registrations_id'");
echo happy(i18n("Student successfully uninvited"));
}
}
else
echo error(i18n("Invalid student to uninvite"));
}
$q=mysql_query("SELECT (NOW()>'".$config['dates']['regopen']."' AND NOW()<'".$config['dates']['regclose']."') AS datecheck");
$datecheck=mysql_fetch_object($q);
$q=mysql_query("SELECT students.*,
registrations.num,
registrations.emailcontact
FROM
students,
registrations
WHERE
students.schools_id='".$school->id."'
AND students.year='".$config['FAIRYEAR']."'
AND students.registrations_id=registrations.id
ORDER BY
lastname,
firstname");
$currentinvited=mysql_num_rows($q);
if($datecheck!=0)
{
echo i18n("In order for your school's students to register for the fair, you will need to invite them to register. Simply enter their email address below to invite them to register. <b>Important</b>: for group projects, only add one of the participants, that participant will then add the other group member(s) to the project");
echo "<br />";
echo "<br />";
$okaygrades=array();
if($config['participant_registration_type']=="invite")
{
if($school->projectlimitper=="total")
{
if($school->projectlimit)
{ {
echo i18n("You have invited %1 of %2 total projects for your school",array($currentinvited,$school->projectlimit)); mysql_query("DELETE FROM students WHERE registrations_id='$registrations_id'");
if($currenteinvited<$school->projectlimit) mysql_query("DELETE FROM projects WHERE registrations_id='$registrations_id'");
{ mysql_query("DELETE FROM mentors WHERE registrations_id='$registrations_id'");
mysql_query("DELETE FROM safety WHERE registrations_id='$registrations_id'");
mysql_query("DELETE FROM emergencycontact WHERE registrations_id='$registrations_id'");
mysql_query("DELETE FROM registrations WHERE id='$registrations_id'");
echo happy(i18n("Student successfully uninvited"));
}
}
else
echo error(i18n("Invalid student to uninvite"));
}
$q=mysql_query("SELECT (NOW()>'".$config['dates']['regopen']."' AND NOW()<'".$config['dates']['regclose']."') AS datecheck");
$datecheck=mysql_fetch_object($q);
$q=mysql_query("SELECT students.*,
registrations.num,
registrations.emailcontact
FROM
students,
registrations
WHERE
students.schools_id='".$school->id."'
AND students.year='".$config['FAIRYEAR']."'
AND students.registrations_id=registrations.id
ORDER BY
lastname,
firstname");
$currentinvited=mysql_num_rows($q);
if($datecheck!=0)
{
echo i18n("In order for your school's students to register for the fair, you will need to invite them to register. Simply enter their email address below to invite them to register. <b>Important</b>: for group projects, only add one of the participants, that participant will then add the other group member(s) to the project");
echo "<br />";
echo "<br />";
$okaygrades=array();
if($config['participant_registration_type']=="invite")
{
if($school->projectlimitper=="total")
{
if($school->projectlimit){
echo i18n("You have invited %1 of %2 total projects for your school",array($currentinvited,$school->projectlimit));
if($currenteinvited<$school->projectlimit){
for($a=$config['mingrade'];$a<=$config['maxgrade'];$a++)
$okaygrades[]=$a;
}
}
else{
echo i18n("You have invited %1 project(s) for your school",array($currentinvited,$school->projectlimit));
for($a=$config['mingrade'];$a<=$config['maxgrade'];$a++) for($a=$config['mingrade'];$a<=$config['maxgrade'];$a++)
$okaygrades[]=$a; $okaygrades[]=$a;
}
}
else if($school->projectlimitper=="agecategory")
{
echo "<br />";
$catq=mysql_query("SELECT * FROM projectcategories WHERE year='".$config['FAIRYEAR']."' ORDER BY id");
while($catr=mysql_fetch_object($catq)){
$q2=mysql_query("SELECT COUNT(students.id) AS num
FROM
students,
registrations
WHERE
students.schools_id='".$school->id."'
AND students.grade>='$catr->mingrade'
AND students.grade<='$catr->maxgrade'
AND students.year='".$config['FAIRYEAR']."'
AND students.registrations_id=registrations.id
");
echo mysql_error();
$r2=mysql_fetch_object($q2);
$currentinvited=$r2->num;
if($currentinvited<$school->projectlimit || $school->projectlimit==0){
for($a=$catr->mingrade;$a<=$catr->maxgrade;$a++)
$okaygrades[]=$a;
}
echo i18n("You have invited %1 of %2 total projects for for the %3 age category",array($currentinvited,$school->projectlimit,i18n($catr->category)));
echo "<br />";
} }
} }
else else
{ {
echo i18n("You have invited %1 project(s) for your school",array($currentinvited,$school->projectlimit)); //hmm projectlimitper has not been set
for($a=$config['mingrade'];$a<=$config['maxgrade'];$a++) //so we have no limits, anyone can register or they can add as many as they want.
$okaygrades[]=$a; for($x=$config['mingrade']; $x<=$config['maxgrade']; $x++)
$okaygrades[]=$x;
}
}
else if($school->projectlimitper=="agecategory")
{
echo "<br />";
$catq=mysql_query("SELECT * FROM projectcategories WHERE year='".$config['FAIRYEAR']."' ORDER BY id");
while($catr=mysql_fetch_object($catq))
{
$q2=mysql_query("SELECT COUNT(students.id) AS num
FROM
students,
registrations
WHERE
students.schools_id='".$school->id."'
AND students.grade>='$catr->mingrade'
AND students.grade<='$catr->maxgrade'
AND students.year='".$config['FAIRYEAR']."'
AND students.registrations_id=registrations.id
");
echo mysql_error();
$r2=mysql_fetch_object($q2);
$currentinvited=$r2->num;
if($currentinvited<$school->projectlimit || $school->projectlimit==0)
{
for($a=$catr->mingrade;$a<=$catr->maxgrade;$a++)
$okaygrades[]=$a;
}
echo i18n("You have invited %1 of %2 total projects for for the %3 age category",array($currentinvited,$school->projectlimit,i18n($catr->category)));
echo "<br />";
} }
} }
else else
{ {
//hmm projectlimitper has not been set // this could be an else if $config['participant_registration_type']=="openorinvite" )
//because openorinvite is the only other option
//so we have no limits, anyone can register or they can add as many as they want. //so we have no limits, anyone can register or they can add as many as they want.
//you cannot enforce limits when the system is 'open' because anyone can choose any school
//and if its openorinvite then whatever happens in the inviter still morepeople can be added
//by themselves, so there's no point in having limits.
for($x=$config['mingrade']; $x<=$config['maxgrade']; $x++) for($x=$config['mingrade']; $x<=$config['maxgrade']; $x++)
$okaygrades[]=$x; $okaygrades[]=$x;
} }
} echo "<br />";
else
{
// this could be an else if $config['participant_registration_type']=="openorinvite" )
//because openorinvite is the only other option
//so we have no limits, anyone can register or they can add as many as they want. if(count($okaygrades))
//you cannot enforce limits when the system is 'open' because anyone can choose any school {
//and if its openorinvite then whatever happens in the inviter still morepeople can be added
//by themselves, so there's no point in having limits.
for($x=$config['mingrade']; $x<=$config['maxgrade']; $x++)
$okaygrades[]=$x;
echo "<form method=POST action=\"schoolinvite.php\">";
echo "<input type=hidden name=action value=\"invite\">";
echo "<table>";
echo "<tr><td><nobr>".i18n("Student Email Address")."</nobr></td><td><input type=\"text\" name=\"email\" /></td><td>".i18n("Or unique username for student")."</td></tr>";
echo "<tr><td><nobr>".i18n("Contact Email Address")."</nobr></td><td><input type=\"text\" name=\"emailcontact\" /></td><td>".i18n("Any emails that would normally go to the student, will also be sent to this address")."</td></tr>";
echo "<tr><td><nobr>".i18n("Student First Name")."</nobr></td><td colspan=\"2\"><input type=\"text\" name=\"firstname\" /></td></tr>";
echo "<tr><td><nobr>".i18n("Student Last Name")."</nobr></td><td colspan=\"2\"><input type=\"text\" name=\"lastname\" /></td></tr>";
echo "<tr><td><nobr>".i18n("Grade")."</nobr></td><td colspan=\"2\">";
echo "<select name=\"grade\">\n";
echo "<option value=\"\">".i18n("Select Grade")."</option>\n";
// for($gr=$config['mingrade'];$gr<=$config['maxgrade'];$gr++)
foreach($okaygrades AS $gr)
{
echo "<option value=\"$gr\">$gr</option>\n";
}
echo "</td></tr>";
echo "</table>";
echo "<input type=\"submit\" value=\"Invite Participant\">";
echo "</form>";
}
else
{
echo notice(i18n("You have invited the maximum number of participants for your school"));
}
} }
echo "<br />"; echo "<br />";
if(count($okaygrades)) echo "<h4>".i18n("Invited participants from your school")."</h4>";
if(mysql_num_rows($q))
{ {
echo "<table class=\"summarytable\">";
echo "<form method=POST action=\"schoolinvite.php\">"; echo "<tr><th>".i18n("Last Name")."</th><th>".i18n("First Name")."</th>";
echo "<input type=hidden name=action value=\"invite\">"; echo "<th>".i18n("Email Address")."</th>";
echo "<th>".i18n("Grade")."</th>";
echo "<table>"; echo "<th>".i18n("Registration Number")."</th>";
echo "<tr><td><nobr>".i18n("Student Email Address")."</nobr></td><td><input type=\"text\" name=\"email\" /></td><td>".i18n("Or unique username for student")."</td></tr>"; echo "<th colspan=\"2\">".i18n("Actions")."</th></tr>";
echo "<tr><td><nobr>".i18n("Contact Email Address")."</nobr></td><td><input type=\"text\" name=\"emailcontact\" /></td><td>".i18n("Any emails that would normally go to the student, will also be sent to this address")."</td></tr>"; while($r=mysql_fetch_object($q))
echo "<tr><td><nobr>".i18n("Student First Name")."</nobr></td><td colspan=\"2\"><input type=\"text\" name=\"firstname\" /></td></tr>";
echo "<tr><td><nobr>".i18n("Student Last Name")."</nobr></td><td colspan=\"2\"><input type=\"text\" name=\"lastname\" /></td></tr>";
echo "<tr><td><nobr>".i18n("Grade")."</nobr></td><td colspan=\"2\">";
echo "<select name=\"grade\">\n";
echo "<option value=\"\">".i18n("Select Grade")."</option>\n";
// for($gr=$config['mingrade'];$gr<=$config['maxgrade'];$gr++)
foreach($okaygrades AS $gr)
{ {
echo "<option value=\"$gr\">$gr</option>\n"; echo "<tr><td>$r->lastname</td><td>$r->firstname</td>";
echo "<td>$r->email";
if($r->emailcontact)
echo " / $r->emailcontact";
echo "</td>";
echo "<td align=\"center\">$r->grade</td>";
echo "<td align=\"center\">$r->num</td>";
echo "<td align=\"center\">";
echo "<form target=\"_blank\" method=\"post\" action=\"register_participants.php\">";
echo "<input type=\"hidden\" name=\"action\" value=\"continue\">";
echo "<input type=\"hidden\" name=\"email\" value=\"$r->email\">";
echo "<input type=\"hidden\" name=\"regnum\" value=\"$r->num\">";
echo "<input type=\"submit\" value=\"".i18n("Login")."\">";
echo "</form>";
echo "</td><td>";
echo "<a onclick=\"return confirmClick('Are you sure you want to uninvite this student?')\" href=\"schoolinvite.php?action=uninvite&uninvite=$r->id\"><img border=0 src=\"".$config['SFIABDIRECTORY']."/images/16/button_cancel.".$config['icon_extension']."\"></a>";
echo "</td>";
echo "</tr>";
} }
echo "</td></tr>";
echo "</table>"; echo "</table>";
echo "<input type=\"submit\" value=\"Invite Participant\">";
echo "</form>";
} }
else else
{ echo i18n("You have not yet invited any participants from your school");
echo notice(i18n("You have invited the maximum number of participants for your school"));
}
}
echo "<br />";
echo "<h4>".i18n("Invited participants from your school")."</h4>";
if(mysql_num_rows($q))
{
echo "<table class=\"summarytable\">";
echo "<tr><th>".i18n("Last Name")."</th><th>".i18n("First Name")."</th>";
echo "<th>".i18n("Email Address")."</th>";
echo "<th>".i18n("Grade")."</th>";
echo "<th>".i18n("Registration Number")."</th>";
echo "<th colspan=\"2\">".i18n("Actions")."</th></tr>";
while($r=mysql_fetch_object($q))
{
echo "<tr><td>$r->lastname</td><td>$r->firstname</td>";
echo "<td>$r->email";
if($r->emailcontact)
echo " / $r->emailcontact";
echo "</td>";
echo "<td align=\"center\">$r->grade</td>";
echo "<td align=\"center\">$r->num</td>";
echo "<td align=\"center\">";
echo "<form target=\"_blank\" method=\"post\" action=\"register_participants.php\">";
echo "<input type=\"hidden\" name=\"action\" value=\"continue\">";
echo "<input type=\"hidden\" name=\"email\" value=\"$r->email\">";
echo "<input type=\"hidden\" name=\"regnum\" value=\"$r->num\">";
echo "<input type=\"submit\" value=\"".i18n("Login")."\">";
echo "</form>";
echo "</td><td>";
echo "<a onclick=\"return confirmClick('Are you sure you want to uninvite this student?')\" href=\"schoolinvite.php?action=uninvite&uninvite=$r->id\"><img border=0 src=\"".$config['SFIABDIRECTORY']."/images/16/button_cancel.".$config['icon_extension']."\"></a>";
echo "</td>";
echo "</tr>";
} }
echo "</table>";
}
else
echo i18n("You have not yet invited any participants from your school");
} }
} }