arman/science-ation
1
1
Fork 0
forked from science-ation/science-ation
Code Pull Requests Activity

Compare commits

base: arman:8569fb79f8683cf10f9a57145071d31aa2c2a42b
Branches Tags
arman:master
arman:science-ation
arman:pdf-manager-setup
arman:science-ation_tours
arman:school-imports
arman:science-ation-pre-release
arman:sfiab_3
arman:science-ation-format-code
arman:science-ation_address-complete
arman:science-ation-misc
arman:database
arman:ui-2.0
arman:errors_warnings
arman:sqlerrors
arman:sfiab-2.3
arman:sfiab-users-makeover
arman:sfiab-2.2
arman:sfiab-2.1
arman:sfiab-1.0
science-ation:sfiab-2.3
science-ation:master
science-ation:sfiab-users-makeover
science-ation:sfiab-2.2
science-ation:sfiab-2.1
science-ation:sfiab-1.0
arman:sfiab-2.2.0
arman:sfiab-2.1.6
arman:sfiab-1.0.0
arman:sfiab-0.9.8
arman:sfiab-0.9.6
arman:sfiab-0.9.4
science-ation:sfiab-0.9.4
science-ation:sfiab-0.9.6
science-ation:sfiab-0.9.8
science-ation:sfiab-1.0.0
science-ation:sfiab-2.1.6
science-ation:sfiab-2.2.0
...
compare: arman:81641435d0436d400c267d415aaf131dc32599af
Branches Tags
arman:science-ation
arman:pdf-manager-setup
arman:science-ation_tours
arman:school-imports
arman:science-ation-pre-release
arman:sfiab_3
arman:science-ation-format-code
arman:science-ation_address-complete
arman:science-ation-misc
arman:database
arman:ui-2.0
arman:errors_warnings
arman:sqlerrors
arman:sfiab-2.3
arman:master
arman:sfiab-users-makeover
arman:sfiab-2.2
arman:sfiab-2.1
arman:sfiab-1.0
science-ation:sfiab-2.3
science-ation:master
science-ation:sfiab-users-makeover
science-ation:sfiab-2.2
science-ation:sfiab-2.1
science-ation:sfiab-1.0
arman:sfiab-2.2.0
arman:sfiab-2.1.6
arman:sfiab-1.0.0
arman:sfiab-0.9.8
arman:sfiab-0.9.6
arman:sfiab-0.9.4
science-ation:sfiab-0.9.4
science-ation:sfiab-0.9.6
science-ation:sfiab-0.9.8
science-ation:sfiab-1.0.0
science-ation:sfiab-2.1.6
science-ation:sfiab-2.2.0

10 Commits
8569fb79f8 ... 81641435d0

Author SHA1 Message Date
Armanveer Gill
81641435d0 Various syntax fixes 2025-01-28 17:33:03 -05:00
Armanveer Gill
ae5afc643d FIx remove data features 2025-01-28 14:59:38 -05:00
Armanveer Gill
bb807eab04 Various fixes towards fundraising 2025-01-28 14:58:54 -05:00
Armanveer Gill
4f935e5818 Ensure PDO is defined 2025-01-28 14:34:42 -05:00
Armanveer Gill
81299494c5 Fix display messages undefined warning 2025-01-28 14:34:23 -05:00
Armanveer Gill
5ed439b42a Fix translations 2025-01-28 14:33:16 -05:00
Armanveer Gill
a96799d516 Resolved the issue of jquery tabs not showing up content. 2025-01-22 00:47:58 -05:00
Armanveer Gill
6b2394d4e0 Removed the warnings from judging scheduler log files. 2025-01-21 02:07:33 -05:00
Armanveer Gill
0b36f20e86 Fixed errors and bugs with school login and school information update. 2025-01-19 22:44:42 -05:00
Armanveer Gill
1739b5dbe6 Removed disabled features from "Fair Administration" and disabled the respective configuration options. 2025-01-19 22:03:25 -05:00
98 changed files with 889 additions and 653 deletions
Show Stats Expand all files Collapse all files

787
admin/award_awards.php
View File

@ -27,333 +27,364 @@
user_auth_required('committee', 'admin');
require_once('awards.inc.php');
switch(get_value_from_array($_GET, 'action')) {
case 'awardinfo_load':
$id = intval(get_value_from_array($_GET, 'id'));
$q = $pdo->prepare("SELECT * FROM award_awards WHERE id='$id'");
$q->execute();
$ret = $q->fetch(PDO::FETCH_ASSOC);
$_GET['action'] = $_GET['action'] ?? '';
//json_encode NEEDS UTF8 DATA, but we store it in the database as ISO :(
foreach($ret AS $k=>$v) {print('sdfs');
$ret[$k]=iconv("ISO-8859-1","UTF-8",$v);
}
//echo iconv("ISO-8859-1","UTF-8",json_encode($ret));
echo json_encode($ret);
exit;
case 'award_delete':
$id=intval($_GET['id']);
award_delete($id);
exit;
case 'awardinfo_save':
/* Scrub the data while we save it */
$id=intval($_POST['id']);
if($id == -1) {
switch($_GET['action']) {
$q = $pdo->prepare("INSERT INTO award_awards (year,self_nominate,schedule_judges)
VALUES ('{$config['FAIRYEAR']}','yes','yes')");
case 'awardinfo_load':
$id = intval(get_value_from_array($_GET, 'id'));
$q = $pdo->prepare("SELECT * FROM award_awards WHERE id='$id'");
$q->execute();
$ret = $q->fetch(PDO::FETCH_ASSOC);
//json_encode NEEDS UTF8 DATA, but we store it in the database as ISO :(
foreach($ret AS $k=>$v) {print('sdfs');
$ret[$k]=iconv("ISO-8859-1","UTF-8",$v);
}
//echo iconv("ISO-8859-1","UTF-8",json_encode($ret));
echo json_encode($ret);
exit;
case 'award_delete':
$id=intval($_GET['id']);
award_delete($id);
exit;
case 'awardinfo_save':
/* Scrub the data while we save it */
$id=intval($_POST['id']);
if($id == -1) {
$q = $pdo->prepare("INSERT INTO award_awards (year,self_nominate,schedule_judges)
VALUES ('{$config['FAIRYEAR']}','yes','yes')");
$q->execute();
$id = $pdo->lastInsertId();
happy_("Award Created");
/* Set the award_id in the client */
echo "<script type=\"text/javascript\">award_id=$id;</script>";
}
$q = "UPDATE award_awards SET
award_types_id='".intval($_POST['award_types_id'])."',
presenter='".iconv("UTF-8","ISO-8859-1",stripslashes($_POST['presenter']))."',
excludefromac='".(($_POST['excludefromac'] == 1) ? 1 : 0)."',
cwsfaward='".(($_POST['cwsfaward'] == 1) ? 1 : 0)."',
self_nominate='".(($_POST['self_nominate'] == 'yes') ? 'yes' : 'no')."',
schedule_judges='".(($_POST['schedule_judges'] == 'yes') ? 'yes' : 'no')."',
description='".iconv("UTF-8","ISO-8859-1",stripslashes($_POST['description']))."' ";
if(array_key_exists('name', $_POST)) {
/* These values may be disabled, if they name key exists, assume
* they aren't disabled and save them too */
$q .= ",name='".iconv("UTF-8","ISO-8859-1",stripslashes($_POST['name']))."',
criteria='".iconv("UTF-8","ISO-8859-1",stripslashes($_POST['criteria']))."',
sponsors_id='".intval($_POST['sponsors_id'])."' ";
}
$q .= "WHERE id='$id'";
$q = $pdo->prepare($q);
$q->execute();
$id = $pdo->lastInsertId();
happy_("Award Created");
/* Set the award_id in the client */
echo "<script type=\"text/javascript\">award_id=$id;</script>";
}
print_r($_POST);
echo $q;
show_pdo_errors_if_any($pdo);
happy_("Award information saved");
exit;
$q = "UPDATE award_awards SET
award_types_id='".intval($_POST['award_types_id'])."',
presenter='".iconv("UTF-8","ISO-8859-1",stripslashes($_POST['presenter']))."',
excludefromac='".(($_POST['excludefromac'] == 1) ? 1 : 0)."',
cwsfaward='".(($_POST['cwsfaward'] == 1) ? 1 : 0)."',
self_nominate='".(($_POST['self_nominate'] == 'yes') ? 'yes' : 'no')."',
schedule_judges='".(($_POST['schedule_judges'] == 'yes') ? 'yes' : 'no')."',
description='".iconv("UTF-8","ISO-8859-1",stripslashes($_POST['description']))."' ";
case 'eligibility_load':
$id = intval($_GET['id']);
//select the current categories that this award is linked to
$ret = array('categories'=>array(), 'divisions'=>array() );
$q=$pdo->prepare("SELECT * FROM award_awards_projectcategories WHERE award_awards_id='$id'");
$q->execute();
while($r=$q->fetch(PDO::FETCH_ASSOC)) {
$ret['categories'][] = $r['projectcategories_id'];
}
if(array_key_exists('name', $_POST)) {
/* These values may be disabled, if they name key exists, assume
* they aren't disabled and save them too */
$q .= ",name='".iconv("UTF-8","ISO-8859-1",stripslashes($_POST['name']))."',
criteria='".iconv("UTF-8","ISO-8859-1",stripslashes($_POST['criteria']))."',
sponsors_id='".intval($_POST['sponsors_id'])."' ";
}
$q .= "WHERE id='$id'";
$q = $pdo->prepare($q);
$q->execute();
print_r($_POST);
echo $q;
show_pdo_errors_if_any($pdo);
happy_("Award information saved");
exit;
//select the current categories that this award is linked to
$q = $pdo->$prepare("SELECT * FROM award_awards_projectdivisions WHERE award_awards_id='$id'");
$q->execute();
while($r=$q->fetch(PDO::FETCH_ASSOC)) {
$ret['divisions'][] = $r['projectdivisions_id'];
}
echo json_encode($ret);
exit;
case 'eligibility_load':
$id = intval($_GET['id']);
//select the current categories that this award is linked to
$ret = array('categories'=>array(), 'divisions'=>array() );
$q=$pdo->prepare("SELECT * FROM award_awards_projectcategories WHERE award_awards_id='$id'");
$q->execute();
while($r=$q->fetch(PDO::FETCH_ASSOC)) {
$ret['categories'][] = $r['projectcategories_id'];
}
case 'eligibility_save':
$id = intval($_POST['award_awards_id']);
//select the current categories that this award is linked to
$q = $pdo->$prepare("SELECT * FROM award_awards_projectdivisions WHERE award_awards_id='$id'");
$q->execute();
while($r=$q->fetch(PDO::FETCH_ASSOC)) {
$ret['divisions'][] = $r['projectdivisions_id'];
}
echo json_encode($ret);
exit;
//now add the new ones
if(!is_array($_POST['categories']) || !is_array($_POST['divisions'])) {
error_("Invalid data");
exit;
}
case 'eligibility_save':
$id = intval($_POST['award_awards_id']);
//wipe out any old award-category links
$q = $pdo->prepare("DELETE FROM award_awards_projectcategories WHERE award_awards_id='$id'");
$q->execute();
foreach($_POST['categories'] AS $key=>$cat) {
$c = intval($cat);
$q = $pdo->prepare("INSERT INTO award_awards_projectcategories (award_awards_id, projectcategories_id, year)
VALUES (:id, :c, :year)");
//now add the new ones
if(!is_array($_POST['categories']) || !is_array($_POST['divisions'])) {
error_("Invalid data");
$q->bindParam(':id', $id, PDO::PARAM_INT);
$q->bindParam(':c', $c, PDO::PARAM_INT);
$q->bindParam(':year', $config['FAIRYEAR'], PDO::PARAM_INT);
$q->execute();
}
//wipe out any old award-divisions links
$q = $pdo->prepare("DELETE FROM award_awards_projectdivisions WHERE award_awards_id='$id'");
$q->execute();
//now add the new ones
foreach($_POST['divisions'] AS $key=>$div) {
$d = intval($div);
$q = $pdo->prepare("INSERT INTO award_awards_projectdivisions (award_awards_id, projectdivisions_id, year)
VALUES (:id, :d, :year)");
$q->bindParam(':id', $id, PDO::PARAM_INT);
$q->bindParam(':d', $d, PDO::PARAM_INT);
$q->bindParam(':year', $config['FAIRYEAR'], PDO::PARAM_INT);
$q->execute();
show_pdo_errors_if_any($pdo);
}
happy_("Eligibility information saved");
exit;
case 'prize_order':
$order = 0;
foreach ($_GET['prizelist'] as $position=>$id) {
if($id == '') continue;
$order++;
$q = $pdo->prepare("UPDATE `award_prizes` SET `order`='$order' WHERE `id`='$id'");
$q->execute(); }
// print_r($_GET);
happy_("Order Updated.");
exit;
case 'award_order':
$order = 0;
foreach ($_GET['awardlist'] as $position=>$id) {
if($id == '') continue;
$order++;
$q = $pdo->prepare("UPDATE `award_awards` SET `order`='$order' WHERE `id`='$id'");
$q->execute();
}
happy_("Order updated");
exit;
case 'prizeinfo_load':
$id = intval($_GET['id']);
if($id == -1) {
$q = $pdo->prepare("SELECT * FROM award_prizes WHERE year='-1' AND award_awards_id='0' ORDER BY `order`");
$q->execute();
} else {
$q = $pdo->prepare("SELECT * FROM award_prizes WHERE award_awards_id='$id' ORDER BY `order`");
$q->execute();
}
while($r=$q->fetch(PDO::FETCH_ASSOC)) {
foreach($r AS $k=>$v) {
$r[$k]=iconv("ISO-8859-1","UTF-8",$v);
}
$ret[] = $r;
}
echo json_encode($ret);
exit;
case 'prize_load':
$id = intval($_GET['id']);
$q = $pdo->prepare("SELECT * FROM award_prizes WHERE id='$id'");
$q->execute();
$ret = $q->fetch(PDO::FETCH_ASSOC);
foreach($ret AS $k=>$v) {
$ret[$k]=iconv("ISO-8859-1","UTF-8",$v);
}
echo json_encode($ret);
exit;
case 'prize_create':
$aaid = intval($_GET['award_awards_id']);
$year = $config['FAIRYEAR'];
if($aaid == -1) {
$aaid = 0;
$year = -1;
}
$q = $pdo->prepare("INSERT INTO award_prizes (award_awards_id, year) VALUES (:aaid, :year)");
$q->bindParam(':aaid', $aaid, PDO::PARAM_INT);
$q->bindParam(':year', $year, PDO::PARAM_INT);
$q->execute();
$ret = array('id' => $pdo->lastInsertId() );
echo json_encode($ret);
exit;
case 'prize_save':
$id = intval($_POST['id']);
$q = $pdo->prepare("UPDATE award_prizes SET
prize = :prize,
cash = :cash,
scholarship = :scholarship,
value = :value,
number = :number,
excludefromac = :excludefromac,
trophystudentkeeper = :trophystudentkeeper,
trophystudentreturn = :trophystudentreturn,
trophyschoolkeeper = :trophyschoolkeeper,
trophyschoolreturn = :trophyschoolreturn
WHERE id = :id");
$q->bindParam(':prize', stripslashes(iconv("UTF-8", "ISO-8859-1", $_POST['prize'])), PDO::PARAM_STR);
$q->bindParam(':cash', intval($_POST['cash']), PDO::PARAM_INT);
$q->bindParam(':scholarship', intval($_POST['scholarship']), PDO::PARAM_INT);
$q->bindParam(':value', intval($_POST['value']), PDO::PARAM_INT);
$q->bindParam(':number', intval($_POST['number']), PDO::PARAM_INT);
$q->bindParam(':excludefromac', ($_POST['excludefromac'] == 1) ? 1 : 0, PDO::PARAM_INT);
$q->bindParam(':trophystudentkeeper', ($_POST['trophystudentkeeper'] == 1) ? 1 : 0, PDO::PARAM_INT);
$q->bindParam(':trophystudentreturn', ($_POST['trophystudentreturn'] == 1) ? 1 : 0, PDO::PARAM_INT);
$q->bindParam(':trophyschoolkeeper', ($_POST['trophyschoolkeeper'] == 1) ? 1 : 0, PDO::PARAM_INT);
$q->bindParam(':trophyschoolreturn', ($_POST['trophyschoolreturn'] == 1) ? 1 : 0, PDO::PARAM_INT);
$q->bindParam(':id', $id, PDO::PARAM_INT);
$q->execute();
happy_("Prize saved");
exit;
case 'prize_delete':
$id = intval($_GET['id']);
award_prize_delete($id);
happy_("Prize deleted");
exit;
case 'feeder_load':
$id = intval($_GET['id']);
/* Prepare two lists of fair IDs, for which fairs can upload and download this award */
$q = $pdo->prepare("SELECT * FROM fairs_awards_link WHERE award_awards_id='$id'");
$q->execute();
$ul = array();
$dl = array();
while($r=$q->fetch(PDO::FETCH_ASSOC)) {
if($r['upload_winners'] == 'yes') $ul[$r['fairs_id']] = true;
if($r['download_award'] == 'yes') $dl[$r['fairs_id']] = true;
}
$q = $pdo->prepare("SELECT * FROM award_awards WHERE id='$id'");
$q->execute();
$a = $q->fetch(PDO::FETCH_ASSOC);
?>
<h4><?=i18n("Feeder Fairs")?></h4>
<form id="feeder_form">
<input type="hidden" id="feeder_id" name="award_awards_id" value="<?=$a['id']?>"/>
<? $ch = $a['per_fair'] == 'yes' ? 'checked="checked"' : ''; ?>
<p><input type="checkbox" name="per_fair" value="yes" <?=$ch?> />
<?=i18n("Treat this award as a separate award for each feeder fair (instead of as a single award across the whole system). This will allow winners to be assigned to prizes for each feeder fair. If disabled, only a single group if winners will be permitted across all feeder fairs.")?></p>
<? $ch = (count($ul) || count($dl)) ? 'checked="checked"' : ''; ?>
<p><input type="checkbox" id="feeder_enable" name="enable" value="yes" <?=$ch?> />
<?=i18n("Allow feeder fairs to download this award.")?></p>
<div id="feeder_en">
<table class="editor">
<tr><td><?=i18n('Unique Name')?>:</td>
<td><input type="text" name="identifier" value="<?=$a['external_identifier']?>" size="40" maxlength="128" /></td></tr>
<? $ch = $a['external_additional_materials'] ? 'checked="checked"' : ''; ?>
<tr><td><input type="checkbox" name="register_winners" value="1" <?=$ch?> /></td>
<td><?=i18n("Winners uploaded by a feeder fair should be registered as participants at this fair (both download award and upload winners should be turned on below)")?></td></tr>
<? $ch = $a['external_register_winners'] ? 'checked="checked"' : ''; ?>
<tr><td><input type="checkbox" name="additional_materials" value="1" <?=$ch?> /></td>
<td><?=i18n("There is additional material for this award (e.g. forms, instructions). If a feeder fair assigns a winner to this award, they will be told they need to contact this fair to get the additional material.")?></td></tr>
</table>
<p><?=i18n("Select which feeder fairs can download this award and upload winners.")?></p>
<table class="tableview">
<tr><th><?=i18n("Fair")?></th>
<th style="width: 5em"><?=i18n("Download Award")?></th>
<th style="width: 5em"><?=i18n("Upload Winners")?></th>
</tr>
<?
$q = $pdo->prepare("SELECT * FROM fairs WHERE type='feeder'");
$q->execute();
while($r = $q->fetch(PDO::FETCH_ASSOC)) {
echo "<tr><td style=\"padding-left:1em;padding-right:1em\">{$r['name']}</td>";
$ch = $dl[$r['id']] == true ? 'checked="checked"' : '';
echo "<td style=\"text-align:center\"><input type=\"checkbox\" name=\"feeder_dl[]\" value=\"{$r['id']}\" $ch ></td>";
$ch = $ul[$r['id']] == true ? 'checked="checked"' : '';
echo "<td style=\"text-align:center\"><input type=\"checkbox\" name=\"feeder_ul[]\" value=\"{$r['id']}\" $ch ></td>";
echo '</tr>';
}
?>
</table>
</div>
<br />
<button id="feeder_save"><?=i18n("Save")?></button>
</form>
<?
exit;
case 'feeder_save':
$id = intval($_POST['award_awards_id']);
$dl = is_array($_POST['feeder_dl']) ? $_POST['feeder_dl'] : array();
$ul = is_array($_POST['feeder_ul']) ? $_POST['feeder_ul'] : array();
/* Prepare a fair-wise list */
$data = array();
foreach($dl AS $fairs_id) $data[$fairs_id]['dl'] = true;
foreach($ul AS $fairs_id) $data[$fairs_id]['ul'] = true;
/* Now save each one */
$q = $pdo->prepare("DELETE FROM fairs_awards_link WHERE award_awards_id='$id'");
$q->execute();
show_pdo_errors_if_any($pdo);
foreach($data as $fairs_id=>$f) {
$dl = ($f['dl'] == true) ? 'yes' : 'no';
$ul = ($f['ul'] == true) ? 'yes' : 'no';
$q = $pdo->prepare("INSERT INTO fairs_awards_link (award_awards_id,fairs_id,download_award,upload_winners)
VALUES ('$id','$fairs_id','$dl','$ul')");
$q->execute();
show_pdo_errors_if_any($pdo);
}
$ident=stripslashes($_POST['identifier']);
$per_fair = $_POST['per_fair'] == 'yes' ? 'yes' : 'no';
$mat = intval($_POST['additional_materials']);
$w = intval($_POST['register_winners']);
$q = $pdo->prepare("UPDATE award_awards SET external_identifier='$ident',
external_additional_materials='$mat',
external_register_winners='$w',
per_fair='$per_fair'
WHERE id='$id'");
$q->execute();
happy_("Feeder Fair information saved");
exit;
}
//wipe out any old award-category links
$q = $pdo->prepare("DELETE FROM award_awards_projectcategories WHERE award_awards_id='$id'");
$q->execute();
foreach($_POST['categories'] AS $key=>$cat) {
$c = intval($cat);
$q = $pdo->prepare("INSERT INTO award_awards_projectcategories (award_awards_id,projectcategories_id,year)
VALUES ('$id','$c','{$config['FAIRYEAR']}')");
$q->execute();
echo $q->errorInfo();
}
//wipe out any old award-divisions links
$q = $pdo->prepare("DELETE FROM award_awards_projectdivisions WHERE award_awards_id='$id'");
$q->execute();
//now add the new ones
foreach($_POST['divisions'] AS $key=>$div) {
$d = intval($div);
$q = $pdo->prepare("INSERT INTO award_awards_projectdivisions (award_awards_id,projectdivisions_id,year)
VALUES ('$id','$d','{$config['FAIRYEAR']}')");
$q->execute();
show_pdo_errors_if_any($pdo);
}
happy_("Eligibility information saved");
exit;
case 'prize_order':
$order = 0;
foreach ($_GET['prizelist'] as $position=>$id) {
if($id == '') continue;
$order++;
$q = $pdo->prepare("UPDATE `award_prizes` SET `order`='$order' WHERE `id`='$id'");
$q->execute(); }
// print_r($_GET);
happy_("Order Updated.");
exit;
case 'award_order':
$order = 0;
foreach ($_GET['awardlist'] as $position=>$id) {
if($id == '') continue;
$order++;
$q = $pdo->prepare("UPDATE `award_awards` SET `order`='$order' WHERE `id`='$id'");
$q->execute();
}
happy_("Order updated");
exit;
case 'prizeinfo_load':
$id = intval($_GET['id']);
if($id == -1) {
$q = $pdo->prepare("SELECT * FROM award_prizes WHERE year='-1' AND award_awards_id='0' ORDER BY `order`");
$q->execute();
} else {
$q = $pdo->prepare("SELECT * FROM award_prizes WHERE award_awards_id='$id' ORDER BY `order`");
$q->execute();
}
while($r=$q->fetch(PDO::FETCH_ASSOC)) {
foreach($r AS $k=>$v) {
$r[$k]=iconv("ISO-8859-1","UTF-8",$v);
}
$ret[] = $r;
}
echo json_encode($ret);
exit;
case 'prize_load':
$id = intval($_GET['id']);
$q = $pdo->prepare("SELECT * FROM award_prizes WHERE id='$id'");
$q->execute();
$ret = $q->fetch(PDO::FETCH_ASSOC);
foreach($ret AS $k=>$v) {
$ret[$k]=iconv("ISO-8859-1","UTF-8",$v);
}
echo json_encode($ret);
exit;
case 'prize_create':
$aaid = intval($_GET['award_awards_id']);
$year = $config['FAIRYEAR'];
if($aaid == -1) {
$aaid = 0;
$year = -1;
}
$q = $pdo->prepare("INSERT INTO award_prizes(award_awards_id,year) VALUES ('$aaid','$year');");
$q->execute();
$ret = array('id' => $pdo->lastInsertId() );
echo json_encode($ret);
exit;
case 'prize_save':
$id = intval($_POST['id']);
$q = $pdo->prepare("UPDATE award_prizes SET
prize='".stripslashes(iconv("UTF-8","ISO-8859-1",$_POST['prize']))."',
cash='".intval($_POST['cash'])."',
scholarship='".intval($_POST['scholarship'])."',
value='".intval($_POST['value'])."',
number='".intval($_POST['number'])."',
excludefromac='".(($_POST['excludefromac']==1)? 1 : 0)."',
trophystudentkeeper='".(($_POST['trophystudentkeeper']==1) ? 1 : 0)."',
trophystudentreturn='".(($_POST['trophystudentreturn']==1) ? 1 : 0)."',
trophyschoolkeeper='".(($_POST['trophyschoolkeeper']==1) ? 1 : 0)."',
trophyschoolreturn='".(($_POST['trophyschoolreturn']==1) ? 1 : 0)."'
WHERE id='$id'");
$q->execute();
happy_("Prize saved");
exit;
case 'prize_delete':
$id = intval($_GET['id']);
award_prize_delete($id);
happy_("Prize deleted");
exit;
case 'feeder_load':
$id = intval($_GET['id']);
/* Prepare two lists of fair IDs, for which fairs can upload and download this award */
$q = $pdo->prepare("SELECT * FROM fairs_awards_link WHERE award_awards_id='$id'");
$q->execute();
$ul = array();
$dl = array();
while($r=$q->fetch(PDO::FETCH_ASSOC)) {
if($r['upload_winners'] == 'yes') $ul[$r['fairs_id']] = true;
if($r['download_award'] == 'yes') $dl[$r['fairs_id']] = true;
}
$q = $pdo->prepare("SELECT * FROM award_awards WHERE id='$id'");
$q->execute();
$a = $q->fetch(PDO::FETCH_ASSOC)
?>
<h4><?=i18n("Feeder Fairs")?></h4>
<form id="feeder_form">
<input type="hidden" id="feeder_id" name="award_awards_id" value="<?=$a['id']?>"/>
<? $ch = $a['per_fair'] == 'yes' ? 'checked="checked"' : ''; ?>
<p><input type="checkbox" name="per_fair" value="yes" <?=$ch?> />
<?=i18n("Treat this award as a separate award for each feeder fair (instead of as a single award across the whole system). This will allow winners to be assigned to prizes for each feeder fair. If disabled, only a single group if winners will be permitted across all feeder fairs.")?></p>
<? $ch = (count($ul) || count($dl)) ? 'checked="checked"' : ''; ?>
<p><input type="checkbox" id="feeder_enable" name="enable" value="yes" <?=$ch?> />
<?=i18n("Allow feeder fairs to download this award.")?></p>
<div id="feeder_en">
<table class="editor">
<tr><td><?=i18n('Unique Name')?>:</td>
<td><input type="text" name="identifier" value="<?=$a['external_identifier']?>" size="40" maxlength="128" /></td></tr>
<? $ch = $a['external_additional_materials'] ? 'checked="checked"' : ''; ?>
<tr><td><input type="checkbox" name="register_winners" value="1" <?=$ch?> /></td>
<td><?=i18n("Winners uploaded by a feeder fair should be registered as participants at this fair (both download award and upload winners should be turned on below)")?></td></tr>
<? $ch = $a['external_register_winners'] ? 'checked="checked"' : ''; ?>
<tr><td><input type="checkbox" name="additional_materials" value="1" <?=$ch?> /></td>
<td><?=i18n("There is additional material for this award (e.g. forms, instructions). If a feeder fair assigns a winner to this award, they will be told they need to contact this fair to get the additional material.")?></td></tr>
</table>
<p><?=i18n("Select which feeder fairs can download this award and upload winners.")?></p>
<table class="tableview">
<tr><th><?=i18n("Fair")?></th>
<th style="width: 5em"><?=i18n("Download Award")?></th>
<th style="width: 5em"><?=i18n("Upload Winners")?></th>
</tr>
<?
$q = $pdo->prepare("SELECT * FROM fairs WHERE type='feeder'");
$q->execute();
while($r = $q->fetch(PDO::FETCH_ASSOC)) {
echo "<tr><td style=\"padding-left:1em;padding-right:1em\">{$r['name']}</td>";
$ch = $dl[$r['id']] == true ? 'checked="checked"' : '';
echo "<td style=\"text-align:center\"><input type=\"checkbox\" name=\"feeder_dl[]\" value=\"{$r['id']}\" $ch ></td>";
$ch = $ul[$r['id']] == true ? 'checked="checked"' : '';
echo "<td style=\"text-align:center\"><input type=\"checkbox\" name=\"feeder_ul[]\" value=\"{$r['id']}\" $ch ></td>";
echo '</tr>';
}
?>
</table>
</div>
<br />
<button id="feeder_save"><?=i18n("Save")?></button>
</form>
<?
exit;
case 'feeder_save':
$id = intval($_POST['award_awards_id']);
$dl = is_array($_POST['feeder_dl']) ? $_POST['feeder_dl'] : array();
$ul = is_array($_POST['feeder_ul']) ? $_POST['feeder_ul'] : array();
/* Prepare a fair-wise list */
$data = array();
foreach($dl AS $fairs_id) $data[$fairs_id]['dl'] = true;
foreach($ul AS $fairs_id) $data[$fairs_id]['ul'] = true;
/* Now save each one */
$q = $pdo->prepare("DELETE FROM fairs_awards_link WHERE award_awards_id='$id'");
$q->execute();
show_pdo_errors_if_any($pdo);
foreach($data as $fairs_id=>$f) {
$dl = ($f['dl'] == true) ? 'yes' : 'no';
$ul = ($f['ul'] == true) ? 'yes' : 'no';
$q = $pdo->prepare("INSERT INTO fairs_awards_link (award_awards_id,fairs_id,download_award,upload_winners)
VALUES ('$id','$fairs_id','$dl','$ul')");
$q->execute();
show_pdo_errors_if_any($pdo);
}
$ident=stripslashes($_POST['identifier']);
$per_fair = $_POST['per_fair'] == 'yes' ? 'yes' : 'no';
$mat = intval($_POST['additional_materials']);
$w = intval($_POST['register_winners']);
$q = $pdo->prepare("UPDATE award_awards SET external_identifier='$ident',
external_additional_materials='$mat',
external_register_winners='$w',
per_fair='$per_fair'
WHERE id='$id'");
$q->execute();
happy_("Feeder Fair information saved");
exit;
}
send_header("Awards Management",
array('Committee Main' => 'committee_main.php',
'Administration' => 'admin/index.php',
'Awards Main' => 'admin/awards.php') );
?>
<script type="text/javascript" src="../js/jquery.tablednd_0_5.js"></script>
<!--<script type="text/javascript" src="../js/jquery.tablednd_0_5.js"></script>-->
<script type="text/javascript">
var award_id = 0;
@ -403,7 +434,7 @@ function update_awardinfo()
/* Disable fields we don't want the user to edit
* for downloaded awards */
if(json.award_source_fairs_id>0) {
if (json.award_source_fairs_id>0) {
$("#awardinfo_name").attr('disabled', 'disabled');
$("#awardinfo_sponsors_id").attr('disabled', 'disabled');
$("#awardinfo_criteria").attr('disabled', 'disabled');
@ -412,7 +443,7 @@ function update_awardinfo()
/* Update the dialog title */
$('#popup_editor').dialog('option', 'title', "<?=i18n('Award')?>: " + $('#awardinfo_name').val());
/* Update the status */
if($('#awardinfo_award_source_fairs_id').val() != 0) {
if ($('#awardinfo_award_source_fairs_id').val() != 0) {
$('#popup_status').html("<?=addslashes(notice(i18n('This award was downloaded, some fields are not edittable')))?>");
} else {
$('#popup_status').html("");
@ -457,6 +488,7 @@ function update_eligibility()
function prizelist_refresh()
{
//FIXME Table DnD remove CANNOT reorder prizes now or open to edit, create new award not working either (test the rest of the software)
$("#prizelist").tableDnD({
onDrop: function(table, row) {
var order = $.tableDnD.serialize();
@ -598,42 +630,52 @@ function update_feeder_enable()
/* Setup the popup window */
$(document).ready(function() {
console.log('first');
$("#popup_editor").dialog({
bgiframe: true, autoOpen: false,
modal: true, resizable: false,
draggable: false,
close: function() {
create: function() {
var $tabs = $('#editor_tabs').tabs();
var selected = $tabs.tabs('option', 'selected');
if(award_id == -1 && selected== 0) {
notice_("<?=i18n('New Award Cancelled')?>");
}
}
}
});
$("#editor_tabs").tabs({
show: function(event, ui) {
switch(ui.panel.id) {
case 'editor_tab_awardinfo':
update_awardinfo();
break;
case 'editor_tab_eligibility':
update_eligibility();
break;
case 'editor_tab_prizes':
update_prizeinfo();
break;
case 'editor_tab_feeder':
update_feeder();
break;
}
return true;
},
collapsible: true,
selected: -1 /* None selected */
});
create: function( event, ui ) {
update_awardinfo();
update_eligibility();
update_prizeinfo();
update_feeder();
},
collapsible: true,
active: -1
});
});
// $("#editor_tabs").tabs({
// show: function(event, ui) {
// switch(ui.panel.id) {
// case 'editor_tab_awardinfo':
// update_awardinfo();
// break;
// case 'editor_tab_eligibility':
// update_eligibility();
// break;
// case 'editor_tab_prizes':
// update_prizeinfo();
// break;
// case 'editor_tab_feeder':
// update_feeder();
// break;
// }
// return true;
// },
// collapsible: true,
// selected: -1 /* None selected */
// });
</script>
@ -679,8 +721,7 @@ $(document).ready(function() {
<td><input type="text" id="awardinfo_presenter" name="presenter" value="Loading..." size="50" maxlength="128" />
</td></tr>
<tr><td><?=i18n("Type")?>:</td><td>
<?
<?
$tq = $pdo->prepare("SELECT id,type FROM award_types WHERE year='{$config['FAIRYEAR']}' ORDER BY type");
$tq->execute();
echo "<select id=\"awardinfo_award_types_id\" name=\"award_types_id\">";
@ -728,8 +769,12 @@ $(document).ready(function() {
//now select all the categories so we can list them all
$cq = $pdo->prepare("SELECT * FROM projectcategories WHERE year='{$config['FAIRYEAR']}' ORDER BY mingrade");
$cq = $pdo->prepare("SELECT * FROM projectcategories WHERE year = :year ORDER BY mingrade");
$cq->bindParam(':year', $config['FAIRYEAR'], PDO::PARAM_INT);
$cq->execute();
show_pdo_errors_if_any($pdo);
while($cr=$cq->fetch(PDO::FETCH_OBJ)) {
echo "<input type=\"checkbox\" id=\"eligibility_categories_{$cr->id}\" name=\"categories[]\" value=\"$cr->id\" />".i18n($cr->category)."<br />";
@ -740,9 +785,12 @@ $(document).ready(function() {
<tr><td><?=i18n("Divisions")?>:</td><td>
<?
$dq->prepare("SELECT * FROM projectdivisions WHERE year='{$config['FAIRYEAR']}' ORDER BY division");
$dq = $pdo->prepare("SELECT * FROM projectdivisions WHERE year = :year ORDER BY division");
$dq->bindParam(':year', $config['FAIRYEAR'], PDO::PARAM_INT);
$dq->execute();
echo errorInfo();
while($dr=$dq->fetch(PDO::FETCH_OBJ)) {
echo "<input type=\"checkbox\" id=\"eligibility_divisions_{$dr->id}\" name=\"divisions[]\" value=\"$dr->id\" />".i18n($dr->division)."<br />";
}
@ -928,17 +976,15 @@ $(document).ready(function() {
<?
/* List filtering */
if($_GET['sponsors_id'] && $_GET['sponsors_id']!="all")
if(get_value_from_array($_GET, 'sponsors_id') && $_GET['sponsors_id']!="all")
$_SESSION['sponsors_id']=$_GET['sponsors_id'];
else if($_GET['sponsors_id']=="all")
else if(get_value_from_array($_GET, 'sponsors_id')=="all")
unset($_SESSION['sponsors_id']);
if($_GET['award_types_id'] && $_GET['award_types_id']!="all")
if(get_value_from_array($_GET,'award_types_id') && $_GET['award_types_id']!="all")
$_SESSION['award_types_id']=$_GET['award_types_id'];
else if($_GET['award_types_id']=="all")
else if(get_value_from_array($_GET, 'award_types_id')=="all")
unset($_SESSION['award_types_id']);
/*
@ -953,8 +999,8 @@ $(document).ready(function() {
unset($_SESSION['award_sponsors_confirmed']);
*/
$award_types_id=$_SESSION['award_types_id'];
$sponsors_id=$_SESSION['sponsors_id'];
$award_types_id=get_value_from_array($_SESSION, 'award_types_id');
$sponsors_id=get_value_from_array($_SESSION, 'sponsors_id');
//$award_sponsors_confirmed=$_SESSION['award_sponsors_confirmed'];
echo "<br />";
@ -981,8 +1027,10 @@ echo "</td></tr>";
echo "<tr><td>";
$q = $pdo->prepare("SELECT id,type FROM award_types WHERE year='{$config['FAIRYEAR']}' ORDER BY type");
$q = $pdo->prepare("SELECT id, type FROM award_types WHERE year = :year ORDER BY type");
$q->bindParam(':year', $config['FAIRYEAR'], PDO::PARAM_INT);
$q->execute();
echo "<select name=\"award_types_id\" onchange=\"document.forms.filterchange.submit()\">";
echo "<option value=\"all\">".i18n("All Award Types")."</option>";
while($r=$q->fetch(PDO::FETCH_OBJ)) {
@ -1025,37 +1073,44 @@ echo "</table>";
* if the entry is done through the a href */
//<input type="submit" onClick="award_create();" value="<?=i18n("Create New Award")>" />
$where_asi = $where_asi ?? '';
$where_ati = $where_ati ?? '';
if($sponsors_id) $where_asi="AND sponsors_id='$sponsors_id'";
if($award_types_id) $where_ati="AND award_types_id='$award_types_id'";
// if($award_sponsors_confirmed) $where_asc="AND award_sponsors.confirmed='$award_sponsors_confirmed'";
if(!$orderby) $orderby="order";
$orderby = $orderby ?? "";
if(!$orderby) $orderby="ORDER BY `order`";
$q = $pdo->prepare("SELECT
award_awards.id,
award_awards.name,
award_awards.order,
award_awards.award_source_fairs_id,
award_types.type,
sponsors.organization
FROM
award_awards
LEFT JOIN sponsors ON sponsors.id = award_awards.sponsors_id
LEFT JOIN award_types ON award_types.id = award_awards.award_types_id
WHERE
$q = $pdo->prepare("SELECT
award_awards.id,
award_awards.name,
award_awards.order,
award_awards.award_source_fairs_id,
award_types.type,
sponsors.organization
FROM
award_awards
LEFT JOIN sponsors ON sponsors.id = award_awards.sponsors_id
LEFT JOIN award_types ON award_types.id = award_awards.award_types_id
WHERE
award_awards.year='{$config['FAIRYEAR']}'
$where_asi
$where_ati
AND award_types.year='{$config['FAIRYEAR']}'
ORDER BY `$orderby`");
$q->execute();
$orderby
");
$q->execute();
show_pdo_errors_if_any($pdo);
show_do_erros_if_any($pdo);
print_r($q->rowCount());
if($q->rowCount())
{
{
echo "* ".i18n("Click on the Script Order and drag to re-order the awards");
echo "<table id=\"awardlist\" class=\"tableview\" >";
echo "<tr class=\"nodrop nodrag\">";

21
admin/cms.php
View File

@ -36,9 +36,28 @@
"website_content_management"
);
?>
<div class="element"></div>
<script type="module">
import { Editor } from 'https://esm.sh/@tiptap/core'
import StarterKit from 'https://esm.sh/@tiptap/starter-kit'
new Editor({
element: document.querySelector('.element'),
extensions: [
StarterKit.configure({
heading: {
levels: [1, 2, 3],
},
}),
],
})
</script>
<?
if(get_value_from_array($_POST, 'action')=="save")
{
$err=false;
$err=false;
foreach($config['languages'] AS $lang=>$langname) {
$filename=stripslashes(get_value_from_array($_POST, 'filename', ''));
// $filename=ereg_replace("[^A-Za-z0-9\.\_\/]","_",$_POST['filename']);

35
admin/donors.php
View File

@ -146,6 +146,7 @@ switch(get_value_from_array($_GET, 'action')) {
$q->execute();
show_pdo_errors_if_any($pdo);
if($q->rowCount()) {
echo "<table class=\"tableview\">";
echo "<thead>";
@ -929,21 +930,11 @@ $(document).ready(function() {
*/
$("#editor_tabs").tabs({
show: function(event, ui) {
switch(ui.panel.id) {
case 'editor_tab_organization':
update_organizationinfo();
break;
case 'editor_tab_sponsorship':
update_sponsorshipinfo();
break;
case 'editor_tab_contacts':
update_contactsinfo();
break;
case 'editor_tab_activity':
update_activityinfo();
break;
}
create: function( event, ui ) {
update_organizationinfo();
update_sponsorshipinfo();
update_contactsinfo();
update_activityinfo();
},
selected: 0
});
@ -982,7 +973,7 @@ function open_editor(id) {
$("#organizationinfo_proposalsubmissiondate").val("");
$("#organizationinfo_notes").val("");
$("#organizationinfo_save_button").attr('disabled','disabled');
$("#update_contactsinfoorganizationinfo_save_button").attr('disabled','disabled');
$("[name=donortype]").attr('checked','');
}
@ -1072,7 +1063,9 @@ function update_contactsinfo()
var id=sponsor_id;
$("#editor_tab_contacts").load("<?=$_SERVER['PHP_SELF']?>?action=contactsinfo_load&id="+id, null,
function() {
$("#contactaccordion").accordion();
$("#contactaccordion").accordion({
heightStyle: "content"
});
}
);
}
@ -1082,7 +1075,9 @@ function contactsinfo_save(uid) {
print(id);
$("#debug").load("<?$_SERVER['PHP_SELF']?>?action=contactsinfo_save&id="+id, $("#contact_" + uid).serializeArray(),
function() {
$("#contactaccordion").accordion();
$("#contactaccordion").accordion({
heightStyle: "content"
});
update_contactsinfo();
});
return false;
@ -1092,7 +1087,9 @@ function contactsinfo_delete(uid) {
var id=sponsor_id;
$("#debug").load("<?$_SERVER['PHP_SELF']?>?action=contactsinfo_delete&id="+id, $("#contact_" + uid).serializeArray(),
function() {
$("#contactaccordion").accordion();
$("#contactaccordion").accordion({
heightStyle: "content"
});
update_contactsinfo();
});
return false;

6
admin/exhibithall_sa.php
View File

@ -218,9 +218,7 @@ TRACE("Grid size: {$grid_size}m\n");
$div = array();
TRACE("Loading Project Divisions...\n");
$q=$pdo->prepare("SELECT * FROM projectdivisions WHERE year='{$config['FAIRYEAR']}' ORDER BY id");
while($r=$q->fetch(PDO::FETCH_OBJ))
{
{
while($r=$q->fetch(PDO::FETCH_OBJ)) {
$divshort[$r->id]=$r->division_shortform;
$div[$r->id]=$r->division;
TRACE(" {$r->id} - {$div[$r->id]}\n");
@ -230,7 +228,7 @@ TRACE("Loading Project Age Categories...\n");
$cat = array();
$q=$pdo->prepare("SELECT * FROM projectcategories WHERE year='{$config['FAIRYEAR']}' ORDER BY id");
$q->execute();
while($r=$q->fetch(PDO::FETCH_OBJ) {
while($r=$q->fetch(PDO::FETCH_OBJ)) {
$catshort[$r->id]=$r->category_shortform;
$cat[$r->id]=$r->category;
TRACE(" {$r->id} - {$r->category}\n");

9
admin/fundraising.php
View File

@ -90,10 +90,10 @@ $q->execute();
$goalq=$pdo->prepare("SELECT * FROM fundraising_goals WHERE goal='{$r->fundraising_goal}' AND fiscalyear='{$config['FISCALYEAR']}'");
$goalq->execute();
$goalr=$goalq->fetch(PDO:FETCH_OBJ);
$goalr=$goalq->fetch(PDO::FETCH_OBJ);
$recq=$pdo->prepare("SELECT SUM(value) AS received FROM fundraising_donations WHERE fundraising_campaigns_id='$r->id' AND fiscalyear='{$config['FISCALYEAR']}' AND status='received'");
$recq->execute();
show_pdo_errors_if_any();
show_pdo_errors_if_any($pdo);
$recr=$recq->fetch(PDO::FETCH_OBJ);
$received=$recr->received;
if($r->target)
@ -102,6 +102,11 @@ $q->execute();
$percent=0;
$col=colour_to_percent($percent);
if (!$goalr) {
$goalr = new stdClass();
$goalr->name = '';
}
echo "<tr style=\"cursor:pointer;\" onclick=\"window.location.href='fundraising_campaigns.php?manage_campaign=$r->id'\">\n";
echo " <td>$r->name</td>\n";
echo " <td>$r->type</td>\n";

62
admin/fundraising_campaigns.php
View File

@ -95,7 +95,6 @@ switch(get_value_from_array($_GET, 'action')){
$q=$pdo->prepare("SELECT * FROM fundraising_campaigns WHERE fiscalyear='{$config['FISCALYEAR']}'");
$q->execute();
while($r=$q->fetch(PDO::FETCH_OBJ)) {
$goalq=$pdo->prepare("SELECT * FROM fundraising_goals WHERE goal='{$r->fundraising_goal}' AND fiscalyear='{$config['FISCALYEAR']}'");
$goalq->execute();
$goalr=$goalq->fetch(PDO::FETCH_OBJ);
@ -110,6 +109,11 @@ $q->execute();
$percent=0;
$col=colour_to_percent($percent);
if (!$goalr) {
$goalr = new stdClass();
$goalr->name = '';
}
echo "<tr style=\"cursor:pointer;\" onclick=\"return managecampaign($r->id)\">\n";
echo " <td>$r->name</td>\n";
echo " <td>$r->type</td>\n";
@ -518,7 +522,7 @@ $q->execute();
}
function save_campaign_info(){
global $config;
global $config, $pdo;
if(!$_POST['name']){
error_("Appeal Name is required");
return;
@ -526,8 +530,8 @@ function save_campaign_info(){
if(!$_POST['startdate']) $startdate=date("Y-m-d"); else $startdate=$_POST['startdate'];
if(!$_GET['id']) {
$query = "INSERT INTO fundraising_campaigns (name,fiscalyear) VALUES (
'".stripslashes($_POST['name'])."','{$config['FISCALYEAR']}')";
$query = "INSERT INTO fundraising_campaigns (name, fiscalyear) VALUES ('".stripslashes($_POST['name'])."','{$config['FISCALYEAR']}')";
echo $query;
$stmt = $pdo->prepare($query);
$stmt->execute();
$id = $pdo->lastInsertId();
@ -600,27 +604,39 @@ function managecampaignsfinish() {
}
function managecampaignfinish() {
$("#campaign_tabs").tabs({
show: function(event, ui) {
switch(ui.panel.id) {
case 'campaign_tab_overview':
update_tab_overview();
break;
case 'campaign_tab_donations':
update_tab_donations();
break;
case 'campaign_tab_prospects':
$("#editor_tabs").tabs({
create: function( event, ui ) {
update_tab_overview();
update_tab_donations();
update_tab_prospects();
break;
case 'campaign_tab_communications':
update_tab_communications();
break;
}
},
selected: 0
});
update_tab_communications();
},
selected: 0
});}
// function managecampaignfinish() {
// $("#campaign_tabs").tabs({
// show: function(event, ui) {
// switch(ui.panel.id) {
// case 'campaign_tab_overview':
// update_tab_overview();
// break;
// case 'campaign_tab_donations':
// update_tab_donations();
// break;
// case 'campaign_tab_prospects':
// update_tab_prospects();
// break;
// case 'campaign_tab_communications':
// update_tab_communications();
// break;
// }
// },
// selected: 0
// });}
}
function campaigninfo_save(id) {
//if we're creating we need to do the post, and get the id it returns, so we can re-open the popup window with that id

2
admin/fundraising_campaigns_prospecting.php
View File

@ -63,7 +63,7 @@ if($_POST['donortype']=="organization") {
$cq->execute();
show_pdo_errors_if_any($pdo);
while($cr=m$cq->fetch(PDO::FETCH_OBJ)) {
while($cr=$cq->fetch(PDO::FETCH_OBJ)) {
if(!$userslist[$cr->uid])
$userslist[$cr->uid]=user_load($cr->users_id);
}

4
admin/fundraising_common.inc.php
View File

@ -3,10 +3,10 @@ $campaign_types=array("Mail","Email","Phone","Personal Visit","Event","Other");
$salutations=array("Mr.","Mrs.","Ms","Dr.","Professor");
function getGoal($goal) {
global $config;
global $config, $pdo;
$q=$pdo->prepare("SELECT * FROM fundraising_goals WHERE goal='$goal' AND fiscalyear='{$config['FISCALYEAR']}' LIMIT 1");
$q->execute();
return $q->rowCount();
return $q->fetch(PDO::FETCH_OBJ);
}
?>

58
admin/fundraising_setup.php
View File

@ -251,7 +251,7 @@
case "goal_save":
$id=$_POST['id'];
if(! ($_POST['name'] && $_POST['budget'])) {
if(!($_POST['name'] && $_POST['budget'])) {
error_("Purpose name and budget are required");
exit;
}
@ -268,7 +268,8 @@
}
else {
$goal=strtolower($_POST['name']);
$goal=ereg_replace("[^a-z]","",$goal);
$goal=preg_replace("[^a-z]","",$goal);
echo "SELECT * FROM fundraising_goals WHERE goal='$goal' AND fiscalyear='{$config['FISCALYEAR']}'";
$q=$pdo->prepare("SELECT * FROM fundraising_goals WHERE goal='$goal' AND fiscalyear='{$config['FISCALYEAR']}'");
$q->execute();
show_pdo_errors_if_any($pdo);
@ -344,23 +345,32 @@
$(document).ready(function() {
$("#editor_tabs").tabs({
show: function(event, ui) {
switch(ui.panel.id) {
case 'editor_tab_levels':
update_levels();
break;
case 'editor_tab_goals':
update_goals();
break;
break;
case 'editor_tab_setup':
update_setup();
break;
break;
}
},
selected: 0
});
create: function( event, ui ) {
update_levels();
update_goals();
update_setup();
},
selected: 0
});
// $("#editor_tabs").tabs({
// show: function(event, ui) {
// switch(ui.panel.id) {
// case 'editor_tab_levels':
// update_levels();
// break;
// case 'editor_tab_goals':
// update_goals();
// break;
// break;
// case 'editor_tab_setup':
// update_setup();
// break;
// break;
// }
// },
// selected: 0
// });
// $("#organizationinfo_fundingselectiondate").datepicker({ dateFormat: 'yy-mm-dd', showOn: 'button', buttonText: "<?=i18n("calendar")?>" });
@ -369,7 +379,9 @@ $(document).ready(function() {
function update_levels() {
$("#editor_tab_levels").load("fundraising_setup.php?gettab=levels",null,
function() {
$("#levelaccordion").accordion();
$("#levelaccordion").accordion({
heightStyle: "content"
});
}
);
}
@ -393,7 +405,9 @@ function level_delete(id) {
function update_goals() {
$("#editor_tab_goals").load("fundraising_setup.php?gettab=goals",null,
function() {
$("#goalaccordion").accordion();
$("#goalaccordion").accordion({
heightStyle: "content"
});
$("[name=deadline]").datepicker({ dateFormat: 'yy-mm-dd'});
}
);
@ -424,7 +438,7 @@ function goal_delete(id) {
}
function charitychange() {
if($("input[@name='registeredcharity']:checked").val()=="yes") {
if($("input[name='registeredcharity']:checked").val()=="yes") {
$("#charitynumber").attr("disabled","");
}
else {

6
admin/index.php
View File

@ -44,7 +44,7 @@
if($config['volunteer_enable'] == 'yes')
echo "<a href=\"volunteers.php\">".theme_icon("volunteer_management")."<br />".i18n("Volunteer Management")."</a>";
else
echo theme_icon("volunteer_management")."<br />".i18n("Volunteer Management")."<br /><i>(".i18n("disabled").")</i>";
// {echo theme_icon("volunteer_management")."<br />".i18n("Volunteer Management")."<br /><i>(".i18n("disabled").")</i>"};
echo "</td></tr>";
echo "</table>\n";
echo "<hr />";
@ -56,13 +56,13 @@
if($config['tours_enable'] == 'yes')
echo "<a href=\"tours.php\">".theme_icon("tour_management")."<br />".i18n("Tour Management")."</a>";
else
echo theme_icon("tour_management")."<br />".i18n("Tour Management")."<br /><i>(".i18n("disabled").")</i>";
// {echo theme_icon("tour_management")."<br />".i18n("Tour Management")."<br /><i>(".i18n("disabled").")</i>";}
echo "</td>";
echo " <td>";
if($config['participant_regfee_items_enable'] == 'yes')
echo "<a href=\"regfee_items_manager.php\">".theme_icon("registration_fee_items_management")."<br />".i18n("Registration Fee Items Management")."</a>";
else
echo theme_icon("registration_fee_items_management")."<br />".i18n("Registration Fee Items Management")."<br /><i>(".i18n("disabled").")</i>";
// {echo theme_icon("registration_fee_items_management")."<br />".i18n("Registration Fee Items Management")."<br /><i>(".i18n("disabled").")</i>";}
echo "</td>";
echo " </tr>\n";

11
admin/judges_sa.php
View File

@ -482,32 +482,32 @@ while($r = $q->fetch(PDO::FETCH_OBJ)) {
$stmt = $pdo->prepare("DELETE FROM judges_teams_link WHERE judges_teams_id='$id' AND year={$config['FAIRYEAR']}");
$stmt->execute();
print $pdo->errorInfo();
show_pdo_errors_if_any($pdo);
/* Awards */
$stmt = $pdo->prepare("DELETE FROM judges_teams_awards_link WHERE judges_teams_id='$id' AND year={$config['FAIRYEAR']}");
$stmt->execute();
print $pdo->errorInfo();
show_pdo_errors_if_any($pdo);
/* Timeslots */
$stmt = $pdo->prepare("DELETE FROM judges_teams_timeslots_link WHERE judges_teams_id='$id' AND year={$config['FAIRYEAR']}");
$stmt->execute();
print $pdo->errorInfo();
show_pdo_errors_if_any($pdo);
/* Timeslots projects */
$stmt = $pdo->prepare("DELETE FROM judges_teams_timeslots_projects_link WHERE judges_teams_id='$id' AND year={$config['FAIRYEAR']}");
$stmt->execute();
print $pdo->errorInfo();
show_pdo_errors_if_any($pdo);
}
echo "\n";
/* Finally, delete all the autocreated judges teams */
$stmt = $pdo->prepare("DELETE FROM judges_teams WHERE autocreate_type_id=1 AND year={$config['FAIRYEAR']}");
$stmt->execute();
print $pdo->errorInfo();
show_pdo_errors_if_any($pdo);
/* Also delete any judges_teams_link that link to teams that dont exist, just
* in case */
@ -884,6 +884,7 @@ for($x=1;$x<count($jteam); $x++) {
print("Unused Judges:\n");
$ids = $a->bucket[0];
for($y=0; $y<count(get_value_or_default($ids, [])); $y++) {
pr_judge($jteam[0], $ids[$y]);
}

2
admin/judges_sa_launcher.php
View File

@ -54,7 +54,7 @@ else{
//the argument does not get used by the script at all
exec("nice php judges_sa.php {$_SERVER['PHP_SELF']} >../data/logs/judge_scheduler_".date("YmdHis").".log 2>&1 &");
}
usleep(1500000); // 1.5 second to allow the judges_sa to update the % status to 0% otherwise the status page will think its not running if it gets there too soon
//usleep(1500000); // 1.5 second to allow the judges_sa to update the % status to 0% otherwise the status page will think its not running if it gets there too soon
header("Location: judges_scheduler_status.php");
exit;
?>

12
admin/judges_schedulerconfig_check.inc.php
View File

@ -144,16 +144,14 @@ function judges_scheduler_check_judges()
$qp->execute();
$qr = $qp->fetch(PDO::FETCH_OBJ);
if (get_value_from_3d_array($jdiv, $r->jdiv_id, 'num_projects', 'total') !== null){
$jdiv[$r->jdiv_id][num_projects][total] += $qr->cnt;
}
//if (get_value_from_3d_array($jdiv, $r->jdiv_id, 'num_projects', 'total') !== null){
$jdiv[$r->jdiv_id]['num_projects']['total'] += $qr->cnt;
//}
if(get_value_from_3d_array($jdiv,$r->jdiv_id, 'num_projects', $l) !== null)
$jdiv[$r->jdiv_id]['num_projects'][$l] += $qr->cnt;
$jdiv[$r->jdiv_id]['num_projects'][$l] += $qr->cnt;
if(get_value_from_array($projectlanguagetotal, $l) !== null)
$projectlanguagetotal[$l]+=$qr->cnt;
$projectlanguagetotal[$l]+=$qr->cnt;
$projecttotal+=$qr->cnt;
}

2
admin/judges_teams_timeslots.php
View File

@ -27,6 +27,8 @@
user_auth_required('committee', 'admin');
require_once('judges.inc.php');
$action = null;
$round_str = array('timeslot' => 'Judging Timeslot',
'divisional1' => 'Divisional Round 1',
'divisional2' => 'Divisional Round 2',

9
admin/project_editor.php
View File

@ -101,7 +101,7 @@ exit;
function project_save()
{
global $registrations_id, $config;
global $registrations_id, $config, $pdo;
//first, lets make sure this project really does belong to them
$q=$pdo->prepare("SELECT * FROM projects WHERE registrations_id='{$registrations_id}' AND year='{$config['FAIRYEAR']}'");
@ -178,7 +178,8 @@ function project_save()
function project_load()
{
global $registrations_id, $config;
global $registrations_id, $config, $pdo, $projectcategories_id;
// $projectcategories_id=null;
//now lets find out their MAX grade, so we can pre-set the Age Category
$q=$pdo->prepare("SELECT MAX(grade) AS maxgrade FROM students WHERE registrations_id='".$registrations_id."'");
$q->execute();
@ -293,7 +294,7 @@ if($config['project_type'] == 'yes'){
?>
<tr>
<td><?=i18n("Age Category")?>: </td>
<td><?=i18n($agecategories[$projectcategories_id]['category'])?> (<?=i18n("Grades %1-%2",array($agecategories[$projectcategories_id]['mingrade'],$agecategories[$projectcategories_id]['maxgrade']))?>)</td>
<td><?=i18n(get_value_from_2d_array($agecategories, $projectcategories_id,'category'))?> (<?=i18n("Grades %1-%2",array($agecategories[$projectcategories_id]['mingrade'],$agecategories[$projectcategories_id]['maxgrade']))?>)</td>
</tr><tr>
<td><?=i18n("Division")?>: </td>
<td>
@ -420,7 +421,7 @@ $q->execute();
}
echo "</td></tr>";
echo "<tr><td>".i18n("Summary").": </td><td><textarea onchange='countwords()' onkeypress='countwords()' cols=\"60\" rows=\"12\" id=\"summary\" name=\"summary\">".htmlspecialchars($projectinfo->summary,null,"ISO8859-1")."</textarea>".REQUIREDFIELD."<br />";
echo "<tr><td>".i18n("Summary").": </td><td><textarea onchange='countwords()' onkeypress='countwords()' cols=\"60\" rows=\"12\" id=\"summary\" name=\"summary\">".htmlspecialchars($projectinfo->summary,ENT_NOQUOTES,"ISO8859-1")."</textarea>".REQUIREDFIELD."<br />";
$summarywords=preg_split("/[\s,]+/",$projectinfo->summary);
$summarywordcount=count($summarywords);

46
admin/registration_list.php
View File

@ -29,6 +29,8 @@
require_once('../common.inc.php');
require_once('../user.inc.php');
$auth_type = user_auth_required(array('fair','committee'), 'admin');
//require_once('../register_participants.inc.php');
@ -104,6 +106,8 @@ if($auth_type == 'committee') {
?>
<div id="student_editor" title="Student/Project Editor" style="display: none">
<div id="editor_tabs" >
<ul>
@ -111,7 +115,8 @@ if($auth_type == 'committee') {
<li><a href="#editor_tab_students"><span><?=i18n('Students')?></span></a></li>
<li><a href="#editor_tab_project"><span><?=i18n('Project')?></span></a></li>
</ul>
<div id="editor_tab_reg">Loading...</div>
<div id="editor_tab_reg">Loading...
</div>
<div id="editor_tab_students">Loading...</div>
<div id="editor_tab_project">Loading...</div>
</div>
@ -140,7 +145,8 @@ function popup_editor(id, open_tab)
/* Force no tabs to be selected, need to set collapsible
* to true first */
$('#editor_tabs').tabs('option', 'collapsible', true);
$('#editor_tabs').tabs('option', 'selected', -1);
$('#editor_tabs').tabs('option', 'active', -1);
/* Then we'll select a tab to force a reload */
switch(open_tab) {
@ -307,7 +313,17 @@ $(document).ready(function() {
$("#editor_tabs").tabs({
create: function( event, ui ) {
update_students();
update_project();
update_reg();
},
selected: -1
});
/*$("#editor_tabs").tabs({
show: function(event, ui) {
console.log('hi');
switch(ui.panel.id) {
case 'editor_tab_students':
update_students();
@ -323,12 +339,12 @@ $(document).ready(function() {
}
},
selected: -1
});
});*/
$("#newproject").click(function() {
$("#newproject").on("click", (function() {
popup_editor(-1);
}
);
));
});
</script>
@ -375,7 +391,7 @@ else $wherestatus="";
$q = list_query($year, $wherestatus, false);
echo "<table id=\"registration_list\" class=\"tableview\">";
echo "<thead><tr>";
echo "<thead><tr style='background: black';>";
if($showstatus) $stat="&showstatus=".$showstatus;
echo "<th>".i18n("Status")."</th>";
echo "<th>".i18n("Email Address")."</th>";
@ -460,18 +476,18 @@ function print_row($r)
$status_text=i18n($status_text);
$scl = "style=\"cursor:pointer;\" onclick=\"popup_editor('{" . get_value_property_or_default($r, 'reg_id') ."}','');\"";
$pcl = "style=\"cursor:pointer;\" onclick=\"popup_editor('{". get_value_property_or_default($r, 'reg_id') ."}','project');\"";
$scl = "style=\"cursor:pointer;\" onclick=\"popup_editor('" . get_value_property_or_default($r, 'reg_id') ."','');\"";
$pcl = "style=\"cursor:pointer;\" onclick=\"popup_editor('". get_value_property_or_default($r, 'reg_id') ."','project');\"";
echo "<td $scl>{$status_text}</td>";
echo "<td $scl>{".get_value_property_or_default($r, 'email') ."}</td>";
echo "<td $scl>{".get_value_property_or_default($r, 'reg_num') ."}</td>";
echo "<td $scl>".get_value_property_or_default($r, 'email') ."</td>";
echo "<td $scl>".get_value_property_or_default($r, 'reg_num') ."</td>";
$pn = str_replace(' ', '&nbsp;', get_value_property_or_default($r, 'projectnumber', ''));
echo "<td $scl>$pn</td>";
echo "<td $pcl>{" .get_value_property_or_default($r, 'title')."}</td>";
echo "<td $pcl>" .get_value_property_or_default($r, 'title')."</td>";
echo "<td $scl>".i18n(get_value_from_array($cats, get_value_property_or_default($r, 'projectcategories_id'), ''))."</td>";
echo "<td $scl>".i18n($divs[get_value_property_or_default($r, 'projectdivisions_id', '')])."</td>";
echo "<td $scl>".i18n(get_value_from_array($divs, get_value_property_or_default($r, 'projectdivisions_id', '')))."</td>";
$sq=$pdo->prepare("SELECT students.firstname,
students.lastname,
@ -487,7 +503,7 @@ function print_row($r)
students.schools_id=schools.id
");
$sq->execute();
show_pdo_errors_if_any($pdo);
show_pdo_errors_if_any($pdo);
$studnum=1;
$schools="";
@ -503,12 +519,12 @@ function print_row($r)
echo "<td align=\"center\" >";
if($r->flagged == false) {
echo "<a title=\"".i18n("Not flagged")."\" href=\"#\" onClick=\"popup_editor('{$r->reg_id}','project');\" >";
echo "<a title=\"".i18n("Not flagged")."\" href=\"#\" onClick=\"popup_editor('$r->reg_id','project');\" >";
echo "<img src=\"".$config['SFIABDIRECTORY']."/images/16/ok.".$config['icon_extension']."\" border=0>";
echo "</a>";
}
else {
echo "<a title=\"".i18n("Flagged")."\" href=\"#\" onClick=\"popup_editor('{$r->reg_id}','project');\" >";
echo "<a title=\"".i18n("Flagged")."\" href=\"#\" onClick=\"popup_editor('$r->reg_id','project');\" >";
echo "<img src=\"".$config['SFIABDIRECTORY']."/images/16/flagged.".$config['icon_extension']."\" border=0>";
echo "</a>";
}

1
admin/reports.inc.php
View File

@ -419,6 +419,7 @@ foreach($report_stock as $n=>$v) {
$report['loc'] = array();
$fieldvar = "report_{$report['type']}s_fields";
if(is_array($$fieldvar))
$allow_fields = array_keys($$fieldvar);
else

3
admin/reports_acscript.php
View File

@ -113,10 +113,11 @@ if(!$scriptformat) $scriptformat="default";
`order`,
projects.projectnumber");
$pq->execute();
show_pdo_errors_if_any($pdo);
show_pdo_errors_if_any($pdo);
$r->winners = array();
$r->awarded_count = 0;
while($w = $pq->fetch(PDO::FETCH_OBJ)) {
if($w->projects_id)
{

4
admin/reports_appeal_letters.php
View File

@ -70,7 +70,7 @@ $pdf->setImageScale(PDF_IMAGE_SCALE_RATIO);
/* Load the users */
$users = array();
$q = $pdo->prepare("SELECT * FROM fundraising_campaigns_users_link WHERE fundraising_campaigns_id='$fcid'");
while($l = $q->fetch(PDO::FETCH_ASSOC))) {
while($l = $q->fetch(PDO::FETCH_ASSOC)) {
$uid = $l['users_uid'];
$users[$uid] = user_load_by_uid($uid);
}
@ -79,7 +79,7 @@ while($l = $q->fetch(PDO::FETCH_ASSOC))) {
$q = $pdo->prepare("SELECT * FROM emails WHERE fundraising_campaigns_id='$fcid' AND val='$key'");
$q->execute();
while($e = $q->fetch(PDO::FETCH_ASSOC))) {
while($e = $q->fetch(PDO::FETCH_ASSOC)) {
foreach($users as $uid=>&$u) {
$subject = communication_replace_vars($e['subject'], $u);

2
admin/reports_program_awards.php
View File

@ -44,7 +44,7 @@
show_pdo_errors_if_any($pdo);
if($q->rowCCount())
if($q->rowCount())
{
while($r=$q->fetch(PDO::FETCH_OBJ))
{

5
admin/send_emailqueue.php
View File

@ -22,6 +22,7 @@
?>
<?
include "../common.inc.php";
include "../helper.inc.php";
include "communication.inc.php";
$sleepmin=500000; // 0.5 seconds
$sleepmax=2000000; // 2.0 second
@ -70,7 +71,7 @@ if(!$config['emailqueue_lock']) {
if($result) {
$stmt = $pdo->prepare("UPDATE emailqueue_recipients SET sent=NOW(), `result`='ok' WHERE id='$r->id'");
$stmt->execute()
$stmt->execute();
show_pdo_errors_if_any($pdo);
$newnumsent=$email->numsent+1;
$stmt = $pdo->prepare("UPDATE emailqueue SET numsent=$newnumsent WHERE id='$email->id'");
@ -91,7 +92,7 @@ if(!$config['emailqueue_lock']) {
//now check if we're done yet
$rq=$pdo->prepare("SELECT COUNT(*) AS num FROM emailqueue_recipients WHERE sent IS NULL AND emailqueue_id='$email->id'");
$rq->execute();
$rr=$rq;->fetch(PDO::FETCH_OBJ)
$rr=$rq->fetch(PDO::FETCH_OBJ);
if($rr->num==0) {
$stmt = $pdo->prepare("UPDATE emailqueue SET finished=NOW() WHERE id='$email->id'");
$stmt->execute();

16
admin/settranslation.php
View File

@ -34,16 +34,18 @@ foreach($config['languages'] AS $l=>$ln) {
if($_POST['translate_'.$l]) {
$q=$pdo->prepare("SELECT * FROM translations WHERE lang='$l' AND strmd5='$m'");
$q->execute();
if($q->rowCount())
if($q->rowCount()) {
$stmt = $pdo->prepare("UPDATE translations SET val='".iconv("UTF-8","ISO-8859-1",stripslashes($_POST['translate_'.$l]))."' WHERE lang='$l' AND strmd5='$m'");
$stmt->execute();else
$stmt->execute();
} else {
$stmt = $pdo->prepare("INSERT INTO translations (lang,strmd5,str,val) VALUES ('$l','$m','".iconv("UTF-8","ISO-8859-1",stripslashes($_POST['translate_str_hidden']))."','".iconv("UTF-8","ISO-8859-1",stripslashes($_POST['translate_'.$l]))."')");
$stmt->execute();}
else {
$stmt->execute();
}
} else {
$stmt = $pdo->prepare("DELETE FROM translations WHERE lang='$l' AND strmd5='$m'");
$stmt->execute();}
$stmt->execute();
}
}
echo "ok";

40
admin/student_editor.php
View File

@ -132,7 +132,7 @@ exit;
//now do any data saves
function students_save()
{
global $registrations_id, $config;
global $registrations_id, $config, $pdo;
$x=1;
while($_POST["num"][$x]) {
@ -214,7 +214,7 @@ function students_save()
function students_load()
{
global $registrations_id, $config;
global $registrations_id, $config, $pdo;
//now query and display
$q=$pdo->prepare("SELECT * FROM students WHERE
@ -225,7 +225,7 @@ function students_load()
$numfound=$q->rowCount();
$numtoshow = intval($_GET['numstudents']);
$numtoshow = intval(get_value_from_array($_GET, 'numstudents'));
if($numtoshow == 0) $numtoshow=$numfound;
@ -249,7 +249,7 @@ function students_load()
echo "<h3>".i18n("Student %1 Details",array($x))."</h3>";
//if we have a valid student, set their ID, so we can UPDATE when we submit
//if there is no record for this student, then set the ID to 0, so we will INSERT when we submit
if($studentinfo->id) $id=$studentinfo->id; else $id=0;
if(get_value_property_or_default($studentinfo,'id')) $id=$studentinfo->id; else $id=0;
//true should work here, it just has to be set to _something_ for it to work.
echo "<input type=\"hidden\" name=\"num[$x]\" value=\"true\" />";
@ -258,8 +258,8 @@ function students_load()
echo "<input type=\"hidden\" name=\"id[$x]\" value=\"$id\" />";
echo "<table>";
echo "<tr>\n";
echo " <td>".i18n("First Name")."</td><td><input type=\"text\" name=\"firstname[$x]\" value=\"$studentinfo->firstname\" />".REQUIREDFIELD."</td>\n";
echo " <td>".i18n("Last Name")."</td><td><input type=\"text\" name=\"lastname[$x]\" value=\"$studentinfo->lastname\" />".REQUIREDFIELD."</td>\n";
echo " <td>".i18n("First Name")."</td><td><input type=\"text\" name=\"firstname[$x]\" value=\"".get_value_property_or_default($studentinfo, 'firstname')."\" />".REQUIREDFIELD."</td>\n";
echo " <td>".i18n("Last Name")."</td><td><input type=\"text\" name=\"lastname[$x]\" value=\"".get_value_property_or_default($studentinfo, 'lastname')."\" />".REQUIREDFIELD."</td>\n";
echo "</tr>\n";
if($config['participant_student_personal']=="yes") {
@ -278,10 +278,10 @@ function students_load()
echo "</tr>\n";
echo "<tr>\n";
echo " <td>".i18n("Email Address")."</td><td><input size=\"30\" type=\"text\" name=\"email[$x]\" value=\"$studentinfo->email\" />".REQUIREDFIELD."</td>\n";
echo " <td>".i18n("Email Address")."</td><td><input size=\"30\" type=\"text\" name=\"email[$x]\" value=\"".get_value_property_or_default($studentinfo, 'email')."\" />".REQUIREDFIELD."</td>\n";
if($config['participant_student_personal']=="yes") {
echo " <td>".i18n("City")."</td><td><input type=\"text\" name=\"city[$x]\" value=\"$studentinfo->city\" />".REQUIREDFIELD."</td>\n";
echo " <td>".i18n("City")."</td><td><input type=\"text\" name=\"city[$x]\" value=\"".get_value_property_or_default($studentinfo, 'city')."\" />".REQUIREDFIELD."</td>\n";
}
else
{
@ -293,19 +293,19 @@ function students_load()
if($config['participant_student_personal']=="yes")
{
echo "<tr>\n";
echo " <td>".i18n("Address")."</td><td><input type=\"text\" name=\"address[$x]\" value=\"$studentinfo->address\" />".REQUIREDFIELD."</td>\n";
echo " <td>".i18n("Address")."</td><td><input type=\"text\" name=\"address[$x]\" value=\"".get_value_property_or_default($studentinfo, 'address')."\" />".REQUIREDFIELD."</td>\n";
echo " <td>".i18n($config['provincestate'])."</td><td>";
emit_province_selector("province[$x]",$studentinfo->province);
emit_province_selector("province[$x]",get_value_property_or_default($studentinfo, 'province'));
echo REQUIREDFIELD."</td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo " <td>".i18n($config['postalzip'])."</td><td><input type=\"text\" name=\"postalcode[$x]\" value=\"$studentinfo->postalcode\" />".REQUIREDFIELD."</td>\n";
echo " <td>".i18n("Phone")."</td><td><input type=\"text\" name=\"phone[$x]\" value=\"$studentinfo->phone\" />".REQUIREDFIELD."</td>\n";
echo " <td>".i18n($config['postalzip'])."</td><td><input type=\"text\" name=\"postalcode[$x]\" value=\"".get_value_property_or_default($studentinfo, 'postalcode')."\" />".REQUIREDFIELD."</td>\n";
echo " <td>".i18n("Phone")."</td><td><input type=\"text\" name=\"phone[$x]\" value=\"".get_value_property_or_default($studentinfo, 'phone')."\" />".REQUIREDFIELD."</td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo " <td>".i18n("Date of Birth")."</td><td>\n";
list($year,$month,$day)=split("-",$studentinfo->dateofbirth);
list($year,$month,$day)=explode("-",get_value_property_or_default($studentinfo, 'dateofbirth', ''));
echo "<table><tr><td>";
emit_day_selector("day[$x]",$day);
echo "</td><td>\n";
@ -374,7 +374,7 @@ function students_load()
{
echo "<tr>\n";
echo "<td>".i18n("Special Food Requirements")."</td><td colspan=\"3\">";
echo "<input name=\"foodreq[$x]\" type=\"text\" size=\"50\" value=\"$studentinfo->foodreq\" />";
echo "<input name=\"foodreq[$x]\" type=\"text\" size=\"50\" value=\"".get_value_property_or_default($studentinfo,'foodreq')."\" />";
echo "</td>";
echo "</tr>\n";
}
@ -407,8 +407,8 @@ function students_load()
echo "</tr>\n";
echo "<tr>\n";
echo " <td>".i18n("Teacher Name")."</td><td><input type=\"text\" name=\"teachername[$x]\" value=\"$studentinfo->teachername\" /></td>\n";
echo " <td>".i18n("Teacher Email")."</td><td><input type=\"text\" name=\"teacheremail[$x]\" value=\"$studentinfo->teacheremail\" /></td>\n";
echo " <td>".i18n("Teacher Name")."</td><td><input type=\"text\" name=\"teachername[$x]\" value=\"".get_value_property_or_default($studentinfo,'teachername')."\" /></td>\n";
echo " <td>".i18n("Teacher Email")."</td><td><input type=\"text\" name=\"teacheremail[$x]\" value=\"".get_value_property_or_default($studentinfo,'teacheremail')."\" /></td>\n";
echo "</tr>\n";
@ -445,7 +445,7 @@ function students_load()
function registration_load()
{
global $registrations_id, $config, $auth_type;
global $registrations_id, $config, $auth_type, $pdo;
/* Load reg data */
if($registrations_id == -1) {
@ -494,10 +494,10 @@ function registration_load()
<table>
<tr>
<td><?=i18n("Registration Number")?>:</td>
<td><input type="text" name="registration_num" value="<?=$r['num']?>"></td>
<td><input type="text" name="registration_num" value="<?=get_value_from_array($r, 'num')?>"></td>
</tr><tr>
<td><?=i18n("Registration Email")?>:</td>
<td><input type="text" name="registration_email" value="<?=$r['email']?>"></td>
<td><input type="text" name="registration_email" value="<?=get_value_from_array($r, 'email')?>"></td>
</tr><tr>
<td><?=i18n("Status")?>:</td>
<td><select name="registration_status">
@ -541,7 +541,7 @@ else {
function registration_save()
{
global $registrations_id, $config, $auth_type;
global $registrations_id, $config, $auth_type, $pdo;
$registration_num = intval($_POST['registration_num']);
$registration_status = stripslashes($_POST['registration_status']);
$registration_email = stripslashes($_POST['registration_email']);

2
admin/tours_sa.php
View File

@ -202,7 +202,7 @@ while($r=$q->fetch(PDO::FETCH_OBJ)) {
$tours[$x]['grade_max'] = $r->grade_max;
$tours[$x]['id'] = $r->id;
$tours[$x]['name'] = $r->name;
TRACE(" ($x) ${$r->id}: #{$r->num} {$r->name} (cap:{$r->capacity} grade:{$r->grade_min}-{$r->grade_max})\n");
TRACE(" ($x) #{$r->id}: #{$r->num} {$r->name} (cap:{$r->capacity} grade:{$r->grade_min}-{$r->grade_max})\n");
$x++;
}

3
admin/translations.php
View File

@ -35,7 +35,7 @@
//by default, we will edit the french translations
if(get_value_from_array($_GET, 'translang')) $_SESSION['translang']=$_GET['translang'];
if(get_value_from_array(!$_SESSION, 'translang'))
if(!get_value_from_array($_SESSION, 'translang'))
$_SESSION['translang']="fr";
$show = false;
@ -103,6 +103,7 @@ echo "<br />";
if($show=="missing") $showquery="AND ( val is null OR val='' )";
else $showquery="";
$q=$pdo->prepare("SELECT * FROM translations WHERE lang='".get_value_from_array($_SESSION, 'translang')."' $showquery ORDER BY str");
$q->execute();
$num=$q->rowCount();

2
app/projectinfo.php
View File

@ -23,6 +23,8 @@
<?
require("../common.inc.php");
global $pdo;
//first, lets make sure someone isng tryint to see something that they arent allowed to!
$q=$pdo->prepare("SELECT (NOW()>='".$config['dates']['postparticipants']."') AS test");
$q->execute();

3
app/projectlist.php
View File

@ -22,7 +22,8 @@
?>
<?
require("../common.inc.php");
global $pdo;
//first, lets make sure someone isnt trying to see something that they arent allowed to!
$q=$pdo->prepare("SELECT (NOW()>='".$config['dates']['postparticipants']."') AS test");
$q->execute();

1
app/projects.php
View File

@ -23,6 +23,7 @@
<?
require("../common.inc.php");
global $pdo;
//first, lets make sure someone isnt trying to see something that they arent allowed to!
$q=$pdo->prepare("SELECT (NOW()>='".$config['dates']['postparticipants']."') AS test");
$q->execute();

18
common.inc.php
View File

@ -208,7 +208,7 @@ session_start();
//detect the browser first, so we know what icons to use - we store this in the config array as well
//even though its not configurable by the fair
if(stristr($_SERVER['HTTP_USER_AGENT'],"MSIE"))
if(stristr(get_value_from_array($_SERVER, 'HTTP_USER_AGENT', ''),"MSIE"))
$config['icon_extension']="gif";
else
$config['icon_extension']="png";
@ -375,7 +375,7 @@ function happy($str,$type="normal")
function display_messages()
{
/* Dump any messages in the queue */
if(is_array($_SESSION['messages'])) {
if(is_array(get_value_from_array($_SESSION, 'messages'))) {
foreach($_SESSION['messages'] as $m) echo $m;
}
$_SESSION['messages'] = array();
@ -415,6 +415,7 @@ function send_header($title="", $nav=null, $icon=null, $titletranslated=false)
<!-- <script type="text/javascript" src="<?=$config['SFIABDIRECTORY']?>/js/jqueryui/1.7.2/jquery-ui.min.js"></script> -->
<script src="https://code.jquery.com/ui/1.14.1/jquery-ui.min.js"></script>
<script type="text/javascript" src="<?=$config['SFIABDIRECTORY']?>/js/sfiab.js"></script>
<script type="text/javascript" src="<?=$config['SFIABDIRECTORY']?>/theme/new_default/theme-script.js"></script>
<script type="text/javascript">
$(document).ready(function(){
$('.tableview').tablesorter();
@ -633,7 +634,7 @@ if(substr(getcwd(),-6)=="/admin" || substr(getcwd(),-7)=="/config" || substr(get
$fname=substr($_SERVER['REDIRECT_SCRIPT_URL'],strlen($config['SFIABDIRECTORY'])+1);
else
$fname=substr($_SERVER['PHP_SELF'],strlen($config['SFIABDIRECTORY'])+1);
echo "</td><td align=\"right\"><a target=\"_sfiabhelp\" href=\"http://www.sfiab.ca/wiki/index.php/Help_$fname\"><img border=\"0\" src=\"".$config['SFIABDIRECTORY']."/images/32/help.".$config['icon_extension']."\"></a>";
echo "</td><td align=\"right\"><a target=\"_sfiabhelp\" href=\"http://www.sfiab.ca/wiki/index.php/Help_$fname\"><img border=\"0\" src=\"".$config['SFIABDIRECTORY']."/images/32/help_science_ation.".$config['icon_extension']."\"></a>";
}
"</td></tr>";
echo "</table>";
@ -706,8 +707,9 @@ function send_popup_header($title="")
<script src="https://code.jquery.com/jquery-3.7.1.js"></script>
<script src="https://code.jquery.com/jquery-migrate-3.5.2.js"></script>
<script src="https://code.jquery.com/ui/1.14.1/jquery-ui.min.js"></script>
<script type="text/javascript" src="<?=$config['SFIABDIRECTORY']?>/js/sfiab.js"></script>
<script type="text/javascript" src="<?=$config['SFIABDIRECTORY']?>/theme/new_default/theme-script.js"></script>
<div id="notice_area" class="notice_area"></div>
<?
@ -958,7 +960,7 @@ function communication_replace_vars($text, &$u, $otherrep=array()) {
$rep=array_merge($userrep,$otherrep);
foreach($rep AS $k=>$v) {
$text=ereg_replace("\[$k\]",$v,$text);
$text=preg_replace("\[$k\]",$v,$text);
}
return $text;
}
@ -996,18 +998,18 @@ function email_send($val,$to,$sub_subject=array(),$sub_body=array())
/* Eventually we should just do this with communication_replace_vars() */
if(count($sub_subject)) {
foreach($sub_subject AS $sub_k=>$sub_v) {
$subject=ereg_replace("\[$sub_k\]","$sub_v",$subject);
$subject=preg_replace("\[$sub_k\]","$sub_v",$subject);
}
}
if(count($sub_body)) {
foreach($sub_body AS $sub_k=>$sub_v) {
$body=ereg_replace("\[$sub_k\]","$sub_v",$body);
$body=preg_replace("\[$sub_k\]","$sub_v",$body);
}
}
if(count($sub_body)) {
foreach($sub_body AS $sub_k=>$sub_v) {
$bodyhtml=ereg_replace("\[$sub_k\]","$sub_v",$bodyhtml);
$bodyhtml=preg_replace("\[$sub_k\]","$sub_v",$bodyhtml);
}
}

26
config/backuprestore.php
View File

@ -241,7 +241,7 @@ else if (get_value_from_array($_POST, 'action') == 'clean_judges') {
if ($deletable->rowCount() > 0){
// delete old data one by one
while ($old_judge_data = $deletable->fetch(PDO::FETCH_ASSOC)){
if (!is_array($old_judge_data['type'])){
if (!isset($old_judge_data['type']) && !is_array($old_judge_data['type'])){
$old_judge_data['types'] = array($old_judge_data['types']);
}
user_purge($old_judge_data, 'judge');
@ -262,15 +262,11 @@ else if (get_value_from_array($_POST, 'action') == 'clean_judges') {
$stmt = $pdo->prepare("OPTIMIZE TABLE users, users_judge");
$stmt->execute();
$str = $pdo->errorInfo();
echo $str;
if($str == '')
if($pdo->errorInfo()[0] == 00000) {
echo happy(i18n("Old judge data purged."));
else{
error(i18n($str));}
} else {
error(i18n($pdo->errorInfo()[0]));
}
}
else if (get_value_from_array($_POST, 'action') == 'clean_parents') {
@ -296,15 +292,11 @@ else if (get_value_from_array($_POST, 'action') == 'clean_parents') {
$stmt = $pdo->prepare("OPTIMIZE TABLE users, users_parent");
$stmt->execute();
$str = $pdo->errorInfo();
echo $str;
if($str == '')
if($pdo->errorInfo()[0] == 00000) {
echo happy(i18n("Old parent data purged."));
else{
error(i18n($str));}
} else {
error(i18n($pdo->errorInfo()[0]));
}
}

22
config/pagetexts.php
View File

@ -39,17 +39,23 @@
$q = $pdo->prepare("SELECT * FROM pagetext WHERE year='-1' ORDER BY textname");
$q->execute();
while($r=$q->fetch(PDO::FETCH_OBJ))
{
foreach($config['languages'] AS $lang=>$langname) {
$q = $pdo->prepare("INSERT INTO pagetext (`textname`,`textdescription`,`text`,`year`,`lang`) VALUES (
".$pdo->quote($r->textname).",
".$pdo->quote($r->textdescription).",
".$pdo->quote($r->text).",
".$pdo->quote($config['FAIRYEAR']).",
".$pdo->quote($lang).")");
$q->execute();
$q_current = $pdo->prepare("SELECT * FROM pagetext WHERE year=".$pdo->quote($config['FAIRYEAR'])." and textname=".$pdo->quote($r->textname)."");
$q_current->execute();
if ($q_current->rowCount() == 0) {
$q1 = $pdo->prepare("INSERT INTO pagetext (`textname`,`textdescription`,`text`,`year`,`lang`) VALUES (
".$pdo->quote($r->textname).",
".$pdo->quote($r->textdescription).",
".$pdo->quote($r->text).",
".$pdo->quote($config['FAIRYEAR']).",
".$pdo->quote($lang).")");
$q1->execute();
}
}
}

17
config/rolloverfiscal.php
View File

@ -83,7 +83,8 @@ function rolloverfiscalyear($newYear){
$fields = "`name`,`type`,`startdate`,`enddate`,`followupdate`,`active`,`target`,`fundraising_goal`,`filterparameters`";
$q = $pdo->prepare("SELECT $fields FROM fundraising_campaigns WHERE fiscalyear = $oldYear");
$q->execute();
while($pdo->errorInfo() == null && $r = $q->fetch(PDO::FETCH_ASSOC)){
while($pdo->errorInfo()[0] == 00000 && $r = $q->fetch(PDO::FETCH_ASSOC)){
foreach(array('startdate','enddate','followupdate') as $dateField){
$dateval = $r[$dateField];
$parts = explode('-', $dateval);
@ -105,10 +106,10 @@ function rolloverfiscalyear($newYear){
// next we'll hit findraising_donor_levels
$fields = "`level`,`min`,`max`,`description`";
if($pdo->errorInfo() == null)
if($pdo->errorInfo()[0] == 00000)
$q = $pdo->prepare("SELECT $fields FROM fundraising_donor_levels WHERE fiscalyear = $oldYear");
$q->execute();
while($pdo->errorInfo() == null && $r = $q->fetch(PDO::FETCH_ASSOC)){
while($pdo->errorInfo()[0] == 00000 && $r = $q->fetch(PDO::FETCH_ASSOC)){
$r['fiscalyear'] = $newYear;
$fields = array_keys($r);
$values = array_values($r);
@ -122,11 +123,11 @@ function rolloverfiscalyear($newYear){
// and now we'll do findraising_goals
$fields = "`goal`,`name`,`description`,`system`,`budget`,`deadline`";
if($pdo->errorInfo() == null){
if($pdo->errorInfo()[0] == 00000){
$q = $pdo->prepare("SELECT $fields FROM fundraising_goals WHERE fiscalyear = $oldYear");
$q->execute();
}
while($pdo->errorInfo() == null && $r = $q->fetch(PDO::FETCH_ASSOC)){
while($pdo->errorInfo()[0] == 00000 && $r = $q->fetch(PDO::FETCH_ASSOC)){
$dateval = $r['deadline'];
$parts = explode('-', $dateval);
if($parts[0] != '0000')
@ -146,16 +147,16 @@ function rolloverfiscalyear($newYear){
}
// finally, let's update the fiscal year itself:
if($pdo->errorInfo() == null){
if($pdo->errorInfo()[0] == 00000){
$stmt = $pdo->prepare("UPDATE config SET val='$newYear' WHERE var='FISCALYEAR'");
$stmt->execute();
}
if($pdo->errorInfo() == null){
if($pdo->errorInfo()[0] == 00000){
$config['FISCALYEAR'] = $newYear;
echo happy(i18n("Fiscal year has been rolled over from %1 to %2", array($oldYear, $newYear)));
}else{
echo error($pdo->errorInfo());
echo error($pdo->errorInfo()[0]);
}
}

2
config/signaturepage_or_permissionform.php
View File

@ -18,7 +18,7 @@ if ($config['signaturepage_or_permissionform']=="permissionform"){
else {
$participationform = 'Signature Page';
$plural_participationform = 'Siganture Forms';
$plural_participationform = 'Signature Forms';
$non_capital_participationform = 'signature page';
$non_capital_plural_participationform = 'signature forms';
$sentence_begin_participationform = 'Signature page';

5
config_editor.inc.php
View File

@ -158,7 +158,7 @@ function config_editor_handle_actions($category, $year, $array_name)
switch($config_vars[$k]['type']) {
case 'number':
if(ereg("[0-9]+(\.[0-9]+)?", $val, $regs)) {
if(preg_match("[0-9]+(\.[0-9]+)?", $val, $regs)) {
$val = $regs[0];
} else {
$val = 0;
@ -203,6 +203,9 @@ function config_editor($category, $year, $array_name, $self)
* have to modify 2 questions to maintain the order */
$var = config_editor_load($category, $year);
if (($category == 'Tours' or $category == 'Volunteer Registration') and ($config['tours_enable'] !== 'yes' or $config['participant_regfee_items_enable'] !== 'yes'))
echo "<form method=\"post\" style='pointer-events: none; opacity: 0.5;' action=\"$self\">";
echo "<form method=\"post\" action=\"$self\">";
echo "<table cellpadding=\"3\">";

2
contact.php
View File

@ -25,7 +25,7 @@
send_header("Contact Us",null,"communication");
function cleanify($in) {
$in=ereg_replace("\r","\n",$in);
$in=preg_replace("\r","\n",$in);
$lines=explode("\n",$in);
return trim($lines[0]);
}

BIN
data/logo-100.gif
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 6.3 KiB

After

Width:  |  Height:  |  Size: 2.2 KiB

BIN
data/logo-100.jpg
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 9.1 KiB

After

Width:  |  Height:  |  Size: 4.1 KiB

BIN
data/logo-100.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 17 KiB

After

Width:  |  Height:  |  Size: 8.1 KiB

BIN
data/logo-200.gif
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 19 KiB

After

Width:  |  Height:  |  Size: 4.8 KiB

BIN
data/logo-200.jpg
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 26 KiB

After

Width:  |  Height:  |  Size: 10 KiB

BIN
data/logo-200.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 50 KiB

After

Width:  |  Height:  |  Size: 20 KiB

BIN
data/logo-500.gif
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 86 KiB

After

Width:  |  Height:  |  Size: 16 KiB

BIN
data/logo-500.jpg
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 105 KiB

After

Width:  |  Height:  |  Size: 32 KiB

BIN
data/logo-500.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 192 KiB

After

Width:  |  Height:  |  Size: 72 KiB

BIN
data/logo.gif
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 49 KiB

After

Width:  |  Height:  |  Size: 10 KiB

BIN
data/logo.jpg
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 84 KiB

After

Width:  |  Height:  |  Size: 36 KiB

BIN
data/logo.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 81 KiB

After

Width:  |  Height:  |  Size: 45 KiB

9
db/db.update.116.php
View File

@ -24,7 +24,7 @@ function db_update_116_post()
while($r=$q->fetch(PDO::FETCH_OBJ)) {
$username="";
for($x=0;$x<16;$x++)
$username.=$available{rand(0,$len)};
$username.=$available[rand(0,$len)];
$stmt = $pdo->prepare("UPDATE users SET username='$username' WHERE id='$r->id'");
$stmt->execute();
}
@ -198,7 +198,7 @@ $stmt->execute();
//check if a user already exists with this username
$uq=$pdo->prepare("SELECT * FROM users WHERE (username='".$j->email."' OR email='".$j->email."') AND year='$j->year'");
$uq->execute();
if($j->email && $ur=$uq->fetch(PDO::FETCH_OBJ) {
if($j->email && $ur=$uq->fetch(PDO::FETCH_OBJ)) {
$id=$ur->id;
echo "Using existing users.id=$id for judges.id=$j->id because email address/year ($j->email/$j->year) matches\n";
@ -254,6 +254,7 @@ $stmt->execute();
while($i = $q->fetch(PDO::FETCH_OBJ)) {
$catpref[$i->projectcategories_id] = $i->rank;
}
$uj['cat_prefs'] = serialize($catpref);
/* divprefs and subdivision prefs */
@ -274,9 +275,11 @@ $stmt->execute();
$q = $pdo->prepare("SELECT * FROM judges_languages WHERE judges_id='{$j->id}'");
$q->execute();
$langs = array();
while($i = $q->fetch(PDO::FETCH_OBJ)) {
$langs[] = $i->languages_lang;
}
$uj['languages'] = serialize($langs);
/* Map judges questions back to the profile. We're going to keep questions we need for
@ -308,7 +311,7 @@ $stmt->execute();
echo "Warning: Judge {$j->id} did not answer question '$head' in year '{$j->year}', cannot copy answer.\n";
continue;
}
$i = $q->fetch(PDO::FETCH_ASSOC)
$i = $q->fetch(PDO::FETCH_ASSOC);
$uj[$field] = $i['answer'];
}

4
db/db.update.118.php
View File

@ -54,13 +54,13 @@ function db_update_118_post()
else {
$username="";
for($x=0;$x<16;$x++)
$username.=$available{rand(0,$availlen)};
$username.=$available[rand(0,$availlen)];
}
//and create them a password
$password="";
for($x=0;$x<8;$x++)
$password.=$available{rand(0,$availlen)};
$password.=$available[rand(0,$availlen)];
//set passwordset to 0000-00-00 to force it to expire on next login
$sql="INSERT INTO users (`types`,`username`,`created`,`password`,`passwordset`,`".implode("`,`",$userfields)."`,`year`) VALUES (";

4
db/db.update.129.php
View File

@ -7,7 +7,7 @@ function db_update_129_pre()
$source_map = array();
$q = $pdo->prepare("SELECT * FROM award_sources");
$q->execute();
while($r = m$q->fetch(PDO::FETCH_ASSOC) {
while($r = $q->fetch(PDO::FETCH_ASSOC)) {
/* Make a user, use the password generator to get
* a random username */
@ -41,7 +41,7 @@ function db_update_129_pre()
$q = $pdo->prepare("SELECT * FROM award_awards");
$q->execute();
$keys = array_keys($source_map);
while($r = m$q->fetch(PDO::FETCH_ASSOC)) {
while ($r = $q->fetch(PDO::FETCH_ASSOC)) {
$old_id = $r['award_sources_id'];
if(!in_array($old_id, $keys)) continue;

6
db/db.update.129.user.inc.php
View File

@ -52,7 +52,7 @@ function db129_user_generate_password($pwlen=8)
$key="";
for($x=0;$x<$pwlen;$x++)
$key.=$available{rand(0,$len)};
$key.=$available[rand(0,$len)];
return $key;
}
@ -181,7 +181,7 @@ function db129_user_load($user, $uid = false)
foreach($ret['types'] as $t) {
/* These all pass $ret by reference, and can modify
* $ret */
$r = call_user_func("db129_user_load_$t", &$ret);
$r = call_user_func("db129_user_load_$t", $ret);
if($r != true) {
echo "db129_user_load_$t returned false!\n";
return false;
@ -608,7 +608,7 @@ function db129_user_create($type, $username, $u = NULL)
exit;
}
$new_types = implode(',', $u['types']).','.$type;
$stmt = \4pdo->prepare("UPDATE users SET types='$new_types' WHERE id='$uid'");
$stmt = $pdo->prepare("UPDATE users SET types='$new_types' WHERE id='$uid'");
$stmt->execute();
}

2
db/db.update.131.php
View File

@ -32,7 +32,7 @@ function db_update_131_pre()
'pending',
'25',
'$year')");
$pdo->execute(0;)
$pdo->execute();
$stmt = $pdo->prepare("INSERT INTO sponsors_logs (sponsors_id,dt,users_id,log) VALUES ('$r->id',NOW(),0,'Automatically created sponsorship from existing sponsor. type=award, value=\$$total, status=pending, probability=25%')");
$stmt->execute();
}

2
db/db.update.146.php
View File

@ -43,7 +43,7 @@ function db_update_146_post()
global $config;
$q = $pdo->prepare("SELECT * FROM schools WHERE year='{$config['FAIRYEAR']}'");
$q->execute();
while($s = $q->fetch(PDO::FETCH_ASSOC) {
while($s = $q->fetch(PDO::FETCH_ASSOC)) {
/* Science head */
if(trim($s['sciencehead']) != '') {
$u = db_update_146_handle($s['sciencehead'],

6
db/db.update.146.user.inc.php
View File

@ -57,7 +57,7 @@ function db146_user_generate_password($pwlen=8)
$key="";
for($x=0;$x<$pwlen;$x++)
$key.=$available{rand(0,$len)};
$key.=$available[rand(0,$len)];
return $key;
}
@ -132,7 +132,7 @@ function db146_user_load_sponsor(&$u)
$u['sponsor_active'] = ($u['sponsor_active'] == 'yes') ? 'yes' : 'no';
if($u['sponsors_id']) {
$q=$pdo->prepare("SELECT * FROM sponsors WHERE id='{$u['sponsors_id']}'");
$q->execute(0;)
$q->execute(0);
$u['sponsor']=$q->fetch(PDO::FETCH_ASSOC);
}
return true;
@ -220,7 +220,7 @@ function db146_user_load($user, $uid = false)
foreach($ret['types'] as $t) {
/* These all pass $ret by reference, and can modify
* $ret */
$r = call_user_func("db146_user_load_$t", &$ret);
$r = call_user_func("db146_user_load_$t", $ret);
if($r != true) {
echo "db146_user_load_$t returned false!\n";
return false;

2
db/db.update.149.php
View File

@ -5,7 +5,7 @@ include "db.update.149.user.inc.php";
function db_update_149_post() {
$q=$pdo->prepare("SELECT * FROM emergencycontact");
$q->execute();
while($r=$q->fetch(PDO::FETCH_OBJ))) {
while($r=$q->fetch(PDO::FETCH_OBJ)) {
$relation=strtolower(trim($r->relation));
if( levenshtein('parent',$relation)<2
|| levenshtein('mother',$relation)<3

6
db/db.update.149.user.inc.php
View File

@ -57,7 +57,7 @@ function db149_user_generate_password($pwlen=8)
$key="";
for($x=0;$x<$pwlen;$x++)
$key.=$available{rand(0,$len)};
$key.=$available[rand(0,$len)];
return $key;
}
@ -219,7 +219,7 @@ function db149_user_load($user, $uid = false)
foreach($ret['types'] as $t) {
/* These all pass $ret by reference, and can modify
* $ret */
$r = call_user_func("db149_user_load_$t", &$ret);
$r = call_user_func("db149_user_load_$t", $ret);
if($r != true) {
echo "db149_user_load_$t returned false!\n";
return false;
@ -648,7 +648,7 @@ function db149_user_dupe_row($db, $key, $val, $newval)
$q = "INSERT INTO $db ($keys) VALUES ($vals)";
// echo "Dupe Query: [$q]";
$r = $pdo->prepare($q);
$r->execute(0;)
$r->execute(0);
show_pdo_errors_if_any($pdo);
$id = $pdo->lastInsertId();

2
db/db.update.81.php
View File

@ -3,7 +3,7 @@ function db_update_81_post()
{
$q = $pdo->prepare("SELECT DISTINCT award_sponsors_id FROM award_contacts");
$q->execute();
while($i = m$q->fetch(PDO::FETCH_OBJ)) {
while($i = $q->fetch(PDO::FETCH_OBJ)) {
$asid = $i->award_sponsors_id;
$stmt = $pdo->prepare("UPDATE award_contacts SET `primary`='yes' WHERE award_sponsors_id='$asid' LIMIT 1");
$stmt->execute();

6
helper.inc.php
View File

@ -50,6 +50,12 @@ function show_pdo_errors_if_any($pdo)
}
}
function check_for_pdo_errors($pdo){
$errorInfo = $pdo->errorInfo();
if ($errorInfo[0] != '00000') return true;
else return false;
}
function add_or_initialize(mixed $ar, mixed $key, mixed $increment = 1, mixed $initial = 0) : mixed {
return isset($ar[$key]) ? ($ar[$key] += $increment) : $initial;
}

1
install.php
View File

@ -112,7 +112,6 @@ if($_POST['dbhost'] && $_POST['dbname'] && $_POST['dbuser'] && $_POST['dbpass'])
else
{
echo "<div class=\"error\">Cannot write to data/config.inc.php. Make sure the web server has write access to the data/ subdirectory</div>";
}
}

2
install2.php
View File

@ -52,7 +52,7 @@ if(!file_exists("data/config.inc.php"))
require_once("data/config.inc.php");
$DBUSER=substr($DBUSER,0,16);
pdo = new PDO($DBHOST,$DBUSER,$DBPASS);
$pdo = new PDO($DBHOST,$DBUSER,$DBPASS);
echo "Getting database version requirements for code... ";

4
install3.php
View File

@ -47,7 +47,7 @@ require_once("committee.inc.php");
$DBUSER=substr($DBUSER,0,16);
pdo = new PDO($DBHOST,$DBUSER,$DBPASS)
$pdo = new PDO($DBHOST,$DBUSER,$DBPASS);
echo "Checking for SFIAB database... ";
@ -160,7 +160,7 @@ $stmt->execute([
// Update some variables
$stmt = pdo->prepare("UPDATE config SET val = :fairname WHERE var = 'fairname' AND year = :year")
$stmt = $pdo->prepare("UPDATE config SET val = :fairname WHERE var = 'fairname' AND year = :year");
$stmt.execute(':fairname' => stripslashes($_POST['fairname']),
':year' => $year)

6
judge.inc.php
View File

@ -94,7 +94,7 @@ function judge_status_questions($u){
function judge_status_special_awards(&$u)
{
global $config;
global $config, $pdo;
if($config['judges_specialaward_enable'] == 'no' && $u['special_award_only']=='no')
return 'complete';
@ -129,7 +129,7 @@ function judge_status_special_awards(&$u)
function judge_status_availability(&$u)
{
global $config;
global $config, $pdo;
if($config['judges_availability_enable'] == 'no') return 'complete';
$q = $pdo->prepare("SELECT id FROM judges_availability
@ -143,7 +143,7 @@ function judge_status_update(&$u)
{
global $config;
if( user_personal_info_status($u) == 'complete'
if(user_personal_info_status($u) == 'complete'
&& judge_status_expertise($u) == 'complete'
&& judge_status_other($u) == 'complete'
&& judge_status_availability($u) == 'complete'

4
judge_main.php
View File

@ -64,8 +64,8 @@
* it's less obvious below */
$q = $pdo->prepare("SELECT id FROM judges_teams_link WHERE
users_id='{$u['id']}' AND year='{$config['FAIRYEAR']}'");
$q2->execute();
if($q2->rowCount() > 0) {
$q->execute();
if($q->rowCount() > 0) {
echo '<span style="font-size: 1.2em; font-weight: bold;">';
echo i18n("You have been assigned to a judging team. %1Click here%2 to view the judging schedule",
array("<a href=\"judge_schedule.php\">","</a>"));

2
judge_project_summary.php
View File

@ -51,7 +51,7 @@ $sq = $pdo->prepare("SELECT firstname,lastname,school FROM students
$sq->execute();
$student = array();
while($si = $sq->fetch(PDO;;FETCH_OBJ)) {
while($si = $sq->fetch(PDO::FETCH_OBJ)) {
$student[] = $si->firstname.' '.$si->lastname;
$school = $si->school;
}

3
judge_schedule.php
View File

@ -107,7 +107,8 @@ while($t = $q->fetch(PDO::FETCH_ASSOC)) {
ORDER BY judges_teams_link.captain,users.lastname,users.firstname");
$qq->execute();
$t['members'] = array();
while(($mm = $qq->fetch(PDO::FETCH_ASSOC)) {
while(($mm = $qq->fetch(PDO::FETCH_ASSOC))) {
$t['members'][] = $mm;
}

2
judge_special_awards.php
View File

@ -26,6 +26,8 @@
require_once('user.inc.php');
require_once('judge.inc.php');
global $pdo;
/* Sort out who we're editting */
if(get_value_from_array($_POST, 'users_id'))
$eid = intval($_POST['users_id']); /* From a save form */

10
projects.inc.php
View File

@ -67,7 +67,7 @@ function getProjectsEligibleForAward($award_id)
function getLanguagesOfProjectsEligibleForAward($award_id)
{
global $config;
global $config, $pdo;
$prjq=$pdo->prepare("SELECT DISTINCT(projects.language) AS language
FROM
@ -125,7 +125,7 @@ function getProjectsEligibleOrNominatedForAwards($awards_ids_array)
function getSpecialAwardsEligibleForProject($projectid)
{
global $config;
global $config, $pdo;
$awardsq=$pdo->prepare("SELECT
award_awards.id,
@ -229,8 +229,7 @@ function getNominatedForNoSpecialAwardsForProject($projectid)
function getProjectsNominatedForSpecialAward($award_id)
{
global $config;
global $pdo;
global $config, $pdo;
//if they dont use special award nominations, then we will instead get all of the projects that
//are eligible for the award, instead of nominated for it.
@ -310,7 +309,7 @@ function getLanguagesOfProjectsNominatedForSpecialAward($award_id)
function getSpecialAwardsNominatedByRegistrationID($id)
{
global $config;
global $config, $pdo;
$awardq=$pdo->prepare("SELECT
award_awards.id,
@ -350,6 +349,7 @@ function getSpecialAwardsNominatedByRegistrationID($id)
function project_load($pid)
{
global $pdo;
/* Load this project */
$q = $pdo->prepare("SELECT * FROM projects WHERE id='$pid'");
$q->execute();

18
questions.inc.php
View File

@ -25,8 +25,8 @@
function questions_load_answers($section, $users_id)
{ global $pdo;
global $config;
{
global $pdo, $config;
$yearq=$pdo->prepare("SELECT `year` FROM users WHERE id='$users_id'");
$yearq->execute();
$yearr=$yearq->fetch(PDO::FETCH_OBJ);
@ -43,7 +43,8 @@ function questions_load_answers($section, $users_id)
}
function questions_load_questions($section, $year)
{ global $pdo;
{
global $pdo;
$q = $pdo->prepare('SELECT * FROM questions '.
"WHERE year='$year' ".
" AND section='$section' ".
@ -67,7 +68,7 @@ function questions_load_questions($section, $year)
function questions_save_answers($section, $id, $answers)
{
global $config;
global $config, $pdo;
$qs = questions_load_questions($section,$config['FAIRYEAR']);
$keys = array_keys($answers);
$q=$pdo->prepare("SELECT * FROM questions WHERE year='{$config['FAIRYEAR']}'");
@ -91,6 +92,7 @@ function questions_save_answers($section, $id, $answers)
function questions_find_question_id($section, $dbheading)
{
global $pdo;
$q = $pdo->prepare("SELECT id FROM questions WHERE ".
" section='$section' ".
" AND db_heading='$dbheading' ");
@ -169,6 +171,8 @@ function questions_parse_from_http_headers($array_name)
function questions_update_question($qs)
{
global $pdo;
$qs['ord'] = $qs['ord'] ?? '';
$stmt = $pdo->prepare("UPDATE questions SET
`question`='".$qs['question']."',
`type`='".$qs['type']."',
@ -181,7 +185,8 @@ function questions_update_question($qs)
}
function questions_save_new_question($qs, $year)
{ global $pdo;
{
global $pdo;
$stmt = $pdo->prepare("INSERT INTO questions ".
"(question,type,section,db_heading,required,ord,year) VALUES (".
"'".$qs['question']."',".
@ -206,8 +211,7 @@ function questions_save_new_question($qs, $year)
* all elements */
function questions_editor($section, $year, $array_name, $self)
{
global $config;
global $pdo;
global $config, $pdo;
if(get_value_from_array($_POST, 'action') == "save") {
$qs = questions_parse_from_http_headers('question');

8
register_participants.inc.php
View File

@ -355,8 +355,8 @@ function generateProjectNumber($registration_id)
* replacements below, without risking subsituting in a letter that may
* get replaced. */
foreach(array('number','sort') as $x) {
$p[$x]['str']=ereg_replace('[CcDd]', '{\\0}', $p[$x]['str']);
$p[$x]['str']=ereg_replace('(N|X)([0-9])?', '{\\0}', $p[$x]['str']);
$p[$x]['str']=preg_replace('[CcDd]', '{\\0}', $p[$x]['str']);
$p[$x]['str']=preg_replace('(N|X)([0-9])?', '{\\0}', $p[$x]['str']);
}
/* Do some replacements that we don' thave to do anything fancy with,
@ -427,7 +427,7 @@ function generateProjectNumber($registration_id)
if(in_array($n, $p[$x]['used'])) continue;
$r = sprintf("%'0{$p[$x]['seq_pad']}d", $n);
$str = ereg_replace("{(N|X)([0-9])?}", $r, $p[$x]['str']);
$str = preg_replace("{(N|X)([0-9])?}", $r, $p[$x]['str']);
$p[$x]['str'] = $str;
$p[$x]['n'] = $n;
break;
@ -438,7 +438,7 @@ function generateProjectNumber($registration_id)
* blindly use it */
if($p['number']['seq_type'] == $p['sort']['seq_type']) {
$r = sprintf("%'0{$p['sort']['seq_pad']}d", $n);
$p['sort']['str'] = ereg_replace("{(N|X)([0-9])?}", $r, $p['sort']['str']);
$p['sort']['str'] = preg_replace("{(N|X)([0-9])?}", $r, $p['sort']['str']);
$p['sort']['n'] = $n;
break;
}

20
register_participants.php
View File

@ -23,11 +23,12 @@
?>
<?
require("common.inc.php");
global $pdo;
$q = $pdo->query("SELECT (NOW()>'".$config['dates']['regopen']."' AND NOW()<'".$config['dates']['regclose']."') AS datecheck,
$q = $pdo->query("SELECT (NOW()>'".$config['dates']['regopen']."' AND NOW()<'".$config['dates']['regclose']."') AS datecheck,
NOW()<'".$config['dates']['regopen']."' AS datecheckbefore,
NOW()>'".$config['dates']['regclose']."' AS datecheckafter");
$datecheck = $q->fetch(PDO::FETCH_OBJ);
if(get_value_from_array($_POST, 'action') == "new") {
@ -38,15 +39,13 @@
$_SESSION['registration_number']=$r->num;
$_SESSION['registration_id']=$r->id;
$stmt = $pdo->prepare("INSERT INTO students (registrations_id,email,schools_id,year) VALUES ('$r->id','".$_SESSION['email']."','".$r->schools_id."','".$config['FAIRYEAR']."')");
$stmt = $pdo->prepare("UPDATE registrations SET status='open' WHERE id='$r->id'");
$stmt->execute();
$stmt->execute();
$stmt = $pdo->prepare("UPDATE registrations SET status='open' WHERE id='$r->id'");
$stmt->execute();
header("Location: register_participants_main.php");
exit;
}
else {
send_header("Participant Registration");
@ -203,12 +202,15 @@ $q->execute();
}
else if($config['participant_registration_type']=="singlepassword") {
$showsinglepasswordform=true;
if($_POST['singlepassword']) {
if(get_value_from_array($_POST, 'singlepassword')) {
if($_POST['singlepassword']==$config['participant_registration_singlepassword']) {
$allownew=true;
$showform=true;
$showsinglepasswordform=false;
}
else {
echo error(i18n("Invalid registration password, please try again"));
$allownew=false;

2
register_participants_emergencycontact.php
View File

@ -38,6 +38,8 @@
exit;
}
global $pdo;
$q=$pdo->prepare("SELECT registrations.id AS regid, students.id AS studentid, students.firstname FROM registrations,students ".
"WHERE students.email='".$_SESSION['email']."' ".
"AND registrations.num='".$_SESSION['registration_number']."' ".

2
register_participants_isefforms.php
View File

@ -24,6 +24,8 @@
require("common.inc.php");
include "register_participants.inc.php";
global $pdo;
//authenticate based on email address and registration number from the SESSION
if(!$_SESSION['email'])
{

2
register_participants_main.php
View File

@ -39,6 +39,8 @@
exit;
}
global $pdo;
$q=$pdo->prepare("SELECT registrations.status AS status, registrations.id AS regid, students.id AS studentid, students.firstname FROM registrations,students ".
"WHERE students.email='".$_SESSION['email']."' ".
"AND registrations.num='".$_SESSION['registration_number']."' ".

3
register_participants_mentor.php
View File

@ -37,6 +37,9 @@
exit;
}
global $pdo;
$q=$pdo->prepare("SELECT registrations.id AS regid, students.id AS studentid, students.firstname FROM registrations,students ".
"WHERE students.email='".$_SESSION['email']."' ".
"AND registrations.num='".$_SESSION['registration_number']."' ".

2
register_participants_namecheck.php
View File

@ -38,6 +38,8 @@
exit;
}
global $pdo;
$q=$pdo->prepare("SELECT * FROM students WHERE registrations_id='{$_SESSION['registration_id']}'");
show_pdo_errors_if_any($pdo);

2
register_participants_project.php
View File

@ -41,6 +41,8 @@
exit;
}
global $pdo;
$q=$pdo->prepare("SELECT registrations.id AS regid, students.id AS studentid, students.firstname FROM registrations,students ".
"WHERE students.email='".$_SESSION['email']."' ".
"AND registrations.num='".$_SESSION['registration_number']."' ".

6
register_participants_project_divisionselector.php
View File

@ -37,6 +37,8 @@
exit;
}
global $pdo;
$q=$pdo->prepare("SELECT registrations.id AS regid, students.id AS studentid, students.firstname FROM registrations,students ".
"WHERE students.email='".$_SESSION['email']."' ".
"AND registrations.num='".$_SESSION['registration_number']."' ".
@ -65,9 +67,9 @@ show_pdo_errors_if_any($pdo);
</head>testi-bg.jpg
<body>
<?
echo "<div id=\"emptypopup\">";testi-bg.jpg
echo "<div id=\"emptypopup\">";
if($_GET['division'])
if ($_GET['division'])
{
//FIXME: this only works when the division form uses ID's in order or their index AND the ID's are sequential starting from 1
?>

2
register_participants_safety.php
View File

@ -35,6 +35,8 @@
exit;
}
global $pdo;
$q=$pdo->prepare("SELECT registrations.id AS regid, students.id AS studentid, students.firstname FROM registrations,students ".
"WHERE students.email='".$_SESSION['email']."' ".
"AND registrations.num='".$_SESSION['registration_number']."' ".

5
register_participants_signature.php
View File

@ -24,9 +24,11 @@
<?
require("common.inc.php");
include "register_participants.inc.php";
include"./config/signaturepage_or_permissionform.php";
include "./config/signaturepage_or_permissionform.php";
require("lpdf.php");
global $pdo;
//anyone can access a sample, we dont need to be authenticated or anything for that
if($_GET['sample']) {
$registration_number=12345;
@ -45,6 +47,7 @@
exit;
}
$q=$pdo->prepare("SELECT registrations.id AS regid, students.id AS studentid, students.firstname FROM registrations,students ".
"WHERE students.email='".$_SESSION['email']."' ".
"AND registrations.num='".$_SESSION['registration_number']."' ".

1
register_participants_signature_tcpdf.php
View File

@ -26,6 +26,7 @@
require_once('register_participants.inc.php');
require_once('tcpdf.inc.php');
global $pdo;
//anyone can access a sample, we dont need to be authenticated or anything for that
if(get_value_from_array($_GET, 'sample')) {
$registration_number=12345;

2
register_participants_spawards.php
View File

@ -26,6 +26,8 @@
include "register_participants.inc.php";
include "projects.inc.php";
global $pdo;
//authenticate based on email address and registration number from the SESSION
if(!$_SESSION['email']) {
header("Location: register_participants.php");

10
register_participants_students.php
View File

@ -25,17 +25,23 @@
require("common.inc.php");
include "register_participants.inc.php";
define('_THISFILE', pathinfo(__FILE__, PATHINFO_BASENAME));
global $pdo;
//authenticate based on email address and registration number from the SESSION
if(!$_SESSION['email'])
{
header("Location: register_participants.php");
exit;
}
if(! ($_SESSION['registration_number'] && $_SESSION['registration_id']))
if(!($_SESSION['registration_number'] && $_SESSION['registration_id']))
{
header("Location: register_participants.php");
exit;
}
$fairyear = intval($config['FAIRYEAR']);
$q=$pdo->prepare("SELECT registrations.id AS regid, students.id AS studentid, students.firstname FROM registrations,students ".
"WHERE students.email='" . $_SESSION['email'] . "' ".
@ -363,7 +369,7 @@ if($config['participant_student_personal']=="yes")
echo "<tr>\n";
echo " <td>".i18n("Date of Birth")."</td><td>\n";
$year = null;
list($year,$month,$day)=explode("-",get_value_property_or_default($studentinfo,'dateofbirth', ''));
echo "<table><tr><td>";
emit_day_selector("day[$x]",$day);

2
register_participants_tours.php
View File

@ -24,6 +24,8 @@
<?
require("common.inc.php");
include "register_participants.inc.php";
global $pdo;
//authenticate based on email address and registration number from the SESSION
if(!$_SESSION['email'])

16
remote.php
View File

@ -31,6 +31,8 @@ require_once('fair_additional_materials.inc.php');
function handle_getstats(&$u, $fair,&$data, &$response)
{
global $pdo;
$year = $data['getstats']['year'];
/* Send back the stats we'd like to collect */
@ -47,6 +49,8 @@ function handle_getstats(&$u, $fair,&$data, &$response)
function handle_stats(&$u,$fair, &$data, &$response)
{
global $pdo;
$stats = $data['stats'];
foreach($stats as $k=>$v) {
$stats[$k] = $stats[$k];
@ -69,6 +73,8 @@ function handle_stats(&$u,$fair, &$data, &$response)
function handle_getawards(&$u, $fair, &$data, &$response)
{
global $pdo;
$awards = array();
$year = $data['getawards']['year'];
@ -133,7 +139,7 @@ function handle_getawards(&$u, $fair, &$data, &$response)
function award_upload_update_school(&$mysql_query, &$school, $school_id = -1)
{
global $pdo;
/* transport name => mysql name */
$school_fields = array( //'schoolname'=>'school',
'schoollang'=>'schoollang',
@ -172,6 +178,7 @@ function award_upload_update_school(&$mysql_query, &$school, $school_id = -1)
function award_upload_school(&$student, &$school, $year, &$response)
{
global $pdo;
$school_name = $school['schoolname'];
$school_city = $school['city'];
@ -209,6 +216,8 @@ function award_upload_school(&$student, &$school, $year, &$response)
function award_upload_assign(&$fair, &$award, &$prize, &$project, $year, &$response)
{
global $pdo;
$reg_email_needs_update = false;
$new_reg = false;
/* Copied from admin/award_upload.php, this is the
@ -340,7 +349,7 @@ function handle_award_upload(&$u, &$fair, &$data, &$response)
function handle_awards_upload(&$u, &$fair, &$data, &$response)
{
global $pdo;
// $response['debug'] = array_keys($data['awards_upload']);
// $response['error'] = 0;
// return;
@ -392,6 +401,7 @@ function handle_awards_upload(&$u, &$fair, &$data, &$response)
function handle_get_categories(&$u, &$fair, &$data, &$response)
{
global $pdo;
$year = intval($data['get_categories']['year']);
$cat = array();
$q=$pdo->prepare("SELECT * FROM projectcategories WHERE year='$year' ORDER BY id");
@ -408,6 +418,7 @@ function handle_get_categories(&$u, &$fair, &$data, &$response)
function handle_get_divisions(&$u, &$fair, &$data, &$response)
{
global $pdo;
$year = intval($data['get_divisions']['year']);
$div = array();
$q=$pdo->prepare("SELECT * FROM projectdivisions WHERE year='$year' ORDER BY id");
@ -422,6 +433,7 @@ function handle_get_divisions(&$u, &$fair, &$data, &$response)
function handle_award_additional_materials(&$u, &$fair, &$data, &$response)
{
global $pdo;
$year = intval($data['award_additional_materials']['year']);
$external_identifier = $data['award_additional_materials']['identifier'];

19
schoolaccess.php
View File

@ -2,7 +2,12 @@
require_once('common.inc.php');
require_once('user.inc.php');
if($_POST['schoolid'] && $_POST['accesscode'])
global $pdo;
$happymsg = null;
$errormsg = null;
if(get_value_from_array($_POST, 'schoolid') && get_value_from_array($_POST, 'accesscode'))
{
$q=$pdo->prepare("SELECT * FROM schools WHERE id='".$_POST['schoolid']."' AND accesscode='".$_POST['accesscode']."' AND year='".$config['FAIRYEAR']."'");
$q->execute();
@ -18,7 +23,7 @@ if($_POST['schoolid'] && $_POST['accesscode'])
$errormsg="Invalid School ID or Access Code";
}
if($_GET['action']=="logout")
if(get_value_from_array($_GET, 'action')=="logout")
{
unset($_SESSION['schoolid']);
unset($_SESSION['schoolaccesscode']);
@ -28,14 +33,14 @@ send_header("School Access");
if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode'])
if(get_value_from_array($_SESSION, 'schoolid') && $_SESSION['schoolaccesscode'])
{
$q=$pdo->prepare("SELECT * FROM schools WHERE id='".$_SESSION['schoolid']."' AND accesscode='".$_SESSION['schoolaccesscode']."' AND year='".$config['FAIRYEAR']."'");
$q->execute();
show_pdo_errors_if_any($pdo);
$school=$q->fetch(PDO::FETCH_OBJ);
if($school) {
if($_POST['action']=="save") {
if(get_value_from_array($_POST, 'action')=="save") {
/* Get info about science head */
$sciencehead_update = '';
@ -81,7 +86,7 @@ if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode'])
$stmt->execute();
show_pdo_errors_if_any($pdo);
if($pdo->errorInfo())
if(check_for_pdo_errors($pdo))
echo error(i18n("An Error occured trying to save the school information"));
else
echo happy(i18n("School information successfully updated"));
@ -116,11 +121,11 @@ if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode'])
$sh = array();
$sh_email = ($sh['email'] != '' && $sh['email'][0] != '*') ? $sh['email'] : '';
if($_POST['action']=="feedback")
if(get_value_from_array($_POST, 'action')=="feedback")
{
$body="";
$body.=date("r")."\n";
$body.=$_SERVER['REMOTE_ADDR']." (".$_SERVER['REMOTE_HOST'].")\n";
$body.=get_value_from_array($_SERVER,'REMOTE_ADDR')." (".get_value_from_array($_SERVER, 'REMOTE_HOST').")\n";
$body.="School ID: $school->id\n";
$body.="School Name: $school->school\n";
if($sh['name']) $body.="Science Teacher: {$sh['name']}\n";

2
schoolinvite.php
View File

@ -1,6 +1,8 @@
<?
include "common.inc.php";
global $pdo;
if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode'])
{
send_header("School Participant Invitations");

2
sponsor_main.php
View File

@ -28,6 +28,8 @@
user_auth_required('sponsor');
global $pdo;
send_header("Sponsor Main", array());
$u=user_load($_SESSION['users_id']);
//print_r($u);

12
tableeditor.class.php
View File

@ -365,6 +365,7 @@ class TableEditor
function getFieldType($f)
{
global $pdo;
$inputtype = '';
$inputmaxlen = 0;
$inputsize = 0;
@ -431,7 +432,7 @@ class TableEditor
//an enum is a select box, but we already know what the options should be
//so rip out the options right now and add them
$inputtype="select";
$enums=substr(ereg_replace("'","",$r->Type),5,-1);
$enums=substr(preg_replace("'","",$r->Type),5,-1);
$toks=explode(",",$enums);
foreach($toks as $tok)
{
@ -466,6 +467,7 @@ class TableEditor
function defaultLoad()
{
global $pdo;
$query="SELECT {$this->primaryKey}";
foreach($this->editfields AS $f=>$n)
$query.=", `$f`";
@ -480,6 +482,7 @@ class TableEditor
function defaultSave($insert_mode, $keyval, $editdata)
{
global $pdo;
$query = "";
if($insert_mode) {
$query="INSERT INTO `{$this->table}` (";
@ -516,6 +519,7 @@ class TableEditor
function defaultDelete($keyval)
{
global $pdo;
$stmt = $pdo->prepare("DELETE FROM {$this->table} WHERE {$this->primaryKey}='{$keyval}'");
$stmt->execute();
echo happy(i18n("Successfully deleted %1",array($this->recordType)));
@ -523,6 +527,7 @@ class TableEditor
function execute()
{
global $pdo;
if(get_value_from_array($_GET, 'TableEditorAction')=="sort" && $_GET['sort'])
{
$this->setSortField($_GET['sort']);
@ -662,7 +667,7 @@ class TableEditor
else
{
if($this->fieldValidation[$f])
$editdata[$f] = "'".$pdo->quote(stripslashes(ereg_replace($this->fieldValidation[$f],"",$_POST[$f])))."'";
$editdata[$f] = "'".$pdo->quote(stripslashes(preg_replace($this->fieldValidation[$f],"",$_POST[$f])))."'";
else
$editdata[$f] = "'".$pdo->quote(stripslashes($_POST[$f]))."'";
}
@ -697,9 +702,6 @@ class TableEditor
$text_happy = "saved";
}
// if($this->DEBUG) echo $query;
// mysql_query($query);
if($pdo->errorInfo())
{
echo error(i18n("Error $text_error %1: %2",array($this->recordType,$pdo->errorInfo())));

18
theme/new_default/sfiab.css
View File

@ -1,3 +1,7 @@
html{
overflow-x:hidden;
}
body
{
@ -7,8 +11,9 @@ body
padding: 0;
background: #E0E0FF;
background: #e0e0ff;
overflow-x:hidden;
height:100%;
}
input, textarea, select
@ -17,6 +22,10 @@ input, textarea, select
font-size: small;
}
table{
overflow-x:scroll;
}
td {
@ -455,8 +464,13 @@ div.ui-tabs ul.ui-tabs-nav {
color: #c0c0c0;
}
.tablesorter-headerRow{
background:black;
}
#registration_list{
background:black;
}
#menu-toggle-button{
display: none;
}

19
user.inc.php
View File

@ -93,11 +93,11 @@ function user_load_judge(&$u)
$u['years_national'] = intval($u['years_national']);
$u['willing_chair'] = ($u['willing_chair'] == 'yes') ? 'yes' : 'no';
$u['special_award_only'] = ($u['special_award_only'] == 'yes') ? 'yes' : 'no';
$u['cat_prefs'] = unserialize($u['cat_prefs']);
$u['div_prefs'] = unserialize($u['div_prefs']);
$u['divsub_prefs'] = unserialize($u['divsub_prefs']);
$u['cat_prefs'] = unserialize(get_value_from_array($u, 'cat_prefs', ''));
$u['div_prefs'] = unserialize(get_value_from_array($u, 'div_prefs', ''));
$u['divsub_prefs'] = unserialize(get_value_from_array($u, 'divsub_prefs', ''));
// $u['expertise_other'] = $u['expertise_other'];
$u['languages'] = unserialize($u['languages']);
$u['languages'] = unserialize(get_value_from_array($u, 'languages', ''));
// $u['highest_psd'] = $u['highest_psd'];
/* Sanity check the arrays, make sure they are arrays */
@ -348,6 +348,7 @@ function user_set_password($id, $password = NULL)
$query = "UPDATE users SET $set WHERE id='$id'";
$stmt = $pdo->prepare($query);
$stmt->execute();
show_pdo_errors_if_any($pdo);
return $password;
@ -384,8 +385,6 @@ function user_save_type_list($u, $db, $fields)
$stmt->execute();
if($pdo->errorInfo()) {
show_pdo_errors_if_any($pdo);
//FIXME Take advantage of this function
//echo error("Full query: $query");
}
}
}
@ -633,6 +632,7 @@ function user_delete($u, $type=false)
function user_purge($u, $type=false)
{
global $pdo;
$finish_purge = false;
if(!is_array($u)) {
@ -683,7 +683,7 @@ function user_purge($u, $type=false)
/* Duplicate a row in the users table, or any one of the users_* tables. */
function user_dupe_row($db, $key, $val, $newval)
{
global $config;
global $config, $pdo;
$nullfields = array('deleteddatetime'); /* Fields that can be null */
$q = $pdo->prepare("SELECT * FROM $db WHERE $key='$val'");
$q->execute();
@ -707,7 +707,6 @@ function user_dupe_row($db, $key, $val, $newval)
$vals = join(',', array_values($i));
$q = "INSERT INTO $db ($keys) VALUES ($vals)";
// echo "Dupe Query: [$q]";
$r = $pdo->prepare($q);
$r->execute();
show_pdo_errors_if_any($pdo);
@ -735,15 +734,15 @@ function user_dupe($u, $new_year)
echo "Cannot duplicate user ID {$u['id']}, they are deleted. Undelete them first.\n";
exit;
}
print($r->year);
if($r->year == $new_year) {
echo "Cannot duplicate user ID {$u['id']}, they already exist in year $new_year\n";
exit;
}
$id = user_dupe_row('users', 'id', $u['id'], NULL);
$q = $pdo->prepare("UPDATE users SET year='$new_year' WHERE id='$id'");
$q = $pdo->prepare("UPDATE users SET year = $new_year WHERE id = $id");
$q->execute();
/* Load the new user */
$u2 = user_load($id);

2
user_invite.php
View File

@ -25,6 +25,8 @@
require_once('common.inc.php');
require_once('user.inc.php');
global $pdo;
user_auth_required('committee', 'admin');
//include "judges.inc.php";

4
user_login.php
View File

@ -26,6 +26,8 @@
require_once("common.inc.php");
require_once("user.inc.php");
global $pdo;
function try_login($user, $pass)
{
global $pdo;
@ -65,6 +67,7 @@
/* See if the password matches */
/////// FIXME Use hash passwords
if($r->password != $pass) return false;
/* Login successful */
@ -96,6 +99,7 @@
$redirect = get_value_from_array($_GET, 'redirect');
$redirect_data = get_value_from_array($_GET, 'redirectdata');
switch($redirect) {
case 'roleadd':
$redirect_url = "&redirect=$redirect&redirectdata=$redirectdata";

13
user_new.php
View File

@ -26,6 +26,8 @@
require_once("common.inc.php");
require_once("user.inc.php");
global $pdo;
$type = $_GET['type'];
if(!in_array($type, $user_types)) {
send_header("Registration");
@ -34,8 +36,9 @@
exit;
}
$action = $_GET['action'];
if($action == '') $action = $_POST['action'];
$action = get_value_from_array($_GET, 'action');
if($action == '') $action = get_value_from_array($_POST, 'action');
switch($type) {
case 'volunteer':
@ -100,10 +103,10 @@
* this is the one time I wish php had a goto statement. */
switch($action) {
case 'new':
$data_fn = stripslashes($_POST['fn']);
$data_ln = stripslashes($_POST['ln']);
$data_fn = $pdo->quote(stripslashes($_POST['fn']));
$data_ln = $pdo->quote(stripslashes($_POST['ln']));
$data_email = stripslashes($_POST['email']);
$sql_email = $data_email;
$sql_email = $pdo->quote($data_email);
$registrationpassword = $_POST['registrationpassword'];
/* Check the registration singlepassword */

1
user_password.php
View File

@ -26,6 +26,7 @@
require_once("common.inc.php");
require_once("user.inc.php");
global $pdo;
$type = false;
if(isset($_SESSION['users_type'])) {

3
user_personal.php
View File

@ -270,7 +270,6 @@ item($u, 'salutation');
echo "</tr>\n";
echo "<tr>\n";
item($u, 'username', '(if different from Email)');
item($u, 'password');
echo "</tr>\n";
echo "<tr>\n";
item($u, 'address');
@ -352,7 +351,7 @@ echo "</table>";
if(in_array('committee', $u['types'])) {
echo "<table class='user-info-table'>";
echo "<tr><td>".i18n("Email (Private)").":</td><td><input type=\"text\" name=\"emailprivate\" value=\"{$u['emailprivate']}\" /></td></tr>\n";
echo "<tr><td>".i18n("Email (Private)").":</td><td><input type=\"text\" name=\"emailprivate\" value=\"{$u['emailprivate']}\" /></td></tr>\n";
echo "<tr><td>".i18n("Display Emails").":</td><td>";
if($u['displayemail']=="no") $checked="checked=\"checked\""; else $checked="";
echo "<input type=\"radio\" name=\"displayemail\" value=\"no\" $checked />".i18n("No");

4
volunteer.inc.php
View File

@ -27,7 +27,7 @@
function volunteer_status_position($u)
{
global $config;
global $config, $pdo;
/* See if they have selected something */
$q = "SELECT * FROM volunteer_positions_signup WHERE users_id='{$u['id']}'
AND year='{$config['FAIRYEAR']}'";
@ -41,7 +41,7 @@ function volunteer_status_position($u)
function volunteer_status_update(&$u)
{
global $config;
global $config, $pdo;
if( user_personal_info_status($u) == 'complete'
&& volunteer_status_position($u) == 'complete' )

1
volunteer_position.php
View File

@ -27,6 +27,7 @@
require_once("user.inc.php");
require_once("volunteer.inc.php");
global $pdo;
if($_SESSION['embed'] == true) {
$u = user_load($_SESSION['embed_edit_id']);

10
winners.php
View File

@ -26,6 +26,8 @@
require("projects.inc.php");
require_once('helper.inc.php');
global $pdo;
send_header("Winners");
if(get_value_from_array($_GET, 'edit')) $edit=$_GET['edit'];
@ -75,6 +77,7 @@ if(get_value_from_array($_GET, 'year') && get_value_from_array($_GET, 'type')) {
ORDER BY
awards_order");
$q->execute();
show_pdo_errors_if_any($pdo);
if($q->rowCount())
@ -116,7 +119,8 @@ if(get_value_from_array($_GET, 'year') && get_value_from_array($_GET, 'type')) {
}
// Still have to find the PDO equivalent
//mysql_data_seek($pq, 0);
$pq->fetch(PDO::FETCH_ORI_ABS(0));
//FIXME https://stackoverflow.com/questions/15637291/how-use-mysql-data-seek-with-pdo
$pq->fetch(PDO::FETCH_ORI_ABS);
}
if($show_unawarded_awards=="yes" || $awarded_count > 0)
{
@ -232,7 +236,8 @@ if(get_value_from_array($_GET, 'year') && get_value_from_array($_GET, 'type')) {
}
}
else
{ $q = $pdo->query("SELECT
{
$q = $pdo->prepare("SELECT
DISTINCT(winners.year) AS year,
dates.date
FROM
@ -244,6 +249,7 @@ else
AND dates.date<=NOW()
ORDER BY
year DESC");
$q->execute();
$first=true;
if($q->rowCount())