Resolve issues with awards management

Resolve issue with judge registration
Fix tabs not loading correctly
2025-02-08 03:56:52 +00:00 · 2025-02-08 01:38:28 +00:00 · 2025-02-07 21:48:14 +00:00 · 2025-02-07 20:53:05 +00:00 · 2025-02-07 20:48:27 +00:00 · 2025-02-07 03:52:52 +00:00
1004 changed files with 43794 additions and 317248 deletions
--- a/.devcontainer/.gitignore
+++ b/.devcontainer/.gitignore
@ -0,0 +1 @@
 data/
--- a/.devcontainer/Dockerfile
+++ b/.devcontainer/Dockerfile
@ -0,0 +1,15 @@
 FROM mcr.microsoft.com/devcontainers/php:1-8.2-bookworm
 # Install MariaDB client
 RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
    && apt-get install -y mariadb-client \ 
    && apt-get clean -y && rm -rf /var/lib/apt/lists/*
 # Install php-mysql driver
 RUN docker-php-ext-install pdo pdo_mysql
 # [Optional] Uncomment this section to install additional OS packages.
 RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
     && apt-get -y install --no-install-recommends imagemagick
 # [Optional] Uncomment this line to install global node packages.
 # RUN su vscode -c "source /usr/local/share/nvm/nvm.sh && npm install -g <your-package-here>" 2>&1
--- a/.devcontainer/config.inc.php.example
+++ b/.devcontainer/config.inc.php.example
@ -5,7 +5,6 @@
   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
   Copyright (C) 2005 James Grant <james@lightbox.org>
   Copyright (C) 2009 David Grant <dave@lightbox.org>
   This program is free software; you can redistribute it and/or
   modify it under the terms of the GNU General Public
@ -21,13 +20,10 @@
   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
   Boston, MA 02111-1307, USA.
 */
-
+?>
-function activities_status(&$u)
+<?
-{
+$DBHOST=		"db";
-	global $config;
+$DBNAME=		"mariadb";
-
+$DBUSER=		"mariadb";
-	/* They must select a language */
+$DBPASS=		"mariadb";
-	if(count($u['languages']) < 1) return 'incomplete';
+?>
 	return 'complete';
 }
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@ -0,0 +1,29 @@
 // For format details, see https://aka.ms/devcontainer.json. For config options, see the
 // README at: https://github.com/devcontainers/templates/tree/main/src/php-mariadb
 {
 	"name": "PHP & MariaDB",
 	"dockerComposeFile": "docker-compose.yml",
 	"service": "app",
 	"workspaceFolder": "/workspaces/${localWorkspaceFolderBasename}",
 	// Features to add to the dev container. More info: https://containers.dev/features.
 	// "features": {},
 	// For use with PHP or Apache (e.g.php -S localhost:8080 or apache2ctl start)
 	"forwardPorts": [80, 3306],
 	// Use 'postCreateCommand' to run commands after the container is created.
 	// "postCreateCommand": "sudo chmod a+x \"$(pwd)\" && sudo rm -rf /var/www/html && sudo ln -s \"$(pwd)\" /var/www/html"
 	// Configure tool-specific properties.
 	"customizations": {
 		"vscode": {
 			"extensions": [
 				"lkrms.pretty-php"
 			]
 		}
 	},
 	// Uncomment to connect as root instead. More info: https://aka.ms/dev-containers-non-root.
 	// "remoteUser": "root"
 }
--- a/.devcontainer/docker-compose.yml
+++ b/.devcontainer/docker-compose.yml
@ -0,0 +1,35 @@
 services: 
  app:
    build:
      context: .
      dockerfile: Dockerfile
    volumes:
      - ../..:/workspaces:cached
    # Overrides default command so things don't shut down after the process ends.
    command: sleep infinity
    # Runs app on the same network as the database container, allows "forwardPorts" in devcontainer.json function.
    network_mode: service:db
    # Use "forwardPorts" in **devcontainer.json** to forward an app port locally. 
    # (Adding the "ports" property to this file will not forward from a Codespace.)
    depends_on:
      - db
  db:
    image: mariadb:11.6
    restart: unless-stopped
    volumes:
      - mariadb-data:/var/lib/mysql
    environment:
      MYSQL_ROOT_PASSWORD: mariadb
      MYSQL_DATABASE: mariadb
      MYSQL_USER: mariadb
      MYSQL_PASSWORD: mariadb
    # Add "forwardPorts": ["3306"] to **devcontainer.json** to forward MariaDB locally.
    # (Adding the "ports" property to this file will not forward from a Codespace.)
 volumes:
  mariadb-data:
--- a/.devcontainer/science-ation-blank-generic.sql
+++ b/.devcontainer/science-ation-blank-generic.sql
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
 data/
--- a/.htaccess
+++ b/.htaccess
@ -6,5 +6,4 @@ RewriteCond %{SCRIPT_FILENAME} !-f
 RewriteCond %{SCRIPT_FILENAME} !-l
 RewriteCond %{SCRIPT_FILENAME} !-d
 RewriteRule ^web/(.*)$ cms.php?f=$1 [L]
 RewriteRule ^api/(.*)$ api.php?request=$1 [L]
--- a/Rmail/LICENSE.txt
+++ b/Rmail/LICENSE.txt
@ -1,6 +0,0 @@
 License for Rmail
 =================
 This software is covered by the PHPGuru License. You can read it, along with a few FAQs, here:
  http://www.phpguru.org/static/license.html
--- a/Rmail/RFC822.php
+++ b/Rmail/RFC822.php
@ -1,880 +0,0 @@
 <?php
    /**
    * o------------------------------------------------------------------------------o
    * | This package is licensed under the Phpguru license. A quick summary is       |
    * | that for commercial use, there is a small one-time licensing fee to pay. For |
    * | registered charities and educational institutes there is a reduced license   |
    * | fee available. You can read more  at:                                        |
    * |                                                                              |
    * |                  http://www.phpguru.org/static/license.html                  |
    * o------------------------------------------------------------------------------o
    *
    * © Copyright 2008,2009 Richard Heyes
    */
 /**
 * RFC 822 Email address list validation Utility
 *
 * What is it?
 *
 * This class will take an address string, and parse it into it's consituent
 * parts, be that either addresses, groups, or combinations. Nested groups
 * are not supported. The structure it returns is pretty straight forward,
 * and is similar to that provided by the imap_rfc822_parse_adrlist(). Use
 * print_r() to view the structure.
 *
 * How do I use it?
 *
 * $address_string = 'My Group: "Richard Heyes" <richard@localhost> (A comment), ted@example.com (Ted Bloggs), Barney;';
 * $structure = Mail_RFC822::parseAddressList($address_string, 'example.com', TRUE)
 * print_r($structure);
 */
 class Mail_RFC822
 {
    /**
     * The address being parsed by the RFC822 object.
     * @private string $address
     */
    private $address = '';
    /**
     * The default domain to use for unqualified addresses.
     * @private string $default_domain
     */
    private $default_domain = 'localhost';
    /**
     * Should we return a nested array showing groups, or flatten everything?
     * @private boolean $nestGroups
     */
    private $nestGroups = true;
    /**
     * Whether or not to validate atoms for non-ascii characters.
     * @private boolean $validate
     */
    private $validate = true;
    /**
     * The array of raw addresses built up as we parse.
     * @private array $addresses
     */
    private $addresses = array();
    /**
     * The final array of parsed address information that we build up.
     * @private array $structure
     */
    private $structure = array();
    /**
     * The current error message, if any.
     * @private string $error
     */
    private $error = null;
    /**
     * An internal counter/pointer.
     * @private integer $index
     */
    private $index = null;
    /**
     * The number of groups that have been found in the address list.
     * @private integer $num_groups
     * @access public
     */
    private $num_groups = 0;
    /**
     * A variable so that we can tell whether or not we're inside a
     * Mail_RFC822 object.
     * @private boolean $mailRFC822
     */
    private $mailRFC822 = true;
    /**
    * A limit after which processing stops
    * @private int $limit
    */
    private $limit = null;
    /**
     * Sets up the object. The address must either be set here or when
     * calling parseAddressList(). One or the other.
     *
     * @access public
     * @param string  $address         The address(es) to validate.
     * @param string  $default_domain  Default domain/host etc. If not supplied, will be set to localhost.
     * @param boolean $nest_groups     Whether to return the structure with groups nested for easier viewing.
     * @param boolean $validate        Whether to validate atoms. Turn this off if you need to run addresses through before encoding the personal names, for instance.
     * 
     * @return object Mail_RFC822 A new Mail_RFC822 object.
     */
    function __construct($address = null, $default_domain = null, $nest_groups = null, $validate = null, $limit = null)
    {
        if (isset($address))        $this->address        = $address;
        if (isset($default_domain)) $this->default_domain = $default_domain;
        if (isset($nest_groups))    $this->nestGroups     = $nest_groups;
        if (isset($validate))       $this->validate       = $validate;
        if (isset($limit))          $this->limit          = $limit;
    }
    /**
     * Starts the whole process. The address must either be set here
     * or when creating the object. One or the other.
     *
     * @access public
     * @param string  $address         The address(es) to validate.
     * @param string  $default_domain  Default domain/host etc.
     * @param boolean $nest_groups     Whether to return the structure with groups nested for easier viewing.
     * @param boolean $validate        Whether to validate atoms. Turn this off if you need to run addresses through before encoding the personal names, for instance.
     * 
     * @return array A structured array of addresses.
     */
    function parseAddressList($address = null, $default_domain = null, $nest_groups = null, $validate = null, $limit = null)
    {
        if (!isset($this->mailRFC822)) {
            $obj = new Mail_RFC822($address, $default_domain, $nest_groups, $validate, $limit);
            return $obj->parseAddressList();
        }
        if (isset($address))        $this->address        = $address;
        if (isset($default_domain)) $this->default_domain = $default_domain;
        if (isset($nest_groups))    $this->nestGroups     = $nest_groups;
        if (isset($validate))       $this->validate       = $validate;
        if (isset($limit))          $this->limit          = $limit;
        $this->structure  = array();
        $this->addresses  = array();
        $this->error      = null;
        $this->index      = null;
        while ($this->address = $this->_splitAddresses($this->address)) {
            continue;
        }
        if ($this->address === false || isset($this->error)) {
            return false;
        }
        // Reset timer since large amounts of addresses can take a long time to
        // get here
        set_time_limit(30);
        // Loop through all the addresses
        for ($i = 0; $i < count($this->addresses); $i++){
            if (($return = $this->_validateAddress($this->addresses[$i])) === false
                || isset($this->error)) {
                return false;
            }
            if (!$this->nestGroups) {
                $this->structure = array_merge($this->structure, $return);
            } else {
                $this->structure[] = $return;
            }
        }
        return $this->structure;
    }
    /**
     * Splits an address into seperate addresses.
     * 
     * @access private
     * @param string $address The addresses to split.
     * @return boolean Success or failure.
     */
    function _splitAddresses($address)
    {
        if (!empty($this->limit) AND count($this->addresses) == $this->limit) {
            return '';
        }
        if ($this->_isGroup($address) && !isset($this->error)) {
            $split_char = ';';
            $is_group   = true;
        } elseif (!isset($this->error)) {
            $split_char = ',';
            $is_group   = false;
        } elseif (isset($this->error)) {
            return false;
        }
        // Split the string based on the above ten or so lines.
        $parts  = explode($split_char, $address);
        $string = $this->_splitCheck($parts, $split_char);
        // If a group...
        if ($is_group) {
            // If $string does not contain a colon outside of
            // brackets/quotes etc then something's fubar.
            // First check there's a colon at all:
            if (strpos($string, ':') === false) {
                $this->error = 'Invalid address: ' . $string;
                return false;
            }
            // Now check it's outside of brackets/quotes:
            if (!$this->_splitCheck(explode(':', $string), ':'))
                return false;
            // We must have a group at this point, so increase the counter:
            $this->num_groups++;
        }
        // $string now contains the first full address/group.
        // Add to the addresses array.
        $this->addresses[] = array(
                                   'address' => trim($string),
                                   'group'   => $is_group
                                   );
        // Remove the now stored address from the initial line, the +1
        // is to account for the explode character.
        $address = trim(substr($address, strlen($string) + 1));
        // If the next char is a comma and this was a group, then
        // there are more addresses, otherwise, if there are any more
        // chars, then there is another address.
        if ($is_group && substr($address, 0, 1) == ','){
            $address = trim(substr($address, 1));
            return $address;
        } elseif (strlen($address) > 0) {
            return $address;
        } else {
            return '';
        }
        // If you got here then something's off
        return false;
    }
    /**
     * Checks for a group at the start of the string.
     * 
     * @access private
     * @param string $address The address to check.
     * @return boolean Whether or not there is a group at the start of the string.
     */
    function _isGroup($address)
    {
        // First comma not in quotes, angles or escaped:
        $parts  = explode(',', $address);
        $string = $this->_splitCheck($parts, ',');
        // Now we have the first address, we can reliably check for a
        // group by searching for a colon that's not escaped or in
        // quotes or angle brackets.
        if (count($parts = explode(':', $string)) > 1) {
            $string2 = $this->_splitCheck($parts, ':');
            return ($string2 !== $string);
        } else {
            return false;
        }
    }
    /**
     * A common function that will check an exploded string.
     * 
     * @access private
     * @param array $parts The exloded string.
     * @param string $char  The char that was exploded on.
     * @return mixed False if the string contains unclosed quotes/brackets, or the string on success.
     */
    function _splitCheck($parts, $char)
    {
        $string = $parts[0];
        for ($i = 0; $i < count($parts); $i++) {
            if ($this->_hasUnclosedQuotes($string)
                || $this->_hasUnclosedBrackets($string, '<>')
                || $this->_hasUnclosedBrackets($string, '[]')
                || $this->_hasUnclosedBrackets($string, '()')
                || substr($string, -1) == '\\') {
                if (isset($parts[$i + 1])) {
                    $string = $string . $char . $parts[$i + 1];
                } else {
                    $this->error = 'Invalid address spec. Unclosed bracket or quotes';
                    return false;
                }
            } else {
                $this->index = $i;
                break;
            }
        }
        return $string;
    }
    /**
     * Checks if a string has an unclosed quotes or not.
     * 
     * @access private
     * @param string $string The string to check.
     * @return boolean True if there are unclosed quotes inside the string, false otherwise.
     */
    function _hasUnclosedQuotes($string)
    {
        $string     = explode('"', $string);
        $string_cnt = count($string);
        for ($i = 0; $i < (count($string) - 1); $i++)
            if (substr($string[$i], -1) == '\\')
                $string_cnt--;
        return ($string_cnt % 2 === 0);
    }
    /**
     * Checks if a string has an unclosed brackets or not. IMPORTANT:
     * This function handles both angle brackets and square brackets;
     * 
     * @access private
     * @param string $string The string to check.
     * @param string $chars  The characters to check for.
     * @return boolean True if there are unclosed brackets inside the string, false otherwise.
     */
    function _hasUnclosedBrackets($string, $chars)
    {
        $num_angle_start = substr_count($string, $chars[0]);
        $num_angle_end   = substr_count($string, $chars[1]);
        $this->_hasUnclosedBracketsSub($string, $num_angle_start, $chars[0]);
        $this->_hasUnclosedBracketsSub($string, $num_angle_end, $chars[1]);
        if ($num_angle_start < $num_angle_end) {
            $this->error = 'Invalid address spec. Unmatched quote or bracket (' . $chars . ')';
            return false;
        } else {
            return ($num_angle_start > $num_angle_end);
        }
    }
    /**
     * Sub function that is used only by hasUnclosedBrackets().
     * 
     * @access private
     * @param string $string The string to check.
     * @param integer &$num    The number of occurences.
     * @param string $char   The character to count.
     * @return integer The number of occurences of $char in $string, adjusted for backslashes.
     */
    function _hasUnclosedBracketsSub($string, &$num, $char)
    {
        $parts = explode($char, $string);
        for ($i = 0; $i < count($parts); $i++){
            if (substr($parts[$i], -1) == '\\' || $this->_hasUnclosedQuotes($parts[$i]))
                $num--;
            if (isset($parts[$i + 1]))
                $parts[$i + 1] = $parts[$i] . $char . $parts[$i + 1];
        }
        return $num;
    }
    /**
     * Function to begin checking the address.
     *
     * @access private
     * @param string $address The address to validate.
     * @return mixed False on failure, or a structured array of address information on success.
     */
    function _validateAddress($address)
    {
        $is_group = false;
        if ($address['group']) {
            $is_group = true;
            // Get the group part of the name
            $parts     = explode(':', $address['address']);
            $groupname = $this->_splitCheck($parts, ':');
            $structure = array();
            // And validate the group part of the name.
            if (!$this->_validatePhrase($groupname)){
                $this->error = 'Group name did not validate.';
                return false;
            } else {
                // Don't include groups if we are not nesting
                // them. This avoids returning invalid addresses.
                if ($this->nestGroups) {
                    $structure = new stdClass;
                    $structure->groupname = $groupname;
                }
            }
            $address['address'] = ltrim(substr($address['address'], strlen($groupname . ':')));
        }
        // If a group then split on comma and put into an array.
        // Otherwise, Just put the whole address in an array.
        if ($is_group) {
            while (strlen($address['address']) > 0) {
                $parts       = explode(',', $address['address']);
                $addresses[] = $this->_splitCheck($parts, ',');
                $address['address'] = trim(substr($address['address'], strlen(end($addresses) . ',')));
            }
        } else {
            $addresses[] = $address['address'];
        }
        // Check that $addresses is set, if address like this:
        // Groupname:;
        // Then errors were appearing.
        if (!isset($addresses)){
            $this->error = 'Empty group.';
            return false;
        }
        for ($i = 0; $i < count($addresses); $i++) {
            $addresses[$i] = trim($addresses[$i]);
        }
        // Validate each mailbox.
        // Format could be one of: name <geezer@domain.com>
        //                         geezer@domain.com
        //                         geezer
        // ... or any other format valid by RFC 822.
        array_walk($addresses, array($this, 'validateMailbox'));
        // Nested format
        if ($this->nestGroups) {
            if ($is_group) {
                $structure->addresses = $addresses;
            } else {
                $structure = $addresses[0];
            }
        // Flat format
        } else {
            if ($is_group) {
                $structure = array_merge($structure, $addresses);
            } else {
                $structure = $addresses;
            }
        }
        return $structure;
    }
    /**
     * Function to validate a phrase.
     *
     * @access private
     * @param string $phrase The phrase to check.
     * @return boolean Success or failure.
     */
    function _validatePhrase($phrase)
    {
        // Splits on one or more Tab or space.
        $parts = preg_split('/[ \\x09]+/', $phrase, -1, PREG_SPLIT_NO_EMPTY);
        $phrase_parts = array();
        while (count($parts) > 0){
            $phrase_parts[] = $this->_splitCheck($parts, ' ');
            for ($i = 0; $i < $this->index + 1; $i++)
                array_shift($parts);
        }
        for ($i = 0; $i < count($phrase_parts); $i++) {
            // If quoted string:
            if (substr($phrase_parts[$i], 0, 1) == '"') {
                if (!$this->_validateQuotedString($phrase_parts[$i]))
                    return false;
                continue;
            }
            // Otherwise it's an atom:
            if (!$this->_validateAtom($phrase_parts[$i])) return false;
        }
        return true;
    }
    /**
     * Function to validate an atom which from rfc822 is:
     * atom = 1*<any CHAR except specials, SPACE and CTLs>
     * 
     * If validation ($this->validate) has been turned off, then
     * validateAtom() doesn't actually check anything. This is so that you
     * can split a list of addresses up before encoding personal names
     * (umlauts, etc.), for example.
     * 
     * @access private
     * @param string $atom The string to check.
     * @return boolean Success or failure.
     */
    function _validateAtom($atom)
    {
        if (!$this->validate) {
            // Validation has been turned off; assume the atom is okay.
            return true;
        }
        // Check for any char from ASCII 0 - ASCII 127
        if (!preg_match('/^[\\x00-\\x7E]+$/i', $atom, $matches)) {
            return false;
        }
        // Check for specials:
        if (preg_match('/[][()<>@,;\\:". ]/', $atom)) {
            return false;
        }
        // Check for control characters (ASCII 0-31):
        if (preg_match('/[\\x00-\\x1F]+/', $atom)) {
            return false;
        }
        return true;
    }
    /**
     * Function to validate quoted string, which is:
     * quoted-string = <"> *(qtext/quoted-pair) <">
     * 
     * @access private
     * @param string $qstring The string to check
     * @return boolean Success or failure.
     */
    function _validateQuotedString($qstring)
    {
        // Leading and trailing "
        $qstring = substr($qstring, 1, -1);
        // Perform check.
        return !(preg_match('/(.)[\x0D\\\\"]/', $qstring, $matches) && $matches[1] != '\\');
    }
    /**
     * Function to validate a mailbox, which is:
     * mailbox =   addr-spec         ; simple address
     *           / phrase route-addr ; name and route-addr
     * 
     * @access public
     * @param string &$mailbox The string to check.
     * @return boolean Success or failure.
     */
    function validateMailbox(&$mailbox)
    {
        // A couple of defaults.
        $phrase  = '';
        $comment = '';
        // Catch any RFC822 comments and store them separately
        $_mailbox = $mailbox;
        while (strlen(trim($_mailbox)) > 0) {
            $parts = explode('(', $_mailbox);
            $before_comment = $this->_splitCheck($parts, '(');
            if ($before_comment != $_mailbox) {
                // First char should be a (
                $comment    = substr(str_replace($before_comment, '', $_mailbox), 1);
                $parts      = explode(')', $comment);
                $comment    = $this->_splitCheck($parts, ')');
                $comments[] = $comment;
                // +1 is for the trailing )
                $_mailbox   = substr($_mailbox, strpos($_mailbox, $comment)+strlen($comment)+1);
            } else {
                break;
            }
        }
        for($i=0; $i<count(@$comments); $i++){
            $mailbox = str_replace('('.$comments[$i].')', '', $mailbox);
        }
        $mailbox = trim($mailbox);
        // Check for name + route-addr
        if (substr($mailbox, -1) == '>' && substr($mailbox, 0, 1) != '<') {
            $parts  = explode('<', $mailbox);
            $name   = $this->_splitCheck($parts, '<');
            $phrase     = trim($name);
            $route_addr = trim(substr($mailbox, strlen($name.'<'), -1));
            if ($this->_validatePhrase($phrase) === false || ($route_addr = $this->_validateRouteAddr($route_addr)) === false)
                return false;
        // Only got addr-spec
        } else {
            // First snip angle brackets if present.
            if (substr($mailbox,0,1) == '<' && substr($mailbox,-1) == '>')
                $addr_spec = substr($mailbox,1,-1);
            else
                $addr_spec = $mailbox;
            if (($addr_spec = $this->_validateAddrSpec($addr_spec)) === false)
                return false;
        }
        // Construct the object that will be returned.
        $mbox = new stdClass();
        // Add the phrase (even if empty) and comments
        $mbox->personal = $phrase;
        $mbox->comment  = isset($comments) ? $comments : array();
        if (isset($route_addr)) {
            $mbox->mailbox = $route_addr['local_part'];
            $mbox->host    = $route_addr['domain'];
            $route_addr['adl'] !== '' ? $mbox->adl = $route_addr['adl'] : '';
        } else {
            $mbox->mailbox = $addr_spec['local_part'];
            $mbox->host    = $addr_spec['domain'];
        }
        $mailbox = $mbox;
        return true;
    }
    /**
     * This function validates a route-addr which is:
     * route-addr = "<" [route] addr-spec ">"
     *
     * Angle brackets have already been removed at the point of
     * getting to this function.
     * 
     * @access private
     * @param string $route_addr The string to check.
     * @return mixed False on failure, or an array containing validated address/route information on success.
     */
    function _validateRouteAddr($route_addr)
    {
        // Check for colon.
        if (strpos($route_addr, ':') !== false) {
            $parts = explode(':', $route_addr);
            $route = $this->_splitCheck($parts, ':');
        } else {
            $route = $route_addr;
        }
        // If $route is same as $route_addr then the colon was in
        // quotes or brackets or, of course, non existent.
        if ($route === $route_addr){
            unset($route);
            $addr_spec = $route_addr;
            if (($addr_spec = $this->_validateAddrSpec($addr_spec)) === false) {
                return false;
            }
        } else {
            // Validate route part.
            if (($route = $this->_validateRoute($route)) === false) {
                return false;
            }
            $addr_spec = substr($route_addr, strlen($route . ':'));
            // Validate addr-spec part.
            if (($addr_spec = $this->_validateAddrSpec($addr_spec)) === false) {
                return false;
            }
        }
        if (isset($route)) {
            $return['adl'] = $route;
        } else {
            $return['adl'] = '';
        }
        $return = array_merge($return, $addr_spec);
        return $return;
    }
    /**
     * Function to validate a route, which is:
     * route = 1#("@" domain) ":"
     * 
     * @access private
     * @param string $route The string to check.
     * @return mixed False on failure, or the validated $route on success.
     */
    function _validateRoute($route)
    {
        // Split on comma.
        $domains = explode(',', trim($route));
        for ($i = 0; $i < count($domains); $i++) {
            $domains[$i] = str_replace('@', '', trim($domains[$i]));
            if (!$this->_validateDomain($domains[$i])) return false;
        }
        return $route;
    }
    /**
     * Function to validate a domain, though this is not quite what
     * you expect of a strict internet domain.
     *
     * domain = sub-domain *("." sub-domain)
     * 
     * @access private
     * @param string $domain The string to check.
     * @return mixed False on failure, or the validated domain on success.
     */
    function _validateDomain($domain)
    {
        // Note the different use of $subdomains and $sub_domains                        
        $subdomains = explode('.', $domain);
        while (count($subdomains) > 0) {
            $sub_domains[] = $this->_splitCheck($subdomains, '.');
            for ($i = 0; $i < $this->index + 1; $i++)
                array_shift($subdomains);
        }
        for ($i = 0; $i < count($sub_domains); $i++) {
            if (!$this->_validateSubdomain(trim($sub_domains[$i])))
                return false;
        }
        // Managed to get here, so return input.
        return $domain;
    }
    /**
     * Function to validate a subdomain:
     *   subdomain = domain-ref / domain-literal
     * 
     * @access private
     * @param string $subdomain The string to check.
     * @return boolean Success or failure.
     */
    function _validateSubdomain($subdomain)
    {
        if (preg_match('|^\[(.*)]$|', $subdomain, $arr)){
            if (!$this->_validateDliteral($arr[1])) return false;
        } else {
            if (!$this->_validateAtom($subdomain)) return false;
        }
        // Got here, so return successful.
        return true;
    }
    /**
     * Function to validate a domain literal:
     *   domain-literal =  "[" *(dtext / quoted-pair) "]"
     * 
     * @access private
     * @param string $dliteral The string to check.
     * @return boolean Success or failure.
     */
    function _validateDliteral($dliteral)
    {
        return !preg_match('/(.)[][\x0D\\\\]/', $dliteral, $matches) && $matches[1] != '\\';
    }
    /**
     * Function to validate an addr-spec.
     *
     * addr-spec = local-part "@" domain
     * 
     * @access private
     * @param string $addr_spec The string to check.
     * @return mixed False on failure, or the validated addr-spec on success.
     */
    function _validateAddrSpec($addr_spec)
    {
        $addr_spec = trim($addr_spec);
        // Split on @ sign if there is one.
        if (strpos($addr_spec, '@') !== false) {
            $parts      = explode('@', $addr_spec);
            $local_part = $this->_splitCheck($parts, '@');
            $domain     = substr($addr_spec, strlen($local_part . '@'));
        // No @ sign so assume the default domain.
        } else {
            $local_part = $addr_spec;
            $domain     = $this->default_domain;
        }
        if (($local_part = $this->_validateLocalPart($local_part)) === false) return false;
        if (($domain     = $this->_validateDomain($domain)) === false) return false;
        // Got here so return successful.
        return array('local_part' => $local_part, 'domain' => $domain);
    }
    /**
     * Function to validate the local part of an address:
     *   local-part = word *("." word)
     * 
     * @access private
     * @param string $local_part
     * @return mixed False on failure, or the validated local part on success.
     */
    function _validateLocalPart($local_part)
    {
        $parts = explode('.', $local_part);
        // Split the local_part into words.
        while (count($parts) > 0){
            $words[] = $this->_splitCheck($parts, '.');
            for ($i = 0; $i < $this->index + 1; $i++) {
                array_shift($parts);
            }
        }
        // Validate each word.
        for ($i = 0; $i < count($words); $i++) {
            if ($this->_validatePhrase(trim($words[$i])) === false) return false;
        }
        // Managed to get here, so return the input.
        return $local_part;
    }
    /**
    * Returns an approximate count of how many addresses are
    * in the given string. This is APPROXIMATE as it only splits
    * based on a comma which has no preceding backslash. Could be
    * useful as large amounts of addresses will end up producing
    * *large* structures when used with parseAddressList().
    *
    * @param  string $data Addresses to count
    * @return int          Approximate count
    */
    function approximateCount($data)
    {
        return count(preg_split('/(?<!\\\\),/', $data));
    }
    /**
    * This is a email validating function seperate to the rest
    * of the class. It simply validates whether an email is of
    * the common internet form: <user>@<domain>. This can be
    * sufficient for most people. Optional stricter mode can
    * be utilised which restricts mailbox characters allowed
    * to alphanumeric, full stop, hyphen and underscore.
    *
    * @param  string  $data   Address to check
    * @param  boolean $strict Optional stricter mode
    * @return mixed           False if it fails, an indexed array
    *                         username/domain if it matches
    */
    function isValidInetAddress($data, $strict = false)
    {
        $regex = $strict ? '/^([.0-9a-z_-]+)@(([0-9a-z-]+\.)+[0-9a-z]{2,4})$/i' : '/^([*+!.&#$|\'\\%\/0-9a-z^_`{}=?~:-]+)@(([0-9a-z-]+\.)+[0-9a-z]{2,4})$/i';
        if (preg_match($regex, trim($data), $matches)) {
            return array($matches[1], $matches[2]);
        } else {
            return false;
        }
    }
 }
 ?>
--- a/Rmail/Rmail.php
+++ b/Rmail/Rmail.php
--- a/Rmail/mimePart.php
+++ b/Rmail/mimePart.php
@ -1,313 +0,0 @@
 <?php
    /**
    * o------------------------------------------------------------------------------o
    * | This package is licensed under the Phpguru license. A quick summary is       |
    * | that for commercial use, there is a small one-time licensing fee to pay. For |
    * | registered charities and educational institutes there is a reduced license   |
    * | fee available. You can read more  at:                                        |
    * |                                                                              |
    * |                  http://www.phpguru.org/static/license.html                  |
    * o------------------------------------------------------------------------------o
    *
    * © Copyright 2008,2009 Richard Heyes
    */
 /**
 *
 *  Raw mime encoding class
 *
 * What is it?
 *   This class enables you to manipulate and build
 *   a mime email from the ground up.
 *
 * Why use this instead of mime.php?
 *   mime.php is a userfriendly api to this class for
 *   people who aren't interested in the internals of
 *   mime mail. This class however allows full control
 *   over the email.
 *
 * Eg.
 *
 * // Since multipart/mixed has no real body, (the body is
 * // the subpart), we set the body argument to blank.
 *
 * $params['content_type'] = 'multipart/mixed';
 * $email = new Mail_mimePart('', $params);
 *
 * // Here we add a text part to the multipart we have
 * // already. Assume $body contains plain text.
 *
 * $params['content_type'] = 'text/plain';
 * $params['encoding']     = '7bit';
 * $text = $email->addSubPart($body, $params);
 *
 * // Now add an attachment. Assume $attach is
 * the contents of the attachment
 *
 * $params['content_type'] = 'application/zip';
 * $params['encoding']     = 'base64';
 * $params['disposition']  = 'attachment';
 * $params['dfilename']    = 'example.zip';
 * $attach =& $email->addSubPart($body, $params);
 *
 * // Now build the email. Note that the encode
 * // function returns an associative array containing two
 * // elements, body and headers. You will need to add extra
 * // headers, (eg. Mime-Version) before sending.
 *
 * $email = $message->encode();
 * $email['headers'][] = 'Mime-Version: 1.0';
 *
 *
 * Further examples are available at http://www.phpguru.org
 *
 * TODO:
 *  - Set encode() to return the $obj->encoded if encode()
 *    has already been run. Unless a flag is passed to specifically
 *    re-build the message.
 *
 * @author  Richard Heyes <richard@phpguru.org>
 * @version $Revision: 1.3 $
 * @package Mail
 */
 class Mail_MIMEPart
 {
    /**
    * The encoding type of this part
    * @var string
    */
    private $encoding;
    /**
    * An array of subparts
    * @var array
    */
    private $subparts;
    /**
    * The output of this part after being built
    * @var string
    */
    private $encoded;
    /**
    * Headers for this part
    * @var array
    */
    private $headers;
    /**
    * The body of this part (not encoded)
    * @var string
    */
    private $body;
    /**
    * Constructor.
    *
    * Sets up the object.
    *
    * @param $body   - The body of the mime part if any.
    * @param $params - An associative array of parameters:
    *                  content_type - The content type for this part eg multipart/mixed
    *                  encoding     - The encoding to use, 7bit, 8bit, base64, or quoted-printable
    *                  cid          - Content ID to apply
    *                  disposition  - Content disposition, inline or attachment
    *                  dfilename    - Optional filename parameter for content disposition
    *                  description  - Content description
    *                  charset      - Character set to use
    * @access public
    */
    public function __construct($body = '', $params = array())
    {
        if (!defined('MAIL_MIMEPART_CRLF')) {
            define('MAIL_MIMEPART_CRLF', defined('MAIL_MIME_CRLF') ? MAIL_MIME_CRLF : "\r\n", true);
        }
        foreach ($params as $key => $value) {
            switch ($key) {
                case 'content_type':
                    $headers['Content-Type'] = $value . (isset($charset) ? '; charset="' . $charset . '"' : '');
                    break;
                case 'encoding':
                    $this->encoding = $value;
                    $headers['Content-Transfer-Encoding'] = $value;
                    break;
                case 'cid':
                    $headers['Content-ID'] = '<' . $value . '>';
                    break;
                case 'disposition':
                    $headers['Content-Disposition'] = $value . (isset($dfilename) ? '; filename="' . $dfilename . '"' : '');
                    break;
                case 'dfilename':
                    if (isset($headers['Content-Disposition'])) {
                        $headers['Content-Disposition'] .= '; filename="' . $value . '"';
                    } else {
                        $dfilename = $value;
                    }
                    break;
                case 'description':
                    $headers['Content-Description'] = $value;
                    break;
                case 'charset':
                    if (isset($headers['Content-Type'])) {
                        $headers['Content-Type'] .= '; charset="' . $value . '"';
                    } else {
                        $charset = $value;
                    }
                    break;
            }
        }
        // Default content-type
        if (!isset($headers['Content-Type'])) {
            $headers['Content-Type'] = 'text/plain';
        }
        // Default encoding
        if (!isset($this->encoding)) {
            $this->encoding = '7bit';
        }
        // Assign stuff to member variables
        $this->encoded  = array();
        $this->headers  = $headers;
        $this->body     = $body;
    }
    /**
    * Encodes and returns the email. Also stores
    * it in the encoded member variable
    *
    * @return An associative array containing two elements,
    *         body and headers. The headers element is itself
    *         an indexed array.
    */
    public function encode()
    {
        $encoded =& $this->encoded;
        if (!empty($this->subparts)) {
            srand((double)microtime()*1000000);
            $boundary = '=_' . md5(uniqid(rand()) . microtime());
            $this->headers['Content-Type'] .= ';' . MAIL_MIMEPART_CRLF . "\t" . 'boundary="' . $boundary . '"';
            // Add body parts to $subparts
            for ($i = 0; $i < count($this->subparts); $i++) {
                $headers = array();
                $tmp = $this->subparts[$i]->encode();
                foreach ($tmp['headers'] as $key => $value) {
                    $headers[] = $key . ': ' . $value;
                }
                $subparts[] = implode(MAIL_MIMEPART_CRLF, $headers) . MAIL_MIMEPART_CRLF . MAIL_MIMEPART_CRLF . $tmp['body'];
            }
            $encoded['body'] = '--' . $boundary . MAIL_MIMEPART_CRLF .
                               implode('--' . $boundary . MAIL_MIMEPART_CRLF, $subparts) .
                               '--' . $boundary.'--' . MAIL_MIMEPART_CRLF;
        } else {
            $encoded['body'] = $this->getEncodedData($this->body, $this->encoding) . MAIL_MIMEPART_CRLF;
        }
        // Add headers to $encoded
        $encoded['headers'] =& $this->headers;
        return $encoded;
    }
    /**
    * Adds a subpart to current mime part and returns
    * a reference to it
    *
    * @param $body   The body of the subpart, if any.
    * @param $params The parameters for the subpart, same
    *                as the $params argument for constructor.
    * @return A reference to the part you just added.
    */
    public function addSubPart($body, $params)
    {
        $this->subparts[] = new Mail_MIMEPart($body, $params);
        return $this->subparts[count($this->subparts) - 1];
    }
    /**
    * Returns encoded data based upon encoding passed to it
    *
    * @param $data     The data to encode.
    * @param $encoding The encoding type to use, 7bit, base64,
    *                  or quoted-printable.
    */
    private function getEncodedData($data, $encoding)
    {
        switch ($encoding) {
            case '8bit':
            case '7bit':
                return $data;
                break;
            case 'quoted-printable':
                return $this->quotedPrintableEncode($data);
                break;
            case 'base64':
                return rtrim(chunk_split(base64_encode($data), 76, MAIL_MIMEPART_CRLF));
                break;
            default:
                return $data;
        }
    }
    /**
    * Encodes data to quoted-printable standard.
    *
    * @param $input    The data to encode
    * @param $line_max Optional max line length. Should
    *                  not be more than 76 chars
    */
    private function quotedPrintableEncode($input , $line_max = 76)
    {
        $lines  = preg_split("/\r?\n/", $input);
        $eol    = MAIL_MIMEPART_CRLF;
        $escape = '=';
        $output = '';
        while(list(, $line) = each($lines)){
            $linlen     = strlen($line);
            $newline = '';
            for ($i = 0; $i < $linlen; $i++) {
                $char = substr($line, $i, 1);
                $dec  = ord($char);
                if (($dec == 32) AND ($i == ($linlen - 1))){    // convert space at eol only
                    $char = '=20';
                } elseif($dec == 9) {
                    ; // Do nothing if a tab.
                } elseif(($dec == 61) OR ($dec < 32 ) OR ($dec > 126)) {
                    $char = $escape . strtoupper(sprintf('%02s', dechex($dec)));
                }
                if ((strlen($newline) + strlen($char)) >= $line_max) {        // MAIL_MIMEPART_CRLF is not counted
                    $output  .= $newline . $escape . $eol;                    // soft line break; " =\r\n" is okay
                    $newline  = '';
                }
                $newline .= $char;
            } // end of for
            $output .= $newline . $eol;
        }
        $output = substr($output, 0, -1 * strlen($eol)); // Don't want last crlf
        return $output;
    }
 } // End of class
 ?>
--- a/Rmail/smtp.php
+++ b/Rmail/smtp.php
@ -1,371 +0,0 @@
 <?php
    /**
    * o------------------------------------------------------------------------------o
    * | This package is licensed under the Phpguru license. A quick summary is       |
    * | that for commercial use, there is a small one-time licensing fee to pay. For |
    * | registered charities and educational institutes there is a reduced license   |
    * | fee available. You can read more  at:                                        |
    * |                                                                              |
    * |                  http://www.phpguru.org/static/license.html                  |
    * o------------------------------------------------------------------------------o
    *
    * © Copyright 2008,2009 Richard Heyes
    */
 define('SMTP_STATUS_NOT_CONNECTED', 1, true);
 define('SMTP_STATUS_CONNECTED', 2, true);
 class smtp
 {
    private $authenticated;
    private $connection;
    private $recipients;
    private $headers;
    private $timeout;
    private $errors;
    private $status;
    private $body;
    private $from;
    private $host;
    private $port;
    private $helo;
    private $auth;
    private $user;
    private $pass;
    /**
    * Constructor function. Arguments:
    * $params - An assoc array of parameters:
    *
    *   host    - The hostname of the smtp server		Default: localhost
    *   port    - The port the smtp server runs on		Default: 25
    *   helo    - What to send as the HELO command		Default: localhost
    *             (typically the hostname of the
    *             machine this script runs on)
    *   auth    - Whether to use basic authentication	Default: FALSE
    *   user    - Username for authentication			Default: <blank>
    *   pass    - Password for authentication			Default: <blank>
    *   timeout - The timeout in seconds for the call	Default: 5
    *             to fsockopen()
    */
    public function __construct($params = array())
    {
        if(!defined('CRLF'))
            define('CRLF', "\r\n", TRUE);
        $this->authenticated = FALSE;
        $this->timeout       = 5;
        $this->status        = SMTP_STATUS_NOT_CONNECTED;
        $this->host          = 'localhost';
        $this->port          = 25;
        $this->helo          = 'localhost';
        $this->auth          = FALSE;
        $this->user          = '';
        $this->pass          = '';
        $this->errors        = array();
        foreach($params as $key => $value){
            $this->$key = $value;
        }
    }
    /**
    * Connect function. This will, when called
    * statically, create a new smtp object, 
    * call the connect function (ie this function)
    * and return it. When not called statically,
    * it will connect to the server and send
    * the HELO command.
    */
    public function connect($params = array())
    {
        if (!isset($this->status)) {
            $obj = new smtp($params);
            if($obj->connect()){
                $obj->status = SMTP_STATUS_CONNECTED;
            }
            return $obj;
        } else {
            $this->connection = fsockopen($this->host, $this->port, $errno, $errstr, $this->timeout);
            if (function_exists('socket_set_timeout')) {
                @socket_set_timeout($this->connection, 5, 0);
            }
            $greeting = $this->get_data();
            if (is_resource($this->connection)) {
                return $this->auth ? $this->ehlo() : $this->helo();
            } else {
                $this->errors[] = 'Failed to connect to server: '.$errstr;
                return FALSE;
            }
        }
    }
    /**
    * Function which handles sending the mail.
    * Arguments:
    * $params	- Optional assoc array of parameters.
    *            Can contain:
    *              recipients - Indexed array of recipients
    *              from       - The from address. (used in MAIL FROM:),
    *                           this will be the return path
    *              headers    - Indexed array of headers, one header per array entry
    *              body       - The body of the email
    *            It can also contain any of the parameters from the connect()
    *            function
    */
    public function send($params = array())
    {
        foreach ($params as $key => $value) {
            $this->set($key, $value);
        }
        if ($this->is_connected()) {
            // Do we auth or not? Note the distinction between the auth variable and auth() function
            if ($this->auth AND !$this->authenticated) {
                if(!$this->auth())
                    return false;
            }
            $this->mail($this->from);
            if (is_array($this->recipients)) {
                foreach ($this->recipients as $value) {
                    $this->rcpt($value);
                }
            } else {
                $this->rcpt($this->recipients);
            }
            if (!$this->data()) {
                return false;
            }
            // Transparency
            $headers = str_replace(CRLF.'.', CRLF.'..', trim(implode(CRLF, $this->headers)));
            $body    = str_replace(CRLF.'.', CRLF.'..', $this->body);
            $body    = substr($body, 0, 1) == '.' ? '.'.$body : $body;
            $this->send_data($headers);
            $this->send_data('');
            $this->send_data($body);
            $this->send_data('.');
            $result = (substr(trim($this->get_data()), 0, 3) === '250');
            //$this->rset();
            return $result;
        } else {
            $this->errors[] = 'Not connected!';
            return FALSE;
        }
    }
    /**
    * Function to implement HELO cmd
    */
    private function helo()
    {
        if(is_resource($this->connection)
                AND $this->send_data('HELO '.$this->helo)
                AND substr(trim($error = $this->get_data()), 0, 3) === '250' ){
            return true;
        } else {
            $this->errors[] = 'HELO command failed, output: ' . trim(substr(trim($error),3));
            return false;
        }
    }
    /**
    * Function to implement EHLO cmd
    */
    private function ehlo()
    {
        if (is_resource($this->connection)
                AND $this->send_data('EHLO '.$this->helo)
                AND substr(trim($error = $this->get_data()), 0, 3) === '250' ){
            return true;
        } else {
            $this->errors[] = 'EHLO command failed, output: ' . trim(substr(trim($error),3));
            return false;
        }
    }
    /**
    * Function to implement RSET cmd
    */
    private function rset()
    {
        if (is_resource($this->connection)
                AND $this->send_data('RSET')
                AND substr(trim($error = $this->get_data()), 0, 3) === '250' ){
            return true;
        } else {
            $this->errors[] = 'RSET command failed, output: ' . trim(substr(trim($error),3));
            return false;
        }
    }
    /**
    * Function to implement QUIT cmd
    */
    private function quit()
    {
        if(is_resource($this->connection)
                AND $this->send_data('QUIT')
                AND substr(trim($error = $this->get_data()), 0, 3) === '221' ){
            fclose($this->connection);
            $this->status = SMTP_STATUS_NOT_CONNECTED;
            return true;
        } else {
            $this->errors[] = 'QUIT command failed, output: ' . trim(substr(trim($error),3));
            return false;
        }
    }
    /**
    * Function to implement AUTH cmd
    */
    private function auth()
    {
        if (is_resource($this->connection)
                AND $this->send_data('AUTH LOGIN')
                AND substr(trim($error = $this->get_data()), 0, 3) === '334'
                AND $this->send_data(base64_encode($this->user))			// Send username
                AND substr(trim($error = $this->get_data()),0,3) === '334'
                AND $this->send_data(base64_encode($this->pass))			// Send password
                AND substr(trim($error = $this->get_data()),0,3) === '235' ){
            $this->authenticated = true;
            return true;
        } else {
            $this->errors[] = 'AUTH command failed: ' . trim(substr(trim($error),3));
            return false;
        }
    }
    /**
    * Function that handles the MAIL FROM: cmd
    */
    private function mail($from)
    {
        if ($this->is_connected()
            AND $this->send_data('MAIL FROM:<'.$from.'>')
            AND substr(trim($this->get_data()), 0, 2) === '250' ) {
            return true;
        } else {
            return false;
        }
    }
    /**
    * Function that handles the RCPT TO: cmd
    */
    private function rcpt($to)
    {
        if($this->is_connected()
            AND $this->send_data('RCPT TO:<'.$to.'>')
            AND substr(trim($error = $this->get_data()), 0, 2) === '25' ){
            return true;
        } else {
            $this->errors[] = trim(substr(trim($error), 3));
            return false;
        }
    }
    /**
    * Function that sends the DATA cmd
    */
    private function data()
    {
        if($this->is_connected()
            AND $this->send_data('DATA')
            AND substr(trim($error = $this->get_data()), 0, 3) === '354' ) {
            return true;
        } else {
            $this->errors[] = trim(substr(trim($error), 3));
            return false;
        }
    }
    /**
    * Function to determine if this object
    * is connected to the server or not.
    */
    private function is_connected()
    {
        return (is_resource($this->connection) AND ($this->status === SMTP_STATUS_CONNECTED));
    }
    /**
    * Function to send a bit of data
    */
    private function send_data($data)
    {
        if(is_resource($this->connection)){
            return fwrite($this->connection, $data.CRLF, strlen($data)+2);
        } else {
            return false;
        }
    }
    /**
    * Function to get data.
    */
    private function get_data()
    {
        $return = '';
        $line   = '';
        $loops  = 0;
        if(is_resource($this->connection)){
            while((strpos($return, CRLF) === FALSE OR substr($line,3,1) !== ' ') AND $loops < 100){
                $line    = fgets($this->connection, 512);
                $return .= $line;
                $loops++;
            }
            return $return;
        }else
            return false;
    }
    /**
    * Sets a variable
    */    
    public function set($var, $value)
    {
        $this->$var = $value;
        return true;
    }
    /**
    * Function to return the errors array
    */
    public function getErrors()
    {
        return $this->errors;
    }
 } // End of class
 ?>
--- a/10
+++ b/10
@ -1,10 +0,0 @@
 - Make auto-logout on email address change work properly on the FIRST submit, not on first action after the submit
   - same for judges changing email address
 testing commit emails
 test two
 test three
 test four
 test five
 test six
 test seven
--- a/account.inc.php
+++ b/account.inc.php
@ -1,556 +0,0 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
   Copyright (C) 2010 David Grant <dave@lightbox.org>
   This program is free software; you can redistribute it and/or
   modify it under the terms of the GNU General Public
   License as published by the Free Software Foundation, version 2.
   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    General Public License for more details.
   You should have received a copy of the GNU General Public License
   along with this program; see the file COPYING.  If not, write to
   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
   Boston, MA 02111-1307, USA.
 */
 ?>
 <?
 function account_valid_user($user)
 {
 	/* Find any character that doesn't match the valid username characters
 	 * (^ inverts the matching remember */
 	$x = preg_match('[^a-zA-Z0-9@.-_]',$user);
 	/* If x==1, a match was found, and the input is bad */
 	return ($x == 1) ? false : true;
 }
 function account_valid_password($pass)
 {
 	/* Same as user, but allow more characters */
 	$x = preg_match('[^a-zA-Z0-9 ~!@#$%^&*()-_=+|;:,<.>/?]',$pass);
 	/* If x==1, a match was found, and the input is bad */
 	if($x == 1) return false;
 	if(strlen($pass) < 6) return false;
 	return true;
 }
 /* Duplicate of common.inc.php:generatePassword, which will be deleted 
 * eventually when ALL users are handled through this file */
 function account_generate_password($pwlen=8)
 {
        //these are good characters that are not easily confused with other characters :)
        $available="ABCDEFGHJKLMNPQRSTUVWXYZabcdefghjkmnpqrstuvwxyz23456789";
        $len=strlen($available) - 1;
        $key="";
        for($x=0;$x<$pwlen;$x++)
                $key.=$available{rand(0,$len)};
        return $key;
 }
 function account_set_password($accounts_id, $password = NULL)
 {
 	$save_old = false;
 	if($password == NULL) {
 		$q = mysql_query("SELECT passwordset FROM accounts WHERE id='$accounts_id'");
 		$a = mysql_fetch_assoc($q);
 		/* Generate a new password */
 		$password = account_generate_password(12);
 		/* save the old password only if it's not an auto-generated one */
 		if($a['passwordset'] != '0000-00-00') $save_old = true;
 		/* Expire the password */
 		$save_set = "'0000-00-00'";
 	} else {
 		/* Set the password, no expiry, save the old */
 		$save_old = true;
 		$save_set = 'NOW()';
 	}
 	$p = mysql_escape_string($password);
 	$set = ($save_old == true) ? 'oldpassword=password, ' : '';
 	$set .= "password='$p', passwordset=$save_set ";
 	$query = "UPDATE accounts SET $set WHERE id='$accounts_id'";
 	mysql_query($query);
 	echo mysql_error();
 	return $password;
 }
 function account_load($id)
 {
 	$id = intval($id);
 	//we dont want password or the pending email code in here 
 	$q = mysql_query("SELECT id,
 	username,
 	link_username_to_email,
 	passwordset,
 	email,
 	pendingemail,
 	superuser,
 	deleted,
 	deleted_datetime,
 	created
 	 FROM accounts WHERE id='$id'");
 	if(mysql_num_rows($q) == 0) {
 		return false;
 	}
 	if(mysql_num_rows($q) > 1) {
 		return false;
 	}
 	$a = mysql_fetch_assoc($q);
 	return $a;
 }
 function account_get_password($id) {
 	$id=intval($id);
 	$q=mysql_query("SELECT password FROM accounts WHERE id='$id'");
 	$r=mysql_fetch_object($q);
 	return $r->password;
 }
 function account_load_by_username($username)
 {
 	$un = mysql_real_escape_string($username);
 	$q = mysql_query("SELECT * FROM accounts WHERE username='$un'");
 	if(mysql_num_rows($q) == 0) {
 		return false;
 	}
 	if(mysql_num_rows($q) > 1) {
 		return false;
 	}
 	$a = mysql_fetch_assoc($q);
 	return $a;
 }
 function account_create($username,$password=NULL)
 {
 	global $config;
 	$errMsg = '';
 	/* Sanity check username */
 	if(!account_valid_user($username)) {
 		$errMsg .= i18n('Invalid user name "%1"', array($username)) . "\n";
 	}else{
 		/* Make sure the account doesn't exist */
 		$us = mysql_real_escape_string($username);
 		$q = mysql_query("SELECT * FROM accounts WHERE username='$us'");
 		if(mysql_num_rows($q)) {
 			$errMsg .= i18n("The username %1 is already in use", array($username)) . "\n";
 		}
 	}
 	//if the password is set, make sure its valid, if its null, thats OK, it'll get generated and set by account_set_password
 	if($password && !account_valid_password($password)) {
 		$errMsg .= i18n("Invalid password") . "\n";
 	}
 	if($errMsg != '') return $errMsg;
 	/* Create the account */
 	mysql_query("INSERT INTO accounts (`username`,`created`,`deleted`,`superuser`) 
 			VALUES ('$us', NOW(),'no','no')");
 	echo mysql_error();
 	$accounts_id = mysql_insert_id();
 	account_set_password($accounts_id, $password);
 	$a = account_load($accounts_id);
 	return $a;
 }
 function account_set_email($accounts_id,$email) {
 	global $config;
 	//we dont actually set the email until its confirmed, we only set the pending email :p
 	if(isEmailAddress($email)) {
 		$code=generatePassword(24);
 		mysql_query("UPDATE accounts SET email=NULL, pendingemail='".mysql_real_escape_string($email)."', pendingemailcode='$code' WHERE id='$accounts_id'");
 		$link = account_build_email_confirmation_link($accounts_id);
 		email_send('account_email_confirmation',$email,array(),array("EMAIL"=>$email,"EMAILCONFIRMATIONLINK"=>$link));
 	}
 }
 // generate the email confirmation URL.  Separated from account_set_email for use elsewhere.
 // returns null if no confirmation code is set for this account
 function account_build_email_confirmation_link($accounts_id){
 	global $config;
 	$q = mysql_query("SELECT pendingemail, pendingemailcode FROM accounts WHERE id = $accounts_id");
 	$row = mysql_fetch_assoc($q);
 	$code = $row['pendingemailcode'];
 	$email = $row['pendingemail'];
 	if(trim($code) == ''){
 		return null;
 	}
 	$urlproto = $_SERVER['SERVER_PORT'] == 443 ? "https://" : "http://";
 	$urlmain = "$urlproto{$_SERVER['HTTP_HOST']}{$config['SFIABDIRECTORY']}";
 	$urlemailconfirm = "emailconfirmation.php?i=$accounts_id&e=".rawurlencode($email)."&c=".$code;
 	return $urlmain."/".$urlemailconfirm;
 }
 // add the specified role to the account's user record for the specified conference
 // return true on success, false on failure
 function account_add_role($accounts_id, $roles_id, $conferences_id, $password = null){
 	global $config;
 	global $conference;
 	//if we get role as a type string instead of an id (eg, 'teacher'), lets just look it up
 	if(!is_numeric($roles_id)) {
 		$tq=mysql_query("SELECT id FROM roles WHERE type='".mysql_real_escape_string($roles_id)."'");
 		$tr=mysql_fetch_object($tq);
 		$roles_id=$tr->id;
 	}
 	// avoid injections
 	$accounts_id=intval($accounts_id);
 	$roles_id=intval($roles_id);
 	$conferences_id=intval($conferences_id);
 	$password=mysql_real_escape_string($password);
 	// make sure the specified id's actually exist
 	if(mysql_result(mysql_query("SELECT COUNT(*) FROM accounts WHERE id = $accounts_id"), 0) != 1){
 		return "invalidaccount";
 	}
 	if(mysql_result(mysql_query("SELECT COUNT(*) FROM roles WHERE id = $roles_id"), 0) != 1){
 		return "invalidrole";
 	}
 	if(mysql_result(mysql_query("SELECT COUNT(*) FROM conferences WHERE id = $conferences_id"), 0) != 1){
 		return "invalidconference";
 	}
 	// find out if this account has a user record for this conference
 	$data = mysql_fetch_array(mysql_query("
 		SELECT * FROM users
 		WHERE conferences_id = $conferences_id
 		AND accounts_id = $accounts_id
 	"));
 	if(is_array($data)){
 		// they do indeed have a user record for this conference.  Let's load it
 		$u = user_load($data['id']);
 		$users_id = $data['id'];
 	}else{
 		// They're not actually connected to this conference, let's hook 'em up
 		$u = user_create($accounts_id, $conferences_id);
 		$users_id = $u['id'];
 		// if this applies to their current session, update their session user id
 		if($_SESSION['accounts_id'] == $accounts_id && $_SESSION['conferences_id'] == $conferences_id){
 			$_SESSION['users_id'] = $users_id;
 		}
 	}
 	// we now have the user id that we need, let's check to see whether or not they
 	// already have the specified role.
 	if(mysql_result(mysql_query("SELECT COUNT(*) FROM user_roles WHERE users_id = $users_id AND roles_id = $roles_id"), 0) != 0){
 		// they already have this role.  shell_exec("man true");
 		return 'ok';
 	}
 	// see if this role conflicts with existing ones
 	if(!account_add_role_allowed($accounts_id, $conferences_id, $roles_id)){
 		return 'invalidrole(account_add_role_allowed)';
 	}
 	// get the type of the role (eg. "judge", "participant", etc.)
 	$role = mysql_result(mysql_query("SELECT type FROM roles WHERE id = $roles_id"), 0);
 	if($_SESSION['superuser']!='yes') {
 		// and see if it's a valid one for this conference
 		if(!array_key_exists($role . '_registration_type', $config)){
 			return 'invalidrole(_registration_type)';
 		}
 	}
 	if( in_array("admin",$_SESSION['roles']) ||
 		in_array("config",$_SESSION['roles']) ||
 		$_SESSION['superuser']=="yes")
 	{
 		//do nothing, we're logged in a a superuser, admin or config, so we
 		//dont want/need to check the types, just go ahead and invite them
 		//its easie than reversing the logic of the if above.
 	}
 	else {
 	// and let's see if we meet the conditions for the registration type
 	$error = "";
 	switch($config[$role . '_registration_type']){
 		case 'open':
 		case 'openorinvite':
 			// this is allowed.
 			break;
 		case 'singlepassword':
 			if($password != $config[$role . '_registration_singlepassword']){
 				$error = "invalidpassword";
 			}
 			break;
 		case 'schoolpassword':
 			if($password != null){
 				$schoolId = $u['schools_id'];
 				$schoolDat = mysql_fetch_assoc(mysql_query("SELECT registration_password FROM schools WHERE id=$schoolId"));
 				if(is_array($schoolDat)){
 					if($password == $schoolDat['registration_password']) $valid = true;
 					$error = "invalidpassword";
 				}
 			}
 			break;
 		case 'invite':
 			if( in_array("teacher",$_SESSION['roles']) && $role=='participant') {
 				//if they are a teacher, they can add a participant role a-ok
 				$error = '';
 			}
 			else {
 				$error = 'invalidrole(invite_only)';
 			}
 			break;
 	}
 	}
 	if($error != ""){
 		return $error;
 	}
 	// *whew* all conditions have been met.  Let's go ahead and create the record
 	if(!mysql_query("INSERT INTO user_roles (accounts_id, users_id, roles_id, active, complete) VALUES($accounts_id, $users_id, $roles_id, 'yes', 'no')")){
 		return "mysqlerror:" . mysql_error();
 	}
 	$a=account_load($accounts_id);
 	$password=account_get_password($accounts_id);
 	//in this case, we want to send to pendingemail if thats all we have, because
 	//its possible that this is a new user that was just added and we just sent
 	//the email confirmation email as well, so on new user invitation, they will get
 	//the invite email as well as the email confirmation email.
 	if($a['email']) $e=$a['email'];
 	else if($a['pendingemail']) $e=$a['pendingemail'];
 	email_send("{$role}_new_invite",
 			$e,
 			array("FAIRNAME"=>$conference['name']),
 			array("FAIRNAME"=>$conference['name'],
 				"EMAIL"=>$e,
 				"USERNAME"=>$a['username'],
 				"PASSWORD"=>$password,
 				"ROLE"=>$role)
 			);
 	// if we made it this far, the role was successfully added
 	return 'ok';
 }
 // find out if the specifed role can be added to this account at the specified conference
 function account_add_role_allowed($accounts_id, $roles_id, $conferences_id){
 	$returnval = true;
 	// avoid injections
 	$accounts_id *= 1;
 	$roles_id *= 1;
 	$conferences_id *= 1;
 	// get the user id for this account/conference
 	$userdat = mysql_fetch_assoc(mysql_query("SELECT id FROM users WHERE accounts_id = $accounts_id AND conferences_id = $conferences_id"));
 	// If this condition isn't met, then the account is not connected to the conference.
 	// In that case, the role can be allowed as there is no conflict.
 	if(is_array($userdat)){
 		$users_id = $userdat['id'];
 		// get the roles for the specified account at the specified conference
 		$query = mysql_query("
 			SELECT * FROM user_roles
 			WHERE users_id = $users_id
 		");
 		while($returnval && $row = mysql_fetch_assoc($query)){
 			switch($row['type']){
 				case 'participant':
 					// Student cant' add any other role
 					$returnval = false;
 					break;
 				default:
 					if($role == 'participant') {
 						// No role can add the participant role
 						$returnval = false;
 					}
 					// All other roles can coexist (even the fair role)
 					break;
 			}
 		}
 	}
 	return $returnval;
 }
 // remove the specified role from the account's user record for the specified conference
 // return true on success, false on failure
 function account_remove_role($accounts_id, $roles_id, $conferences_id){
 	// avoid injections
 	$accounts_id *= 1;
 	$roles_id *= 1;
 	$conferences_id *= 1;
 	// make sure the specified id's actually exist
 	if(mysql_result(mysql_query("SELECT COUNT(*) FROM accounts WHERE id = $accounts_id"), 0) != 1){
 		return "invalidaccount";
 	}
 	if(mysql_result(mysql_query("SELECT COUNT(*) FROM roles WHERE id = $roles_id"), 0) != 1){
 		return "invalidrole";
 	}
 	if(mysql_result(mysql_query("SELECT COUNT(*) FROM conferences WHERE id = $conferences_id"), 0) != 1){
 		return "invalidconference";
 	}
 	// very little error catching needed here.  If the role's there, we hopfully succeed in
 	// removing it.  If it's not, then we succeed in doing nothing
 	$data = mysql_fetch_array(mysql_query("
 		SELECT * FROM users
 		WHERE conferences_id = $conferences_id
 		AND accounts_id = $accounts_id
 	"));
 	if(is_array($data)){ 
 		// they do indeed have a user record for this conference.
 		$users_id = $data['id'];
 		// Do role-specific remove actions
 		$role = mysql_result(mysql_query("SELECT `type` FROM roles WHERE id = $roles_id"), 0);
 		switch($role) {
 			case 'committee':
 				mysql_query("DELETE FROM committees_link WHERE accounts_id='{$accounts_id}'");
 				break;
 			case 'judge':
 				mysql_query("DELETE FROM judges_teams_link WHERE users_id='$users_id'");
 				mysql_query("DELETE FROM judges_specialawards_sel WHERE users_id='$users_id'");
 				break;
 			default:
 				break;
 		}
 		// and now we can remove the role link itself
 		mysql_query("DELETE FROM user_roles WHERE roles_id={$roles_id} AND users_id='$users_id'");
 	}
 	return 'ok';
 }
 // A function for handling updates of any fields that can be modified through an API call.
 // returns 'ok' on success, error message otherwise.
 function account_update_info($fields){
 	if($_SESSION['accounts_id']) {
 		$accounts_id = $_SESSION['accounts_id'];
 	}else{
 		return 'you must be logged in to change your account settings';
 	}
 	if(!is_array($fields)) return 'account_update_info expects an array';
 	$message = 'ok';
 	$updates = array();
 	foreach($fields as $index => $value){
 		switch($index){
 			case 'username':
 				if(account_valid_user($value)){
 					$u = mysql_real_escape_string($value);
 					$q = mysql_query("SELECT id FROM accounts WHERE username = '$u' AND deleted = 'no' AND id != $accounts_id");
 					if(mysql_num_rows($q) != 0){
 						$message = "username already in use";
 					}else{
 						$updates[$index] = $value;
 					}
 				}else{
 					$message = "invalid username";
 				}
 				break;
 			case 'password':
 				$q = mysql_query("SELECT password FROM accounts WHERE id='$accounts_id' AND password='" . mysql_real_escape_string($value) . "'");
 				if(mysql_num_rows($q)){
 					// ignore this parameter.  The password has not changed
 				}else if(!account_valid_password($value)){
 					$message = "invalid password";
 				}else{
 					$updates[$index] = $value;
 				}
 				break;
 			case 'link_username_to_email':
 				if(in_array($value, array('yes', 'no'))){
 					if($value=='yes') {
 						//if its yes, we can only do it if username==email
 						if($fields['username']==$fields['email']) {
 							$updates[$index] = $value;
 						} else {
 							$message="username and email must match for link_username_toemail";
 						}
 					}
 					else {
 						$updates[$index] = $value;
 					}
 				}else{
 					$message = '"link_username_to_email" must be either a "yes" or "no" value';
 				}
 				break;
 			case 'email':
 				if(isEmailAddress($value)){
 					$updates[$index] = $value;
 				}else{
 					$message = 'invalid e-mail address';
 				}
 				break;
 			default:
 				$message = 'invalid field name';
 		}
 	}
 	if($message != 'ok'){
 		return $message;
 	}
 	// the data's all been validated, so we can continue with the actual update.
 	// doing it separately from the above loop to ensure that it's an all-or nothing update;
 	// none of it will happen if any one part is erroneous.
 	foreach($updates as $index => $value){
 		switch($index){
 			case 'username':
 				$username = mysql_real_escape_string($value);
 				mysql_query("UPDATE accounts SET username = '$username' WHERE id = $accounts_id");
 				break;
 			case 'password':
 				account_set_password($accounts_id, mysql_real_escape_string($value));
 				break;
 			case 'link_username_to_email':
 				mysql_query("UPDATE accounts SET link_username_to_email = '$value' WHERE id = $accounts_id");
 				break;
 			case 'email':
 				account_set_email($accounts_id, $value);
 				break;
 		}
 	}
 	return $message;
 }
 ?>
--- a/activities.php
+++ b/activities.php
@ -1,190 +0,0 @@
 <?php
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
   Copyright (C) 2005 James Grant <james@lightbox.org>
   This program is free software; you can redistribute it and/or
   modify it under the terms of the GNU General Public
   License as published by the Free Software Foundation, version 2.
   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    General Public License for more details.
   You should have received a copy of the GNU General Public License
   along with this program; see the file COPYING.  If not, write to
   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
   Boston, MA 02111-1307, USA.
 */
 ?>
 <?php
 require_once('common.inc.php');
 require_once('user.inc.php');
 require_once('activities.inc.php'); 
 require_once("questions.inc.php");
 require_once('user_edit.inc.php');
 /* Ensure they're logged in as a judge, volunteer or admin */
 user_auth_required(array(), array('judge', 'volunteer', 'admin'));
 $edit_id = isset($_GET['users_id']) ? intval($_GET['users_id']) : $_SESSION['users_id'];
 if($edit_id != $_SESSION['users_id']) 
 	user_auth_required('admin');
 else
 	user_auth_required();
 $u = user_load($edit_id);
 // load the times at which the various events are happening
 $times = array();
 $q = mysql_query("
 	SELECT schedule.id, date, hour, minute, duration, title
 	FROM schedule
 	JOIN events ON schedule.events_id = events.id
 	WHERE schedule.conferences_id = {$conference['id']}
 	ORDER BY date, hour, minute
 ");
 $x = 0;
 while($r = mysql_fetch_assoc($q)){
 	$dateParts = explode('-', $r['date']);
 	$startTime = mktime($r['hour'], $r['minute'], 0, $dateParts[1], $dateParts[2], $dateParts[0]);
 	$endTime = $startTime + $r['duration'] * 60;
 	$times[$r['id']] = array(
 		'date' => $r['date'],
 		'starttime' => date('g:ia', $startTime),
 		'endtime' => date('g:ia', $endTime),
 		'name' => $r['title'],
 	);
 }
 switch($_GET['action']) {
 case 'save':
 	if(!is_array($_POST['languages'])) $_POST['languages']=array();
 	$u['languages'] = array();
 	foreach($_POST['languages'] AS $val)
 		$u['languages'][] = $val;
 	$u['willing_chair'] = ($_POST['willing_chair'] == 'yes') ? 'yes' : 'no';
 	$u['highest_psd'] = stripslashes($_POST['highest_psd']);
 	$u['available_events'] = array_values($_POST['time']);
 	user_save($u);
 /*
 	if(is_array($_POST['questions'])){
 		questions_save_answers("judgereg",$u['id'],$_POST['questions']);
 	}
 */
 	happy_("Preferences successfully saved");
 	$u = user_load($u['id']);
 	$newstatus=activities_status($u);
 ?>
 	<script type="text/javascript">
 		user_update_tab_status('activities','<?=$newstatus?>');
 	</script>
 <?
 	exit;
 }
 $fields = array('languages[]', 'willing_chair','highest_psd','time[]');
 $required = array('languages[]');
 if(count($times) > 1) $required[] = 'time[]';
 ?>
 <h4><?=i18n("Activity Information")?> - <span class="status_activities"></span></h4>
 <br/>
 <form class="editor" id="activities_form">
 <table width="90%">
 <tr><td style="text-align: left" colspan="2"><b><?=i18n('Language(s)')?></b><hr /></td></tr>
 <tr><?=user_edit_item($u, 'Languages', 'languages[]', 'languages')?></tr>
 <?php if(count($times) > 1) { ?>
 	<tr><td style="text-align: left" colspan="2"><br /><b><?=i18n('Time Availability')?></b><hr />
 	<i><?=i18n('Please specify the events you are available for')?></i>
 	</td></tr>
 <?php
 	// get a list of the times they already have selected
 	$sel = array();
 	$q = mysql_query("
 		SELECT eual.* FROM schedule_users_availability_link eual
 		JOIN schedule ON schedule.id = eual.schedule_id
 		WHERE eual.users_id=\"{$u['id']}\"
 		AND schedule.conferences_id = {$conference['id']}
 		ORDER BY `schedule`.`date`, `schedule`.`hour`, `schedule`.`minute`
 	");
 	while($r = mysql_fetch_assoc($q)) {
 		foreach($times as $x => $t) {
 			if($x == $r['schedule_id']){
 				$sel[] = $x;
 			}
 		}
 	}
 	$items = array();
 	foreach($times as $x => $t) {
 		$items[$x] = "{$t['name']} ({$t['date']} {$t['starttime']} - {$t['endtime']})";
 	}
 	echo '<tr>';
 	user_edit_item($u, 'Time Availability', 'time[]', 'checklist', $items, $sel);
 	echo '</tr>';
 }
 //questions_print_answer_editor('judgereg', $u, 'questions');
 ?>
 </table>
 <br />
 <button><?=i18n("Save Information")?></button>
 </form>
 <script type="text/javascript">
 function activities_save()
 {
 	$("#debug").load("<?=$config['SFIABDIRECTORY']?>/activities.php?action=save&users_id=<?=$u['id']?>", $("#activities_form").serializeArray());
        return false;
 }
 $(document).ready(function() {
 	$("#activities_form").validate({
 		errorPlacement: function(error, element) {
 			if( element.attr('type') == 'checkbox' ) {
 				error.insertAfter( element.parent("span") );
 			} else {
 				error.insertAfter(element);
 			}
 		},
 		rules: {
 			"languages[]": { required: true },
 			"time[]": { required: <?=in_array('time[]', $required)?'true':'false'?> },
 		},
 		messages: {
 			"languages[]": { required:  "<?=i18n('Please select the language(s) you can work in')?>" },
 			"time[]": { required:  "<?=i18n('Please select the time(s) you are available')?>" }
 		},
 		submitHandler: function() {
 			activities_save();
 			return false;
 		},
 		cancelHandler: function() {
 			activities_save();
 			return false;
 		}
 	});
 	user_update_tab_status('activities');
 });
 </script>
--- a/admin/account_list.php
+++ b/admin/account_list.php
@ -1,144 +0,0 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
   Copyright (C) 2005 James Grant <james@lightbox.org>
   This program is free software; you can redistribute it and/or
   modify it under the terms of the GNU General Public
   License as published by the Free Software Foundation, version 2.
   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    General Public License for more details.
   You should have received a copy of the GNU General Public License
   along with this program; see the file COPYING.  If not, write to
   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
   Boston, MA 02111-1307, USA.
 */
 ?>
 <?
 if($_GET['show_types'])
 	$NAV_IDENT=$_GET['show_types'][0];
 if($_POST['show_types'])
 	$NAV_IDENT=$_POST['show_types'][0];
 require_once('../common.inc.php');
 require_once('../user.inc.php');
 require_once('../judge.inc.php');
 user_auth_required('admin');
 require_once('judges.inc.php');
 if($_GET['action']=="join" && $_GET['accounts_id']) {
 	 //we're making this user join this conference
 		echo "joining {$_GET['accounts_id']} with {$conference['id']}";
 		$u = user_create(intval($_GET['accounts_id']), $conference['id']);
 		echo happy(i18n("User joined conference"));
 }
 send_header("Account List",
 		array('Committee Main' => 'committee_main.php',
 			'Administration' => 'admin/index.php')
 				);
 	$querystr = "SELECT * FROM accounts ORDER BY username";
 	 /*
 	echo $querystr;
 	echo "<br />\n";
 	echo "<br />\n";
 	*/
 	$q = mysql_query($querystr);
 	echo mysql_error();
 	echo "<br />\n";
 	$num = mysql_num_rows($q);
 	echo i18n("Listing %1 account total.",array($num));
 	echo mysql_error();
 	echo "<table class=\"tableview\">";
 	echo "<thead>";
 	echo "<tr>";
 	echo " <th>".i18n("Account ID")."</th>";
 	echo " <th>".i18n("Username")."</th>";
 	echo " <th>".i18n("Email Address")."</th>";
 	echo " <th>".i18n("Pending Email")."</th>";
 	echo " <th>".i18n("User Info")."</th>";
 //	echo " <th>".i18n("Actions")."</th>";
 	echo "</tr>";
 	echo "</thead>";
 	echo "<tbody>";
 	$tally = array();
 	$tally['active'] = array();
 	$tally['inactive'] = array();
 	$tally['active']['complete'] = 0;
 	$tally['active']['incomplete'] = 0;
 	$tally['active']['na'] = 0;
 	$tally['inactive']['complete'] = 0;
 	$tally['inactive']['incomplete'] = 0;
 	$tally['inactive']['na'] = 0;
 	while($r=mysql_fetch_assoc($q)) {
 		// get the role data for this user
 		echo "<tr>";
 		echo "<td>";
 		echo $r['id'];
 		echo "</td>";
 		echo "<td>";
 		echo $r['username'];
 		echo "</td>";
 		echo "<td>";
 		echo $r['email'];
 		echo "</td><td>";
 		echo $r['pendingemail'];
 		echo "</td>";
 		echo "<td>";
 		$u=user_load_by_accounts_id($r['id']);
 		if($u) {
 			//we can edit them even if they dont have any roles, duh
 			echo "<b>";
 			echo "<a href=\"#\" onclick=\"return openeditor({$u['id']})\">";
 			if($u['firstname'] || $u['lastname']) {
 				echo $u['firstname']." ".$u['lastname'];
 			}
 			else {
 				echo i18n("No name specified");
 			}
 			echo "</a>";
 			echo "</b>";
 			echo "<br />";
 			if(count($u['roles'])) {
 				echo "<table>";
 				foreach($u['roles'] AS $r=>$rd) {
 					echo "<tr><td>";
 					echo $rd['name']; 
 					echo "</td>";
 					if($rd['active']=="yes"){ $cl="happy"; $cls=""; } else { $cl="error"; $cls="not "; }
 					echo "<td class=\"$cl\">{$cls}active</td>";
 					if($rd['complete']=="yes"){ $cl="happy"; $cls=""; } else { $cl="error"; $cls="not "; }
 					echo "<td class=\"$cl\">{$cls}complete</td>";
 					echo "</tr>";
 				}
 				echo "</table>";
 			} else {
 				echo "no roles";
 			}
 		}
 		else {
 			echo "no user record for this conference. ";
 			echo " <a href=\"account_list.php?action=join&accounts_id={$r['id']}\">click to join conference</a>";
 		}
 		echo "</td>";
 		echo "</tr>";
 	}
 	echo "</tbody>";
 	echo "</table>";
 	send_footer();
 ?>
--- a/admin/anneal.inc.php
+++ b/admin/anneal.inc.php
@ -1,14 +1,41 @@
-<?php
+<?
 /*
 * This file is part of the 'Science Fair In A Box' project
 * SFIAB Website: http://www.sfiab.ca
 *
 * Copyright (C) 2005-2008 Sci-Tech Ontario Inc <info@scitechontario.org>
 * Copyright (C) 2008-2012 Youth Science Ontario <info@youthscienceontario.ca>
 * Copyright (C) 2005-2012 James Grant <james@lightbox.org>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public
 * License as published by the Free Software Foundation, version 2.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 *  General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
-class annealer {
+class annealer
-
+{
 	var $num_buckets;
 	var $bucket;
 	var $bucket_cost;
 	var $bucket_cost_new;
 	var $cost;
-	var $start_temp, $start_moves;
+
 	var $start_temp,
 		$start_moves;
 	var $cost_function_callback;
 	var $pick_move_callback;
 	var $update_callback;
@ -18,9 +45,9 @@ class annealer {
 	var $max_items_per_bucket;
 	var $rate;
 	var $move_bucket_ids;
-	
+
 	function annealer($num_buckets, $start_temp, $start_moves, $rate,
-				$cost_function_cb, $items)
+		$cost_function_cb, $items)
 	{
 		$this->num_buckets = $num_buckets;
 		$this->start_temp = $start_temp;
@ -29,7 +56,7 @@ class annealer {
 		unset($this->pick_move_callback);
 		unset($this->update_callback);
 		unset($this->delta_cost_bucket_ids_callback);
-	
+
 		$this->bucket_cost = array();
 		$this->bucket_cost_old = array();
 		$this->bucket = array();
@ -38,14 +65,15 @@ class annealer {
 		$this->rate = $rate;
 		$this->max_items_per_bucket = 0;
 		$ipb = ceil($this->items_per_bucket);
-		$i=0;
+		$i = 0;
 		$this->cost = 0;
 		/* Assign to buckets */
-		for($x=0; $x<$num_buckets; $x++) {
+		for ($x = 0; $x < $num_buckets; $x++) {
 			unset($b);
 			$b = array();
-			for($y=0;$y<$ipb; $y++) {
+			for ($y = 0; $y < $ipb; $y++) {
-				if($i == count($items)) break;
+				if ($i == count($items))
 					break;
 				$b[] = $items[$i];
 				$i++;
 			}
@ -53,80 +81,85 @@ class annealer {
 		}
 		/* Then do costs after all bucket assignments are done */
-		for($x=0; $x<$num_buckets; $x++) {
+		for ($x = 0; $x < $num_buckets; $x++) {
 			$c = $this->cost_function($x);
 			$this->bucket_cost[] = $c;
 			$this->cost += $c;
 		}
-		TRACE("Annealer setup: T={$this->start_temp}, ".
+		TRACE("Annealer setup: T={$this->start_temp}, "
-				"M={$this->start_moves}, Bkts={$this->num_buckets}, ".
+			. "M={$this->start_moves}, Bkts={$this->num_buckets}, "
-				"Cost={$this->cost}\n");
+			. "Cost={$this->cost}\n");
 	}
 	function set_pick_move($func)
 	{
 		$this->pick_move_callback = $func;
 	}
 	function set_update_callback($func)
 	{
 		$this->update_callback = $func;
 	}
 	function set_delta_cost_bucket_ids_callback($func)
 	{
 		$this->delta_cost_bucket_ids_callback = $func;
 	}
-	function set_max_items_per_bucket($num) 
+
 	function set_max_items_per_bucket($num)
 	{
 		$this->max_items_per_bucket = $num;
 	}
 	function pick_move()
 	{
 		/* Pick a bucket and item */
-		while(1) {
+		while (1) {
 			$b1 = rand(0, $this->num_buckets - 1);
-			if(count($this->bucket[$b1]) > 0) break;
+			if (count($this->bucket[$b1]) > 0)
 				break;
 		}
-		$i1 = rand(0, count($this->bucket[$b1]) -1);
+		$i1 = rand(0, count($this->bucket[$b1]) - 1);
 		/* Pick a second bucket that is different than the first */
 		$b2 = rand(0, $this->num_buckets - 2);
-		if($b2 >= $b1) $b2++;
+		if ($b2 >= $b1)
 			$b2++;
-		
+		if ($this->max_items_per_bucket > 0 && count($this->bucket[$b2]) >= $this->max_items_per_bucket) {
-		if($this->max_items_per_bucket > 0 && count($this->bucket[$b2]) >= $this->max_items_per_bucket) {
+			/*
-			/* Can't move b1 into b2, it would exceed the max items per bucket, pick an
+			 * Can't move b1 into b2, it would exceed the max items per bucket, pick an
-			 * item to swap with */
+			 * item to swap with
-			$i2 = rand(0, count($this->bucket[$b2])-1);
+			 */
 			$i2 = rand(0, count($this->bucket[$b2]) - 1);
 		} else {
 			/* Pick an item, or a blank, in the second bucket */
 			$i2 = rand(0, count($this->bucket[$b2]));
-			if($i2 == count($this->bucket[$b2])) $i2 = -1;
+			if ($i2 == count($this->bucket[$b2]))
 				$i2 = -1;
 		}
-//		TRACE("Move ($b1,$i1)<->($b2,$i2)\n");
+		//		TRACE("Move ($b1,$i1)<->($b2,$i2)\n");
 		return array($b1, $i1, $b2, $i2);
 	}
-	
+
 	function cost_function($b)
 	{
 		$bkt = $this->bucket[$b];
 		$cb = $this->cost_function_callback;
 		$c = $cb($this, $b, $bkt);
-//		$this->print_bucket($b);
+		//		$this->print_bucket($b);
-//		print("Computed cost to be: $c\n");
+		//		print("Computed cost to be: $c\n");
 		return $c;
 	}
-	
+
-	function compute_delta_cost($move) 
+	function compute_delta_cost($move)
 	{
 		list($b1, $i1, $b2, $i2) = $move;
-		if($b1 == $b2) {
+		if ($b1 == $b2) {
 			echo "Called on same bucket, not supported!\n";
 			exit;
-//			return $this->compute_delta_cost_same_bucket($move);
+			//			return $this->compute_delta_cost_same_bucket($move);
 		}
 		$cost = 0;
@ -137,42 +170,42 @@ class annealer {
 		/* Setup new costs */
 		$this->bucket_cost_new = $this->bucket_cost;
-		
+
 		/* Compute new lists with swapped elements */
-		if($i2 != -1) { /* Swap */
+		if ($i2 != -1) {  /* Swap */
 			array_splice($this->bucket[$b1], $i1, 1, $b2_old[$i2]);
 			array_splice($this->bucket[$b2], $i2, 1, $b1_old[$i1]);
-		} else { /* Move one to other */
+		} else {  /* Move one to other */
 			array_splice($this->bucket[$b1], $i1, 1);
 			$this->bucket[$b2][] = $b1_old[$i1];
 		}
-		/* Get the lists of buckets we need to recompute, by default
+		/*
-		 * just b1 and b2 */
+		 * Get the lists of buckets we need to recompute, by default
-		if(isset ($this->delta_cost_bucket_ids_callback)) {
+		 * just b1 and b2
 		 */
 		if (isset($this->delta_cost_bucket_ids_callback)) {
 			$cb = $this->delta_cost_bucket_ids_callback;
 			$ids = $cb($this, $b1);
-			$ids = array_unique(array_merge($ids, $cb($this, $b2)), SORT_NUMERIC );
+			$ids = array_unique(array_merge($ids, $cb($this, $b2)), SORT_NUMERIC);
 		} else {
 			$ids = array($b1, $b2);
 		}
-//		TRACE("Recompute IDs:\n");
+		//		TRACE("Recompute IDs:\n");
-//		TRACE_R($ids);
+		//		TRACE_R($ids);
 		/* Save that list */
 		$this->move_bucket_ids = $ids;
 		/* Compute a delta cost, recompute all costs for all buckets */
-		foreach($ids as $bucket_id) {
+		foreach ($ids as $bucket_id) {
 			/* Compute costs */
 			$cost -= $this->bucket_cost[$bucket_id];
 			$this->bucket_cost_new[$bucket_id] = $this->cost_function($bucket_id);
 			$cost += $this->bucket_cost_new[$bucket_id];
 		}
 		/* Save the new lists */
 		$b1_new = $this->bucket[$b1];
 		$b2_new = $this->bucket[$b2];
@ -180,46 +213,47 @@ class annealer {
 		/* Return to the original bucket lists */
 		$this->bucket[$b1] = $b1_old;
 		$this->bucket[$b2] = $b2_old;
-	
+
 		return array($cost, array($b1_new, $b2_new));
 	}
 /*
 	function compute_delta_cost_same_bucket($move)
 	{
 		list($b1, $i1, $b2, $i2) = $move;
-		$cost = 0;
+	/*
-
+	 * function compute_delta_cost_same_bucket($move)
-		$b_old = $this->bucket[$b1];
+	 * {
-		
+	 * 	list($b1, $i1, $b2, $i2) = $move;
-		$b_new = array();
+	 *
-		/* Make a new bucket list 
+	 * 	$cost = 0;
-		for($x=0; $x<count($b_old); $x++) {
+	 *
-			if($x == $i1) {
+	 * 	$b_old = $this->bucket[$b1];
-				/* Swap or remove this index 
+	 *
-				if($i2 != -1) $b_new[] = $b_old[$i2];
+	 * 	$b_new = array();
-			} else if($x == $i2) {
+	 * 	/* Make a new bucket list
-				$b_new[] = $b_old[$i1];
+	 * 	for($x=0; $x<count($b_old); $x++) {
-			} else {
+	 * 		if($x == $i1) {
-				$b_new[] = $b_old[$x];
+	 * 			/* Swap or remove this index
-			}
+	 * 			if($i2 != -1) $b_new[] = $b_old[$i2];
-		}
+	 * 		} else if($x == $i2) {
-
+	 * 			$b_new[] = $b_old[$i1];
-		/* Assign the new item lists to the buckets 
+	 * 		} else {
-		$this->bucket[$b1] = $b_new;
+	 * 			$b_new[] = $b_old[$x];
-
+	 * 		}
-		/* Compute costs 
+	 * 	}
-		$cost -= $this->bucket_cost[$b1];
+	 *
-
+	 * 	/* Assign the new item lists to the buckets
-		$c1 = $this->cost_function($b1);
+	 * 	$this->bucket[$b1] = $b_new;
-		$cost += $c1;
+	 *
-
+	 * 	/* Compute costs
-		/* Return to the original bucket lists 
+	 * 	$cost -= $this->bucket_cost[$b1];
-		$this->bucket[$b1] = $b_old;
+	 *
-	
+	 * 	$c1 = $this->cost_function($b1);
-		return array($cost, array($c1, $b_new, 0, array()));
+	 * 	$cost += $c1;
-	}
+	 *
-*/
+	 * 	/* Return to the original bucket lists
 	 * 	$this->bucket[$b1] = $b_old;
 	 *
 	 * 	return array($cost, array($c1, $b_new, 0, array()));
 	 * }
 	 */
 	function accept_move($move, $movedata)
 	{
@ -227,7 +261,8 @@ class annealer {
 		list($b1_new, $b2_new) = $movedata;
 		$this->bucket[$b1] = $b1_new;
-		if($b1 != $b2) $this->bucket[$b2] = $b2_new;
+		if ($b1 != $b2)
 			$this->bucket[$b2] = $b2_new;
 		$this->bucket_cost = $this->bucket_cost_new;
 	}
@ -239,106 +274,114 @@ class annealer {
 		$last_cost = 0;
 		$last_cost_count = 0;
-		if($this->num_buckets <= 1) {
+		if ($this->num_buckets <= 1) {
 			TRACE("Only one Bucket, nothing to anneal.\n");
 			return;
 		}
-//		$this->print_buckets();
+		//		$this->print_buckets();
 		$estimated_iterations = ceil(log(0.1 / $this->start_temp, $this->rate));
-//		print_r($this);
+		//		print_r($this);
 		$iterations = 0;
-		while(1) {
+		while (1) {
 			$moves = $this->start_moves;
-			for($m = 0; $m<$moves; $m++) {
+			for ($m = 0; $m < $moves; $m++) {
-//				$this->print_buckets();
+				//				$this->print_buckets();
 				/* Pick 2 moves at random */
-				if(isset ($this->pick_move_callback)) {
+				if (isset($this->pick_move_callback)) {
 					$cb = $this->pick_move_callback;
 					$move = $cb($this);
 				} else {
 					$move = $this->pick_move();
 				}
 				/* See what the new cost is compared to the old */
-				list($delta_c, $movedata) = 
+				list($delta_c, $movedata) =
 					$this->compute_delta_cost($move);
 				$r = floatval(rand()) / floatval(getrandmax());
 				/* Decide if we want to keep it */
 				$e = exp(-$delta_c / $temperature);
-//				TRACE("r=$r, exp=$e, delta=$delta_c\n");
+				//				TRACE("r=$r, exp=$e, delta=$delta_c\n");
-				if($r < exp(-$delta_c / $temperature)) {
+				if ($r < exp(-$delta_c / $temperature)) {
 					/* Yes, we do, record the move */
 					$this->accept_move($move, $movedata);
 					$current_cost += $delta_c;
 					$n_accepted++;
-				//	if($current_cost < $this->cost)
+					//	if($current_cost < $this->cost)
 					$this->cost = $current_cost;
-//					TRACE("Move accepted, cost=$current_cost\n");
+					//					TRACE("Move accepted, cost=$current_cost\n");
 				} else {
-//					TRACE("Move rejected\n");
+					//					TRACE("Move rejected\n");
 				}
 				$this->iterations++;
-				if($this->iterations % 10000 == 0) {
+				if ($this->iterations % 10000 == 0) {
 					TRACE("   {$this->iterations} iterations, cost={$this->cost}, temperature=$temperature\n");
-//					$this->print_buckets();
+					//					$this->print_buckets();
 				}
-				if($this->cost == 0) {
+				if ($this->cost == 0) {
-					/* If we manage to get to a 0 cost
+					/*
-					 * solution, don't look any more */
+					 * If we manage to get to a 0 cost
 					 * solution, don't look any more
 					 */
 					break;
 				}
 			}
 			$iterations++;
-			if(isset ($this->update_callback)) {
+			if (isset($this->update_callback)) {
 				$cb = $this->update_callback;
 				$cb($iterations, $estimated_iterations);
 			}
-			if($this->cost == 0) break;
+			if ($this->cost == 0)
 				break;
-			if($this->cost == $last_cost) {
+			if ($this->cost == $last_cost) {
-				$last_cost_count ++;
+				$last_cost_count++;
 			} else {
 				$last_cost = $this->cost;
-				$last_cost_count=0;
+				$last_cost_count = 0;
 			}
 			if($temperature < 0.1 && $last_cost_count > 10) 
 				break;
 //			TRACE("Cost is {$this->cost}\n");
 			$temperature *= $this->rate;
            /*
 FIXME: README: NOTE: TODO:
 From Kris, 2009-03-24
 Dave do you think we should consider something like this?
-<Kris_School_1> here's the schedule i use in my academic annealer:
+			if ($temperature < 0.1 && $last_cost_count > 10)
-                 if( _params._useVPRTempSchedule ) {
+				break;
-                         // This is VPR's temperature schedule...
+
-                         if( successRate > 0.96 ) {
+			// if we go 1 million iterations without changing the cost, lets give up
-                                 _temp *= 0.5;
+			if ($last_cost_count > 1000000)
-                         } else if( successRate > 0.8 ) {
+				break;
-                                 _temp *= 0.9;
+
-                         } else if( successRate > 0.15 || !windowsSized ) {
+			//			TRACE("Cost is {$this->cost}\n");
-                                 _temp *= 0.95;
+			$temperature *= $this->rate;
-                         } else {
+
-                                 _temp *= 0.8;
+			/*
-                         }
+			 * FIXME: README: NOTE: TODO:
-                 } else {
+			 * From Kris, 2009-03-24
-                         // This is identical to Aaarts and Van Laarhaven.
+			 * Dave do you think we should consider something like this?
-                         real64  kappa = _params._tempReduction;         // 1.0 == slow, 10 = reasonable, 100 == fast
+			 *
-                         real64  sqrvar = std::sqrt( variance );
+			 * <Kris_School_1> here's the schedule i use in my academic annealer:
-                         if( variance <= EPSNEG || sqrvar <= EPSNEG ) {
+			 *                  if( _params._useVPRTempSchedule ) {
-                                 _temp = 0.;
+			 *                          // This is VPR's temperature schedule...
-                         } else {
+			 *                          if( successRate > 0.96 ) {
-                                 _temp = _temp * ( sqrvar / ( sqrvar + kappa * _temp ) );
+			 *                                  _temp *= 0.5;
-                         }
+			 *                          } else if( successRate > 0.8 ) {
-                 }
+			 *                                  _temp *= 0.9;
-            */
+			 *                          } else if( successRate > 0.15 || !windowsSized ) {
 			 *                                  _temp *= 0.95;
 			 *                          } else {
 			 *                                  _temp *= 0.8;
 			 *                          }
 			 *                  } else {
 			 *                          // This is identical to Aaarts and Van Laarhaven.
 			 *                          real64  kappa = _params._tempReduction;         // 1.0 == slow, 10 = reasonable, 100 == fast
 			 *                          real64  sqrvar = std::sqrt( variance );
 			 *                          if( variance <= EPSNEG || sqrvar <= EPSNEG ) {
 			 *                                  _temp = 0.;
 			 *                          } else {
 			 *                                  _temp = _temp * ( sqrvar / ( sqrvar + kappa * _temp ) );
 			 *                          }
 			 *                  }
 			 */
 		}
 		TRACE("Annealing complete.  {$this->iterations} iterations.  Final cost is {$this->cost}\n");
 	}
@ -346,16 +389,17 @@ Dave do you think we should consider something like this?
 	function print_bucket($x)
 	{
 		$b = $this->bucket[$x];
-		print("Bucket $x: (cost: {$this->bucket_cost[$x]})\n");
+		print ("Bucket $x: (cost: {$this->bucket_cost[$x]})\n");
-		print("   ");
+		print ('   ');
-		for($y=0;$y<count($b); $y++) {
+		for ($y = 0; $y < count($b); $y++) {
-			print("{$b[$y]} ");
+			print ("{$b[$y]} ");
 		}
-		print("\n");
+		print ("\n");
 	}
 	function print_buckets()
 	{
-		for($x=0; $x<$this->num_buckets; $x++) {
+		for ($x = 0; $x < $this->num_buckets; $x++) {
 			$this->print_bucket($x);
 		}
 	}
--- a/admin/award_awardcreatedivisional.php
+++ b/admin/award_awardcreatedivisional.php
@ -1,143 +1,136 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- require_once("awards.inc.php");
+user_auth_required('committee', 'admin');
 user_auth_required('admin');
- send_header('Create All Divisional Awards',
+send_header('Create All Divisional Awards',
- 		array('Committee Main' => 'committee_main.php',
+	array('Committee Main' => 'committee_main.php',
-			'Administration' => 'admin/index.php',
+		'Administration' => 'admin/index.php',
-			'Awards Main' => 'admin/awards.php')
+		'Awards Main' => 'admin/awards.php'));
 		);
- if($_GET['sponsors_id']) $sponsors_id=$_GET['sponsors_id'];
+if (get_value_from_array($_GET, 'sponsors_id'))
- else if($_POST['sponsors_id']) $sponsors_id=$_POST['sponsors_id'];
+	$sponsors_id = $_GET['sponsors_id'];
 else if (get_value_from_array($_POST, 'sponsors_id'))
 	$sponsors_id = $_POST['sponsors_id'];
- if($_GET['award_types_id']) $award_types_id=$_GET['award_types_id'];
+if (get_value_from_array($_GET, 'award_types_id'))
- else if($_POST['award_types_id']) $award_types_id=$_POST['award_types_id'];
+	$award_types_id = $_GET['award_types_id'];
 else if (get_value_from_array($_POST, 'award_types_id'))
 	$award_types_id = $_POST['award_types_id'];
-if($_GET['force'] == "true") {
+// first, we can only do this if we dont have any type=divisional awards created yet
 	$q=mysql_query("SELECT id FROM award_awards WHERE award_types_id='1' AND conferences_id='{$conference['id']}'");
 	while($r=mysql_fetch_object($q)) {
 		award_delete($r->id);
 	}
 }
-	//first, we can only do this if we dont have any type=divisional awards created yet
+$q = $pdo->prepare("SELECT COUNT(id) AS num FROM award_awards WHERE award_types_id='1' AND year='{$config['FAIRYEAR']}'");
-	$q=mysql_query("SELECT COUNT(id) AS num FROM award_awards WHERE award_types_id='1' AND conferences_id='{$conference['id']}'");
+$q->execute();
-	$r=mysql_fetch_object($q);
+$r = $q->fetch(PDO::FETCH_OBJ);
-	if($r->num)
+if ($r->num) {
-	{
+	echo error(i18n('%1 Divisional awards already exist.  There must not be any divisional awards in order to run this wizard', array($r->num)));
-		echo error(i18n("%1 Divisional awards already exist.  There must not be any divisional awards in order to run this wizard",array($r->num)));
+} else {
-		echo "<p><a href='award_awardcreatedivisional.php?force=true'>" . i18n("Proceed Anyways?") . "</a> ";
+	$q = $pdo->prepare("SELECT * FROM projectdivisions WHERE year='" . $config['FAIRYEAR'] . "' ORDER BY id");
-		echo i18n("This will delete all existing divisional awards.");
+	$q->execute();
-		echo "</p>";
+	while ($r = $q->fetch(PDO::FETCH_OBJ))
-	}
+		$div[$r->id] = $r->division;
 	else
 	{
-		$q=mysql_query("SELECT * FROM projectdivisions WHERE conferences_id='".$conference['id']."' ORDER BY id");
+	$q = $pdo->prepare("SELECT * FROM projectcategories WHERE year='" . $config['FAIRYEAR'] . "' ORDER BY id");
-		while($r=mysql_fetch_object($q))
+	$q->execute();
-			$div[$r->id]=$r->division;
+	while ($r = $q->fetch(PDO::FETCH_OBJ))
 		$cat[$r->id] = $r->category;
-		$q=mysql_query("SELECT * FROM projectcategories WHERE conferences_id='".$conference['id']."' ORDER BY id");
+	$dkeys = array_keys($div);
-		while($r=mysql_fetch_object($q))
+	$ckeys = array_keys($cat);
 			$cat[$r->id]=$r->category;
 		$dkeys = array_keys($div);
 		$ckeys = array_keys($cat);
 		if($config['filterdivisionbycategory']=="yes") {
 			$q=mysql_query("SELECT * FROM projectcategoriesdivisions_link WHERE conferences_id='".$conference['id']."' ORDER BY projectdivisions_id,projectcategories_id");
 			$divcat=array();
 			while($r=mysql_fetch_object($q)) {
 				$divcat[]=array("c"=>$r->projectcategories_id,"d"=>$r->projectdivisions_id);
 			}
 	if ($config['filterdivisionbycategory'] == 'yes') {
 		$q = $pdo->prepare("SELECT * FROM projectcategoriesdivisions_link WHERE year='" . $config['FAIRYEAR'] . "' ORDER BY projectdivisions_id,projectcategories_id");
 		$q->execute();
 		$divcat = array();
 		while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 			$divcat[] = array('c' => $r->projectcategories_id, 'd' => $r->projectdivisions_id);
 		}
-		else {
+	} else {
-			$divcat=array();
+		$divcat = array();
-			foreach($dkeys AS $d) {
+		foreach ($dkeys AS $d) {
-				foreach($ckeys AS $c) {
+			foreach ($ckeys AS $c) {
-					$divcat[]=array("c"=>$c,"d"=>$d);
+				$divcat[] = array('c' => $c, 'd' => $d);
 				}
 			}
 		}
 	}
 	if ($_GET['action'] == 'create' && $_GET['sponsors_id']) {
 		$q = $pdo->prepare("SELECT * FROM award_prizes WHERE year='-1' AND award_awards_id='0' ORDER BY `order`");
 		$q->execute();
 		$prizes = array();
 		while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 			$prizes[] = array(
 				'cash' => $r->cash,
 				'scholarship' => $r->scholarship,
 				'value' => $r->value,
 				'prize' => $r->prize,
 				'number' => $r->number,
 				'excludefromac' => $r->excludefromac,
 				'trophystudentkeeper' => $r->trophystudentkeeper,
 				'trophystudentreturn' => $r->trophystudentreturn,
 				'trophyschoolkeeper' => $r->trophyschoolkeeper,
 				'trophyschoolreturn' => $r->trophyschoolreturn,
 				'order' => $r->order
 			);
 		}
-		if($_GET['action']=="create" && $_GET['sponsors_id'])
+		$ord = 1;
-		{
+		echo '<br />';
-			$q=mysql_query("SELECT * FROM award_prizes WHERE conferences_id='-1' AND award_awards_id='0' ORDER BY `order`");
+		foreach ($divcat AS $dc) {
-			$prizes=array();
+			$d_id = $dc['d'];
-			while($r=mysql_fetch_object($q))
+			$c_id = $dc['c'];
-			{
+			$d_division = $div[$d_id];
-				$prizes[]=array(
+			$c_category = $cat[$c_id];
 						"cash"=>$r->cash,
 						"scholarship"=>$r->scholarship,
 						"value"=>$r->value,
 						"prize"=>$r->prize,
 						"number"=>$r->number,
 						"excludefromac"=>$r->excludefromac,
 						"trophystudentkeeper"=>$r->trophystudentkeeper,
 						"trophystudentreturn"=>$r->trophystudentreturn,
 						"trophyschoolkeeper"=>$r->trophyschoolkeeper,
 						"trophyschoolreturn"=>$r->trophyschoolreturn,
 						"order"=>$r->order);
 			}
-			$ord=1;
+			echo i18n('Creating %1 - %2', array($c_category, $d_division)) . '<br />';
-			echo "<br />";
+
-			foreach($divcat AS $dc) {
+			$q = $pdo->prepare("INSERT INTO award_awards (sponsors_id,award_types_id,name,criteria,`order`,year) VALUES (
 				$d_id=$dc['d'];
 				$c_id=$dc['c'];
 				$d_division=$div[$d_id];
 				$c_category=$cat[$c_id];
 					echo i18n("Creating %1 - %2",array($c_category,$d_division))."<br />";
 					mysql_query("INSERT INTO award_awards (sponsors_id,award_types_id,name,criteria,`order`,conferences_id) VALUES (
 						'{$_GET['sponsors_id']}',
 						'1',
 						'$c_category - $d_division',
-						'".i18n("Best %1 projects in the %2 division",array($c_category,$d_division))."',
+						'" . i18n('Best %1 projects in the %2 division', array($c_category, $d_division)) . "',
 						'$ord',
-						'{$conference['id']}'
+						'{$config['FAIRYEAR']}'
 					)");
-					echo mysql_error();
+			$q->execute();
-					$award_awards_id=mysql_insert_id();
+			show_pdo_errors_if_any($pdo);
 			$award_awards_id = $pdo->lastInsertId();
 			$q = $pdo->prepare("INSERT INTO award_awards_projectcategories (award_awards_id,projectcategories_id,year) VALUES ('$award_awards_id','$c_id','{$config['FAIRYEAR']}')");
 			$q->execute();
-					mysql_query("INSERT INTO award_awards_projectcategories (award_awards_id,projectcategories_id,conferences_id) VALUES ('$award_awards_id','$c_id','{$conference['id']}')");
+			$q = $pdo->prepare("INSERT INTO award_awards_projectdivisions (award_awards_id,projectdivisions_id,year) VALUES ('$award_awards_id','$d_id','{$config['FAIRYEAR']}')");
-					mysql_query("INSERT INTO award_awards_projectdivisions (award_awards_id,projectdivisions_id,conferences_id) VALUES ('$award_awards_id','$d_id','{$conference['id']}')");
+			$q->execute();
 			$ord++;
-					$ord++;
+			echo '&nbsp;&nbsp;' . i18n('Prizes: ');
-
+			foreach ($prizes AS $prize) {
-					echo "&nbsp;&nbsp;".i18n("Prizes: ");
+				$q = $pdo->prepare("INSERT INTO award_prizes (award_awards_id,cash,scholarship,value,prize,number,`order`,excludefromac,trophystudentkeeper,trophystudentreturn,trophyschoolkeeper,trophyschoolreturn,year) VALUES (
 					foreach($prizes AS $prize)
 					{
 						mysql_query("INSERT INTO award_prizes (award_awards_id,cash,scholarship,value,prize,number,`order`,excludefromac,trophystudentkeeper,trophystudentreturn,trophyschoolkeeper,trophyschoolreturn,conferences_id) VALUES (
 							'$award_awards_id',
 							'{$prize['cash']}',
 							'{$prize['scholarship']}',
@ -150,107 +143,111 @@ if($_GET['force'] == "true") {
 							'{$prize['trophystudentreturn']}',
 							'{$prize['trophyschoolkeeper']}',
 							'{$prize['trophyschoolreturn']}',
-							'{$conference['id']}'
+							'{$config['FAIRYEAR']}'
 							)");
-						echo $prize['prize'].",";
+
-					}
+				$q->execute();
-					echo "<br />";
+
 				echo $prize['prize'] . ',';
 			}
-			echo happy(i18n("All divisional awards and prizes successfully created"));
+			echo '<br />';
 			echo "<a href=\"award_awards.php\">".i18n("Go to awards manager")."</a>\n";
 		}
-		else
+		echo happy(i18n('All divisional awards and prizes successfully created'));
-		{
+		echo '<a href="award_awards.php">' . i18n('Go to awards manager') . "</a>\n";
-			echo "<br />";
+	} else {
-			echo i18n("Please choose the sponsor and create the prizes that will be added to all divisional awards");
+		echo '<br />';
-			echo "<form method=\"get\" action=\"award_awardcreatedivisional.php\">";
+		echo i18n('Please choose the sponsor and create the prizes that will be added to all divisional awards');
 		echo '<form method="get" action="award_awardcreatedivisional.php">';
 		echo '<table>';
 		echo '<tr><td>' . i18n('Sponsor') . ':</td><td>';
-			echo "<table>";
+		$sq = $pdo->prepare('SELECT id,organization FROM sponsors ORDER BY organization');
-			echo "<tr><td>".i18n("Sponsor").":</td><td>";
+		$sq->execute();
-			$sq=mysql_query("SELECT id,organization FROM sponsors ORDER BY organization");
+		echo '<select name="sponsors_id">';
-			echo "<select name=\"sponsors_id\">";
+		// only show the "choose a sponsor" option if we are adding,if we are editing, then they must have already chosen one.
-			//only show the "choose a sponsor" option if we are adding,if we are editing, then they must have already chosen one.
+		echo $firstsponsor;
-			echo $firstsponsor;
+		while ($sr = $sq->fetch(PDO::FETCH_OBJ)) {
-			while($sr=mysql_fetch_object($sq))
+			if ($sr->id == $sponsors_id)
-			{
+				$sel = 'selected="selected"';
-				if($sr->id == $sponsors_id)
+			else
-					$sel="selected=\"selected\"";
+				$sel = '';
-				else
+			echo "<option $sel value=\"$sr->id\">" . i18n($sr->organization) . '</option>';
-					$sel="";
+		}
-				echo "<option $sel value=\"$sr->id\">".i18n($sr->organization)."</option>";
+		echo '</select>';
-			}
+		echo '</td></tr>';
 			echo "</select>";
 			echo "</td></tr>";
-			echo "<tr><td>".i18n("Prizes")."</td><td><a href=\"award_awards.php?action=edit_prize_template\">Edit prize template for divisional awards</a>";
+		echo '<tr><td>' . i18n('Prizes') . '</td><td><a href="award_prizes.php?award_awards_id=-1">Edit prize template for divisional awards</a>';
-			//the 'generic' template prizes for the awards are stored with conferences_id =-1 and award_awards_id=0
+		// the 'generic' template prizes for the awards are stored with year =-1 and award_awards_id=0
-			$q=mysql_query("SELECT * FROM award_prizes WHERE conferences_id='-1' AND award_awards_id='0' ORDER BY `order`");
+		$q = $pdo->prepare("SELECT * FROM award_prizes WHERE year='-1' AND award_awards_id='0' ORDER BY `order`");
 		$q->execute();
-			if(mysql_num_rows($q))
+		if ($q->rowCount()) {
 			{
 			/*
-				echo "<form method=\"post\" action=\"award_prizes.php\">";
+			 * echo "<form method=\"post\" action=\"award_prizes.php\">";
-				echo "<input type=\"hidden\" name=\"action\" value=\"reorder\">";
+			 * echo "<input type=\"hidden\" name=\"action\" value=\"reorder\">";
-				echo "<input type=\"hidden\" name=\"award_awards_id\" value=\"$award_awards_id\">";
+			 * echo "<input type=\"hidden\" name=\"award_awards_id\" value=\"$award_awards_id\">";
-			*/
+			 */
-				echo "<table class=\"summarytable\">";
+			echo '<table class="summarytable">';
-				echo "<tr>";
+			echo '<tr>';
 			//	echo " <th>".i18n("Order")."</th>";
-				echo " <th>".i18n("Prize Description")."</th>";
+			echo ' <th>' . i18n('Prize Description') . '</th>';
-				echo " <th>".i18n("Cash Amount")."</th>";
+			echo ' <th>' . i18n('Cash Amount') . '</th>';
-				echo " <th>".i18n("Scholarship Amount")."</th>";
+			echo ' <th>' . i18n('Scholarship Amount') . '</th>';
-				echo " <th>".i18n("Value")."</th>";
+			echo ' <th>' . i18n('Value') . '</th>';
-				echo " <th>".i18n("# of Prizes")."</th>";
+			echo ' <th>' . i18n('# of Prizes') . '</th>';
-	//			echo " <th>Actions</th>";
+			//			echo " <th>Actions</th>";
 			echo "</tr>\n";
 			while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 				echo "<tr>\n";
 				echo " <td>$r->prize</td>\n";
 				echo ' <td align="right">';
 				if ($r->cash)
 					echo "\$$r->cash";
 				else
 					echo '&nbsp;';
 				echo ' </td>';
 				echo ' <td align="right">';
 				if ($r->scholarship)
 					echo "\$$r->scholarship";
 				else
 					echo '&nbsp;';
 				echo ' </td>';
 				echo ' <td align="right">';
 				if ($r->value)
 					echo "\$$r->value";
 				else
 					echo '&nbsp;';
 				echo ' </td>';
 				echo " <td align=\"center\">$r->number</td>\n";
 				echo "</tr>\n";
 				while($r=mysql_fetch_object($q))
 				{
 					echo "<tr>\n";
 					echo " <td>$r->prize</td>\n";
 					echo " <td align=\"right\">";
 					if($r->cash) echo "\$$r->cash";
 					else echo "&nbsp;";
 					echo " </td>";
 					echo " <td align=\"right\">";
 					if($r->scholarship) echo "\$$r->scholarship";
 					else echo "&nbsp;";
 					echo " </td>";
 					echo " <td align=\"right\">";
 					if($r->value) echo "\$$r->value";
 					else echo "&nbsp;";
 					echo " </td>";
 					echo " <td align=\"center\">$r->number</td>\n";
 					echo "</tr>\n";
 				}
 				echo "</table>\n";
 			}
-			echo "</td></tr>";
+			echo "</table>\n";
 			echo "</table>";
 			echo "<b>".i18n("We will create the following awards with the prizes listed above").":</b>";
 			echo "<br />";
 			foreach($divcat AS $dc) {
 				$d_id=$dc['d'];
 				$c_id=$dc['c'];
 				$d_division=$div[$d_id];
 				$c_category=$cat[$c_id];
 				echo i18n($c_category)." - ".i18n($d_division)."<br />";
 			}
 			echo "<input type=\"hidden\" name=\"action\" value=\"create\">";
 			echo "<input type=\"submit\" value=\"".i18n("Create all divisional awards")."\">";
 			echo "</form>";
 		}
 		echo '</td></tr>';
 		echo '</table>';
 		echo '<b>' . i18n('We will create the following awards with the prizes listed above') . ':</b>';
 		echo '<br />';
 		foreach ($divcat AS $dc) {
 			$d_id = $dc['d'];
 			$c_id = $dc['c'];
 			$d_division = $div[$d_id];
 			$c_category = $cat[$c_id];
 			echo i18n($c_category) . ' - ' . i18n($d_division) . '<br />';
 		}
 		echo '<input type="hidden" name="action" value="create">';
 		echo '<input type="submit" value="' . i18n('Create all divisional awards') . '">';
 		echo '</form>';
 	}
- send_footer();
+}
 send_footer();
 ?>
--- a/admin/award_awards.php
+++ b/admin/award_awards.php
--- a/admin/award_download.php
+++ b/admin/award_download.php
@ -1,247 +1,266 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2007 James Grant <james@lightbox.org>
+/*
-
+ * This file is part of the 'Science Fair In A Box' project
-   This program is free software; you can redistribute it and/or
+ * SFIAB Website: http://www.sfiab.ca
-   modify it under the terms of the GNU General Public
+ *
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2007 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require_once('../common.inc.php');
+require_once ('../common.inc.php');
- require_once('../user.inc.php');
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- require_once('curl.inc.php');
+require_once ('curl.inc.php');
- require_once('awards.inc.php');
+require_once ('awards.inc.php');
 switch (get_value_from_array($_GET, 'action')) {
 	case 'check':
 		$fairs_id = intval($_GET['fairs_id']);
-
+		$q = $pdo->prepare("SELECT * FROM fairs WHERE id=?");
-switch($_GET['action']) {
+		$q->execute([$fairs_id]);
-case 'check':
+		$fair = $q->fetch(PDO::FETCH_ASSOC);
-	$fairs_id = intval($_GET['fairs_id']);
+		if (!($fair['username'] && $fair['password'])) {
-	$q=mysql_query("SELECT * FROM fairs WHERE id='$fairs_id'");
+			echo error(i18n("Username and Password are not set for source '%1'.  Please set them in the SFIAB Configuration/External Award Sources editor first", array($r->name)));
-	$fair=mysql_fetch_assoc($q);
+			return;
 	if(!($fair['username'] && $fair['password'])) {
 		echo error(i18n("Username and Password are not set for source '%1'.  Please set them in the SFIAB Configuration/External Award Sources editor first",array($r->name)));
 		return;
 	}
 	echo i18n("Checking %1 for awards...",array($fair['name']));
 	echo "<br />";
 	if($fair['type'] == 'ysc') {
 		$req=array("awardrequest"=>array(
 				"username"=>$fair['username'],
 				"password"=>$fair['password'],
 				"year"=>$config['FAIRYEAR'],
 				)
 			);
 	} else {
 		$req['getawards'] = array('year'=>$config['FAIRYEAR']);
 	}
 	$data = curl_query($fair, $req);
 	if($data['error'] != 0) {
 		echo error("Server said: {$data['message']}<br />");
 		send_footer();
 		exit;
 	}
 	echo notice(i18n('Server said: Success'));
 //            echo "sending [".nl2br(htmlspecialchars($xmldata))."]";
 	$keys=array_keys($data);
 	if(!array_key_exists('awards', $data)) {
 		echo error(i18n("Invalid XML response.  Expecting '%1' in '%2'",array("awards",join(',',array_keys($data)))));
 //				echo "response=".print_r($data);
 		return;
 	}			
 	//get a list of all the existing awards for this external source
 	$aq=mysql_query("SELECT * FROM award_awards WHERE award_source_fairs_id='$fairs_id' AND conferences_id='{$conference['id']}'");
 	$existingawards=array();
 	while($ar=mysql_fetch_object($aq)) {
 		$existingawards[$ar->id] = true;
 	}
 	echo "<i>";
 	$awards = $data['awards'];
 	$postback = $data['postback'];
 	echo i18n("Postback URL: %1",array($postback))." <br />";
 	$numawards=is_array($awards) ? count($awards) : 0;
 	echo i18n("Number of Awards: %1",array($numawards))." <br />";
 	if($numawards == 0) {
 		echo i18n('No awards to process').'</i> <br />';
 		return;
 	}
 	$divs = projectdivisions_load();
 	$cats = projectcategories_load();
 	foreach($awards as $award) {
 		$identifier=$award['identifier'];
 		$year=$award['year'];
 		echo i18n("Award Identifier: %1",array($identifier))." &nbsp; ";
 		echo i18n("Award Year: %1",array($year))."<br />";
 		echo i18n("Award Name: %1",array($award['name_en']))."<br />";
 		if($year != $config['FAIRYEAR']) {
 			echo error(i18n("Award is not for the current fair year... skipping"));
 			echo '<br />';
 			continue;
 		}
-		$tq=mysql_query("SELECT * FROM award_awards WHERE 
+		echo i18n('Checking %1 for awards...', array($fair['name']));
 		echo '<br />';
 		if ($fair['type'] == 'ysc') {
 			$req = array('awardrequest' => array(
 				'username' => $fair['username'],
 				'password' => $fair['password'],
 				'year' => $config['FAIRYEAR'],
 			));
 		} else {
 			$req['getawards'] = array('year' => $config['FAIRYEAR']);
 		}
 		$data = curl_query($fair, $req);
 		if ($data['error'] != 0) {
 			echo error("Server said: {$data['message']}<br />");
 			send_footer();
 			exit;
 		}
 		echo notice(i18n('Server said: Success'));
 		//            echo "sending [".nl2br(htmlspecialchars($xmldata))."]";
 		$keys = array_keys($data);
 		if (!array_key_exists('awards', $data)) {
 			echo error(i18n("Invalid XML response.  Expecting '%1' in '%2'", array('awards', join(',', array_keys($data)))));
 			//				echo "response=".print_r($data);
 			return;
 		}
 		// get a list of all the existing awards for this external source
 		$aq = $pdo->prepare("SELECT * FROM award_awards WHERE award_source_fairs_id='$fairs_id' AND year='{$config['FAIRYEAR']}'");
 		$aq->execute();
 		$existingawards = array();
 		while ($ar = $aq->fetch(PDO::FETCH_OBJ)) {
 			$existingawards[$ar->id] = true;
 		}
 		echo '<i>';
 		$awards = $data['awards'];
 		$postback = $data['postback'];
 		echo i18n('Postback URL: %1', array($postback)) . ' <br />';
 		$numawards = is_array($awards) ? count($awards) : 0;
 		echo i18n('Number of Awards: %1', array($numawards)) . ' <br />';
 		if ($numawards == 0) {
 			echo i18n('No awards to process') . '</i> <br />';
 			return;
 		}
 		$divs = projectdivisions_load();
 		$cats = projectcategories_load();
 		foreach ($awards as $award) {
 			$identifier = $award['identifier'];
 			$year = $award['year'];
 			echo i18n('Award Identifier: %1', array($identifier)) . ' &nbsp; ';
 			echo i18n('Award Year: %1', array($year)) . '<br />';
 			echo i18n('Award Name: %1', array($award['name_en'])) . '<br />';
 			if ($year != $config['FAIRYEAR']) {
 				echo error(i18n('Award is not for the current fair year... skipping'));
 				echo '<br />';
 				continue;
 			}
 			$tq = $pdo->prepare("SELECT * FROM award_awards WHERE 
 					external_identifier='$identifier' AND 
 					award_source_fairs_id='$fairs_id' AND 
-					conferences_id='{$conference['id']}'");
+					year='$year'");
-		if(mysql_num_rows($tq)  == 0) {
+			$tq->execute();
-			/* Award doesn't exist, create it, then update it with the common code below */
+			if ($tq->rowCount() == 0) {
-			mysql_query("INSERT INTO award_awards (award_types_id,
+				/* Award doesn't exist, create it, then update it with the common code below */
 				$q = $pdo->prepare("INSERT INTO award_awards (award_types_id,
 						year, external_identifier,
 						award_source_fairs_id) 
 					VALUES (2,'{$year}',
-					'".mysql_escape_string($identifier)."',
+					'" . $identifier . "',
 					'$fairs_id')");
-			$award_id=mysql_insert_id();
+				$q->execute();
-			/* By default make all divs/cats eligible */
+				$award_id = $pdo->lastInsertId();
-			foreach($divs as $id=>$d) 
+				/* By default make all divs/cats eligible */
-				mysql_query("INSERT INTO award_awards_projectdivisions(award_awards_id,projectdivisions_id,conferences_id) VALUES ('$award_id','$id','{$conference['id']}')");
+				foreach ($divs as $id => $d)
-			foreach($cats as $id=>$c) 
+					$q = $pdo->prepare("INSERT INTO award_awards_projectdivisions(award_awards_id,projectdivisions_id,year) VALUES ('$award_id','$id','{$config['FAIRYEAR']}')");
-				mysql_query("INSERT INTO award_awards_projectcategories(award_awards_id,projectcategories_id,conferences_id) VALUES ('$award_id','$id','{$conference['id']}')");
+				$q->execute();
 		} else {
 			echo i18n("Award already exists, updating info")."<br />";
 			$awardrecord=mysql_fetch_object($tq);
 			$award_id = $awardrecord->id;
 		}
-		//remove it from the existingawards list
+				foreach ($cats as $id => $c)
-		unset($existingawards[$award_id]);
+					$q = $pdo->prepare("INSERT INTO award_awards_projectcategories(award_awards_id,projectcategories_id,year) VALUES ('$award_id','$id','{$config['FAIRYEAR']}')");
 				$q->execute();
 			} else {
 				echo i18n('Award already exists, updating info') . '<br />';
 				$awardrecord = $q->fetch(PDO::FETCH_OBJ);
 				$award_id = $awardrecord->id;
 			}
-		//check if the sponsor exists, if not, add them
+			// remove it from the existingawards list
-		$sponsor_str = mysql_escape_string($award['sponsor']);
+			unset($existingawards[$award_id]);
 		$sponsorq=mysql_query("SELECT * FROM sponsors WHERE organization='$sponsor_str'");
 		if($sponsorr=mysql_fetch_object($sponsorq)) {
 			$sponsor_id=$sponsorr->id;
 		} else {
 			mysql_query("INSERT INTO sponsors (organization,year,notes) 
 				VALUES ('$sponsor_str','$year','".mysql_escape_string("Imported from external source: $r->name")."')");
 			echo mysql_error();
 			$sponsor_id=mysql_insert_id();
 		}
 			// check if the sponsor exists, if not, add them
 			$sponsor_str = $award['sponsor'];
-		$self_nominate = ($award['self_nominate'] == 'yes') ? 'yes' : 'no';
+			$sponsorq = $pdo->prepare("SELECT * FROM sponsors WHERE organization='$sponsor_str'");
-		$schedule_judges = ($award['schedule_judges'] == 'yes') ? 'yes' : 'no';
+			$sponsorq->execute();
-		mysql_query("UPDATE award_awards SET
+			if ($sponsorr = $sponsorq->fetch(PDO::FETCH_OBJ)) {
 				$sponsor_id = $sponsorr->id;
 			} else {
 				$q = $pdo->prepare("INSERT INTO sponsors (organization,year,notes) 
 				VALUES ('$sponsor_str','$year','" . "Imported from external source: $r->name" . "')");
 				$q->execute();
 				show_pdo_errors_if_any($pdo);
 				$sponsor_id = $pdo->lastInsertId();
 			}
 			$self_nominate = ($award['self_nominate'] == 'yes') ? 'yes' : 'no';
 			$schedule_judges = ($award['schedule_judges'] == 'yes') ? 'yes' : 'no';
 			$q = $pdo->prepare("UPDATE award_awards SET
 				sponsors_id='$sponsor_id',
-				name='".mysql_escape_string($award['name_en'])."',
+				name='" . $award['name_en'] . "',
-				criteria='".mysql_escape_string($award['criteria_en'])."',
+				criteria='" . $award['criteria_en'] . "',
-				external_postback='".mysql_escape_string($postback)."',
+				external_postback='" . $postback . "',
-				external_register_winners='".(($award['external_register_winners']==1)?1:0)."',
+				external_register_winners='" . (($award['external_register_winners'] == 1) ? 1 : 0) . "',
-				external_additional_materials='".(($award['external_additional_materials']==1)?1:0)."',
+				external_additional_materials='" . (($award['external_additional_materials'] == 1) ? 1 : 0) . "',
 				self_nominate='$self_nominate',
 				schedule_judges='$schedule_judges'
 			WHERE 
 				id='$award_id' 
-				AND external_identifier='".mysql_escape_string($identifier)."' 
+				AND external_identifier='" . $identifier . "' 
 				AND year='$year'
 		");
-		echo mysql_error();
+			$q->execute();
 			show_pdo_errors_if_any($pdo);
-		//update the prizes
+			// update the prizes
-		$prizes = $award['prizes'];
+			$prizes = $award['prizes'];
-		if(!is_array($prizes)) {
+			if (!is_array($prizes)) {
-			continue;
+				continue;
 		}
 		echo i18n("Number of prizes: %1",array(count($prizes)))."<br />";
 		/* Get existing prizes */
 		$pq=mysql_query("SELECT * FROM award_prizes WHERE award_awards_id='$award_id'");
 		$existingprizes=array();
 		while($pr=mysql_fetch_assoc($pq)) 
 			$existingprizes[$pr['prize']]=$pr;
 		/* Iterate over the downloaded pizes */
 		foreach($prizes AS $prize) {
 			//if it doesn't exist, add it
 			if(!array_key_exists($prize['prize_en'],$existingprizes)) {
 				/* Add a base entry, then update it below, yes it's two sql queries,
 				 * but it's much shorter code, and means changing things in only
 				 * one spot */
 				echo "&nbsp;".i18n("Adding prize %1",array($prize['prize_en']))."<br />";
 				$p = mysql_escape_string(stripslashes($prize['prize_en']));
 				mysql_query("INSERT INTO award_prizes (award_awards_id,prize,year,external_identifier)
 					VALUES ('$award_id','$p','$year','$p')");
 				$prize_id = mysql_insert_id();
 			} else {
 				$ep=$existingprizes[$prize['prize_en']];
 				echo "&nbsp;".i18n("Updating prize %1",array($ep['prize']))."<br />";
 				$prize_id = $ep['id'];
 				//remove it from the list
 				unset($existingprizes[$ep['prize']]);
 			}
-			if(!array_key_exists('identifier', $prize)) $prize['identifier'] = $prize['prize_en'];
+			echo i18n('Number of prizes: %1', array(count($prizes))) . '<br />';
 			/* Get existing prizes */
-			mysql_query("UPDATE award_prizes SET 
+			$pq = $pdo->prepare("SELECT * FROM award_prizes WHERE award_awards_id='$award_id'");
-					cash='".intval($prize['cash'])."',
+			$pq->execute();
-					scholarship='".intval($prize['scholarship'])."',
+			$existingprizes = array();
-					value='".intval($prize['value'])."',
+			while ($pr = $pq->fetch(PDO::FETCH_ASSOC))
-					prize='".mysql_escape_string($prize['prize_en'])."',
+				$existingprizes[$pr['prize']] = $pr;
-					number='".intval($prize['number'])."',
+
-					`order`='".intval($prize['ord'])."',
+			/* Iterate over the downloaded pizes */
-					external_identifier='".mysql_real_escape_string(stripslashes($prize['identifier']))."',
+			foreach ($prizes AS $prize) {
-					trophystudentkeeper='".intval($prize['trophystudentkeeper'])."',
+				// if it doesn't exist, add it
-					trophystudentreturn='".intval($prize['trophystudentreturn'])."',
+				if (!array_key_exists($prize['prize_en'], $existingprizes)) {
-					trophyschoolkeeper='".intval($prize['trophyschoolkeeper '])."',
+					/*
-					trophyschoolreturn='".intval($prize['trophyschoolreturn'])."'
+					 * Add a base entry, then update it below, yes it's two sql queries,
 					 * but it's much shorter code, and means changing things in only
 					 * one spot
 					 */
 					echo '&nbsp;' . i18n('Adding prize %1', array($prize['prize_en'])) . '<br />';
 					$p = stripslashes($prize['prize_en']);
 					$q = $pdo->prepare("INSERT INTO award_prizes (award_awards_id,prize,year,external_identifier)
 					VALUES ('$award_id','$p','$year','$p')");
 					$q->execute();
 					$prize_id = $pdo->lastInsertId();
 				} else {
 					$ep = $existingprizes[$prize['prize_en']];
 					echo '&nbsp;' . i18n('Updating prize %1', array($ep['prize'])) . '<br />';
 					$prize_id = $ep['id'];
 					// remove it from the list
 					unset($existingprizes[$ep['prize']]);
 				}
 				if (!array_key_exists('identifier', $prize))
 					$prize['identifier'] = $prize['prize_en'];
 				$q = $pdo->prepare("UPDATE award_prizes SET 
 					cash='" . intval($prize['cash']) . "',
 					scholarship='" . intval($prize['scholarship']) . "',
 					value='" . intval($prize['value']) . "',
 					prize='" . $prize['prize_en'] . "',
 					number='" . intval($prize['number']) . "',
 					`order`='" . intval($prize['ord']) . "',
 					external_identifier='" . stripslashes($prize['identifier']) . "',
 					trophystudentkeeper='" . intval($prize['trophystudentkeeper']) . "',
 					trophystudentreturn='" . intval($prize['trophystudentreturn']) . "',
 					trophyschoolkeeper='" . intval($prize['trophyschoolkeeper ']) . "',
 					trophyschoolreturn='" . intval($prize['trophyschoolreturn']) . "'
 				WHERE
 					id='$prize_id'");
-			echo mysql_error();
+				$q->execute();
-			//FIXME: update the translations
+
 				show_pdo_errors_if_any($pdo);
 				// FIXME: update the translations
 			}
 			/* Delete local entries that weren't downloaded */
 			foreach ($existingprizes AS $ep) {
 				echo '&nbsp;' . i18n('Removing prize %1', array($ep['prize'])) . '<br />';
 				award_prize_delete($ep['id']);
 			}
 		}
 		echo '<br />';
 		// remove any awards that are left in the $existingawards array, they must have been removed from the source
 		foreach ($existingawards AS $aid => $val) {
 			echo i18n('Removing award id %1 that was removed from external source', array($aid)) . '<br />';
 			award_delete($aid);
 		}
-		/* Delete local entries that weren't downloaded */
+		echo '</i>';
-		foreach($existingprizes AS $ep) {
+		exit;
 			echo "&nbsp;".i18n("Removing prize %1",array($ep['prize']))."<br />";
 			award_prize_delete($ep['id']);
 		}
 	}
 	echo "<br />";
 	//remove any awards that are left in the $existingawards array, they must have been removed from the source
 	foreach($existingawards AS $aid=>$val) {
 		echo i18n("Removing award id %1 that was removed from external source",array($aid))."<br />";
 		award_delete($aid);
 	}
 	echo "</i>";
 	exit;
 }
-send_header("Download Awards",
+send_header('Download Awards',
- 		array('Committee Main' => 'committee_main.php',
+	array('Committee Main' => 'committee_main.php',
-			'Administration' => 'admin/index.php',
+		'Administration' => 'admin/index.php',
-			'Awards Main' => 'admin/awards.php' ));
+		'Awards Main' => 'admin/awards.php'));
 ?>
 <script type="text/javascript">
@ -249,52 +268,53 @@ send_header("Download Awards",
 function award_download(id)
 {
 	if(id == -1) return false;
-	$("#award_download_status").load("<?=$_SERVER['PHP_SELF']?>?action=check&fairs_id="+id);
+	$("#award_download_status").load("<?= $_SERVER['PHP_SELF'] ?>?action=check&fairs_id="+id);
 }
 </script>
 <?
-
+if (!function_exists('curl_init')) {
-if(!function_exists('curl_init')) {
+	echo error(i18n('CURL Support Missing'));
-	echo error(i18n("CURL Support Missing"));
+	echo notice(i18n('Your PHP installation does not support CURL.  You will need to have CURL support added by your system administrator before being able to access external award sources'));
-	echo notice(i18n("Your PHP installation does not support CURL.  You will need to have CURL support added by your system administrator before being able to access external award sources"));
+	$links = false;
 	$links=false;
 } else {
-	$links=true;
+	$links = true;
 }
 ?>
 <table class="tableview"><thead>
-<tr><th><?=i18n("Source Name")?></th>
+<tr><th><?= i18n('Source Name') ?></th>
-<th><?=i18n("Source Location URL")?></th>
+<th><?= i18n('Source Location URL') ?></th>
-<th><?=i18n("Check")?></th>
+<th><?= i18n('Check') ?></th>
 </tr></thead>
 <?
-$q=mysql_query("SELECT * FROM fairs WHERE enable_awards='yes' ORDER BY name");
+$q = $pdo->prepare("SELECT * FROM fairs WHERE enable_awards='yes' ORDER BY name");
-while($r=mysql_fetch_object($q)) {
+$q->execute();
-	echo "<tr>";
+while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 	echo '<tr>';
 	echo "<td>{$r->name}</td>\n";
 	echo "<td>{$r->url}</td>";
-	echo "<td align=\"center\">";
+	echo '<td align="center">';
-	if($links)
+	if ($links)
-		echo "<a href=\"#\" onclick=\"award_download({$r->id})\">".i18n("check")."</a>";
+		echo "<a href=\"#\" onclick=\"award_download({$r->id})\">" . i18n('check') . '</a>';
 	else
-		echo "n/a";
+		echo 'n/a';
-	echo "</td>";
+	echo '</td>';
-	echo "</tr>";
+	echo '</tr>';
-//	$checkurl.="&check[]={$r->id}";
+	//	$checkurl.="&check[]={$r->id}";
- }
+}
 /*
- if($links)
+ * if($links)
-	 echo "<a href=\"award_download.php?action=check$checkurl\">".i18n("Check all sources")."</a>";
+ * 	echo "<a href=\"award_download.php?action=check$checkurl\">".i18n("Check all sources")."</a>";
-*/
+ */
 ?>
 </table>
 <br />
 <div id="award_download_status"></div>
 <?
- send_footer();
+send_footer();
 ?>
--- a/admin/award_upload.php
+++ b/admin/award_upload.php
--- a/admin/awards.inc.php
+++ b/admin/awards.inc.php
@ -1,49 +1,66 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2010 David Grant <dave@lightbox.org>
+/*
-
+ * This file is part of the 'Science Fair In A Box' project
-   This program is free software; you can redistribute it and/or
+ * SFIAB Website: http://www.sfiab.ca
-   modify it under the terms of the GNU General Public
+ *
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2010 David Grant <dave@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
 function award_delete($award_awards_id)
-{
+{   global $pdo;
-	/* Delete all winners attached to this award */
+    /* Delete all winners attached to this award */
-	$q = mysql_query("SELECT id FROM award_prizes WHERE award_awards_id='$award_awards_id'");
+    
-	while(($p = mysql_fetch_assoc($q))) {
+    $q = $pdo->prepare("SELECT id FROM award_prizes WHERE award_awards_id='$award_awards_id'");
-		mysql_query("DELETE FROM winners WHERE award_prizes_id='{$p['id']}'");
+    $q->execute();
 	}
-	/* FIXME: maybe delte judging teams and judge 
+    while (($p = $q->fetch(PDO::FETCH_ASSOC))) {
-	 * assignments and timeslots?
+       
        $q = $pdo->prepare("DELETE FROM winners WHERE awards_prizes_id='{$p['id']}'");
        $q->execute();
    }
-	/* Delete the award */
+    /* FIXME: maybe delte judging teams and judge
-	mysql_query("DELETE FROM award_prizes WHERE award_awards_id='$award_awards_id'");
+      * assignments and timeslots?
-	mysql_query("DELETE FROM award_awards_projectcategories WHERE award_awards_id='$award_awards_id'");
+
-	mysql_query("DELETE FROM award_awards_projectdivisions WHERE award_awards_id='$award_awards_id'");
+     /* Delete the award */
-	mysql_query("DELETE FROM award_awards WHERE id='$award_awards_id'");
+
    $q = $pdo->prepare("DELETE FROM award_prizes WHERE award_awards_id='$award_awards_id'");
    $q->execute();
    $q = $pdo->prepare("DELETE FROM award_awards_projectcategories WHERE award_awards_id='$award_awards_id'");
    $q->execute();
    $q = $pdo->prepare("DELETE FROM award_awards_projectdivisions WHERE award_awards_id='$award_awards_id'");
    $q->execute();
    $q = $pdo->prepare("DELETE FROM award_awards WHERE id='$award_awards_id'");
    $q->execute();
 }
 function award_prize_delete($award_prizes_id)
-{
+{   global $pdo;
-	mysql_query("DELETE FROM winners WHERE award_prizes_id='$award_prizes_id'");
+    $q = $pdo->prepare("DELETE FROM winners WHERE awards_prizes_id='$award_prizes_id'");
-	mysql_query("DELETE FROM award_prizes WHERE id='$award_prizes_id'");
+    $q->execute();
    $q = $pdo->prepare("DELETE FROM award_prizes WHERE id='$award_prizes_id'");
    $q->execute();
 }
 ?>
--- a/admin/awards.php
+++ b/admin/awards.php
@ -1,49 +1,50 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- send_header("Awards", 
+send_header('Awards',
- 	array('Committee Main' => 'committee_main.php',
+    array('Committee Main' => 'committee_main.php',
-		'Administration' => 'admin/index.php'),
+        'Administration' => 'admin/index.php'),
-        "awards_management" );
+    'awards_management');
- require_once("rerollprizes.php");
+require_once ('rerollprizes.php');
- echo "<br />";
+echo '<br />';
- echo "<a href=\"award_awards.php\">".i18n('Awards Management')."</a><br />";
+echo '<a href="award_awards.php">' . i18n('Awards Management') . '</a><br />';
- echo "<a href=\"donors.php\">".i18n('Sponsors')."</a><br />";
+echo '<a href="donors.php">' . i18n('Sponsors') . '</a><br />';
- echo "<br />";
+echo '<br />';
- echo "<a href=\"award_awards.php?action=edit_prize_template\">".i18n('Edit prize template for the divisional awards')."</a>";
+echo '<a href="award_awards.php?action=edit_prize_template">' . i18n('Edit prize template for the divisional awards') . '</a>';
- echo "<br />";
+echo '<br />';
- echo "<a href=\"award_awardcreatedivisional.php\">".i18n('Create divisional awards for all divisions & categories')."</a><br />";
+echo '<a href="award_awardcreatedivisional.php">' . i18n('Create divisional awards for all divisions & categories') . '</a><br />';
- echo "<br />";
+echo '<br />';
- echo "<a href=\"award_download.php\">".i18n('Download awards from external sources')."</a><br />";
+echo '<a href="award_download.php">' . i18n('Download awards from external sources') . '</a><br />';
- echo "<a href=\"award_upload.php\">".i18n('Upload award winners to external sources')."</a><br />";
+echo '<a href="award_upload.php">' . i18n('Upload award winners to external sources') . '</a><br />';
- send_footer();
+send_footer();
 ?>
--- a/admin/cms.php
+++ b/admin/cms.php
@ -1,199 +1,224 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2008 James Grant <james@lightbox.org>
+/*
-
+ * This file is part of the 'Science Fair In A Box' project
-   This program is free software; you can redistribute it and/or
+ * SFIAB Website: http://www.sfiab.ca
-   modify it under the terms of the GNU General Public
+ *
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2008 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- //make sure storage folder exists
+// make sure storage folder exists
- if(!file_exists("../data/userfiles"))
+if (!file_exists('../data/userfiles'))
- 	mkdir("../data/userfiles");
+	mkdir('../data/userfiles');
 send_header('Website Content Manager',
 	array('Committee Main' => 'committee_main.php',
 		'Administration' => 'admin/index.php'),
 	'website_content_management');
- send_header("Website Content Manager",
+?>
- 		array('Committee Main' => 'committee_main.php',
+<div class="element"></div>
-			'Administration' => 'admin/index.php'),
+    <script type="module">
-            "website_content_management"
+      import { Editor } from 'https://esm.sh/@tiptap/core'
-			);
+      import StarterKit from 'https://esm.sh/@tiptap/starter-kit'
- if($_POST['action']=="save")
+new Editor({
- {
+  element: document.querySelector('.element'),
-	 $err=false;
+  extensions: [
-	foreach($config['languages'] AS $lang=>$langname) {
+    StarterKit.configure({
-		$filename=stripslashes($_POST['filename']);
+      heading: {
-//		$filename=ereg_replace("[^A-Za-z0-9\.\_\/]","_",$_POST['filename']);
+        levels: [1, 2, 3],
      },
    }),
  ],
 })
    </script>
 <?
-		if(substr($filename,-5)!=".html")
+if (get_value_from_array($_POST, 'action') == 'save') {
-			$filename=$filename.".html";
+	$err = false;
 	foreach ($config['languages'] AS $lang => $langname) {
 		$filename = stripslashes(get_value_from_array($_POST, 'filename', ''));
 		//		$filename=ereg_replace("[^A-Za-z0-9\.\_\/]","_",$_POST['filename']);
-		$textname="text_$lang";
+		if (substr($filename, -5) != '.html')
-		$titlename="title_$lang";
+			$filename = $filename . '.html';
 		$showlogoname="showlogo_$lang";
 		//get the dt here to insert with ALL the languages, we cant rely on the INSERT NOW() always inserting multiple records with the same timestamp!
 		$insertdt=date("Y-m-d H:i:s");
 		$text=stripslashes($_POST[$textname]);
-		mysql_query("INSERT INTO cms (filename,dt,lang,text,title,showlogo) VALUES (
+		$textname = "text_$lang";
-			'".mysql_escape_string($filename)."',
+		$titlename = "title_$lang";
 		$showlogoname = "showlogo_$lang";
 		// get the dt here to insert with ALL the languages, we cant rely on the INSERT NOW() always inserting multiple records with the same timestamp!
 		$insertdt = date('Y-m-d H:i:s');
 		$text = stripslashes(get_value_from_array($_POST, $textname, ''));
 		$q = $pdo->prepare("INSERT INTO cms (filename,dt,lang,text,title,showlogo) VALUES (
 			'" . $filename . "',
 			'$insertdt',
 			'$lang',
-			'".mysql_escape_string($text)."',
+			'" . $text . "',
-			'".mysql_escape_string($_POST[$titlename])."',
+			'" . get_value_from_array($_POST, $titlename, '') . "',
-			'".$_POST[$showlogoname]."'
+			'" . get_value_from_array($_POST, $showlogoname, '') . "'
 			)");
-		if(mysql_error()) {
+		$q->execute();
-			echo error(i18n("An error occurred saving %1 in %2",array($filename,$langname)));
+		if ($pdo->errorInfo()) {
-			$err=true;
+			echo error(i18n('An error occurred saving %1 in %2', array($filename, $langname)));
 			$err = true;
 		}
 	}
-	if(!$err)
+	if (!$err)
-		echo happy(i18n("%1 successfully saved",array($_POST['filename'])));
+		echo happy(i18n('%1 successfully saved', array($_POST['filename'])));
- }
+}
- if($_GET['filename'] || $_GET['action']=="create")
+if (get_value_from_array($_GET, 'filename', '') || get_value_from_array($_GET, 'action', 'create')) {
 {
 	echo "<a href=\"cms.php\">&lt;&lt; Back to file list</a><br />\n";
-	echo "<form method=\"post\" action=\"cms.php\">";
+	echo '<form method="post" action="cms.php">';
 	echo "<input type=\"hidden\" name=\"action\" value=\"save\">\n";
-	if($_GET['filename'])
+	if (get_value_from_array($_GET, 'filename', ''))
-		echo "<input type=\"hidden\" name=\"filename\" value=\"".htmlspecialchars($_GET['filename'])."\">\n";
+		echo '<input type="hidden" name="filename" value="' . htmlspecialchars($_GET['filename']) . "\">\n";
 	else
-		echo "Choose filename to create: /web/<input type=\"text\" name=\"filename\" size=\"15\">.html<hr />";
+		echo 'Choose filename to create: /web/<input type="text" name="filename" size="15">.html<hr />';
-	echo "<table width=\"100%\" cellpadding=\"3\">";
+	echo '<table width="100%" cellpadding="3">';
-	echo "<tr><td valign=\"top\">";
+	echo '<tr><td valign="top">';
-	foreach($config['languages'] AS $lang=>$langname) {
+	foreach ($config['languages'] AS $lang => $langname) {
-		echo "<table class=\"tableview\" width=\"100%\">";
+		echo '<table class="tableview" width="100%">';
-		echo "<tr><th colspan=\"2\">";
+		echo '<tr><th colspan="2">';
-		$q=mysql_query("SELECT * FROM cms WHERE filename='".mysql_escape_string($_GET['filename'])."' AND lang='$lang' ORDER BY dt DESC LIMIT 1");
+
-		if($r=mysql_fetch_object($q)) {
+		$q = $pdo->prepare("SELECT * FROM cms WHERE filename='" . get_value_from_array($_GET, 'filename', '') . "' AND lang='$lang' ORDER BY dt DESC LIMIT 1");
-			if($r->dt=="0000-00-00 00:00:00" || !$r->dt) $dt="Never";
+		$q->execute();
-			else $dt=$r->dt;
+		if ($r = $q->fetch(PDO::FETCH_OBJ)) {
-			echo "<b>".htmlspecialchars($_GET['filename'])." - $langname</b> &nbsp;&nbsp; ".i18n("Last updated").": $dt<br />";
+			if ($r->dt == '0000-00-00 00:00:00' || !$r->dt)
-			if($_GET['dt']) {
+				$dt = 'Never';
-				$q2=mysql_query("SELECT * FROM cms WHERE filename='".mysql_escape_string($_GET['filename'])."' AND lang='$lang' AND dt<='".$_GET['dt']."' ORDER BY dt DESC LIMIT 1");
+			else
-				$r2=mysql_fetch_object($q2);
+				$dt = $r->dt;
-				if($r2->dt!=$r->dt)
+			echo '<b>' . htmlspecialchars($_GET['filename']) . " - $langname</b> &nbsp;&nbsp; " . i18n('Last updated') . ": $dt<br />";
-				{
+			if ($_GET['dt']) {
 				$q2 = $pdo->prepare("SELECT * FROM cms WHERE filename='" . $_GET['filename'] . "' AND lang='$lang' AND dt<='" . $_GET['dt'] . "' ORDER BY dt DESC LIMIT 1");
 				$q2->execute();
 				$r2 = $q2->fetch(PDO::FETCH_OBJ);
 				if ($r2->dt != $r->dt) {
 					echo "Displaying historical file.  Date: $r->dt";
-					$r=$r2;
+					$r = $r2;
 				}
 			}
-		}
+		} else {
-		else
+			echo "<b>$langname</b><br />";  // &nbsp;&nbsp; ".i18n("Last updated").": $dt<br />";
 		{
 			echo "<b>$langname</b><br />"; // &nbsp;&nbsp; ".i18n("Last updated").": $dt<br />";
 		}
 		echo "</th></tr>\n";
-		echo "<tr><td width=\"100\">".i18n("Page Title").":</td><td><input type=\"text\" name=\"title_$lang\" style=\"width: 99%;\" value=\"".htmlspecialchars($r->title)."\"></td></tr>\n";
+		echo '<tr><td width="100">' . i18n('Page Title') . ":</td><td><input type=\"text\" name=\"title_$lang\" style=\"width: 99%;\" value=\"" . htmlspecialchars(get_value_property_or_default($r, 'title', '')) . "\"></td></tr>\n";
-		echo "<tr><td width=\"100\">".i18n("Show Logo").":</td><td>";
+		echo '<tr><td width="100">' . i18n('Show Logo') . ':</td><td>';
-		if($r->showlogo) $ch="checked=\"checked\""; else $ch="";
+		if (get_value_property_or_default($r, 'showlogo'))
-		echo "<input $ch type=\"radio\" name=\"showlogo_$lang\" value=\"1\"> ".i18n("Yes");
+			$ch = 'checked="checked"';
-		echo "&nbsp;&nbsp;&nbsp;";
+		else
-		if(!$r->showlogo) $ch="checked=\"checked\""; else $ch="";
+			$ch = '';
-		echo "<input $ch type=\"radio\" name=\"showlogo_$lang\" value=\"0\"> ".i18n("No");
+		echo "<input $ch type=\"radio\" name=\"showlogo_$lang\" value=\"1\"> " . i18n('Yes');
 		echo '&nbsp;&nbsp;&nbsp;';
 		if (!get_value_property_or_default($r, 'showlogo'))
 			$ch = 'checked="checked"';
 		else
 			$ch = '';
 		echo "<input $ch type=\"radio\" name=\"showlogo_$lang\" value=\"0\"> " . i18n('No');
 		echo "</td></tr>\n";
-		echo "<tr><td colspan=\"2\">";
+		echo '<tr><td colspan="2">';
-		require_once("../fckeditor/fckeditor.php");
+		require_once ('../fckeditor/fckeditor.php');
-		$oFCKeditor = new FCKeditor("text_$lang") ;
+		$oFCKeditor = new FCKeditor("text_$lang");
-		$oFCKeditor->BasePath  = "../fckeditor/";
+		$oFCKeditor->BasePath = '../fckeditor/';
-		$oFCKeditor->Value = $r->text;
+		$oFCKeditor->Value = get_value_property_or_default($r, 'text');
-		$oFCKeditor->Width="100%";
+		$oFCKeditor->Width = '100%';
-		$oFCKeditor->Height=400;
+		$oFCKeditor->Height = 400;
-		$oFCKeditor->Create() ;
+		$oFCKeditor->Create();
 		echo "</td></tr></table>\n";
-		echo "<br />";
+		echo '<br />';
 	}
-	echo "</td><td width=\"130\" valign=\"top\">";
+	echo '</td><td width="130" valign="top">';
-	echo "<table class=\"tableview\" width=\"130\">";
+	echo '<table class="tableview" width="130">';
-	if($_GET['historylimit']) $historylimit=intval($_GET['historylimit']);
+	if (get_value_from_array($_GET, 'historylimit', ''))
-	else $historylimit=30;
+		$historylimit = intval(get_value_from_array($_GET, 'historylimit', ''));
 	echo "<tr><th>".i18n("File History")."</th></tr>\n";
 	$q=mysql_query("SELECT DISTINCT(dt) FROM cms WHERE filename='".mysql_escape_string($_GET['filename'])."' ORDER BY dt DESC LIMIT $historylimit");
 	$first=true;
 	if(mysql_num_rows($q)) {
 		while($r=mysql_fetch_object($q)) 
 		{
 			if($r->dt==$_GET['dt']) $style="font-weight: bold;"; 
 			else $style="font-weight: normal;";
 			if($first && !$_GET['dt']) $style="font-weight: bold;";
 			echo "<tr><td><a href=\"cms.php?filename=".rawurlencode($_GET['filename'])."&amp;dt=".rawurlencode($r->dt)."\" style=\"font-size: 0.75em; $style\">$r->dt</a></td></tr>\n";
 			$first=false;
 		}
 	}
 	else
 		$historylimit = 30;
 	echo '<tr><th>' . i18n('File History') . "</th></tr>\n";
 	$q = $pdo->prepare("SELECT DISTINCT(dt) FROM cms WHERE filename='" . get_value_from_array($_GET, 'filename', '') . "' ORDER BY dt DESC LIMIT $historylimit");
 	$q->execute();
 	$first = true;
 	if ($q->rowCount()) {
 		while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 			if ($r->dt == $_GET['dt'])
 				$style = 'font-weight: bold;';
 			else
 				$style = 'font-weight: normal;';
 			if ($first && !$_GET['dt'])
 				$style = 'font-weight: bold;';
 			echo '<tr><td><a href="cms.php?filename=' . rawurlencode($_GET['filename']) . '&amp;dt=' . rawurlencode($r->dt) . "\" style=\"font-size: 0.75em; $style\">$r->dt</a></td></tr>\n";
 			$first = false;
 		}
 	} else
 		echo "<tr><td><i>No History</i></td></tr>\n";
 	echo "</table>\n";
 	echo "</td></tr>\n";
-	echo "<tr><td colspan=\"2\">";
+	echo '<tr><td colspan="2">';
-	echo "<table><tr><td>";
+	echo '<table><tr><td>';
-	echo "<input type=\"submit\" value=\"".i18n("Save Page")."\" />\n";
+	echo '<input type="submit" value="' . i18n('Save Page') . "\" />\n";
-	echo "</form>";
+	echo '</form>';
-	echo "</td><td>";
+	echo '</td><td>';
-	echo "<form method=\"get\" action=\"cms.php\">";
+	echo '<form method="get" action="cms.php">';
-	echo "<input type=\"submit\" value=\"".i18n("Cancel Changes")."\" />\n";
+	echo '<input type="submit" value="' . i18n('Cancel Changes') . "\" />\n";
 	echo "</form>\n";
 	echo "</td></tr></table>\n";
 	echo "</td></tr></table>\n";
 } else {
 	echo i18n('Choose a web page filename to edit');
 	echo '&nbsp;';
 	echo '<a href="cms.php?action=create">' . i18n('or click here to create a new file') . "</a><br />\n";
- }
+	echo '<table class="summarytable">';
- else
+	$q = $pdo->prepare('SELECT DISTINCT(filename) AS filename FROM cms ORDER BY filename');
 {
 	 echo i18n("Choose a web page filename to edit");
 	 echo "&nbsp;";
 	 echo "<a href=\"cms.php?action=create\">".i18n("or click here to create a new file")."</a><br />\n";
-	 echo "<table class=\"summarytable\">";
+	echo '<tr><th>' . i18n('Filename') . '</th><th>' . i18n('Last Update') . '</th></tr>';
 	while ($r = $q->fetch(PDO::FETCH_ASSOC)) {
 		echo '<tr><td><a href="cms.php?filename=' . rawurlencode($r->filename) . "\">/web/$r->filename</a></td>";
 		$q2 = $pdo->prepare("SELECT dt FROM cms WHERE filename='" . $r->filename . "' ORDER BY dt DESC LIMIT 1");
-	 $q=mysql_query("SELECT DISTINCT(filename) AS filename FROM cms ORDER BY filename");
+		$r2 = $q2->fetch(PDO::FETCH_OBJ);
-	 echo "<tr><th>".i18n("Filename")."</th><th>".i18n("Last Update")."</th></tr>";
+		if ($r2->dt == '0000-00-00 00:00:00')
-	 while($r=mysql_fetch_object($q))
+			$dt = 'Never';
-	 {
+		else
-		echo "<tr><td><a href=\"cms.php?filename=".rawurlencode($r->filename)."\">/web/$r->filename</a></td>";
+			$dt = $r2->dt;
 		$q2=mysql_query("SELECT dt FROM cms WHERE filename='".mysql_escape_string($r->filename)."' ORDER BY dt DESC LIMIT 1");
 		$r2=mysql_fetch_object($q2);
 		if($r2->dt=="0000-00-00 00:00:00") $dt="Never";
 		else $dt=$r2->dt;
 		echo "<td>$dt</td>";
-		echo "</tr>";
+		echo '</tr>';
 	}
 	echo '</table>';
 }
-
+send_footer();
 	 }
 	 echo "</table>";
 }
 send_footer();
 ?>
--- a/admin/committee_committees.php
+++ b/admin/committee_committees.php
@ -1,56 +0,0 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
   Copyright (C) 2005 James Grant <james@lightbox.org>
   This program is free software; you can redistribute it and/or
   modify it under the terms of the GNU General Public
   License as published by the Free Software Foundation, version 2.
   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    General Public License for more details.
   You should have received a copy of the GNU General Public License
   along with this program; see the file COPYING.  If not, write to
   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
   Boston, MA 02111-1307, USA.
 */
 ?>
 <?
 require_once("../common.inc.php");
 require_once("../user.inc.php");
 require_once("../committee.inc.php");
 user_auth_required('admin');
 require("../tableeditor.class.php");
 /* Now, start the output for this page */
 send_header("Committee Management",
 		array('Committee Main' => 'committee_main.php',
 			'Administration' => 'admin/index.php' ),
            "committee_management");
 	echo "<a href=\"committees.php\">Manage Committee Members</a><br />";
 $_SESSION['last_page'] = 'committee_management';
 //make sure storage folder exists
 $editor=new TableEditor("committees",
 			array("name"=>"Committee Name",
 			)
 			);
 $editor->setPrimaryKey("id");
 $editor->setDefaultSortField("name");
 $editor->setRecordType("Committee");
 $editor->execute();
 send_footer();
 ?>
--- a/admin/committees.php
+++ b/admin/committees.php
@ -1,55 +1,60 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require_once("../common.inc.php");
+require_once ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- require_once("../committee.inc.php");
+require_once ('../committee.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
-if($_POST['accounts_id'])
+if (get_value_from_array($_POST, 'users_uid'))
-	$accounts_id = intval($_POST['accounts_id']);
+	$uid = intval($_POST['users_uid']);
 /* Now, start the output for this page */
 send_header('Committee Management',
 	array('Committee Main' => 'committee_main.php',
 		'Administration' => 'admin/index.php'),
 	'committee_management');
- /* Now, start the output for this page */
+$_SESSION['last_page'] = 'committee_management';
 send_header("Committee Member Management",
 		array('Committee Main' => 'committee_main.php',
 			'Administration' => 'admin/index.php' ),
            "committee_management");
 $_SESSION['last_page'] = 'committee_management';
 ?>
 <script type="text/javascript">
 <!--
 function openeditor(id)
 {
 	window.open("user_editor_window.php?id="+id,"UserEditor","location=no,menubar=no,directories=no,toolbar=no,width=770,height=500,scrollbars=yes"); 
 	return false;
 }
 function neweditor()
 {
 	var username = document.forms.addmember.add_member.value;
-	window.open("../user_editor_window.php?type=committee&username="+username,"UserEditor","location=no,menubar=no,directories=no,toolbar=no,width=770,height=500,scrollbars=yes"); 
+	window.open("user_editor_window.php?type=committee&username="+username,"UserEditor","location=no,menubar=no,directories=no,toolbar=no,width=770,height=500,scrollbars=yes"); 
 	document.forms.addmember.add_member.value = "";
 	return false;
 }
@ -89,13 +94,13 @@ function actionChanged()
 }
 function actionSubmit()
-{
+{	
 	if(document.forms.memberaction.action.selectedIndex==0)
 	{
 		alert('You must choose an action');
 		return false;
 	}
-	if(document.forms.memberaction.accounts_id.selectedIndex==0)
+	if(document.forms.memberaction.users_uid.selectedIndex==0)
 	{
 		alert('You must choose a member');
 		return false;
@ -103,7 +108,7 @@ function actionSubmit()
 	if(document.forms.memberaction.action.selectedIndex == 2) {
 		// Edit
-		var id = document.forms.memberaction.accounts_id.options[document.forms.memberaction.accounts_id.selectedIndex];
+		var id = document.forms.memberaction.users_uid.options[document.forms.memberaction.users_uid.selectedIndex];
 		openeditor(id.value);
 //		alert("id="+id.value);
 		return false;
@ -118,189 +123,246 @@ function actionSubmit()
 //-->
 </script>
 <?
 global $uid;
 if (get_value_from_array($_POST, 'addcommittee')) {
 	// add a new committee
 	// re-order the committees
 	$q = $pdo->prepare("INSERT INTO committees (name) VALUES ('" . $_POST['addcommittee'] . "')");
 	$q->execute();
 	echo happy(i18n('Committee successfully added'));
 }
-if($_POST['committees_id']) {
+if (get_value_from_array($_POST, 'committees_id') && get_value_from_array($_POST, 'committees_ord')) {
-	//re-order the committees
+	// re-order the committees
-	$x=0;
+	$x = 0;
-	$ids=$_POST['committees_id'];
+	$ids = $_POST['committees_id'];
 	$ords = $_POST['committees_ord'];
-	$titles=$_POST['title'];
+	$titles = $_POST['title'];
 	$pords = $_POST['order'];
-	while($ids[$x]) {
+	while (get_value_from_array($ids, $x)) {
 		$cid = intval($ids[$x]);
 		$q = $pdo->prepare("UPDATE committees SET ord='" . intval($ords[$x]) . "' WHERE id='$cid'");
 		$q->execute();
 		$x++;
 		$ctitle = $titles[$cid];
 		$cord = $pords[$cid];
-		/* If the committee has no members, don't bother trying to do
+		/*
-		 * anything */
+		 * If the committee has no members, don't bother trying to do
-		if(!is_array($ctitle)) continue;
+		 * anything
-//		print_r($ctitle);
+		 */
 		if (!is_array($ctitle))
 			continue;
 		//		print_r($ctitle);
-		foreach($ctitle as $accounts_id=>$title) {
+		foreach ($ctitle as $uid => $title) {
-			$o = intval($cord[$accounts_id]);
+			$o = intval($cord[$uid]);
-			$t = mysql_escape_string(stripslashes($title));
+			$t = stripslashes($title);
-			$u = intval($accounts_id);
+			$u = intval($uid);
-			$q = "UPDATE committees_link SET title='$t', ord='$o'
+
-				WHERE committees_id='$cid' AND accounts_id='$u'";
+			$q = $pdo->prepare("UPDATE committees_link SET title='$t', ord='$o'
-//				echo $q;
+				WHERE committees_id='$cid' AND users_uid='$u'");
-			mysql_query($q);
+			$q->execute();
 		}
 	}
-	echo happy(i18n("Committees successfully saved"));
+	echo happy(i18n('Committees successfully saved'));
 }
-if($_POST['action']=="assign")
+if (get_value_from_array($_POST, 'action') == 'assign') {
-{
+	if (get_value_from_array($_POST, 'committees_id') && get_value_from_array($_POST, 'users_uid')) {
 	if($_POST['committees_id'] && $_POST['accounts_id']) {
 		$cid = intval($_POST['committees_id']);
-		$q=mysql_query("SELECT * FROM committees_link WHERE committees_id='$cid' AND accounts_id='$accounts_id'");
+		$q = $pdo->prepare("SELECT * FROM committees_link WHERE committees_id='$cid' AND users_uid='$uid'");
 		$q->execute();
-		if(!mysql_num_rows($q)) {
+		if (!$q->rowCount()) {
-			mysql_query("INSERT INTO committees_link (committees_id,accounts_id) VALUES ('$cid','$accounts_id')");
+			$q = $pdo->prepare("INSERT INTO committees_link (committees_id,users_uid) VALUES ('$cid','$uid')");
-			echo happy(i18n("Successfully added member to committee"));
+			$q->execute();
-		}
+			echo happy(i18n('Successfully added member to committee'));
-		else
+		} else
-			echo error(i18n("That member already exists in that committee"));
+			echo error(i18n('That member already exists in that committee'));
-	}
+	} else
-	else
+		echo error(('You must choose both a member and a committee'));
 		echo error(("You must choose both a member and a committee"));
 }
-if($_POST['action']=="remove") {
+if (get_value_from_array($_GET, 'deletecommittee')) {
 	$del = intval($_GET['deletecommittee']);
 	$q = $pdo->prepare("DELETE FROM committees WHERE id='$del'");
 	$q->execute();
 	echo happy(i18n('Committee removed'));
 }
 if (get_value_from_array($_POST, 'action') == 'remove') {
 	/* user_delete takes care of unlinking the user in other tables */
-	user_delete($accounts_id, 'committee');
+	user_delete($uid, 'committee');
-	echo happy(i18n("Committee member deleted"));
+	echo happy(i18n('Committee member deleted'));
 }
-if($_GET['unlinkmember'] && $_GET['unlinkcommittee']) {
+if (get_value_from_array($_GET, 'unlinkmember') && get_value_from_array($_GET, 'unlinkcommittee')) {
 	$mem = intval($_GET['unlinkmember']);
 	$com = intval($_GET['unlinkcommittee']);
-	//unlink the member from the committee
+	// unlink the member from the committee
-	mysql_query("DELETE FROM committees_link WHERE accounts_id='$mem' AND committees_id='$com'");
+
-	echo happy(i18n("Committee member unlinked from committee"));
+	$q = $pdo->prepare("DELETE FROM committees_link WHERE users_uid='$mem' AND committees_id='$com'");
 	$q->execute();
 	echo happy(i18n('Committee member unlinked from committee'));
 }
-	echo '<a href="../user_invite.php?type=committee">Create a new member</a><br/>';
+echo '<table>';
-	echo "<a href=\"committee_committees.php\">Manage Committees</a><br />";
+echo '<tr><td>';
 	echo "<form name=\"memberaction\" method=\"post\" action=\"committees.php\" onsubmit=\"return actionSubmit()\">\n";
 	echo "<table>";
 	echo "<tr><td>";
 	echo "<select name=\"action\" onchange=\"javascript:actionChanged()\">";
 	echo "<option value=\"\">".i18n("Choose")."</option>\n";
 	echo "<option value=\"assign\">".i18n("Assign")."</option>\n";
 	echo "<option value=\"edit\">".i18n("Edit")."</option>\n";
 	echo "<option value=\"remove\">".i18n("Remove")."</option>\n";
 	echo "</select>";
-	echo "</td><td>";
+echo '<h4>' . i18n('Add Committee') . "</h4>\n";
-	$query = "
+echo "<form method=\"post\" action=\"committees.php\">\n";
-		SELECT accounts_id, firstname, lastname, email, deleted FROM users WHERE accounts_id IN(
+echo "<table>\n";
-		SELECT accounts_id FROM user_roles JOIN roles ON user_roles.roles_id = roles.id WHERE roles.type = 'committee'
+echo '<tr><td>' . i18n('Committee Name') . ': </td><td><input type="text" size="15" name="addcommittee" /></td>';
-		)
+echo '    <td><input type="submit" value="' . i18n('Add') . "\" /></td></tr>\n";
-		AND conferences_id = " . $conference['id'];
+echo "</table>\n";
-	$q = mysql_query($query);
+echo "</form>\n";
 	echo "<select name=\"accounts_id\">";
 	echo "<option value=\"\">".i18n("Select a Member")."</option>\n";
 	while($r=mysql_fetch_object($q))
 	{
 		if($r->deleted == 'yes') continue;
 		$displayname = $r->firstname.' '.$r->lastname;
 		echo "<option value=\"$r->accounts_id\">$displayname ($r->email)</option>\n";
 	}
 	echo "</select>";
 echo '</td><td width="40">&nbsp;</td><td>';
-	echo "</td><td>";
+echo '<h4>' . i18n('Add Committee Member') . "</h4>\n";
 echo "<form method=\"post\" name=\"addmember\" action=\"committees.php\" onsubmit=\"return neweditor();\">\n";
 echo "<table>\n";
 echo '<tr><td>' . i18n('Member Email') . ': </td><td>';
 echo "<input type=\"text\" size=\"15\" name=\"add_member\" />\n";
 echo "</td>\n";
 echo ' <td><input type="submit" onclick="return neweditor();" value="' . i18n('Add') . "\" /></td></tr>\n";
 echo "</table>\n";
 echo '<a href="committees.php">' . i18n('Reload committee list (needed after adding a new member)') . "</a>\n";
 echo "</form>\n";
 echo '</td></tr>';
 echo '</table>';
-	//The Assign Div
+echo '<hr />';
-	echo "<div id=\"assigndiv\">";
+echo '<h4>' . i18n('Committee Member Management') . "</h4>\n";
-	echo i18n("To Committee").": ";
+echo "<form name=\"memberaction\" method=\"post\" action=\"committees.php\" onsubmit=\"return actionSubmit()\">\n";
-	$q=mysql_query("SELECT * FROM committees ORDER BY ord,name");
+echo '<table>';
-	echo "<select name=\"committees_id\">";
+echo '<tr><td>';
-	echo "<option value=\"\">".i18n("Select a Committee")."</option>\n";
+echo '<select name="action" onchange="javascript:actionChanged()">';
-	while($r=mysql_fetch_object($q))
+echo '<option value="">' . i18n('Choose') . "</option>\n";
-	{
+echo '<option value="assign">' . i18n('Assign') . "</option>\n";
-		echo "<option value=\"$r->id\">$r->name</option>\n";
+echo '<option value="edit">' . i18n('Edit') . "</option>\n";
-	}
+echo '<option value="remove">' . i18n('Remove') . "</option>\n";
-	echo "</select>";
+echo '</select>';
 	echo "</div>";
 echo '</td><td>';
 $q = $pdo->prepare("SELECT uid,MAX(year),firstname,lastname,email,deleted FROM users WHERE types LIKE '%committee%' GROUP BY uid ORDER BY firstname");
 $q->execute();
-	//The Edit or Remove Div
+echo '<select name="users_uid">';
 echo '<option value="">' . i18n('Select a Member') . "</option>\n";
 while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 	if ($r->deleted != 'no')
 		continue;
 	$displayname = $r->firstname . ' ' . $r->lastname;
 	echo "<option value=\"$r->uid\">$displayname ($r->email)</option>\n";
 }
 echo '</select>';
-	echo "</td><td><input type=\"submit\" value=\"".i18n("Go")."\" /></td></tr>";
+echo '</td><td>';
-	echo "</table>";
+// The Assign Div
-	echo "</form>";
+echo '<div id="assigndiv">';
 echo i18n('To Committee') . ': ';
 $q = $pdo->prepare('SELECT * FROM committees ORDER BY ord,name');
 $q->execute();
 echo '<select name="committees_id">';
 echo '<option value="">' . i18n('Select a Committee') . "</option>\n";
 while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 	echo "<option value=\"$r->id\">$r->name</option>\n";
 }
 echo '</select>';
 echo '</div>';
-	echo "<script language=\"javascript\" type=\"text/javascript\">actionChanged()</script>";
+// The Edit or Remove Div
 	echo "<hr />";
 echo '</td><td><input type="submit" value="' . i18n('Go') . '" /></td></tr>';
-	$q=mysql_query("SELECT * FROM committees ORDER BY ord,name");
+echo '</table>';
-	if(mysql_num_rows($q))
+echo '</form>';
 	{
 		echo "<form method=\"post\" action=\"committees.php\">\n";
 		echo "<table>";
 		echo "<tr><td colspan=\"2\"></td><th colspan=\"2\">".i18n('Title within committee / Sort order')."</th>";
 		echo "</tr>";
 		while($r=mysql_fetch_object($q)) {
 			echo "<tr>";
 			echo "<td colspan=\"4\">";
 			echo "<input type=\"hidden\" name=\"committees_id[]\" value=\"$r->id\" />";
 //			echo "<input size=\"1\" type=\"text\" name=\"committees_ord[]\" value=\"$r->ord\" />";
 			echo "<b>".i18n($r->name)."</b>";
 echo '<script language="javascript" type="text/javascript">actionChanged()</script>';
 echo '<hr />';
-			$q2=mysql_query("SELECT 
+$q = $pdo->prepare('SELECT * FROM committees ORDER BY ord,name');
 $q->execute();
 if ($q->rowCount()) {
 	echo '<h4>' . i18n('Committees') . '</h4>';
 	echo "<form method=\"post\" action=\"committees.php\">\n";
 	echo '<table>';
 	echo '<tr><td colspan="2"></td><td><b>' . i18n('Title') . '</b></td>';
 	echo '<td><b>' . i18n('Order') . '</b></td>';
 	echo '<td><b>' . i18n('Public Email / Private Email') . '</b></td></tr>';
 	while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 		echo '<tr>';
 		echo '<td colspan="3">';
 		echo "<input type=\"hidden\" name=\"committees_id[]\" value=\"$r->id\" />";
 		echo "<input size=\"1\" type=\"text\" name=\"committees_ord[]\" value=\"$r->ord\" />";
 		echo '&nbsp; <b>' . i18n($r->name) . '</b>';
 		$q2 = $pdo->prepare("SELECT 
 								committees_link.title,
 								committees_link.ord,
-								committees_link.accounts_id
+								users.uid,
 								MAX(users.year) AS my,
 								users.lastname
 								FROM committees_link 
 								JOIN users ON users.uid = committees_link.users_uid 
 								WHERE committees_id='{$r->id}' 
-								ORDER BY ord");
+								GROUP BY users.uid 
 								ORDER BY ord,
 								users.lastname ");
 		$q2->execute();
-			echo "</td></tr>\n";
+		if ($q2->rowCount() == 0) {
-			echo mysql_error();
+			echo '&nbsp; &nbsp;';
-			while($r2=mysql_fetch_object($q2)) {
+			echo "<a title=\"Remove Committee\" onclick=\"return confirmClick('Are you sure you want to remove this committee?');\" href=\"committees.php?deletecommittee=$r->id\"><img src=\"" . $config['SFIABDIRECTORY'] . '/images/16/button_cancel.' . $config['icon_extension'] . '" border="0" alt="Remove Committee" /></a>';
-				$u = user_load_by_accounts_id($r2->accounts_id);
+		}
-				//if rollover is proper, this shouldnt be necessary, but, the simcoe rollover didnt do this, so lets do it here as a safety
+		echo "</td></tr>\n";
 				if(!$u) {
 					$roleq=mysql_query("SELECT * FROM roles WHERE type='committee'");
 					$roler=mysql_fetch_object($roleq);
 					//hmm thats okay,w e must have missed something in the rollover... sicne its tied to the accounts_id, we just need to add a record
 					account_add_role($r2->accounts_id,$roler->id,$conference['id']);
-					//and now we should be able to load them
+		while ($r2 = $q2->fetch(PDO::FETCH_OBJ)) {
-					$u = user_load_by_accounts_id($r2->accounts_id);
+			if ($u = user_load_by_uid($r2->uid)) {
 				echo '<tr><td align="right">&nbsp;&nbsp;&nbsp;&nbsp;';
 				echo "<a title=\"Edit Member\" href=\"#\" onclick=\"openeditor({$u['id']})\"><img src=\"{$config['SFIABDIRECTORY']}/images/16/edit.{$config['icon_extension']}\" border=\"0\" alt=\"Edit\" /></a>";
 				echo '&nbsp;';
 				echo "<a title=\"Unlink Member from Committee\" onclick=\"return confirmClick('Are you sure you want to unlink this member from this committee?');\" href=\"committees.php?unlinkmember={$u['uid']}&amp;unlinkcommittee={$r->id}\"><img src=\"{$config['SFIABDIRECTORY']}/images/16/undo.{$config['icon_extension']}\" border=\"0\" alt=\"Unlink\" /></a>";
 				echo '</td>';
 				echo '<td valign="top">';
 				echo "<b>{$u['name']}</b>";
 				echo '</td><td>';
 				echo "<input type=\"text\" value=\"{$r2->title}\" name=\"title[{$r->id}][{$u['uid']}]\" size=\"15\">";
 				echo '</td><td>';
 				echo "<input type=\"text\" value=\"{$r2->ord}\" name=\"order[{$r->id}][{$u['uid']}]\" size=\"2\">";
 				echo '</td><td>';
 				if (get_value_from_array($u, 'email')) {
 					list($b, $a) = explode('@', $u['email']);
 					echo "<script language=\"javascript\" type=\"text/javascript\">em('$b','$a')</script>";
 				}
 				if (get_value_from_array($u, 'emailprivate')) {
 					if ($u['email'])
 						echo ' <b>/</b> ';
 					list($b, $a) = explode('@', $u['emailprivate']);
 					echo "<script language=\"javascript\" type=\"text/javascript\">em('$b','$a')</script>";
 				}
 				echo "<tr><td align=\"right\">&nbsp;&nbsp;&nbsp;&nbsp;";
 				echo "<a title=\"Edit Member\" href=\"#\" onclick=\"openeditor({$u['id']})\"><img src=\"{$config['SFIABDIRECTORY']}/images/16/edit.{$config['icon_extension']}\" border=\"0\" alt=\"Edit\" /></a>";
 				echo "&nbsp;";
 				echo "<a title=\"Unlink Member from Committee\" onclick=\"return confirmClick('Are you sure you want to unlink this member from this committee?');\" href=\"committees.php?unlinkmember={$u['accounts_id']}&amp;unlinkcommittee={$r->id}\"><img src=\"{$config['SFIABDIRECTORY']}/images/16/undo.{$config['icon_extension']}\" border=\"0\" alt=\"Unlink\" /></a>";
 				echo "</td>";
 				echo "<td valign=\"top\">";
 				echo "<b>{$u['firstname']} {$u['lastname']}</b>";
 				echo "</td><td>";
 				echo "<input type=\"text\" value=\"{$r2->title}\" name=\"title[{$r->id}][{$u['accounts_id']}]\" size=\"25\">";
 				echo "</td><td>";
 				echo "<input type=\"text\" value=\"{$r2->ord}\" name=\"order[{$r->id}][{$u['accounts_id']}]\" size=\"2\">";
 				echo "</td></tr>\n";
 			}
 			echo "<tr><td colspan=\"4\">&nbsp;</td></tr>\n";
 		}
-		echo "<tr><td colspan=\"2\"><input type=\"submit\" value=\"".i18n("Save Committee Orders and Titles")."\" /></td></tr>\n";
+		echo "<tr><td colspan=\"2\">&nbsp;</td></tr>\n";
 		echo "</table>";
 		echo "</form>\n";
 	}
 	echo '<tr><td colspan="2"><input type="submit" value="' . i18n('Save Committee Orders and Titles') . "\" /></td></tr>\n";
 	echo '</table>';
 	echo "</form>\n";
 }
 send_footer();
 ?>
--- a/admin/communication.inc.php
+++ b/admin/communication.inc.php
@ -1,244 +1,178 @@
 <?
-	$mailqueries=array(
+// This file was modified Jan of 2014 by Richard Sin
-		"myself"=>array("name"=>"Yourself (for testing)","query"=>"SELECT users.id FROM users WHERE users.id='{$_SESSION['users_id']}'"),
+// A glitch that grabs old emails has been resolved.
-		"committee_all"=>array("name"=>"Committee members (all)","query"=>
+$mailqueries = array(
-			"SELECT users.id FROM users
+	'committee_all' => array('name' => 'Committee members (all)', 'query' =>
-			JOIN accounts ON users.accounts_id=accounts.id
+		"SELECT u.firstname, u.lastname, u.organization, u.email, u.deleted, q.year FROM users AS u INNER JOIN (SELECT uid, max(year) AS year FROM users GROUP BY uid) AS q ON u.uid = q.uid AND u.year = q.year WHERE u.types LIKE '%committee%' AND u.deleted='no' GROUP BY `u`.`id` ASC"),
-			JOIN user_roles ON user_roles.users_id = users.id
+	/* The WHERE clause evaluates which rows to add to the GROUP
-			JOIN roles ON roles.id = user_roles.roles_id
+	BY, the HAVING clase evaluates which grouped rows show up.  We
-			WHERE roles.type = 'committee' AND accounts.deleted = 'no' "),
+	want to to evaluate 'deleted' AFTER the grouping, so we catch
-
+	the case where the MAX(year) has deleted='yes'.  If we use WHERE
-		/* The WHERE clause evaluates which rows to add to the GROUP
+	deleted='no', we'll only add non-deleted rows to the group, and
-		BY, the HAVING clase evaluates which grouped rows show up.  We
+	end up picking up a user active in, say 2007 and 2008, but
-		want to to evaluate 'deleted' AFTER the grouping, so we catch
+	deleted in 2009. */
-		the case where the MAX(conferences_id) has deleted='yes'.  If we use WHERE
+	'judges_all' => array('name' => 'Judges from all years (except deleted judges)', 'query' =>
-		deleted='no', we'll only add non-deleted rows to the group, and
+		"SELECT u.firstname, u.lastname, u.email, u.deleted, q.year FROM users AS u INNER JOIN (SELECT uid, max(year) AS year FROM users GROUP BY uid ) AS q ON u.uid = q.uid AND u.year = q.year WHERE u.types LIKE '%judge%' AND u.deleted='no' ORDER BY `u`.`email` ASC"),
-		end up picking up a user active in, say 2007 and 2008, but
+	'judges_active_lastyear' => array('name' => 'Judges (all) active from last year', 'query' =>
-		deleted in 2009. */
+		"SELECT firstname, lastname, email FROM users LEFT JOIN users_judge ON users_judge.users_id=users.id WHERE types LIKE '%judge%' AND year='" . ($config['FAIRYEAR'] - 1) . "' AND deleted='no' AND users_judge.judge_active='yes' ORDER BY email"),
-		"judges_all"=>array("name"=>"Judges from all conferences (except deleted judges)","query"=>
+	'judges_active_thisyear' => array('name' => 'Judges (all) active for this year', 'query' =>
-			"SELECT firstname, lastname, email, deleted, MAX(conferences_id) FROM users 
+		"SELECT firstname, lastname, email FROM users LEFT JOIN users_judge ON users_judge.users_id=users.id WHERE types LIKE '%judge%' AND year='{$config['FAIRYEAR']}' AND deleted='no' AND users_judge.judge_active='yes' ORDER BY email"),
-			JOIN user_roles ON user_roles.users_id = users.id
+	'judges_div_active_thisyear' => array('name' => 'Judges (regular judges only) active for this year', 'query' =>
-			JOIN roles ON roles.id = user_roles.roles_id
+		"SELECT firstname, lastname, email FROM users LEFT JOIN users_judge ON users_judge.users_id=users.id WHERE types LIKE '%judge%' AND year='{$config['FAIRYEAR']}' AND deleted='no' AND users_judge.judge_active='yes' AND (users_judge.special_award_only='no' OR users_judge.special_award_only='' OR users_judge.special_award_only IS NULL) ORDER BY email"),
-			WHERE roles.type ='judge' GROUP BY users.accounts_id HAVING deleted='no' ORDER BY email"),
+	'judges_spec_active_thisyear' => array('name' => 'Judges (special award judges only) active for this year', 'query' =>
-
+		"SELECT firstname, lastname, email FROM users LEFT JOIN users_judge ON users_judge.users_id=users.id WHERE types LIKE '%judge%' AND year='{$config['FAIRYEAR']}' AND deleted='no' AND users_judge.judge_active='yes' AND users_judge.special_award_only='yes' ORDER BY email"),
-		"judges_active_thisconference"=>array("name"=>"Judges active for this conference", "query"=>
+	'judges_inactive' => array('name' => 'Judges (all) not active for this year', 'query' =>
-			"SELECT users.id FROM users
+		"SELECT firstname, lastname, email, judge_active, deleted, MAX(year) 
-			LEFT JOIN user_roles ON user_roles.users_id = users.id
+				FROM users LEFT JOIN users_judge ON users_judge.users_id=users.id 
-			JOIN roles ON roles.id = user_roles.roles_id
+				WHERE types LIKE '%judge%'
-			WHERE roles.type='judge' AND conferences_id={$conference['id']} AND deleted='no' AND user_roles.active='yes' ORDER BY email"),
+				GROUP BY uid HAVING  deleted='no' AND ((max(year)='{$config['FAIRYEAR']}' AND judge_active='no') OR max(year)<'{$config['FAIRYEAR']}')
-
+				ORDER BY email"),
-		"judges_inactive_thisconference"=>array("name"=>"Judges in the conference that are not active", "query"=>
+	'judges_active_complete_thisyear' => array('name' => 'Judges (all) active for this year and complete', 'query' =>
-			"SELECT users.id FROM users
+		"SELECT firstname, lastname, email FROM users LEFT JOIN users_judge ON users_judge.users_id=users.id WHERE types LIKE '%judge%' AND year='{$config['FAIRYEAR']}' AND users_judge.judge_complete='yes' AND deleted='no' AND users_judge.judge_active='yes' ORDER BY email"),
-			LEFT JOIN user_roles ON user_roles.users_id = users.id
+	'judges_active_incomplete_thisyear' => array('name' => 'Judges (all) active for this year but not complete', 'query' =>
-			JOIN roles ON roles.id = user_roles.roles_id
+		"SELECT firstname, lastname, email FROM users LEFT JOIN users_judge ON users_judge.users_id=users.id WHERE types LIKE '%judge%' AND year='{$config['FAIRYEAR']}' AND (users_judge.judge_complete!='yes' OR users_judge.judge_complete IS NULL) AND deleted='no' AND users_judge.judge_active='yes' ORDER BY email"),
-			WHERE roles.type='judge' AND conferences_id={$conference['id']} AND deleted='no' AND user_roles.active='no' ORDER BY email"),
+	'participants_complete_thisyear' => array('name' => 'Participants complete this year', 'query' =>
-
+		"SELECT firstname, lastname, students.email FROM students,registrations WHERE students.registrations_id=registrations.id AND registrations.year='" . $config['FAIRYEAR'] . "' AND ( registrations.status='complete' OR registrations.status='paymentpending') ORDER BY students.email"),
-		"judges_inactive_allconferences"=>array("name"=>"Judges inactive for any conference", "query"=>
+	'participants_complete_paymentpending_thisyear' => array('name' => 'Participants complete this year but payment pending', 'query' =>
-			"SELECT users.id FROM users
+		"SELECT firstname, lastname, students.email FROM students,registrations WHERE students.registrations_id=registrations.id AND registrations.year='" . $config['FAIRYEAR'] . "' AND registrations.status!='complete' AND registrations.status='paymentpending' ORDER BY students.email"),
-			LEFT JOIN user_roles ON user_roles.users_id = users.id
+	'participants_notcomplete_thisyear' => array('name' => 'Participants not complete this year', 'query' =>
-			JOIN roles ON roles.id = user_roles.roles_id
+		"SELECT firstname, lastname, students.email FROM students,registrations WHERE students.registrations_id=registrations.id AND registrations.year='" . $config['FAIRYEAR'] . "' AND registrations.status!='complete' AND registrations.status!='new' ORDER BY students.email"),
-			WHERE roles.type='judge' AND deleted='no' AND user_roles.active='no' ORDER BY email"),
+	'participants_complete_lastyear' => array('name' => 'Participants complete last year', 'query' =>
-
+		"SELECT firstname, lastname, students.email FROM students,registrations WHERE students.registrations_id=registrations.id AND registrations.year='" . ($config['FAIRYEAR'] - 1) . "' AND ( registrations.status='complete' OR registrations.status='paymentpending') ORDER BY students.email"),
-		"judges_active_complete_thisconference"=>array("name"=>"Judges active for this conference and complete", "query"=>
+	'participants_complete_allyears' => array('name' => 'Participants complete all years', 'query' =>
-			"SELECT users.id FROM users
+		"SELECT DISTINCT firstname, lastname, students.email FROM students,registrations WHERE students.registrations_id=registrations.id AND ( registrations.status='complete' OR registrations.status='paymentpending') ORDER BY students.email"),
-			LEFT JOIN user_roles ON user_roles.users_id = users.id
+	'participants_cwsf_thisyear' => array('name' => 'CWSF Winners for this year', 'query' => "
-			JOIN roles ON roles.id = user_roles.id
+		SELECT DISTINCT students.firstname, students.lastname, students.email 
 			WHERE roles.type = 'judge' AND conferences_id = {$conference['id']}
 			AND user_roles.complete='yes'
 			AND deleted='no'
 			AND user_roles.active='yes'
 			ORDER BY email"),
 		"judges_active_incomplete_thisconference"=>array("name"=>"Judges active for this conference but not complete", "query"=>
 			"SELECT users.id FROM users
 			LEFT JOIN user_roles ON user_roles.users_id = users.id
 			JOIN roles ON roles.id = user_roles.id
 			WHERE roles.type = 'judge' AND conferences_id = {$conference['id']}
 			AND user_roles.complete='no'
 			AND deleted='no'
 			AND user_roles.active='yes'
 			ORDER BY email"),
 		"participants_all_thisconference"=>array("name"=>"Participants (all) for this conference","query"=>
 			"SELECT users.id
 			 FROM users
 			 JOIN user_roles ON user_roles.users_id=users.id
 			 JOIN roles ON user_roles.roles_id=roles.id
 			 WHERE users.conferences_id='{$conference['id']}'
 			 AND roles.type='participant'"),
 		"participants_complete_thisconference"=>array("name"=>"Participants complete/paymentpending for this conference","query"=>
 			"SELECT users.id FROM users
 			JOIN registrations ON users.registrations_id=registrations.id
 			JOIN user_roles ON user_roles.users_id = users.id
 			JOIN roles ON roles.id = user_roles.roles_id
 			WHERE roles.type = 'participant'
 			AND registrations.conferences_id='".$conference['id']."' 
 			AND ( registrations.status='complete' OR registrations.status='paymentpending')"),
 		"participants_complete_paymentpending_thisconference"=>array("name"=>"Participants payment pending for this conference","query"=>
 			"SELECT users.id FROM users
 			JOIN registrations ON users.registrations_id=registrations.id
 			JOIN user_roles ON user_roles.users_id = users.id
 			JOIN roles ON roles.id = user_roles.roles_id
 			WHERE roles.type = 'participant'
 			AND registrations.conferences_id='".$conference['id']."' 
 			AND registrations.status='paymentpending'"),
 		"participants_notcomplete_thisconference"=>array("name"=>"Participants not complete for this conference","query"=>
 			"SELECT users.id
 			 FROM users
 			 JOIN user_roles ON user_roles.users_id=users.id
 			 JOIN roles ON user_roles.roles_id=roles.id
 			 LEFT JOIN registrations ON users.registrations_id=registrations.id
 			 WHERE users.conferences_id='{$conference['id']}'
 			 AND roles.type='participant'
 			 AND (registrations.status IS NULL OR registrations.status='open' OR registrations.status='new')"),
 /*  // FIXME - not sure if this has a sensible equivalent when dealing with "conferences" rather than fair years
 		"participants_complete_lastyear"=>array("name"=>"Participants complete last year","query"=>
 			"SELECT firstname, lastname, students.email FROM students,registrations WHERE students.registrations_id=registrations.id AND registrations.year='".($config['FAIRYEAR']-1)."' AND ( registrations.status='complete' OR registrations.status='paymentpending') ORDER BY students.email"),
 		"participants_complete_allconferences"=>array("name"=>"Participants complete for all conferences","query"=>
 			"SELECT users.id, users.firstname, users.lastname, accounts.email FROM users 
 			JOIN accounts on users.accounts_id=accounts.id
 			JOIN registrations ON users.registrations_id=registrations.id
 			JOIN user_roles ON user_roles.users_id = users.id
 			JOIN roles ON roles.id = user_roles.roles_id
 			WHERE roles.type = 'participant'
 			AND (registrations.status='complete' OR registrations.status='paymentpending') ORDER BY accounts.email"),
 */
 		"participants_cwsf_thisconference"=>array("name"=>"CWSF Winners for this conference","query"=>"
 		SELECT users.id
 			FROM award_awards
 			JOIN award_prizes ON award_prizes.award_awards_id=award_awards.id
 			JOIN winners ON winners.awards_prizes_id=award_prizes.id
 			JOIN projects ON winners.projects_id=projects.id
 			JOIN registrations ON projects.registrations_id=registrations.id
-			JOIN users ON users.registrations_id=registrations.id
+			JOIN students ON students.registrations_id=registrations.id
-			WHERE award_awards.cwsfaward='1' 
+			WHERE award_awards.cwsfaward='1' AND winners.year='" . $config['FAIRYEAR'] . "'
-			AND winners.conferences_id='".$conference['id']."' "),
+			ORDER BY students.email"),
-
+	'participants_cwsf_lastyear' => array('name' => 'CWSF Winners from last year', 'query' => "
-		"sponsors"=>array("name"=>"Organization sponsors","query"=>
+		SELECT DISTINCT students.firstname, students.lastname, students.email 
-			"SELECT id, organization, email FROM sponsors WHERE email!='' ORDER BY email"),
+			FROM award_awards
-
+			JOIN award_prizes ON award_prizes.award_awards_id=award_awards.id
-		"sponsors_primarycontacts"=>array("name"=>"Organization sponsors (primary contacts)","query"=>
+			JOIN winners ON winners.awards_prizes_id=award_prizes.id
-			"SELECT users.id, conferences_id, organization, firstname, lastname, email, `primary` 
+			JOIN projects ON winners.projects_id=projects.id
-                FROM users
+			JOIN registrations ON projects.registrations_id=registrations.id
-		JOIN user_roles on users.id = user_roles.id
+			JOIN students ON students.registrations_id=registrations.id
-		JOIN roles ON user_roles.roles_id = roles.id
+			WHERE award_awards.cwsfaward='1' AND winners.year='" . ($config['FAIRYEAR'] - 1) . "'
 			ORDER BY students.email"),
 	'participants_cwsf_allyears' => array('name' => 'CWSF Winners from all years', 'query' => "
 		SELECT DISTINCT students.firstname, students.lastname, students.email 
 			FROM award_awards
 			JOIN award_prizes ON award_prizes.award_awards_id=award_awards.id
 			JOIN winners ON winners.awards_prizes_id=award_prizes.id
 			JOIN projects ON winners.projects_id=projects.id
 			JOIN registrations ON projects.registrations_id=registrations.id
 			JOIN students ON students.registrations_id=registrations.id
 			WHERE award_awards.cwsfaward='1'
 			ORDER BY students.email"),
 	'sponsors' => array('name' => 'Organization sponsors', 'query' =>
 		"SELECT id, organization, email FROM sponsors WHERE email!='' ORDER BY email"),
 	'sponsors_primarycontacts' => array('name' => 'Organization sponsors (primary contacts)', 'query' =>
 		"SELECT uid, MAX(users.year) AS year, sponsors.organization, users.firstname, users.lastname, users.email, deleted, users_sponsor.primary 
                FROM sponsors, 
                        users_sponsor, 
                        users 
                WHERE 
-                    roles.type = 'sponsor'
+                    users.id=users_sponsor.users_id
-                    AND email != ''
+                    AND users_sponsor.sponsors_id=sponsors.id
-                    AND deleted='no'
+                    AND users.types LIKE '%sponsor%'
-		    AND `primary`='yes'
+                    AND users.email!=''
-                ORDER BY email
+                GROUP BY uid 
                HAVING deleted='no' AND users_sponsor.primary='yes'
                ORDER BY users.email
                "),
-		"sponsors_allcontacts"=>array("name"=>"Organization sponsors (all contacts)","query"=>
+	'sponsors_allcontacts' => array('name' => 'Organization sponsors (all contacts)', 'query' =>
-		"SELECT DISTINCT(users.email), sponsors.organization, users.firstname, users.lastname, users.email
+		"SELECT DISTINCT(users.email), sponsors.organization, users.firstname, users.lastname, users.email 
-		FROM sponsors
+                FROM sponsors, 
-		JOIN users_sponsor ON users_sponsor.sponsors_id = sponsors.id
+                        users_sponsor, 
-		JOIN users ON users.id = users_sponsor.users_id
+                        users 
-		JOIN user_roles ON user_roles.users_id = users.id
+                WHERE 
-		JOIN roles ON roles.id = user_roles.roles_id
+                    users.id=users_sponsor.users_id
-		WHERE
+                    AND users_sponsor.sponsors_id=sponsors.id
-		roles.type = 'sponsor'
+                    AND users.types LIKE '%sponsor%'
-		AND users.deleted='no'
+                    AND users.deleted='no'
-		AND users.email!=''
+                    AND users.email!=''
-		ORDER BY users.email"),
+                ORDER BY users.email
-
+                "),
-/*
+	'sponsors_specialawards' => array('name' => 'Organization sponsors for Special Awards', 'query' =>
-		"special_award_sponsors_unconfirmed"=>array("name"=>"Special award sponsors (unconfirmed only)","query"=>
+		"SELECT DISTINCT sponsors.id, organization, email 
-			"SELECT DISTINCT(award_sponsors.id), organization, firstname, lastname, award_contacts.email FROM award_sponsors, award_awards, award_contacts WHERE award_awards.sponsors_id=award_sponsors.id AND award_contacts.award_sponsors_id=award_sponsors.id AND award_sponsors.confirmed='no' AND award_awards.award_types_id='2' AND award_contacts.year='".$config['FAIRYEAR']."'"),
+			FROM sponsors 
-
+			JOIN award_awards ON sponsors.id=award_awards.sponsors_id
-		"special_award_sponsors_all"=>array("name"=>"Special award sponsors (all)","query"=>
+			WHERE 
-			"SELECT DISTINCT(award_sponsors.id), organization, firstname, lastname, award_contacts.email FROM award_sponsors, award_awards, award_contacts WHERE award_awards.sponsors_id=award_sponsors.id AND award_contacts.award_sponsors_id=award_sponsors.id AND award_awards.award_types_id='2' AND award_contacts.year='".$config['FAIRYEAR']."'"),
+				email!='' 
-
+				AND award_awards.award_types_id=2
 */
 		"school_principals"=>array("name"=>"School principals this conference","query"=>
 			"SELECT principal_uid AS id FROM schools
 			WHERE schools.conferences_id='".$conference['id']."'
 			AND principal_uid>0
 			 "),
 		"school_scienceheads"=>array("name"=>"School science heads this conference","query"=>
 			"SELECT sciencehead_uid AS id FROM schools
 			WHERE schools.conferences_id='".$conference['id']."'
 			AND sciencehead_uid>0
 			"),
 		"teachers_with_school"=>array("name"=>"Teachers with a school in this conference","query"=>
 			"SELECT users.id
 			FROM users
 			JOIN schools ON users.schools_id=schools.id
 			JOIN user_roles ON users.id=user_roles.users_id
 			JOIN roles ON user_roles.roles_id=roles.id
 			WHERE schools.conferences_id='".$conference['id']."'
 			AND roles.type='teacher'
 			"),
 		"teachers_without_school"=>array("name"=>"Teachers without a school in this conference","query"=>
 			"SELECT users.id
 			FROM users
 			JOIN user_roles ON users.id=user_roles.users_id
 			JOIN roles ON user_roles.roles_id=roles.id
 			WHERE roles.type='teacher'
 			AND users.conferences_id='".$conference['id']."'
 			AND (users.schools_id='' OR users.schools_id=0)
 			"),
 /*
 		"school_teachers_thisconference"=>array("name"=>"Teachers (as entered by students) for this conference","query"=>
 			"SELECT DISTINCT(teacheremail) AS email, teachername AS firstname FROM students WHERE conferences_id='".$conference['id']."' AND teacheremail!=''"),
 			*/
 /* // FIXME again, not sure that this has a sensible equivalent with conferences
 		"school_teachers_lastyear"=>array("name"=>"Teachers (as entered by students) last year","query"=>
 			"SELECT DISTINCT(teacheremail) AS email, teachername AS firstname FROM students WHERE year='".($config['FAIRYEAR']-1)."' AND teacheremail!=''"),
 */
 /*
 		"school_teachers_allconferences"=>array("name"=>"Teachers (as entered by students) all conferences","query"=>
 			"SELECT DISTINCT(teacheremail) AS email, teachername AS firstname FROM students WHERE teacheremail!=''"),
 			*/
 /* Volunteers */
 		"volunteers_active_complete_thisconference"=>array("name"=>"Volunteers active for this conference and complete", "query"=>
 			"SELECT users.id, firstname, lastname, email
 			FROM users LEFT JOIN user_roles ON user_roles.users_id = users.id JOIN roles ON roles.id = user_roles.roles_id
 			WHERE users.conferences_id = '".$conference['id']."'
 			AND roles.type='volunteer'
 			AND user_roles.complete='yes'
 			AND user_roles.active='yes'
 			AND users.deleted='no'
 			ORDER BY email"),
 	'sponsors_primarycontacts_specialawards' => array('name' => 'Organization sponsors for Special Awards (primary contacts)', 'query' =>
 		"SELECT DISTINCT uid, MAX(users.year) AS year, sponsors.organization, users.firstname, users.lastname, users.email, deleted, users_sponsor.primary 
                FROM sponsors, 
                        users_sponsor, 
                        users,
 						award_awards 
                WHERE 
                    users.id=users_sponsor.users_id
                    AND users_sponsor.sponsors_id=sponsors.id
                    AND users.types LIKE '%sponsor%'
                    AND users.email!=''
 					AND sponsors.id=award_awards.sponsors_id
 					AND award_awards.award_types_id=2
                GROUP BY uid 
                HAVING deleted='no' AND users_sponsor.primary='yes'
                ORDER BY users.email
                "),
 	'sponsors_allcontacts_specialawards' => array('name' => 'Organization sponsors for Special Awards (all contacts)', 'query' =>
 		"SELECT DISTINCT(users.email), sponsors.organization, users.firstname, users.lastname, users.email 
                FROM sponsors, 
                        users_sponsor, 
                        users,
 						award_awards 
                WHERE 
                    users.id=users_sponsor.users_id
                    AND users_sponsor.sponsors_id=sponsors.id
                    AND users.types LIKE '%sponsor%'
                    AND users.deleted='no'
                    AND users.email!=''
 					AND sponsors.id=award_awards.sponsors_id
 					AND award_awards.award_types_id=2
                ORDER BY users.email
                "),
-		"volunteers_active_incomplete_thisconference"=>array("name"=>"Volunteers active for this conference but not complete", "query"=>
+	/*
-			"SELECT users.id, firstname, lastname, email
+	 * "special_award_sponsors_unconfirmed"=>array("name"=>"Special award sponsors (unconfirmed only)","query"=>
-			FROM users LEFT JOIN user_roles ON user_roles.users_id = users.id JOIN roles ON roles.id = user_roles.roles_id
+	 * 	"SELECT DISTINCT(award_sponsors.id), organization, firstname, lastname, award_contacts.email FROM award_sponsors, award_awards, award_contacts WHERE award_awards.sponsors_id=award_sponsors.id AND award_contacts.award_sponsors_id=award_sponsors.id AND award_sponsors.confirmed='no' AND award_awards.award_types_id='2' AND award_contacts.year='".$config['FAIRYEAR']."'"),
-			WHERE users.conferences_id = '".$conference['id']."'
+	 *
-			AND roles.type='volunteer'
+	 * "special_award_sponsors_all"=>array("name"=>"Special award sponsors (all)","query"=>
-			AND user_roles.complete='no'
+	 * 	"SELECT DISTINCT(award_sponsors.id), organization, firstname, lastname, award_contacts.email FROM award_sponsors, award_awards, award_contacts WHERE award_awards.sponsors_id=award_sponsors.id AND award_contacts.award_sponsors_id=award_sponsors.id AND award_awards.award_types_id='2' AND award_contacts.year='".$config['FAIRYEAR']."'"),
-			AND user_roles.active='yes'
+	 */
-			AND users.deleted='no'
+	'school_principals' => array('name' => 'School principals', 'query' =>
-			ORDER BY email"),
+		"SELECT schools.principal_uid AS uid, schools.school, users.firstname AS firstname, users.lastname AS lastname, users.email AS email FROM schools 
-
+			JOIN users ON schools.principal_uid=users.uid AND users.id=(SELECT id FROM users WHERE users.uid=schools.principal_uid ORDER BY `year` DESC LIMIT 1)
-		"accounts_email_unconfirmed" => array("name" => "Users active in any active conference with unconfirmed e-mail addresses", "query" =>
+				WHERE schools.year='" . $config['FAIRYEAR'] . "' AND users.email!=''"),
-			"SELECT users.id
+	'school_scienceheads' => array('name' => 'School science heads', 'query' =>
-			FROM users
+		"SELECT schools.sciencehead_uid AS uid, schools.school, users.firstname AS firstname, users.lastname AS lastname, users.email AS email FROM schools 
-			JOIN accounts ON users.accounts_id = accounts.id
+			JOIN users ON schools.sciencehead_uid=users.uid AND users.id=(SELECT id FROM users WHERE users.uid=schools.sciencehead_uid ORDER BY `year` DESC LIMIT 1)
-			JOIN conferences ON users.conferences_id = conferences.id
+				WHERE schools.year='" . $config['FAIRYEAR'] . "' AND users.email!=''"),
-			WHERE conferences.status = 'running'
+	'school_with_project_thisyear' => array('name' => 'Schools with projects this year', 'query' =>
-			AND accounts.pendingemail IS NOT NULL
+		'SELECT  DISTINCT(sc.schoolemail) AS email, sc.school AS firstname FROM students AS st LEFT JOIN schools AS sc ON sc.id = st.schools_id WHERE st.year = ' . $config['FAIRYEAR'] . ' AND LENGTH( sc.schoolemail ) !=0 ORDER BY email
-			AND accounts.pendingemail != ''
+'),
-			"),
+	'school_thisyear' => array('name' => 'Schools this year', 'query' =>
-
+		"SELECT school AS firstname, schoolemail AS email FROM `schools` WHERE `year` ='" . $config['FAIRYEAR'] . "' GROUP BY schoolemail"),
-		"accounts_email_unconfirmed_thisconference" => array("name" => "Users active for this conference with unconfirmed e-mail addresses", "query" =>
+	'school_teachers_thisyear' => array('name' => 'Teachers (as entered by students) this year', 'query' =>
-			"SELECT users.id
+		"SELECT teachername AS firstname, teacheremail AS email FROM students WHERE year = '" . $config['FAIRYEAR'] . "' GROUP BY teacheremail"),
-			FROM users JOIN accounts ON users.accounts_id = accounts.id
+	'school_teachers_lastyear' => array('name' => 'Teachers (as entered by students) last year', 'query' =>
-			WHERE users.conferences_id = {$conference['id']}
+		"SELECT teachername AS firstname, teacheremail AS email FROM students WHERE year = '" . ($config['FAIRYEAR'] - 1) . "' GROUP BY teacheremail"),
-			AND accounts.pendingemail IS NOT NULL
+	'school_teachers_allyears' => array('name' => 'Teachers (as entered by students) all years', 'query' =>
-			AND accounts.pendingemail != ''
+		'SELECT teachername AS firstname, teacheremail AS email FROM students GROUP BY teacheremail'),
-			"),
+	/* Volunteers */
-		);
+	'volunteers_active_complete_thisyear' => array('name' => 'Volunteers active for this year and complete', 'query' =>
 		"SELECT id, firstname, lastname, email FROM users LEFT JOIN users_volunteer ON users_volunteer.users_id=users.id WHERE users.year='{$config['FAIRYEAR']}' AND users_volunteer.volunteer_complete='yes' AND users_volunteer.volunteer_active='yes' AND users.deleted='no' AND types LIKE '%volunteer%' ORDER BY email"),
 	'volunteers_active_incomplete_thisyear' => array('name' => 'Volunteers active for this year but not complete', 'query' =>
 		"SELECT id, firstname, lastname, email FROM users LEFT JOIN users_volunteer ON users_volunteer.users_id=users.id WHERE users.year='{$config['FAIRYEAR']}' AND users_volunteer.volunteer_complete='no' AND users_volunteer.volunteer_active='yes' AND users.deleted='no' AND users.types LIKE '%volunteer%' ORDER BY email"),
 );
 ?>
--- a/admin/communication.php
+++ b/admin/communication.php
--- a/admin/communication_send_status.php
+++ b/admin/communication_send_status.php
@ -1,110 +1,111 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- if($_GET['action']=="status") {
+if (get_value_from_array($_GET, 'action') == 'status') {
-	 $q=mysql_query("SELECT * FROM emailqueue WHERE finished IS NULL");
+	$q = $pdo->prepare('SELECT * FROM emailqueue WHERE finished IS NULL');
 	$q->execute();
-	 if($config['emailqueue_lock'] || mysql_num_rows($q)) {
+	if ($config['emailqueue_lock'] || $q->rowCount()) {
-		echo "<h4>".i18n("Active Send Queues")."</h4>\n";
+		echo '<h4>' . i18n('Active Send Queues') . "</h4>\n";
 		$q=mysql_query("SELECT *,UNIX_TIMESTAMP(started) AS ts FROM emailqueue WHERE finished IS NULL ORDER BY started DESC");
-	 	if(!$config['emailqueue_lock']) {
+		$q = $pdo->prepare('SELECT *,UNIX_TIMESTAMP(started) AS ts FROM emailqueue WHERE finished IS NULL ORDER BY started DESC');
-			echo error(i18n("It looks like there's emails waiting to send, but the sending process isnt running.").
+		$q->execute();
-			"<br />".
+		if (!$config['emailqueue_lock']) {
-			"<a href=\"communication.php?action=restartqueue\">".i18n("Click here to manually restart the process")."</a>");
+			echo error(i18n("It looks like there's emails waiting to send, but the sending process isnt running.")
 				. '<br />'
 				. '<a href="communication.php?action=restartqueue">' . i18n('Click here to manually restart the process') . '</a>');
 		}
-
+		echo '<table class="tableview">';
-		echo "<table class=\"tableview\">";
+		echo '<thead><tr>';
-		echo "<thead><tr>";
+		echo ' <th>' . i18n('Name') . "</th>\n";
-		echo " <th>".i18n("Name")."</th>\n";
+		echo ' <th>' . i18n('Subject') . "</th>\n";
-		echo " <th>".i18n("Subject")."</th>\n";
+		echo ' <th>' . i18n('Started') . "</th>\n";
-		echo " <th>".i18n("Started")."</th>\n";
+		echo ' <th>' . i18n('Progress') . "</th>\n";
-		echo " <th>".i18n("Progress")."</th>\n";
+		echo ' <th>' . i18n('Duration') . "</th>\n";
-		echo " <th>".i18n("Duration")."</th>\n";
+		echo ' <th>' . i18n('ETA') . "</th>\n";
-		echo " <th>".i18n("ETA")."</th>\n";
+		echo ' <th>' . i18n('Cancel') . "</th>\n";
 		echo " <th>".i18n("Cancel")."</th>\n";
 		echo "</tr></thead>\n";
-		while($r=mysql_fetch_object($q)) {
+		while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-			echo "<tr>";
+			echo '<tr>';
 			echo " <td>$r->name</td>\n";
 			echo " <td>$r->subject</td>\n";
 			echo " <td>$r->started</td>\n";
-			$remaining=$r->numtotal-$r->numsent;
+			$remaining = $r->numtotal - $r->numsent;
-			$now=time();
+			$now = time();
-			$duration=$now-$r->ts;
+			$duration = $now - $r->ts;
-			$num=$r->numsent+$r->numfailed;
+			$num = $r->numsent + $r->numfailed;
 			echo " <td align=\"center\">$num  / $r->numtotal</td>\n";
-			echo "<td>";
+			echo '<td>';
 			echo format_duration($duration);
-			echo "</td>";
+			echo '</td>';
-			echo "<td>";
+			echo '<td>';
-			if($r->numsent || $r->numfailed) {
+			if ($r->numsent || $r->numfailed) {
-				$emailspersecond=($r->numsent+$r->numfailed)/$duration;
+				$emailspersecond = ($r->numsent + $r->numfailed) / $duration;
-				$remainingduration=$remaining/$emailspersecond;
+				$remainingduration = $remaining / $emailspersecond;
 				echo format_duration($remainingduration);
 			} else {
 				echo 'Unknown';
 			}
-			else {
+			echo '</td>';
-				echo "Unknown";
+			echo "<td><a href=\"#\" onclick=\"return cancelQueue($r->id)\">" . i18n('cancel') . '</td>';
 			}
 			echo "</td>";
 			echo "<td><a href=\"#\" onclick=\"return cancelQueue($r->id)\">".i18n("cancel")."</td>";
 			echo "</tr>\n";
 		}
-		echo "</table>";
+		echo '</table>';
 		echo "<br /><br />\n";
-	 }
+	} else {
-	 else {
+		echo notice('No Email Communications are currently being sent out');
 		echo notice("No Email Communications are currently being sent out");
 		?>
 		<script type="text/javascript">
 			stopRefreshing();
 		</script>
 		<?
-	 }
+	}
-	$q=mysql_query("SELECT * FROM emailqueue WHERE finished IS NOT NULL ORDER BY started DESC LIMIT 10");
+	$q = $pdo->prepare('SELECT * FROM emailqueue WHERE finished IS NOT NULL ORDER BY started DESC LIMIT 10');
-	echo "<h4>".i18n("Completed Send Queues")."</h4>\n";
+	$q->execute();
 	echo '<h4>' . i18n('Completed Send Queues') . "</h4>\n";
 	echo "<table class=\"tableview\">\n";
-	echo "<thead><tr>";
+	echo '<thead><tr>';
-	echo " <th>".i18n("Name")."</th>\n";
+	echo ' <th>' . i18n('Name') . "</th>\n";
-	echo " <th>".i18n("Subject")."</th>\n";
+	echo ' <th>' . i18n('Subject') . "</th>\n";
-	echo " <th>".i18n("Started")."</th>\n";
+	echo ' <th>' . i18n('Started') . "</th>\n";
-	echo " <th>".i18n("Finished")."</th>\n";
+	echo ' <th>' . i18n('Finished') . "</th>\n";
-	echo " <th>".i18n("Total Emails")."</th>\n";
+	echo ' <th>' . i18n('Total Emails') . "</th>\n";
-	echo " <th>".i18n("Success")."</th>\n";
+	echo ' <th>' . i18n('Success') . "</th>\n";
-	echo " <th>".i18n("Failed")."</th>\n";
+	echo ' <th>' . i18n('Failed') . "</th>\n";
-	//FIXME: comment bounced until we implement it
+	// FIXME: comment bounced until we implement it
-//	echo " <th>".i18n("Bounced")."</th>\n";
+	//	echo " <th>".i18n("Bounced")."</th>\n";
 	echo "</tr></thead>\n";
-	while($r=mysql_fetch_object($q)) {
+	while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-		echo "<tr>";
+		echo '<tr>';
 		echo " <td>$r->name</td>\n";
 		echo " <td>$r->subject</td>\n";
 		echo " <td>$r->started</td>\n";
@ -112,19 +113,18 @@
 		echo " <td align=\"center\">$r->numtotal</td>\n";
 		echo " <td align=\"center\">$r->numsent</td>\n";
 		echo " <td align=\"center\">$r->numfailed</td>\n";
-		//echo " <td align=\"center\">$r->numbounced</td>\n";
+		// echo " <td align=\"center\">$r->numbounced</td>\n";
 		echo "</tr>\n";
 	}
 	echo "</table>\n";
-	 exit;
+	exit;
- }
+}
- send_header("Communication Sending Status",
+send_header('Communication Sending Status',
- 		array('Committee Main' => 'committee_main.php',
+	array('Committee Main' => 'committee_main.php',
-			'Administration' => 'admin/index.php',
+		'Administration' => 'admin/index.php',
-			'Communication' => 'admin/communication.php')
+		'Communication' => 'admin/communication.php'));
-			);
+?>
 ?>
 <script type="text/javascript">
 	$(document).ready( function() {
 		refreshStatus();
@ -132,9 +132,9 @@
 var refreshTimeout;
 function refreshStatus() {
 	 $("#queuestatus").load("communication_send_status.php?action=status",null,function() {
-		 <? if($config['emailqueue_lock']) { ?> 
+		 <? if ($config['emailqueue_lock']) { ?> 
 		 	refreshTimeout=setTimeout('refreshStatus()',1000); 
-		<?  } ?>
+		<? } ?>
 	 });
 }
@ -151,10 +151,10 @@
 </script>
 <?
- echo "<br />";
+echo '<br />';
- echo "<div id=\"queuestatus\" style=\"margin-left: 20px;\">";
+echo '<div id="queuestatus" style="margin-left: 20px;">';
- echo "</div>";
+echo '</div>';
- echo "<br />";
+echo '<br />';
 send_footer();
 ?>
--- a/admin/curl.inc.php
+++ b/admin/curl.inc.php
@ -1,151 +1,149 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2007 James Grant <james@lightbox.org>
+/*
-   Copyright (C) 2009 David Grant <dave@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2007 James Grant <james@lightbox.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2009 David Grant <dave@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require_once('../common.inc.php');
+require_once ('../common.inc.php');
- require_once('../user.inc.php');
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- require_once('xml.inc.php');
+require_once ('xml.inc.php');
- function xml_dearray(&$array)
+function xml_dearray(&$array)
- {
+{
-//	echo "<pre>";print_r($array);echo "</pre>";
+	//	echo "<pre>";print_r($array);echo "</pre>";
- 	$keys = array_keys($array);
+	$keys = array_keys($array);
-	foreach($keys as $k) {
+	foreach ($keys as $k) {
-		if(!is_array($array[$k])) {
+		if (!is_array($array[$k])) {
 			echo "Not array at key $k";
 			exit;
 		}
 		/* Special cases, leave these as arrays of entries */
-		if($k == 'award' || $k == 'prize') {
+		if ($k == 'award' || $k == 'prize') {
-			foreach($array[$k] as &$a) {
+			foreach ($array[$k] as &$a) {
 				xml_dearray($a);
 			}
 			continue;
 		}
-		if(count($array[$k]) != 1) {
+		if (count($array[$k]) != 1) {
-			echo "Unexpected multielement array, stop.";
+			echo 'Unexpected multielement array, stop.';
 			exit;
 		};
 		$array[$k] = $array[$k][0];
-		if(is_array($array[$k])) {
+		if (is_array($array[$k])) {
 			xml_dearray($array[$k]);
 		}
 	}
- }
+}
-
+function curl_query($fair, $data, $ysc_url = '')
- function curl_query($fair, $data, $ysc_url='')
+{
- {
+	global $output;
- 	global $output;
+	switch ($fair['type']) {
- 	switch($fair['type']) {
+		case 'sfiab':
-	case 'sfiab':
+			$url = $fair['url'] . '/remote.php';
-		$url = $fair['url'].'/remote.php';
+			$var = 'json';
-		$var = 'json';
+			$d = array();
-		$d = array();
+			$d['auth'] = array('username' => $fair['username'],
 		$d['auth'] = array('username' => $fair['username'],
 				'password' => $fair['password']);
-		$str = json_encode(array_merge($d, $data));
+			$str = json_encode(array_merge($d, $data));
-		break;
+			break;
-	case 'ysc':
+		case 'ysc':
-		if($ysc_url == '')
+			if ($ysc_url == '')
-			$url = $fair['url'];
+				$url = $fair['url'];
-		else 
+			else
-			$url = $ysc_url;
+				$url = $ysc_url;
-		$var = 'xml';
+			$var = 'xml';
-		$output="";
+			$output = '';
-		xmlCreateRecurse($data);
+			xmlCreateRecurse($data);
-		$str = $output;
+			$str = $output;
-		break;
+			break;
-	default:
+		default:
-		echo "Unknown fair type {$fair['type']}";
+			echo "Unknown fair type {$fair['type']}";
-		break;
+			break;
 	}
-//	debug_("Curl Send: (type:{$fair['type']}=>$url ysc_url=>$ysc_url)  $str");
+	//	debug_("Curl Send: (type:{$fair['type']}=>$url ysc_url=>$ysc_url)  $str");
-	$ch = curl_init(); /// initialize a cURL session
+	$ch = curl_init();  // / initialize a cURL session
-	curl_setopt ($ch, CURLOPT_URL, $url);
+	curl_setopt($ch, CURLOPT_URL, $url);
-	curl_setopt ($ch, CURLOPT_HEADER, 0); /// Header control
+	curl_setopt($ch, CURLOPT_HEADER, 0);  // / Header control
-	curl_setopt ($ch, CURLOPT_POST, 1);  /// tell it to make a POST, not a GET
+	curl_setopt($ch, CURLOPT_POST, 1);  // / tell it to make a POST, not a GET
-	curl_setopt ($ch, CURLOPT_POSTFIELDS, "$var=".urlencode($str));  /// put the query string here starting with "?"
+	curl_setopt($ch, CURLOPT_POSTFIELDS, "$var=" . urlencode($str));  // / put the query string here starting with "?"
-	curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); /// This allows the output to be set into a variable $datastream
+	curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);  // / This allows the output to be set into a variable $datastream
-	curl_setopt ($ch, CURLOPT_POSTFIELDSIZE, 0);
+	//	curl_setopt ($ch, CURLOPT_POSTFIELDSIZE, 0);
-	curl_setopt ($ch, CURLOPT_TIMEOUT, 360);
+	curl_setopt($ch, CURLOPT_TIMEOUT, 360);
-	curl_setopt ($ch, CURLOPT_SSLVERSION, 3);
+	curl_setopt($ch, CURLOPT_SSLVERSION, 3);
-	curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, false);
+	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
-	$datastream = curl_exec ($ch); /// execute the curl session and return the output to a variable $datastream
+	$datastream = curl_exec($ch);  // / execute the curl session and return the output to a variable $datastream
-	curl_close ($ch); /// close the curl session
+	curl_close($ch);  // / close the curl session
-//	debug_("Server Returned: ".urldecode($datastream));
+	//	debug_("Server Returned: ".urldecode($datastream));
- 	switch($fair['type']) {
+	switch ($fair['type']) {
-	case 'sfiab':
+		case 'sfiab':
-		$ret=json_decode(urldecode($datastream), true);
+			$ret = json_decode(urldecode($datastream), true);
 		break;
 	case 'ysc':
 		$datastream = str_replace(" standalone=\"yes\"","",$datastream);
 		/* Return is XML, make a return array */
 		$response=xml_parsexml($datastream);
 		if(!is_array($response)) {
 			$ret['message']=$datastream;
 			$ret['error']=0;
 			return $ret;
 		}
 		/* De-array everything */
 		xml_dearray($response);
 		$key = array_keys($response);
 //		echo "<pre>";print_r($response);echo "</pre>";
 		switch($key[0]) {
 		case 'awardresponse':
 			/* Full response */
 			$ret = $response['awardresponse'];
 			/* Undo variable to array */
 			$ret['awards'] = $ret['awards']['award'];
 			foreach($ret['awards'] as &$a)
 				$a['prizes'] = $a['prizes']['prize'];
 			$ret['error'] = 0;
 			$ret['message'] = '';
 			break;
 		case 'awardwinnersresponse':
 			/* Parse return */
 			$ret['error'] = ($response['awardwinnersresponse']['status'] == 'failed') ? 1 : 0;
 			$ret['message'] = $response['awardwinnersresponse']['statusmessage'];
 			break;
 		case 'ysc':
 			$datastream = str_replace(' standalone="yes"', '', $datastream);
 			/* Return is XML, make a return array */
 			$response = xml_parsexml($datastream);
-		}
+			if (!is_array($response)) {
-		break;
+				$ret['message'] = $datastream;
 				$ret['error'] = 0;
 				return $ret;
 			}
 			/* De-array everything */
 			xml_dearray($response);
 			$key = array_keys($response);
 			//		echo "<pre>";print_r($response);echo "</pre>";
 			switch ($key[0]) {
 				case 'awardresponse':
 					/* Full response */
 					$ret = $response['awardresponse'];
 					/* Undo variable to array */
 					$ret['awards'] = $ret['awards']['award'];
 					foreach ($ret['awards'] as &$a)
 						$a['prizes'] = $a['prizes']['prize'];
 					$ret['error'] = 0;
 					$ret['message'] = '';
 					break;
 				case 'awardwinnersresponse':
 					/* Parse return */
 					$ret['error'] = ($response['awardwinnersresponse']['status'] == 'failed') ? 1 : 0;
 					$ret['message'] = $response['awardwinnersresponse']['statusmessage'];
 					break;
 			}
 			break;
 	}
-//n	debug_("Returning: ".print_r($ret, true));
+	// n	debug_("Returning: ".print_r($ret, true));
 	return $ret;
- }
+}
 ?>
--- a/admin/cwsfregister.php
+++ b/admin/cwsfregister.php
@ -1,42 +1,45 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
 * SFIAB Website: http://www.sfiab.ca
 *
 * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
 * Copyright (C) 2005 James Grant <james@lightbox.org>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public
 * License as published by the Free Software Foundation, version 2.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 *  General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
-   This program is free software; you can redistribute it and/or
+include 'xml.inc.php';
-   modify it under the terms of the GNU General Public
+require_once ('../user.inc.php');
   License as published by the Free Software Foundation, version 2.
-   This program is distributed in the hope that it will be useful,
+function get_cwsf_award_winners()
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+{
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+	global $config, $pdo;
-    General Public License for more details.
+	$winners = array();
-   You should have received a copy of the GNU General Public License
+	$q = $pdo->prepare("SELECT * FROM award_awards WHERE cwsfaward='1' AND year=?");
-   along with this program; see the file COPYING.  If not, write to
+	$q->execute([$config['FAIRYEAR']]);
   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
   Boston, MA 02111-1307, USA.
 */
-include "xml.inc.php";
+	if ($q->rowCount() == 1) {
- require_once("../user.inc.php");
+		$award = $q->fetch(PDO::FETCH_OBJ);
 		$pq = $pdo->prepare("SELECT * FROM award_prizes WHERE award_awards_id=?");
 		$pq->execute([$award->id]);
- function get_cwsf_award_winners()
+		while ($prize = $pq->fetch(PDO::FETCH_OBJ)) {
- {
+			$wq = $pdo->prepare("SELECT 
 	global $config;
 	$winners=array();
 	$winners_ids=array();
 	$q=mysql_query("SELECT * FROM award_awards WHERE cwsfaward='1' AND conferences_id='".$conference['id']."'");
 	while($award=mysql_fetch_object($q)) 
 	{
 		$pq=mysql_query("SELECT * FROM award_prizes WHERE award_awards_id='$award->id'");
 		while($prize=mysql_fetch_object($pq))
 		{
 			$wq=mysql_query("SELECT 
 						projects.id,
 						projects.projectnumber,
 						projects.title,
@ -50,288 +53,269 @@ include "xml.inc.php";
 						projects
 					WHERE 
 						winners.projects_id=projects.id AND
-						awards_prizes_id='$prize->id' AND 
+						awards_prizes_id=? AND 
-						winners.conferences_id='".$conference['id']."'");
+						winners.year=?");
-						echo mysql_error();
+			$wq->execute([$prize->id, $config['FAIRYEAR']]);
-			while($project=mysql_fetch_object($wq))
+			show_pdo_errors_if_any($pdo);
-			{
+
-				if(array_key_exists($project->id, $winners_ids)) {
+			while ($project = $wq->fetch(PDO::FETCH_OBJ)) {
-					continue;
+				$sq = $pdo->prepare("SELECT * FROM students WHERE registrations_id=? AND year=?");
-				} else {
+				$sq->execute([$project->registrations_id, $config['FAIRYEAR']]);
-					$winners_ids[$project->id] = true;
+
 				$students = array();
 				$cwsf_agecategory = 0;
 				while ($s = $sq->fetch(PDO::FETCH_OBJ)) {
 					if ($s->grade >= 7 && $s->grade <= 8) {
 						if ($cwsf_agecategory < 1)
 							$cwsf_agecategory = 1;
 					}
 					if ($s->grade >= 9 && $s->grade <= 10) {
 						if ($cwsf_agecategory < 2)
 							$cwsf_agecategory = 2;
 					}
 					if ($s->grade >= 11 && $s->grade <= 13) {
 						if ($cwsf_agecategory < 3)
 							$cwsf_agecategory = 3;
 					}
 					$students[] = array(
 						'xml_type' => 'student',
 						'firstname' => $s->firstname,
 						'lastname' => $s->lastname,
 						'email' => $s->email,
 						'gender' => $s->sex,
 						'grade' => $s->grade,
 						'language' => $s->lang,
 						'birthdate' => $s->dateofbirth,
 						'address1' => $s->address,
 						'address2' => '',
 						'city' => $s->city,
 						'province' => $s->province,
 						'postalcode' => $s->postalcode,
 						'homephone' => $s->phone,
 						'cellphone' => '',
 					);
 				}
-				$sq=mysql_query("SELECT * FROM students WHERE registrations_id='$project->registrations_id' AND conferences_id='".$conference['id']."'");
+				$winners[] = array(
-				$students=array();
+					'xml_type' => 'project',
-				$cwsf_agecategory=0;
+					'projectid' => $project->id,
-				while($s=mysql_fetch_object($sq))
+					'projectnumber' => $project->projectnumber,
-				{
+					'title' => $project->title,
-					if($s->grade>=7 && $s->grade<=8)
+					'abstract' => $project->summary,
-					{
+					'category_id' => $cwsf_agecategory,
-						if($cwsf_agecategory<1) 
+					'division_id' => $project->cwsfdivisionid,
-							$cwsf_agecategory=1;
+					'projectdivisions_id' => $project->projectdivisions_id,
-					}
+					'students' => $students,
-					if($s->grade>=9 && $s->grade<=10)
+				);
 					{
 						if($cwsf_agecategory<2) 
 							$cwsf_agecategory=2;
 					}
 					if($s->grade>=11 && $s->grade<=13)
 					{
 						if($cwsf_agecategory<3) 
 							$cwsf_agecategory=3;
 					}
 					$students[]=array(
 								"xml_type"=>"student",
 								"firstname"=>$s->firstname,
 								"lastname"=>$s->lastname,
 								"email"=>$s->email,
 								"gender"=>$s->sex,
 								"grade"=>$s->grade,
 								"language"=>$s->lang,
 								"birthdate"=>$s->dateofbirth,
 								"address1"=>$s->address,
 								"address2"=>"",
 								"city"=>$s->city,
 								"province"=>$s->province,
 								"postalcode"=>$s->postalcode,
 								"homephone"=>$s->phone,
 								"cellphone"=>"",
 							);
 				}
 				$winners[]=array(
 						"xml_type"=>"project",
 						"projectid"=>$project->id,
 						"projectnumber"=>$project->projectnumber,
 						"title"=>$project->title,
 						"abstract"=>$project->summary,
 						"category_id"=>$cwsf_agecategory,
 						"division_id"=>$project->cwsfdivisionid,
 						"projectdivisions_id"=>$project->projectdivisions_id,
 						"students"=>$students,
 						);
 			}
 		}
-		//print_r($award);
+		// print_r($award);
 	}
 	return $winners;
- }
+}
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require("../projects.inc.php");
+require ('../projects.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- send_header("One-Click CWSF Registration",
+send_header('One-Click CWSF Registration',
- 		array('Committee Main' => 'committee_main.php',
+	array('Committee Main' => 'committee_main.php',
-			'Administration' => 'admin/index.php'),
+		'Administration' => 'admin/index.php'),
-            "one-click_cwsf_registration"
+	'one-click_cwsf_registration');
-			);
+echo '<br />';
 echo "<br />";
- if(count($_POST['cwsfdivision']))
+if (count(get_value_from_array($_POST, 'cwsfdivision', []))) {
- {
+	foreach ($_POST['cwsfdivision'] AS $p => $d) {
- 	foreach($_POST['cwsfdivision'] AS $p=>$d)
+		$q = $pdo->prepare("UPDATE projects SET cwsfdivisionid=? WHERE id=?");
-	{
+		$q->execute([$d, $p]);
 		mysql_query("UPDATE projects SET cwsfdivisionid='$d' WHERE id='$p'");
 	}
-	echo happy(i18n("CWSF Project Divisions saved"));
+	echo happy(i18n('CWSF Project Divisions saved'));
- }
+}
- if($_POST['action']=="register" && $_POST['xml'])
+if (get_value_from_array($_POST, 'action') == 'register' && $_POST['xml']) {
- {
+	if (function_exists('curl_init')) {
- 	if(function_exists('curl_init'))
+		$ch = curl_init();  // / initialize a cURL session
-	{
+		curl_setopt($ch, CURLOPT_URL, 'https://secure.ysf-fsj.ca/registration/xmlregister.php');
-		$ch = curl_init(); /// initialize a cURL session
+		curl_setopt($ch, CURLOPT_HEADER, 0);  // / Header control
-		curl_setopt ($ch, CURLOPT_URL,"https://secure.ysf-fsj.ca/registration/xmlregister.php");
+		curl_setopt($ch, CURLOPT_POST, 1);  // / tell it to make a POST, not a GET
-		curl_setopt ($ch, CURLOPT_HEADER, 0); /// Header control
+		curl_setopt($ch, CURLOPT_POSTFIELDS, 'xml=' . $_POST['xml']);  // / put the query string here starting with "?"
-		curl_setopt ($ch, CURLOPT_POST, 1);  /// tell it to make a POST, not a GET
+		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);  // / This allows the output to be set into a variable $datastream
-		curl_setopt ($ch, CURLOPT_POSTFIELDS, "xml=".$_POST['xml']);  /// put the query string here starting with "?"
+		curl_setopt($ch, CURLOPT_POSTFIELDSIZE, 0);
-		curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); /// This allows the output to be set into a variable $datastream
+		curl_setopt($ch, CURLOPT_TIMEOUT, 360);
-		curl_setopt ($ch, CURLOPT_POSTFIELDSIZE, 0);
+		curl_setopt($ch, CURLOPT_SSLVERSION, 3);
-		curl_setopt ($ch, CURLOPT_TIMEOUT, 360);
+		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
-		curl_setopt ($ch, CURLOPT_SSLVERSION, 3);
+		$datastream = curl_exec($ch);  // / execute the curl session and return the output to a variable $datastream
-	    curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, false);
+		$datastream = str_replace(' standalone="yes"', '', $datastream);
 		$datastream = curl_exec ($ch); /// execute the curl session and return the output to a variable $datastream
 		$datastream = str_replace(" standalone=\"yes\"","",$datastream);
 		// echo "curl close <br />";
-		curl_close ($ch); /// close the curl session
+		curl_close($ch);  // / close the curl session
-		echo i18n("The YSC Registration Server said:")."<br />";
+		echo i18n('The YSC Registration Server said:') . '<br />';
 		echo notice($datastream);
-	}
+	} else {
-	else
+		echo error('CURL Support Missing');
-	{
+		echo i18n('Your PHP installation does not support CURL.  You will need to login to the YSC system as the regional coodinator and upload the XML data manually');
 		echo error("CURL Support Missing");
 		echo i18n("Your PHP installation does not support CURL.  You will need to login to the YSC system as the regional coodinator and upload the XML data manually");
 	}
 	send_footer();
 	exit;
- }
+}
- /* Load the YSC fair */
+/* Load the YSC fair */
- $q = mysql_query("SELECT * FROM fairs WHERE abbrv='YSC'");
+$q = $pdo->prepare("SELECT * FROM fairs WHERE abbrv='YSC'");
- if(mysql_num_rows($q) < 1) {
+$q->execute();
- 	echo error(i18n("You have not defined the YSC upstream fair in the Science Fair Management area."));
+if ($q->rowCount() < 1) {
 	echo error(i18n('You have not defined the YSC upstream fair in the Science Fair Management area.'));
 	$ok = false;
- } else {
+} else {
-	 $f = mysql_fetch_assoc($q);
+	$f = $q->fetch(PDO::FETCH_ASSOC);
-	 $ysc_region_id = $f['username'];
+	$ysc_region_id = $f['username'];
-	 $ysc_region_password = $f['password'];
+	$ysc_region_password = $f['password'];
- }
+}
- $ok=true;
+$ok = true;
- //make sure we have the ysc_region_id and ysc_region_password
+// make sure we have the ysc_region_id and ysc_region_password
- if($ysc_region_id == '') {
+if ($ysc_region_id == '') {
- 	echo error(i18n("You have not yet specified a username for YSC (your Region ID).  Go to the <a href=\"sciencefairs.php\">Science Fair Management</a> page to set it"));
+	echo error(i18n('You have not yet specified a username for YSC (your Region ID).  Go to the <a href="sciencefairs.php">Science Fair Management</a> page to set it'));
-	$ok=false;
+	$ok = false;
- }
+}
- if($ysc_region_password == '') {
+if ($ysc_region_password == '') {
- 	echo error(i18n("You have not yet specified a password for YSC (your Region Password).  Go to the <a href=\"sciencefairs.php\">Science Fair Management</a> page to set it"));
+	echo error(i18n('You have not yet specified a password for YSC (your Region Password).  Go to the <a href="sciencefairs.php">Science Fair Management</a> page to set it'));
-	$ok=false;
+	$ok = false;
- }
+}
- if($ok)
+if ($ok) {
- {
+	$q = $pdo->prepare("SELECT * FROM award_awards WHERE cwsfaward='1' AND year=?");
- 	$q=mysql_query("SELECT * FROM award_awards WHERE cwsfaward='1' AND conferences_id='".$conference['id']."'");
+	$q->execute([$config['FAIRYEAR']]);
-	if(!mysql_num_rows($q))
+	if (!$q->rowCount()) {
-	{
+		echo error(i18n('Cannot find an award that is specified as the Canada-Wide Science Fair Award'));
-		echo error(i18n("Cannot find an award that is specified as the Canada-Wide Science Fair Award"));
+		echo i18n('Please go to the awards manager and select which award identifies your CWSF students');
-		echo i18n("Please go to the awards manager and select which award identifies your CWSF students");
+	} else if ($q->rowCount() > 1) {
-	}
+		echo error(i18n('There is more than one award that is identified as your Canada-Wide Science Fair award.'));
-	else
+		echo i18n('Please go to the awards manager and choose only one award that identifies your CWSF students');
-	{
+	} else {
-		echo "<b>".i18n("CWSF Awards").":</b> <br />";
+		$award = $q->fetch(PDO::FETCH_OBJ);
-		echo "<ul>";
+		echo '<b>' . i18n('CWSF Award') . ':</b> ' . $award->name . '<br />';
 		while($award=mysql_fetch_object($q)) {
 			echo "<li>{$award->name}</li>";
 		}
 		echo "</ul>";
 		echo i18n("Please review the list of winning projects/students below.  If it is all correct then you can click the 'Register for CWSF' button at the bottom of the page to send the information to YSC");
-		echo "<br />";
+		echo '<br />';
-		echo "<br />";
+		echo '<br />';
-		$winners=get_cwsf_award_winners();
+		$winners = get_cwsf_award_winners();
-		echo "<b>".i18n("Found %1 CWSF prize winners",array(count($winners)))."</b>";
+		echo '<b>' . i18n('Found %1 CWSF prize winners', array(count($winners))) . '</b>';
-		echo "<br />";
+		echo '<br />';
-		$error=false;
+		$error = false;
-		echo "<form method=\"post\" action=\"cwsfregister.php\">";
+		echo '<form method="post" action="cwsfregister.php">';
-		echo "<table class=\"tableview\"><thead>";
+		echo '<table class="tableview"><thead>';
-		echo "<tr><th>".i18n("Project Information")."</th>";
+		echo '<tr><th>' . i18n('Project Information') . '</th>';
-		echo "<th>".i18n("Project Division / CWSF Project Division")."</th>";
+		echo '<th>' . i18n('Project Division / CWSF Project Division') . '</th>';
-		echo "</tr></thead>";
+		echo '</tr></thead>';
-		foreach($winners AS $winner)
+		foreach ($winners AS $winner) {
-		{
+			echo '<tr><td>';
-			echo "<tr><td>";
+			echo '<b>';
-			echo "<b>";
+			echo $winner['projectnumber'] . ' - ' . $winner['title'];
-			echo $winner['projectnumber']." - ".$winner['title'];
+			echo '</b>';
-			echo "</b>";
+			echo '<br />';
-			echo "<br />";
+			foreach ($winner['students'] AS $s) {
-			foreach($winner['students'] AS $s)
+				echo '&nbsp;';
-			{
+				echo '&nbsp;';
-				echo "&nbsp;"; echo "&nbsp;"; echo "&nbsp;"; echo "&nbsp;";
+				echo '&nbsp;';
-				echo i18n("Name").": ";
+				echo '&nbsp;';
-				echo $s['firstname']." ".$s['lastname'];
+				echo i18n('Name') . ': ';
-				echo "<br />";
+				echo $s['firstname'] . ' ' . $s['lastname'];
 				echo '<br />';
-				echo "&nbsp;"; echo "&nbsp;"; echo "&nbsp;"; echo "&nbsp;";
+				echo '&nbsp;';
-				echo i18n("Email").": ".$s['email'];
+				echo '&nbsp;';
-				if(!$s['email'])
+				echo '&nbsp;';
-				{
+				echo '&nbsp;';
-					echo error(i18n("No Email Address"),"inline");
+				echo i18n('Email') . ': ' . $s['email'];
-					$error=true;
+				if (!$s['email']) {
 					echo error(i18n('No Email Address'), 'inline');
 					$error = true;
 				}
-				echo "<br />";
+				echo '<br />';
-				echo "&nbsp;"; echo "&nbsp;"; echo "&nbsp;"; echo "&nbsp;";
+				echo '&nbsp;';
 				echo '&nbsp;';
 				echo '&nbsp;';
 				echo '&nbsp;';
-				echo i18n("Grade").": ".$s['grade'];
+				echo i18n('Grade') . ': ' . $s['grade'];
-				if(!$s['grade'])
+				if (!$s['grade']) {
-				{
+					echo error(i18n('No Grade'), 'inline');
-					echo error(i18n("No Grade"),"inline");
+					$error = true;
 					$error=true;
 				}
-				echo "<br />";
+				echo '<br />';
 			}
-			if(!$winner['division_id'])
+			if (!$winner['division_id']) {
-			{
+				echo '<br />';
-				echo "<br />";
+				echo error(i18n('Choose a CWSF Division'), 'inline');
-				echo error(i18n("Choose a CWSF Division"),"inline");
+				$error = true;
 				$error=true;
 			}
-			echo "</td><td>";
+			echo '</td><td>';
-			$t=mysql_query("SELECT * FROM projectdivisions WHERE conferences_id='".$conference['id']."' AND id='".$winner['projectdivisions_id']."'");
+			$t = $pdo->prepare("SELECT * FROM projectdivisions WHERE year=? AND id=?");
-			$tr=mysql_fetch_object($t);
+			$t->execute([$config['FAIRYEAR'], $winner['projectdivisions_id']]);
 			$tr = $t->fetch(PDO::FETCH_OBJ);
 			echo $tr->division;
-			echo "<br />";
+			echo '<br />';
-			echo "<select name=\"cwsfdivision[".$winner['projectid']."]\">";
+			echo '<select name="cwsfdivision[' . $winner['projectid'] . ']">';
-			echo "<option value=\"\">".i18n("No corresponding CWSF division")."</option>\n";
+			echo '<option value="">' . i18n('No corresponding CWSF division') . "</option>\n";
-			foreach($CWSFDivisions AS $k=>$v)
+			foreach ($CWSFDivisions AS $k => $v) {
-			{
+				if ($winner['division_id']) {
-				if($winner['division_id'])
+					if ($k == $winner['division_id'])
-				{
+						$sel = 'selected="selected"';
-					if($k==$winner['division_id']) $sel="selected=\"selected\""; else $sel="";
+					else
-				}
+						$sel = '';
-				else
+				} else {
-				{
+					if ($k == $tr->cwsfdivisionid)
-
+						$sel = 'selected="selected"';
-					if($k==$tr->cwsfdivisionid) $sel="selected=\"selected\""; else $sel="";
+					else
 						$sel = '';
 				}
-				echo "<option $sel value=\"$k\">".i18n($v)."</option>\n";
+				echo "<option $sel value=\"$k\">" . i18n($v) . "</option>\n";
 			}
 			echo "</select>\n";
-			echo "</td></tr>";
+			echo '</td></tr>';
 		}
-		echo "<tr><td></td><td>";
+		echo '<tr><td></td><td>';
-		echo "<input type=\"submit\" value=\"Save CWSF Divisions\">";
+		echo '<input type="submit" value="Save CWSF Divisions">';
-		echo "</td></tr>";
+		echo '</td></tr>';
-		echo "</table>";
+		echo '</table>';
-		echo "</form>";
+		echo '</form>';
-		if(!$error)
+		if (!$error) {
-		{
+			$reg = array('registration' => array(
-			$reg=array("registration"=>array(
+				'ysf_region_id' => $ysc_region_id,
-					"ysf_region_id"=>$ysc_region_id,
+				'ysf_region_password' => $ysc_region_password,
-					"ysf_region_password"=>$ysc_region_password,
+				'projects' => $winners
-					"projects"=>$winners
+			));
 					)
 				);
-			$output="";
+			$output = '';
 			xmlCreateRecurse($reg);
-			$xmldata=$output;
+			$xmldata = $output;
-			echo "<h3>".i18n("The following data will be sent to Youth Science Canada")."</h3>";
+			echo '<h3>' . i18n('The following data will be sent to Youth Science Canada') . '</h3>';
-			echo "<form method=\"post\" action=\"cwsfregister.php\">";
+			echo '<form method="post" action="cwsfregister.php">';
-			echo "<input type=\"hidden\" name=\"action\" value=\"register\">";
+			echo '<input type="hidden" name="action" value="register">';
-			echo "<textarea rows=\"15\" cols=\"80\" name=\"xml\">";
+			echo '<textarea rows="15" cols="80" name="xml">';
 			echo $xmldata;
-			echo "</textarea>";
+			echo '</textarea>';
-			echo "<br />";
+			echo '<br />';
-			echo "<br />";
+			echo '<br />';
-			echo i18n("Warning!  You can only use this feature once, and it will send whatever data is listed above.  If you try to submit this data a second time to YSC it will not work.  So please make sure everything is correct before submitting!");
+			echo i18n('Warning!  You can only use this feature once, and it will send whatever data is listed above.  If you try to submit this data a second time to YSC it will not work.  So please make sure everything is correct before submitting!');
-			echo "<br />";
+			echo '<br />';
-			echo "<br />";
+			echo '<br />';
-			echo "<input type=\"submit\" value=\"".i18n("Register for CWSF")."\">";
+			echo '<input type="submit" value="' . i18n('Register for CWSF') . '">';
-			echo "</form>";
+			echo '</form>';
-		}
+		} else {
-		else
+			echo error(i18n('You must correct the above errors before registration can proceed'));
 		{
 			echo error(i18n("You must correct the above errors before registration can proceed"));
 		}
 	}
 }
-
+send_footer();
 }
 send_footer();
 ?>
--- a/admin/documentdownloader.php
+++ b/admin/documentdownloader.php
@ -1,35 +1,36 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2007 James Grant <james@lightbox.org>
+/*
-
+ * This file is part of the 'Science Fair In A Box' project
-   This program is free software; you can redistribute it and/or
+ * SFIAB Website: http://www.sfiab.ca
-   modify it under the terms of the GNU General Public
+ *
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2007 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- $q=mysql_query("SELECT * FROM documents WHERE id='".$_GET['id']."'");
+$q = $pdo->prepare("SELECT * FROM documents WHERE id='" . $_GET['id'] . "'");
- if($r=mysql_fetch_object($q))
+$q->execute();
- {
+if ($r = $q->fetch(PDO::FETCH_OBJ)) {
-	header("Content-type: ".trim(exec("file -bi ../data/documents/$r->filename")));
+    header('Content-type: ' . trim(exec("file -bi ../data/documents/$r->filename")));
-	header("Content-disposition: inline; filename=\"".$r->filename."\"");
+    header('Content-disposition: inline; filename="' . $r->filename . '"');
-	header("Content-length: ".filesize("../data/documents/$r->filename"));
+    header('Content-length: ' . filesize("../data/documents/$r->filename"));
-	readfile("../data/documents/$r->filename");
+    readfile("../data/documents/$r->filename");
- }
+}
 ?>
--- a/admin/documents.php
+++ b/admin/documents.php
@ -1,58 +1,58 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2007 James Grant <james@lightbox.org>
+/*
-
+ * This file is part of the 'Science Fair In A Box' project
-   This program is free software; you can redistribute it and/or
+ * SFIAB Website: http://www.sfiab.ca
-   modify it under the terms of the GNU General Public
+ *
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2007 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require("../tableeditor.class.php");
+require ('../tableeditor.class.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- //make sure storage folder exists
+// make sure storage folder exists
- if(!file_exists("../data/documents"))
+if (!file_exists('../data/documents'))
- 	mkdir("../data/documents");
+    mkdir('../data/documents');
- if(!file_exists("../data/documents/.htaccess"))
+if (!file_exists('../data/documents/.htaccess'))
- 	file_put_contents("../data/documents/.htaccess","Order Deny,Allow\r\nDeny From All\r\n");
+    file_put_contents('../data/documents/.htaccess', "Order Deny,Allow\r\nDeny From All\r\n");
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- send_header("Internal Document Manager",
+send_header('Internal Document Manager',
- 		array('Committee Main' => 'committee_main.php',
+    array('Committee Main' => 'committee_main.php',
-			'Administration' => 'admin/index.php'),
+        'Administration' => 'admin/index.php'),
-            "internal_document_management"
+    'internal_document_management');
 			);
- $editor=new TableEditor("documents",
+$editor = new TableEditor('documents',
- 			array("date"=>"Date",
+    array(
-				"title"=>"Document Title",
+        'date' => 'Date',
-				"sel_category"=>"Category",
+        'title' => 'Document Title',
-				"filename"=>"Filename",
+        'sel_category' => 'Category',
-			)
+        'filename' => 'Filename',
-			);
+    ));
- $editor->setPrimaryKey("id");
+$editor->setPrimaryKey('id');
- $editor->setUploadPath("../data/documents");
+$editor->setUploadPath('../data/documents');
- $editor->setDefaultSortField("sel_category,date");
+$editor->setDefaultSortField('sel_category,date');
- $editor->setRecordType("Document");
+$editor->setRecordType('Document');
- $editor->setFieldDefaultValue("date",date("Y-m-d"));
+$editor->setFieldDefaultValue('date', date('Y-m-d'));
- $editor->setDownloadLink("documentdownloader.php");
+$editor->setDownloadLink('documentdownloader.php');
- $editor->execute();
+$editor->execute();
- send_footer();
+send_footer();
 ?>
--- a/admin/donations.php
+++ b/admin/donations.php
@ -0,0 +1,179 @@
 <?
 /*
 * This file is part of the 'Science Fair In A Box' project
 * SFIAB Website: http://www.sfiab.ca
 *
 * Copyright (C) 2008 James Grant <james@lightbox.org>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public
 * License as published by the Free Software Foundation, version 2.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 *  General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
 require ('../common.inc.php');
 require ('../tableeditor.class.php');
 require_once ('../user.inc.php');
 user_auth_required('committee', 'admin');
 include ('fundraising_sponsorship_handler.inc.php');
 include ('fundraising_goals_handler.inc.php');
 include ('fundraising_main.inc.php');
 send_header('Donations',
    array('Committee Main' => 'committee_main.php',
        'Administration' => 'admin/index.php',
        'Fundraising' => 'admin/fundraising.php'),
    'fundraising');
 ?>
 <script type="text/javascript">
 $(document).ready(function() {
    //initialize the dialog
    $("#sponsorship_editor").dialog({
        bgiframe: true, autoOpen: false,
        modal: true, resizable: false,
        draggable: false
    });
    $("#fund_editor").dialog({
        bgiframe: true, autoOpen: false,
        modal: true, resizable: falsefundraising,
        draggable: false
    });
 refresh_fundraising_table(); 
 });
 function popup_sponsorship_editor(url) {
    var w = (document.documentElement.clientWidth * 0.6);
    $('#sponsorship_editor').dialog('option','width',w);
    //let the height autocalculate
 /*    
    var h = (document.documentElement.clientHeight * 0.6);
    $('#sponsorship_editor').dialog('option','height',h);
    */
    $('#sponsorship_editor').dialog('option','buttons',{ "<?= i18n('Save') ?>": function() { save_sponsorship(); },
    "<?= i18n('Cancel') ?>": function(){ $(this).dialog("close");}});
    $('#sponsorship_editor').dialog('open');
    $('#sponsorship_editor_content').load(url);
    return false;
 }
 function save_sponsorship() {
    $('#debug').load("<?= $config['SFIABDIRECTORY'] ?>/admin/fundraising.php",
    $("#fundraisingsponsorship").serializeArray(),
    function() {
        $('#sponsorship_editor').dialog('close');
        refresh_fundraising_table();
    });
    return false;
 }
 function popup_fund_editor(url) {
    var w = (document.documentElement.clientWidth * 0.6);
    $('#fund_editor').dialog('option','width',w);
    //let the height autocalculate
 /*    
    var h = (document.documentElement.clientHeight * 0.6);
    $('#fund_editor').dialog('option','height',h);
    */
    $('#fund_editor').dialog('option','buttons',{ "<?= i18n('Save') ?>": function() { save_fund(); },
    "<?= i18n('Cancel') ?>": function(){ $(this).dialog("close");}});
    $('#fund_editor').dialog('open');
    $('#fund_editor_content').load(url);
    return false;
 }
 function save_fund() {
    $("#debug").load("<?= $config['SFIABDIRECTORY'] ?>/admin/fundraising.php",
    $("#fundraisingfundraising").serializeArray(),
    function(data) {
        $('#fund_editor').dialog('close');
        refresh_fundraising_table();
    });
    return false;
 }
 function delete_fund(id) {
    if(confirmClick('Are you sure you want to remove this fund?')) {
        $('#debug').load("<?= $config['SFIABDIRECTORY'] ?>/admin/fundraising.php",
        { action: 'funddelete', delete: id },
        function() {
            refresh_fundraising_table();
        }
        );
    }
    return false;
 }
 function delete_sponsorship(id) {
    if(confirmClick('Are you sure you want to remove this sponsorship?')) {
        $('#debug').load("<?= $config['SFIABDIRECTORY'] ?>/admin/fundraising.php",
        { action: 'sponsorshipdelete', delete: id },
        function() {
            refresh_fundraising_table();
        }
        );
    }
    return false;
 }
 function refresh_fundraising_table() {
    $("#fundraisingmain").load("fundraising.php?action=fundraisingmain");
 }
 </script>
 <?
 // first, insert any defaults
 $q = $pdo->prepare("SELECT * FROM fundraising WHERE year='" . $config['FAIRYEAR'] . "'");
 $q->execute();
 if (!$q->rowCount()) {
    $q = $pdo->prepare("SELECT * FROM fundraising WHERE year='-1'");
    $q->execute();
    while ($r = $q->fetch(PDO::FETCH_OBJ)) {
        $q = $pdo->prepare("INSERT INTO fundraising (`type`,`name`,`description`,`system`,`goal`,`year`) VALUES ('$r->type','" . $r->name . "','" . $r->description . "','$r->system','$r->goal','" . $config['FAIRYEAR'] . "')");
        $q->execute();
    }
 }
 echo '<div id="fundraisingmain">';
 echo '</div>';
 echo "<br />\n";
 echo "<br />\n";
 echo "<a href=\"sponsorship_levels.php\">Manage Donation Levels</a>\n";
 echo "<br />\n";
 echo "<a href=\"donors.php\">Manage Donors</a>\n";
 echo "<br />\n";
 ?>
 <div style="display: none" title="<?= i18n('Donation Editor') ?>" id="sponsorship_editor">
 <div id="sponsorship_editor_content">
 </div>
 </div>
 <div style="display: none" title="<?= i18n('Fund Editor') ?>" id="fund_editor">
 <div id="fund_editor_content">
 </div>
 </div>
 <?
 send_footer();
 ?>
--- a/admin/donors.php
+++ b/admin/donors.php
--- a/admin/donors_search.php
+++ b/admin/donors_search.php
@ -1,124 +1,130 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2008 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2008 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- echo "<br />\n";
+echo "<br />\n";
-		//$q=mysql_query("SELECT * FROM award_sponsors WHERE year='".$config['FAIRYEAR']."' ORDER BY organization");
+// $q=mysql_query("SELECT * FROM award_sponsors WHERE year='".$config['FAIRYEAR']."' ORDER BY organization");
-		//we want to show all years, infact that year field probably shouldnt even be there.
+// we want to show all years, infact that year field probably shouldnt even be there.
-		$sql="";
+$sql = '';
-		if($_POST['search']) $sql.=" AND organization LIKE '%".mysql_real_escape_string($_POST['search'])."%' ";
+if (get_value_from_array($_POST, 'search'))
-		if(count($_POST['donortype'])) {
+	$sql .= " AND organization LIKE '%" . $_POST['search'] . "%' ";
-			$sql.=" AND (0 ";
+
-			foreach($_POST['donortype'] AS $d) {
+// NEEDS AN ARRAY AS AN ARGUMENT INSTEAD OF A STRING
-				$sql.=" OR donortype='$d'";
+if (count(get_value_from_array($_POST, 'donortype', []))) {
-			}
+	$sql .= ' AND (0 ';
-			$sql.=") ";
+	foreach ($_POST['donortype'] AS $d) {
-		}
+		$sql .= " OR donortype='$d'";
-		$query="SELECT * FROM sponsors WHERE 1 $sql ORDER BY organization";
+	}
 	$sql .= ') ';
 }
 $query = "SELECT * FROM sponsors WHERE 1 $sql ORDER BY organization";
 //		echo "query=$query";
-		$q=mysql_query($query);
+$q = $pdo->prepare($query);
 $q->execute();
 get_value_from_array($_POST, 'donortype');
 $thisyear = $config['FISCALYEAR'];
 $lastyear = $config['FISCALYEAR'] - 1;
 $rows = array();
-		$thisyear=$config['FISCALYEAR'];
+while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-		$lastyear=$config['FISCALYEAR']-1;
+	$cq = $pdo->prepare("SELECT SUM(value) AS total FROM fundraising_donations WHERE sponsors_id='$r->id' AND status='received' AND fiscalyear='$thisyear'");
-		$rows=array();
+	$cq->execute();
 	$cr = $cq->fetch(PDO::FETCH_OBJ);
 	$thisyeartotal = $cr->total;
 	$cq = $pdo->prepare("SELECT SUM(value) AS total FROM fundraising_donations WHERE sponsors_id='$r->id' AND status='received' AND fiscalyear='$lastyear'");
 	$cq->execute();
 	$cr = $cq->fetch(PDO::FETCH_OBJ);
 	$lastyeartotal = $cr->total;
 	if ($lastyeartotal)
 		$change = round(($thisyeartotal - $lastyeartotal) / $lastyeartotal * 100);
 	else
 		$change = 'N/A';
 	$rows[] = array('id' => $r->id, 'name' => $r->organization, 'thisyeartotal' => $thisyeartotal, 'lastyeartotal' => $lastyeartotal, 'change' => $change);
 }
 $thisyearsort = array();
 if (!get_value_from_array($_POST, 'order')) {
 	// if order is not given, lets order by donation amount this year
 	foreach ($rows AS $key => $val) {
 		$thisyearsort[$key] = $val['thisyeartotal'];
 	}
 	array_multisort($thisyearsort, SORT_DESC, $rows);
 }
-		while($r=mysql_fetch_object($q))
+if (get_value_from_array($_POST, 'limit')) {
-		{
+	$limit = $_POST['limit'];
-			$cq=mysql_query("SELECT SUM(value) AS total FROM fundraising_donations WHERE sponsors_id='$r->id' AND status='received' AND fiscalyear='$thisyear'");
+} else {
-			$cr=mysql_fetch_object($cq);
+	$limit = 10;
-			$thisyeartotal=$cr->total;
+	echo '<h4>' . i18n('Top 10 donors this year') . '</h4>';
-			$cq=mysql_query("SELECT SUM(value) AS total FROM fundraising_donations WHERE sponsors_id='$r->id' AND status='received' AND fiscalyear='$lastyear'");
+}
 			$cr=mysql_fetch_object($cq);
 			$lastyeartotal=$cr->total;
 			if($lastyeartotal)
 				$change=round(($thisyeartotal-$lastyeartotal)/$lastyeartotal*100);
 			else
 				$change="N/A";
 			$rows[]=array("id"=>$r->id, "name"=>$r->organization, "thisyeartotal"=>$thisyeartotal, "lastyeartotal"=>$lastyeartotal, "change"=>$change);
 		}
 		$thisyearsort=array();
 		if(!$_POST['order']) {
 			//if order is not given, lets order by donation amount this year
 			foreach($rows AS $key=>$val) {
 				$thisyearsort[$key]=$val['thisyeartotal'];
 			}
 			array_multisort($thisyearsort,SORT_DESC,$rows);
 		}
-		if($_POST['limit']) {
+echo '<table class="tableview">';
-			$limit=$_POST['limit'];
+echo '<thead>';
-		}
+echo '<tr>';
-		else {
+echo ' <th>' . i18n('Donor/Sponsor') . '</th>';
-			$limit=10;
+echo ' <th>' . i18n('Total $ this year') . '</th>';
-			echo  "<h4>".i18n("Top 10 donors this year")."</h4>";
+echo ' <th>' . i18n('Total $ last year') . '</th>';
-		}
+echo ' <th>' . i18n('% change') . '</th>';
 echo '</tr>';
 echo "</thead>\n";
-		echo "<table class=\"tableview\">";
+$x = 0;
-		echo "<thead>";
+foreach ($rows AS $r) {
-		echo "<tr>";
+	echo "<tr>\n";
-		echo " <th>".i18n("Donor/Sponsor")."</th>";
+	$eh = "style=\"cursor:pointer;\" onclick=\"open_editor({$r['id']});\"";
-		echo " <th>".i18n("Total $ this year")."</th>";
+	echo " <td $eh>{$r['name']}</td>\n";
-		echo " <th>".i18n("Total $ last year")."</th>";
+	echo ' <td style="text-align: right;">';
-		echo " <th>".i18n("% change")."</th>";
+	echo format_money($r['thisyeartotal']);
-		echo "</tr>";
+	echo "</td>\n";
-		echo "</thead>\n";
+	echo ' <td style="text-align: right;">';
 	echo format_money($r['lastyeartotal']);
 	echo "</td>\n";
 	if (is_numeric($r['change'])) {
 		$n = $r['change'] / 2 + 50;
 		if ($n < 0)
 			$n = 0;
 		if ($n > 100)
 			$n = 100;
 		$col = 'color: ' . colour_to_percent($n);
 		$sign = '%';
 	} else {
 		$col = '';
 		$sign = '';
 	}
 	echo " <td style=\"text-align: center; $col\">";
 	echo $r['change'] . $sign;
 	echo "</td>\n";
 	echo "</tr>\n";
 	$x++;
 	if ($x == $limit)
 		break;
 }
-		$x=0;
+echo "</table>\n";
 		foreach($rows AS $r) {
 			echo "<tr>\n";
            $eh="style=\"cursor:pointer;\" onclick=\"open_editor({$r['id']});\"";
 			echo " <td $eh>{$r['name']}</td>\n";
 			echo " <td style=\"text-align: right;\">";
 			echo format_money($r['thisyeartotal']);
 			echo "</td>\n";
 			echo " <td style=\"text-align: right;\">";
 			echo format_money($r['lastyeartotal']);
 			echo "</td>\n";
 			if(is_numeric($r['change'])) {
 				$n=$r['change']/2+50;
 				if($n<0) $n=0;
 				if($n>100) $n=100;
 				$col="color: ".colour_to_percent($n);
 				$sign="%";
 			}
 			else{
 				 $col=""; $sign=""; }
 			echo " <td style=\"text-align: center; $col\">";
 			echo $r['change'].$sign;
 			echo "</td>\n";
 			echo "</tr>\n";
 			$x++;
 			if($x==$limit)
 				break;
 		}
 		echo "</table>\n";
 ?>
--- a/admin/events.php
+++ b/admin/events.php
@ -1,91 +0,0 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
   Copyright (C) 2005 James Grant <james@lightbox.org>
   This program is free software; you can redistribute it and/or
   modify it under the terms of the GNU General Public
   License as published by the Free Software Foundation, version 2.
   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    General Public License for more details.
   You should have received a copy of the GNU General Public License
   along with this program; see the file COPYING.  If not, write to
   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
   Boston, MA 02111-1307, USA.
 */
 ?>
 <?
 require("../common.inc.php");
 require("../tableeditor.class.php");
 require_once("../user.inc.php");
 user_auth_required('admin');
 send_header("Events Management", 
 	array('Committee Main' => 'committee_main.php',
 		'Administration' => 'admin/index.php',
 		'Events & Scheduling' => 'admin/eventsscheduling.php'),
        "events_scheduling" );
 echo "<br />";
 $editor = new TableEditor('events',
 	array(
 		"name" => "Event Name",
 		"eventtype" => "Type",
 		"suggested_grades" => "Suggested Grades",
 	),
 	array(
 		"name" => "Event Name",
 		"eventtype" => "Type",
 		"summary" => "Summary",
 		"website" => "Link to Description",
 		"suggested_grades" => "Suggested Grades",
 		"default_min_teams" => "Minimum Number of Teams",
 		"default_max_teams" => "Maximum Number of Teams",
 		"default_min_team_size" => "Minimum Team Size",
 		"default_max_team_size" => "Maximum Team Size",
 		"default_min_judges" => "Minimum Number of Judges",
 		"default_max_judges" => "Maximum Number of Judges",
 		"default_min_volunteers" => "Minimum Number of Volunteers",
 		"default_max_volunteers" => "Maximum Number of Volunteers"
 	),
 	array(
 		"conferences_id" => $conference['id']
 	)
 );
 $eventtypes=array( 	array('key'=>"general", 'val'=>"General"),
 					array('key'=>"scienceolympic", 'val'=>"Science Olympics Activity"),
 					array('key'=>"sciencefairjudging", 'val'=>"Science Fair Judging"),
 					array('key'=>"tour", 'val'=>"Tour")
 					);
 $editor->setFieldOptions("eventtype",$eventtypes);
 $editor->setPrimaryKey("id");
 $editor->setRecordType("Event");
 $editor->setDefaultSortField("eventtype,name");
 $editor->filterList("conferences_id", $conference['id']);
 $editor->setFieldDefaultValue("default_min_teams",1);
 $editor->setFieldDefaultValue("default_max_teams",4);
 $editor->setFieldDefaultValue("default_min_team_size",1);
 $editor->setFieldDefaultValue("default_max_team_size",6);
 $editor->setFieldDefaultValue("default_min_judges",1);
 $editor->setFieldDefaultValue("default_max_judges",2);
 $editor->setFieldDefaultValue("default_min_volunteers",1);
 $editor->setFieldDefaultValue("default_max_volunteers",5);
 $editor->execute();
 send_footer();
 ?>
--- a/admin/eventsscheduling.php
+++ b/admin/eventsscheduling.php
@ -1,41 +0,0 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
   Copyright (C) 2005 James Grant <james@lightbox.org>
   This program is free software; you can redistribute it and/or
   modify it under the terms of the GNU General Public
   License as published by the Free Software Foundation, version 2.
   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    General Public License for more details.
   You should have received a copy of the GNU General Public License
   along with this program; see the file COPYING.  If not, write to
   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
   Boston, MA 02111-1307, USA.
 */
 ?>
 <?
 require("../common.inc.php");
 require_once("../user.inc.php");
 user_auth_required('admin');
 send_header("Events &amp; Scheduling", 
 	array('Committee Main' => 'committee_main.php',
 		'Administration' => 'admin/index.php'),
        "events_scheduling" );
 echo "<br />";
 echo "<a href=\"locations.php\">".i18n('Event Locations')."</a><br />";
 echo "<a href=\"events.php\">".i18n('Event Management')."</a><br />";
 echo "<a href=\"schedule.php\">".i18n('Schedule Management')."</a><br />";
 send_footer();
 ?>
--- a/admin/exhibithall_sa.php
+++ b/admin/exhibithall_sa.php
@ -1,71 +1,78 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2010 David Grant <dave@lightbox.org>
+/*
-
+ * This file is part of the 'Science Fair In A Box' project
-   This program is free software; you can redistribute it and/or
+ * SFIAB Website: http://www.sfiab.ca
-   modify it under the terms of the GNU General Public
+ *
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2010 David Grant <dave@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
-require_once('../common.inc.php');
+require_once ('../common.inc.php');
-require_once('judges.inc.php'); /* for getJudgingEligibilityCode() */
+require_once ('judges.inc.php');  /* for getJudgingEligibilityCode() */
-require_once('anneal.inc.php');
+require_once ('anneal.inc.php');
-if($_SERVER['SERVER_ADDR']) {
+if ($_SERVER['SERVER_ADDR']) {
-	echo "This script must be run from the command line";
+	echo 'This script must be run from the command line';
 	exit;
 }
 $action = '';
-switch($argv[1]) {
+switch ($argv[1]) {
-case '--images':
+	case '--images':
-	$action = 'images';
+		$action = 'images';
-	break;
+		break;
-case '--pn':
+	case '--pn':
-	$action = 'pn';
+		$action = 'pn';
-	break;
+		break;
 }
-//function TRACE() { }
+// function TRACE() { }
-//function TRACE_R() { }
+// function TRACE_R() { }
-function TRACE($str) { print($str); }
+function TRACE($str)
-function TRACE_R($array) { print_r($array); }
+{
 	print ($str);
 }
 function TRACE_R($array)
 {
 	print_r($array);
 }
 function point_rotate($x, $y, $deg)
 {
 	/* Use - orienttaiotn because rotation is always done from dest->src */
 	$r = deg2rad(-$deg);
-	return array(round($x*cos($r) - $y*sin($r), 6), round($x*sin($r) + $y*cos($r), 6));
+	return array(round($x * cos($r) - $y * sin($r), 6), round($x * sin($r) + $y * cos($r), 6));
 }
 function point_translate($x, $y, $dx, $dy)
 {
-	return array ($x+$dx, $y+$dy);
+	return array($x + $dx, $y + $dy);
 }
 function is_point_in_object($x, $y, $o)
 {
 	/* Translate the point to the object origin */
 	list($x, $y) = point_translate($x, $y, -$o['x'], -$o['y']);
-	/* Rotate the point to the object's frame of reference*/
+	/* Rotate the point to the object's frame of reference */
 	list($x, $y) = point_rotate($x, $y, -$o['orientation']);
 	/* Is it within the object now ? */
-	if(abs($x) <= $o['w2'] && abs($y) <= $o['h2'])
+	if (abs($x) <= $o['w2'] && abs($y) <= $o['h2'])
 		return true;
 	return false;
 }
@ -75,37 +82,35 @@ function queue_new()
 	return array('head' => NULL, 'tail' => NULL);
 }
 function grid_path_cmp($a, $b)
 {
 	/* This must return an integer! Strange-things(tm) happen if it doesn't */
-	if($a['distance'] == $b['distance']) return 0;
+	if ($a['distance'] == $b['distance'])
 		return 0;
 	return ($a['distance'] < $b['distance']) ? -1 : 1;
 }
 function grid_path_check(&$i_eh, &$queue, &$loc, &$end, $ix, $iy)
 {
-	$next_loc =& $i_eh[$ix][$iy];
+	$next_loc = &$i_eh[$ix][$iy];
-//	TRACE("Checking next loc($ix,$iy) ({$next_loc['x']},{$next_loc['y']})\n");
+	//	TRACE("Checking next loc($ix,$iy) ({$next_loc['x']},{$next_loc['y']})\n");
 	/* Don't revisit anything */
-	if($next_loc['visited'] == true) {
+	if ($next_loc['visited'] == true) {
-//		TRACE("   Already Visited.\n");
+		//		TRACE("   Already Visited.\n");
 		return false;
 	}
 	$next_loc['visited'] = true;
-	if(count($next_loc['ids']) != 0) {
+	if (count($next_loc['ids']) != 0) {
-//		TRACE("   Object occupying this gridloc.\n");
+		//		TRACE("   Object occupying this gridloc.\n");
 		/* There's something here, can't do anything */
 		return false;
 	}
 	$next_loc['distance'] = distance($next_loc['x'], $next_loc['y'], $end['x'], $end['y']);
 	$next_loc['path_length'] = $loc['path_length'] + 1;
-//	TRACE("   distance={$next_loc['distance']}, path_length={$next_loc['path_length']}\n");
+	//	TRACE("   distance={$next_loc['distance']}, path_length={$next_loc['path_length']}\n");
 	/* Add to processing queue in order */
 	array_push($queue, $next_loc);
@ -118,16 +123,16 @@ function grid_path($src, $dst)
 	$start = &$i_eh[$src['front_grid_ix']][$src['front_grid_iy']];
 	$end = &$i_eh[$dst['front_grid_ix']][$dst['front_grid_iy']];
-//	TRACE("Path ({$start['x']},{$start['y']}) -> ({$end['x']},{$end['y']})\n");
+	//	TRACE("Path ({$start['x']},{$start['y']}) -> ({$end['x']},{$end['y']})\n");
 	/* Clean out temp data */
-	for($x=0;$x<$i_eh['grid_w']; $x++) {
+	for ($x = 0; $x < $i_eh['grid_w']; $x++) {
-		for($y=0;$y<$i_eh['grid_h']; $y++) {
+		for ($y = 0; $y < $i_eh['grid_h']; $y++) {
 			$i_eh[$x][$y]['visited'] = false;
 		}
 	}
-//	print_r($i_eh);
+	//	print_r($i_eh);
 	/* Seed the exploration queue */
 	$queue = array();
@ -136,45 +141,50 @@ function grid_path($src, $dst)
 	$start['visited'] = true;
 	array_push($queue, $start);
-	while(1) {
+	while (1) {
-		if(count($queue) == 0) break;
+		if (count($queue) == 0)
 			break;
-//		print_r($queue);
+		//		print_r($queue);
 		/* Dequeue head */
 		$loc = array_shift($queue);
 		/* Cut it off after a long walk */
-		if($loc['path_length'] > 25) break;
+		if ($loc['path_length'] > 25)
 			break;
-//		TRACE("Dequeue: ({$loc['x']},{$loc['y']})\n");
+		//		TRACE("Dequeue: ({$loc['x']},{$loc['y']})\n");
 		/* Is this our destionation ? */
-		if($loc['x'] == $end['x'] && $loc['y'] == $end['y']) {
+		if ($loc['x'] == $end['x'] && $loc['y'] == $end['y']) {
-//			TRACE("Found destination, path_length={$loc['path_length']}\n");
+			//			TRACE("Found destination, path_length={$loc['path_length']}\n");
 			return $loc['path_length'];
 		}
 		/* All 4 directions */
-		if($loc['ix'] > 0) grid_path_check($i_eh, $queue,$loc, $end, $loc['ix']-1, $loc['iy']);
+		if ($loc['ix'] > 0)
-		if($loc['ix'] < $i_eh['grid_w']-1) grid_path_check($i_eh, $queue, $loc, $end, $loc['ix']+1, $loc['iy']);
+			grid_path_check($i_eh, $queue, $loc, $end, $loc['ix'] - 1, $loc['iy']);
-		if($loc['iy'] > 0) grid_path_check($i_eh, $queue, $loc, $end, $loc['ix'], $loc['iy']-1);
+		if ($loc['ix'] < $i_eh['grid_w'] - 1)
-		if($loc['iy'] < $i_eh['grid_h']-1) grid_path_check($i_eh, $queue, $loc, $end, $loc['ix'], $loc['iy']+1);
+			grid_path_check($i_eh, $queue, $loc, $end, $loc['ix'] + 1, $loc['iy']);
 		if ($loc['iy'] > 0)
 			grid_path_check($i_eh, $queue, $loc, $end, $loc['ix'], $loc['iy'] - 1);
 		if ($loc['iy'] < $i_eh['grid_h'] - 1)
 			grid_path_check($i_eh, $queue, $loc, $end, $loc['ix'], $loc['iy'] + 1);
 		usort($queue, 'grid_path_cmp');
 	}
-//	TRACE("No path found\n");
+	//	TRACE("No path found\n");
-//	exit;
+	//	exit;
 	return 100;
 }
 TRACE("<pre>\n");
 /* Load exhibit halls */
 $exhibithall = array();
-$q = mysql_query("SELECT * FROM exhibithall WHERE type='exhibithall'");
+$q = $pdo->prepare("SELECT * FROM exhibithall WHERE type='exhibithall'");
 $q->execute();
 TRACE("Loading exhibit halls...\n");
-while(($r = mysql_fetch_assoc($q))) {
+while (($r = $q->fetch(PDO::FETCH_ASSOC))) {
 	$r['divs'] = unserialize($r['divs']);
 	$r['cats'] = unserialize($r['cats']);
 	$exhibithall[$r['id']] = $r;
@ -183,124 +193,132 @@ while(($r = mysql_fetch_assoc($q))) {
 /* Load objects */
 $objects = array();
-$q = mysql_query("SELECT * FROM exhibithall WHERE type='wall' OR type='project'");
+$q = $pdo->prepare("SELECT * FROM exhibithall WHERE type='wall' OR type='project'");
 $q->execute();
 TRACE("Loading objects...\n");
-while(($r = mysql_fetch_assoc($q))) {
+while (($r = $q->fetch([PDO::FETCH_ASSOC]))) {
 	$r['divs'] = unserialize($r['divs']);
 	$r['cats'] = unserialize($r['cats']);
 	$objects[$r['id']] = $r;
 }
-TRACE(count($objects)." objects loaded.\n");
+TRACE(count($objects) . " objects loaded.\n");
 /* Compute stuff */
-foreach($objects as $oid=>$o) {
+foreach ($objects as $oid => $o) {
-	$objects[$oid]['w2'] = $o['w']/2;
+	$objects[$oid]['w2'] = $o['w'] / 2;
-	$objects[$oid]['h2'] = $o['h']/2;
+	$objects[$oid]['h2'] = $o['h'] / 2;
 }
 /* The grid size is the smallest object dimension */
 $grid_size = 100;
-foreach($objects as $oid=>$o) {
+foreach ($objects as $oid => $o) {
-	if($grid_size > $o['w']) $grid_size = $o['w'];
+	if ($grid_size > $o['w'])
-	if($grid_size > $o['h']) $grid_size = $o['h'];
+		$grid_size = $o['w'];
 	if ($grid_size > $o['h'])
 		$grid_size = $o['h'];
 }
 $grid_size /= 2;
 TRACE("Grid size: {$grid_size}m\n");
 // print_r($exhibithall);
-//print_r($exhibithall);
+// print_r($objects);
 //print_r($objects);
 $div = array();
 TRACE("Loading Project Divisions...\n");
-$q=mysql_query("SELECT * FROM projectdivisions WHERE conferences_id='{$conference['id']}' ORDER BY id");
+$q = $pdo->prepare("SELECT * FROM projectdivisions WHERE year='{$config['FAIRYEAR']}' ORDER BY id");
-while($r=mysql_fetch_object($q))
+while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-{
+	$divshort[$r->id] = $r->division_shortform;
-	$divshort[$r->id]=$r->division_shortform;
+	$div[$r->id] = $r->division;
 	$div[$r->id]=$r->division;
 	TRACE("   {$r->id} - {$div[$r->id]}\n");
 }
 TRACE("Loading Project Age Categories...\n");
 $cat = array();
-$q=mysql_query("SELECT * FROM projectcategories WHERE conferences_id='{$conference['id']}' ORDER BY id");
+$q = $pdo->prepare("SELECT * FROM projectcategories WHERE year='{$config['FAIRYEAR']}' ORDER BY id");
-while($r=mysql_fetch_object($q)) {
+$q->execute();
-	$catshort[$r->id]=$r->category_shortform;
+while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-	$cat[$r->id]=$r->category;
+	$catshort[$r->id] = $r->category_shortform;
 	$cat[$r->id] = $r->category;
 	TRACE("   {$r->id} - {$r->category}\n");
 }
 TRACE("Loading Projects...\n");
 $projects = array();
-$q = mysql_query("SELECT projects.* FROM projects, registrations 
+$q = $pdo->prepare("SELECT projects.* FROM projects, registrations 
 				WHERE
-					projects.conferences_id='{$conference['id']}' 
+					projects.year='{$config['FAIRYEAR']}' 
 					AND registrations.id = projects.registrations_id
-				".getJudgingEligibilityCode());
+				" . getJudgingEligibilityCode());
-while($p = mysql_fetch_object($q)) {
+$q->execute();
-	$qq = mysql_query("SELECT grade,schools_id FROM students WHERE registrations_id='{$p->registrations_id}'");
+while ($p = $q->fetch(PDO::FETCH_OBJ)) {
-	$num_students = mysql_num_rows($qq);
+	$qq = $pdo->prepare("SELECT grade,schools_id FROM students WHERE registrations_id='{$p->registrations_id}'");
 	$qq->execute();
 	$num_students = $qq->rowCouunt();
 	$grade = 0;
 	$schools_id = 0;
-	while($s = mysql_fetch_assoc($qq)) {
+	while ($s = $qq->fetch(PDO::FETCH_ASSOC)) {
-		if($s['grade'] > $grade) {
+		if ($s['grade'] > $grade) {
 			$grade = $s['grade'];
 			$schools_id = $s['schools_id'];
 		}
 	}
-	$projects[$p->id] = array( 
+	$projects[$p->id] = array(
-			'projects_id' => $p->id,
+		'projects_id' => $p->id,
-			'div' => $p->projectdivisions_id,
+		'div' => $p->projectdivisions_id,
-			'cat' => $p->projectcategories_id,
+		'cat' => $p->projectcategories_id,
-			'grade' => $grade,
+		'grade' => $grade,
-			'schools_id' => $schools_id,
+		'schools_id' => $schools_id,
-			'req_electricity' => $p->req_electricity,
+		'req_electricity' => $p->req_electricity,
-			'projectnumber' => $p->projectnumber,
+		'projectnumber' => $p->projectnumber,
-			'floornumber' => $p->floornumber,
+		'floornumber' => $p->floornumber,
-			'num_students' => $num_students);
+		'num_students' => $num_students
 	);
 }
-TRACE(count($projects)." projects loaded.\n");
+TRACE(count($projects) . " projects loaded.\n");
-if($action == 'pn') {
+if ($action == 'pn') {
 	TRACE("Generating Project Numbers from Floor Locations...\n");
-	foreach($projects as $p) {
+	foreach ($projects as $p) {
 		$c = $catshort[$p['cat']];
 		$d = $divshort[$p['div']];
-		$n = sprintf("%03d", $p['floornumber']);
+		$n = sprintf('%03d', $p['floornumber']);
 		$pn = "$c $n $d";
 		TRACE("Project {$p['projects_id']} at loc {$p['floornumber']}: $pn\n");
-		mysql_query("UPDATE projects SET projectnumber='$pn' WHERE id='{$p['projects_id']}'");
+		$q = $pdo->prepare("UPDATE projects SET projectnumber='$pn' WHERE id='{$p['projects_id']}'");
 		$q->execute();
 	}
 	TRACE("Done.\n");
 	exit;
 }
 /* Assign objects to grid locations */
-foreach($exhibithall as &$i_eh) {
+foreach ($exhibithall as &$i_eh) {
 	TRACE("Assigning objects to grid locations for {$i_eh['name']}...\n");
 	$ix = 0;
 	$i_eh['grid_w'] = 0;
 	$i_eh['grid_h'] = 0;
-	for($x=0;$x<=$i_eh['w'];$x+=$grid_size,$ix++) {
+	for ($x = 0; $x <= $i_eh['w']; $x += $grid_size, $ix++) {
-		if($ix <= $i_eh['grid_w']) $i_eh['grid_w'] = $ix+1;
+		if ($ix <= $i_eh['grid_w'])
 			$i_eh['grid_w'] = $ix + 1;
 		$iy = 0;
-		for($y=0;$y<=$i_eh['h'];$y+=$grid_size,$iy++) {
+		for ($y = 0; $y <= $i_eh['h']; $y += $grid_size, $iy++) {
-			if($iy <= $i_eh['grid_h']) $i_eh['grid_h'] = $iy+1;
+			if ($iy <= $i_eh['grid_h'])
 				$i_eh['grid_h'] = $iy + 1;
 			/* Initialize element if required */
-			if(!is_array($i_eh[$ix][$iy])) {
+			if (!is_array($i_eh[$ix][$iy])) {
-				$i_eh[$ix][$iy] = array( 'x' => $x, 'ix' => $ix,
+				$i_eh[$ix][$iy] = array('x' => $x, 'ix' => $ix,
-							'y' => $y, 'iy' => $iy,
+					'y' => $y, 'iy' => $iy,
-							'ids' => array(),
+					'ids' => array(),
-							'project_front' => 0);
+					'project_front' => 0);
 			}
 			/* Scan all objects */
-			foreach($objects as $oid=>$o) {
+			foreach ($objects as $oid => $o) {
-				if($o['exhibithall_id'] != $i_eh['id']) continue;
+				if ($o['exhibithall_id'] != $i_eh['id'])
-				if(is_point_in_object($x, $y, $o)) {
+					continue;
 				if (is_point_in_object($x, $y, $o)) {
 					$i_eh[$ix][$iy]['ids'][] = $oid;
 				}
 			}
@ -310,14 +328,15 @@ foreach($exhibithall as &$i_eh) {
 }
 TRACE("Done.\n");
-function distance($x1,$y1,$x2,$y2)
+function distance($x1, $y1, $x2, $y2)
 {
-	return sqrt( ($x1-$x2)*($x1-$x2)+($y1-$y2)*($y1-$y2) );
+	return sqrt(($x1 - $x2) * ($x1 - $x2) + ($y1 - $y2) * ($y1 - $y2));
 }
 TRACE("Computing gridlocation of front of projects...\n");
-foreach($objects as $oid=>$o) {
+foreach ($objects as $oid => $o) {
-	if($o['type'] != 'project') continue;
+	if ($o['type'] != 'project')
 		continue;
 	/* Get a pointer to the exhibit hall */
 	$i_eh = &$exhibithall[$o['exhibithall_id']];
@ -325,36 +344,41 @@ foreach($objects as $oid=>$o) {
 	/* Compute the xy of the front (that's the bottom edge of the unrotate project) */
 	$fx = 0;
 	$fy = $o['h2'];
-//	TRACE("Front orig: ($fx,$fy)\n");
+	//	TRACE("Front orig: ($fx,$fy)\n");
 	/* Rotate the point */
 	list($fx, $fy) = point_rotate($fx, $fy, $o['orientation']);
-//	TRACE("Front rotate by {$o['orientation']}: ($fx,$fy) \n");
+	//	TRACE("Front rotate by {$o['orientation']}: ($fx,$fy) \n");
 	/* Translate it to the proper position of the object */
 	list($fx, $fy) = point_translate($fx, $fy, $o['x'], $o['y']);
-//	TRACE("Front: ($fx,$fy) $grid_size\n");
+	//	TRACE("Front: ($fx,$fy) $grid_size\n");
-	/* Snap to grid offsets  */
+	/* Snap to grid offsets */
-	$gx = intval($fx / $grid_size); //* $grid_size;
+	$gx = intval($fx / $grid_size);  // * $grid_size;
-	$gy = intval($fy / $grid_size); //* $grid_size;
+	$gy = intval($fy / $grid_size);  // * $grid_size;
-//	TRACE("Search grid around $gx, $gy\n");
+	//	TRACE("Search grid around $gx, $gy\n");
-	/* Search around that grid for a free spot, closest to $fx,$fy,
+
-	 * with no objects and no object_front */
+	/*
 	 * Search around that grid for a free spot, closest to $fx,$fy,
 	 * with no objects and no object_front
 	 */
 	$smallest_d = $i_eh['w'];
 	$smallest_ix = 0;
 	$smallest_iy = 0;
 	$found = false;
-	for($x = $gx - 1; $x <= $gx + 1; $x++) {
+	for ($x = $gx - 1; $x <= $gx + 1; $x++) {
-		for($y = $gy - 1; $y <= $gy + 1; $y++) {
+		for ($y = $gy - 1; $y <= $gy + 1; $y++) {
-//			TRACE("At ($x, $y) :\n");
+			//			TRACE("At ($x, $y) :\n");
-//			print_r($i_eh[$x][$y]);
+			//			print_r($i_eh[$x][$y]);
-			if(count($i_eh[$x][$y]['ids'])) continue;
+			if (count($i_eh[$x][$y]['ids']))
-			if($i_eh[$x][$y]['project_front'] > 0) continue;
+				continue;
 			if ($i_eh[$x][$y]['project_front'] > 0)
 				continue;
 			/* Check distance */
 			$d = distance($i_eh[$x][$y]['x'], $i_eh[$x][$y]['y'], $fx, $fy);
-			if($d < $smallest_d) {
+			if ($d < $smallest_d) {
 				$smallest_d = $d;
 				$smallest_ix = $x;
 				$smallest_iy = $y;
@ -363,7 +387,7 @@ foreach($objects as $oid=>$o) {
 		}
 	}
-	if($found == false) {
+	if ($found == false) {
 		echo "ERROR: couldn't find project front for:\n";
 		print_r($o);
 		exit;
@ -377,16 +401,17 @@ foreach($objects as $oid=>$o) {
 }
 TRACE("Done.\n");
-switch($action) {
+switch ($action) {
-case 'images':
+	case 'images':
-	exhibithall_images();
+		exhibithall_images();
-	exit;
+		exit;
 }
 /* Compute closest projects to each project */
 $project_distance = 100 / $grid_size;
-foreach($objects as $oid=>$o) {
+foreach ($objects as $oid => $o) {
-	if($o['type'] != 'project') continue;
+	if ($o['type'] != 'project')
 		continue;
 	TRACE("Computing paths for {$o['name']}...\n");
@ -397,13 +422,16 @@ foreach($objects as $oid=>$o) {
 	$grid_start = &$i_eh[$o['front_grid_ix']][$o['front_grid_iy']];
 	/* Path to all other objects in the same exhibit hall */
-	foreach($objects as $d_oid=>$d_o) {
+	foreach ($objects as $d_oid => $d_o) {
-		if($d_oid == $oid) continue;
+		if ($d_oid == $oid)
-		if($o['exhibithall_id'] != $d_o['exhibithall_id']) continue;
+			continue;
 		if ($o['exhibithall_id'] != $d_o['exhibithall_id'])
 			continue;
 		$d = grid_path($o, $d_o);
-		$objects[$oid]['nearby_projects'][] = array('distance' => $d, 'id'=>$d_oid);
+		$objects[$oid]['nearby_projects'][] = array('distance' => $d, 'id' => $d_oid);
-		if($d < $project_distance) $project_distance = $d;
+		if ($d < $project_distance)
 			$project_distance = $d;
 	}
 	/* Use the grid_path_cmp to sort the projects based on 'distance' */
 	usort($objects[$oid]['nearby_projects'], 'grid_path_cmp');
@ -411,29 +439,29 @@ foreach($objects as $oid=>$o) {
 TRACE("Project Distance: {$project_distance} hops\n");
 /* Compute project distances */
-foreach($objects as $oid=>$o) {
+foreach ($objects as $oid => $o) {
-	if($o['type'] != 'project') continue;
+	if ($o['type'] != 'project')
-	foreach($objects[$oid]['nearby_projects'] as &$nearby_project) {
+		continue;
 	foreach ($objects[$oid]['nearby_projects'] as &$nearby_project) {
 		$nearby_project['project_distance'] = $nearby_project['distance'] / $project_distance;
 	}
 }
-
+/* Build a list of floor objects for the annealer */
 /* Build a list of floor objects for the annealer*/
 $floor_objects = array();
 $x = 0;
-foreach($objects as $oid=>$o) {
+foreach ($objects as $oid => $o) {
-	if($o['type'] != 'project') continue;
+	if ($o['type'] != 'project')
-	$objects[$oid]['floor_object_offset'] = $x; /* The same as the annealer bucket id */
+		continue;
 	$objects[$oid]['floor_object_offset'] = $x;  /* The same as the annealer bucket id */
 	$floor_objects[$x++] = &$objects[$oid];
 }
-
+/*
-/* Project floor location cost:
+ * Project floor location cost:
 * - Keep divisions together
 * - keep grades together
- * - a project should have one of the same school nearby or adjacent, but not a lot nearby 
+ * - a project should have one of the same school nearby or adjacent, but not a lot nearby
 */
 function project_cost(&$annealer, $bucket_id, $ids)
 {
@ -446,11 +474,11 @@ function project_cost(&$annealer, $bucket_id, $ids)
 	/* The exhibit hall */
 	$eh = &$exhibithall[$o['exhibithall_id']];
-	if(count($ids) == 0) {
+	if (count($ids) == 0) {
-//		TRACE("No items in bucket, returning 0.\n");
+		//		TRACE("No items in bucket, returning 0.\n");
 		return 0;
 	}
-	if(count($ids) > 1) {
+	if (count($ids) > 1) {
 		echo "More than one item in bucket! Bug somewhere.\n";
 		exit;
 	}
@ -463,88 +491,92 @@ function project_cost(&$annealer, $bucket_id, $ids)
 	$grade_match = 0;
 	$x = 0;
-//	TRACE("Cost for bucket $bucket_id...\n");
+	//	TRACE("Cost for bucket $bucket_id...\n");
 	$min = $p['grade'];
 	$max = $p['grade'];
-	foreach($o['nearby_projects'] as &$n) {
+	foreach ($o['nearby_projects'] as &$n) {
-		
+		/* Get the nearby project object */
 		/* Get the nearby project object*/
 		$nearby_o = &$objects[$n['id']];
-//		TRACE("   Scanning nearby location {$n['id']} (distance={$n['distance']})\n");
+		//		TRACE("   Scanning nearby location {$n['id']} (distance={$n['distance']})\n");
-//		print_r($nearby_o);
+		//		print_r($nearby_o);
 		$nearby_bucket_id = $nearby_o['floor_object_offset'];
 		$nearby_bkt = &$annealer->bucket[$nearby_bucket_id];
-//		TRACE("      Bucket id: {$nearby_bucket_id} with  ".count($nearby_bkt)." items\n");
+		//		TRACE("      Bucket id: {$nearby_bucket_id} with  ".count($nearby_bkt)." items\n");
-		if(count($nearby_bkt) == 0) continue;
+		if (count($nearby_bkt) == 0)
 			continue;
 		$nearby_p = &$projects[$nearby_bkt[0]];
 		/* Only consider closest 5 projects for school */
-		if($nearby_p['schools_id'] == $p['schools_id']) {
+		if ($nearby_p['schools_id'] == $p['schools_id']) {
-			if($x < 5) $school_match++;
+			if ($x < 5)
 				$school_match++;
 		}
 		/* Closest 5 projects for divs */
-		if($nearby_p['div'] == $p['div']) {
+		if ($nearby_p['div'] == $p['div']) {
-			if($x < 5) $div_match++;
+			if ($x < 5)
 				$div_match++;
 		}
 		/* Closest 10 for grade variance */
-		if($x < 10) {
+		if ($x < 10) {
-			if($nearby_p['grade'] < $min) $min = $nearby_p['grade'];
+			if ($nearby_p['grade'] < $min)
-			if($nearby_p['grade'] > $max) $max = $nearby_p['grade'];
+				$min = $nearby_p['grade'];
 			if ($nearby_p['grade'] > $max)
 				$max = $nearby_p['grade'];
 		}
 		$x++;
-		if($x == 10) break;
+		if ($x == 10)
 			break;
 	}
-	if($school_match == 0) {
+	if ($school_match == 0) {
-//		TRACE("   No school nearby\n");
+		//		TRACE("   No school nearby\n");
 		$cost += 5;
 	}
-	if($school_match > 2) {
+	if ($school_match > 2) {
-//		TRACE("   Too many schools bunched up\n");
+		//		TRACE("   Too many schools bunched up\n");
-		$cost += 2 * ($school_match-1);
+		$cost += 2 * ($school_match - 1);
 	}
-	if($div_match < 2) {
+	if ($div_match < 2) {
-//		TRACE("   No divs nearby\n");
+		//		TRACE("   No divs nearby\n");
 		$cost += 20;
 	}
-	if($div_match > 4) {
+	if ($div_match > 4) {
-//		TRACE("   Divs bunching up\n");
+		//		TRACE("   Divs bunching up\n");
 		$cost += 10 * ($div_match - 4);
 	}
-	
+
-	if($max - $min > 0) {
+	if ($max - $min > 0) {
 		/* Don't want bunching up grades eitehr */
-//		TRACE("   Grades too spread out\n");
+		//		TRACE("   Grades too spread out\n");
-		$cost += 50 * ($max-$min);
+		$cost += 50 * ($max - $min);
 	}
 	/* Make sure this project is allowed in this exhibit hall */
-	if(!in_array($p['div'], $eh['divs']))
+	if (!in_array($p['div'], $eh['divs']))
 		$cost += 1000;
-	if(!in_array($p['cat'], $eh['cats']))
+	if (!in_array($p['cat'], $eh['cats']))
 		$cost += 1000;
 	/* Make sure this project is allowed in this floor object too */
-	if(count($o['divs']) > 0 && !in_array($p['div'], $o['divs']))
+	if (count($o['divs']) > 0 && !in_array($p['div'], $o['divs']))
 		$cost += 1000;
-	if(count($o['cats']) > 0 && !in_array($p['cat'], $o['cats']))
+	if (count($o['cats']) > 0 && !in_array($p['cat'], $o['cats']))
 		$cost += 1000;
 	/* Match electricity */
-	if($p['req_electricity'] == 'yes' && $o['has_electricity'] == 'no') {
+	if ($p['req_electricity'] == 'yes' && $o['has_electricity'] == 'no') {
 		$cost += 1000;
 	}
 //	TRACE("Cost for bucket $bucket_id = $cost\n");
 	return $cost;
 	//	TRACE("Cost for bucket $bucket_id = $cost\n");
 	return $cost;
 }
 function project_bucket_ids($annealer, $bucket_id)
@ -557,35 +589,35 @@ function project_bucket_ids($annealer, $bucket_id)
 	/* Find the 10 closest projects */
 	$x = 0;
-	foreach($o['nearby_projects'] as &$n) {
+	foreach ($o['nearby_projects'] as &$n) {
 		$nearby_o = &$objects[$n['id']];
 		$recompute_ids[] = $nearby_o['floor_object_offset'];
 		$x++;
-		if($x == 15) break;
+		if ($x == 15)
 			break;
 	}
 	return $recompute_ids;
 }
- 
+$e = 10 * ($config['effort'] / 1000) * pow(count($projects), 1.3333);
 $e =  10 * ($config['effort'] / 1000) * pow(count($projects), 1.3333);
 $project_ids = array_keys($projects);
-//array_splice($project_ids, 20);
+// array_splice($project_ids, 20);
-$a = new annealer(count($floor_objects), 125, $e, 0.9, 
+$a = new annealer(count($floor_objects), 125, $e, 0.9,
-		project_cost, $project_ids);
+	project_cost, $project_ids);
 $a->set_max_items_per_bucket(1);
-//$a->set_delta_cost_bucket_ids_callback(project_bucket_ids);
+// $a->set_delta_cost_bucket_ids_callback(project_bucket_ids);
 $a->anneal();
-for($x=0;$x<$a->num_buckets; $x++) {
+for ($x = 0; $x < $a->num_buckets; $x++) {
 	$bkt = $a->bucket[$x];
-	if(count($bkt) > 1) {
+	if (count($bkt) > 1) {
 		TRACE("Assigned more than one project to bucket $x\n");
 		exit;
 	}
-	if(count($bkt) == 0) continue;
+	if (count($bkt) == 0)
 		continue;
 	/* Get the project id in this bucket */
 	$projects_id = array_shift($bkt);
@ -597,76 +629,70 @@ for($x=0;$x<$a->num_buckets; $x++) {
 print_r($projects);
 /* Assign floor numbers */
-mysql_query("UPDATE projects SET floornumber=0 WHERE conferences_id='{$conference['id']}'");
+$q = $pdo->prepare("UPDATE projects SET floornumber=0 WHERE year='{$config['FAIRYEAR']}'");
 $q->execute();
-foreach($projects as $pid=>$p) {
+foreach ($projects as $pid => $p) {
-	mysql_query("UPDATE projects SET floornumber='{$p['floornumber']}' WHERE id='$pid'");
+	$q = $pdo->prepare("UPDATE projects SET floornumber='{$p['floornumber']}' WHERE id='$pid'");
 	$q->execute();
 	TRACE("Project $pid => Floor number {$p['floornumber']}\n");
 }
-TRACE("</pre>");
+TRACE('</pre>');
 function exhibithall_images()
 {
 	global $exhibithall, $objects, $projects;
 	/* Assign project IDs to objects */
-	foreach($objects as $oid=>$o) {
+	foreach ($objects as $oid => $o) {
-		foreach($projects as $pid=>$p) {
+		foreach ($projects as $pid => $p) {
-			if($p['floornumber'] == $o['floornumber']) {
+			if ($p['floornumber'] == $o['floornumber']) {
 				$objects[$oid]['projects_id'] = $pid;
 				break;
 			}
 		}
 	}
-	foreach($exhibithall as &$i_eh) {
+	foreach ($exhibithall as &$i_eh) {
-
+		$i = imagecreatetruecolor($i_eh['w'] * 100, $i_eh['h'] * 100);
 		$i = imagecreatetruecolor($i_eh['w']*100, $i_eh['h']*100);
 		$c_grey = imagecolorallocate($i, 128, 128, 128);
 		$c_white = imagecolorallocate($i, 255, 255, 255);
 		$c_black = imagecolorallocate($i, 0, 0, 0);
 		// Fill the background with the color selected above.
 		imagefill($i, 0, 0, $c_white);
-		imagerectangle($i, 0, 0, $i_eh['w']*100 - 1, $i_eh['h']*100 - 1, $c_black);
+		imagerectangle($i, 0, 0, $i_eh['w'] * 100 - 1, $i_eh['h'] * 100 - 1, $c_black);
-		for($ix=0;$ix<=$i_eh['grid_w'];$ix++) {
+		for ($ix = 0; $ix <= $i_eh['grid_w']; $ix++) {
-			for($iy=0;$iy<=$i_eh['grid_h'];$iy++) {
+			for ($iy = 0; $iy <= $i_eh['grid_h']; $iy++) {
 				$l = $i_eh[$ix][$iy];
-				if(count($l['ids']) > 0) {
+				if (count($l['ids']) > 0) {
-					imageellipse($i, $l['x']*100, $l['y']*100, 1, 1, $c_black);
+					imageellipse($i, $l['x'] * 100, $l['y'] * 100, 1, 1, $c_black);
 				} else {
-					imageellipse($i, $l['x']*100, $l['y']*100, 1, 1, $c_grey);
+					imageellipse($i, $l['x'] * 100, $l['y'] * 100, 1, 1, $c_grey);
 				}
 			}
 		}
-		foreach($objects as $oid=>$o) {
+		foreach ($objects as $oid => $o) {
-			if($o['exhibithall_id'] != $i_eh['id']) continue;
+			if ($o['exhibithall_id'] != $i_eh['id'])
 				continue;
-			list($x1,$y1) = point_rotate(-$o['w2'], -$o['h2'], $o['orientation']);
+			list($x1, $y1) = point_rotate(-$o['w2'], -$o['h2'], $o['orientation']);
-			list($x2,$y2) = point_rotate($o['w2'], $o['h2'], $o['orientation']);
+			list($x2, $y2) = point_rotate($o['w2'], $o['h2'], $o['orientation']);
-			imagerectangle($i, ($o['x']+$x1)*100, ($o['y']+$y1)*100, ($o['x']+$x2)*100, ($o['y']+$y2)*100, $c_black);
+			imagerectangle($i, ($o['x'] + $x1) * 100, ($o['y'] + $y1) * 100, ($o['x'] + $x2) * 100, ($o['y'] + $y2) * 100, $c_black);
 			$p = $projects[$o['projects_id']];
-			imagestring($i, 4, $o['x']*100 - 30, $o['y']*100 - 35, "{$o['floornumber']} ({$p['projects_id']})", $c_black);
+			imagestring($i, 4, $o['x'] * 100 - 30, $o['y'] * 100 - 35, "{$o['floornumber']} ({$p['projects_id']})", $c_black);
-			imagestring($i, 4, $o['x']*100 - 30, $o['y']*100 - 20, "gr:{$p['grade']}  ", $c_black);
+			imagestring($i, 4, $o['x'] * 100 - 30, $o['y'] * 100 - 20, "gr:{$p['grade']}  ", $c_black);
 			$d = $divshort[$p['div']];
-			imagestring($i, 4, $o['x']*100 - 30, $o['y']*100 - 5, "d:$d ({$p['div']})", $c_black);
+			imagestring($i, 4, $o['x'] * 100 - 30, $o['y'] * 100 - 5, "d:$d ({$p['div']})", $c_black);
-			imagestring($i, 4, $o['x']*100 - 30, $o['y']*100 + 10, "s:{$p['schools_id']}", $c_black);
+			imagestring($i, 4, $o['x'] * 100 - 30, $o['y'] * 100 + 10, "s:{$p['schools_id']}", $c_black);
-			imagestring($i, 4, $o['x']*100 - 30, $o['y']*100 + 25, "e:{$p['req_electricity']}", $c_black);
+			imagestring($i, 4, $o['x'] * 100 - 30, $o['y'] * 100 + 25, "e:{$p['req_electricity']}", $c_black);
 		}
 		imagepng($i, "./eh-{$i_eh['id']}.png");
 	}
 }
 ?>
--- a/admin/export_checkin.php
+++ b/admin/export_checkin.php
@ -1,44 +1,43 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- require("../lpdf.php");
+require ('../lpdf.php');
-$catq=mysql_query("SELECT * FROM projectcategories WHERE conferences_id='".$conference['id']."' AND id='".$_GET['cat']."'");
+$catq = $pdo->prepare("SELECT * FROM projectcategories WHERE year='" . $config['FAIRYEAR'] . "' AND id='" . $_GET['cat'] . "'");
-if($catr=mysql_fetch_object($catq))
+$catq->execute();
-{
+if ($catr = $catq->fetch(PDO::FETCH_OBJ)) {
-
+	$pdf = new lpdf(i18n($config['fairname']),
- 	$pdf=new lpdf(	i18n($config['fairname']),
+		i18n('Checkin List') . ' - ' . i18n($catr->category),
-			i18n("Checkin List")." - ".i18n($catr->category),
+		$_SERVER['DOCUMENT_ROOT'] . $config['SFIABDIRECTORY'] . '/data/logo-200.gif');
 			$_SERVER['DOCUMENT_ROOT'].$config['SFIABDIRECTORY']."/data/{$conference['id']-logo-200.gif"
 			);
 	$pdf->newPage();
 	$pdf->setFontSize(11);
-	$q=mysql_query("SELECT  registrations.id AS reg_id,
+	$q = $pdo->prepare("SELECT  registrations.id AS reg_id,
 				registrations.num AS reg_num,
 				registrations.status,
 				projects.title,
@ -48,67 +47,65 @@ if($catr=mysql_fetch_object($catq))
 				registrations
 				left outer join projects on projects.registrations_id=registrations.id
 			WHERE
-				registrations.conferences_id='".$conference['id']."' 
+				registrations.year='" . $config['FAIRYEAR'] . "' 
 				AND ( registrations.status='complete' OR registrations.status='paymentpending' )
 				AND projects.projectcategories_id='$catr->id'
 			ORDER BY
 				projects.title
 			");
-		echo mysql_error();
+	$q->execute();
 	show_pdo_errors_if_any($pdo);
-	$table=array();
+	$table = array();
-	//only show the 'paid' column if the regfee > 0.  if registration is fee, then we dont care about the 'paid' column!
+	// only show the 'paid' column if the regfee > 0.  if registration is fee, then we dont care about the 'paid' column!
-	if($config['regfee']>0)
+	if ($config['regfee'] > 0) {
-	{
+		$table['header'] = array(i18n('Paid?'), i18n('Proj #'), i18n('Project Title'), i18n('Student(s)'), i18n('Div'));
-		$table['header']=array(i18n("Paid?"),i18n("Proj #"),i18n("Project Title"),i18n("Student(s)"),i18n("Div"));
+		$table['widths'] = array(0.5, 0.6, 3.5, 2.4, 0.5);
-		$table['widths']=array(0.5,	   	  0.6,		 	3.5,		    2.4,	             0.5);
+		$table['dataalign'] = array('center', 'left', 'left', 'left', 'center');
-		$table['dataalign']=array("center","left","left","left","center");
+	} else {
 		$table['header'] = array(i18n('Proj #'), i18n('Project Title'), i18n('Student(s)'), i18n('Div'));
 		$table['widths'] = array(0.6, 3.7, 2.7, 0.5);
 		$table['dataalign'] = array('left', 'left', 'left', 'center');
 	}
-	else
+	while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-	{
+		$divq = $pdo->prepare("SELECT division,division_shortform FROM projectdivisions WHERE year='" . $config['FAIRYEAR'] . "' AND id='" . $r->projectdivisions_id . "'");
-		$table['header']=array(i18n("Proj #"),i18n("Project Title"),i18n("Student(s)"),i18n("Div"));
+		$divq->execute();
-		$table['widths']=array(	  0.6,		 	3.7,		    2.7,	             0.5);
+		$divr = $divq->fetch(PDO::FETCH_OBJ);
 		$table['dataalign']=array("left","left","left","center");
-	}
+		$sq = $pdo->prepare("SELECT students.firstname,
 	while($r=mysql_fetch_object($q))
 	{
 		$divq=mysql_query("SELECT division,division_shortform FROM projectdivisions WHERE conferences_id='".$conference['id']."' AND id='".$r->projectdivisions_id."'");
 		$divr=mysql_fetch_object($divq);
 		$sq=mysql_query("SELECT students.firstname,
 					students.lastname
 				FROM
 					students
 				WHERE
 					students.registrations_id='$r->reg_id'
 				");
 		$sq->execute();
-		$students="";
+		$students = '';
-		$studnum=0;
+		$studnum = 0;
-		while($studentinfo=mysql_fetch_object($sq))
+		while ($studentinfo = $sq->fetch(PDO::FETCH_OBJ)) {
-		{
+			if ($studnum > 0)
-			if($studnum>0) $students.=", ";
+				$students .= ', ';
-			$students.="$studentinfo->firstname $studentinfo->lastname";
+			$students .= "$studentinfo->firstname $studentinfo->lastname";
 			$studnum++;
 		}
-		//only show the paid column if regfee >0
+		// only show the paid column if regfee >0
-		if($config['regfee']>0)
+		if ($config['regfee'] > 0) {
-		{
+			switch ($r->status) {
-			switch($r->status)
+				case 'paymentpending':
-			{
+					$status_text = 'No';
-				case "paymentpending": $status_text="No"; break;
+					break;
-				case "complete": $status_text=""; break;
+				case 'complete':
 					$status_text = '';
 					break;
 			}
-			$status_text=i18n($status_text);
+			$status_text = i18n($status_text);
 			$table['data'][]=array($status_text,$r->proj_num,$r->title,$students,i18n($divr->division_shortform));
 		}
 		else
 			$table['data'][]=array($r->projectnumber,$r->title,$students,i18n($divr->division_shortform));
 			$table['data'][] = array($status_text, $r->proj_num, $r->title, $students, i18n($divr->division_shortform));
 		} else
 			$table['data'][] = array($r->projectnumber, $r->title, $students, i18n($divr->division_shortform));
 	}
 	$pdf->addTable($table);
--- a/admin/fair_stats.php
+++ b/admin/fair_stats.php
@ -1,517 +1,536 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2007 James Grant <james@lightbox.org>
+/*
-   Copyright (C) 2009 David Grant <dave@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2007 James Grant <james@lightbox.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2009 David Grant <dave@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require_once('../common.inc.php');
+require_once ('../common.inc.php');
- require_once('../user.inc.php');
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- require_once('xml.inc.php');
+require_once ('xml.inc.php');
- require_once('stats.inc.php');
+require_once ('stats.inc.php');
- require_once('curl.inc.php');
+require_once ('curl.inc.php');
- /* Hack so we can jump right to YSC stats */
+/* Hack so we can jump right to YSC stats */
- if($_GET['abbrv'] == 'YSC') {
+if (get_value_from_array($_GET, 'abbrv') == 'YSC') {
- 	$q = mysql_query("SELECT id FROM fairs WHERE abbrv='YSC'");
+	$q = $pdo->prepare("SELECT id FROM fairs WHERE abbrv='YSC'");
-	$r = mysql_fetch_assoc($q);
+	$q->execute();
 	$r = $q->fetch(PDO::FETCH_ASSOC);
 	$_GET['id'] = $r['id'];
- }
+}
-
+function stats_to_ysc($fair, $stats)
- function stats_to_ysc($fair, $stats) 
+{
- {
+	if ($fair['type'] == 'ysc') {
 	if($fair['type'] == 'ysc') {
 		/* Map data into YSC tags */
-	 	$y=array();
+		$y = array();
-		$y["numschoolstotal"]=$stats['schools_total'];
+		$y['numschoolstotal'] = $stats['schools_total'];
-		$y["numschoolsactive"]=$stats['schools_active'];
+		$y['numschoolsactive'] = $stats['schools_active'];
-		$y["numstudents"]=$stats['students_total'];
+		$y['numstudents'] = $stats['students_total'];
-		$y["numk6m"]=$stats['male_1'] + $stats['male_4'];
+		$y['numk6m'] = $stats['male_1'] + $stats['male_4'];
-		$y["numk6f"]=$stats['female_1'] + $stats['female_4'];
+		$y['numk6f'] = $stats['female_1'] + $stats['female_4'];
-		$y["num78m"]=$stats['male_7'];
+		$y['num78m'] = $stats['male_7'];
-		$y["num78f"]=$stats['female_7'];
+		$y['num78f'] = $stats['female_7'];
-		$y["num910m"]=$stats['male_9'];
+		$y['num910m'] = $stats['male_9'];
-		$y["num910f"]=$stats['female_9'];
+		$y['num910f'] = $stats['female_9'];
-		$y["num11upm"]=$stats['male_11'];
+		$y['num11upm'] = $stats['male_11'];
-		$y["num11upf"]=$stats['female_11'];
+		$y['num11upf'] = $stats['female_11'];
-		$y["projk6"]=$stats['projects_1'] + $stats['projects_4'];
+		$y['projk6'] = $stats['projects_1'] + $stats['projects_4'];
-		$y["proj78"]=$stats['projects_7'];
+		$y['proj78'] = $stats['projects_7'];
-		$y["proj910"]=$stats['projects_9'];
+		$y['proj910'] = $stats['projects_9'];
-		$y["proj11up"]=$stats['projects_11'];
+		$y['proj11up'] = $stats['projects_11'];
-		$y["committee"]=$stats['committee_members'];
+		$y['committee'] = $stats['committee_members'];
-		$y["judges"]=$stats['judges'];
+		$y['judges'] = $stats['judges'];
 		return $y;
-	} 
+	}
 	return $stats;
- }
+}
- send_header("Upload Fair Statistics and Information",
+send_header('Upload Fair Statistics and Information',
- 		array('Committee Main' => 'committee_main.php',
+	array('Committee Main' => 'committee_main.php',
-			'Administration' => 'admin/index.php'),
+		'Administration' => 'admin/index.php'),
-            "fair_stats"
+	'fair_stats');
-			);
+echo '<br />';
 echo "<br />";
- /* SFIAB config options server side */
+/* SFIAB config options server side */
- $server_config = array();
+$server_config = array();
- $server_config['participation'] = false;
+$server_config['participation'] = false;
- $server_config['schools_ext'] = false;
+$server_config['schools_ext'] = false;
- $server_config['minorities'] = false;
+$server_config['minorities'] = false;
- $server_config['guests'] = false;
+$server_config['guests'] = false;
- $server_config['sffbc_misc'] = false;
+$server_config['sffbc_misc'] = false;
- $server_config['info'] = false;
+$server_config['info'] = false;
- $server_config['next_chair'] = false;
+$server_config['next_chair'] = false;
- $server_config['scholarships'] = false;
+$server_config['scholarships'] = false;
- $server_config['delegates'] = false;
+$server_config['delegates'] = false;
- if($_GET['year']) $year=intval($_GET['year']);
+if (get_value_from_array($_GET, 'year'))
- else $year=$config['FAIRYEAR'];
+	$year = intval(get_value_from_array($_GET, 'year'));
 else
 	$year = $config['FAIRYEAR'];
- if($_GET['id']) $fairs_id=intval($_GET['id']);
+if (get_value_from_array($_GET, 'id'))
- else if($_POST['id']) $fairs_id=intval($_POST['id']);
+	$fairs_id = intval($_GET['id']);
- else $fairs_id = -1;
+else if (get_value_from_array($_POST, 'id'))
 	$fairs_id = intval($_POST['id']);
 else
 	$fairs_id = -1;
- if($fairs_id != -1) {
+if ($fairs_id != -1) {
- 	$q = mysql_query("SELECT * FROM fairs WHERE id='$fairs_id'");
+	$q = $pdo->prepare("SELECT * FROM fairs WHERE id='$fairs_id'");
-	$fair = mysql_fetch_assoc($q);
+	$q->execute();
- }
+	$fair = $q->fetch(PDO::FETCH_ASSOC);
 }
- $action = $_POST['action'];
+$action = get_value_from_array($_POST, 'action');
- if($action == 'sendstats') {
+if ($action == 'sendstats') {
- 	foreach(array_keys($stats_data) as $k) {
+	foreach (array_keys($stats_data) as $k) {
-		$stats[$k] = $_POST[$k];
+		$stats[$k] = get_value_from_array($_POST, $k);
 	}
 	$stats['year'] = $year;
-	if($fair['type'] == 'ysc') {
+	if ($fair['type'] == 'ysc') {
-	 	$st = stats_to_ysc($fair, $stats);
+		$st = stats_to_ysc($fair, $stats);
 		$req = array('affiliation' => array(
-				"ysf_region_id"=>$fair['username'],
+			'ysf_region_id' => $fair['username'],
-				"ysf_region_password"=>$fair['password'],
+			'ysf_region_password' => $fair['password'],
-				"year"=>$year,
+			'year' => $year,
-				'stats'=>$st)
+			'stats' => $st
-			);
+		));
 	} else {
-		$req = array('stats'=>$stats);
+		$req = array('stats' => $stats);
 	}
- 	if(function_exists('curl_init')) {
+	if (function_exists('curl_init')) {
 		$r = curl_query($fair, $req,
 			'https://secure.ysf-fsj.ca/registration/xmlaffiliation.php');
-		if($r['error'] == 0) 
+		if ($r['error'] == 0)
-			echo happy(i18n("The %1 Server said:", array($fair['name'])).' '.$r['message']);
+			echo happy(i18n('The %1 Server said:', array($fair['name'])) . ' ' . $r['message']);
-		else 
+		else
-			echo error(i18n("The %1 Server said:", array($fair['name'])).' '.$r['message']);
+			echo error(i18n('The %1 Server said:', array($fair['name'])) . ' ' . $r['message']);
-//		$fairs_id = -1;
+		//		$fairs_id = -1;
-//		$year = $config['FAIRYEAR'];
+		//		$year = $config['FAIRYEAR'];
 	} else {
-		echo error("CURL Support Missing");
+		echo error('CURL Support Missing');
-		echo i18n("Your PHP installation does not support CURL.  You will need to login to the YSC system as the regional coodinator and upload the XML data manually");
+		echo i18n('Your PHP installation does not support CURL.  You will need to login to the YSC system as the regional coodinator and upload the XML data manually');
 		send_footer();
 		exit;
 	}
- }
+}
 global $PHPSELF;
 echo "<form name=\"fairselect\" action=\"$PHPSELF\" method=\"get\">";
 $q = $pdo->prepare("SELECT * FROM fairs WHERE `type`='sfiab' OR `type`='ysc' AND enable_stats='yes'");
 $q->execute();
 echo '<select name="id">';
 echo '<option value="">' . i18n('Choose a destination') . "</option>\n";
 while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 	if ($fairs_id == $r->id)
 		$sel = 'selected="selected"';
 	else
 		$sel = '';
 	echo "<option $sel value=\"{$r->id}\">{$r->name} ({$r->abbrv})</option>\n";
 }
 echo "</select>\n";
- echo "<form name=\"fairselect\" action=\"$PHPSELF\" method=\"get\">";
+$q = $pdo->prepare('SELECT DISTINCT(year) AS year FROM config WHERE year>0 ORDER BY year');
- $q=mysql_query("SELECT * FROM fairs WHERE `type`='sfiab' OR `type`='ysc' AND enable_stats='yes'");
+$q->execute();
- echo "<select name=\"id\">";
+echo '<select name="year">';
- echo "<option value=\"\">".i18n("Choose a destination")."</option>\n";
+echo '<option value="">' . i18n('Choose a year') . "</option>\n";
- while($r=mysql_fetch_object($q)) {
+while ($r = $q->fetch(PDO::FETCH_OBJ)) {
- 	if($fairs_id==$r->id) $sel="selected=\"selected\""; else $sel="";
+	if ($year == $r->year)
- 	echo "<option $sel value=\"{$r->id}\">{$r->name} ({$r->abbrv})</option>\n";
+		$sel = 'selected="selected"';
- }
+	else
- echo "</select>\n";
+		$sel = '';
 	echo "<option $sel value=\"$r->year\">$r->year</option>\n";
 }
 echo "</select>\n";
 echo '<input type="submit" name="submit" value="' . i18n('Prepare Stats') . '" />';
 echo '</form>';
 echo '<br />';
 echo '<hr />';
- $q=mysql_query("SELECT DISTINCT(year) AS year FROM config WHERE year>0 ORDER BY year");
+if ($fairs_id == -1) {
 echo "<select name=\"year\">";
 echo "<option value=\"\">".i18n("Choose a year")."</option>\n";
 while($r=mysql_fetch_object($q)) {
 	if($year==$r->year) $sel="selected=\"selected\""; else $sel="";
 	echo "<option $sel value=\"$r->year\">$r->year</option>\n";
 }
 echo "</select>\n";
 echo "<input type=\"submit\" name=\"submit\" value=\"".i18n('Prepare Stats')."\" />";
 echo "</form>";
 echo "<br />";
 echo "<hr />";
 if($fairs_id == -1) {
 	echo i18n('Statistics will be shown below this line before being sent.  Please select a destination and year first.');
- 	/* Wait for them to select somethign before generating stats */
+	/* Wait for them to select somethign before generating stats */
- 	send_footer();
+	send_footer();
 	exit;
- } 
+}
- $ok = true;
+$ok = true;
- if(trim($fair['username']) == '') {
+if (trim($fair['username']) == '') {
- 	echo error(i18n("You have not yet specified a username for this server.  Go to the <a href=\"sciencefairs.php\">Science Fair Management</a> page to set it"));
+	echo error(i18n('You have not yet specified a username for this server.  Go to the <a href="sciencefairs.php">Science Fair Management</a> page to set it'));
-	$ok=false;
+	$ok = false;
- }
+}
- if(trim($fair['password']) == '') {
+if (trim($fair['password']) == '') {
- 	echo error(i18n("You have not yet specified a password for this server.  Go to the <a href=\"sciencefairs.php\">Science Fair Management</a> page to set it"));
+	echo error(i18n('You have not yet specified a password for this server.  Go to the <a href="sciencefairs.php">Science Fair Management</a> page to set it'));
-	$ok=false;
+	$ok = false;
- }
+}
-
+if ($fair['type'] == 'ysc') {
- if($fair['type'] == 'ysc') {
+	$data['statconfig'] = array('participation');
- 	$data['statconfig'] = array('participation');
+} else {
 } else {
 	echo notice(i18n('Getting stats request and downloading existing stats from server %1', array($fair['url'])));
 	/* Query the server to see what stats we need */
-	$q=array('getstats' => array('year' => $year));
+	$q = array('getstats' => array('year' => $year));
 	$data = curl_query($fair, $q);
-	if($data['error'] != 0) {
+	if ($data['error'] != 0) {
- 		echo error("Server said: {$data['message']}<br />");
+		echo error("Server said: {$data['message']}<br />");
 		send_footer();
 		exit;
 	}
 	echo notice(i18n('Server said: Success'));
- }
+}
- echo '<hr />';
+echo '<hr />';
- echo i18n('This server has requested the following stats for your %1 fair:', array($year));
+echo i18n('This server has requested the following stats for your %1 fair:', array($year));
- echo '<br /><br />';
+echo '<br /><br />';
- foreach($data['statconfig'] as $k) {
+foreach ($data['statconfig'] as $k) {
 	$server_config[$k] = true;
- }
+}
- /* Gather all stats, then we'll decide what to send */
+/* Gather all stats, then we'll decide what to send */
- $stats = array();
+$stats = array();
- $stats['year'] = $year;
+$stats['year'] = $year;
- /* Now, overwrite all the stats with what we pulled down from the server */
+/* Now, overwrite all the stats with what we pulled down from the server */
- if(is_array($data['stats'])) {
+if (is_array(get_value_from_array($data, 'stats'))) {
-	 foreach($data['stats'] as $k=>$v) {
+	foreach ($data['stats'] as $k => $v) {
- 		$stats[$k] = $v;
+		$stats[$k] = $v;
-	 }
+	}
- }
+}
 // print_r($data['stats'][0]);
- /* And now, overwrite all the stuff we pulled down with stats we can compute */
+/* And now, overwrite all the stuff we pulled down with stats we can compute */
- //number of schools
+// number of schools
- $q=mysql_query("SELECT COUNT(id) AS num FROM schools WHERE year='$year'");
+$q = $pdo->prepare("SELECT COUNT(id) AS num FROM schools WHERE year='$year'");
- $r=mysql_fetch_object($q);
+$q->execute();
- $stats['schools_total']=$r->num;
+$r = $q->fetch(PDO::FETCH_OBJ);
 $stats['schools_total'] = $r->num;
- //number of schools participating
+// number of schools participating
- $q=mysql_query("SELECT DISTINCT(students.schools_id) AS sid, schools.*
+$q = $pdo->prepare("SELECT DISTINCT(students.schools_id) AS sid, schools.*
- 		 	FROM students 
+ \t\t \tFROM students 
 				LEFT JOIN registrations ON students.registrations_id=registrations.id 
 				LEFT JOIN schools ON students.schools_id=schools.id
 			WHERE students.year='$year' 
 				AND registrations.year='$year' 
 				AND (registrations.status='complete' OR registrations.status='paymentpending')");
- $stats['schools_active']=mysql_num_rows($q);
+$q->execute();
- $stats['schools_public'] = 0;
+$stats['schools_active'] = $q->rowCount();
- $stats['schools_private'] = 0;
+$stats['schools_public'] = 0;
- $stats['schools_atrisk'] = 0;
+$stats['schools_private'] = 0;
- $districts = array();
+$stats['schools_atrisk'] = 0;
- while($si=mysql_fetch_assoc($q)) {
+$districts = array();
-	if($si['designate'] == 'public') 
+while ($si = $q->fetch(PDO::FETCH_ASSOC)) {
-		 $stats['schools_public']++;
+	if ($si['designate'] == 'public')
-	if($si['designate'] == 'independent') 
+		$stats['schools_public']++;
-		 $stats['schools_private']++;
+	if ($si['designate'] == 'independent')
-	if($si['atrisk'] == 'yes') 
+		$stats['schools_private']++;
-		 $stats['schools_atrisk']++;
+	if ($si['atrisk'] == 'yes')
-	$bd = $si['board'].'~'.$si['district'];
+		$stats['schools_atrisk']++;
-	if(!in_array($bd, $districts)) $districts[] =$bd;
+	$bd = $si['board'] . '~' . $si['district'];
- }
+	if (!in_array($bd, $districts))
- $stats['schools_districts'] = count($districts);
+		$districts[] = $bd;
 }
 $stats['schools_districts'] = count($districts);
- //numbers of students:
+// numbers of students:
- $q=mysql_query("SELECT students.*,schools.* 
+$q = $pdo->prepare("SELECT students.*,schools.* 
-	 		FROM students
+\t \t\tFROM students
 				LEFT JOIN registrations ON students.registrations_id=registrations.id 
 				LEFT JOIN schools on students.schools_id=schools.id
 			WHERE students.year='$year' 
 				AND registrations.year='$year' 
 				AND (registrations.status='complete' OR registrations.status='paymentpending')");
- echo mysql_error();
+$q->execute();
- $stats['students_total'] = mysql_num_rows($q);
+show_pdo_errors_if_any($pdo);
- $stats['students_public'] = 0;
+$stats['students_total'] = $q->rowCount();
- $stats['students_private'] = 0;
+$stats['students_public'] = 0;
- $stats['students_atrisk'] = 0;
+$stats['students_private'] = 0;
- $grademap = array(1=>1, 2=>1, 3=>1, 4=>4, 5=>4, 6=>4, 7=>7, 8=>7, 
+$stats['students_atrisk'] = 0;
-				9=>9, 10=>9, 11=>11, 12=>11, 13=>11);
+$grademap = array(1 => 1, 2 => 1, 3 => 1, 4 => 4, 5 => 4, 6 => 4, 7 => 7, 8 => 7,
- foreach($grademap as $k=>$g) {
+	9 => 9, 10 => 9, 11 => 11, 12 => 11, 13 => 11);
- 	$stats["male_$g"] = 0;
+foreach ($grademap as $k => $g) {
- 	$stats["female_$g"] = 0;
+	$stats["male_$g"] = 0;
- 	$stats["projects_$g"] = 0;
+	$stats["female_$g"] = 0;
- }
+	$stats["projects_$g"] = 0;
- $unknown = array();
+}
- while($s=mysql_fetch_assoc($q)) {
+$unknown = array();
- 	if(!in_array($s['sex'], array('male','female'))) 
+while ($s = $q->fetch(PDO::FETCH_ASSOC)) {
 	if (!in_array($s['sex'], array('male', 'female')))
 		$unknown[$grademap[$s['grade']]]++;
-	else 
+	else
- 		$stats["{$s['sex']}_{$grademap[$s['grade']]}"]++;
+		$stats["{$s['sex']}_{$grademap[$s['grade']]}"]++;
-	if($s['designate'] == 'public') 
+	if ($s['designate'] == 'public')
 		$stats['students_public']++;
-	if($s['designate'] == 'independent') 
+	if ($s['designate'] == 'independent')
 		$stats['students_private']++;
-	if($s['atrisk'] == 'yes')
+	if ($s['atrisk'] == 'yes')
 		$stats['students_atrisk']++;
- }
+}
- foreach($unknown as $g=>$a) {
+foreach ($unknown as $g => $a) {
-	$m = round($a/2);
+	$m = round($a / 2);
 	$f = $a - $m;
 	$stats["male_$g"] += $m;
 	$stats["female_$g"] += $f;
- }
+}
- //projects
+// projects
- $q=mysql_query("SELECT MAX(students.grade) AS grade FROM students
+$q = $pdo->prepare("SELECT MAX(students.grade) AS grade FROM students
-	 		LEFT JOIN registrations ON students.registrations_id=registrations.id 
+\t \t\tLEFT JOIN registrations ON students.registrations_id=registrations.id 
 			LEFT JOIN projects ON projects.registrations_id=registrations.id 
 		WHERE  students.year='$year' 
 			AND registrations.year='$year' 
 			AND projects.year='$year' 
 			AND (registrations.status='complete' OR registrations.status='paymentpending') 
 			GROUP BY projects.id");
- echo mysql_error();
+$q->execute();
- while($r=mysql_fetch_assoc($q)) {
+show_pdo_errors_if_any($pdo);
 while ($r = $q->fetch(PDO::FETCH_ASSOC)) {
 	$stats["projects_{$grademap[$r['grade']]}"]++;
- }
+}
 $q = $pdo->prepare("SELECT COUNT(id) AS num FROM users 
 \t\t\t\tLEFT JOIN users_committee ON users_committee.users_id=users.id
 \t \t\tWHERE types LIKE '%committee%' 
 				AND year='$year' 
 				AND users_committee.committee_active='yes'
 				AND deleted='no'");
 $q->execute();
 $r = $q->fetch(PDO::FETCH_OBJ);
 $stats['committee_members'] = $r->num;
- $q=mysql_query("SELECT COUNT(users.id) AS num FROM users 
+$q = $pdo->prepare("SELECT COUNT(id) AS num FROM users LEFT JOIN users_judge ON users_judge.users_id=users.id 
-	JOIN user_roles ON user_roles.users_id = users.id
+ \t\t\t\t\tWHERE users.year='$year' 
-	JOIN roles ON roles.id = user_roles.roles_id
+						AND users.types LIKE '%judge%'
-	WHERE roles.type = 'committee'
+						AND users.deleted='no'
-	AND users.conferences_id = '{$conference['id']}'
+						AND users_judge.judge_complete='yes' 
-	AND users.deleted = 'no'");
+						AND users_judge.judge_active='yes'");
-
+$q->execute();
- $r = mysql_fetch_object($q);
+$r = $q->fetch(PDO::FETCH_OBJ);
- $stats['committee_members'] = $r->num;
+$stats['judges'] = $r->num;
 $q=mysql_query("
 	SELECT COUNT(users.id) AS num FROM users 
 	JOIN user_roles ON user_roles.users_id = users.id
 	JOIN roles ON roles.id = user_roles.roles_id
 	WHERE users.conferences_id = '{$conference['id']}'
 	AND users.deleted = 'no'
 	AND roles.type = 'judge'
 	AND user_roles.complete='yes' 
 	AND user_roles.active='yes'");
 $r=mysql_fetch_object($q);
 $stats['judges'] = $r->num;
 /* All stats have been gathered, print them */
 /* Print all blocks the server requests */
 echo "<form method=\"POST\" action=\"$PHPSELF\">";
 echo '<input type="hidden" name="action" value="sendstats" />';
- /* Print all blocks the server requests */
+if ($server_config['info']) {
- echo "<form method=\"POST\" action=\"$PHPSELF\">";
+	echo '<h3>' . i18n('%1 Fair information', array($year)) . '</h3>';
 echo "<input type=\"hidden\" name=\"action\" value=\"sendstats\" />";
 if($server_config['info']) {
 	echo '<h3>'.i18n('%1 Fair information', array($year)).'</h3>';
 	echo '<table>';
-	echo '<tr><td>'.i18n('Fair Start Date').':</td>';
+	echo '<tr><td>' . i18n('Fair Start Date') . ':</td>';
 	echo "<td><input type=\"text\" size=\"12\" name=\"start_date\" value=\"{$stats['start_date']}\">(YYYY-MM-DD)</td></tr>";
-	echo '<tr><td>'.i18n('Fair End Date').':</td>';
+	echo '<tr><td>' . i18n('Fair End Date') . ':</td>';
 	echo "<td><input type=\"text\" size=\"12\" name=\"end_date\" value=\"{$stats['end_date']}\">(YYYY-MM-DD)</td></tr>";
-	echo '<tr><td>'.i18n('Fair Location/Address').':</td>';
+	echo '<tr><td>' . i18n('Fair Location/Address') . ':</td>';
-	echo '<td><textarea name="address" rows="4" cols="60">'.htmlspecialchars($stats['address']).'</textarea></td>';
+	echo '<td><textarea name="address" rows="4" cols="60">' . htmlspecialchars($stats['address']) . '</textarea></td>';
-	echo '<tr><td>'.i18n('Fair Budget').':</td>';
+	echo '<tr><td>' . i18n('Fair Budget') . ':</td>';
-	echo "<td>$<input type=text name=\"budget\" value=\"{$stats['budget']}\"></td></tr>";
+	echo "<td>\$<input type=text name=\"budget\" value=\"{$stats['budget']}\"></td></tr>";
-	echo '<tr><td>'.i18n('Youth Science Canada Affiliation Complete').'?</td>';
+	echo '<tr><td>' . i18n('Youth Science Canada Affiliation Complete') . '?</td>';
 	echo '<td><select name="ysf_affiliation_complete">';
 	$sel = $stats['ysf_affiliation_complete'] == 'N' ? 'selected="selected"' : '';
 	echo " <option value=\"N\" $sel >No</option>";
 	$sel = $stats['ysf_affiliation_complete'] == 'Y' ? 'selected="selected"' : '';
 	echo " <option value=\"Y\" $sel >Yes</option>";
 	echo '</select></td></tr>';
-	echo '<tr><td>'.i18n('Charity Number or Information').'?</td>';
+	echo '<tr><td>' . i18n('Charity Number or Information') . '?</td>';
 	echo "<td><input type=text size=\"40\" name=\"charity\" value=\"{$stats['charity']}\"></td></tr>";
 	echo '</table>';
 	echo '<br />';
 	echo '<br />';
- }
+}
-	
+if ($server_config['next_chair']) {
- if($server_config['next_chair']) {
+	echo '<h3>' . i18n('%1 - %2 Chairperson (if known)', array($year, $year + 1)) . '</h3>';
 	echo '<h3>'.i18n('%1 - %2 Chairperson (if known)', array($year, $year+1)).'</h3>';
 	echo '<table>';
-	echo '<tr><td>'.i18n('Name').': </td>';
+	echo '<tr><td>' . i18n('Name') . ': </td>';
 	echo "<td><input type=text name=\"next_chair_name\" value=\"{$stats['next_chair_name']}\"></td>";
-	echo '<td>'.i18n('Email').': </td>';
+	echo '<td>' . i18n('Email') . ': </td>';
 	echo "<td><input type=text name=\"next_chair_email\" value=\"{$stats['next_chair_email']}\"></td></tr>";
-	echo '<tr><td>'.i18n('Tel. Bus').': </td>';
+	echo '<tr><td>' . i18n('Tel. Bus') . ': </td>';
 	echo "<td><input type=text name=\"next_chair_bphone\" value=\"{$stats['next_chair_bphone']}\"></td>";
-	echo '<td>'.i18n('Tel. Home').': </td>';
+	echo '<td>' . i18n('Tel. Home') . ': </td>';
 	echo "<td><input type=text name=\"next_chair_hphone\" value=\"{$stats['next_chair_hphone']}\"></td></tr>";
-	echo '<tr><td>'.i18n('Fax').': </td>';
+	echo '<tr><td>' . i18n('Fax') . ': </td>';
 	echo "<td><input type=text name=\"next_chair_fax\" value=\"{$stats['next_chair_fax']}\"></td>";
 	echo '</tr>';
 	echo '</table>';
 	echo '<br /><br />';
- }
+}
- if($server_config['delegates']) {
+if ($server_config['delegates']) {
- 	echo '<h3>'.i18n('%1 CWSF Delegates and Alternatives', array($year)).'</h3>';
+	echo '<h3>' . i18n('%1 CWSF Delegates and Alternatives', array($year)) . '</h3>';
 	echo '<table>';
-	echo '<tr><td>'.i18n('Delegate Name(s)').'</td><td>'.i18n('Email').'</td><td>'.i18n('Jacket Size').'<td></tr>';
+	echo '<tr><td>' . i18n('Delegate Name(s)') . '</td><td>' . i18n('Email') . '</td><td>' . i18n('Jacket Size') . '<td></tr>';
-	for($x=1;$x<=3;$x++) {
+	for ($x = 1; $x <= 3; $x++) {
-		$sizes = array('small'=>'Small', 'medium'=>'Medium', 'large'=>'Large', 'xlarge'=>'X-Large');
+		$sizes = array('small' => 'Small', 'medium' => 'Medium', 'large' => 'Large', 'xlarge' => 'X-Large');
 		echo "<td><input type=text size=\"25\" name=\"delegate$x\" value=\"{$stats["delegate$x"]}\"></td>";
 		echo "<td><input type=text size=\"25\" name=\"delegate{$x}_email\" value=\"{$stats["delegate{$x}_email"]}\"></td>";
 		echo "<td><select name=\"delegate{$x}_size\">";
 		$sz = $stats["delegate{$x}_size"];
-		foreach($sizes as $s=>$t) {
+		foreach ($sizes as $s => $t) {
 			$sel = ($sz == $s) ? 'selected="selected"' : '';
-			echo "   <option value=\"$s\" $sel >".i18n($t).'</option>';
+			echo "   <option value=\"$s\" $sel >" . i18n($t) . '</option>';
 		}
 		echo '</select></td></tr>';
 	}
 	echo '</table>';
 	echo i18n('Remember, the jackets fit smaller than normal sizes.');
 	echo '<br /><br />';
- }
+}
- if($server_config['scholarships']) {
+if ($server_config['scholarships']) {
- 	echo '<h3>'.i18n('%1 Scholarships', array($year)).'</h3>';
+	echo '<h3>' . i18n('%1 Scholarships', array($year)) . '</h3>';
 	echo 'How many university/college scholarships are available at your fair?  (use a format like: <br /><b>6 - University of British Columbia - Entrance Scholarships</b><br />';
-	echo '<textarea name="scholarships" rows="4\" cols="80">'.htmlspecialchars($stats['scholarships']).'</textarea>';
+	echo '<textarea name="scholarships" rows="4\" cols="80">' . htmlspecialchars($stats['scholarships']) . '</textarea>';
 	echo '<br /><br />';
- }
+}
- if($server_config['participation']) {
+if ($server_config['participation']) {
- 	$rangemap = array(1=>'1-3', 4=>'4-6', 7=>'7-8', 9=>'9-10', 11=>'11-12');
+	$rangemap = array(1 => '1-3', 4 => '4-6', 7 => '7-8', 9 => '9-10', 11 => '11-12');
- 	echo '<h3>'.i18n('%1 Fair participation', array($year)).'</h3>';
+	echo '<h3>' . i18n('%1 Fair participation', array($year)) . '</h3>';
 	echo '<br />';
-	echo i18n("Number of students").": <b>{$stats['students_total']}</b>";
+	echo i18n('Number of students') . ": <b>{$stats['students_total']}</b>";
-	echo '<table><tr><td></td><td></td><td></td><td align=\"center\">'.i18n('Grade').'</td><td></td><td></td></tr>';
+	echo '<table><tr><td></td><td></td><td></td><td align=\"center\">' . i18n('Grade') . '</td><td></td><td></td></tr>';
 	echo '<tr><td></td>';
-	foreach($rangemap as $k=>$v) echo "<td align=\"center\" width=\"50px\" >$v</td>";
+	foreach ($rangemap as $k => $v)
 		echo "<td align=\"center\" width=\"50px\" >$v</td>";
 	echo '</tr><tr>';
-	echo '<td>'.i18n('Male').'</td>';
+	echo '<td>' . i18n('Male') . '</td>';
-	foreach($rangemap as $k=>$v) echo "<td align=\"right\"><b>{$stats["male_$k"]}</b></td>";
+	foreach ($rangemap as $k => $v)
 		echo "<td align=\"right\"><b>{$stats["male_$k"]}</b></td>";
 	echo '</tr><tr>';
-	echo '<td>'.i18n('Female').'</td>';
+	echo '<td>' . i18n('Female') . '</td>';
-	foreach($rangemap as $k=>$v) echo "<td align=\"right\"><b>{$stats["female_$k"]}</b></td>";
+	foreach ($rangemap as $k => $v)
 		echo "<td align=\"right\"><b>{$stats["female_$k"]}</b></td>";
 	echo '</tr><tr>';
-	echo '<td>'.i18n('Projects').'</td>';
+	echo '<td>' . i18n('Projects') . '</td>';
-	foreach($rangemap as $k=>$v) echo "<td align=\"right\"><b>{$stats["projects_$k"]}</b></td>";
+	foreach ($rangemap as $k => $v)
 		echo "<td align=\"right\"><b>{$stats["projects_$k"]}</b></td>";
 	echo '</tr>';
 	echo '</table>';
 	echo '<br />';
-	echo i18n("Number of schools").": <b>{$stats['schools_total']}</b>";
+	echo i18n('Number of schools') . ": <b>{$stats['schools_total']}</b>";
 	echo '<br />';
-	echo i18n("Number of active schools").": <b>{$stats['schools_active']}</b>";
+	echo i18n('Number of active schools') . ": <b>{$stats['schools_active']}</b>";
 	echo '<br />';
 	echo '<br />';
-	echo i18n("Number of committee members: <b>%1</b> (note: this is number of committee members who logged in to SFIAB for the year, anyone who was active but didn't log in to SFIAB will NOT be counted)",array($stats['committee_members']));
+	echo i18n("Number of committee members: <b>%1</b> (note: this is number of committee members who logged in to SFIAB for the year, anyone who was active but didn't log in to SFIAB will NOT be counted)", array($stats['committee_members']));
 	echo '<br />';
-	echo i18n("Number of judges").": <b>{$stats['judges']}</b>";
+	echo i18n('Number of judges') . ": <b>{$stats['judges']}</b>";
 	echo '<br />';
 	echo '<br />';
 	echo '<br />';
- }
+}
- if($server_config['schools_ext']) {
+if ($server_config['schools_ext']) {
- 	echo '<h3>'.i18n('%1 Extended School/Participant data', array($year)).'</h3>';
+	echo '<h3>' . i18n('%1 Extended School/Participant data', array($year)) . '</h3>';
 	echo '<br />';
- 	echo i18n('Public schools: <b>%1</b> (<b>%2</b> students).',array(
+	echo i18n('Public schools: <b>%1</b> (<b>%2</b> students).', array(
-				$stats['schools_public'], $stats['students_public']));
+		$stats['schools_public'], $stats['students_public']
 	));
 	echo '<br />';
- 	echo i18n('Private/Independent schools: <b>%1</b> (<b>%2</b> students).',array(
+	echo i18n('Private/Independent schools: <b>%1</b> (<b>%2</b> students).', array(
-				$stats['schools_private'], $stats['students_private']));
+		$stats['schools_private'], $stats['students_private']
 	));
 	echo '<br />';
- 	echo i18n('At-risk/inner city schools: <b>%1</b> (<b>%2</b> students).',array(
+	echo i18n('At-risk/inner city schools: <b>%1</b> (<b>%2</b> students).', array(
-				$stats['schools_atrisk'], $stats['students_atrisk']));
+		$stats['schools_atrisk'], $stats['students_atrisk']
 	));
 	echo '<br />';
- 	echo i18n('Number of school boards/distrcits: <b>%1</b>',array(
+	echo i18n('Number of school boards/distrcits: <b>%1</b>', array(
-				$stats['schools_districts']));
+		$stats['schools_districts']
 	));
 	echo '<br />';
 	echo '<br />';
 	echo '<br />';
- }
+}
- if($server_config['minorities']) {
+if ($server_config['minorities']) {
- 	echo '<h3>'.i18n('%1 Data on minority groups', array($year)).'</h3>';
+	echo '<h3>' . i18n('%1 Data on minority groups', array($year)) . '</h3>';
 	echo '<br />';
 	echo '<table>';
-	echo '<tr><td>'.i18n('Number of First Nations students');
+	echo '<tr><td>' . i18n('Number of First Nations students');
 	echo ": </td><td><input type=\"text\" name=\"firstnations\" value=\"{$stats['firstnations']}\" size=\"5\" />";
 	echo '</td></tr>';
 	echo '</table>';
 	echo '<br />';
 	echo '<br />';
- }
+}
- if($server_config['guests'] ) {
+if ($server_config['guests']) {
- 	echo '<h3>'.i18n('%1 Guests visiting the fair', array($year)).'</h3>';
+	echo '<h3>' . i18n('%1 Guests visiting the fair', array($year)) . '</h3>';
 	echo '<br />';
 	echo '<table>';
-	echo '<tr><td>'.i18n('Number of Students that visited the fair (tours, etc.)');
+	echo '<tr><td>' . i18n('Number of Students that visited the fair (tours, etc.)');
 	echo ": </td><td><input type=\"text\" name=\"studentsvisiting\" value=\"{$stats['studentsvisiting']}\" size=\"5\" />";
 	echo '</td></tr>';
-	echo '<tr><td>'.i18n('Number of Public Guests that visited the fair');
+	echo '<tr><td>' . i18n('Number of Public Guests that visited the fair');
 	echo ": </td><td><input type=\"text\" name=\"publicvisiting\" value=\"{$stats['publicvisiting']}\" size=\"5\" />";
 	echo '</td></tr>';
 	echo '</table>';
 	echo '<br />';
 	echo '<br />';
- }
+}
- if($server_config['sffbc_misc']) {
+if ($server_config['sffbc_misc']) {
- 	echo '<h3>'.i18n('%1 Misc. SFFBC Questions', array($year)).'</h3>';
+	echo '<h3>' . i18n('%1 Misc. SFFBC Questions', array($year)) . '</h3>';
 	echo '<br />';
 	echo '<table>';
-	echo '<tr><td>'.i18n('Number of Teachers supporting student projects');
+	echo '<tr><td>' . i18n('Number of Teachers supporting student projects');
 	echo ": </td><td><input type=\"text\" name=\"teacherssupporting\" value=\"{$stats['teacherssupporting']}\" size=\"5\" />";
 	echo '</td></tr>';
-	echo '<tr><td>'.i18n('Number of Students indicating increased interest in science & technology');
+	echo '<tr><td>' . i18n('Number of Students indicating increased interest in science & technology');
 	echo ": </td><td><input type=\"text\" name=\"increasedinterest\" value=\"{$stats['increasedinterest']}\" size=\"5\" />";
 	echo '</td></tr>';
-	echo '<tr><td>'.i18n('Number of Students considering careers in science & technology');
+	echo '<tr><td>' . i18n('Number of Students considering careers in science & technology');
 	echo ": </td><td><input type=\"text\" name=\"consideringcareer\" value=\"{$stats['consideringcareer']}\" size=\"5\" />";
 	echo '</td></tr>';
 	echo '</table>';
 	echo '<br />';
 	echo '<br />';
- }
+}
- $keys = array_keys($stats_data);
+$keys = array_keys($stats_data);
- foreach($keys as $k) {
+foreach ($keys as $k) {
- 	if($stats_data[$k]['manual'] == true) continue;
+	if (isset($stats_data[$k]['manual']) && $stats_data[$k]['manual'] == true)
 		continue;
 	echo "<input type=\"hidden\" name=\"$k\" value=\"{$stats[$k]}\" />";
- }
+}
- $d = ($ok == true) ? '' : 'disabled="disabled"';
+$d = ($ok == true) ? '' : 'disabled="disabled"';
- echo "<input type=\"submit\" value=\"".i18n('Send stats to')." {$fair['name']}\" $d />";
+echo '<input type="submit" value="' . i18n('Send stats to') . " {$fair['name']}\" $d />";
- echo '</form>';
+echo '</form>';
- echo "<br />";
+echo '<br />';
- echo "<br />";
+echo '<br />';
-debug_("Fair Info: ".print_r($fair, true));
+debug_('Fair Info: ' . print_r($fair, true));
-debug_("Server Config: ".print_r($server_config, true));
+debug_('Server Config: ' . print_r($server_config, true));
-debug_("Stats: ".print_r($stats, true));
+debug_('Stats: ' . print_r($stats, true));
- 
+
- send_footer();
+send_footer();
 ?>
--- a/admin/fair_stats_select.php
+++ b/admin/fair_stats_select.php
@ -37,7 +37,7 @@
 		'delegates' => 'Delegate information/jacket size for CWSF',
 		);
- user_auth_required('admin');
+ user_auth_required('committee', 'admin');
 switch($_GET['action']) {
@ -52,8 +52,9 @@
 		}
 	}
 	$s = join(',', $_POST['stats']);
-	$q = mysql_query("UPDATE fairs SET gather_stats='$s' WHERE id='$id'");
+	$q = $pdo->prepare("UPDATE fairs SET gather_stats='$s' WHERE id='$id'");
-	echo mysql_error();
+	$q->execute();
 	show_pdo_errors_if_any($pdo);
 	echo "UPDATE fairs SET gather_stats='$s' WHERE id='$id'";
 	happy_("Saved");
 	exit;
@ -62,8 +63,9 @@
 /* Load the user we're editting */
 $u = user_load($_SESSION['embed_edit_id']);
 /* Load the fair attached to the user */
- $q = mysql_query("SELECT * FROM fairs WHERE id={$u['fairs_id']}");
+ $q = $pdo->prepare("SELECT * FROM fairs WHERE id={$u['fairs_id']}");
- $f = mysql_fetch_assoc($q);
+ $q->execute();
 $f = $q->fetch(PDO::FETCH_ASSOC);
 ?>
@ -92,7 +94,7 @@ function stats_save()
 <input type="hidden" name="fairs_id" value="<?=$f['id']?>" />
 <table class="editor">
 <?
- $selected_stats =  explode(',', $f['gather_stats']);
+ $selected_stats =  split(',', $f['gather_stats']);
 foreach($stats as $s=>$d) {
 	$ch = in_array($s, $selected_stats) ? 'checked="checked"' : '';
 	echo "<tr><td class=\"left\"><input type=\"checkbox\" id=\"stats_$s\" name=\"stats[]\" value=\"$s\" $ch /></td>";
--- a/admin/fix_judges_autocomplete.php
+++ b/admin/fix_judges_autocomplete.php
@ -1,22 +1,26 @@
 <?
-require_once("../common.inc.php");
+require_once ('../common.inc.php');
-require_once("../user.inc.php");
+require_once ('../user.inc.php');
-user_auth_required('admin');
+user_auth_required('committee', 'admin');
-$q = mysql_query("SELECT * FROM judges WHERE passwordexpiry IS NULL");
+$q = $pdo->prepare('SELECT * FROM judges WHERE passwordexpiry IS NULL');
-while($i = mysql_fetch_object($q)) {
+$q->execute();
 while ($i = $q->fetch(PDO::FETCH_OBJ)) {
 	echo "Autocompleting Judge {$i->email}<br />";
 	$id = $i->id;
-	$p = generatePassword(12);
+	$p = password_hash(generatePassword(), PASSWORD_BCRYPT);
-	mysql_query("UPDATE judges SET password='$p',complete='yes'");
+	$stmt = $pdo->prepare("UPDATE judges SET password=?,complete=?");
-	echo mysql_error();
+	$stmt->execute([$p, 'yes']);
-	mysql_query("DELETE FROM judges_years WHERE judges_id='$id'");
+	show_pdo_errors_if_any($pdo);
-	echo mysql_error();
+	$stmt = $pdo->prepare("DELETE FROM judges_years WHERE judges_id=?");
-	mysql_query("INSERT INTO judges_years (`judges_id`,`year`) VALUES ('$id','{$config['FAIRYEAR']}')");
+	$stmt->execute([$id]);
-	echo mysql_error();
+	show_pdo_errors_if_any($pdo);
 	$stmt = $pdo->prepare("INSERT INTO judges_years (`judges_id`,`year`) VALUES (?, ?)");
 	$stmt->execute([$id, $config['FAIRYEAR']]);
 	show_pdo_errors_if_any($pdo);
 }
 ?>
--- a/admin/fundraising.php
+++ b/admin/fundraising.php
@ -1,274 +1,295 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2009 James Grant <james@lightbox.org>
+/*
-
+ * This file is part of the 'Science Fair In A Box' project
-   This program is free software; you can redistribute it and/or
+ * SFIAB Website: http://www.sfiab.ca
-   modify it under the terms of the GNU General Public
+ *
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2009 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
-if($_GET['action']=="refresh") {
+if (get_value_from_array($_GET, 'action') == 'refresh') {
 ?>
-<h3><?=i18n("Fundraising Purposes and Progress Year to Date")?></h3>
+<h3><?= i18n('Fundraising Purposes and Progress Year to Date') ?></h3>
 <?
-$q=mysql_query("SELECT * FROM fundraising_goals WHERE fiscalyear='{$config['FISCALYEAR']}' ORDER BY deadline");
+    $q = $pdo->prepare("SELECT * FROM fundraising_goals WHERE fiscalyear='{$config['FISCALYEAR']}' ORDER BY deadline");
-
+    $q->execute();
 ?>
 <table class="tableview">
 <thead>
 <tr>
-	<th><?=i18n("Purpose")?></th>
+	<th><?= i18n('Purpose') ?></th>
-	<th><?=i18n("Goal")?></th>
+	<th><?= i18n('Goal') ?></th>
-	<th><?=i18n("Amount Received")?></th>
+	<th><?= i18n('Amount Received') ?></th>
-	<th><?=i18n("% to Budget")?></th>
+	<th><?= i18n('% to Budget') ?></th>
-	<th><?=i18n("Deadline")?></th>
+	<th><?= i18n('Deadline') ?></th>
 </tr>
 </thead>
 <?
- while($r=mysql_fetch_object($q)) {
+    while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-     //lookup all donations made towards this goal
+        // lookup all donations made towards this goal
-     $recq=mysql_query("SELECT SUM(value) AS received FROM fundraising_donations WHERE fundraising_goal='$r->goal' AND fiscalyear='{$config['FISCALYEAR']}' AND status='received'");
+        $recq = $pdo->prepare("SELECT SUM(value) AS received FROM fundraising_donations WHERE fundraising_goal='$r->goal' AND fiscalyear='{$config['FISCALYEAR']}' AND status='received'");
-     echo mysql_error();
+        $recq->execute();
-     $recr=mysql_fetch_object($recq);
+        show_pdo_errors_if_any($pdo);
-     $received=$recr->received;
+        $recr = $recq->fetch(PDO::FETCH_OBJ);
-     if($r->budget)
+        $received = $recr->received;
-         $percent=round($received/$r->budget*100,1);
+        if ($r->budget)
-     else
+            $percent = round($received / $r->budget * 100, 1);
-         $percent=0;
+        else
            $percent = 0;
-     echo "<tr><td>$r->name</td>";
+        echo "<tr><td>$r->name</td>";
-     echo "<td style=\"text-align: right;\">".format_money($r->budget,false)."</td>";
+        echo '<td style="text-align: right;">' . format_money($r->budget, false) . '</td>';
-     echo "<td style=\"text-align: right;\">".format_money($received,false)."</td>";
+        echo '<td style="text-align: right;">' . format_money($received, false) . '</td>';
-     $col=colour_to_percent($percent);
+        $col = colour_to_percent($percent);
-     echo "<td style=\"text-align: center; background-color: $col;\">{$percent}%</td>";
+        echo "<td style=\"text-align: center; background-color: $col;\">{$percent}%</td>";
-     echo "<td>".format_date($r->deadline)."</td></tr>\n";
+        echo '<td>' . format_date($r->deadline) . "</td></tr>\n";
- }
+    }
- ?>
+?>
 </table>
 <br />
-<h3><?=i18n("Current Appeals")?></h3>
+<h3><?= i18n('Current Appeals') ?></h3>
 <table class="tableview">
 <thead>
 <tr>
-	<th><?=i18n("Name")?></th>
+	<th><?= i18n('Name') ?></th>
-	<th><?=i18n("Type")?></th>
+	<th><?= i18n('Type') ?></th>
-	<th><?=i18n("Start Date")?></th>
+	<th><?= i18n('Start Date') ?></th>
-	<th><?=i18n("End Date")?></th>
+	<th><?= i18n('End Date') ?></th>
-	<th><?=i18n("Target($)")?></th>
+	<th><?= i18n('Target($)') ?></th>
-	<th><?=i18n("Received")?></th>
+	<th><?= i18n('Received') ?></th>
-	<th><?=i18n("% to Budget")?></th>
+	<th><?= i18n('% to Budget') ?></th>
-	<th><?=i18n("Purpose")?></th>
+	<th><?= i18n('Purpose') ?></th>
 </tr>
 </thead>
 <?
- $q=mysql_query("SELECT * FROM fundraising_campaigns WHERE fiscalyear='{$config['FISCALYEAR']}'");
+    $q = $pdo->prepare("SELECT * FROM fundraising_campaigns WHERE fiscalyear='{$config['FISCALYEAR']}'");
    $q->execute();
- while($r=mysql_fetch_object($q)) {
+    while ($r = $q->fetch(PDO::FETCH_OBJ)) {
        $goalq = $pdo->prepare("SELECT * FROM fundraising_goals WHERE goal='{$r->fundraising_goal}' AND fiscalyear='{$config['FISCALYEAR']}'");
        $goalq->execute();
        $goalr = $goalq->fetch(PDO::FETCH_OBJ);
        $recq = $pdo->prepare("SELECT SUM(value) AS received FROM fundraising_donations WHERE fundraising_campaigns_id='$r->id' AND fiscalyear='{$config['FISCALYEAR']}' AND status='received'");
        $recq->execute();
        show_pdo_errors_if_any($pdo);
        $recr = $recq->fetch(PDO::FETCH_OBJ);
        $received = $recr->received;
        if ($r->target)
            $percent = round($received / $r->target * 100, 1);
        else
            $percent = 0;
        $col = colour_to_percent($percent);
-    $goalq=mysql_query("SELECT * FROM fundraising_goals WHERE goal='{$r->fundraising_goal}' AND fiscalyear='{$config['FISCALYEAR']}'");
+        if (!$goalr) {
-    $goalr=mysql_fetch_object($goalq);
+            $goalr = new stdClass();
-    $recq=mysql_query("SELECT SUM(value) AS received FROM fundraising_donations WHERE fundraising_campaigns_id='$r->id' AND fiscalyear='{$config['FISCALYEAR']}' AND status='received'");
+            $goalr->name = '';
-    echo mysql_error();
+        }
    $recr=mysql_fetch_object($recq);
    $received=$recr->received;
    if($r->target)
        $percent=round($received/$r->target*100,1);
    else
        $percent=0;
    $col=colour_to_percent($percent);
-    echo "<tr style=\"cursor:pointer;\" onclick=\"window.location.href='fundraising_campaigns.php?manage_campaign=$r->id'\">\n";
+        echo "<tr style=\"cursor:pointer;\" onclick=\"window.location.href='fundraising_campaigns.php?manage_campaign=$r->id'\">\n";
-    echo "  <td>$r->name</td>\n";
+        echo "  <td>$r->name</td>\n";
-    echo "  <td>$r->type</td>\n";
+        echo "  <td>$r->type</td>\n";
-    echo "  <td>".format_date($r->startdate)."</td>\n";
+        echo '  <td>' . format_date($r->startdate) . "</td>\n";
-    echo "  <td>".format_date($r->enddate)."</td>";
+        echo '  <td>' . format_date($r->enddate) . '</td>';
-    echo "  <td style=\"text-align: right;\">".format_money($r->target,false)."</td>\n";
+        echo '  <td style="text-align: right;">' . format_money($r->target, false) . "</td>\n";
-    echo "  <td style=\"text-align: right;\">".format_money($received,false)."</td>\n";
+        echo '  <td style="text-align: right;">' . format_money($received, false) . "</td>\n";
-    echo "  <td style=\"text-align: center; background-color: $col;\">{$percent}%</td>\n";
+        echo "  <td style=\"text-align: center; background-color: $col;\">{$percent}%</td>\n";
-    echo "  <td>$goalr->name</td>";
+        echo "  <td>$goalr->name</td>";
-    echo "</tr>\n";
+        echo "</tr>\n";
- }
+    }
- ?>
+?>
 </tr>
 </table>
 <script type="text/javascript"> $('.tableview').tablesorter();</script>
 <br />
 <form id="thankyouform" method="post" action="fundraising.php">
-<h3><?=i18n("To Do List")?></h3>
+<h3><?= i18n('To Do List') ?></h3>
-<h4><?=i18n("Thank You's")?></h4>
+<h4><?= i18n("Thank You's") ?></h4>
 <?
-$q=mysql_query("SELECT id,value, thanked, status, sponsors_id, datereceived,
+    $q = $pdo->prepare("SELECT id,value, thanked, status, sponsors_id, datereceived,
-	DATE_ADD(datereceived, INTERVAL 1 MONTH) < NOW() AS onemonth,
+\tDATE_ADD(datereceived, INTERVAL 1 MONTH) < NOW() AS onemonth,
-	DATE_ADD(datereceived, INTERVAL 2 MONTH) < NOW() AS twomonth
+\tDATE_ADD(datereceived, INTERVAL 2 MONTH) < NOW() AS twomonth
    FROM fundraising_donations
    WHERE thanked='no' AND status='received'
    AND fiscalyear='{$config['FISCALYEAR']}' 
    ORDER BY datereceived
    ");
-echo mysql_error();
+    $q->execute();
    show_pdo_errors_if_any($pdo);
-if(mysql_num_rows($q)) {
+    if ($q->rowCount()) {
-    echo "<table class=\"tableview\">";
+        echo '<table class="tableview">';
-    echo "<thead><tr><th>".i18n("Name")."</th>\n";
+        echo '<thead><tr><th>' . i18n('Name') . "</th>\n";
-    echo "<th>".i18n("Date Received")."</th>\n";
+        echo '<th>' . i18n('Date Received') . "</th>\n";
-    echo "<th>".i18n("Amount")."</th>\n";
+        echo '<th>' . i18n('Amount') . "</th>\n";
-    echo "<th>".i18n("Generate Thank You")."</th>\n";
+        echo '<th>' . i18n('Generate Thank You') . "</th>\n";
-    echo "<th>".i18n("Thanked")."</th>\n";
+        echo '<th>' . i18n('Thanked') . "</th>\n";
-    echo "</tr></thead>\n";
+        echo "</tr></thead>\n";
-    while($r=mysql_fetch_object($q)) {
+        while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-        $dq=mysql_query("SELECT organization AS name FROM sponsors WHERE id='$r->sponsors_id'");
+            $dq = $pdo->prepare("SELECT organization AS name FROM sponsors WHERE id='$r->sponsors_id'");
-        $dr=mysql_fetch_object($dq);
+            $dq->execute();
-		if($r->twomonth) $s="style=\"background-color: ".colour_to_percent(0).";\"";
+            $dr = $dq->fetch(PDO::FETCH_OBJ);
-		else if($r->onemonth) $s="style=\"background-color: ".colour_to_percent(50).";\"";
+            if ($r->twomonth)
-		else $s="";
+                $s = 'style="background-color: ' . colour_to_percent(0) . ';"';
            else if ($r->onemonth)
                $s = 'style="background-color: ' . colour_to_percent(50) . ';"';
            else
                $s = '';
-		$u=getUserForSponsor($r->sponsors_id);
+            $u = getUserForSponsor($r->sponsors_id);
-        echo "<tr $s>";
+            echo "<tr $s>";
-        echo " <td>$dr->name</td>";
+            echo " <td>$dr->name</td>";
-        echo " <td>".format_date($r->datereceived)."</td>";
+            echo ' <td>' . format_date($r->datereceived) . '</td>';
-        echo " <td style=\"text-align: right;\">".format_money($r->value)."</td>";
+            echo ' <td style="text-align: right;">' . format_money($r->value) . '</td>';
-        echo " <td style=\"text-align: center;\">";
+            echo ' <td style="text-align: center;">';
-		if($u) {
+            if ($u) {
-			echo "<a href=\"#\" onclick=\"return opencommunicationsender('{$u['uid']}','fundraising_thankyou_template');\">".i18n("Generate Thank You")."</a></td>";
+                echo "<a href=\"#\" onclick=\"return opencommunicationsender('{$u['uid']}','fundraising_thankyou_template');\">" . i18n('Generate Thank You') . '</a></td>';
-		} else {
+            } else {
-			echo i18n("No contact");
+                echo i18n('No contact');
-		}
+            }
-		echo "<td align=\"center\"><input style=\"padding: 0px; margin: 0px;\" type=\"checkbox\" name=\"thanked[]\" value=\"$r->id\" onclick=\"return thanked($r->id)\"></td>\n";
+            echo "<td align=\"center\"><input style=\"padding: 0px; margin: 0px;\" type=\"checkbox\" name=\"thanked[]\" value=\"$r->id\" onclick=\"return thanked($r->id)\"></td>\n";
-        echo "</tr>\n";
+            echo "</tr>\n";
        }
        echo "</table>\n";
    } else {
        echo i18n("No Thank You's pending");
        echo "<br />\n";
    }
    echo "</table>\n";
 }else {
     echo i18n("No Thank You's pending");
    echo "<br />\n";
 }
 ?>
 </form>
 <br />
-<h4><?=i18n("Receipts to Issue")?></h4>
+<h4><?= i18n('Receipts to Issue') ?></h4>
 <?
-$q=mysql_query("SELECT value, receiptrequired, receiptsent, status, sponsors_id, datereceived,
+    $q = $pdo->prepare("SELECT value, receiptrequired, receiptsent, status, sponsors_id, datereceived,
-	DATE_ADD(datereceived, INTERVAL 1 MONTH) < NOW() AS onemonth,
+\tDATE_ADD(datereceived, INTERVAL 1 MONTH) < NOW() AS onemonth,
-	DATE_ADD(datereceived, INTERVAL 2 MONTH) < NOW() AS twomonth
+\tDATE_ADD(datereceived, INTERVAL 2 MONTH) < NOW() AS twomonth
    FROM fundraising_donations
    WHERE (receiptrequired='yes' AND receiptsent='no') AND status='received'
    AND fiscalyear='{$config['FISCALYEAR']}' 
    ORDER BY datereceived
    ");
-echo mysql_error();
+    $q->execute();
-if(mysql_num_rows($q)) {
+    show_pdo_errors_if_any($pdo);
-    echo "<table class=\"tableview\">";
+    if ($q->rowCount()) {
-    echo "<tr><th>".i18n("Name")."</th>\n";
+        echo '<table class="tableview">';
-    echo "<th>".i18n("Date Received")."</th>\n";
+        echo '<tr><th>' . i18n('Name') . "</th>\n";
-    echo "<th>".i18n("Amount")."</th>\n";
+        echo '<th>' . i18n('Date Received') . "</th>\n";
-    echo "<th>".i18n("Generate Receipt")."</th>\n";
+        echo '<th>' . i18n('Amount') . "</th>\n";
-    echo "</tr>\n";
+        echo '<th>' . i18n('Generate Receipt') . "</th>\n";
    while($r=mysql_fetch_object($q)) {
        $dq=mysql_query("SELECT organization AS name FROM sponsors WHERE id='$r->sponsors_id'");
        $dr=mysql_fetch_object($dq);
 		if($r->twomonth) $s="style=\"background-color: ".colour_to_percent(0).";\"";
 		else if($r->onemonth) $s="style=\"background-color: ".colour_to_percent(50).";\"";
 		else $s="";
        echo "<tr $s>";
        echo " <td>$dr->name</td>";
        echo " <td>".format_date($r->datereceived)."</td>";
        echo " <td style=\"text-align: right;\">".format_money($r->value)."</td>";
        echo " <td style=\"text-align: center;\">";
        echo "<a href=\"#\" onclick=\"return false;\">".i18n("Generate Receipt")."</a></td>";
        echo "</tr>\n";
        while ($r = $q->fetch(PDO::FETCH_OBJ)) {
            $dq = $pdo->prepare("SELECT organization AS name FROM sponsors WHERE id='$r->sponsors_id'");
            $dq->execute();
            $dr = $dq->fetch(PDO::FETCH_OBJ);
            if ($r->twomonth)
                $s = 'style="background-color: ' . colour_to_percent(0) . ';"';
            else if ($r->onemonth)
                $s = 'style="background-color: ' . colour_to_percent(50) . ';"';
            else
                $s = '';
            echo "<tr $s>";
            echo " <td>$dr->name</td>";
            echo ' <td>' . format_date($r->datereceived) . '</td>';
            echo ' <td style="text-align: right;">' . format_money($r->value) . '</td>';
            echo ' <td style="text-align: center;">';
            echo '<a href="#" onclick="return false;">' . i18n('Generate Receipt') . '</a></td>';
            echo "</tr>\n";
        }
        echo "</table>\n";
    } else {
        echo i18n('No Receipts pending');
        echo "<br />\n";
    }
    echo "</table>\n";
 }else {
     echo i18n("No Receipts pending");
    echo "<br />\n";
 }
 ?>
 <br />
-<h4><?=i18n("Appeal Follow-Ups")?></h4>
+<h4><?= i18n('Appeal Follow-Ups') ?></h4>
 <?
-$q=mysql_query("SELECT * FROM fundraising_campaigns WHERE followupdate>=NOW() ORDER BY followupdate LIMIT 5");
+    $q = $pdo->prepare('SELECT * FROM fundraising_campaigns WHERE followupdate>=NOW() ORDER BY followupdate LIMIT 5');
-echo mysql_error();
+    $q->execute();
-if(mysql_num_rows($q)) {
+    show_pdo_errors_if_any($pdo);
-    echo "<table class=\"tableview\">";
+    if ($q->rowCount()) {
-    echo "<thead><tr>";
+        echo '<table class="tableview">';
-    echo " <th>".i18n("Appeal")."</th>\n";
+        echo '<thead><tr>';
-    echo " <th>".i18n("Start Date")."</th>\n";
+        echo ' <th>' . i18n('Appeal') . "</th>\n";
-    echo " <th>".i18n("Follow-Up Date")."</th>\n";
+        echo ' <th>' . i18n('Start Date') . "</th>\n";
-    echo "</tr></thead>\n";
+        echo ' <th>' . i18n('Follow-Up Date') . "</th>\n";
-    while($r=mysql_fetch_object($q)) {
+        echo "</tr></thead>\n";
-        echo "<tr><td>$r->name</td><td>".format_date($r->startdate)."</td><td>".format_date($r->followupdate)."</td></tr>\n";
+        while ($r = $q->fetch(PDO::FETCH_OBJ)) {
            echo "<tr><td>$r->name</td><td>" . format_date($r->startdate) . '</td><td>' . format_date($r->followupdate) . "</td></tr>\n";
        }
        echo "</table>\n";
    } else {
        echo i18n('No appeal follow-ups');
        echo "<br />\n";
    }
    echo "</table>\n";
 } else {
    echo i18n("No appeal follow-ups");
    echo "<br />\n";
 }
 ?>
 <br />
 <h4>Upcoming Proposals</h4>
 <?
-$q=mysql_query("SELECT * FROM sponsors WHERE fundingselectiondate>=NOW() OR proposalsubmissiondate>=NOW() ORDER BY fundingselectiondate LIMIT 5");
+    $q = $pdo->prepare('SELECT * FROM sponsors WHERE fundingselectiondate>=NOW() OR proposalsubmissiondate>=NOW() ORDER BY fundingselectiondate LIMIT 5');
-echo mysql_error();
+    $q->execute();
-if(mysql_num_rows($q)) {
+    show_pdo_errors_if_any($pdo);
-    echo "<table class=\"tableview\">";
+
-    echo "<tr>";
+    if ($q->rowCount()) {
-    echo " <th>".i18n("Name")."</th>\n";
+        echo '<table class="tableview">';
-    echo " <th>".i18n("Proposal Submission Date")."</th>\n";
+        echo '<tr>';
-    echo " <th>".i18n("Funding Selection Date")."</th>\n";
+        echo ' <th>' . i18n('Name') . "</th>\n";
-    echo "</tr>\n";
+        echo ' <th>' . i18n('Proposal Submission Date') . "</th>\n";
-    while($r=mysql_fetch_object($q)) {
+        echo ' <th>' . i18n('Funding Selection Date') . "</th>\n";
        echo "<tr><td>$r->organization</td>";
        echo "<td>".format_date($r->proposalsubmissiondate)."</td>";
        echo "<td>".format_date($r->fundingselectiondate)."</td>";
        echo "</tr>\n";
        while ($r = $q->fetch(PDO::FETCH_OBJ)) {
            echo "<tr><td>$r->organization</td>";
            echo '<td>' . format_date($r->proposalsubmissiondate) . '</td>';
            echo '<td>' . format_date($r->fundingselectiondate) . '</td>';
            echo "</tr>\n";
        }
        echo "</table>\n";
    } else {
        echo i18n('No proposals upcoming');
    }
    exit;
 } else if (get_value_from_array($_POST, 'thanked')) {
    foreach ($_POST['thanked'] AS $t) {
        $stmt = $pdo->prepare("UPDATE fundraising_donations SET thanked='yes' WHERE id='$t'");
        $stmt->execute();
    }
    echo "</table>\n";
 } else {
    echo i18n("No proposals upcoming");
 }
-	exit;
+send_header('Fundraising',
-}
+    array('Committee Main' => 'committee_main.php',
-else if (count($_POST['thanked'])) {
+        'Administration' => 'admin/index.php',
-	foreach($_POST['thanked'] AS $t) {
+        'Fundraising' => 'admin/fundraising.php'),
-		mysql_query("UPDATE fundraising_donations SET thanked='yes' WHERE id='$t'");
+    'fundraising');
 	}
 }
 send_header("Fundraising",
 		array('Committee Main' => 'committee_main.php',
 			'Administration' => 'admin/index.php',
 			'Fundraising' => 'admin/fundraising.php'),
            "fundraising"
 			);
 ?>
 <script type="text/javascript">
 $(document).ready(function() {
@ -298,5 +319,5 @@ function opencommunicationsender(uid,template) {
 <div id="dashboard"></div>
 <?
- send_footer();
+send_footer();
 ?>
--- a/admin/fundraising_campaigns.php
+++ b/admin/fundraising_campaigns.php
--- a/admin/fundraising_campaigns_prospecting.php
+++ b/admin/fundraising_campaigns_prospecting.php
@ -1,55 +1,58 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2009 James Grant <james@lightbox.org>
+/*
-
+ * This file is part of the 'Science Fair In A Box' project
-   This program is free software; you can redistribute it and/or
+ * SFIAB Website: http://www.sfiab.ca
-   modify it under the terms of the GNU General Public
+ *
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2009 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- require("fundraising_common.inc.php");
+require ('fundraising_common.inc.php');
-    $userslist=array();
+$userslist = array();
-    $otherlist=array();
+$otherlist = array();
-if($_POST['donortype']=="organization") {
+if ($_POST['donortype'] == 'organization') {
-    $q=mysql_query("SELECT id, organization AS name, address, address2, city, province_code, postalcode FROM sponsors ORDER BY name");
+	$q = $pdo->prepare('SELECT id, organization AS name, address, address2, city, province_code, postalcode FROM sponsors ORDER BY name');
    echo mysql_error();
-    if(!$_POST['contacttype'])
+	$q->execute();
-        $contacttype=array("primary","secondary");
+	show_pdo_errors_if_any($pdo);
    else 
        $contacttype=$_POST['contacttype'];
-    $primary="";
+	if (!$_POST['contacttype'])
-    while($r=mysql_fetch_object($q)) {
+		$contacttype = array('primary', 'secondary');
-        foreach($contacttype AS $ct) {
+	else
-            switch($ct) {
+		$contacttype = $_POST['contacttype'];
-                case "primary":
+
-                    $primary="yes";
+	$primary = '';
-                    break;
+	while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-                case "secondary":
+		foreach ($contacttype AS $ct) {
-                    $primary="no";
+			switch ($ct) {
-                    break;
+				case 'primary':
-            }
+					$primary = 'yes';
-			$cq = mysql_query("SELECT *,MAX(year) FROM users LEFT JOIN users_sponsor ON users_sponsor.users_id=users.id
+					break;
 				case 'secondary':
 					$primary = 'no';
 					break;
 			}
 			$cq = $pdo->prepare("SELECT *,MAX(year) FROM users LEFT JOIN users_sponsor ON users_sponsor.users_id=users.id
 			WHERE 
 			sponsors_id='" . $r->id . "' 
 			AND `primary`='$primary' 
@ -58,185 +61,180 @@ if($_POST['donortype']=="organization") {
 			HAVING deleted='no' 
 			ORDER BY users_sponsor.primary DESC,lastname,firstname
 			");
 			$cq->execute();
-            echo mysql_error();
+			show_pdo_errors_if_any($pdo);
-            while($cr=mysql_fetch_object($cq)) {
+			while ($cr = $cq->fetch(PDO::FETCH_OBJ)) {
-                if(!$userslist[$cr->uid])
+				if (!$userslist[$cr->uid])
-                    $userslist[$cr->uid]=user_load($cr->users_id);
+					$userslist[$cr->uid] = user_load($cr->users_id);
-            }
+			}
-        }
+		}
-    }
+	}
-}
+} else if ($_POST['donortype'] == 'individual') {
-else if($_POST['donortype']=="individual") {
+	if (!$_POST['individual_type'])
 		$individual_type = array('judge', 'teacher', 'sciencehead', 'principal', 'parent', 'mentor', 'committee', 'volunteer', 'students');
 	else
 		$individual_type = $_POST['individual_type'];
-    if(!$_POST['individual_type'])
+	foreach ($individual_type AS $t) {
-        $individual_type=array("judge","teacher","sciencehead","principal","parent","mentor","committee","volunteer","students");
+		$query = "SELECT *,MAX(year) FROM users WHERE types LIKE '%$t%' GROUP BY uid HAVING deleted='no' ORDER BY lastname,firstname";
-    else 
+		$q = $pdo->prepare($query);
-        $individual_type=$_POST['individual_type'];
+		$q->execute();
-
+		show_pdo_errors_if_any($pdo);
-    foreach($individual_type AS $t) {
+		while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-		$query="SELECT *,MAX(year) FROM users WHERE types LIKE '%$t%' GROUP BY uid HAVING deleted='no' ORDER BY lastname,firstname";
+			if (!$userslist[$r->uid])
-		$q=mysql_query($query);
+				$userslist[$r->uid] = user_load_by_uid($r->uid);
-		echo mysql_error();
+		}
-		while($r=mysql_fetch_object($q)) {
+	}
 			if(!$userslist[$r->uid])
 				$userslist[$r->uid]=user_load_by_uid($r->uid);
        }
    }
 }
-//okie dokie, now we need to filter ou the list on the other criteria
+// okie dokie, now we need to filter ou the list on the other criteria
-if($_POST['emailaddress']) {
+if ($_POST['emailaddress']) {
-	$emailaddress=$_POST['emailaddress'];
+	$emailaddress = $_POST['emailaddress'];
-}
+} else {
-else {
+	$emailaddress = array('available', 'not available');
 	$emailaddress=array("available","not available");
 }
-if(count($emailaddress)==1) {
+if (count($emailaddress) == 1) {
-	$emailavailablelist=array();
+	$emailavailablelist = array();
-	$emailnotavailablelist=array();
+	$emailnotavailablelist = array();
-	foreach($userslist AS $uid=>$u) {
+	foreach ($userslist AS $uid => $u) {
-		if($u['email'])
+		if ($u['email'])
-			$emailavailablelist[$uid]=$u;
+			$emailavailablelist[$uid] = $u;
 		else
-			$emailnotavailablelist[$uid]=$u;
+			$emailnotavailablelist[$uid] = $u;
 	}
-	if($emailaddress[0]=="available") {
+	if ($emailaddress[0] == 'available') {
-		$userslist=$emailavailablelist;
+		$userslist = $emailavailablelist;
 	} else {
-		$userslist=$emailnotavailablelist;
+		$userslist = $emailnotavailablelist;
 	}
 }
-
+if ($_POST['donationhistory']) {
-if($_POST['donationhistory']) {
+	$donationhistory = $_POST['donationhistory'];
-	$donationhistory=$_POST['donationhistory'];
+} else {
-}
+	$donationhistory = array('never', 'past', 'lastyear', 'thisyear');
 else {
 	$donationhistory=array("never","past","lastyear","thisyear");
 }
 /*
-FIXME: put this back in as it would eliminate a lot of processing
+ * FIXME: put this back in as it would eliminate a lot of processing
 *
 * if(in_array('never',$donationhistory) && in_array('past',$donationhistory)) {
 * 	//these cancel eachother out basically, so include everyone
 * 	unset($donationhistory[array_search("never",$donationhistory)]);
 * 	unset($donationhistory[array_search("past",$donationhistory)]);
 * }
 */
-if(in_array('never',$donationhistory) && in_array('past',$donationhistory)) {
+$neverlist = $userslist;
-	//these cancel eachother out basically, so include everyone
+$pastlist = $userslist;
-	unset($donationhistory[array_search("never",$donationhistory)]);
+$lastyearlist = $userslist;
-	unset($donationhistory[array_search("past",$donationhistory)]);
+$thisyearlist = $userslist;
 // if they dont have a sponsors id, then they,ve never donated for sure, so keep them
 // if they DO have a sponsors id, we need to check if tere is a donation record for them
 // and if so, remove them if there is because tey have donated in the past
 foreach ($neverlist AS $uid => $u) {
 	if ($u['sponsors_id']) {
 		$q = $pdo->prepare("SELECT * FROM fundraising_donations WHERE status='received' AND sponsors_id='{$u['sponsors_id']}'");
 		$q->execute();
 		if ($q->rowCount()) {
 			//		echo "removing $uid because they have donated in the past <br />";
 			unset($neverlist[$uid]);
 		}
 	}
 }
 */
-$neverlist=$userslist;
+// if they dont have a sponsors id, then they,ve never donated for sure, get rid of them
-$pastlist=$userslist;
+// if they DO have a sponsors id, we need to check if tere is a donation record for them
-$lastyearlist=$userslist;
+// and if not remove them if there is because tey have not donated in the past
 $thisyearlist=$userslist;
-	//if they dont have a sponsors id, then they,ve never donated for sure, so keep them
+foreach ($pastlist AS $uid => $u) {
-		//if they DO have a sponsors id, we need to check if tere is a donation record for them
+	if ($u['sponsors_id']) {
-		//and if so, remove them if there is because tey have donated in the past
+		$q = $pdo->prepare("SELECT * FROM fundraising_donations WHERE status='received' AND sponsors_id='{$u['sponsors_id']}'");
-
+		$q->execute();
-	foreach($neverlist AS $uid=>$u) {
+		if (!$q->rowCount()) {
-		if($u['sponsors_id']) {
+			//		echo "removing $uid because they have NOT donated in the past <br />";
-			$q=mysql_query("SELECT * FROM fundraising_donations WHERE status='received' AND sponsors_id='{$u['sponsors_id']}'");
+			unset($pastlist[$uid]);
 			if(mysql_num_rows($q)) {
 		//		echo "removing $uid because they have donated in the past <br />";
 				unset($neverlist[$uid]);
 			}
 		}
-	}
+	} else {
 //if they dont have a sponsors id, then they,ve never donated for sure, get rid of them
 	//if they DO have a sponsors id, we need to check if tere is a donation record for them
 	//and if not remove them if there is because tey have not donated in the past
 	foreach($pastlist AS $uid=>$u) {
 		if($u['sponsors_id']) {
 			$q=mysql_query("SELECT * FROM fundraising_donations WHERE status='received' AND sponsors_id='{$u['sponsors_id']}'");
 			if(!mysql_num_rows($q)) {
 		//		echo "removing $uid because they have NOT donated in the past <br />";
-				unset($pastlist[$uid]);
+		unset($pastlist[$uid]);
 			}
 		}
 		else {
 		//		echo "removing $uid because they have NOT donated in the past <br />";
 				unset($pastlist[$uid]);
 		}
 	}
 }
-	$lastyear=$config['FISCALYEAR']-1;
+$lastyear = $config['FISCALYEAR'] - 1;
-	foreach($lastyearlist AS $uid=>$u) {
+foreach ($lastyearlist AS $uid => $u) {
-		if($u['sponsors_id']) {
+	if ($u['sponsors_id']) {
-			$q=mysql_query("SELECT * FROM fundraising_donations WHERE status='received' AND sponsors_id='{$u['sponsors_id']}' AND fiscalyear='$lastyear'");
+		$q = $pdo->prepare("SELECT * FROM fundraising_donations WHERE status='received' AND sponsors_id='{$u['sponsors_id']}' AND fiscalyear='$lastyear'");
-			if(!mysql_num_rows($q)) {
+		$q->execute();
 		if (!$q->rowCount()) {
 			//		echo "removing $uid because they have NOT donated last year <br />";
 			unset($lastyearlist[$uid]);
 		}
 	} else {
 		//		echo "removing $uid because they have NOT donated last year <br />";
-				unset($lastyearlist[$uid]);
+		unset($lastyearlist[$uid]);
 			}
 		}
 		else {
 		//		echo "removing $uid because they have NOT donated last year <br />";
 				unset($lastyearlist[$uid]);
 		}
 	}
 }
-	foreach($thisyearlist AS $uid=>$u) {
+foreach ($thisyearlist AS $uid => $u) {
-		if($u['sponsors_id']) {
+	if ($u['sponsors_id']) {
-			$q=mysql_query("SELECT * FROM fundraising_donations WHERE status='received' AND sponsors_id='{$u['sponsors_id']}' AND fiscalyear='{$config['FISCALYEAR']}'");
+		$q = $pdo->prepare("SELECT * FROM fundraising_donations WHERE status='received' AND sponsors_id='{$u['sponsors_id']}' AND fiscalyear='{$config['FISCALYEAR']}'");
-			if(!mysql_num_rows($q)) {
+		$q->execcute();
-		//		echo "removing $uid because they have NOT donated this year <br />";
+		if (!$q->rowCount()) {
-				unset($thisyearlist[$uid]);
+			//		echo "removing $uid because they have NOT donated this year <br />";
-			}
+			unset($thisyearlist[$uid]);
 		}
-		else {
+	} else {
 		//		echo "removing $uid because they have NOT donated this year <br />";
-				unset($thisyearlist[$uid]);
+		unset($thisyearlist[$uid]);
 		}
 	}
 }
 /*
-echo "neverlist:".count($neverlist)."<br />";
+ * echo "neverlist:".count($neverlist)."<br />";
-echo "pastlist:".count($pastlist)."<br />";
+ * echo "pastlist:".count($pastlist)."<br />";
-echo "lastyearlist:".count($lastyearlist)."<br />";
+ * echo "lastyearlist:".count($lastyearlist)."<br />";
-echo "thisyearlist:".count($thisyearlist)."<br />";
+ * echo "thisyearlist:".count($thisyearlist)."<br />";
-*/
+ */
-$userslist=array();
+$userslist = array();
-foreach($donationhistory AS $dh) {
+foreach ($donationhistory AS $dh) {
-	$arr=$dh."list";
+	$arr = $dh . 'list';
-	foreach($$arr AS $uid=>$u) {
+	foreach ($$arr AS $uid => $u) {
-		$userslist[$uid]=$u;
+		$userslist[$uid] = $u;
 	}
 }
-if($_GET['generatelist']) {
+if ($_GET['generatelist']) {
-	$campaignid=$_POST['fundraising_campaigns_id'];
+	$campaignid = $_POST['fundraising_campaigns_id'];
-	$params=serialize($_POST);
+	$params = serialize($_POST);
 	echo "params=$params";
-	mysql_query("UPDATE fundraising_campaigns SET filterparameters='{$params}' WHERE id='$campaignid'");
+	$stmt = $pdo->prepare("UPDATE fundraising_campaigns SET filterparameters='{$params}' WHERE id='$campaignid'");
-	$uids=array_keys($userslist);
+	$stmt->execute();
-	foreach($uids AS $u) {
+	$uids = array_keys($userslist);
-		mysql_query("INSERT INTO fundraising_campaigns_users_link (fundraising_campaigns_id, users_uid) VALUES ('$campaignid','$u')");
+	foreach ($uids AS $u) {
 		$stmt = $pdo->prepare("INSERT INTO fundraising_campaigns_users_link (fundraising_campaigns_id, users_uid) VALUES ('$campaignid','$u')");
 		$stmt->execute();
 	}
-	echo "List created";
+
-}
+	echo 'List created';
-else {
+} else {
-	//just show the results
+	// just show the results
-	$usersnum=count($userslist);
+	$usersnum = count($userslist);
-	echo i18n("%1 users match the given criteria",array($usersnum))." <br />";
+	echo i18n('%1 users match the given criteria', array($usersnum)) . ' <br />';
-	echo "<input type=\"submit\" value=\"".i18n("Generate List")."\">\n";
+	echo '<input type="submit" value="' . i18n('Generate List') . "\">\n";
-	//print_r($userslist);
+	// print_r($userslist);
-	//print_r($otherlist);
+	// print_r($otherlist);
 }
-
+echo '<br /><br />';
-	echo "<br /><br />";
+echo nl2br(print_r($_POST, true));
 echo nl2br(print_r($_POST,true));
 ?>
--- a/admin/fundraising_common.inc.php
+++ b/admin/fundraising_common.inc.php
@ -1,10 +1,13 @@
 <?
-$campaign_types=array("Mail","Email","Phone","Personal Visit","Event","Other");
+$campaign_types = array('Mail', 'Email', 'Phone', 'Personal Visit', 'Event', 'Other');
 $salutations = array('Mr.', 'Mrs.', 'Ms', 'Dr.', 'Professor');
-function getGoal($goal) {
+function getGoal($goal)
-	global $config;
+{
-	$q=mysql_query("SELECT * FROM fundraising_goals WHERE goal='$goal' AND fiscalyear='{$config['FISCALYEAR']}' LIMIT 1");
+	global $config, $pdo;
-	return mysql_fetch_object($q);
+	$q = $pdo->prepare("SELECT * FROM fundraising_goals WHERE goal='$goal' AND fiscalyear='{$config['FISCALYEAR']}' LIMIT 1");
 	$q->execute();
 	return $q->fetch(PDO::FETCH_OBJ);
 }
 ?>
--- a/admin/fundraising_goals_handler.inc.php
+++ b/admin/fundraising_goals_handler.inc.php
@ -1,65 +1,68 @@
 <?
-if($_POST['action']=="funddelete" && $_POST['delete']) {
+if ($_POST['action'] == 'funddelete' && $_POST['delete']) {
-	//first lookup all the sponsorships inside the fund
+	// first lookup all the sponsorships inside the fund
-	$id=intval($_POST['delete']);
+	$id = intval($_POST['delete']);
-	$q=mysql_query("SELECT * FROM fundraising_goals WHERE id='$id' AND year='".$config['FISCALYEAR']."'");
+	$q = $pdo->prepare("SELECT * FROM fundraising_goals WHERE id='$id' AND year='" . $config['FISCALYEAR'] . "'");
-	$f=mysql_fetch_object($q);
+	$q->execute();
-	//hold yer horses, no deleting system funds!
+	$f = $q->fetch(PDO::FETCH_OBJ);
-	if($f) {
+	// hold yer horses, no deleting system funds!
-		if($f->system=="no") {
+	if ($f) {
-			mysql_query("DELETE FROM fundraising_donations WHERE fundraising_goal='".mysql_real_escape_string($f->type)."' AND fiscalyear='".$config['FISCALYEAR']."'");
+		if ($f->system == 'no') {
-			mysql_query("DELETE FROM fundraising_goals WHERE id='$id'");
+			$stmt = $pdo->prepare("DELETE FROM fundraising_donations WHERE fundraising_goal='" . $f->type . "' AND fiscalyear='" . $config['FISCALYEAR'] . "'");
-			if(mysql_affected_rows())
+			$stmt->execute();
-				happy_("Successfully removed fund %1",array($f->name));
+			$stmt = $pdo->prepare("DELETE FROM fundraising_goals WHERE id='$id'");
-		}
+			$stmt->execute();
-		else {
+			if ($pdo->rowCount())
-			error_("Cannot remove system fund");
+				happy_('Successfully removed fund %1', array($f->name));
 		} else {
 			error_('Cannot remove system fund');
 		}
 	}
-    exit;
+	exit;
 }
-if($_POST['action']=="fundedit" || $_POST['action']=="fundadd") {
+if ($_POST['action'] == 'fundedit' || $_POST['action'] == 'fundadd') {
-	$fundraising_id=intval($_POST['fundraising_id']);
+	$fundraising_id = intval($_POST['fundraising_id']);
-	if($fundraising_id) {
+	if ($fundraising_id) {
-		$q=mysql_query("SELECT * FROM fundraising_goals WHERE id='$fundraising_id'");
+		$q = $pdo->prepare("SELECT * FROM fundraising_goals WHERE id='$fundraising_id'");
-		$f=mysql_fetch_object($q);
+		$q->execute();
-		$system=$f->system;
+		$f = $q->fetch(PDO::FETCH_OBJ);
 		$system = $f->system;
 	}
-	$name=mysql_real_escape_string($_POST['name']);
+	$name = $_POST['name'];
-	$goal=mysql_real_escape_string($_POST['goal']);
+	$goal = $_POST['goal'];
-	$description=mysql_real_escape_string($_POST['description']);
+	$description = $_POST['description'];
-	$budget=intval($_POST['budget']);
+	$budget = intval($_POST['budget']);
 }
-if($_POST['action']=="fundedit") {
+if ($_POST['action'] == 'fundedit') {
-	if( ($system=="yes" && $budget) || ($system=="no" && $budget && $goal && $name) ) {
+	if (($system == 'yes' && $budget) || ($system == 'no' && $budget && $goal && $name)) {
-		if($system=="yes") {
+		if ($system == 'yes') {
-			mysql_query("UPDATE fundraising SET budget='$budget', description='$description' WHERE id='$fundraising_id'");
+			$stmt = $pdo->prepare("UPDATE fundraising SET budget='$budget', description='$description' WHERE id='$fundraising_id'");
 			$stmt->execute();
 		} else {
 			$stmt = $pdo->prepare("UPDATE fundraising SET budget='$budget', description='$description', goal='$goal', name='$name' WHERE id='$fundraising_id'");
 			$stmt->execute();
 		}
-		else {
+
-			mysql_query("UPDATE fundraising SET budget='$budget', description='$description', goal='$goal', name='$name' WHERE id='$fundraising_id'");
+		if ($pdo->errorInfo())
-		}
+			error_('MySQL Error: %1', array($pdo->errorInfo()));
 		if(mysql_error())
 			error_("MySQL Error: %1",array(mysql_error()));
 		else
-			happy_("Saved fund changes");
+			happy_('Saved fund changes');
 	} else {
 		error_('Required fields were missing, please try again');
 	}
-	else {
+	exit;
 		error_("Required fields were missing, please try again");
 	}
    exit;
 }
-if($_POST['action']=="fundadd") {
+if ($_POST['action'] == 'fundadd') {
-	if( $goal && $type && $name) {
+	if ($goal && $type && $name) {
-		mysql_query("INSERT INTO fundraising_goals (goal,name,description,system,budget,fiscalyear) VALUES ('$goal','$name','$description','no','$budget','{$config['FISCALYEAR']}')");
+		$stmt = $pdo->prepare("INSERT INTO fundraising_goals (goal,name,description,system,budget,fiscalyear) VALUES ('$goal','$name','$description','no','$budget','{$config['FISCALYEAR']}')");
-		happy_("Added new fund");
+		$stmt->execute();
-	}
+		happy_('Added new fund');
-	else
+	} else
-		error_("Required fields were missing, please try again");
+		error_('Required fields were missing, please try again');
-	if(mysql_error())
+	if ($pdo->errorInfo())
-		error_("MySQL Error: %1",array(mysql_error()));
+		error_('MySQL Error: %1', array($pdo->errorInfo()));
-    exit;
+	exit;
 }
 ?>
--- a/admin/fundraising_main.inc.php
+++ b/admin/fundraising_main.inc.php
@ -0,0 +1,87 @@
 <?
 if ($_GET['action'] == 'fundraisingmain') {
 	// this table is eventually going to be massive, and probably not in a tableview format, it'll show goals as well as all ongoing fund pledges, probabilities, etc as well as over/under, etc, all prettily colour coded.. basically a good overview of the total fundraising status of the fair.
 	$q = $pdo->prepare("SELECT * FROM fundraising_goals WHERE fiscalyear='{$config['FISCALYEAR']}' ORDER BY system DESC,goal");
 	$q->execute();
 	echo '<table class="fundraisingtable">';
 	while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 		echo '<tr>';
 		echo '<th><a title="' . i18n('Edit fund details') . "\" onclick=\"return popup_fund_editor('fundraising_types.php?id=$r->id')\" href=\"#\"><img border=\"0\" src=\"" . $config['SFIABDIRECTORY'] . '/images/16/edit.' . $config['icon_extension'] . '"></a>';
 		if ($r->system == 'no') {
 			// echo "<a title=\"".i18n("Remove Fund")."\" onclick=\"return confirmClick('Are you sure you want to remove this fund and all sponsorships inside it?')\" href=\"fundraising.php?action=funddelete&delete=$r->id\">";
 			echo "<img style=\"cursor:pointer\" onclick=\"return delete_fund($r->id)\" border=\"0\" src=\"" . $config['SFIABDIRECTORY'] . '/images/16/button_cancel.' . $config['icon_extension'] . '">';
 			// echo "</a>";
 		}
 		echo "</th>\n";
 		echo '<th colspan="5">' . i18n($r->name) . "</th>\n";
 		echo '<th style="text-align: right"><nobr>' . format_money($r->budget) . "</nobr></th>\n";
 		echo "</tr>\n";
 		if ($r->type == 'general')
 			$orsql .= 'OR fundraising_type IS NULL';
 		$typetotal = 0;
 		$typeprobtotal = 0;
 		$sq = $pdo->prepare("
            SELECT fundraising_donations.id, sponsors.organization AS name, fundraising_donations.value, fundraising_donations.status, fundraising_donations.probability
 	\t FROM fundraising_donations
 	\t JOIN sponsors ON fundraising_donations.sponsors_id=sponsors.id
 	\t  WHERE (fundraising_donations.fundraising_goal='$r->goal' $orsql) 
 	\t  AND fundraising_donations.fiscalyear='{$config['FISCALYEAR']}'
          UNION
        SELECT fundraising_donations.id, CONCAT(users.firstname,' ',users.lastname) AS name, fundraising_donations.value, fundraising_donations.status, fundraising_donations.probability
 	\t FROM fundraising_donations
 	\t JOIN users ON fundraising_donations.users_uid=users.uid
 	\t  WHERE (fundraising_donations.fundraising_goal='$r->goal' $orsql) 
 	\t  AND fundraising_donations.fiscalyear='{$config['FISCALYEAR']}'
 	\t  ORDER BY status DESC, probability DESC, name
            ");
 		$sq->execute();
 		show_pdo_errors_if_any($pdo);
 		while ($sr = $sq->fetch(PDO::FETCH_OBJ)) {
 			echo "<tr id=\"sponsorships_$sr->id\" class=\"fundraising{$sr->status}\">";
 			echo '<td>';
 			echo "<img style=\"cursor:pointer;\" onclick=\"delete_sponsorship($sr->id)\" border=\"0\" src=\"" . $config['SFIABDIRECTORY'] . '/images/16/button_cancel.' . $config['icon_extension'] . '">';
 			echo '</td>';
 			echo "<td style=\"cursor: pointer;\" onclick=\"popup_sponsorship_editor('fundraising_sponsorship.php?id=$sr->id&fundraising_type=$r->type')\">";
 			echo "$sr->name</td>\n";
 			echo "<td>$sr->status</td>";
 			echo '<td>';
 			if ($sr->status == 'pending') {
 				echo "$sr->probability%";
 				echo '</td>';
 				echo '<td><nobr>' . format_money($sr->value) . '</nobr></td>';
 			} else
 				echo "</td><td></td>\n";
 			$probval = $sr->probability / 100 * $sr->value;
 			echo '<td style="text-align: right"><nobr>' . format_money($probval) . '</nobr></td>';
 			echo "<td></td>\n";
 			echo "</tr>\n";
 			$typeprobtotal += $probval;
 			$typetotal += $sr->value;
 		}
 		echo '<tr>';
 		echo "<td><a onclick=\"return popup_sponsorship_editor('fundraising_sponsorship.php?fundraising_type=$r->type')\" href=\"#\">add</a></td>";
 		echo '<td colspan="3" style="text-align: right; font-weight: bold;">' . i18n('%1 Total', array($r->name), array('Fundraising type total, eg) Award Sponsorship Total')) . "</td>\n";
 		echo '<td style="font-weight: bold; text-align: right;"><nobr>' . format_money($typetotal) . "</nobr></td>\n";
 		echo '<td style="font-weight: bold; text-align: right;"><nobr>' . format_money($typeprobtotal) . "</nobr></td>\n";
 		$typediff = $typeprobtotal - $r->goal;
 		echo '<td style="font-weight: bold; text-align: right;"><nobr>' . format_money($typediff) . "</nobr></td>\n";
 		echo "</tr>\n";
 		$totalgoal += $r->goal;
 		$totaldiff += $typediff;
 		echo "<tr><td colspan=\"7\">&nbsp;</td></tr>\n";
 	}
 	echo '<tr>';
 	echo '<td colspan="2"><a onclick="return popup_fund_editor(\'fundraising_types.php\')" href="#">add fund type</a></td>';
 	echo '<td colspan="4" style="font-weight: bold; text-align: right;">' . i18n('Total Net Position') . '</td><td style="text-align: right; font-weight: bold;">' . format_money($totaldiff) . "</td></tr>\n";
 	echo "</table>\n";
 	exit;
 }
--- a/admin/fundraising_reports.php
+++ b/admin/fundraising_reports.php
@ -1,37 +1,37 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2009 James Grant <james@lightbox.org>
+/*
-
+ * This file is part of the 'Science Fair In A Box' project
-   This program is free software; you can redistribute it and/or
+ * SFIAB Website: http://www.sfiab.ca
-   modify it under the terms of the GNU General Public
+ *
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2009 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- require("fundraising_common.inc.php");
+require ('fundraising_common.inc.php');
-send_header("Fundraising Reports",
+send_header('Fundraising Reports',
- 		array('Committee Main' => 'committee_main.php',
+    array('Committee Main' => 'committee_main.php',
-			'Administration' => 'admin/index.php',
+        'Administration' => 'admin/index.php',
-			'Fundraising' => 'admin/fundraising.php'),
+        'Fundraising' => 'admin/fundraising.php'),
-            "fundraising"
+    'fundraising');
 			);
 ?>
 <script type="text/javascript">
 $(document).ready( function(){
@ -52,18 +52,20 @@ $(document).ready( function(){
  <select name="fundraising_campaigns_id">
   <option value="">All appeals</option>
   <?
-   $q=mysql_query("SELECT * FROM fundraising_campaigns WHERE fiscalyear='{$config['FISCALYEAR']}' ORDER BY name");
+$q = $pdo->prepare("SELECT * FROM fundraising_campaigns WHERE fiscalyear='{$config['FISCALYEAR']}' ORDER BY name");
-   while($r=mysql_fetch_object($q)) {
+$q->execute();
-	   echo "<option value=\"$r->id\">$r->name</option>\n";
+while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-   }
+    echo "<option value=\"$r->id\">$r->name</option>\n";
-   ?>
+}
 ?>
  </select>
  </td></tr>
  <tr><td>
  Report Type:
  </td><td>
  <select name="type">
-   <option value="pdf">PDF</option>
+    <!-- FIXME -->
   <!--<option value="pdf">PDF</option>-->
   <option value="csv">CSV</option>
  </select>
  </td></tr>
@ -82,18 +84,20 @@ $(document).ready( function(){
  <select name="goal">
   <option value="">All purposes</option>
   <?
-   $q=mysql_query("SELECT * FROM fundraising_goals WHERE fiscalyear='{$config['FISCALYEAR']}' ORDER BY name");
+$q = $pdo->prepare("SELECT * FROM fundraising_goals WHERE fiscalyear='{$config['FISCALYEAR']}' ORDER BY name");
-   while($r=mysql_fetch_object($q)) {
+$q->execute();
-	   echo "<option value=\"$r->goal\">$r->name</option>\n";
+while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-   }
+    echo "<option value=\"$r->goal\">$r->name</option>\n";
-   ?>
+}
 ?>
  </select>
  </td></tr>
  <tr><td>
  Report Type:
  </td><td>
  <select name="type">
-   <option value="pdf">PDF</option>
+    <!-- FIXME -->
   <!--<option value="pdf">PDF</option>-->
   <option value="csv">CSV</option>
  </select>
  </td></tr>
@ -111,5 +115,5 @@ $(document).ready( function(){
 <li><a href="#">(custom reports will be here)</a></li>
 </ul>
 <?
- send_footer();
+send_footer();
 ?>
--- a/admin/fundraising_reports_std.php
+++ b/admin/fundraising_reports_std.php
@ -1,154 +1,152 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2009 James Grant <james@lightbox.org>
+/*
-
+ * This file is part of the 'Science Fair In A Box' project
-   This program is free software; you can redistribute it and/or
+ * SFIAB Website: http://www.sfiab.ca
-   modify it under the terms of the GNU General Public
+ *
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2009 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- require("fundraising_common.inc.php");
+require ('fundraising_common.inc.php');
- require_once("../lpdf.php");
+require_once ('../lpdf.php');
- require_once("../lcsv.php");
+require_once ('../lcsv.php');
 $id=intval($_GET['id']);
 $type=$_GET['type'];
 $id = intval($_GET['id']);
 $type = $_GET['type'];
- if($id && $type) {
+if ($id && $type) {
-	 switch($id) {
+	switch ($id) {
-		 case 1:
+		case 1:
-			 if($type=="csv") {
+			if ($type == 'csv') {
-				 $rep=new lcsv($config['FAIRNAME']);
+				$rep = new lcsv($config['FAIRNAME']);
-
+			} else if ($type == 'pdf') {
-			 } else if($type=="pdf") {
+				$rep = new lpdf(i18n($config['fairname']),
-				$rep=new lpdf(	i18n($config['fairname']),
+					i18n('List of Prospects By Appeal'),
-						i18n("List of Prospects By Appeal"),
+					$_SERVER['DOCUMENT_ROOT'] . $config['SFIABDIRECTORY'] . '/data/logo-200.gif');
 						$_SERVER['DOCUMENT_ROOT'].$config['SFIABDIRECTORY']."/data/{$conference['id']}-logo-200.gif"
 						);
 				$rep->newPage();
 				$rep->setFontSize(8);
-			 }
+			}
-			 $sql="SELECT * FROM fundraising_campaigns WHERE fiscalyear='{$config['FISCALYEAR']}' ";
+			$sql = "SELECT * FROM fundraising_campaigns WHERE fiscalyear='{$config['FISCALYEAR']}' ";
-			 if($_GET['fundraising_campaigns_id']) {
+			if ($_GET['fundraising_campaigns_id']) {
-				 $sql.=" AND id='".intval($_GET['fundraising_campaigns_id'])."'";
+				$sql .= " AND id='" . intval($_GET['fundraising_campaigns_id']) . "'";
-			 }
+			}
-			 $sql.=" ORDER BY name";
+			$sql .= ' ORDER BY name';
-			 $q=mysql_query($sql);
+			$q = $pdo->prepare($sql);
-			 echo mysql_error();
+			$q->execute();
-			 while($r=mysql_fetch_object($q)) {
+			show_pdo_errors_if_any($pdo);
-				 $rep->heading($r->name);
+			while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-				 $table=array();
+				$rep->heading($r->name);
-				 $table['header']=array("Name","Contact","Phone","Address","$ appeal","$ this year","$ last year","%chg");
+				$table = array();
-				 $table['widths']=array(1.5,1,1,1,0.9,0.9,0.9,0.5);
+				$table['header'] = array('Name', 'Contact', 'Phone', 'Address', '$ appeal', '$ this year', '$ last year', '%chg');
-				 $table['dataalign']=array("left","left","left","left","right","right","right","center");
+				$table['widths'] = array(1.5, 1, 1, 1, 0.9, 0.9, 0.9, 0.5);
 				$table['dataalign'] = array('left', 'left', 'left', 'left', 'right', 'right', 'right', 'center');
-				$thisyear=$config['FISCALYEAR'];
+				$thisyear = $config['FISCALYEAR'];
-				$lastyear=$config['FISCALYEAR']-1;
+				$lastyear = $config['FISCALYEAR'] - 1;
-				 $pq=mysql_query("SELECT * FROM fundraising_campaigns_users_link WHERE fundraising_campaigns_id='$r->id'");
+				$pq = $pdo->prepare("SELECT * FROM fundraising_campaigns_users_link WHERE fundraising_campaigns_id='$r->id'");
-				 while($pr=mysql_fetch_object($pq)) {
+				$pq->execute();
-					 $u=user_load_by_uid($pr->users_uid);
+				while ($pr = $pq->fetch(PDO::FETCH_OBJ)) {
-					 //hopefully this never returns false, but who knows..
+					$u = user_load_by_uid($pr->users_uid);
-					 if($u) {
+					// hopefully this never returns false, but who knows..
-						 //we only want the primaries, yea, i know... we have this werid confusing between a USER being linked to a sponsor and then a sponsor having multiple users
+					if ($u) {
-						 //and then only getting the primary contact for the sponsor even if it might not be the user thats in teh campaign... my brain hurts
+						// we only want the primaries, yea, i know... we have this werid confusing between a USER being linked to a sponsor and then a sponsor having multiple users
 						// and then only getting the primary contact for the sponsor even if it might not be the user thats in teh campaign... my brain hurts
 						// if($u['primary']=="no")
 						//	 continue;
-						//gah i dont know what the heck to do here
+						// gah i dont know what the heck to do here
-						if($u['sponsors_id']) {
+						if ($u['sponsors_id']) {
-							$cq=mysql_query("SELECT SUM(value) AS total FROM fundraising_donations WHERE sponsors_id='{$u['sponsors_id']}' AND fundraising_campaigns_id='$r->id' AND status='received' AND fiscalyear='$thisyear'");
+							$cq = $pdo->prepare("SELECT SUM(value) AS total FROM fundraising_donations WHERE sponsors_id='{$u['sponsors_id']}' AND fundraising_campaigns_id='$r->id' AND status='received' AND fiscalyear='$thisyear'");
-							$cr=mysql_fetch_object($cq);
+							$cq->execute();
-							$thisappeal=$cr->total;
+							$cr = $cq->fetch(PDO::FETCH_OBJ);
-							$cq=mysql_query("SELECT SUM(value) AS total FROM fundraising_donations WHERE sponsors_id='{$u['sponsors_id']}' AND status='received' AND fiscalyear='$thisyear'");
+							$thisappeal = $cr->total;
-							$cr=mysql_fetch_object($cq);
+							$cq = $pdo->prepare("SELECT SUM(value) AS total FROM fundraising_donations WHERE sponsors_id='{$u['sponsors_id']}' AND status='received' AND fiscalyear='$thisyear'");
-							$thisyeartotal=$cr->total;
+							$cq->execute();
-							$cq=mysql_query("SELECT SUM(value) AS total FROM fundraising_donations WHERE sponsors_id='{$u['sponsors_id']}' AND status='received' AND fiscalyear='$lastyear'");
+							$cr = $cq->fetch(PDO::FETCH_OBJ);
-							$cr=mysql_fetch_object($cq);
+							$thisyeartotal = $cr->total;
-							$lastyeartotal=$cr->total;
+							$cq = $pdo->prepare("SELECT SUM(value) AS total FROM fundraising_donations WHERE sponsors_id='{$u['sponsors_id']}' AND status='received' AND fiscalyear='$lastyear'");
-							if($lastyeartotal)
+							$cq->execute();
-								$change=round(($thisyeartotal-$lastyeartotal)/$lastyeartotal*100);
+							$cr = $cq->fetch(PDO::FETCH_OBJ);
 							$lastyeartotal = $cr->total;
 							if ($lastyeartotal)
 								$change = round(($thisyeartotal - $lastyeartotal) / $lastyeartotal * 100);
 							else
-								$change="N/A";
+								$change = 'N/A';
-							$name=$u['sponsor']['organization'];
+							$name = $u['sponsor']['organization'];
-
+						} else {
 							$name = $u['firstname'] . ' ' . $u['lastname'];
 							$thisappeal = 0;
 							$thisyeartotal = 0;
 							$lastyeartotal = 0;
 							$change = 0;
 						}
-						else {
+						$table['data'][] = array(
-							$name=$u['firstname']." " .$u['lastname'];
+							$name,
-							$thisappeal=0;
+							$u['firstname'] . ' ' . $u['lastname'],
-							$thisyeartotal=0;
+							$u['phonework'],
-							$lastyeartotal=0;
+							$u['address'] . ' ' . $u['address2'],
-							$change=0;	
+							$thisappeal,
-
+							$thisyeartotal,
-						}
+							$lastyeartotal,
-						$table['data'][]=array(
+							$change
 						$name,
 						$u['firstname']." " .$u['lastname'],
 						$u['phonework'],
 						$u['address']." ".$u['address2'],
 						$thisappeal,
 						$thisyeartotal,
 						$lastyeartotal,
 						$change	
 						);
 					}
-				 }
+				}
-				 $rep->addTable($table);
+				$rep->addTable($table);
 			}
-			 }
+			break;
-		 break;
+		case 2:
-
+			if ($type == 'csv') {
-		 case 2:
+				$rep = new lcsv($config['FAIRNAME'], 'Results of Appeal by Purpose', '');
-			 if($type=="csv") {
+			} else if ($type == 'pdf') {
-				 $rep=new lcsv($config['FAIRNAME'],'Results of Appeal by Purpose',"");
+				$rep = new lpdf(i18n($config['fairname']),
-
+					i18n('Results of Appeal by Purpose'),
-			 } else if($type=="pdf") {
+					$_SERVER['DOCUMENT_ROOT'] . $config['SFIABDIRECTORY'] . '/data/logo-200.gif');
 				$rep=new lpdf(	i18n($config['fairname']),
 						i18n("Results of Appeal by Purpose"),
 						$_SERVER['DOCUMENT_ROOT'].$config['SFIABDIRECTORY']."/data/{$conference['id']}-logo-200.gif"
 						);
 				$rep->newPage();
 				$rep->setFontSize(8);
-			 }
+			}
-			 $sql="SELECT * FROM fundraising_goals WHERE fiscalyear='{$config['FISCALYEAR']}' ";
+			$sql = "SELECT * FROM fundraising_goals WHERE fiscalyear='{$config['FISCALYEAR']}' ";
-			 if($_GET['goal']) {
+			if ($_GET['goal']) {
-				 $sql.=" AND goal='".mysql_real_escape_string($_GET['goal'])."'";
+				$sql .= " AND goal='" . $_GET['goal'] . "'";
-			 }
+			}
-			 $sql.=" ORDER BY name";
+			$sql .= ' ORDER BY name';
-			 $q=mysql_query($sql);
+			$q = $pdo->prepare($sql);
-			 echo mysql_error();
+			$q->execute();
 			show_pdo_errors_if_any($pdo);
-			 while($r=mysql_fetch_object($q)) {
+			while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-				 $rep->heading($r->name)." (".$r->budget.")";
+				$rep->heading($r->name) . ' (' . $r->budget . ')';
-				 $table=array();
+				$table = array();
-				 $table['header']=array("Appeal Name","Target","Received","% to Budget","# of Prospects","# of Donors/Sponsors","Rate of Response","Average Amount Given");
+				$table['header'] = array('Appeal Name', 'Target', 'Received', '% to Budget', '# of Prospects', '# of Donors/Sponsors', 'Rate of Response', 'Average Amount Given');
-				 $table['widths']=array(1.5,0.5,0.5,0.75,0.9,0.9,0.9,0.5);
+				$table['widths'] = array(1.5, 0.5, 0.5, 0.75, 0.9, 0.9, 0.9, 0.5);
-				 $table['dataalign']=array("left","right","right","center","center","center","center","right");
+				$table['dataalign'] = array('left', 'right', 'right', 'center', 'center', 'center', 'center', 'right');
-				 $cq=mysql_query("SELECT * FROM fundraising_campaigns WHERE fundraising_goal='$r->goal' AND fiscalyear='{$config['FISCALYEAR']}'");
+				$cq = $pdo->prepare("SELECT * FROM fundraising_campaigns WHERE fundraising_goal='$r->goal' AND fiscalyear='{$config['FISCALYEAR']}'");
-				 while($cr=mysql_fetch_object($cq)) {
+				$cq->execute();
-					 $table['data'][]=array(
+				while ($cr = $cq->fetch(PDO::FETCH_OBJ)) {
 					$table['data'][] = array(
 						$cr->name,
 						$cr->target,
 						$received,
@ -156,19 +154,18 @@
 						$numprospects,
 						$numdonors,
 						$rate,
-						$avgamount);
+						$avgamount
-				 }
+					);
 				}
-				 $rep->addTable($table);
+				$rep->addTable($table);
-			 }
+			}
-
+			break;
 		 break;
 	}
 	$rep->output();
- }
+} else
- else
+	header('Location: fundraising_reports.php');
 	 header("Location: fundraising_reports.php");
 ?>
--- a/admin/fundraising_setup.php
+++ b/admin/fundraising_setup.php
@ -1,318 +1,344 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2009 James Grant <james@lightbox.org>
+/*
-
+ * This file is part of the 'Science Fair In A Box' project
-   This program is free software; you can redistribute it and/or
+ * SFIAB Website: http://www.sfiab.ca
-   modify it under the terms of the GNU General Public
+ *
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2009 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- //first, insert any default fundraising donor levels
+// first, insert any default fundraising donor levels
- $q=mysql_query("SELECT * FROM fundraising_donor_levels WHERE fiscalyear='".$config['FISCALYEAR']."'");
+$q = $pdo->prepare("SELECT * FROM fundraising_donor_levels WHERE fiscalyear='" . $config['FISCALYEAR'] . "'");
- if(!mysql_num_rows($q)) {
+$q->execute();
-     $q=mysql_query("SELECT * FROM fundraising_donor_levels WHERE fiscalyear='-1'");
+if (!$q->rowCount()) {
-     while($r=mysql_fetch_object($q)) {
+    $q = $pdo->prepare("SELECT * FROM fundraising_donor_levels WHERE fiscalyear='-1'");
-         mysql_query("INSERT INTO fundraising_donor_levels (`level`,`min`,`max`,`description`,`fiscalyear`) VALUES (
+    $q->execute();
-            '".mysql_real_escape_string($r->level)."',
+    while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-            '".mysql_real_escape_string($r->min)."',
+        $stmt = $pdo->prepare("INSERT INTO fundraising_donor_levels (`level`,`min`,`max`,`description`,`fiscalyear`) VALUES (
-            '".mysql_real_escape_string($r->max)."',
+            '" . $r->level . "',
-            '".mysql_real_escape_string($r->description)."',
+            '" . $r->min . "',
-            '".$config['FISCALYEAR']."')");
+            '" . $r->max . "',
-     }
+            '" . $r->description . "',
- }
+            '" . $config['FISCALYEAR'] . ")')");
- //first, insert any default fundraising goals
+        $stmt->execute();
- $q=mysql_query("SELECT * FROM fundraising_goals WHERE fiscalyear='".$config['FISCALYEAR']."'");
+    }
- if(!mysql_num_rows($q)) {
+}
     $q=mysql_query("SELECT * FROM fundraising_goals WHERE fiscalyear='-1'");
     while($r=mysql_fetch_object($q)) {
         mysql_query("INSERT INTO fundraising_goals (`goal`,`name`,`description`,`system`,`budget`,`fiscalyear`) VALUES (
            '".mysql_real_escape_string(stripslashes($r->goal))."',
            '".mysql_real_escape_string(stripslashes($r->name))."',
            '".mysql_real_escape_string(stripslashes($r->description))."',
            '".mysql_real_escape_string($r->system)."',
            '".mysql_real_escape_string($r->budget)."',
            '".$config['FISCALYEAR']."')");
     }
 }
 // first, insert any default fundraising goals
 $q = $pdo->prepare("SELECT * FROM fundraising_goals WHERE fiscalyear='" . $config['FISCALYEAR'] . "'");
 $q->execute();
 if (!$q->rowCount()) {
    $q = $pdo->prepare("SELECT * FROM fundraising_goals WHERE fiscalyear='-1'");
    $q->execute();
    while ($r = $q->fetch(PDO::FETCH_OBJ)) {
        $stmt = $pdo->prepare("INSERT INTO fundraising_goals (`goal`,`name`,`description`,`system`,`budget`,`fiscalyear`) VALUES (
            '" . stripslashes($r->goal) . "',
            '" . stripslashes($r->name) . "',
            '" . stripslashes($r->description) . "',
            '" . $r->system . "',
            '" . $r->budget . "',
            '" . $config['FISCALYEAR'] . "')");
        $stmt->execute();
    }
 }
- switch($_GET['gettab']) {
+switch (get_value_from_array($_GET, 'gettab')) {
-	case "levels": 
+    case 'levels':
-		$q=mysql_query("SELECT * FROM fundraising_donor_levels WHERE fiscalyear='{$config['FISCALYEAR']}' ORDER BY max");
+        $q = $pdo->prepare("SELECT * FROM fundraising_donor_levels WHERE fiscalyear='{$config['FISCALYEAR']}' ORDER BY max");
-		echo "<div id=\"levelaccordion\" style=\"width: 75%;\">\n";
+        $q->execute();
-		while($r=mysql_fetch_object($q)) {
+        echo "<div id=\"levelaccordion\" style=\"width: 75%;\">\n";
-			echo "<h3><a href=\"#\">$r->level (".format_money($r->min,false)." to ".format_money($r->max,false).")</a></h3>\n";
+        while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-			echo "<div id=\"level_$r->id\">\n";
+            echo "<h3><a href=\"#\">$r->level (" . format_money($r->min, false) . ' to ' . format_money($r->max, false) . ")</a></h3>\n";
            echo "<div id=\"level_$r->id\">\n";
            echo "<form id=\"level_form_$r->id\" onsubmit=\"return level_save($r->id)\">\n";
            echo "<input type=\"hidden\" name=\"id\" value=\"$r->id\">\n";
-            echo "<table style=\"width: 100%;\">";
+            echo '<table style="width: 100%;">';
-            echo "<tr><td>";
+            echo '<tr><td>';
-            echo i18n("Level Name").":</td><td><input type=\"text\" size=\"40\" name=\"level\" value=\"".htmlspecialchars($r->level)."\"></td></tr>\n";
+            echo i18n('Level Name') . ':</td><td><input type="text" size="40" name="level" value="' . htmlspecialchars($r->level) . "\"></td></tr>\n";
-            echo "<tr><td>";
+            echo '<tr><td>';
-            echo i18n("Value Range").":</td><td>\$<input size=\"5\" type=\"text\" name=\"min\" value=\"$r->min\"> to \$<input size=\"5\" type=\"text\" name=\"max\" value=\"$r->max\"><br />\n";
+            echo i18n('Value Range') . ":</td><td>\$<input size=\"5\" type=\"text\" name=\"min\" value=\"$r->min\"> to \$<input size=\"5\" type=\"text\" name=\"max\" value=\"$r->max\"><br />\n";
            echo "</td></tr>\n";
-            echo "<tr><td colspan=\"2\">";
+            echo '<tr><td colspan="2">';
-            echo i18n("Description/Benefits").":<br /><textarea name=\"description\" rows=\"4\" style=\"width: 100%;\">".htmlspecialchars($r->description)."</textarea>";
+            echo i18n('Description/Benefits') . ':<br /><textarea name="description" rows="4" style="width: 100%;">' . htmlspecialchars($r->description) . '</textarea>';
            echo "</td></tr>\n";
            echo "</table>\n";
-            echo "<table style=\"width: 100%;\"><tr><td style=\"width: 50%; text-align: center;\">";
+            echo '<table style="width: 100%;"><tr><td style="width: 50%; text-align: center;">';
-            echo "<input type=\"submit\" value=\"".i18n("Save Level")."\" >";
+            echo '<input type="submit" value="' . i18n('Save Level') . '" >';
-            echo "</td><td style=\"width: 50%; text-align: right;\">";
+            echo '</td><td style="width: 50%; text-align: right;">';
-            echo "<input type=\"button\" value=\"".i18n("Delete Level")."\" onclick=\"return level_delete($r->id)\" >";
+            echo '<input type="button" value="' . i18n('Delete Level') . "\" onclick=\"return level_delete($r->id)\" >";
            echo "</td></tr></table>\n";
-            echo "</form>";
+            echo '</form>';
-			echo "</div>\n";
+            echo "</div>\n";
-		}
+        }
-		echo "<h3><a href=\"#\">Create New Level</a></h3>\n";
+        echo "<h3><a href=\"#\">Create New Level</a></h3>\n";
-		echo "<div id=\"level_new\">\n";
+        echo "<div id=\"level_new\">\n";
-            echo "<form id=\"level_form\" onsubmit=\"return level_save()\">\n";
+        echo "<form id=\"level_form\" onsubmit=\"return level_save()\">\n";
-            echo "<table style=\"width: 100%;\">";
+        echo '<table style="width: 100%;">';
-            echo "<tr><td>";
+        echo '<tr><td>';
-            echo i18n("Level Name").":</td><td><input type=\"text\" size=\"40\" name=\"level\"></td></tr>\n";
+        echo i18n('Level Name') . ":</td><td><input type=\"text\" size=\"40\" name=\"level\"></td></tr>\n";
-            echo "<tr><td>";
+        echo '<tr><td>';
-            echo i18n("Value Range").":</td><td>\$<input size=\"5\" type=\"text\" name=\"min\"> to \$<input size=\"5\" type=\"text\" name=\"max\"><br />\n";
+        echo i18n('Value Range') . ":</td><td>\$<input size=\"5\" type=\"text\" name=\"min\"> to \$<input size=\"5\" type=\"text\" name=\"max\"><br />\n";
-            echo "</td></tr>\n";
+        echo "</td></tr>\n";
-            echo "<tr><td colspan=\"2\">";
+        echo '<tr><td colspan="2">';
-            echo i18n("Description/Benefits").":<br /><textarea name=\"description\" rows=\"4\" style=\"width: 100%;\"></textarea>";
+        echo i18n('Description/Benefits') . ':<br /><textarea name="description" rows="4" style="width: 100%;"></textarea>';
-            echo "</td></tr>\n";
+        echo "</td></tr>\n";
-            echo "</table>\n";
+        echo "</table>\n";
-            echo "<table style=\"width: 100%;\"><tr><td style=\"width: 50%; text-align: center;\">";
+        echo '<table style="width: 100%;"><tr><td style="width: 50%; text-align: center;">';
-            echo "<input type=\"submit\" value=\"".i18n("Create Level")."\">";
+        echo '<input type="submit" value="' . i18n('Create Level') . '">';
-            echo "</td><td style=\"width: 50%; text-align: right;\">";
+        echo '</td><td style="width: 50%; text-align: right;">';
-            echo "</td></tr></table>\n";
+        echo "</td></tr></table>\n";
-            echo "</form>\n";
+        echo "</form>\n";
-		echo "</div>\n";
+        echo "</div>\n";
-		echo "</div>\n";
+        echo "</div>\n";
-	exit;
+        exit;
-	break;
+        break;
-	case "goals": 
+    case 'goals':
-		$q=mysql_query("SELECT * FROM fundraising_goals WHERE fiscalyear='{$config['FISCALYEAR']}' ORDER BY name");
+        $q = $pdo->prepare("SELECT * FROM fundraising_goals WHERE fiscalyear='{$config['FISCALYEAR']}' ORDER BY name");
-		echo "<div id=\"goalaccordion\" style=\"width: 75%;\">\n";
+        $q->execute();
-		while($r=mysql_fetch_object($q)) {
+        echo "<div id=\"goalaccordion\" style=\"width: 75%;\">\n";
-			echo "<h3><a href=\"#\">$r->name (".format_money($r->budget,false).") Deadline: ".format_date($r->deadline)."</a></h3>\n";
+        while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-			echo "<div id=\"goal_$r->id\">\n";
+            echo "<h3><a href=\"#\">$r->name (" . format_money($r->budget, false) . ') Deadline: ' . format_date($r->deadline) . "</a></h3>\n";
            echo "<div id=\"goal_$r->id\">\n";
            echo "<form id=\"goal_form_$r->id\" onsubmit=\"return goal_save($r->id)\">\n";
            echo "<input type=\"hidden\" name=\"id\" value=\"$r->id\">\n";
-            echo "<table style=\"width: 100%;\">";
+            echo '<table style="width: 100%;">';
-            echo "<tr><td>";
+            echo '<tr><td>';
-            echo i18n("Purpose").":</td><td><input type=\"text\" size=\"40\" name=\"name\" value=\"".htmlspecialchars($r->name)."\"></td></tr>\n";
+            echo i18n('Purpose') . ':</td><td><input type="text" size="40" name="name" value="' . htmlspecialchars($r->name) . "\"></td></tr>\n";
-            echo "<tr><td>";
+            echo '<tr><td>';
-            echo i18n("Budget Amount").":</td><td>\$<input size=\"5\" type=\"text\" name=\"budget\" value=\"$r->budget\"></td></tr>";
+            echo i18n('Budget Amount') . ":</td><td>\$<input size=\"5\" type=\"text\" name=\"budget\" value=\"$r->budget\"></td></tr>";
-            echo "<tr><td>";
+            echo '<tr><td>';
-            echo i18n("Deadline").":</td><td><input size=\"9\" type=\"text\" name=\"deadline\" value=\"$r->deadline\"></td></tr>";
+            echo i18n('Deadline') . ":</td><td><input size=\"9\" type=\"text\" name=\"deadline\" value=\"$r->deadline\"></td></tr>";
-            echo "<tr><td colspan=\"2\">";
+            echo '<tr><td colspan="2">';
-            echo i18n("Description").":<br /><textarea name=\"description\" rows=\"4\" style=\"width: 100%;\">".htmlspecialchars($r->description)."</textarea>";
+            echo i18n('Description') . ':<br /><textarea name="description" rows="4" style="width: 100%;">' . htmlspecialchars($r->description) . '</textarea>';
            echo "</td></tr>\n";
            echo "</table>\n";
-            echo "<table style=\"width: 100%;\"><tr><td style=\"width: 50%; text-align: center;\">";
+            echo '<table style="width: 100%;"><tr><td style="width: 50%; text-align: center;">';
-            echo "<input type=\"submit\" value=\"".i18n("Save Purpose")."\" >";
+            echo '<input type="submit" value="' . i18n('Save Purpose') . '" >';
-            echo "</td><td style=\"width: 50%; text-align: right;\">";
+            echo '</td><td style="width: 50%; text-align: right;">';
-            echo "<input type=\"button\" value=\"".i18n("Delete Purpose")."\" onclick=\"return goal_delete($r->id)\" >";
+            echo '<input type="button" value="' . i18n('Delete Purpose') . "\" onclick=\"return goal_delete($r->id)\" >";
            echo "</td></tr></table>\n";
-            echo "</form>";
+            echo '</form>';
-			echo "</div>\n";
+            echo "</div>\n";
-		}
+        }
-		echo "<h3><a href=\"#\">Create New Purpose</a></h3>\n";
+        echo "<h3><a href=\"#\">Create New Purpose</a></h3>\n";
-		echo "<div id=\"goal_new\">\n";
+        echo "<div id=\"goal_new\">\n";
-            echo "<form id=\"goal_form\" onsubmit=\"return goal_save()\">\n";
+        echo "<form id=\"goal_form\" onsubmit=\"return goal_save()\">\n";
-            echo "<table style=\"width: 100%;\">";
+        echo '<table style="width: 100%;">';
-            echo "<tr><td>";
+        echo '<tr><td>';
-            echo i18n("Purpose Name").":</td><td><input type=\"text\" size=\"40\" name=\"name\"></td></tr>\n";
+        echo i18n('Purpose Name') . ":</td><td><input type=\"text\" size=\"40\" name=\"name\"></td></tr>\n";
-            echo "<tr><td>";
+        echo '<tr><td>';
-            echo i18n("Budget Amount").":</td><td>\$<input size=\"5\" type=\"text\" name=\"budget\"></td></tr>";
+        echo i18n('Budget Amount') . ':</td><td>$<input size="5" type="text" name="budget"></td></tr>';
-            echo "<tr><td>";
+        echo '<tr><td>';
-            echo i18n("Deadline").":</td><td><input size=\"9\" type=\"text\" name=\"deadline\"></td></tr>";
+        echo i18n('Deadline') . ':</td><td><input size="9" type="text" name="deadline"></td></tr>';
-            echo "<tr><td colspan=\"2\">";
+        echo '<tr><td colspan="2">';
-            echo i18n("Description").":<br /><textarea name=\"description\" rows=\"4\" style=\"width: 100%;\"></textarea>";
+        echo i18n('Description') . ':<br /><textarea name="description" rows="4" style="width: 100%;"></textarea>';
-            echo "</td></tr>\n";
+        echo "</td></tr>\n";
-            echo "</table>\n";
+        echo "</table>\n";
-            echo "<table style=\"width: 100%;\"><tr><td style=\"width: 50%; text-align: center;\">";
+        echo '<table style="width: 100%;"><tr><td style="width: 50%; text-align: center;">';
-            echo "<input type=\"submit\" value=\"".i18n("Create Purpose")."\">";
+        echo '<input type="submit" value="' . i18n('Create Purpose') . '">';
-            echo "</td><td style=\"width: 50%; text-align: right;\">";
+        echo '</td><td style="width: 50%; text-align: right;">';
-            echo "</td></tr></table>\n";
+        echo "</td></tr></table>\n";
-            echo "</form>\n";
+        echo "</form>\n";
-		echo "</div>\n";
+        echo "</div>\n";
-		echo "</div>\n";
+        echo "</div>\n";
        exit;
        break;
-    exit;
+    case 'setup':
-	break;
+        echo '<form id="setup_form" onsubmit="return setup_save()">';
-
+        echo '<table cellspacing=3 cellpadding=3>';
-	case "setup": 
+        echo '<tr><td>' . i18n('Current Fiscal Year') . '</td><td>';
        echo "<form id=\"setup_form\" onsubmit=\"return setup_save()\">";
        echo "<table cellspacing=3 cellpadding=3>";
        echo "<tr><td>".i18n("Current Fiscal Year")."</td><td>";
        echo $config['FISCALYEAR'];
        echo "</td></tr>\n";
-        echo "<tr><td>".i18n("Fiscal Year End")."</td><td>";
+        echo '<tr><td>' . i18n('Fiscal Year End') . '</td><td>';
-        list($month,$day)=explode("-",$config['fiscal_yearend']);
+        list($month, $day) = explode('-', $config['fiscal_yearend']);
-        emit_month_selector("fiscalendmonth",$month);
+        emit_month_selector('fiscalendmonth', $month);
-        emit_day_selector("fiscalendday",$day);
+        emit_day_selector('fiscalendday', $day);
        echo "</td></tr>\n";
-        echo "<tr><td>".i18n("Is your organization a registered charity?")."</td>";
+        echo '<tr><td>' . i18n('Is your organization a registered charity?') . '</td>';
-        echo "<td>";
+        echo '<td>';
-        if($config['registered_charity']=="yes") $ch="checked=\"checked\""; else $ch="";
+        if ($config['registered_charity'] == 'yes')
-        echo "<label><input $ch type=\"radio\" name=\"registeredcharity\" value=\"yes\" id=\"registeredcharity_yes\" onchange=\"charitychange()\">".i18n("Yes")."</label>";
+            $ch = 'checked="checked"';
-        echo "&nbsp;&nbsp;&nbsp;";
+        else
-        if($config['registered_charity']=="no") $ch="checked=\"checked\""; else $ch="";
+            $ch = '';
-        echo "<label><input $ch type=\"radio\" name=\"registeredcharity\" value=\"no\" id=\"registeredcharity_no\" onchange=\"charitychange()\">".i18n("No")."</label>";
+        echo "<label><input $ch type=\"radio\" name=\"registeredcharity\" value=\"yes\" id=\"registeredcharity_yes\" onchange=\"charitychange()\">" . i18n('Yes') . '</label>';
        echo '&nbsp;&nbsp;&nbsp;';
        if ($config['registered_charity'] == 'no')
            $ch = 'checked="checked"';
        else
            $ch = '';
        echo "<label><input $ch type=\"radio\" name=\"registeredcharity\" value=\"no\" id=\"registeredcharity_no\" onchange=\"charitychange()\">" . i18n('No') . '</label>';
        echo "</td></tr>\n";
-        echo "<tr>";
+        echo '<tr>';
-        echo "<td>".i18n("Charity Registration Number")."</td><td><input type=\"text\" name=\"charitynumber\" id=\"charitynumber\" value=\"{$config['charity_number']}\"></td>";
+        echo '<td>' . i18n('Charity Registration Number') . "</td><td><input type=\"text\" name=\"charitynumber\" id=\"charitynumber\" value=\"{$config['charity_number']}\"></td>";
-        echo "</tr>";
+        echo '</tr>';
-        echo "<tr><td colspan=\"2\" style=\"text-align: center;\"><input type=\"submit\" value=\"".i18n("Save")."\"></td></tr>\n";
+        echo '<tr><td colspan="2" style="text-align: center;"><input type="submit" value="' . i18n('Save') . "\"></td></tr>\n";
        echo "</table>\n";
        echo "</form>\n";
    exit;
 	break;
 }
 switch($_GET['action']) {
        case "level_save":
           $id=$_POST['id'];
           if(! ($_POST['level'] && $_POST['min'] && $_POST['max'])) {
                error_("Level name, minimum and maximum value range are required");
                exit;
           }
           if($_POST['min']>=$_POST['max']) {
                error_("Value range minimum must be smaller than range maximum");
                exit;
           }
           if($id) {
                mysql_query("UPDATE fundraising_donor_levels SET
                    min='".mysql_real_escape_string($_POST['min'])."',
                    max='".mysql_real_escape_string($_POST['max'])."',
                    level='".mysql_real_escape_string(stripslashes($_POST['level']))."',
                    description='".mysql_real_escape_string(stripslashes($_POST['description']))."'
                    WHERE id='$id' AND fiscalyear='{$config['FISCALYEAR']}'
                    ");
                happy_("Level Saved");
            }
            else {
                mysql_query("INSERT INTO fundraising_donor_levels (`level`,`min`,`max`,`description`,`fiscalyear`) VALUES (
                '".mysql_real_escape_string($_POST['level'])."',
                '".mysql_real_escape_string($_POST['min'])."',
                '".mysql_real_escape_string($_POST['max'])."',
                '".mysql_real_escape_string($_POST['description'])."',
                '{$config['FISCALYEAR']}')");
                happy_("Level Created");
            }
        exit;
        break;
-        case "level_delete":
+}
           $id=$_POST['id'];
           mysql_query("DELETE FROM fundraising_donor_levels WHERE id='$id' AND fiscalyear='{$config['FISCALYEAR']}'");
           happy_("Level Deleted");
       exit;
       break;
-        case "goal_save":
+switch (get_value_from_array($_GET, 'action')) {
-           $id=$_POST['id'];
+    case 'level_save':
-           if(! ($_POST['name'] && $_POST['budget'])) {
+        $id = $_POST['id'];
-                error_("Purpose name and budget are required");
+        if (!($_POST['level'] && $_POST['min'] && $_POST['max'])) {
-                exit;
+            error_('Level name, minimum and maximum value range are required');
-           }
+            exit;
-           if($id) {
+        }
-                mysql_query("UPDATE fundraising_goals SET
+        if ($_POST['min'] >= $_POST['max']) {
-                    budget='".mysql_real_escape_string($_POST['budget'])."',
+            error_('Value range minimum must be smaller than range maximum');
-                    deadline='".mysql_real_escape_string($_POST['deadline'])."',
+            exit;
-                    name='".mysql_real_escape_string(stripslashes($_POST['name']))."',
+        }
-                    description='".mysql_real_escape_string(stripslashes($_POST['description']))."'
+
        if ($id) {
            $stmt = $pdo->prepare("UPDATE fundraising_donor_levels SET
                    min='" . $_POST['min'] . "',
                    max='" . $_POST['max'] . "',
                    level='" . stripslashes($_POST['level']) . "',
                    description='" . stripslashes($_POST['description']) . "'
                    WHERE id='$id' AND fiscalyear='{$config['FISCALYEAR']}'
                    ");
-                happy_("Purpose Saved");
+            $stmt->execute();
-            }
+            happy_('Level Saved');
-            else {
+        } else {
-                $goal=strtolower($_POST['name']);
+            $stmt = $pdo->prepare("INSERT INTO fundraising_donor_levels (`level`,`min`,`max`,`description`,`fiscalyear`) VALUES (
-                $goal=ereg_replace("[^a-z]","",$goal);
+                '" . $_POST['level'] . "',
-                $q=mysql_query("SELECT * FROM fundraising_goals WHERE goal='$goal' AND fiscalyear='{$config['FISCALYEAR']}'");
+                '" . $_POST['min'] . "',
-                echo mysql_error();
+                '" . $_POST['max'] . "',
-                if(mysql_num_rows($q)) {
+                '" . $_POST['description'] . "',
                    error_("The automatically generated purpose key (%1) generated from (%2) is not unique.  Please try a different Purpose Name",array($goal,$_POST['name']));
                    exit;
                }
                mysql_query("INSERT INTO fundraising_goals (`goal`,`name`,`budget`,`deadline`,`description`,`fiscalyear`) VALUES (
                '".mysql_real_escape_string($goal)."',
                '".mysql_real_escape_string($_POST['name'])."',
                '".mysql_real_escape_string($_POST['budget'])."',
                '".mysql_real_escape_string($_POST['deadline'])."',
                '".mysql_real_escape_string($_POST['description'])."',
                '{$config['FISCALYEAR']}')");
-                happy_("Purpose Created");
+            $stmt->execute();
-            }
+            happy_('Level Created');
        }
        exit;
        break;
    case 'level_delete':
        $id = $_POST['id'];
        $stmt = $pdo->prepare("DELETE FROM fundraising_donor_levels WHERE id='$id' AND fiscalyear='{$config['FISCALYEAR']}'");
        $stmt->execute();
        happy_('Level Deleted');
        exit;
        break;
        case "goal_delete":
           $id=$_POST['id'];
           //they cant delete system ones
           $q=mysql_query("SELECT * FROM fundraising_goals WHERE id='$id' AND fiscalyear='{$config['FISCALYEAR']}'");
           if(!$r=mysql_fetch_object($q)) {
               error_("Invalid goal to delete");
               exit;
           }
           if($r->system=="yes") {
               error_("Fundraising goals created automatically and used by the system cannot be deleted");
               exit;
           }
           $q=mysql_query("SELECT * FROM fundraising_donations WHERE fundraising_goal='$r->goal' AND fiscalyear='{$config['FISCALYEAR']}'");
           if(mysql_num_rows($q)) {
               error_("This goal already has donations assigned to it, it cannot be deleted");
               exit;
           }
-           mysql_query("DELETE FROM fundraising_goals WHERE id='$id' AND fiscalyear='{$config['FISCALYEAR']}'");
+    case 'goal_save':
-           happy_("Purpose Deleted");
+        $id = $_POST['id'];
-       exit;
+        if (!($_POST['name'] && $_POST['budget'])) {
-       break;
+            error_('Purpose name and budget are required');
            exit;
        }
        if ($id) {
            $stmt = $pdo->prepare("UPDATE fundraising_goals SET
                    budget='" . $_POST['budget'] . "',
                    deadline='" . $_POST['deadline'] . "',
                    name='" . stripslashes($_POST['name']) . "',
                    description='" . stripslashes($_POST['description']) . "'
                    WHERE id='$id' AND fiscalyear='{$config['FISCALYEAR']}'
                    ");
            $stmt->execute();
            happy_('Purpose Saved');
        } else {
            $goal = strtolower($_POST['name']);
            $goal = preg_replace('[^a-z]', '', $goal);
            echo "SELECT * FROM fundraising_goals WHERE goal='$goal' AND fiscalyear='{$config['FISCALYEAR']}'";
            $q = $pdo->prepare("SELECT * FROM fundraising_goals WHERE goal='$goal' AND fiscalyear='{$config['FISCALYEAR']}'");
            $q->execute();
            show_pdo_errors_if_any($pdo);
            if ($q->rowCount()) {
                error_('The automatically generated purpose key (%1) generated from (%2) is not unique.  Please try a different Purpose Name', array($goal, $_POST['name']));
                exit;
            }
-       case "setup_save":
+            $stmt = $pdo->prepare("INSERT INTO fundraising_goals (`goal`,`name`,`budget`,`deadline`,`description`,`fiscalyear`) VALUES (
-       $fye=sprintf("%02d-%02d",intval($_POST['fiscalendmonth']),intval($_POST['fiscalendday']));
+                '" . $goal . "',
-       mysql_query("UPDATE config SET val='$fye' WHERE var='fiscal_yearend' AND conferences_id='{$conference['id']}'");
+                '" . $_POST['name'] . "',
-       mysql_query("UPDATE config SET val='".mysql_real_escape_string($_POST['registeredcharity'])."' WHERE var='registered_charity' AND conferences_id='{$conference['id']}'");
+                '" . $_POST['budget'] . "',
-       mysql_query("UPDATE config SET val='".mysql_real_escape_string($_POST['charitynumber'])."' WHERE var='charity_number' AND conferences_id='{$conference['id']}'");
+                '" . $_POST['deadline'] . "',
-       happy_("Fundraising module setup saved");
+                '" . $_POST['description'] . "',
-       exit;
+                '{$config['FISCALYEAR']}')");
-       break;
+            $stmt->execute();
            happy_('Purpose Created');
        }
        exit;
        break;
    case 'goal_delete':
        $id = $_POST['id'];
        // they cant delete system ones
        $q = $pdo->prepare("SELECT * FROM fundraising_goals WHERE id='$id' AND fiscalyear='{$config['FISCALYEAR']}'");
        $q->execute();
        if (!$r = $q->fetch(PDO::FETCH_OBJ)) {
            error_('Invalid goal to delete');
            exit;
        }
        if ($r->system == 'yes') {
            error_('Fundraising goals created automatically and used by the system cannot be deleted');
            exit;
        }
        $q = $pdo->prepare("SELECT * FROM fundraising_donations WHERE fundraising_goal='$r->goal' AND fiscalyear='{$config['FISCALYEAR']}'");
        $q->execute();
        if ($q->rowCount()) {
            error_('This goal already has donations assigned to it, it cannot be deleted');
            exit;
        }
- }
+        $stmt = $pdo->prepare("DELETE FROM fundraising_goals WHERE id='$id' AND fiscalyear='{$config['FISCALYEAR']}'");
        $stmt->execute();
        happy_('Purpose Deleted');
        exit;
        break;
- send_header("Fundraising Setup",
+    case 'setup_save':
-		array('Committee Main' => 'committee_main.php',
+        $fye = sprintf('%02d-%02d', intval($_POST['fiscalendmonth']), intval($_POST['fiscalendday']));
-			'Administration' => 'admin/index.php',
+
-			'Fundraising' => 'admin/fundraising.php')
+        $stmt = $pdo->prepare("UPDATE config SET val='$fye' WHERE var='fiscal_yearend' AND year='{$config['FAIRYEAR']}'");
-		);
+        $stmt->execute();
        $stmt = $pdo->prepare("UPDATE config SET val='" . $_POST['registeredcharity'] . "' WHERE var='registered_charity' AND year='{$config['FAIRYEAR']}'");
        $stmt->execute();
        $stmt = $pdo->prepare("UPDATE config SET val='" . $_POST['charitynumber'] . "' WHERE var='charity_number' AND year='{$config['FAIRYEAR']}'");
        $stmt->execute();
        happy_('Fundraising module setup saved');
        exit;
        break;
 }
 send_header('Fundraising Setup',
    array('Committee Main' => 'committee_main.php',
        'Administration' => 'admin/index.php',
        'Fundraising' => 'admin/fundraising.php'));
 ?>
 <script type="text/javascript">
@ -320,32 +346,48 @@
 $(document).ready(function() {
    $("#editor_tabs").tabs({
-        show: function(event, ui) {
+        create: function(event, ui) {
-            switch(ui.panel.id) {
+            update_levels();
-                case 'editor_tab_levels':
+			update_goals();
-                    update_levels();
+            update_setup();
                    break;
                case 'editor_tab_goals':
                    update_goals();
                    break;
                break;
                case 'editor_tab_setup':
                    update_setup();
                    break;
                break;
            }
        },
-        selected: 0
+		activate: function( event, ui ) {
-    });
+			update_levels();
 			update_goals();
            update_setup();
 		},
 		selected: 1
 	});
-//    $("#organizationinfo_fundingselectiondate").datepicker({ dateFormat: 'yy-mm-dd', showOn: 'button', buttonText: "<?=i18n("calendar")?>" });
+    // $("#editor_tabs").tabs({
    //     show: function(event, ui) {
    //         switch(ui.panel.id) {
    //             case 'editor_tab_levels':
    //                 update_levels();
    //                 break;
    //             case 'editor_tab_goals':
    //                 update_goals();
    //                 break;
    //             break;
    //             case 'editor_tab_setup':
    //                 update_setup();
    //                 break;
    //             break;
    //         }
    //     },
    //     selected: 0
    // });
 //    $("#organizationinfo_fundingselectiondate").datepicker({ dateFormat: 'yy-mm-dd', showOn: 'button', buttonText: "<?= i18n('calendar') ?>" });
 });
 function update_levels() {
 	$("#editor_tab_levels").load("fundraising_setup.php?gettab=levels",null,
 			function() {
-					$("#levelaccordion").accordion();
+					$("#levelaccordion").accordion({
                        heightStyle: "content"
                    });
 			}
    );
 }
@ -369,7 +411,9 @@ function level_delete(id) {
 function update_goals() {
 	$("#editor_tab_goals").load("fundraising_setup.php?gettab=goals",null,
 			function() {
-					$("#goalaccordion").accordion();
+					$("#goalaccordion").accordion({
                        heightStyle: "content"
                    });
                    $("[name=deadline]").datepicker({ dateFormat: 'yy-mm-dd'});
 			}
    );
@ -400,7 +444,7 @@ function goal_delete(id) {
 }
 function charitychange() {
-    if($("input[@name='registeredcharity']:checked").val()=="yes") {
+    if($("input[name='registeredcharity']:checked").val()=="yes") {
        $("#charitynumber").attr("disabled","");
    }
    else {
@ -415,9 +459,9 @@ function charitychange() {
 <div id="setup" style="width: 780px;">
    <div id="editor_tabs">
        <ul>
-            <li><a href="#editor_tab_setup"><span><?=i18n('Module Setup')?></span></a></li>
+            <li><a href="#editor_tab_setup"><span><?= i18n('Module Setup') ?></span></a></li>
-            <li><a href="#editor_tab_levels"><span><?=i18n('Fundraising Levels')?></span></a></li>
+            <li><a href="#editor_tab_levels"><span><?= i18n('Fundraising Levels') ?></span></a></li>
-            <li><a href="#editor_tab_goals"><span><?=i18n('Fundraising Purposes')?></span></a></li>
+            <li><a href="#editor_tab_goals"><span><?= i18n('Fundraising Purposes') ?></span></a></li>
        </ul>
        <div id="editor_tab_setup">
--- a/admin/fundraising_sponsorship.php
+++ b/admin/fundraising_sponsorship.php
@ -0,0 +1,170 @@
 <?
 /*
 * This file is part of the 'Science Fair In A Box' project
 * SFIAB Website: http://www.sfiab.ca
 *
 * Copyright (C) 2008 James Grant <james@lightbox.org>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public
 * License as published by the Free Software Foundation, version 2.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 *  General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
 require ('../common.inc.php');
 require_once ('../user.inc.php');
 user_auth_required('committee', 'admin');
 if ($_GET['id']) {
 	$id = intval($_GET['id']);
 	$q = $pdo->prepare("SELECT fundraising_donations.*, sponsors.organization FROM fundraising_donations,sponsors WHERE fundraising_donations.id='$id' AND fundraising_donations.sponsors_id=sponsors.id");
 	$q->execute();
 	$sponsorship = $q->fetch(PDO::FETCH_OBJ);
 	$formaction = 'sponsorshipedit';
 } else {
 	$formaction = 'sponsorshipadd';
 	$fundraising_type = $_GET['fundraising_type'];
 }
 ?>
 <script type="text/javascript">
 function typechange() { 
    var t=($("[name=sponsortype]:checked").val());
    if(t=="organization") {
        $("#sponsor_type_organization").show();
        $("#sponsor_type_individual").hide();
    } else {
        $("#sponsor_type_organization").hide();
        $("#sponsor_type_individual").show();
    }
 }
 </script>
 <?
 echo '<form id="fundraisingsponsorship">';
 echo "<input type=\"hidden\" name=\"action\" value=\"$formaction\">";
 echo "<input type=\"hidden\" name=\"fundraising_donations_id\" value=\"$id\">";
 echo '<table cellspacing=0 cellpadding=0 class="tableedit">';
 if ($formaction == 'sponsorshipadd') {
 	echo '<tr><th>' . i18n('Donor Type') . '</th>';
 	echo '<td>';
 	echo '<input onchange="typechange()" type="radio" name="sponsortype" value="organization"> ' . i18n('Organization');
 	echo '&nbsp;';
 	echo '&nbsp;';
 	echo '&nbsp;';
 	echo '<input onchange="typechange()" type="radio" name="sponsortype" value="individual"> ' . i18n('Individual');
 	echo "</td></tr>\n";
 	echo '<tr><th>' . i18n('Donor') . '</th>';
 	echo '<td>';
 	$q = $pdo->prepare('SELECT * FROM sponsors ORDER BY organization');
 	$q->execute();
 	show_pdo_errors_if_any($pdo);
 	echo '<span id="sponsor_type_organization" style="display: none;">';
 	echo '<select name="sponsors_id">';
 	echo '<option value="">' . i18n('Choose') . "</option>\n";
 	while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 		if ($r->id == $sponsorship->sponsors_id)
 			$sel = 'selected="selected"';
 		else
 			$sel = '';
 		echo "<option $sel value=\"$r->id\">$r->organization</option>\n";
 	}
 	echo '</select>&nbsp;<a href="donors.php?action=add">' . i18n('Add') . "</a>\n";
 	echo '</span>';
 	$q = $pdo->prepare("SELECT users.*, MAX(year) AS year FROM users WHERE (firstname!='' AND lastname!='') GROUP BY uid HAVING deleted='no' ORDER BY lastname,firstname");
 	$q->execute();
 	show_pdo_errors_if_any($pdo);
 	echo '<span id="sponsor_type_individual" style="display: none;">';
 	echo '<select name="users_uid">';
 	echo '<option value="">' . i18n('Choose') . "</option>\n";
 	while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 		if ($r->uid == $sponsorship->users_uid)
 			$sel = 'selected="selected"';
 		else
 			$sel = '';
 		echo "<option $sel value=\"$r->uid\">[$r->year][$r->uid] $r->lastname, $r->firstname ($r->email)</option>\n";
 	}
 	echo '</span>';
 } else {
 	echo '<tr><th>' . i18n('Donor Type') . '</th>';
 	echo '<td>';
 	if ($sponsorship->sponsors_id)
 		echo i18n('Organization');
 	else
 		echo i18n('Individual');
 	echo "</td></tr>\n";
 	echo '<tr><th>' . i18n('Donor') . '</th>';
 	echo '<td>';
 	echo $sponsorship->organization;
 }
 echo "</td></tr>\n";
 echo '<tr><th>' . i18n('Donation Allocation') . '</th>';
 echo '<td>';
 $q = $pdo->prepare("SELECT * FROM fundraising WHERE year='{$config['FAIRYEAR']}' ORDER BY name");
 $q->execute();
 show_pdo_errors_if_any($pdo);
 echo '<select name="fundraising_type">';
 echo '<option value="">' . i18n('Choose') . "</option>\n";
 while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 	if ($r->type == $sponsorship->fundraising_type || $r->type == $fundraising_type)
 		$sel = 'selected="selected"';
 	else
 		$sel = '';
 	echo "<option $sel value=\"$r->type\">$r->name</option>\n";
 }
 echo "</select>\n";
 echo "</td></tr>\n";
 echo '<tr><th>' . i18n('Amount') . "</th><td><input type=\"text\" name=\"value\" value=\"$sponsorship->value\"></td></tr>\n";
 echo '<tr><th>' . i18n('Status') . '</th>';
 echo '<td>';
 echo '<select name="status">';
 echo '<option value="">' . i18n('Choose') . "</option>\n";
 $statuses = array('pending', 'confirmed', 'received');
 foreach ($statuses AS $status) {
 	if ($sponsorship->status == $status)
 		$sel = 'selected="selected"';
 	else
 		$sel = '';
 	echo "<option $sel value=\"$status\">" . i18n(ucfirst($status)) . "</option>\n";
 }
 echo "</select>\n";
 echo "</td></tr>\n";
 echo '<tr><th>' . i18n('Probability') . '</th>';
 echo '<td>';
 echo '<select name="probability">';
 echo '<option value="">' . i18n('Choose') . "</option>\n";
 $probs = array('25', '50', '75', '90', '95', '99', '100');
 foreach ($probs AS $prob) {
 	if ($sponsorship->probability == $prob)
 		$sel = 'selected="selected"';
 	else
 		$sel = '';
 	echo "<option $sel value=\"$prob\">$prob%</option>\n";
 }
 echo "</select>\n";
 echo "</td></tr>\n";
 echo "</table>\n";
 echo "</form>\n";
 ?>
--- a/admin/fundraising_sponsorship_handler.inc.php
+++ b/admin/fundraising_sponsorship_handler.inc.php
@ -1,83 +1,86 @@
 <?
-if($_POST['action']=="sponsorshipdelete") {
+if ($_POST['action'] == 'sponsorshipdelete') {
-	mysql_query("DELETE FROM fundraising_donations WHERE id='".intval($_POST['delete'])."'");
+	$stmt = $pdo->prepare("DELETE FROM fundraising_donations WHERE id='" . intval($_POST['delete']) . "'");
-	if(mysql_affected_rows())
+	$stmt->execute();
-		happy_("Successfully removed sponsorship");
+	if ($pdo->rowCount())
-   exit;
+		happy_('Successfully removed sponsorship');
 	exit;
 }
-if($_POST['action']=="sponsorshipedit" || $_POST['action']=="sponsorshipadd") {
+if ($_POST['action'] == 'sponsorshipedit' || $_POST['action'] == 'sponsorshipadd') {
-	$sponsors_id=intval($_POST['sponsors_id']);
+	$sponsors_id = intval($_POST['sponsors_id']);
-	$fundraising_donations_id=intval($_POST['fundraising_donations_id']);
+	$fundraising_donations_id = intval($_POST['fundraising_donations_id']);
-	$fundraising_type=mysql_real_escape_string($_POST['fundraising_type']);
+	$fundraising_type = $_POST['fundraising_type'];
 	$value=mysql_real_escape_string($_POST['value']);
 	$status=mysql_real_escape_string($_POST['status']);
 	$probability=mysql_real_escape_string($_POST['probability']);
-	if($status=="confirmed" || $status=="received") $probability="100";
+	$value = $_POST['value'];
-	if($probability==100 && $status=="pending") $status="confirmed";
+	$status = $_POST['status'];
 	$probability = $_POST['probability'];
 	if ($status == 'confirmed' || $status == 'received')
 		$probability = '100';
 	if ($probability == 100 && $status == 'pending')
 		$status = 'confirmed';
 }
-if($_POST['action']=="sponsorshipedit") {
+if ($_POST['action'] == 'sponsorshipedit') {
-
+	if ($fundraising_donations_id && $fundraising_type && $value) {
-	if($fundraising_donations_id && $fundraising_type && $value) {
+		$q = $pdo->prepare("SELECT * FROM fundraising_donations WHERE id='$fundraising_donations_id'");
-		$q=mysql_query("SELECT * FROM fundraising_donations WHERE id='$fundraising_donations_id'");
+		$q->execute();
-		$current=mysql_fetch_object($q);
+		$current = $q->fetch(PDO::FETCH_OBJ);
 		unset($log);
-		$log=array();
+		$log = array();
-		if($current->fundraising_type!=$fundraising_type)
+		if ($current->fundraising_type != $fundraising_type)
-			$log[]="Changed sponsorship type from $current->fundraising_type to $fundraising_type";
+			$log[] = "Changed sponsorship type from $current->fundraising_type to $fundraising_type";
-		if($current->value!=$value)
+		if ($current->value != $value)
-			$log[]="Changed sponsorship value from $current->value to $value";
+			$log[] = "Changed sponsorship value from $current->value to $value";
-		if($current->status!=$status)
+		if ($current->status != $status)
-			$log[]="Changed sponsorship status from $current->status to $status";
+			$log[] = "Changed sponsorship status from $current->status to $status";
-		if($current->probability!=$probability)
+		if ($current->probability != $probability)
-			$log[]="Changed sponsorship probability from $current->probability to $probability";
+			$log[] = "Changed sponsorship probability from $current->probability to $probability";
-		if(count($log)) {
+		if (count($log)) {
-			mysql_query("UPDATE fundraising_donations SET fundraising_type='$fundraising_type', value='$value', status='$status', probability='$probability' WHERE id='$fundraising_donations_id'");
+			$stmt = $pdo->prepare("UPDATE fundraising_donations SET fundraising_type='$fundraising_type', value='$value', status='$status', probability='$probability' WHERE id='$fundraising_donations_id'");
-
+			$stmt->execute();
-			foreach($log AS $l) {
+			foreach ($log AS $l) {
-					mysql_query("INSERT INTO fundraising_donor_logs (sponsors_id,dt,users_id,log) VALUES (
+				$stmt = $pdo->prepare("INSERT INTO fundraising_donor_logs (sponsors_id,dt,users_id,log) VALUES (
 						'$current->sponsors_id',
 						NOW(),
-						'".$_SESSION['users_id']."',
+						'" . $_SESSION['users_id'] . "',
-						'".mysql_real_escape_string($l)."')");
+						'" . $l . "')");
-
+				$stmt->execute();
 			}
-			if(mysql_error())
+			if ($pdo->errorInfo())
-				echo error_(mysql_error());
+				echo error_($pdo->errorInfo());
 			else
-                echo happy_("Saved sponsorship changes");
+				echo happy_('Saved sponsorship changes');
-		}
+		} else
-		else
+			echo error_('No changes were made');
-			echo error_("No changes were made");
+	} else {
 		echo error_('Required fields were missing, please try again' . print_r($_POST, true));
 	}
-	else {
+	exit;
 		echo error_("Required fields were missing, please try again".print_r($_POST,true));
 	}
   exit;
 }
-if($_POST['action']=="sponsorshipadd") {
+if ($_POST['action'] == 'sponsorshipadd') {
-	if($sponsors_id && $fundraising_type && $value) {
+	if ($sponsors_id && $fundraising_type && $value) {
-		mysql_query("INSERT INTO fundraising_donations (sponsors_id,fundraising_type,value,status,probability,fiscalyear) VALUES ('$sponsors_id','$fundraising_type','$value','$status','$probability','{$config['FISCALYEAR']}')");
+		$stmt = $pdo->prepare("INSERT INTO fundraising_donations (sponsors_id,fundraising_type,value,status,probability,fiscalyear) VALUES ('$sponsors_id','$fundraising_type','$value','$status','$probability','{$config['FISCALYEAR']}')");
-		mysql_query("INSERT INTO fundraising_donor_logs (sponsors_id,dt,users_id,log) VALUES (
+		$stmt->execute();
 		$stmt = $pdo->prepare("INSERT INTO fundraising_donor_logs (sponsors_id,dt,users_id,log) VALUES (
 		$stmt->execute();
 			'$sponsors_id',
 			NOW(),
-			'".$_SESSION['users_id']."',
+			'" . $_SESSION['users_id'] . "',
-			'".mysql_real_escape_string("Created sponsorship: type=$fundraising_type, value=\$$value, status=$status, probability=$probability%")."')");
+			'" . "Created sponsorship: type=$fundraising_type, value=\$$value, status=$status, probability=$probability%") . "')";
-		happy_("Added new sponsorship");
+		happy_('Added new sponsorship');
-	}
+	} else
-	else
+		error_('Required fields were missing, please try again');
-		error_("Required fields were missing, please try again");
+	if ($pdo->errorInfo())
-	if(mysql_error())
+		error_($pdo->errorInfo());
-		error_(mysql_error());
+	exit;
   exit;
 }
 ?>
--- a/admin/fundraising_types.php
+++ b/admin/fundraising_types.php
@ -1,60 +1,60 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2008 James Grant <james@lightbox.org>
+/*
-
+ * This file is part of the 'Science Fair In A Box' project
-   This program is free software; you can redistribute it and/or
+ * SFIAB Website: http://www.sfiab.ca
-   modify it under the terms of the GNU General Public
+ *
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2008 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
-	require("../common.inc.php");
+require ('../common.inc.php');
-	require_once("../user.inc.php");
+require_once ('../user.inc.php');
-	user_auth_required('admin');
+user_auth_required('committee', 'admin');
-	if($_GET['id']) {
+if ($_GET['id']) {
-		$id=intval($_GET['id']);
+	$id = intval($_GET['id']);
-		$q=mysql_query("SELECT * FROM fundraising WHERE id='$id'");
+	$q = $pdo->prepare("SELECT * FROM fundraising WHERE id='$id'");
 	$q->execute();
 	//	echo "<h2>Edit Fund</h2>";
-		$fund=mysql_fetch_object($q);
+	$fund = $q->fetch(PDO::FETCH_OBJ);
-		$formaction="fundedit";
+	$formaction = 'fundedit';
-	}
+} else {
 	else {
 	//	echo "<h2>Create New Fund</h2>";
-		$formaction="fundadd";
+	$formaction = 'fundadd';
-	}
+}
-    echo "<form id=\"fundraisingfundraising\">";
+echo '<form id="fundraisingfundraising">';
-	echo "<input type=\"hidden\" name=\"action\" value=\"$formaction\">";
+echo "<input type=\"hidden\" name=\"action\" value=\"$formaction\">";
-	echo "<input type=\"hidden\" name=\"fundraising_id\" value=\"$id\">";
+echo "<input type=\"hidden\" name=\"fundraising_id\" value=\"$id\">";
-	echo "<table class=\"tableedit\" style=\"width: 90%;\">";
+echo '<table class="tableedit" style="width: 90%;">';
-	if($fund->system=="yes") {
+if ($fund->system == 'yes') {
-		echo "<tr><th>".i18n("Type")."</th><td>".i18n("System (non-editable)")."</td></tr>\n";
+	echo '<tr><th>' . i18n('Type') . '</th><td>' . i18n('System (non-editable)') . "</td></tr>\n";
-		echo "<tr><th>".i18n("Name")."</th><td>".htmlspecialchars($fund->name)."</td></tr>\n";
+	echo '<tr><th>' . i18n('Name') . '</th><td>' . htmlspecialchars($fund->name) . "</td></tr>\n";
-		echo "<tr><th>".i18n("Key")."</th><td>".htmlspecialchars($fund->type)."</td></tr>\n";
+	echo '<tr><th>' . i18n('Key') . '</th><td>' . htmlspecialchars($fund->type) . "</td></tr>\n";
-	}
+} else {
-	else {
+	echo '<tr><th>' . i18n('Type') . '</th><td>' . i18n('Custom (editable)') . "</td></tr>\n";
-		echo "<tr><th>".i18n("Type")."</th><td>".i18n("Custom (editable)")."</td></tr>\n";
+	echo '<tr><th>' . i18n('Name') . '</th><td><input type="text" name="name" value="' . htmlspecialchars($fund->name) . "\"></td></tr>\n";
-		echo "<tr><th>".i18n("Name")."</th><td><input type=\"text\" name=\"name\" value=\"".htmlspecialchars($fund->name)."\"></td></tr>\n";
+	echo '<tr><th>' . i18n('Key') . '</th><td><input type="text" name="type" value="' . htmlspecialchars($fund->type) . "\"></td></tr>\n";
-		echo "<tr><th>".i18n("Key")."</th><td><input type=\"text\" name=\"type\" value=\"".htmlspecialchars($fund->type)."\"></td></tr>\n";
+}
-	}
+echo '<tr><th>' . i18n('Description') . '</th><td><textarea style="width: 100%; height: 4em;" name="description">' . htmlspecialchars($fund->description) . "</textarea></td></tr>\n";
-	echo "<tr><th>".i18n("Description")."</th><td><textarea style=\"width: 100%; height: 4em;\" name=\"description\">".htmlspecialchars($fund->description)."</textarea></td></tr>\n";
+echo '<tr><th>' . i18n('Goal') . "</th><td><input type=\"text\" size=\"8\" name=\"goal\" value=\"$fund->goal\"></td></tr>\n";
-	echo "<tr><th>".i18n("Goal")."</th><td><input type=\"text\" size=\"8\" name=\"goal\" value=\"$fund->goal\"></td></tr>\n";
+echo "</table>\n";
-	echo "</table>\n";
+echo "</form>\n";
    echo "</form>\n";
 ?>
--- a/admin/gettranslation.php
+++ b/admin/gettranslation.php
@ -1,38 +1,41 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
-include "../common.inc.php";
+include '../common.inc.php';
-require_once("../user.inc.php");
+require_once ('../user.inc.php');
-user_auth_required('admin');
+user_auth_required('committee', 'admin');
-$ret=array();
+$ret = array();
-foreach($config['languages'] AS $l=>$ln) {
+foreach ($config['languages'] AS $l => $ln) {
-	if($l==$config['default_language']) continue;
+        if ($l == $config['default_language'])
-	$q=mysql_query("SELECT * FROM translations WHERE lang='$l' AND strmd5='".md5($_GET['str'])."'");
+                continue;
-	if($r=mysql_fetch_object($q))
+        $q = $pdo->prepare("SELECT * FROM translations WHERE lang='$l' AND strmd5='" . md5(iconv('ISO-8859-1', 'UTF-8', $_GET['str'])) . "'");
-	        $ret[$l]=$r->val;
+        $q->execute();
-	else
+        if ($r = $q->fetch(PDO::FETCH_OBJ))
-        	$ret[$l]="";
+                $ret[$l] = iconv('ISO-8859-1', 'UTF-8', $r->val);
        else
                $ret[$l] = '';
 }
 echo json_encode($ret);
 ?>
--- a/admin/index.php
+++ b/admin/index.php
@ -26,121 +26,71 @@
 require_once("../user.inc.php");
 require_once("../committee.inc.php");
- user_auth_required('admin');
+
 user_auth_required('committee','admin');
 send_header("Administration",
 	array('Committee Main' => 'committee_main.php'),
 	"administration");
 if($conference['type']=='sciencefair') {
 	 echo "<table class=\"adminconfigtable\">";
 	 echo " <tr>";
 	 echo "  <td><a href=\"registration.php\">".theme_icon("participant_registration")."<br />".i18n("Participant Registration")."</a></td>";
 	 echo "  <td><a href=\"committees.php\">".theme_icon("committee_management")."<br />".i18n("Committee Management")."</a></td>";
 	 echo "  <td><a href=\"judges.php\">".theme_icon("judging_management")."<br />".i18n("Judging Management")."</a></td>";
 	 echo "  <td><a href=\"account_list.php\">".theme_icon("account_management")."<br />".i18n("Account Management")."</a></td>";
 	 echo "  <td>";
 	 if($config['volunteer_enable'] == 'yes')
 		echo "<a href=\"volunteers.php\">".theme_icon("volunteer_management")."<br />".i18n("Volunteer Management")."</a>";
 	 else
 		echo theme_icon("volunteer_management")."<br />".i18n("Volunteer Management")."<br /><i>(".i18n("disabled").")</i>";
 	 echo "</td></tr>";
 	 echo "</table>\n";
 	 echo "<hr />";
 	 echo "<table class=\"adminconfigtable\">";
 	 echo " <tr>";
 	 echo "  <td><a href=\"awards.php\">".theme_icon("awards_management")."<br />".i18n("Awards Management")."</a></td>";
 	 echo "  <td><a href=\"schools.php\">".theme_icon("schools_management")."<br />".i18n("Schools Management")."</a></td>";
 	 echo "  <td>";
 	 if($config['tours_enable'] == 'yes')
 		echo "<a href=\"tours.php\">".theme_icon("tour_management")."<br />".i18n("Tour Management")."</a>";
 	 else
 		echo theme_icon("tour_management")."<br />".i18n("Tour Management")."<br /><i>(".i18n("disabled").")</i>";
 	 echo "</td>";
 	 echo "  <td>";
 	 if($config['participant_regfee_items_enable'] == 'yes')
 		echo "<a href=\"regfee_items_manager.php\">".theme_icon("registration_fee_items_management")."<br />".i18n("Registration Fee Items Management")."</a>";
 	 else
 		echo theme_icon("registration_fee_items_management")."<br />".i18n("Registration Fee Items Management")."<br /><i>(".i18n("disabled").")</i>";
 	 echo "</td>";
 	 echo " </tr>\n";
 	 echo " <tr>";
 	 echo "  <td><a href=\"reports.php\">".theme_icon("print/export_reports")."<br />".i18n("Print / Export Reports")."</a></td>";
 	 echo "  <td><a href=\"reports_ceremony.php\">".theme_icon("print_awards_ceremony_scripts")."<br />".i18n("Print Award Ceremony Scripts")."</a></td>";
 	 echo "  <td><a href=\"reports_editor.php\">".theme_icon("report_management")."<br />".i18n("Report Management")."</a></td>";
 	 echo "  <td><a href=\"translations.php\">".theme_icon("translations_management")."<br />".i18n("Translations Management")."</a></td>";
 	 echo "  <td>";
 	 echo "</td>";
 	 echo " </tr>\n";
 	 echo " <tr>";
 	 echo "<td></td><td></td>\n";
 	 echo " </tr>\n";
 	 echo "</table>\n";
 	 echo "<hr />";
 	 echo "<table class=\"adminconfigtable\">";
 	 echo " <tr>";
 	 if($config['score_entry_enable'] == 'yes') {
 		echo "<td><a href=\"judging_score_entry.php\">".theme_icon("judging_score_entry")."<br />".i18n("Judging Score Entry")."</a></td>";
 	 }
 	 echo "  <td><a href=\"winners.php\">".theme_icon("enter_winning_projects")."<br />".i18n("Enter Winning Projects")."</a></td>";
 	 echo "  <td><a href=\"cwsfregister.php\">".theme_icon("one-click_cwsf_registration")."<br />".i18n("One-Click CWSF Registration")."</a></td>";
 	 echo "  <td><a href=\"fair_stats.php\">".theme_icon("fair_stats")."<br />".i18n("Upload Fair Statistics")."</a></td>";
 	 echo "  <td><a href=\"user_list.php?show_types[]=fair\">".theme_icon("sciencefair_management")."<br />".i18n("Feeder/Upstream Fair Management")."</a></td>";
 	 echo " </tr>\n";
 	 echo "</table>\n";
 }
 else {
 	 echo "<table class=\"adminconfigtable\">";
 	 echo " <tr>";
 	 echo "  <td><a href=\"eventsscheduling.php\">".theme_icon("events_management")."<br />".i18n("Events & Scheduling")."</a></td>";
 	 echo "  <td><a href=\"registration.php\">".theme_icon("participant_registration")."<br />".i18n("Participant Registration")."</a></td>";
 	 echo "  <td><a href=\"committees.php\">".theme_icon("committee_management")."<br />".i18n("Committee Management")."</a></td>";
 	 echo "  <td><a href=\"judges.php\">".theme_icon("judging_management")."<br />".i18n("Judging Management")."</a></td>";
 	 echo "  <td>";
 	 if($config['volunteer_enable'] == 'yes')
 		echo "<a href=\"volunteers.php\">".theme_icon("volunteer_management")."<br />".i18n("Volunteer Management")."</a>";
 	 else
 		echo theme_icon("volunteer_management")."<br />".i18n("Volunteer Management")."<br /><i>(".i18n("disabled").")</i>";
 	 echo "</td></tr>";
 	 echo "</table>\n";
 	 echo "<hr />";
 	 echo "<table class=\"adminconfigtable\">";
 	 echo " <tr>";
 	 echo "  <td><a href=\"awards.php\">".theme_icon("awards_management")."<br />".i18n("Awards Management")."</a></td>";
 	 echo "  <td><a href=\"schools.php\">".theme_icon("schools_management")."<br />".i18n("Schools Management")."</a></td>";
 	 echo "  <td>";
 	 if($config['tours_enable'] == 'yes')
 		echo "<a href=\"tours.php\">".theme_icon("tour_management")."<br />".i18n("Tour Management")."</a>";
 	 else
 		echo theme_icon("tour_management")."<br />".i18n("Tour Management")."<br /><i>(".i18n("disabled").")</i>";
 	 echo "</td>";
 	 echo "  <td>";
 	 if($config['participant_regfee_items_enable'] == 'yes')
 		echo "<a href=\"regfee_items_manager.php\">".theme_icon("registration_fee_items_management")."<br />".i18n("Registration Fee Items Management")."</a>";
 	 else
 		echo theme_icon("registration_fee_items_management")."<br />".i18n("Registration Fee Items Management")."<br /><i>(".i18n("disabled").")</i>";
 	 echo "</td>";
 	 echo " </tr>\n";
 	 echo " <tr>";
 	 echo "  <td><a href=\"reports.php\">".theme_icon("print/export_reports")."<br />".i18n("Print / Export Reports")."</a></td>";
 	 echo "  <td><a href=\"reports_ceremony.php\">".theme_icon("print_awards_ceremony_scripts")."<br />".i18n("Print Award Ceremony Scripts")."</a></td>";
 	 echo "  <td><a href=\"reports_editor.php\">".theme_icon("report_management")."<br />".i18n("Report Management")."</a></td>";
 	 echo "  <td><a href=\"translations.php\">".theme_icon("translations_management")."<br />".i18n("Translations Management")."</a></td>";
 	 echo "  <td>";
 	 echo "</td>";
 	 echo " </tr>\n";
 	 echo " <tr>";
 	 echo "<td></td><td></td>\n";
 	 echo " </tr>\n";
 	 echo "</table>\n";
 	 echo "<hr />";
 	 echo "<table class=\"adminconfigtable\">";
 	 echo " <tr>";
 	 echo "  <td><a href=\"winners.php\">".theme_icon("enter_winning_projects")."<br />".i18n("Enter Winners")."</a></td>";
 	 echo " </tr>\n";
 	 echo "</table>\n";
 }
 echo "<table class=\"adminconfigtable\">";
 echo " <tr>";
 echo "  <td><a href=\"registration.php\">".theme_icon("participant_registration")."<br />".i18n("Participant Registration")."</a></td>";
 echo "  <td><a href=\"committees.php\">".theme_icon("committee_management")."<br />".i18n("Committee Management")."</a></td>";
 echo "  <td><a href=\"judges.php\">".theme_icon("judging_management")."<br />".i18n("Judging Management")."</a></td>";
 echo "  <td>";
 if($config['volunteer_enable'] == 'yes')
 	echo "<a href=\"volunteers.php\">".theme_icon("volunteer_management")."<br />".i18n("Volunteer Management")."</a>";
 else
 	// {echo theme_icon("volunteer_management")."<br />".i18n("Volunteer Management")."<br /><i>(".i18n("disabled").")</i>"};
 echo "</td></tr>";
 echo "</table>\n";
 echo "<hr />";
 echo "<table class=\"adminconfigtable\">";
 echo " <tr>";
 echo "  <td><a href=\"awards.php\">".theme_icon("awards_management")."<br />".i18n("Awards Management")."</a></td>";
 echo "  <td><a href=\"schools.php\">".theme_icon("schools_management")."<br />".i18n("Schools Management")."</a></td>";
 echo "  <td>";
 if($config['tours_enable'] == 'yes')
 	echo "<a href=\"tours.php\">".theme_icon("tour_management")."<br />".i18n("Tour Management")."</a>";
 else
 	// {echo theme_icon("tour_management")."<br />".i18n("Tour Management")."<br /><i>(".i18n("disabled").")</i>";}
 echo "</td>";
 echo "  <td>";
 if($config['participant_regfee_items_enable'] == 'yes')
 	echo "<a href=\"regfee_items_manager.php\">".theme_icon("registration_fee_items_management")."<br />".i18n("Registration Fee Items Management")."</a>";
 else
 	// {echo theme_icon("registration_fee_items_management")."<br />".i18n("Registration Fee Items Management")."<br /><i>(".i18n("disabled").")</i>";}
 echo "</td>";
 echo " </tr>\n";
 echo " <tr>";
 echo "  <td><a href=\"reports.php\">".theme_icon("print/export_reports")."<br />".i18n("Print / Export Reports")."</a></td>";
 echo "  <td><a href=\"reports_ceremony.php\">".theme_icon("print_awards_ceremony_scripts")."<br />".i18n("Print Award Ceremony Scripts")."</a></td>";
 echo "  <td><a href=\"reports_editor.php\">".theme_icon("report_management")."<br />".i18n("Report Management")."</a></td>";
 echo "  <td><a href=\"translations.php\">".theme_icon("translations_management")."<br />".i18n("Translations Management")."</a></td>";
 echo "</td>";
 echo " </tr>\n";
 echo " <tr>";
 echo "<td></td><td></td>\n";
 echo " </tr>\n";
 echo "</table>\n";
 echo "<hr />";
 echo "<table class=\"adminconfigtable\">";
 echo " <tr>";
 echo "  <td><a href=\"winners.php\">".theme_icon("enter_winning_projects")."<br />".i18n("Enter Winning Projects")."</a></td>";
 echo "  <td><a href=\"cwsfregister.php\">".theme_icon("one-click_cwsf_registration")."<br />".i18n("One-Click CWSF Registration")."</a></td>";
 echo "  <td><a href=\"fair_stats.php\">".theme_icon("fair_stats")."<br />".i18n("Upload Fair Statistics")."</a></td>";
 echo "  <td><a href=\"user_list.php?show_types[]=fair\">".theme_icon("sciencefair_management")."<br />".i18n("Feeder/Upstream Fair Management")."</a></td>";
 if(get_value_from_array($config, 'score_entry_enable') == 'yes') {
 echo "<td><a href=\"judging_score_entry.php\">".theme_icon("judging_score_entry")."<br />".i18n("Judging Score Entry")."</a></td>";
 }
 echo " </tr>\n";
 echo "</table>\n";
 echo "<hr />";
 echo "<table class=\"adminconfigtable\">";
 echo " <tr>";
@ -148,7 +98,10 @@
 echo "  <td><a href=\"documents.php\">".theme_icon("internal_document_management")."<br />".i18n("Internal Document Management")."</a></td>";
 echo "  <td><a href=\"cms.php\">".theme_icon("website_content_management")."<br />".i18n("Website Content Management")."</a></td>";
 echo "  <td><a href=\"fundraising.php\">".theme_icon("fundraising")."<br />".i18n("Fundraising")."</a></td>";
- echo "  <td></td>";
+ if(get_value_from_array($config, 'score_entry_enable') == 'yes') {
 echo "<td><a href=\"../plugins/evaluations/index.php\">".theme_icon("judging_score_entry")."<br />".i18n("Evaluations Plugin")."</a></td>"; 
 }
 //echo "  <td><a href=\"../plugins/evaluations/index.php\">Go To Evaluations</a></td>";
 echo " </tr>\n";
 echo "</table>\n";
--- a/admin/judges.inc.php
+++ b/admin/judges.inc.php
@ -1,107 +1,108 @@
 <?
 function getJudgingTeams()
 {
-	global $config, $conference;
+	global $config, $pdo;
-
+	$q = $pdo->prepare("SELECT judges_teams.id,
 	$q=mysql_query("SELECT 	judges_teams.id,
 				judges_teams.num,
 				judges_teams.name
 			FROM 
 				judges_teams
 			WHERE 
-				judges_teams.conferences_id='".$conference['id']."'
+				judges_teams.year='" . $config['FAIRYEAR'] . "'
 			ORDER BY 
-				num,name
+				num,name");
-				");
+	$q->execute();
-	$lastteamid=-1;
+	$lastteamid = -1;
-	$lastteamnum=-1;
+	$lastteamnum = -1;
-	echo mysql_error();
+	show_pdo_errors_if_any($pdo);
-	$teams=array();
+	$teams = array();
-	while($r=mysql_fetch_object($q))
+	while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-	{
+		$teams[$r->id]['id'] = $r->id;
-		$teams[$r->id]['id']=$r->id;
+		$teams[$r->id]['num'] = $r->num;
-		$teams[$r->id]['num']=$r->num;
+		$teams[$r->id]['name'] = $r->name;
-		$teams[$r->id]['name']=$r->name;
+		$lastteamid = $r->id;
-		$lastteamid=$r->id;
+		$lastteamnum = $r->num;
 		$lastteamnum=$r->num;
 		/* Load timeslots */
 		$rounds = array();
-		$tq = mysql_query("SELECT * FROM judges_teams_timeslots_link
+		$tq = $pdo->prepare("SELECT * FROM judges_teams_timeslots_link
 					LEFT JOIN judges_timeslots ON judges_timeslots.id=judges_teams_timeslots_link.judges_timeslots_id
 					WHERE judges_teams_timeslots_link.judges_teams_id='{$r->id}'");
 		$tq->execute();
 		$teams[$r->id]['timeslots'] = array();
 		$teams[$r->id]['rounds'] = array();
-		while($ts = mysql_fetch_assoc($tq)) {
+
 		while ($ts = $tq->fetch(PDO::FETCH_ASSOC)) {
 			$teams[$r->id]['timeslots'][] = $ts;
 			$rounds[$ts['round_id']] = $ts['round_id'];
 		}
-		foreach($rounds as $round_id) {
+
-			$tq = mysql_query("SELECT * FROM judges_timeslots WHERE id='{$round_id}'");
+		foreach ($rounds as $round_id) {
-			$teams[$r->id]['rounds'][] = mysql_fetch_assoc($tq);
+			$tq = $pdo->prepare("SELECT * FROM judges_timeslots WHERE id='{$round_id}'");
 			$tq->execute();
 			$teams[$r->id]['rounds'][] = $tq->fetch(PDO::FETCH_ASSOC);
 		}
-		//get the members for this team
+		// get the members for this team
-		$mq=mysql_query("SELECT 	
+		$mq = $pdo->prepare("SELECT \t
-			users.id AS judges_id,
+					users.id AS judges_id,
-			users.firstname,
+					users.firstname,
-			users.lastname,
+					users.lastname,
-			judges_teams_link.captain
+					judges_teams_link.captain
-			
+				FROM 
-		FROM 
+					users,
-			users,
+					judges_teams_link
-			judges_teams_link
+				WHERE 
-		WHERE 
+					judges_teams_link.users_id=users.id AND
-			judges_teams_link.users_id=users.id AND
+					judges_teams_link.judges_teams_id='$r->id'
-			judges_teams_link.judges_teams_id='$r->id'
+				ORDER BY 
-		ORDER BY 
+					captain DESC,
-			captain DESC,
+					lastname,
-			lastname,
+					firstname");
-			firstname");
+		$mq->execute();
-		echo mysql_error();
+		show_pdo_errors_if_any($pdo);
-		
+		$teamlangs = array();
-        $teamlangs=array();
+		while ($mr = $mq->fetch(PDO::FETCH_OBJ)) {
 		while($mr=mysql_fetch_object($mq))
 		{
 			$u = user_load($mr->judges_id, false);
 			$judgelangs = join('/', $u['languages']);
-			foreach($u['languages'] AS $l) {
+			foreach ($u['languages'] AS $l) {
-				if(!in_array($l,$teamlangs))
+				if (!in_array($l, $teamlangs))
-					$teamlangs[]=$l;
+					$teamlangs[] = $l;
 			}
 			$teams[$lastteamid]['members'][]=array(
 				"id"=>$mr->judges_id,
 				"firstname"=>$mr->firstname,
 				"lastname"=>$mr->lastname,
 				"captain"=>$mr->captain,
 				"languages"=>$judgelangs,
 				"languages_array"=>$u['languages']
 				);
 		}
        $teams[$r->id]['languages_members']=$teamlangs;
-		//we also need to add all the languages that the team must JUDGE to the teams languages.
+			$teams[$lastteamid]['members'][] = array(
-		$lq=mysql_query("SELECT projects.language
+				'id' => $mr->judges_id,
 				'firstname' => $mr->firstname,
 				'lastname' => $mr->lastname,
 				'captain' => $mr->captain,
 				'languages' => $judgelangs,
 				'languages_array' => $u['languages']
 			);
 		}
 		$teams[$r->id]['languages_members'] = $teamlangs;
 		// we also need to add all the languages that the team must JUDGE to the teams languages.
 		$lq = $pdo->prepare("SELECT projects.language
 			FROM judges_teams_timeslots_projects_link 
 			LEFT JOIN projects ON judges_teams_timeslots_projects_link.projects_id=projects.id
-			WHERE judges_teams_timeslots_projects_link.conferences_id='{$conference['id']}' AND
+			WHERE judges_teams_timeslots_projects_link.year='{$config['FAIRYEAR']}' AND
-			judges_teams_id='$r->id' ");
+			judges_teams_id='$r->id' AND language!='' ");
-		echo mysql_error();
+		$lq->execute();
-		$projectlangs=array();
+		show_pdo_errors_if_any($pdo);
-		while($lr=mysql_fetch_object($lq)) {
+		$projectlangs = array();
-			if(!in_array($lr->language,$projectlangs))
+		while ($lr = $lq->fetch(PDO::FETCH_OBJ)) {
-				$projectlangs[]=$lr->language;
+			if (!in_array($lr->language, $projectlangs))
-			if(!in_array($lr->language,$teamlangs))
+				$projectlangs[] = $lr->language;
-				$teamlangs[]=$lr->language;
+			if (!in_array($lr->language, $teamlangs))
 				$teamlangs[] = $lr->language;
 		}
-        $teams[$r->id]['languages_projects']=$projectlangs;
+		$teams[$r->id]['languages_projects'] = $projectlangs;
-        $teams[$r->id]['languages']=$teamlangs;
+		$teams[$r->id]['languages'] = $teamlangs;
-		//get the awards for this team
+		// get the awards for this team
-		$aq=mysql_query("SELECT award_awards.id,
+		$aq = $pdo->prepare("SELECT award_awards.id,
 					award_awards.name,
 					award_awards.criteria,
 					award_awards.award_types_id,
@ -114,19 +115,19 @@ function getJudgingTeams()
 					judges_teams_awards_link.award_awards_id=award_awards.id
 					AND judges_teams_awards_link.judges_teams_id='$r->id'
 					AND award_awards.award_types_id=award_types.id
-					AND award_types.conferences_id='{$conference['id']}'
+					AND award_types.year='{$config['FAIRYEAR']}'
 				ORDER BY
 					name
 				");
-		while($ar=mysql_fetch_object($aq))
+		$aq->execute();
-		{
+		while ($ar = $aq->fetch(PDO::FETCH_OBJ)) {
-			$teams[$r->id]['awards'][]=array(
+			$teams[$r->id]['awards'][] = array(
-					"id"=>$ar->id,
+				'id' => $ar->id,
-					"name"=>$ar->name,
+				'name' => $ar->name,
-					"criteria"=>$ar->criteria,
+				'criteria' => $ar->criteria,
-					"award_types_id"=>$ar->award_types_id,
+				'award_types_id' => $ar->award_types_id,
-					"award_type"=>$ar->award_type
+				'award_type' => $ar->award_type
-					);
+			);
 		}
 	}
 	return $teams;
@ -135,32 +136,32 @@ function getJudgingTeams()
 function getJudgingTeam($teamid)
 {
 	global $config;
-
+	global $pdo;
-	$q=mysql_query("SELECT 	judges_teams.id,
+	$q = $pdo->prepare("SELECT \tjudges_teams.id,
 				judges_teams.num,
 				judges_teams.name
 			FROM 
 				judges_teams
 			WHERE 
-				judges_teams.conferences_id='".$conference['id']."' AND
+				judges_teams.year='" . $config['FAIRYEAR'] . "' AND
 				judges_teams.id='$teamid'
 			ORDER BY 
 				num,
 				name
 				");
 	$q->execute();
-	$team=array();
+	$team = array();
-	$first=true;
+	$first = true;
-	while($r=mysql_fetch_object($q))
+	while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-	{
+		$team['id'] = $r->id;
-		$team['id']=$r->id;
+		$team['num'] = $r->num;
-		$team['num']=$r->num;
+		$team['name'] = $r->name;
 		$team['name']=$r->name;
-		//get the members for this team
+		// get the members for this team
-		$mq=mysql_query("SELECT 	
+		$mq = $pdo->prepare("SELECT \t
 			users.id AS judges_id,
 			users.firstname,
 			users.lastname,
@ -176,22 +177,20 @@ function getJudgingTeam($teamid)
 			captain DESC,
 			lastname,
 			firstname");
-		echo mysql_error();
+		$mq->execute();
 		show_pdo_errors_if_any($pdo);
-		
+		while ($mr = $mq->fetch(PDO::FETCH_OBJ)) {
-		while($mr=mysql_fetch_object($mq))
+			$team['members'][] = array(
-		{
+				'id' => $mr->judges_id,
-			$team['members'][]=array(
+				'firstname' => $mr->firstname,
-				"id"=>$mr->judges_id,
+				'lastname' => $mr->lastname,
-				"firstname"=>$mr->firstname,
+				'captain' => $mr->captain
-				"lastname"=>$mr->lastname,
+			);
 				"captain"=>$mr->captain
 				);
 		}
-
+		// get the awards for this team
-		//get the awards for this team
+		$aq = $pdo->prepare("SELECT award_awards.id,
 		$aq=mysql_query("SELECT award_awards.id,
 					award_awards.name,
 					award_awards.award_types_id,
 					award_types.type AS award_type
@ -203,37 +202,35 @@ function getJudgingTeam($teamid)
 					judges_teams_awards_link.award_awards_id=award_awards.id
 					AND judges_teams_awards_link.judges_teams_id='$r->id'
 					AND award_awards.award_types_id=award_types.id
-					AND award_types.conferences_id='{$conference['id']}'
+					AND award_types.year='{$config['FAIRYEAR']}'
 				ORDER BY
 					name
 				");
-		while($ar=mysql_fetch_object($aq))
+		$aq->execute();
-		{
+		while ($ar = $aq->fetch(PDO::FETCH_OBJ)) {
-			$team['awards'][]=array(
+			$team['awards'][] = array(
-					"id"=>$ar->id,
+				'id' => $ar->id,
-					"name"=>$ar->name,
+				'name' => $ar->name,
-					"award_types_id"=>$ar->award_types_id,
+				'award_types_id' => $ar->award_types_id,
-					"award_type"=>$ar->award_type
+				'award_type' => $ar->award_type
-					);
+			);
 		}
 	}
 	return $team;
 }
-function getJudgingEligibilityCode() {
+function getJudgingEligibilityCode()
 {
 	global $config;
-	switch($config['project_status']) {
+	switch ($config['project_status']) {
-		case 'open' :
+		case 'open':
 			return " AND registrations.status != 'open' ";
 			break;
-		case 'payment_pending' :
+		case 'payment_pending':
 			return " AND registrations.status IN ('paymentpending', 'complete')";
 			break;
-		case 'complete' :
+		case 'complete':
 			return " AND registrations.status = 'complete'";
 			break;
 	}
@ -241,26 +238,27 @@ function getJudgingEligibilityCode() {
 function teamMemberToName($member)
 {
-       return $member["firstname"] . " " . $member["lastname"];
+	return $member['firstname'] . ' ' . $member['lastname'];
 }
 function judges_load_all()
 {
-	global $config;
+	global $config, $pdo;
 	$ret = array();
-	$r = mysql_query("
+	$query = "SELECT id FROM users WHERE types LIKE '%judge%' 
-		SELECT users.id FROM users JOIN user_roles ur ON ur.users_id = users.id
+				AND year='{$config['FAIRYEAR']}'
-		JOIN roles ON roles.id = ur.roles_id WHERE roles.type = 'judge'
+				AND deleted='no'
-		AND conferences_id='{$conference['id']}'
+				ORDER BY lastname, firstname";
-		AND deleted='no'
+	$r = $pdo->prepare($query);
-		ORDER BY lastname, firstname
+	$r->execute();
-	");
+	while ($i = $r->fetch(PDO::FETCH_ASSOC)) {
 	while($i = mysql_fetch_assoc($r)) {
 		$u = user_load($i['id']);
-		if($u['judge_complete'] == 'no') continue;
+		if ($u['judge_complete'] == 'no')
-		if($u['judge_active'] == 'no') continue;
+			continue;
 		if ($u['judge_active'] == 'no')
 			continue;
 		$ret[$i['id']] = $u;
 	}
--- a/admin/judges.php
+++ b/admin/judges.php
@ -1,54 +1,53 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- send_header("Judges", 
+send_header('Judges',
- 		array('Committee Main' => 'committee_main.php',
+    array('Committee Main' => 'committee_main.php',
-			'Administration' => 'admin/index.php'),
+        'Administration' => 'admin/index.php'),
-            "judging_management"
+    'judging_management');
-			);
+echo '<br />';
- echo "<br />";
+echo '<b>' . i18n('Judges') . '</b><ul>';
- echo '<b>'.i18n('Judges').'</b><ul>';
+echo '<li><a href="../user_invite.php?type=judge">' . i18n('Invite Judges') . '</a></li></li>';
- echo "<li><a href=\"../user_invite.php?type=judge\">".i18n("Invite Judges")."</a></li></li>";
+echo '<li><a href="user_list.php?show_types[]=judge">' . i18n('Manage Judges') . '</a> - ' . i18n('Add, Delete, Edit, and List judges') . '</li>';
- echo "<li><a href=\"user_list.php?show_types[]=judge\">".i18n("Manage Judges")."</a> - ".i18n("Add, Delete, Edit, and List judges").'</li>';
+echo '</ul>';
- echo '</ul>';
+echo '<b>' . i18n('Create the Judging Schedule') . '</b><ul>';
- echo '<b>'.i18n('Create the Judging Schedule').'</b><ul>';
+echo '<li><a href="judges_timeslots.php">' . i18n('Create/Edit Judging Timeslots') . '</a></li>';
- echo "<li><a href=\"judges_timeslots.php\">".i18n("Create/Edit Judging Timeslots")."</a></li>";
+echo '<li><a href="judges_jdiv.php">' . i18n('Create/Edit Divisional Judging Groupings') . '</a></li>';
- echo "<li><a href=\"judges_jdiv.php\">".i18n("Create/Edit Divisional Judging Groupings")."</a></li>";
+echo '<li><a href="judges_schedulerconfig.php">' . i18n('Run the Automatic Judging Scheduler') . '</a></li>';
- echo "<li><a href=\"judges_schedulerconfig.php\">".i18n("Run the Automatic Judging Scheduler")."</a></li>";
+echo '</ul>';
- echo '</ul>';
+echo '<b>' . i18n('Edit the Judging Schedule') . '</b><ul>';
- echo '<b>'.i18n('Edit the Judging Schedule').'</b><ul>';
+echo '<li><a href="judges_teams.php">' . i18n('Manage Judging Teams') . '</a></li>';
- echo "<li><a href=\"judges_teams.php\">".i18n("Manage Judging Teams")."</a></li>";
+echo '<li><a href="judges_teams_members.php">' . i18n('Manage Judging Team Members') . '</a></li>';
- echo "<li><a href=\"judges_teams_members.php\">".i18n("Manage Judging Team Members")."</a></li>";
+echo '<li><a href="judges_teams_timeslots.php">' . i18n('Manage Judging Team Timeslot Assignments') . '</a></li>';
- echo "<li><a href=\"judges_teams_timeslots.php\">".i18n("Manage Judging Team Timeslot Assignments")."</a></li>";
+echo '<li><a href="judges_teams_projects.php">' . i18n('Manage Judging Team Project Assignments') . '</a></li>';
- echo "<li><a href=\"judges_teams_projects.php\">".i18n("Manage Judging Team Project Assignments")."</a></li>";
+echo '</ul>';
 echo '</ul>';
-
+send_footer();
 send_footer();
 ?>
--- a/admin/judges_info.php
+++ b/admin/judges_info.php
@ -1,154 +1,157 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- //this file is meant to be used as a popup from the judging teams page to view the judge info
+// this file is meant to be used as a popup from the judging teams page to view the judge info
- //it needs the judge ID passed into it.
+// it needs the judge ID passed into it.
- //thus, we do not need the normal header and footer
+// thus, we do not need the normal header and footer
- require("../questions.inc.php");
+require ('../questions.inc.php');
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
-$preferencechoices=array(
+$preferencechoices = array(
-	-2=>"Very Low",
+	-2 => 'Very Low',
-	-1=>"Low",
+	-1 => 'Low',
-	0=>"Indifferent",
+	0 => 'Indifferent',
-	1=>"Medium",
+	1 => 'Medium',
-	2=>"High"
+	2 => 'High'
 );
 $id = intval($_GET['id']);
 $judgeinfo = user_load($id);
 send_popup_header('Judge Information');
 echo '<div style="text-align:center; padding: 5px;">';
 send_popup_header("Judge Information");
- if($id < 1) {
+if ($id < 1) {
-	echo error(i18n("No Judge ID passed to Judges Info"));
+	echo error(i18n('No Judge ID passed to Judges Info'));
 	send_popup_footer();
 	exit;
- }
+}
 ?>
 	<table class="tableview" style="margin:auto; width:100%; text-align:left">
 		<tr>
-			<th><?=i18n("First Name");?></th>
+			<th><?= i18n('First Name'); ?></th>
-			<th><?=i18n("Last Name");?></th>
+			<th><?= i18n('Last Name'); ?></th>
-			<th><?=i18n("Organization");?></th>
+			<th><?= i18n('Organization'); ?></th>
 		</tr>
 		<tr>
-			<td><?=$judgeinfo['firstname'];?></td>
+			<td><?= $judgeinfo['firstname']; ?></td>
-			<td><?=$judgeinfo['lastname'];?></td>
+			<td><?= $judgeinfo['lastname']; ?></td>
-			<td><?=$judgeinfo['organization'];?></td>
+			<td><?= $judgeinfo['organization']; ?></td>
 		</tr>
 	</table>
 	<table class="tableview" style="margin:auto; width:100%; margin-top: 5px; text-align:left">
 		<tr>
-			<th><?=i18n("Email Address");?>:</th>
+			<th><?= i18n('Email Address'); ?>:</th>
-			<td><?=$judgeinfo['email'];?></td>
+			<td><?= $judgeinfo['email']; ?></td>
-			<th><?=i18n("City");?>:</th>
+			<th><?= i18n('City'); ?>:</th>
-			<td><?=$judgeinfo['city'];?></td>
+			<td><?= $judgeinfo['city']; ?></td>
 		</tr>
 		<tr>
-			<th><?=i18n("Phone (Home)");?>:</th>
+			<th><?= i18n('Phone (Home)'); ?>:</th>
-			<td><?=$judgeinfo['phonehome'];?></td>
+			<td><?= $judgeinfo['phonehome']; ?></td>
-			<th><?=i18n("Address 1");?>:</th>
+			<th><?= i18n('Address 1'); ?>:</th>
-			<td><?=$judgeinfo['address'];?></td>
+			<td><?= $judgeinfo['address']; ?></td>
 		</tr>
 		<tr>
-			<th><?=i18n("Phone (Work)");?>:</th>
+			<th><?= i18n('Phone (Work)'); ?>:</th>
-			<td><?=$judgeinfo['phonework'];?></td>
+			<td><?= $judgeinfo['phonework']; ?></td>
-			<th><?=i18n("Address 2");?>:</th>
+			<th><?= i18n('Address 2'); ?>:</th>
-			<td><?=$judgeinfo['address2'];?></td>
+			<td><?= $judgeinfo['address2']; ?></td>
 		</tr>
 		<tr>
-			<th><?=i18n("Phone (Cell)");?>:</th>
+			<th><?= i18n('Phone (Cell)'); ?>:</th>
-			<td><?=$judgeinfo['phonecell'];?></td>
+			<td><?= $judgeinfo['phonecell']; ?></td>
-			<th><?=i18n($config['provincestate']);?>:</th>
+			<th><?= i18n($config['provincestate']); ?>:</th>
-			<td><?=$judgeinfo['province'];?></td>
+			<td><?= $judgeinfo['province']; ?></td>
 		</tr>
 		<tr>
-			<th><?=i18n("Languages");?>:</th>
+			<th><?= i18n('Languages'); ?>:</th>
-			<td><?=join(', ', $judgeinfo['languages']);?></td>
+			<td><?= join(', ', $judgeinfo['languages']); ?></td>
-			<th><?=i18n($config['postalzip']);?>:</th>
+			<th><?= i18n($config['postalzip']); ?>:</th>
-			<td><?=$judgeinfo['postalcode'];?></td>
+			<td><?= $judgeinfo['postalcode']; ?></td>
 		</tr>
 	</table>
 <?php
 // get their availability
-$availabilityText = "";
+$availabilityText = '';
-if($config['judges_availability_enable'] == 'yes'){
+if ($config['judges_availability_enable'] == 'yes') {
-	$q = mysql_query("SELECT * FROM judges_availability WHERE users_id=\"{$judgeinfo['id']}\" ORDER BY `start`");
+	$q = $pdo->prepare("SELECT * FROM judges_availability WHERE users_id=\"{$judgeinfo['id']}\" ORDER BY `start`");
 	$q->execute();
 	$sel = array();
-	while($r=mysql_fetch_object($q)) {
+	while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 		$st = substr($r->start, 0, 5);
 		$end = substr($r->end, 0, 5);
 		$availabilityText .= "<li>$st - $end</li>";
 	}
-	if(strlen($availabilityText) > 0){
+	if (strlen($availabilityText) > 0) {
 		$availabilityText = '<ul>' . $availabilityText . '</ul>';
-	}else{
+	} else {
-		$availabilityText = i18n("Unspecified");
+		$availabilityText = i18n('Unspecified');
 	}
 }
 echo '<div style="text-align:left">';
 // is their info complete?
-$completeText = $judgeinfo['complete']=="yes" ? "Yes" : "No";
+$completeText = $judgeinfo['judge_complete'] == 'yes' ? 'Yes' : 'No';
 $activeText = $judgeinfo['judge_active'] == 'yes' ? 'Yes' : 'No';
 // find out if they've signed up for judging any special awards
-$specialAwardsText = "";
+$specialAwardsText = '';
-if($judgeinfo['special_award_only'] == "yes"){
+if ($judgeinfo['special_award_only'] == 'yes') {
-	$query = "SELECT aa.name AS awardname FROM judges_specialaward_sel jss"
+	$query = 'SELECT aa.name AS awardname FROM judges_specialaward_sel jss'
-		. " JOIN users ON jss.users_id = users.id"
+		. ' JOIN users ON jss.users_id = users.id'
-		. " JOIN award_awards aa ON aa.id = jss.award_awards_id"
+		. ' JOIN award_awards aa ON aa.id = jss.award_awards_id'
-		. " WHERE users.id=" . $id;
+		. ' WHERE users.id=' . $id;
-	$results = mysql_query($query);
+	$results = $pdo->prepare($query);
-	while($record = mysql_fetch_array($results)){
+	$results . execute();
 	while ($record = $results . fetch()) {
 		$awardList[] = $record['awardname'];
 	}
 	$specialAwardsText .= implode(', ', $awardList);
-	
+} else {
-}else{
+	$specialAwardsText .= i18n('None');
 	$specialAwardsText .= i18n("None");
 }
 // get their preference for age category
-$q=mysql_query("SELECT * FROM projectcategories WHERE conferences_id='{$conference['id']}'");
+$q = $pdo->prepare("SELECT * FROM projectcategories WHERE year='{$config['FAIRYEAR']}'");
 $q->execute();
-$catPreferenceText =  mysql_error() . "<ul>";
+$catPreferenceText = $pdo->errorInfo() . '<ul>';
-while($r=mysql_fetch_object($q)) {
+while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 	$p = intval($judgeinfo['cat_prefs'][$r->id]);
-	$catPreferenceText .= "<li><em>" . i18n($r->category)."</em>: {$preferencechoices[$p]}</li>";
+	$catPreferenceText .= '<li><em>' . i18n($r->category) . "</em>: {$preferencechoices[$p]}</li>";
 }
-$catPreferenceText .= "</ul>";
+$catPreferenceText .= '</ul>';
 ?>
@ -156,65 +159,70 @@ $catPreferenceText .= "</ul>";
 	<tr><td>
 		<ul>
-			<li><strong><?="Complete for {$conference['name']}";?>: </strong>
+			<li><strong><?= "Active for {$config['FAIRYEAR']}"; ?>: </strong>
-			<?=$completeText;?></li>
+			<?= $activeText; ?></li>
-			<li><strong><?=i18n("Special awards");?>: </strong>
+			<li><strong><?= "Complete for {$config['FAIRYEAR']}"; ?>: </strong>
-			<?=$specialAwardsText;?></li>
+			<?= $completeText; ?></li>
-			<li><strong><?=i18n("Highest post-secondary degree");?>: </strong>
+			<li><strong><?= i18n('Special awards'); ?>: </strong>
-			<?=$judgeinfo['highest_psd'];?></li>
+			<?= $specialAwardsText; ?></li>
-			<li><strong><?=i18n("Age category preference");?>: </strong>
+			<li><strong><?= i18n('Highest post-secondary degree'); ?>: </strong>
-			<?=$catPreferenceText;?></li>
+			<?= $judgeinfo['highest_psd']; ?></li>
 			<li><strong><?= i18n('Age category preference'); ?>: </strong>
 			<?= $catPreferenceText; ?></li>
 			<?php
-			if($availabilityText != ""){
+			if ($availabilityText != '') {
-				echo "<li><strong>" . i18n("Time Availability") . ": </strong>";
+				echo '<li><strong>' . i18n('Time Availability') . ': </strong>';
-				echo $availabilityText . "</li>";
+				echo $availabilityText . '</li>';
 			}
 			?>
 		</ul>
 	</td>
 	<td>
-		<h3><?=i18n("Areas of Expertise");?></h3>
+		<h3><?= i18n('Areas of Expertise'); ?></h3>
 		<table class="tableview" style="margin:auto;width:100%">
 <?php
-//grab the list of divisions, because the last fields of the table will be the sub-divisions 
+// grab the list of divisions, because the last fields of the table will be the sub-divisions
-$q=mysql_query("SELECT * FROM projectdivisions WHERE conferences_id='{$conference['id']}' ORDER BY id");
+$q = $pdo->prepare("SELECT * FROM projectdivisions WHERE year='{$config['FAIRYEAR']}' ORDER BY id");
-$divs=array();
+$q->execute();
-while($r=mysql_fetch_object($q))
+$divs = array();
-{
+while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-	$divs[]=$r->id;
+	$divs[] = $r->id;
-	$divnames[$r->id]=$r->division;
+	$divnames[$r->id] = $r->division;
 }
-foreach($divs as $div)
+foreach ($divs as $div) {
 {
 	$p = $judgeinfo['div_prefs'][$div];
-	echo "<tr><th align=\"right\" >".i18n($divnames[$div]).":</th>";
+	echo '<tr><th align="right" >' . i18n($divnames[$div]) . ':</th>';
 	echo " <td>$p/5</td>";
-	echo "<td>";
+	echo '<td>';
-	$subq=mysql_query("SELECT * FROM projectsubdivisions WHERE 
+	$subq = $pdo->prepare("SELECT * FROM projectsubdivisions WHERE 
-				projectdivisions_id='$div' AND conferences_id='{$conference['id']}' ORDER BY subdivision");
+				projectdivisions_id='$div' AND year='{$config['FAIRYEAR']}' ORDER BY subdivision");
 	$subq->execute();
 	$sd = array();
-	while($subr=mysql_fetch_object($subq)) {
+	while ($subr = $subq->fetch(PDO::FETCH_OBJ)) {
-		if($u['div_prefs_sub'][$subr->id] == 1) {
+		if ($u['div_prefs_sub'][$subr->id] == 1) {
 			$sd[] = $subdivr->subdivision;
 		}
 	}
-	// Only show subdiv if main div >=3 
+	// Only show subdiv if main div >=3
-	if($p >= 3) echo implode(", ",$sd);
+	if ($p >= 3)
-	else echo "&nbsp;";
+		echo implode(', ', $sd);
 	else
 		echo '&nbsp;';
-	echo "</td>";
+	echo '</td>';
-	echo "</tr>";
+	echo '</tr>';
 }
 echo "<tr>\n";
-echo " <th align=\"right\" valign=\"top\">".i18n("Other").":</th>";
+echo ' <th align="right" valign="top">' . i18n('Other') . ':</th>';
 echo " <td colspan=\"2\">{$judgeinfo['expertise_other']}<br />";
 echo " </td>\n";
 echo "</tr>\n";
@ -225,29 +233,26 @@ echo "</tr>\n";
 <?php
 // get the judge's special award info
-//print_r($judgeinfo);
+// print_r($judgeinfo);
 echo '</div></div>';
 /*
- send_popup_header("Judge Information");
+ * send_popup_header("Judge Information");
-*/
+ */
 /*
-echo "<tr>\n";
+ * echo "<tr>\n";
-echo " <th valign=\"top\" align=\"right\" colspan=\"2\">".i18n("Time Availability").":</th><td colspan=\"2\">";
+ * echo " <th valign=\"top\" align=\"right\" colspan=\"2\">".i18n("Time Availability").":</th><td colspan=\"2\">";
-$q = mysql_query("SELECT * FROM judges_availability WHERE users_id=\"{$judgeinfo['id']}\" ORDER BY `start`");
+ * $q = mysql_query("SELECT * FROM judges_availability WHERE users_id=\"{$judgeinfo['id']}\" ORDER BY `start`");
-$sel = array();
+ * $sel = array();
-while($r=mysql_fetch_object($q)) {
+ * while($r=$q->fetch(PDO::FETCH_OBJ)) {
-	$st = substr($r->start, 0, 5);
+ * 	$st = substr($r->start, 0, 5);
-	$end = substr($r->end, 0, 5);
+ * 	$end = substr($r->end, 0, 5);
-	echo "$st - $end<br />";
+ * 	echo "$st - $end<br />";
-}
+ * }
-echo "</td></tr>";
+ * echo "</td></tr>";
-echo "<tr>";
+ * echo "<tr>";
-*/
+ */
-
+// send_popup_footer();
 //send_popup_footer();
 ?>
--- a/admin/judges_invite.php
+++ b/admin/judges_invite.php
@ -1,65 +1,63 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- include "judges.inc.php";
+include 'judges.inc.php';
- send_header("Invite Judges",
+send_header('Invite Judges',
- 		array('Committee Main' => 'committee_main.php',
+	array('Committee Main' => 'committee_main.php',
-			'Administration' => 'admin/index.php',
+		'Administration' => 'admin/index.php',
-			'Judges' => 'admin/judges.php')
+		'Judges' => 'admin/judges.php'));
-			);
+echo '<br />';
- echo "<br />";
+if ($_POST['action'] == 'invite' && $_POST['email']) {
- if($_POST['action']=="invite" && $_POST['email'])
+	$q = $pdo->prepare("SELECT id FROM judges WHERE email=?");
- {
+	$q->execute([$_POST['email']]);
- 	$q=mysql_query("SELECT id FROM judges WHERE email='".$_POST['email']."'");
+	if ($q->rowCount()) {
-	if(mysql_num_rows($q))
+		echo error(i18n('A judge already exists with that email address'));
-	{
+	} else {
-		echo error(i18n("A judge already exists with that email address"));
+		$pass = generatePassword();
 		$hash = password_hash($pass, PASSWORD_BCRYPT);
 		$stmt = $pdo->prepare("INSERT INTO judges (email,password) VALUES (?, ?)");
 		$stmt->execute([$_POST['email'], $hash]);
 		email_send('new_judge_invite', stripslashes($_POST['email']), array('FAIRNAME' => $config['fairname']), array('FAIRNAME' => $config['fairname'], 'EMAIL' => stripslashes($_POST['email']), 'PASSWORD' => $pass));
 		echo happy(i18n('%1 has been invited to be a judge', array($_POST['email'])));
 	}
-	else
+}
 	{
 		$pass=generatePassword();
 		mysql_query("INSERT INTO judges (email,password) VALUES ('".mysql_escape_string(stripslashes($_POST['email']))."','$pass')");
 		email_send("new_judge_invite",stripslashes($_POST['email']),array("FAIRNAME"=>$config['fairname']),array("FAIRNAME"=>$config['fairname'],"EMAIL"=>stripslashes($_POST['email']),"PASSWORD"=>$pass));
-		echo happy(i18n("%1 has been invited to be a judge",array($_POST['email'])));
+echo i18n("Enter the judge's email address to invite them to be a judge");
-	}
+echo "<br />\n";
- }
+echo "<br />\n";
 echo "<form method=\"post\" action=\"judges_invite.php\">\n";
 echo "<input type=\"hidden\" name=\"action\" value=\"invite\" />\n";
 echo i18n('Email') . ': ';
 echo "<input type=\"text\" name=\"email\" size=\"40\" />\n";
 echo '<input type="submit" value="' . i18n('Invite Judge') . "\" />\n";
 echo "</form>\n";
-
+send_footer();
 echo i18n("Enter the judge's email address to invite them to be a judge");
 echo "<br />\n";
 echo "<br />\n";
 echo "<form method=\"post\" action=\"judges_invite.php\">\n";
 echo "<input type=\"hidden\" name=\"action\" value=\"invite\" />\n";
 echo i18n("Email").": ";
 echo "<input type=\"text\" name=\"email\" size=\"40\" />\n";
 echo "<input type=\"submit\" value=\"".i18n("Invite Judge")."\" />\n";
 echo "</form>\n";
 send_footer();
 ?>
--- a/admin/judges_jdiv.php
+++ b/admin/judges_jdiv.php
@ -1,38 +1,38 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- include "judges.inc.php";
+include 'judges.inc.php';
- send_header("Judging Division Groupings",
+send_header('Judging Division Groupings',
- 		array('Committee Main' => 'committee_main.php',
+	array('Committee Main' => 'committee_main.php',
-			'Administration' => 'admin/index.php',
+		'Administration' => 'admin/index.php',
-			'Judges' => 'admin/judges.php')
+		'Judges' => 'admin/judges.php'));
-				);
+echo i18n('Instructions: The goal is to create groupings that have the least number of divisions/categories required to have at least %1 projects in the group.  %1 is the number of projects that a single team can judge that you have specifed in the judge scheduler configuration. Judge division groupings indicate which divisions/categories can be judged together (by the same team of judges), so the divisons/categories should be somewhat similar to ensure there are judges that can handle judging all divisions assigned to a grouping.', array($config['max_projects_per_team']));
 echo i18n("Instructions: The goal is to create groupings that have the least number of divisions/categories required to have at least %1 projects in the group.  %1 is the number of projects that a single team can judge that you have specifed in the judge scheduler configuration. Judge division groupings indicate which divisions/categories can be judged together (by the same team of judges), so the divisons/categories should be somewhat similar to ensure there are judges that can handle judging all divisions assigned to a grouping.",array($config['max_projects_per_team']));
 ?>
 <script language="javascript" type="text/javascript">
@ -54,57 +54,59 @@ function newbuttonclicked(jdivs)
 <?
-	$div = array();
+$div = array();
-	$divshort = array();
+$divshort = array();
-	$q=mysql_query("SELECT * FROM projectdivisions WHERE conferences_id='".$conference['id']."' ORDER BY id");
+$q = $pdo->prepare("SELECT * FROM projectdivisions WHERE year='" . $config['FAIRYEAR'] . "' ORDER BY id");
-	while($r=mysql_fetch_object($q)) {
+$q->execute();
-		$divshort[$r->id]=$r->division_shortform;
+while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-		$div[$r->id]=$r->division;
+	$divshort[$r->id] = $r->division_shortform;
 	$div[$r->id] = $r->division;
 }
 $cat = array();
 $q = $pdo->prepare("SELECT * FROM projectcategories WHERE year='" . $config['FAIRYEAR'] . "' ORDER BY id");
 $q->execute();
 while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 	$cat[$r->id] = $r->category;
 }
 $dkeys = array_keys($div);
 $ckeys = array_keys($cat);
 if ($config['filterdivisionbycategory'] == 'yes') {
 	$q = $pdo->prepare("SELECT * FROM projectcategoriesdivisions_link WHERE year='" . $config['FAIRYEAR'] . "' ORDER BY projectdivisions_id,projectcategories_id");
 	$q->execute();
 	$divcat = array();
 	while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 		$divcat[] = array('c' => $r->projectcategories_id, 'd' => $r->projectdivisions_id);
 	}
-
+} else {
-	$cat = array();
+	$divcat = array();
-	$q=mysql_query("SELECT * FROM projectcategories WHERE conferences_id='".$conference['id']."' ORDER BY id");
+	foreach ($dkeys AS $d) {
-	while($r=mysql_fetch_object($q)) {
+		foreach ($ckeys AS $c) {
-		$cat[$r->id]=$r->category;
+			$divcat[] = array('c' => $c, 'd' => $d);
 	}
 	$dkeys = array_keys($div);
 	$ckeys = array_keys($cat);
 	if($config['filterdivisionbycategory']=="yes") {
 		$q=mysql_query("SELECT * FROM projectcategoriesdivisions_link WHERE conferences_id='".$conference['id']."' ORDER BY projectdivisions_id,projectcategories_id");
 		$divcat=array();
 		while($r=mysql_fetch_object($q)) {
 			$divcat[]=array("c"=>$r->projectcategories_id,"d"=>$r->projectdivisions_id);
 		}
 	}
 	else {
 		$divcat=array();
 		foreach($dkeys AS $d) {
 			foreach($ckeys AS $c) {
 				$divcat[]=array("c"=>$c,"d"=>$d);
 			}
 		}
 	}
-	
+}
 	$langr = array();
 	$q=mysql_query("SELECT * FROM languages WHERE active='Y'");
 	while($r=mysql_fetch_object($q)) {
 		$langr[$r->lang] = $r->langname;
 	}
 $langr = array();
 $q = $pdo->prepare("SELECT * FROM languages WHERE active='Y'");
 $q->execute();
 while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 	$langr[$r->lang] = $r->langname;
 }
 function get_all_divs()
 {
-	global $config, $conference;
+	global $config, $pdo;
-	global $divshort, $div,$cat, $langr;
+	global $divshort, $div, $cat, $langr;
 	global $divcat;
 	$cdlcheck = array();
 	$cdl = array();
-	$q=mysql_query("SELECT * FROM judges_jdiv");
+	$q = $pdo->prepare('SELECT * FROM judges_jdiv');
-	while($r=mysql_fetch_object($q)) {
+	$q->execute();
 	while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 		$cdl[$r->id]['id'] = $r->id;
 		$cdl[$r->id]['jdiv'] = $r->jdiv_id;
 		$cdl[$r->id]['div'] = $r->projectdivisions_id;
@ -119,29 +121,32 @@ function get_all_divs()
 	$catkeys = array_keys($cat);
 	$lankeys = array_keys($langr);
-	foreach($divcat AS $dc) {
+	foreach ($divcat AS $dc) {
-		$y=$dc['d'];
+		$y = $dc['d'];
-		$x=$dc['c'];
+		$x = $dc['c'];
-		foreach($lankeys as $z) {
+		foreach ($lankeys as $z) {
-			if($cdlcheck[$x][$y][$z] == 1)
+			if ($cdlcheck[$x][$y][$z] == 1)
 				continue;
-			/* Also, make an entry in the DB, so that this isn't 
+			/*
-			 * unassigned anymore */
+			 * Also, make an entry in the DB, so that this isn't
-			mysql_query("INSERT INTO judges_jdiv (id, jdiv_id, projectdivisions_id, projectcategories_id, lang) ".
+			 * unassigned anymore
-					" VALUES('', 0, '$y', '$x', '$z')"); 
+			 */
-			$q = mysql_query("SELECT id FROM judges_jdiv WHERE ".
+			$stmt = $pdo->prepare('INSERT INTO judges_jdiv (id, jdiv_id, projectdivisions_id, projectcategories_id, lang) '
-					" projectdivisions_id='$y' ".
+				. " VALUES('', 0, '$y', '$x', '$z')");
-					" AND projectcategories_id='$x' ".
+			$stmt->execute();
-					" AND lang='$z' ");
+			$q = $pdo->prepare('SELECT id FROM judges_jdiv WHERE '
-			$r = mysql_fetch_object($q);
+				. " projectdivisions_id='$y' "
 				. " AND projectcategories_id='$x' "
 				. " AND lang='$z' ");
 			$q->execute();
 			$r = $q->fetch(PDO::FETCH_OBJ);
 			$cdl[$r->id]['id'] = $r->id;
-			$cdl[$r->id]['jdiv'] = 0; /* Unassigned */
+			$cdl[$r->id]['jdiv'] = 0;  /* Unassigned */
 			$cdl[$r->id]['cat'] = $x;
 			$cdl[$r->id]['div'] = $y;
 			$cdl[$r->id]['lang'] = $z;
 		}
 		reset($lankeys);
 	}
@ -149,184 +154,191 @@ function get_all_divs()
 	/* Make names for all the DCLs, and count the number of projects */
 	$dkeys = array_keys($cdl);
-	foreach($dkeys as $id) {
+	foreach ($dkeys as $id) {
 		$x = $cat[$cdl[$id]['cat']];
 		$y = $divshort[$cdl[$id]['div']];
 		$z = $div[$cdl[$id]['div']];
-		$q = mysql_query("SELECT count(projects.id) AS cnt FROM projects,registrations WHERE ".
+		$q = $pdo->prepare('SELECT count(projects.id) AS cnt FROM projects,registrations WHERE '
-			" projectdivisions_id='{$cdl[$id]['div']}' ".
+			. " projectdivisions_id='{$cdl[$id]['div']}' "
-			" AND projectcategories_id='{$cdl[$id]['cat']}' ".
+			. " AND projectcategories_id='{$cdl[$id]['cat']}' "
-			" AND language='{$cdl[$id]['lang']}' ".
+			. " AND language='{$cdl[$id]['lang']}' "
-			" AND registrations.conferences_id='{$conference['id']}'".
+			. " AND registrations.year='{$config['FAIRYEAR']}'"
-			" AND projects.registrations_id=registrations.id".
+			. ' AND projects.registrations_id=registrations.id'
-			" AND (registrations.status='complete' OR registrations.status='paymentpending')");
+			. " AND (registrations.status='complete' OR registrations.status='paymentpending')");
 		$q->execute();
-		$r = mysql_fetch_object($q);
+		$r = $q->fetch(PDO::FETCH_OBJ);
-		echo mysql_error();
+		show_pdo_errors_if_any($pdo);
 		$c = $r->cnt;
-		$cdl[$id]['name'] = "$x $y ({$cdl[$id]['lang']}) ($c project".($c==1?'':'s').")";
+		$cdl[$id]['name'] = "$x $y ({$cdl[$id]['lang']}) ($c project" . ($c == 1 ? '' : 's') . ')';
-		$cdl[$id]['lname'] = "$x $z ({$cdl[$id]['lang']}) ($c project".($c==1?'':'s').")";
+		$cdl[$id]['lname'] = "$x $z ({$cdl[$id]['lang']}) ($c project" . ($c == 1 ? '' : 's') . ')';
 		$cdl[$id]['projects'] = $c;
 	}
 	return $cdl;
 }
-	if($_POST['action']=="add" && $_POST['jdiv_id'] && count($_POST['cdllist'])>0)
+if (get_value_from_array($_POST, 'action') == 'add' && get_value_from_array($_POST, 'jdiv_id') && count(get_value_from_array($_POST, 'cdllist', [])) > 0) {
-	{
+	foreach ($_POST['cdllist'] AS $selectedcdl) {
-		foreach($_POST['cdllist'] AS $selectedcdl) {
+		$q = $pdo->prepare("UPDATE judges_jdiv SET jdiv_id='{$_POST['jdiv_id']}' WHERE "
-			$q=mysql_query("UPDATE judges_jdiv SET jdiv_id='{$_POST['jdiv_id']}' WHERE ".
+			. " id='$selectedcdl' ");
-						" id='$selectedcdl' ");
+		$q->execute();
 		}
 		echo happy(i18n("Judging Division(s) successfully added"));
 	}
 	echo happy(i18n('Judging Division(s) successfully added'));
 }
-	if($_GET['action']=="del" && $_GET['cdl_id']) {
+if (get_value_from_array($_GET, 'action') == 'del' && get_value_from_array($_GET, 'cdl_id')) {
-		mysql_query("UPDATE judges_jdiv SET jdiv_id=0 WHERE id='{$_GET['cdl_id']}'");
+	$stmt = $pdo->prepare("UPDATE judges_jdiv SET jdiv_id=0 WHERE id='{$_GET['cdl_id']}'");
 	$stmt->execute();
 }
 if (get_value_from_array($_GET, 'action') == 'empty' && get_value_from_array($_GET, 'jdiv_id')) {
 	$stmt = $pdo->prepare("UPDATE judges_jdiv SET jdiv_id=0 WHERE jdiv_id='{$_GET['jdiv_id']}' ");
 	$stmt->execute();
 	echo happy(i18n('Emptied all divisions from Judging Division Group %1', array($_GET['jdiv_id'])));
 }
 if (get_value_from_array($_GET, 'action') == 'recreate') {
 	// just delete them all, they'll be recreated automagically
 	$stmt = $pdo->prepare('TRUNCATE TABLE judges_jdiv');
 	$stmt->execute();
 	echo happy(i18n('Recreated all division/category/language options'));
 }
 /* Sort out all the judging divisions */
 $cdl = get_all_divs();
 $dkeys = array_keys($cdl);
 /*
 * Count the divisions, or, use the posted variable so we can create new
 * and empty judging divisions
 */
 if (get_value_from_array($_POST, 'jdivs') > 0) {
 	$jdivs = $_POST['jdivs'];
 } else {
 	$jdivs = 0;
 	foreach ($dkeys as $d) {
 		if ($cdl[$d]['jdiv'] > $jdivs)
 			$jdivs = $cdl[$d]['jdiv'];
 	}
 }
-	if($_GET['action']=="empty" && $_GET['jdiv_id']) {
+reset($dkeys);
-		mysql_query("UPDATE judges_jdiv SET jdiv_id=0 WHERE jdiv_id='{$_GET['jdiv_id']}' ");
+$showdivlist = false;
-		echo happy(i18n("Emptied all divisions from Judging Division Group %1",array($_GET['jdiv_id'])));
+foreach ($dkeys as $id) {
 	if ($cdl[$id]['jdiv'] == 0) {
 		$showdivlist = true;
 		break;
 	}
 }
-	if($_GET['action']=="recreate") {
+echo '<form name="jdivs" method="post" action="judges_jdiv.php">';
-		//just delete them all, they'll be recreated automagically
+echo '<input type="hidden" name="action">';
-		mysql_query("TRUNCATE TABLE judges_jdiv");
+echo "<input type=\"hidden\" name=\"jdivs\" value=\"$jdivs\">";
-		echo happy(i18n("Recreated all division/category/language options"));
+echo '<input type="hidden" name="jdiv_id">';
-	}
+echo '<input type="hidden" name="judges_id">';
 echo '<table width="100%">';
 echo '<tr>';
 if ($showdivlist) {
 	echo '<th width="25%">' . i18n('Division List');
 	echo '<br />';
 	echo '</th>';
 }
 echo '<th>' . i18n('Judging Division Groups') . '</th>';
 echo '</tr>';
 echo '<tr>';
-	/* Sort out all the judging divisions */
+if ($showdivlist) {
-	$cdl = get_all_divs();
+	echo '<td valign="top">';
-
+	echo '<select name="cdllist[]" multiple="multiple" style="width: 300px; height: 600px;">';
-	$dkeys = array_keys($cdl);
+	/* Print the list of all unassigned divs */
 	/* Count the divisions, or, use the posted variable so we can create new 
 	 * and empty judging divisions */
 	if($_POST['jdivs'] > 0) { 
 		$jdivs = $_POST['jdivs'];
 	} else {
 		$jdivs = 0;
 		foreach($dkeys as $d) {
 			if($cdl[$d]['jdiv'] > $jdivs) $jdivs = $cdl[$d]['jdiv'];
 		}
 	}
 	reset($dkeys);
-	$showdivlist=false;
+	foreach ($dkeys as $id) {
-	foreach($dkeys as $id) {
+		if ($cdl[$id]['jdiv'] != 0)
-		if($cdl[$id]['jdiv'] == 0){ $showdivlist=true; break; }
+			continue;
 		echo "<option value=\"$id\">{$cdl[$id]['name']}</option>\n";
 	}
 	echo '</select>';
 	echo '</td>';
 }
 echo '<td valign="top">';
 /* Print he groupings of the assigned ones */
 for ($jdiv = 1; $jdiv <= $jdivs; $jdiv++) {
 	echo '<hr>';
 	echo '<table width="100%">';
 	echo '<tr><td valign=top width="80">';
 	if ($showdivlist) {
 		echo "<input onclick=\"addbuttonclicked('$jdiv')\" type=\"button\" value=\"Add &gt;&gt;\"><br />";
 	}
 	echo '<br />';
 	echo "<a onclick=\"return confirmClick('Are you sure you want to empty all the divisions from this grouping?')\" href=\"judges_jdiv.php?action=empty&jdiv_id=$jdiv \">";
 	echo '<img border=0 src="' . $config['SFIABDIRECTORY'] . '/images/16/button_cancel.' . $config['icon_extension'] . '">';
 	echo ' ' . i18n('Empty') . ' ';
 	echo '</a>';
 	echo '</td><td>';
 	$p = 0;
 	reset($dkeys);
 	foreach ($dkeys as $id) {
 		if ($cdl[$id]['jdiv'] != $jdiv)
 			continue;
 		$p += $cdl[$id]['projects'];
 	}
 	echo "<table class=\"tableedit\" width=\"95%\">\n";
 	echo "<tr><th colspan=\"2\" align=\"left\">Judging Division $jdiv ($p project" . ($p == 1 ? '' : 's') . ')';
 	echo "</th></tr>\n";
-	echo "<form name=\"jdivs\" method=\"post\" action=\"judges_jdiv.php\">";
+	$x = 0;
-	echo "<input type=\"hidden\" name=\"action\">";
+	reset($dkeys);
-	echo "<input type=\"hidden\" name=\"jdivs\" value=\"$jdivs\">";
+	foreach ($dkeys as $id) {
-	echo "<input type=\"hidden\" name=\"jdiv_id\">";
+		if ($cdl[$id]['jdiv'] != $jdiv)
-	echo "<input type=\"hidden\" name=\"judges_id\">";
+			continue;
 	echo "<table width=\"100%\">";
 	echo "<tr>";
-	if($showdivlist) {
+		echo '<tr><td>';
-		echo "<th width=\"25%\">".i18n("Division List");
+		echo "<a href=\"judges_jdiv.php?action=del&cdl_id=$id\"><img border=0 src=\"" . $config['SFIABDIRECTORY'] . '/images/16/button_cancel.' . $config['icon_extension'] . '"></a>';
-		echo "<br />";
+		echo '</td><td width="100%">';
-		echo "</th>";
+
 		echo $cdl[$id]['lname'];
 		echo '</td></tr>';
 		$x++;
 	}
 	echo "<th>".i18n("Judging Division Groups")."</th>";
 	echo "</tr>";
 	echo "<tr>";
-	if($showdivlist) {
+	if ($x) {
-		echo "<td valign=\"top\">";
+		echo '<tr><td colspan="2">';
-		echo "<select name=\"cdllist[]\" multiple=\"multiple\" style=\"width: 300px; height: 600px;\">";
+		//			echo "<a onclick=\"return confirmClick('Are you sure you want to empty all the divisions from this grouping?')\" href=\"judges_jdiv.php?action=empty&jdiv_id=$jdiv \">";
-		/* Print the list of all unassigned divs */
+		//			echo " ".i18n("Empty All Divisions")." ";
-		reset($dkeys);
+		//			echo "<img border=0 src=\"".$config['SFIABDIRECTORY']."/images/16/button_cancel.".$config['icon_extension']."\">";
-		foreach($dkeys as $id) {
+		//			echo "</a>";
-			if($cdl[$id]['jdiv'] != 0) continue;
+		echo '</td></tr>';
-			echo "<option value=\"$id\">{$cdl[$id]['name']}</option>\n";
+	} else {
-		}
+		echo '<tr><td colspan="2">';
-		echo "</select>";
+		echo error(i18n('No divisions present'), 'inline');
-		echo "</td>";
+		echo '</td></tr>';
 	}
 	echo "<td valign=\"top\">";
-	/* Print he groupings of the assigned ones */
+	echo '</table>';
 	for($jdiv = 1; $jdiv <= $jdivs; $jdiv++) {
 		echo "<hr>";
-		echo "<table width=\"100%\">";
+	echo '</td></tr></table>';
-		echo "<tr><td valign=top width=\"80\">";
+}
-		if($showdivlist) {
+echo '<hr><input onclick="newbuttonclicked(\'' . ($jdivs + 1) . '\')" type="button" value="New Judging Divsion Group">';
 			echo "<input onclick=\"addbuttonclicked('$jdiv')\" type=\"button\" value=\"Add &gt;&gt;\"><br />";
 		}
 		echo "<br />";
 		echo "<a onclick=\"return confirmClick('Are you sure you want to empty all the divisions from this grouping?')\" href=\"judges_jdiv.php?action=empty&jdiv_id=$jdiv \">";
 		echo "<img border=0 src=\"".$config['SFIABDIRECTORY']."/images/16/button_cancel.".$config['icon_extension']."\">";		
 		echo " ".i18n("Empty")." ";
 		echo "</a>";
 echo '<br />';
-		echo "</td><td>";
+echo '</td></tr>';
-
+echo '</table>';
-		$p = 0;
+echo '</form>';
 		reset($dkeys);
 		foreach($dkeys as $id) {
 			if($cdl[$id]['jdiv'] != $jdiv) continue;
 			$p += $cdl[$id]['projects'];
 		}
 		echo "<table class=\"tableedit\" width=\"95%\">\n";
 		echo "<tr><th colspan=\"2\" align=\"left\">Judging Division $jdiv ($p project".($p==1?'':'s').")";
 		echo "</th></tr>\n";
 		$x = 0;
 		reset($dkeys);
 		foreach($dkeys as $id) {
 			if($cdl[$id]['jdiv'] != $jdiv) continue;
 			echo "<tr><td>";
 			echo "<a href=\"judges_jdiv.php?action=del&cdl_id=$id\"><img border=0 src=\"".$config['SFIABDIRECTORY']."/images/16/button_cancel.".$config['icon_extension']."\"></a>";
 			echo "</td><td width=\"100%\">";
 			echo $cdl[$id]['lname'];
 			echo "</td></tr>";
 			$x++;
 		}
 		if($x) {
 			echo "<tr><td colspan=\"2\">";
 //			echo "<a onclick=\"return confirmClick('Are you sure you want to empty all the divisions from this grouping?')\" href=\"judges_jdiv.php?action=empty&jdiv_id=$jdiv \">";
 //			echo " ".i18n("Empty All Divisions")." ";
 //			echo "<img border=0 src=\"".$config['SFIABDIRECTORY']."/images/16/button_cancel.".$config['icon_extension']."\">";
 //			echo "</a>";
 			echo "</td></tr>";
 		} else {
 			echo "<tr><td colspan=\"2\">";
 			echo error(i18n("No divisions present"),"inline");
 			echo "</td></tr>";
 		}
 		echo "</table>";
 		echo "</td></tr></table>";
 	}
 	echo "<hr><input onclick=\"newbuttonclicked('".($jdivs+1)."')\" type=\"button\" value=\"New Judging Divsion Group\">";
 	echo "<br />";
 	echo "</td></tr>";
 	echo "</table>";
 	echo "</form>";
 	echo "<br />";
 	echo "<a onclick=\"return confirmClick('".i18n("Are you sure you want to empty all groupings and re-create the options")."')\" href=\"judges_jdiv.php?action=recreate\">".i18n("Re-create all division/category/language options")."</a>.  ".i18n("This will completely empty ALL of your groupings and recreate all the possibly division/category/language options.  Do this if for example you end up with a division/category that should not exist (due to the config option to filter divisions by category, or due to changing your divisions/categories alltogether)");
 	echo "<br />";
 	echo "<br />";
 	send_footer();
 echo '<br />';
 echo '<a onclick="return confirmClick(\'' . i18n('Are you sure you want to empty all groupings and re-create the options') . '\')" href="judges_jdiv.php?action=recreate">' . i18n('Re-create all division/category/language options') . '</a>.  ' . i18n('This will completely empty ALL of your groupings and recreate all the possibly division/category/language options.  Do this if for example you end up with a division/category that should not exist (due to the config option to filter divisions by category, or due to changing your divisions/categories alltogether)');
 echo '<br />';
 echo '<br />';
 send_footer();
 ?>
--- a/admin/judges_sa.php
+++ b/admin/judges_sa.php
--- a/admin/judges_sa_launcher.php
+++ b/admin/judges_sa_launcher.php
@ -1,55 +1,57 @@
 <?
-require_once('../common.inc.functions.php');
+
-$logPath = get_logpath();
+// make sure logs folder exists, and htaccess it to deny access
 if (!file_exists('../data/logs'))
 	@mkdir('../data/logs');
 if (!file_exists('../data/logs/.htaccess'))
 	@file_put_contents('../data/logs/.htaccess', "Order Deny,Allow\r\nDeny From All\r\n");
 //   Check which OS we are running
-$pos = strpos(getcwd(),'/');
+$pos = strpos(getcwd(), '/');
-if($pos === false)
+if ($pos === false) {
-	{
+	// Windows os server.
 	// Windows os server. 
 	// if IIS Web Server use WScript.Shell 'run' command and.. we need a batch file to start a process and return immediately
-	$bat_filename = "../data/judges_sa.bat";
+	$bat_filename = '../data/judges_sa.bat';
-	if(file_exists($bat_filename)){
+	if (file_exists($bat_filename)) {
-	// delete the batch file then re-create it with the current date
+		// delete the batch file then re-create it with the current date
-	unlink($bat_filename);
+		unlink($bat_filename);
 	}
-	$bat_file = fopen($bat_filename, "w");
+	$bat_file = fopen($bat_filename, 'w');
-	if($bat_file) {
+	if ($bat_file) {
-      	fwrite($bat_file, "ECHO OFF"."\n");
+		fwrite($bat_file, 'ECHO OFF' . "\n");
-        fwrite($bat_file, "START /BELOWNORMAL /B php judges_sa.php >$logPath/judge_scheduler_".date("YmdHis").".log 2>&1 &"."\n");
+		fwrite($bat_file, 'START /BELOWNORMAL /B php judges_sa.php >../data/logs/judge_scheduler_' . date('YmdHis') . '.log 2>&1 &' . "\n");
-        fwrite($bat_file, "EXIT"."\n");
+		fwrite($bat_file, 'EXIT' . "\n");
-  	 	fclose($bat_file);
+		fclose($bat_file);
 	}
-	$WshShell = new COM("WScript.Shell");
+	$WshShell = new COM('WScript.Shell');
 	//  next line designed for Windows os with IIS web server. It will probably fail if Windows using apache web server
 	try {
-		$oExec = $WshShell->run($bat_filename,0,false );     // THIS SHOULD WORK for windows using IIS as webserver. 
+		$oExec = $WshShell->run($bat_filename, 0, false);  // THIS SHOULD WORK for windows using IIS as webserver.
-	}
+	} catch (Exception $e) {
 	catch (Exception $e) {
 		//  if the wshshell-> run fails then we are perhaps running an apache server and the next might work.
 		//  But, the call in judges_sa_launcher_apache.php does not return until completed so I use this logic
 		//  to inform the user how to get to the status page.
 		//	CAUTION:  This path REQUIRES that php be compiled with CLI option and other things Dennis does not understand!
 		//  This may work for some servers.    NEVER use this on a shared server - you will hog it and get your account suspended.
-		echo " This server requires manual intervention to start the scheduler and to navigate to the Status page.<br/>";
+		echo ' This server requires manual intervention to start the scheduler and to navigate to the Status page.<br/>';
-		echo " The scheduler will run at normal priority - which in some servers may present a sluggish response.<br />";
+		echo ' The scheduler will run at normal priority - which in some servers may present a sluggish response.<br />';
-		echo " Please follow these instruction exactly:<br />";
+		echo ' Please follow these instruction exactly:<br />';
 		echo " 1. Click 'Start the Scheduler' link ONCE. (You will not see any change in this screen) <br />";
 		echo "       *** DO NOT Click 'Start the Scheduler' more than once!<br />";
 		echo " 2. Click 'Check the Status' link and wait. (You will be taken to the Status Page. There, you should see that the scheduler is running.) <br />";
-		echo "<br /><a href=\"judges_sa_launcher_apache.php\">Start the Scheduler</a><br /><br />";
+		echo '<br /><a href="judges_sa_launcher_apache.php">Start the Scheduler</a><br /><br />';
-		echo "<a href=\"judges_scheduler_status.php\">Check the Status</a><br />";
+		echo '<a href="judges_scheduler_status.php">Check the Status</a><br />';
 		exit;
-	 // This is the call that works - but it does not return until judges_sa is finished so... I launch it from another window
+		// This is the call that works - but it does not return until judges_sa is finished so... I launch it from another window
-		//	exec("php judges_sa.php >$logPath/judge_scheduler_".date("YmdHis").".log 2>&1 &");
+		//	exec("php judges_sa.php >../data/logs/judge_scheduler_".date("YmdHis").".log 2>&1 &");
 	}
-}
+} else {
 else{
 	// *nix server
-//add PHP_SELF just so when we do a process listing on the server we know which fair its running for
+	// add PHP_SELF just so when we do a process listing on the server we know which fair its running for
-//the argument does not get used by the script at all
+	// the argument does not get used by the script at all
-exec("nice php judges_sa.php {$_SERVER['PHP_SELF']} > $logPath/judge_scheduler_".date("YmdHis").".log 2>&1 &");
+	exec("nice php judges_sa.php {$_SERVER['PHP_SELF']} >../data/logs/judge_scheduler_" . date('YmdHis') . '.log 2>&1 &');
 }
-usleep(1500000); // 1.5 second to allow the judges_sa to update the % status to 0% otherwise the status page will think its not running if it gets there too soon
+// usleep(1500000); // 1.5 second to allow the judges_sa to update the % status to 0% otherwise the status page will think its not running if it gets there too soon
-header("Location: judges_scheduler_status.php");
+header('Location: judges_scheduler_status.php');
 exit;
 ?>
--- a/admin/judges_sa_launcher_apache.php
+++ b/admin/judges_sa_launcher_apache.php
@ -1,8 +1,6 @@
 <?php
 require_once('../common.inc.functions.php');
 $logPath = get_logpath();
 //  In Windows OS with Apache server this exec call will start judges_sa.php as a separate process but the call to exec() does not return until the scheduler completes. Note the process runs at normal priority. Status can be checked with judges_scheduler_status.php. This is a temporary solution for Windows / Apache
-exec("php judges_sa.php >$logPath/judge_scheduler_".date("YmdHis").".log 2>&1 &");
+exec('php judges_sa.php >../data/logs/judge_scheduler_' . date('YmdHis') . '.log 2>&1 &');
 exit;
 ?>
--- a/admin/judges_scheduler_status.php
+++ b/admin/judges_scheduler_status.php
@ -1,34 +1,33 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ *    SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ *    Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ *    Copyright (C) 2005 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ *    This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *    modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *    License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ *    This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ *    but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this pr<input type=\"submit\" value=\"".i18n("Save Configuration")."\" />\n";
+ *    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-ogram; see the file COPYING.  If not, write to
+ *     General Public License for more details.
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *
-   Boston, MA 02111-1307, USA.
+ *    You should have received a copy of the GNU General Public License
-*/
+ *    along with this program; see the file COPYING.  If not, write to
 *    the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 *    Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- send_header("Scheduler Status",
+send_header('Scheduler Status',
- 		array('Committee Main' => 'committee_main.php',
+	array('Committee Main' => 'committee_main.php',
-			'Administration' => 'admin/index.php',
+		'Administration' => 'admin/index.php',
-			'Judges' => 'admin/judges.php')
+		'Judges' => 'admin/judges.php'));
 				);
 ?>
 <script type="text/javascript">
@ -126,33 +125,31 @@ function format_duration(seconds) {
 </script>
 <?
-if($config['judge_scheduler_percent']=="-1") {
+if ($config['judge_scheduler_percent'] == '-1') {
-	echo i18n("The judge scheduler is not currently running");
+	echo i18n('The judge scheduler is not currently running');
-	echo "<br />";
+	echo '<br />';
-	echo "<br />";
+	echo '<br />';
-	echo "<a href=\"judges_schedulerconfig.php\">".i18n("Judges Scheduler Configuration")."</a>";
+	echo '<a href="judges_schedulerconfig.php">' . i18n('Judges Scheduler Configuration') . '</a>';
 } else {
 	echo '<table>';
 	echo '<tr><td>' . i18n('Scheduler status') . ':</td><td><div id="schedulerstatus" style="font-weight: bold;"></div></td></tr>';
 	echo '<tr><td>' . i18n('Scheduler percent') . ':</td><td><div id="schedulerpercent" style="font-weight: bold;"></div></td></tr>';
 	echo '<tr><td>' . i18n('Scheduler ETA') . ':</td><td><div id="schedulereta" style="font-weight: bold;"></div></td></tr>';
 	echo '<tr><td align="center" colspan="2"><div id="updatestatus" style="font-weight: bold; text-align: center;"></div></td></tr>';
 	echo '</table>';
 	echo '<br />';
 	echo i18n('When scheduling is finished, the following links will be useful');
 	echo '<br />';
 	echo '<a href="judges_teams.php">' . i18n('Manage Judge Teams') . '</a>';
 	echo '<br />';
 	echo '<a href="judges_teams_members.php">' . i18n('Manage Judge Members') . '</a>';
 	echo '<br />';
 	echo '<a href="reports.php">' . i18n('Print/Export Reports') . '</a>';
 	echo '<br />';
 	echo '<br />';
 	echo "Note: If you are using Windows Internet Explorer and do not see status updates do this:<br /> Click menu bar 'Tools' then 'Internet Options'.<br /> In the 'General' Tab under 'Browsing history' click 'Settings'.<br /> Under 'Check for newer versions of stored pages:'<br /> Select the option 'Every time I visit the webpage'.<br /> Click OK then OK";
 }
-else {
+send_footer();
 echo "<table>";
 echo "<tr><td>".i18n("Scheduler status").":</td><td><div id=\"schedulerstatus\" style=\"font-weight: bold;\"></div></td></tr>";
 echo "<tr><td>".i18n("Scheduler percent").":</td><td><div id=\"schedulerpercent\" style=\"font-weight: bold;\"></div></td></tr>";
 echo "<tr><td>".i18n("Scheduler ETA").":</td><td><div id=\"schedulereta\" style=\"font-weight: bold;\"></div></td></tr>";
 echo "<tr><td align=\"center\" colspan=\"2\"><div id=\"updatestatus\" style=\"font-weight: bold; text-align: center;\"></div></td></tr>";
 echo "</table>";
 echo "<br />";
 echo i18n("When scheduling is finished, the following links will be useful");
 echo "<br />";
 echo "<a href=\"judges_teams.php\">".i18n("Manage Judge Teams")."</a>";
 echo "<br />";
 echo "<a href=\"judges_teams_members.php\">".i18n("Manage Judge Members")."</a>";
 echo "<br />";
 echo "<a href=\"reports.php\">".i18n("Print/Export Reports")."</a>";
 echo "<br />";
 echo "<br />";
 echo "Note: If you are using Windows Internet Explorer and do not see status updates do this:<br /> Click menu bar 'Tools' then 'Internet Options'.<br /> In the 'General' Tab under 'Browsing history' click 'Settings'.<br /> Under 'Check for newer versions of stored pages:'<br /> Select the option 'Every time I visit the webpage'.<br /> Click OK then OK"; 
 }
 send_footer();
 ?>
--- a/admin/judges_scheduler_status_output.php
+++ b/admin/judges_scheduler_status_output.php
@ -1,14 +1,16 @@
 <?
-include "../data/config.inc.php";
+include '../data/config.inc.php';
-mysql_connect($DBHOST,substr($DBUSER,0,16),$DBPASS);
+include '../common.inc.php';
 mysql_select_db($DBNAME);
 $q=mysql_query("SELECT val FROM config WHERE year='0' AND var='judge_scheduler_percent'");
 $r=mysql_fetch_object($q);
 $percent=$r->val;
-$q=mysql_query("SELECT val FROM config WHERE year='0' AND var='judge_scheduler_activity'");
+$q = $pdo->prepare("SELECT val FROM config WHERE year='0' AND var='judge_scheduler_percent'");
-$r=mysql_fetch_object($q);
+$q->execute();
-$status=$r->val;
+$r = $q->fetch(PDO::FETCH_OBJ);
 $percent = $r->val;
 $q = $pdo->prepare("SELECT val FROM config WHERE year='0' AND var='judge_scheduler_activity'");
 $q->execute();
 $r = $q->fetch(PDO::FETCH_OBJ);
 $status = $r->val;
 echo "$percent:$status\n";
 ?>
--- a/admin/judges_schedulerconfig.php
+++ b/admin/judges_schedulerconfig.php
@ -1,165 +1,154 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ *    SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ *    Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ *    Copyright (C) 2005 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ *    This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *    modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *    License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ *    This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ *    but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this pr<input type=\"submit\" value=\"".i18n("Save Configuration")."\" />\n";
+ *    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-ogram; see the file COPYING.  If not, write to
+ *     General Public License for more details.
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *
-   Boston, MA 02111-1307, USA.
+ *    You should have received a copy of the GNU General Public License
-*/
+ *    along with this pr<input type=\"submit\" value=\"".i18n("Save Configuration")."\" />\n";
 * ogram; see the file COPYING.  If not, write to
 *    the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 *    Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- require("../config_editor.inc.php");
+require ('../config_editor.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- require("judges.inc.php");
+require ('judges.inc.php');
- require("judges_schedulerconfig_check.inc.php");
+require ('judges_schedulerconfig_check.inc.php');
- $action = config_editor_handle_actions("Judge Scheduler", $conference['id'], "var");
+$action = config_editor_handle_actions('Judge Scheduler', $config['FAIRYEAR'], 'var');
- if($action == 'update') {
+if ($action == 'update') {
- 	header("Location: judges_schedulerconfig.php");
+	header('Location: judges_schedulerconfig.php');
 	exit;
- }
+}
- send_header("Judge Scheduler Configuration",
+send_header('Judge Scheduler Configuration',
- 		array('Committee Main' => 'committee_main.php',
+	array('Committee Main' => 'committee_main.php',
-			'Administration' => 'admin/index.php',
+		'Administration' => 'admin/index.php',
-			'Judges' => 'admin/judges.php')
+		'Judges' => 'admin/judges.php'));
 				);
- config_editor("Judge Scheduler", $conference['id'], "var", $_SERVER['PHP_SELF']);
+config_editor('Judge Scheduler', $config['FAIRYEAR'], 'var', $_SERVER['PHP_SELF']);
- echo "<hr />";
+echo '<hr />';
- if($_GET['action']=="reset")
+if (get_value_from_array($_GET, 'action') == 'reset') {
- {
+	$stmt = $pdo->prepare("UPDATE config SET `val`='-1' WHERE `var`='judge_scheduler_percent' AND `year`=0");
- 	mysql_query("UPDATE config SET `val`='-1' WHERE `var`='judge_scheduler_percent' AND `year`=0");
+	$stmt->execute();
-	$config['judge_scheduler_percent']="-1";
+	$config['judge_scheduler_percent'] = '-1';
-	echo happy(i18n("Judge scheduler status forcibly reset"));
+	echo happy(i18n('Judge scheduler status forcibly reset'));
- }
+}
-if($config['judge_scheduler_percent']=="-1")
+if ($config['judge_scheduler_percent'] == '-1') {
-{
+	$ok = 1;
 $ok = 1;
 	echo "<table class='headertable'><tr><td><h3>Timeslots</h3></td>";
-	echo "<td> - <a href=\"judges_timeslots.php\">".i18n("Timeslot Manager")."</a>";
+	echo '<td> - <a href="judges_timeslots.php">' . i18n('Timeslot Manager') . '</a>';
-	echo "</td></tr></table>";
+	echo '</td></tr></table>';
 	$timeslots = judges_scheduler_check_timeslots();
-	if($timeslots > 0) {
+	if ($timeslots > 0) {
-		echo happy(i18n("There are %1 timeslot(s) defined for divisional judging, good", array($timeslots)));
+		echo happy(i18n('There are %1 timeslot(s) defined for divisional judging, good', array($timeslots)));
 	} else {
-		echo error(i18n("There are no timeslots defined for divisional judging"));
+		echo error(i18n('There are no timeslots defined for divisional judging'));
 		$ok = 0;
 	}
-	if($config['scheduler_enable_sa_scheduling'] == 'yes') {
+	if ($config['scheduler_enable_sa_scheduling'] == 'yes') {
 		$timeslots = judges_scheduler_check_timeslots_sa();
-		if($timeslots > 0) {
+		if ($timeslots > 0) {
-			echo happy(i18n("There are %1 timeslot(s) defined for special awards judging, good", array($timeslots)));
+			echo happy(i18n('There are %1 timeslot(s) defined for special awards judging, good', array($timeslots)));
 		} else {
-			echo error(i18n("There are no timeslots defined for special awards judging (but the scheduler is configured to do special awards judging)"));
+			echo error(i18n('There are no timeslots defined for special awards judging (but the scheduler is configured to do special awards judging)'));
 			$ok = 0;
 		}
 	}
 	echo "<table class='headertable'><tr><td><h3>Awards</h3></td>";
-	echo "<td> - <a href=\"awards.php\">".i18n("Awards Manager")."</a>";
+	echo '<td> - <a href="awards.php">' . i18n('Awards Manager') . '</a>';
-	echo "</td></tr></table>";
+	echo '</td></tr></table>';
 	$missing_awards = judges_scheduler_check_awards();
-	if(count($missing_awards) == 0) {
+	if (count($missing_awards) == 0) {
-		echo happy(i18n("There is a single divisional award for each division/category, good"));
+		echo happy(i18n('There is a single divisional award for each division/category, good'));
 	} else {
-		echo "<br />The following divisional awards problems were identified:<br /><ul>";
+		echo '<br />The following divisional awards problems were identified:<br /><ul>';
-		for($x=0; $x<count($missing_awards); $x++) {
+		for ($x = 0; $x < count($missing_awards); $x++) {
-			print($missing_awards[$x]."<br />");
+			print ($missing_awards[$x] . '<br />');
 		}
-		echo "</ul>";
+		echo '</ul>';
-		echo error(i18n("There needs to be exactly one award for each division/category"));
+		echo error(i18n('There needs to be exactly one award for each division/category'));
 		$ok = 0;
 	}
 	echo "<table class='headertable'><tr><td><h3>Divisional Judging Groupings</h3></td>";
-	echo "<td> - <a href=\"judges_jdiv.php\">".i18n("Divisional Judging Groupings Manager")."</a>";
+	echo '<td> - <a href="judges_jdiv.php">' . i18n('Divisional Judging Groupings Manager') . '</a>';
-	echo "</td></tr></table>";
+	echo '</td></tr></table>';
 	$jdivs = judges_scheduler_check_jdivs();
-	if($jdivs > 1) {
+	if ($jdivs > 1) {
-		echo happy(i18n("There are %1 divisional groups defined for divisional judging, good", array($jdivs)));
+		echo happy(i18n('There are %1 divisional groups defined for divisional judging, good', array($jdivs)));
 	} else {
-		echo error(i18n("There is not more than 1 divisional groups defined for divisional judging.  Please assign ALL categories/divisions/languages to judging groupings before continuing"));
+		echo error(i18n('There is not more than 1 divisional groups defined for divisional judging.  Please assign ALL categories/divisions/languages to judging groupings before continuing'));
 		$ok = 0;
 	}
-	echo "<h3>Projects and Judges</h3><br />";
+	echo '<h3>Projects and Judges</h3><br />';
 	$k=judges_scheduler_check_judges();
-	if(!$k) $ok=0;
+	$k = judges_scheduler_check_judges();
-if($ok)
+	if (!$k)
-{
+		$ok = 0;
-	echo i18n("Everything looks in order, we're ready to create the
+
 	if ($ok) {
 		echo i18n("Everything looks in order, we're ready to create the
 	divisional awards judging teams.  Click link below to start the scheduler.  
 	Please be patient as it may take several minutes find an good solution to 
 	the judging team assignments.");
-	echo "<br />";
+		echo '<br />';
-	echo "<br />";
+		echo '<br />';
-	echo "<a href=\"judges_sa_launcher.php\">".i18n("Start the judging scheduler to create judging teams and judging schedule")."</a>";
+		echo '<a href="judges_sa_launcher.php">' . i18n('Start the judging scheduler to create judging teams and judging schedule') . '</a>';
 	} else {
 		echo '<br />';
 		echo '<br />';
-}
+		echo '<a href="judges_sa_launcher.php">' . i18n('Something above looks bad, but you can start the judging scheduler anyways with the understanding that results will NOT be optimal, or in fact, the scheduler may not work at all!') . '</a>';
-else {
+	}
-	echo "<br />";
+} else {
-	echo "<br />";
+	echo '<br />';
-
+	echo '<b>';
-	echo "<a href=\"judges_sa_launcher.php\">".i18n("Something above looks bad, but you can start the judging scheduler anyways with the understanding that results will NOT be optimal, or in fact, the scheduler may not work at all!")."</a>";
+	echo i18n('The scheduler is currently running');
 	echo '</b>';
 	echo '<br />';
 	echo '<br />';
 	echo '<a href="judges_scheduler_status.php">' . i18n('Click here to check the judging scheduler progress') . '</a>';
 	echo '<br />';
 	echo '<br />';
 	echo '<br />';
 	echo i18n('If the scheduler is not running (and you are 100% sure that it is not!) click the link below to reset the scheduler status');
 	echo '<br />';
 	echo '<a href="judges_schedulerconfig.php?action=reset">' . i18n('Reset judge scheduler status') . '</a>';;
 }
-}
+echo '<br />';
-else
+echo '<br />';
-{
+echo '<br />';
 	echo "<br />";
 	echo "<b>";
 	echo i18n("The scheduler is currently running");
 	echo "</b>";
 	echo "<br />";
 	echo "<br />";
 	echo "<a href=\"judges_scheduler_status.php\">".i18n("Click here to check the judging scheduler progress")."</a>";
 	echo "<br />";
 	echo "<br />";
 	echo "<br />";
 	echo i18n("If the scheduler is not running (and you are 100% sure that it is not!) click the link below to reset the scheduler status");
 	echo "<br />";
 	echo "<a href=\"judges_schedulerconfig.php?action=reset\">".i18n("Reset judge scheduler status")."</a>";;
 }
 echo "<br />";
 echo "<br />";
 echo "<br />";
 send_footer();
 send_footer();
 ?>
--- a/admin/judges_schedulerconfig_check.inc.php
+++ b/admin/judges_schedulerconfig_check.inc.php
@ -2,32 +2,35 @@
 function judges_scheduler_check_timeslots()
 {
-	global $conference;
+	global $config, $pdo;
-	$q=mysql_query("SELECT * FROM judges_timeslots WHERE ".
+	$q = $pdo->prepare('SELECT * FROM judges_timeslots WHERE '
-		" conferences_id='".$conference['id']."'".
+		. " year='" . $config['FAIRYEAR'] . "'"
-		" AND `type`='divisional1'" );
+		. " AND `type`='divisional1'");
-	if(mysql_num_rows($q)) {
+	$q->execute();
-		$round=mysql_fetch_object($q);
+	if ($q->rowCount()) {
-		$q=mysql_query("SELECT * FROM judges_timeslots WHERE round_id='$round->id' AND type='timeslot'");
+		$round = $q->fetch(PDO::FETCH_OBJ);
-		return mysql_num_rows($q);
+		$q = $pdo->prepare("SELECT * FROM judges_timeslots WHERE round_id='$round->id' AND type='timeslot'");
-	}
+		$q->execute();
-	else
+		return $q->rowCount();
 	} else
 		return 0;
 }
 function judges_scheduler_check_timeslots_sa()
 {
-	global $conference;
+	global $config, $pdo;
 	$rows = 0;
-	$q=mysql_query("SELECT * FROM judges_timeslots WHERE ".
+	$q = $pdo->prepare('SELECT * FROM judges_timeslots WHERE '
-		" conferences_id='".$conference['id']."'".
+		. " year='" . $config['FAIRYEAR'] . "'"
-		" AND `type`='special'" );
+		. " AND `type`='special'");
-	if(mysql_num_rows($q)) {
+	$q->execute();
-		while((	$round=mysql_fetch_object($q))) {
+	if ($q->rowCount()) {
-			$rq=mysql_query("SELECT * FROM judges_timeslots WHERE round_id='$round->id' AND type='timeslot'");
+		while (($round = $q->fetch(PDO::FETCH_OBJ))) {
-			$rows += mysql_num_rows($rq);
+			$rq = $pdo->prepare("SELECT * FROM judges_timeslots WHERE round_id='$round->id' AND type='timeslot'");
 			$rq->execute();
 			$rows += $rq->rowCount();
 		}
 	}
 	return $rows;
@ -35,217 +38,227 @@ function judges_scheduler_check_timeslots_sa()
 function judges_scheduler_check_awards()
 {
-	global $config, $conferenece;
+	global $config, $pdo;
-	$q=mysql_query("SELECT * FROM projectdivisions WHERE conferences_id='".$conference['id']."' ORDER BY id");
+	$q = $pdo->prepare("SELECT * FROM projectdivisions WHERE year='" . $config['FAIRYEAR'] . "' ORDER BY id");
-	while($r=mysql_fetch_object($q))
+	$q->execute();
-		$div[$r->id]=$r->division;
+	while ($r = $q->fetch(PDO::FETCH_OBJ))
 		$div[$r->id] = $r->division;
-	$q=mysql_query("SELECT * FROM projectcategories WHERE conferences_id='".$conference['id']."' ORDER BY id");
+	$q = $pdo->prepare("SELECT * FROM projectcategories WHERE year='" . $config['FAIRYEAR'] . "' ORDER BY id");
-	while($r=mysql_fetch_object($q))
+	$q->execute();
-		$cat[$r->id]=$r->category;
+	while ($r = $q->fetch(PDO::FETCH_OBJ))
 		$cat[$r->id] = $r->category;
 	$dkeys = array_keys($div);
 	$ckeys = array_keys($cat);
-	if($config['filterdivisionbycategory']=="yes") {
+	if ($config['filterdivisionbycategory'] == 'yes') {
-		$q=mysql_query("SELECT * FROM projectcategoriesdivisions_link WHERE conferences_id='".$conference['id']."' ORDER BY projectdivisions_id,projectcategories_id");
+		$q = $pdo->prepare("SELECT * FROM projectcategoriesdivisions_link WHERE year='" . $config['FAIRYEAR'] . "' ORDER BY projectdivisions_id,projectcategories_id");
-		$divcat=array();
+		$q->execute();
-		while($r=mysql_fetch_object($q)) {
+		$divcat = array();
-			$divcat[]=array("c"=>$r->projectcategories_id,"d"=>$r->projectdivisions_id);
+		while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 			$divcat[] = array('c' => $r->projectcategories_id, 'd' => $r->projectdivisions_id);
 		}
-
+	} else {
-	}
+		$divcat = array();
-	else {
+		foreach ($dkeys AS $d) {
-		$divcat=array();
+			foreach ($ckeys AS $c) {
-		foreach($dkeys AS $d) {
+				$divcat[] = array('c' => $c, 'd' => $d);
 			foreach($ckeys AS $c) {
 				$divcat[]=array("c"=>$c,"d"=>$d);
 			}
 		}
 	}
 	$missing_awards = array();
-	foreach($divcat AS $dc) {
+	foreach ($divcat AS $dc) {
-		$d=$dc['d'];
+		$d = $dc['d'];
-		$c=$dc['c'];
+		$c = $dc['c'];
-			$q=mysql_query("SELECT award_awards.id FROM 
+		$q = $pdo->prepare("SELECT award_awards.id FROM 
 							award_awards,
 							award_awards_projectcategories,
 							award_awards_projectdivisions
 						WHERE 
-							award_awards.conferences_id='{$conference['id']}'
+							award_awards.year='{$config['FAIRYEAR']}'
-							AND award_awards_projectcategories.conferences_id='{$conference['id']}'
+							AND award_awards_projectcategories.year='{$config['FAIRYEAR']}'
-							AND award_awards_projectdivisions.conferences_id='{$conference['id']}'
+							AND award_awards_projectdivisions.year='{$config['FAIRYEAR']}'
 							AND award_awards.id=award_awards_projectcategories.award_awards_id
 							AND award_awards.id=award_awards_projectdivisions.award_awards_id
 							AND award_awards_projectcategories.projectcategories_id='$c'
 							AND award_awards_projectdivisions.projectdivisions_id='$d'
 							AND award_awards.award_types_id='1'
 						");
-						echo mysql_error();
+		$q->execute();
-			if(mysql_num_rows($q)!=1) {
+		show_pdo_errors_if_any($pdo);
-				$missing_awards[] = "{$cat[$c]} - {$div[$d]} (".i18n("%1 found",array(mysql_num_rows($q))).")";
+		if ($q->rowCount() != 1) {
-			}
+			$missing_awards[] = "{$cat[$c]} - {$div[$d]} (" . i18n('%1 found', array($q->rowCount())) . ')';
 		}
 	}
 	return $missing_awards;
 }
 function judges_scheduler_check_jdivs()
 {
-	$q=mysql_query("SELECT DISTINCT jdiv_id FROM judges_jdiv ");
+	global $config, $pdo;
-	$rows = mysql_num_rows($q);
+
 	$q = $pdo->prepare('SELECT DISTINCT jdiv_id FROM judges_jdiv ');
 	$q->execute();
 	$rows = $q->rowCount();
 	return $rows;
 }
 function judges_scheduler_check_judges()
 {
-	global $config, $conference;
+	global $config, $pdo;
 	$ok = 1;
 	$jdiv = array();
-	$q=mysql_query("SELECT * FROM judges_jdiv ORDER BY jdiv_id");
+	$projectlanguagetotal = array();
-	while($r=mysql_fetch_object($q)) {
+	$projecttotal = 0;
 	$q = $pdo->prepare('SELECT * FROM judges_jdiv ORDER BY jdiv_id');
 	$q->execute();
 	while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 		/* Ignore any div/cat with jdiv 0 */
-		if($r->jdiv_id == 0) continue;
+		if ($r->jdiv_id == 0)
 			continue;
 		$d = $r->projectdivisions_id;
 		$c = $r->projectcategories_id;
 		$l = $r->lang;
-		$qp = mysql_query("SELECT COUNT(projects.id) as cnt FROM projects, registrations WHERE ".
+		$qp = $pdo->prepare('SELECT COUNT(projects.id) as cnt FROM projects, registrations WHERE '
-						" projects.conferences_id='".$conference['id']."' AND ".
+			. " projects.year='" . $config['FAIRYEAR'] . "' AND "
-						" projectdivisions_id='$d' AND ".
+			. " projectdivisions_id='$d' AND "
-						" projectcategories_id='$c' AND ".
+			. " projectcategories_id='$c' AND "
-						" language='$l' AND " .
+			. " language='$l' AND "
-						" registrations.id = projects.registrations_id " .
+			. ' registrations.id = projects.registrations_id '
-						getJudgingEligibilityCode()
+			. getJudgingEligibilityCode());
-				);
+		$qp->execute();
-		$qr = mysql_fetch_object($qp);
+		$qr = $qp->fetch(PDO::FETCH_OBJ);
-		
+
 		// if (get_value_from_3d_array($jdiv, $r->jdiv_id, 'num_projects', 'total') !== null){
 		$jdiv[$r->jdiv_id]['num_projects']['total'] += $qr->cnt;
 		// }
 		$jdiv[$r->jdiv_id]['num_projects'][$l] += $qr->cnt;
-        $projectlanguagetotal[$l]+=$qr->cnt;
+		$projectlanguagetotal[$l] += $qr->cnt;
-        $projecttotal+=$qr->cnt;
+		$projecttotal += $qr->cnt;
 	}
 	$totalteams['total'] = 0;
-	echo "<table border=1 width=\"85%\"><tr><th></th>".
+	echo '<table border=1 width="85%"><tr><th></th>'
-		"<th colspan=\"".(count($config['languages'])+1)."\">".i18n("Projects")."</th>".
+		. '<th colspan="' . (count($config['languages']) + 1) . '">' . i18n('Projects') . '</th>'
-		"<th colspan=\"".(count($config['languages'])+1)."\">".i18n("Estimated Required Teams")."</th></tr>";
+		. '<th colspan="' . (count($config['languages']) + 1) . '">' . i18n('Estimated Required Teams') . '</th></tr>';
-        echo "<tr>";
+	echo '<tr>';
-        echo "<th></th><th>".i18n("Total")."</th>";
+	echo '<th></th><th>' . i18n('Total') . '</th>';
-        foreach($config['languages'] AS $lkey=>$lname)
+	foreach ($config['languages'] AS $lkey => $lname)
-            echo "<th>$lkey</th>";
+		echo "<th>$lkey</th>";
-        echo "<th>".i18n("Total")."</th>";
+	echo '<th>' . i18n('Total') . '</th>';
-        foreach($config['languages'] AS $lkey=>$lname)
+	foreach ($config['languages'] AS $lkey => $lname)
-            echo "<th>$lkey</th>";
+		echo "<th>$lkey</th>";
-        echo "</tr>\n";
+	echo "</tr>\n";
-		foreach($jdiv AS $jdiv_id=>$jd) {
+	foreach ($jdiv AS $jdiv_id => $jd) {
-			$c = $jd['num_projects']['total'];
+		$c = $jd['num_projects']['total'];
-			//total judge teams calculation
+		// total judge teams calculation
-			$t['total']=ceil($c/$config['max_projects_per_team']*$config['times_judged']);
+		$t['total'] = ceil($c / $config['max_projects_per_team'] * $config['times_judged']);
-			if($t['total'] < $config['times_judged'] && $c>0) $t['total'] = $config['times_judged'];
+		if ($t['total'] < $config['times_judged'] && $c > 0)
-			$jdiv[$jdiv_id]['num_jteams']['total'] = $t['total'];
+			$t['total'] = $config['times_judged'];
-			$totalteams['total']+=$t['total'];
+		$jdiv[$jdiv_id]['num_jteams']['total'] = $t['total'];
-			//language teams calculation
+		$totalteams['total'] += $t['total'];
-			foreach($config['languages'] AS $lkey=>$lname) {
+		// language teams calculation
-				$c = $jd['num_projects'][$lkey];
+		foreach ($config['languages'] AS $lkey => $lname) {
-				$t['total_'.$lkey]=ceil($c/$config['max_projects_per_team']*$config['times_judged']);
+			$c = $jd['num_projects'][$lkey];
-				if($t['total_'.$lkey] < $config['times_judged'] && $c>0) $t['total_'.$lkey] = $config['times_judged'];
+			$t['total_' . $lkey] = ceil($c / $config['max_projects_per_team'] * $config['times_judged']);
-				$jdiv[$jdiv_id]['num_jteams']['total_'.$lkey] = $t['total_'.$lkey];
+			if ($t['total_' . $lkey] < $config['times_judged'] && $c > 0)
-				$totalteams['total_'.$lkey]+=$t['total_'.$lkey];
+				$t['total_' . $lkey] = $config['times_judged'];
-			}
+			$jdiv[$jdiv_id]['num_jteams']['total_' . $lkey] = $t['total_' . $lkey];
-
+			$totalteams['total_' . $lkey] += $t['total_' . $lkey];
 			echo "<tr><td>Judging Division Group $jdiv_id</td>";
 			echo "<td align=\"center\">$c</td>";
 			$langstr="";
 			foreach($config['languages'] AS $lkey=>$lname) {
 				$clang=($jd['num_projects'][$lkey]?$jd['num_projects'][$lkey]:0);
 				echo "<td align=\"center\">$clang</td>";
        }
        echo "<td align=\"center\">{$t['total']}</td>";
 		foreach($config['languages'] AS $lkey=>$lname) {
 			$clang=($jd['num_projects'][$lkey]?$jd['num_projects'][$lkey]:0);
 			//echo "<td align=\"center\">{$t['total']}</td>";
 			echo "<td align=\"center\">{$t['total_'.$lkey]}</td>";
 		}
-        echo "</tr>";
+		echo "<tr><td>Judging Division Group $jdiv_id</td>";
 		echo "<td align=\"center\">{$jd['num_projects']['total']}</td>";
 		$langstr = '';
 		foreach ($config['languages'] AS $lkey => $lname) {
 			$clang = ($jd['num_projects'][$lkey] ? $jd['num_projects'][$lkey] : 0);
 			echo "<td align=\"center\">$clang</td>";
 		}
 		echo "<td align=\"center\">{$t['total']}</td>";
 		foreach ($config['languages'] AS $lkey => $lname) {
 			$clang = ($jd['num_projects'][$lkey] ? $jd['num_projects'][$lkey] : 0);
 			// echo "<td align=\"center\">{$t['total']}</td>";
 			echo "<td align=\"center\">{$t['total_' . $lkey]}</td>";
 		}
 		echo '</tr>';
 	}
-	echo "</table>";
+	echo '</table>';
-	echo "<br />";
+	echo '<br />';
-	echo "<b>";
+	echo '<b>';
-	echo i18n("Total judging teams required: %1",array($totalteams['total']));
+	echo i18n('Total judging teams required: %1', array($totalteams['total']));
-	echo "<br />";
+	echo '<br />';
-	echo "<br />";
+	echo '<br />';
-	$minjudges['total']=($totalteams['total']*$config['min_judges_per_team']);
+	$minjudges['total'] = ($totalteams['total'] * $config['min_judges_per_team']);
-	$maxjudges['total']=($totalteams['total']*$config['max_judges_per_team']);
+	$maxjudges['total'] = ($totalteams['total'] * $config['max_judges_per_team']);
-	echo i18n("Minimum number of judges required: %1",array($minjudges['total']))."<br />";
+	echo i18n('Minimum number of judges required: %1', array($minjudges['total'])) . '<br />';
-    foreach($config['languages'] AS $lkey=>$lname) {
+	foreach ($config['languages'] AS $lkey => $lname) {
-        if($minjudges['total'] && $projecttotal)
+		if ($minjudges['total'] && $projecttotal)
-            $minjudges[$lkey]=round($totalteams['total_'.$lkey]*$config['min_judges_per_team']); //$projectlanguagetotal[$lkey]/$projecttotal*$minjudges['total']);
+			$minjudges[$lkey] = round($totalteams['total_' . $lkey] * $config['min_judges_per_team']);  // $projectlanguagetotal[$lkey]/$projecttotal*$minjudges['total']);
-        else
+		else
-            $minjudges[$lkey]=0;
+			$minjudges[$lkey] = 0;
-        echo "&nbsp;&nbsp; ".i18n("Minimum number of %1 judges required: %2",array($lname,$minjudges[$lkey]))."<br />";
+		echo '&nbsp;&nbsp; ' . i18n('Minimum number of %1 judges required: %2', array($lname, $minjudges[$lkey])) . '<br />';
-    }
+	}
-	echo i18n("Maximum number of judges needed: %1",array($maxjudges['total']));
+	echo i18n('Maximum number of judges needed: %1', array($maxjudges['total']));
-	echo "<br />";
+	echo '<br />';
-	echo "<br />";
+	echo '<br />';
-/*	$jq=mysql_query("SELECT COUNT(judges.id) AS num FROM judges,judges_years WHERE complete='yes' AND deleted='no' AND judges_years.conferences_id='{$conference['id']}' AND judges_years.judges_id=judges.id");
+	/*	$jq=mysql_query("SELECT COUNT(judges.id) AS num FROM judges,judges_years WHERE complete='yes' AND deleted='no' AND judges_years.year='{$config['FAIRYEAR']}' AND judges_years.judges_id=judges.id");
-	$jr=mysql_fetch_object($jq);
+		$jr=mysql_fetch_object($jq);
-	$currentjudges=$jr->num;*/
+		$currentjudges=$jr->num;*/
 	/* FIXME: this his highly inefficient :), but won't be done very often */
 	$judges = judges_load_all();
 	$currentjudges = count($judges);
 	echo "Current number of registered judges: $currentjudges";
-	echo "</b>";
+	echo '</b>';
-	echo "<br />";
+	echo '<br />';
-	if($currentjudges<$minjudges['total']) {
+	if ($currentjudges < $minjudges['total']) {
-		echo error(i18n("You do not have sufficient number of total judges based on your parameters"));
+		echo error(i18n('You do not have sufficient number of total judges based on your parameters'));
-        $ok=false;
+		$ok = false;
-    }
+	}
-    foreach($config['languages'] AS $lkey=>$lname) {
+	foreach ($config['languages'] AS $lkey => $lname) {
-		$lcount=0;
+		$lcount = 0;
-		foreach($judges AS $j) {
+		foreach ($judges AS $j) {
-			foreach($j['languages'] AS $jlang) {
+			foreach ($j['languages'] AS $jlang) {
-				if($jlang==$lkey) $lcount++;
+				if ($jlang == $lkey)
 					$lcount++;
 			}
 		}
-        $currentjudges=$lcount;
+		$currentjudges = $lcount;
-        echo "&nbsp;&nbsp;<b>".i18n("Current number of registered judges that can judge in %1: %2",array($lname,$currentjudges))."</b>";
+		echo '&nbsp;&nbsp;<b>' . i18n('Current number of registered judges that can judge in %1: %2', array($lname, $currentjudges)) . '</b>';
-        echo "<br />";
+		echo '<br />';
-        if($currentjudges<$minjudges[$lkey]) {
+		if ($currentjudges < $minjudges[$lkey]) {
-            echo error(i18n("You do not have sufficient number of %1 judges based on your parameters",array($lname)));
+			echo error(i18n('You do not have sufficient number of %1 judges based on your parameters', array($lname)));
-            $ok=false;
+			$ok = false;
-        }
+		}
    }
    if(!$ok) {
 		echo "&nbsp;&nbsp;";
 		echo "<a href=\"judges_schedulerconfig.php\">".i18n("Update Scheduler Configuration")."</a> (".i18n("or get more judges!").")";
 	}
 	else
 		echo happy(i18n("You have a sufficient number of judges based on your parameters"));
-	//now check if we can find a divisional award for each division and category
+	if (!$ok) {
 		echo '&nbsp;&nbsp;';
 		echo '<a href="judges_schedulerconfig.php">' . i18n('Update Scheduler Configuration') . '</a> (' . i18n('or get more judges!') . ')';
 	} else
 		echo happy(i18n('You have a sufficient number of judges based on your parameters'));
 	// now check if we can find a divisional award for each division and category
 	return $ok;
 }
--- a/admin/judges_teams.php
+++ b/admin/judges_teams.php
@ -1,128 +1,145 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- include "judges.inc.php";
+include 'judges.inc.php';
 $action = null;
 if (get_value_from_array($_GET, 'edit'))
 	$edit = get_value_from_array($_GET, 'edit');
 if (get_value_from_array($_POST, 'edit'))
 	$edit = get_value_from_array($_POST, 'edit');
 if (get_value_from_array($_GET, 'action'))
 	$action = get_value_from_array($_GET, 'action');
 if (get_value_from_array($_POST, 'action'))
 	$action = get_value_from_array($_POST, 'action');
-	if($_GET['edit']) $edit=$_GET['edit'];
+if ($action == 'delete' && get_value_from_array($_GET, 'delete')) {
-	if($_POST['edit']) $edit=$_POST['edit'];
+	// ALSO DELETE: team members, timeslots, projects, awards
 	if($_GET['action']) $action=$_GET['action'];
 	if($_POST['action']) $action=$_POST['action'];
-	if($action=="delete" && $_GET['delete'])
+	$stmt = $pdo->prepare("DELETE FROM judges_teams_link WHERE judges_teams_id='" . $_GET['delete'] . "' AND year='" . $config['FAIRYEAR'] . "'");
-	{
+	$stmt->execute();
-		//ALSO DELETE: team members, timeslots, projects, awards
+	$stmt = $pdo->prepare("DELETE FROM judges_teams_timeslots_link WHERE judges_teams_id='" . $_GET['delete'] . "' AND year='" . $config['FAIRYEAR'] . "'");
-		mysql_query("DELETE FROM judges_teams_link WHERE judges_teams_id='".$_GET['delete']."' AND conferences_id='".$conference['id']."'");
+	$stmt->execute();
-		mysql_query("DELETE FROM judges_teams_timeslots_link WHERE judges_teams_id='".$_GET['delete']."' AND conferences_id='".$conference['id']."'");
+	$stmt = $pdo->prepare("DELETE FROM judges_teams_timeslots_projects_link WHERE judges_teams_id='" . $_GET['delete'] . "' AND year='" . $config['FAIRYEAR'] . "'");
-		mysql_query("DELETE FROM judges_teams_timeslots_projects_link WHERE judges_teams_id='".$_GET['delete']."' AND conferences_id='".$conference['id']."'");
+	$stmt->execute();
-		mysql_query("DELETE FROM judges_teams_awards_link WHERE judges_teams_id='".$_GET['delete']."' AND conferences_id='".$conference['id']."'");
+	$stmt = $pdo->prepare("DELETE FROM judges_teams_awards_link WHERE judges_teams_id='" . $_GET['delete'] . "' AND year='" . $config['FAIRYEAR'] . "'");
-		mysql_query("DELETE FROM judges_teams WHERE id='".$_GET['delete']."' AND conferences_id='".$conference['id']."'");
+	$stmt->execute();
-		message_push(happy(i18n("Judge team successfully removed, and all of its corresponding members, timeslots, projects and awards unlinked from team")));
+	$stmt = $pdo->prepare("DELETE FROM judges_teams WHERE id='" . $_GET['delete'] . "' AND year='" . $config['FAIRYEAR'] . "'");
-	}
+	$stmt->execute();
 	message_push(happy(i18n('Judge team successfully removed, and all of its corresponding members, timeslots, projects and awards unlinked from team')));
 }
-	if($action=="deletealldivisional")
+if (get_value_or_default($action) == 'deletealldivisional') {
-	{
+	$q2 = $pdo->prepare("SELECT *
-		$q2=mysql_query("SELECT *
+				FROM \t
 				FROM 	
 					judges_teams
 				WHERE 
-					conferences_id='".$conference['id']."'
+					year='" . $config['FAIRYEAR'] . "'
 					AND autocreate_type_id='1'
 					");
-					echo mysql_error();
+	show_pdo_errors_if_any($pdo);
-		$numdeleted=0;
+	$numdeleted = 0;
-		while($r2=mysql_fetch_object($q2))
+	while ($r2 = $q2->fetch(PDO::FETCH_OBJ)) {
-		{
+		// okay now we can start deleting things! whew!
-			//okay now we can start deleting things! whew!
+		// first delete any linkings to the team
-			//first delete any linkings to the team
+
-			mysql_query("DELETE FROM judges_teams_link WHERE judges_teams_id='$r2->id' AND conferences_id='".$conference['id']."'");
+		$stmt = $pdo->prepare("DELETE FROM judges_teams_link WHERE judges_teams_id='$r2->id' AND year='" . $config['FAIRYEAR'] . "'");
-			mysql_query("DELETE FROM judges_teams_timeslots_link WHERE judges_teams_id='$r2->id' AND conferences_id='".$conference['id']."'");
+		$stmt->execute();
-			mysql_query("DELETE FROM judges_teams_timeslots_projects_link WHERE judges_teams_id='$r2->id' AND conferences_id='".$conference['id']."'");
+		$stmt = $pdo->prepare("DELETE FROM judges_teams_timeslots_link WHERE judges_teams_id='$r2->id' AND year='" . $config['FAIRYEAR'] . "'");
-			mysql_query("DELETE FROM judges_teams_awards_link WHERE judges_teams_id='$r2->id' AND conferences_id='".$conference['id']."'");
+		$stmt->execute();
-			mysql_query("DELETE FROM judges_teams WHERE id='$r2->id' AND conferences_id='".$conference['id']."'");
+		$stmt = $pdo->prepare("DELETE FROM judges_teams_timeslots_projects_link WHERE judges_teams_id='$r2->id' AND year='" . $config['FAIRYEAR'] . "'");
-			$numdeleted++;
+		$stmt->execute();
-		}
+		$stmt = $pdo->prepare("DELETE FROM judges_teams_awards_link WHERE judges_teams_id='$r2->id' AND year='" . $config['FAIRYEAR'] . "'");
-		if($numdeleted)
+		$stmt->execute();
-			message_push(happy(i18n("Successfully deleted %1 auto-created divisional team(s)",array($numdeleted))));
+		$stmt = $pdo->prepare("DELETE FROM judges_teams WHERE id='$r2->id' AND year='" . $config['FAIRYEAR'] . "'");
-		else
+		$stmt->execute();
-			message_push(error(i18n("There were no auto-created divisional teams to delete")));
+		$numdeleted++;
 	}
-	
+	if ($numdeleted)
-	if($action=="deleteall")
+		message_push(happy(i18n('Successfully deleted %1 auto-created divisional team(s)', array($numdeleted))));
-	{
+	else
-		$q2=mysql_query("SELECT *
+		message_push(error(i18n('There were no auto-created divisional teams to delete')));
-				FROM 	judges_teams
+}
 if (get_value_or_default($action) == 'deleteall') {
 	$q2 = $pdo->prepare("SELECT *
 				FROM \tjudges_teams
 				WHERE 
-					conferences_id='".$conference['id']."'
+					year='" . $config['FAIRYEAR'] . "'
 					");
-		$numdeleted=0;
+	$q2->execute();
-		while($r2=mysql_fetch_object($q2))
+	$numdeleted = 0;
-		{
+	while ($r2 = $q2->FETCH(PDO::FETCH_OBJ)) {
-			//okay now we can start deleting things! whew!
+		// okay now we can start deleting things! whew!
-			//first delete any linkings to the team
+		// first delete any linkings to the team
-			mysql_query("DELETE FROM judges_teams_link WHERE judges_teams_id='$r2->id' AND conferences_id='".$conference['id']."'");
+
-			mysql_query("DELETE FROM judges_teams_timeslots_link WHERE judges_teams_id='$r2->id' AND conferences_id='".$conference['id']."'");
+		$stmt = $pdo->prepare("DELETE FROM judges_teams_link WHERE judges_teams_id='$r2->id' AND year='" . $config['FAIRYEAR'] . "'");
-			mysql_query("DELETE FROM judges_teams_timeslots_projects_link WHERE judges_teams_id='$r2->id' AND conferences_id='".$conference['id']."'");
+		$stmt->execute();
-			mysql_query("DELETE FROM judges_teams_awards_link WHERE judges_teams_id='$r2->id' AND conferences_id='".$conference['id']."'");
+		$stmt = $pdo->prepare("DELETE FROM judges_teams_timeslots_link WHERE judges_teams_id='$r2->id' AND year='" . $config['FAIRYEAR'] . "'");
-			mysql_query("DELETE FROM judges_teams WHERE id='$r2->id' AND conferences_id='".$conference['id']."'");
+		$stmt->execute();
-			$numdeleted++;
+		$stmt = $pdo->prepare("DELETE FROM judges_teams_timeslots_projects_link WHERE judges_teams_id='$r2->id' AND year='" . $config['FAIRYEAR'] . "'");
-		}
+		$stmt->execute();
-		if($numdeleted)
+		$stmt = $pdo->prepare("DELETE FROM judges_teams_awards_link WHERE judges_teams_id='$r2->id' AND year='" . $config['FAIRYEAR'] . "'");
-			message_push(happy(i18n("Successfully deleted %1 team(s)",array($numdeleted))));
+		$stmt->execute();
-		else
+		$stmt = $pdo->prepare("DELETE FROM judges_teams WHERE id='$r2->id' AND year='" . $config['FAIRYEAR'] . "'");
-			message_push(error(i18n("There were no teams to delete")));
+		$stmt->execute();
 		$numdeleted++;
 	}
 	if ($numdeleted)
 		message_push(happy(i18n('Successfully deleted %1 team(s)', array($numdeleted))));
 	else
 		message_push(error(i18n('There were no teams to delete')));
 }
 if ((get_value_or_default($action) == 'save' || $action == 'assign') && $edit) {
 	// if we're updating or assigning, it doesnt matter, lets do the same thing (save record, add award
 	// but when we're done, if we're "assign" then go back to edit that team
 	// if we're save, then go back to the team list
 	$err = false;
 	$q = $pdo->prepare("UPDATE judges_teams SET num='" . $_POST['team_num'] . "', name='" . (stripslashes($_POST['team_name'])) . "' WHERE id='$edit'");
 	$q->execute();
 	if ($pdo->errorInfo()) {
 		$err = true;
 		message_push(error($pdo->errorInfo()));
 	}
-	if(($action=="save" || $action=="assign") && $edit)
+	if ($_POST['award']) {
-	{
+		// we can only have 1 special award assigned to any given team so we'll be able to properly
-		//if we're updating or assigning, it doesnt matter, lets do the same thing (save record, add award
+		// manage the projects that we assign to the team.  If there was more than one special award
-		//but when we're done, if we're "assign" then go back to edit that team
+		// the judges wouldnt know which projects to judge for which award.  This doesnt apply for divisions
-		//if we're save, then go back to the team list
+		// because the category/division is obvious based on project numbesr.  A divisional judge team could easily
-		$err=false;
+		// be assigned to do all of Comp Sci - Junior, Intermediate and Senior without any problems.
-		$q=mysql_query("UPDATE judges_teams SET num='".$_POST['team_num']."', name='".mysql_escape_string(stripslashes($_POST['team_name']))."' WHERE id='$edit'");
+		$q = $pdo->prepare("SELECT award_types.type FROM award_awards, award_types WHERE award_awards.award_types_id=award_types.id AND award_awards.id='" . $_POST['award'] . "'");
-		if(mysql_error())
+		$q->execute();
-		{
+		$aw = $q->fetch(PDO::FETCHH_OBJ);
 			$err=true;
 			message_push(error(mysql_error()));
 		}
-		if($_POST['award'])
+		$addaward = true;
-		{
+		if ($aw->type == 'Special') {
-			//we can only have 1 special award assigned to any given team so we'll be able to properly
+			$q = $pdo->prepare("SELECT COUNT(*) AS num FROM 
 			//manage the projects that we assign to the team.  If there was more than one special award
 			//the judges wouldnt know which projects to judge for which award.  This doesnt apply for divisions
 			//because the category/division is obvious based on project numbesr.  A divisional judge team could easily
 			//be assigned to do all of Comp Sci - Junior, Intermediate and Senior without any problems.
 			$q=mysql_query("SELECT award_types.type FROM award_awards, award_types WHERE award_awards.award_types_id=award_types.id AND award_awards.id='".$_POST['award']."'");
 			$aw=mysql_fetch_object($q);
 			$addaward=true;
 			if($aw->type=="Special")
 			{
 				$q=mysql_query("SELECT COUNT(*) AS num FROM 
 							judges_teams_awards_link,
 							award_awards,
 							award_types
@ -132,110 +149,121 @@
 							AND award_awards.award_types_id=award_types.id
 							AND award_types.type='Special'
 						");
-				$r=mysql_fetch_object($q);
+			$q->exxecute();
-				echo "special awards: $r->num";
+			$r = $q->fetch(PDO::FETCHH_OBJ);
-				if($r->num)
+			echo "special awards: $r->num";
-				{
+			if ($r->num) {
-					$addaward=false;
+				$addaward = false;
-					message_push(error(i18n("Sorry, only one Special Award can be assigned to a judging team")));
+				message_push(error(i18n('Sorry, only one Special Award can be assigned to a judging team')));
-				}
+			} else {
-				else
+				$addaward = true;
 				{
 					$addaward=true;
 				}
 			}
 			if($addaward)
 			{
 				//link up the award
 				mysql_query("INSERT INTO judges_teams_awards_link (award_awards_id,judges_teams_id,conferences_id) VALUES ('".$_POST['award']."','$edit','".$conference['id']."')");
 				message_push(happy(i18n("Award assigned to team")));
 			}
 		}
-
+		if ($addaward) {
-		if($action=="assign")
+			// link up the award
-			$action="edit";
+			$stmt = $pdo->prepare("INSERT INTO judges_teams_awards_link (award_awards_id,judges_teams_id,year) VALUES ('" . $_POST['award'] . "','$edit','" . $config['FAIRYEAR'] . "')");
-		else if($action=="save")
+			$stmt->execute();
-		{
+			message_push(happy(i18n('Award assigned to team')));
 			if($err)
 				$action="edit";
 			else
 			{
 				message_push(happy(i18n("Team successfully saved")));
 				unset($action);
 				unset($edit);
 			}
 		}
 	}
-	if($action=="unassign")
+	if ($action == 'assign')
-	{
+		$action = 'edit';
-		mysql_query("DELETE FROM judges_teams_awards_link WHERE judges_teams_id='$edit' AND award_awards_id='".$_GET['unassign']."' AND conferences_id='".$conference['id']."'");
+	else if ($action == 'save') {
-		message_push(happy(i18n("Award unassigned from judge team")));
+		if ($err)
-		//keep editing the same team
+			$action = 'edit';
-		$action="edit";
+		else {
-	}
+			message_push(happy(i18n('Team successfully saved')));
-
+			unset($action);
-	if($action=="createall")
+			unset($edit);
 	{
 		//first make sure we dont have any non-divisional award teams (dont want people hitting refresh and adding all the teams twice
 		$q=mysql_query("SELECT COUNT(*) AS c FROM judges_teams WHERE autocreate_type_id!='1' AND conferences_id='".$conference['id']."'");
 		$r=mysql_fetch_object($q);
 		if($r->c)
 		{
 			message_push(error(i18n("Cannot 'Create All' teams when any divisional teams currently exist.  Try deleting all existing non-divisional teams first.")));
 		}
-		else
+	}
-		{
+}
-			//grab all the awards
+
-			$q=mysql_query("SELECT 
+if (get_value_or_default($action) == 'unassign') {
 	$stmt = $pdo->prepare("DELETE FROM judges_teams_awards_link WHERE judges_teams_id='$edit' AND award_awards_id='" . $_GET['unassign'] . "' AND year='" . $config['FAIRYEAR'] . "'");
 	$stmt->execute();
 	message_push(happy(i18n('Award unassigned from judge team')));
 	// keep editing the same team
 	$action = 'edit';
 }
 if (get_value_or_default($action) == 'createall') {
 	// first make sure we dont have any non-divisional award teams (dont want people hitting refresh and adding all the teams twice
 	$q = $pdo->prepare("SELECT COUNT(*) AS c FROM judges_teams WHERE autocreate_type_id!='1' AND year='" . $config['FAIRYEAR'] . "'");
 	$q->execute();
 	$r = $q->fetch(PDO::FETCH_OBJ);
 	if ($r->c) {
 		message_push(error(i18n("Cannot 'Create All' teams when any divisional teams currently exist.  Try deleting all existing non-divisional teams first.")));
 	} else {
 		// grab all the awards
 		$q = $pdo->prepare("SELECT 
 						award_awards.*, 
 						award_types.type AS award_type, 
 						award_types.order AS award_types_order 
-					FROM 	
+					FROM \t
 						award_awards,
 						award_types 
-					WHERE 	
+					WHERE \t
 						award_awards.award_types_id=award_types.id 
-						AND award_awards.conferences_id='".$conference['id']."' 
+						AND award_awards.year='" . $config['FAIRYEAR'] . "' 
-						AND award_types.conferences_id='".$conference['id']."' 
+						AND award_types.year='" . $config['FAIRYEAR'] . "' 
 						AND award_types_id!='1'
 					ORDER BY 
 						award_types_order, 
 						award_awards.order,
 						name");
-			$num=1;
+		$q->execute();
-			while($r=mysql_fetch_object($q))
+
-			{
+		// startat
-//				print_r($r);
+		$q2 = $pdo->prepare("SELECT MAX(num) AS lastnum FROM judges_teams WHERE year='{$config['FAIRYEAR']}'");
-				$name=mysql_escape_string("($r->award_type) $r->name");
+		$q2->execute();
-				mysql_query("INSERT INTO judges_teams(num,name,autocreate_type_id,conferences_id) VALUES ('$num','$name','$r->award_types_id','".$conference['id']."')");
+		$r2 = $q2->fetch(PDO::FETCH_OBJ);
-				echo mysql_error();
+		if ($r2->lastnum)
-				$team_id=mysql_insert_id();
+			$num = $r2->lastnum + 1;
-				//now link the new team to the award
+		else
-				mysql_query("INSERT INTO judges_teams_awards_link (award_awards_id,judges_teams_id,conferences_id) VALUES ('$r->id','$team_id','".$conference['id']."')");
+			$num = 1;
-				message_push(happy(i18n("Created team #%1: %2",array($num,$name))));
+
-				$num++;
+		while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 			//				print_r($r);
 			$name = "($r->award_type) $r->name";
 			$stmt = $pdo->prepare('INSERT INTO judges_teams (num, name, autocreate_type_id, year) 
                       VALUES (:num, :name, :autocreate_type_id, :year)');
 			$stmt->bindParam(':num', $num);
 			$stmt->bindParam(':name', $name);
 			$stmt->bindParam(':autocreate_type_id', $r->award_types_id);
 			$stmt->bindParam(':year', $config['FAIRYEAR']);
 			$stmt->execute();
 			show_pdo_errors_if_any($pdo);
 			$team_id = $pdo->lastInsertId();
 			if ($team_id) {
 				// now link the new team to the award
 				$stmt = $pdo->prepare("INSERT INTO judges_teams_awards_link (award_awards_id,judges_teams_id,year) VALUES ('$r->id','$team_id','" . $config['FAIRYEAR'] . "')");
 				$stmt->execute();
 				message_push(happy(i18n('Created team #%1: %2', array($num, $name))));
 			} else {
 				message_push(error(i18n('Error creating team #%1: %2', array($num, $name))));
 			}
 			$num++;
 		}
 	}
 }
-	if($action=="add" && $_GET['num'])
+if (get_value_or_default($action) == 'add' && $_GET['num']) {
-	{
+	$stmt = $pdo->prepare("INSERT INTO judges_teams(num,year) VALUES ('" . $_GET['num'] . "','" . $config['FAIRYEAR'] . "')");
-		mysql_query("INSERT INTO judges_teams(num,conferences_id) VALUES ('".$_GET['num']."','".$conference['id']."')");
+	$stmt->execute();
-		echo mysql_error();
+	show_pdo_errors_if_any($pdo);
-		$edit=mysql_insert_id();
+	$edit = $pdo->lastInsertId();
-		$action="edit";
+	$action = 'edit';
-	}
+}
-	if($action=="edit" && $edit)
+if (get_value_or_default($action) == 'edit' && $edit) {
-	{
+	send_header('Edit Judging Team',
-		send_header("Edit Judging Team",
+		array('Committee Main' => 'committee_main.php',
- 			array('Committee Main' => 'committee_main.php',
+			'Administration' => 'admin/index.php',
-				'Administration' => 'admin/index.php',
+			'Judges' => 'admin/judges.php',
-				'Judges' => 'admin/judges.php',
+			'Manage Judging Teams' => 'admin/judges_teams.php'));
 				'Manage Judging Teams' => 'admin/judges_teams.php'));
 ?>
 <script language="javascript" type="text/javascript">
 function addclicked()
@ -248,51 +276,44 @@ function addclicked()
 </script>
 <?
 		echo "<br />";
 		$team=getJudgingTeam($edit);
-		if(!$_SESSION['viewstate']['judges_teams_awards_show'])
+	echo '<br />';
-			$_SESSION['viewstate']['judges_teams_awards_show']='unassigned';
+	$team = getJudgingTeam($edit);
 		//now update the judges_teams_awards_show viewstate
 		if($_GET['judges_teams_awards_show'])
 			$_SESSION['viewstate']['judges_teams_awards_show']=$_GET['judges_teams_awards_show'];
-		echo "<form name=\"judges\" method=\"post\" action=\"judges_teams.php\">";
+	if (!$_SESSION['viewstate']['judges_teams_awards_show'])
-		echo "<input type=\"hidden\" name=\"action\" value=\"save\">";
+		$_SESSION['viewstate']['judges_teams_awards_show'] = 'unassigned';
-		echo "<input type=\"hidden\" name=\"edit\" value=\"$edit\">";
+	// now update the judges_teams_awards_show viewstate
 	if (get_value_from_array($_GET, 'judges_teams_awards_show'))
 		$_SESSION['viewstate']['judges_teams_awards_show'] = $_GET['judges_teams_awards_show'];
-		echo "<table>";
+	echo '<form name="judges" method="post" action="judges_teams.php">';
-		echo "<tr><td>".i18n("Team Number").":</td><td><input type=\"text\" size=\"4\" name=\"team_num\" value=\"".$team['num']."\"></td></tr>";
+	echo '<input type="hidden" name="action" value="save">';
-		echo "<tr><td>".i18n("Team Name").":</td><td><input type=\"text\" size=\"40\" name=\"team_name\" value=\"".$team['name']."\"></td></tr>";
+	echo "<input type=\"hidden\" name=\"edit\" value=\"$edit\">";
 		echo "<tr><td>".i18n("Awards").":</td><td>";
-		if(count($team['awards']))
+	echo '<table>';
-		{
+	echo '<tr><td>' . i18n('Team Number') . ':</td><td><input type="text" size="4" name="team_num" value="' . $team['num'] . '"></td></tr>';
-			foreach($team['awards'] AS $award)
+	echo '<tr><td>' . i18n('Team Name') . ':</td><td><input type="text" size="40" name="team_name" value="' . $team['name'] . '"></td></tr>';
-			{
+	echo '<tr><td>' . i18n('Awards') . ':</td><td>';
-				echo "<a onclick=\"return confirmClick('Are you sure you want to unassign this award from this team?')\" href=\"judges_teams.php?action=unassign&unassign=".$award['id']."&edit=".$team['id']."\"><img border=0 src=\"".$config['SFIABDIRECTORY']."/images/16/button_cancel.".$config['icon_extension']."\"></a>";
+
-				echo " (".$award['award_type'].") ".$award['name']." <br />";
+	if (count(get_value_from_array($team, 'awards', []))) {
-			}
+		foreach ($team['awards'] AS $award) {
 			echo '<a onclick="return confirmClick(\'Are you sure you want to unassign this award from this team?\')" href="judges_teams.php?action=unassign&unassign=' . $award['id'] . '&edit=' . $team['id'] . '"><img border=0 src="' . $config['SFIABDIRECTORY'] . '/images/16/button_cancel.' . $config['icon_extension'] . '"></a>';
 			echo ' (' . $award['award_type'] . ') ' . $award['name'] . ' <br />';
 		}
 	}
-		echo "<table><tr>";
+	echo '<table><tr>';
-		if($_SESSION['viewstate']['judges_teams_awards_show']=='all')
+	if ($_SESSION['viewstate']['judges_teams_awards_show'] == 'all') {
-		{
+		echo "<td align=left><a href=\"judges_teams.php?action=edit&edit=$edit&judges_teams_awards_show=unassigned\">" . i18n('show unassigned') . '</a></td>';
-			echo "<td align=left><a href=\"judges_teams.php?action=edit&edit=$edit&judges_teams_awards_show=unassigned\">".i18n("show unassigned")."</a></td>";
+		echo '<td align=right><b>' . i18n('show all') . '</b></td>';
-			echo "<td align=right><b>".i18n("show all")."</b></td>";
+	} else {
-		}
+		echo '<td align=left><b>' . i18n('show unassigned') . '</b></td>';
-		else
+		echo "<td align=right><a href=\"judges_teams.php?action=edit&edit=$edit&judges_teams_awards_show=all\">" . i18n('show all') . '</a></td>';
-		{
+	}
-			echo "<td align=left><b>".i18n("show unassigned")."</b></td>";
+	echo '</tr>';
 			echo "<td align=right><a href=\"judges_teams.php?action=edit&edit=$edit&judges_teams_awards_show=all\">".i18n("show all")."</a></td>";
-		}
+	if ($_SESSION['viewstate']['judges_teams_awards_show'] == 'all') {
-		echo "</tr>";
+		$querystr = "SELECT 
 		if($_SESSION['viewstate']['judges_teams_awards_show']=='all')
 		{
 			$querystr="SELECT 
 					award_awards.id, 
 					award_awards.name, 
 					award_types.type AS award_type,
@ -301,17 +322,15 @@ function addclicked()
 					award_awards, 
 					award_types
 				WHERE 
-					award_awards.conferences_id='".$conference['id']."'
+					award_awards.year='" . $config['FAIRYEAR'] . "'
 					AND award_types.id=award_awards.award_types_id
-					AND award_types.conferences_id='{$conference['id']}'
+					AND award_types.year='{$config['FAIRYEAR']}'
 				ORDER BY 
 					award_type_order,
 					name
 				";
-		}
+	} else {
-		else
+		$querystr = "SELECT 
 		{
 			$querystr="SELECT 
 					award_awards.id, 
 					award_awards.name, 
 					award_types.type AS award_type,
@ -323,122 +342,111 @@ function addclicked()
 					)
 					LEFT JOIN judges_teams_awards_link ON award_awards.id = judges_teams_awards_link.award_awards_id
 				WHERE 
-					award_awards.conferences_id='".$conference['id']."' AND 
+					award_awards.year='" . $config['FAIRYEAR'] . "' AND 
 					judges_teams_awards_link.award_awards_id IS NULL
 					AND award_types.id=award_awards.award_types_id
-					AND award_types.conferences_id='{$conference['id']}'
+					AND award_types.year='{$config['FAIRYEAR']}'
 				ORDER BY 
 					award_type_order,
 					name";
 		}
 		echo "<tr><td colspan=2>";
 		$q=mysql_query($querystr);
 		echo mysql_error();
 		echo "<select name=\"award\">";
 		echo "<option value=\"\">".i18n("Choose award to assign to team")."</option>\n";
 		while($r=mysql_fetch_object($q))
 		{
 			echo "<option value=\"$r->id\">($r->award_type) $r->name</option>\n";
 		}
 		echo "</select>";
 		echo "<input type=\"button\" value=\"Add\" onclick=\"addclicked()\">";
 		echo "</td></tr>";
 		echo "</table>";
 		echo "</td></tr>";
 		echo "</table>";
 		echo "<input type=submit value=\"".i18n("Save Changes")."\">";
 		echo "</form>";
 	}
 	else
 	{
 		send_header("Manage Judging Teams",
 			array('Committee Main' => 'committee_main.php',
 				'Administration' => 'admin/index.php',
 				'Judges' => 'admin/judges.php'));
 		echo "<br />";
-		$teams=getJudgingTeams();
+	echo '<tr><td colspan=2>';
-		//print_r($teams);
+	$q = $pdo->prepare($querystr);
 	$q->execute();
-		if(!count($teams))
+	show_pdo_errors_if_any($pdo);
-		{
+	echo '<select name="award">';
-			echo "<a href=\"judges_teams.php?action=createall\">".i18n("Automatically create one new team for every non-divisional award")."</a><br />";
+	echo '<option value="">' . i18n('Choose award to assign to team') . "</option>\n";
 			echo "<a href=\"judges_teams.php?action=add&num=1\">".i18n("Manually add individual team")."</a><br />";
 		}
 		else
 		{
 			//grab an array of all the current team numbers
 			foreach($teams AS $team)
 				$teamnumbers[$team['num']]=1;
-			//start at 1, and find the next available team number
+	while ($r = $q->fetch(PDO::FETCHH_OBJ)) {
-			$newteamnum=1;
+		echo "<option value=\"$r->id\">($r->award_type) $r->name</option>\n";
-			while($teamnumbers[$newteamnum]==1)
+	}
 			{
 				$newteamnum++;
 			}
 	echo '</select>';
 	echo '<input type="button" value="Add" onclick="addclicked()">';
 	echo '</td></tr>';
 	echo '</table>';
-			echo "<table width=\"95%\">";
+	echo '</td></tr>';
-			echo "<tr><td>";
+	echo '</table>';
-			echo "<a href=\"judges_teams.php?action=add&num=$newteamnum\">Add individual team</a><br />";
+	echo '<input type=submit value="' . i18n('Save Changes') . '">';
-			echo "</td><td>";
+	echo '</form>';
-			echo "<a onclick=\"return confirmClick('".i18n("Are you sure you want to delete all teams that are assigned to divisional awards?")."')\" href=\"judges_teams.php?action=deletealldivisional\">Delete all teams assigned to divisional awards</a>";
+} else {
-			echo "<br />";
+	send_header('Manage Judging Teams',
-			echo "<a onclick=\"return confirmClick('".i18n("Are you sure you want to delete all teams?")."')\" href=\"judges_teams.php?action=deleteall\">Delete all teams</a><br />";
+		array('Committee Main' => 'committee_main.php',
-			echo "</td></tr></table>";
+			'Administration' => 'admin/index.php',
 			'Judges' => 'admin/judges.php'));
 	echo '<br />';
-			echo "<table class=\"summarytable\">\n";
+	$teams = getJudgingTeams();
-			echo "<thead style=\"cursor:pointer\"><tr><th>Num</th>";
+	$newteamnum = null;
-			echo "<th>Team Name</th>";
+	if (count($teams)) {
-			echo "<th>Award(s)</th>";
+		// grab an array of all the current team numbers
-			echo "<th>Actions</th>";
+		foreach ($teams AS $team)
-			echo "</tr></thead>";
+			$teamnumbers[$team['num']] = 1;
 			foreach($teams AS $team)
 			{
 				echo "<tr><td>".$team['num']."</td><td>";
 				echo $team['name'];
 				echo "</td>";
-				echo "<td>";
+		// start at 1, and find the next available team number
-				if(count($team['awards']))
+		$newteamnum = 1;
-				{
+		while (get_value_from_array($teamnumbers, $newteamnum) == 1) {
-					foreach($team['awards'] AS $award)
+			$newteamnum++;
 					{
 						echo $award['name']." <br />";
 					}
 				}
 				else
 				{
 					echo error(i18n("No award assigned to team"),"inline");
 				}
 				echo "</td>";
 				echo " <td align=\"center\">";
 				echo "<a href=\"judges_teams.php?action=edit&edit=".$team['id']."\"><img border=\"0\" src=\"".$config['SFIABDIRECTORY']."/images/16/edit.".$config['icon_extension']."\"></a>";
 				echo "&nbsp;";
 				echo "<a onclick=\"return confirmClick('Are you sure you want to remove this team?')\" href=\"judges_teams.php?action=delete&delete=".$team['id']."\"><img border=0 src=\"".$config['SFIABDIRECTORY']."/images/16/button_cancel.".$config['icon_extension']."\"></a>";
 				echo " </td>\n";
 				echo "</tr>\n";
 			}
 			echo "</table>";
 			echo "<script type=\"text/javascript\">$('.summarytable').tablesorter();</script>";
 			echo "<br />";
 		}
 	}
 	send_footer();
 	echo '<table width="95%">';
 	echo '<tr><td>';
 	$q = $pdo->prepare("SELECT COUNT(*) AS c FROM judges_teams WHERE autocreate_type_id!='1' AND year='" . $config['FAIRYEAR'] . "'");
 	$q->execute();
 	$r = $q->fetch(PDO::FETCH_OBJ);
 	if (!$r->c) {
 		echo '<a href="judges_teams.php?action=createall">' . i18n('Automatically create one new team for every non-divisional award') . '</a><br />';
 	}
 	echo "<a href=\"judges_teams.php?action=add&num=$newteamnum\">" . i18n('Manually add individual team') . '</a><br />';
 	echo '</td><td>';
 	if (count($teams)) {
 		echo '<a onclick="return confirmClick(\'' . i18n('Are you sure you want to delete all teams that are assigned to divisional awards?') . '\')" href="judges_teams.php?action=deletealldivisional">Delete all teams assigned to divisional awards</a>';
 		echo '<br />';
 		echo '<a onclick="return confirmClick(\'' . i18n('Are you sure you want to delete all teams?') . '\')" href="judges_teams.php?action=deleteall">Delete all teams</a><br />';
 		echo '</td></tr></table>';
 		echo "<table class=\"summarytable\">\n";
 		echo '<thead style="cursor:pointer"><tr><th>Num</th>';
 		echo '<th>Team Name</th>';
 		echo '<th>Award(s)</th>';
 		echo '<th>Actions</th>';
 		echo '</tr></thead>';
 		foreach ($teams AS $team) {
 			echo '<tr><td>#' . $team['num'] . '</td><td>';
 			echo $team['name'];
 			echo '</td>';
 			echo '<td>';
 			if (count(get_value_from_array($team, 'awards', []))) {
 				foreach ($team['awards'] AS $award) {
 					echo $award['name'] . ' <br />';
 				}
 			} else {
 				echo error(i18n('No award assigned to team'), 'inline');
 			}
 			echo '</td>';
 			echo ' <td align="center">';
 			echo '<a href="judges_teams.php?action=edit&edit=' . $team['id'] . '"><img border="0" src="' . $config['SFIABDIRECTORY'] . '/images/16/edit.' . $config['icon_extension'] . '"></a>';
 			echo '&nbsp;';
 			echo '<a onclick="return confirmClick(\'Are you sure you want to remove this team?\')" href="judges_teams.php?action=delete&delete=' . $team['id'] . '"><img border=0 src="' . $config['SFIABDIRECTORY'] . '/images/16/button_cancel.' . $config['icon_extension'] . '"></a>';
 			echo " </td>\n";
 			echo "</tr>\n";
 		}
 		echo '</table>';
 		echo '<script type="text/javascript">$(\'.summarytable\').tablesorter();</script>';
 		echo '<br />';
 	} else {
 		echo '</td></tr></table>';
 	}
 }
 send_footer();
 ?>
--- a/admin/judges_teams_members.php
+++ b/admin/judges_teams_members.php
@ -1,37 +1,37 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require_once('../common.inc.php');
+require_once ('../common.inc.php');
- require_once('../user.inc.php');
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- require_once('judges.inc.php');
+require_once ('judges.inc.php');
- send_header("Judging Team Members",
+send_header('Judging Team Members',
- 		array('Committee Main' => 'committee_main.php',
+	array('Committee Main' => 'committee_main.php',
-			'Administration' => 'admin/index.php',
+		'Administration' => 'admin/index.php',
-			'Judges' => 'admin/judges.php')
+		'Judges' => 'admin/judges.php'));
 				);
 ?>
 <script language="javascript" type="text/javascript">
 function addbuttonclicked(team)
@ -55,7 +55,7 @@ function switchjudgeinfo()
 	else
 	{
 		document.forms.judges.judgeinfobutton.disabled=true;
-		document.forms.judges.judgeinfobutton.value="<? echo i18n("Judge Info")?>";
+		document.forms.judges.judgeinfobutton.value="<? echo i18n('Judge Info') ?>";
 	}
 }
@ -75,7 +75,7 @@ function showMemberDetails(judgeId){
 function editMember(memberId){
 	if(memberId == undefined) memberId = selectedMemberId;
 	hideMemberDetails();
-	window.open("../user_editor_window.php?id="+memberId,"UserEditor","location=no,menubar=no,directories=no,toolbar=no,width=770,height=500,scrollbars=yes");
+	window.open("user_editor_window.php?id="+memberId,"UserEditor","location=no,menubar=no,directories=no,toolbar=no,width=770,height=500,scrollbars=yes");
 }
 function hideMemberDetails(){
@ -106,310 +106,372 @@ jQuery(document).ready(function(){
 </script>
 <?
-	if($_POST['action']=="add" && $_POST['team_num'] && count($_POST['judgelist'])>0)
+if (get_value_from_array($_POST, 'action') == 'add' && get_value_from_array($_POST, 'team_num') && count(get_value_from_array($_POST, 'judgelist', [])) > 0) {
-	{
+	// first check if this team exists.
-		//first check if this team exists.
+	$q = $pdo->prepare("SELECT id,name FROM judges_teams WHERE num='" . $_POST['team_num'] . "' AND year='" . $config['FAIRYEAR'] . "'");
-		$q=mysql_query("SELECT id,name FROM judges_teams WHERE num='".$_POST['team_num']."' AND conferences_id='".$conference['id']."'");
+	$q->execute();
-		if(mysql_num_rows($q))
+	if ($q->rowCount()) {
-		{
+		$r = $q->fetch(PDO::FETCH_OBJ);
-			$r=mysql_fetch_object($q);
+		$team_id = $r->id;
-			$team_id=$r->id;
+		$team_name = $r->name;
 			$team_name=$r->name;
-			//if the team is empty, we'll add the first person as the captain
+		// if the team is empty, we'll add the first person as the captain
-			$team=getJudgingTeam($team_id);
+		$team = getJudgingTeam($team_id);
-			if(count($team['members']))
+		if (count(get_value_from_array($team, 'members', [])))
-				$captain='no';
+			$captain = 'no';
 			else
 				$captain='yes';
 		}
 		$added=0;
 		foreach($_POST['judgelist'] AS $selectedjudge)
 		{
 			//before we insert them, we need to make sure they dont already belong to this team.  We can not have the same judge assigned to the same team multiple times.
 			$q=mysql_query("SELECT * FROM judges_teams_link WHERE users_id='$selectedjudge' AND judges_teams_id='$team_id'");
 			if(mysql_num_rows($q))
 			{
 				echo notice(i18n("Judge (%1) already belongs to judging team: %2",array($selectedjudge,$team_name)));
 			}
 			else
 			{
 				//lets make the first one we add a captain, the rest, non-captains :)
 				mysql_query("INSERT INTO judges_teams_link (users_id,judges_teams_id,captain,conferences_id) VALUES ('$selectedjudge','$team_id','$captain','".$conference['id']."')");	
 				$added++;
 			}
 			//if this is alreayd no, then who cares, but if its the first one that is going into the new team, then
 			//captain will be yes, and we only want the first one assigned to a new team to be the captain
 			//sno now we can set this back to no
 			$captain='no';
 		}
 		if($added==1) $j=i18n("judge");
 		else $j=i18n("judges");
 		echo happy(i18n("%1 %2 added to team #%3 (%4)",array($added,$j,$_POST['team_num'],$team_name)));
 	}
 	if($_GET['action']=="del" && $_GET['team_num'] && $_GET['team_id'] && $_GET['users_id'])
 	{
 		mysql_query("DELETE FROM judges_teams_link WHERE users_id='".$_GET['users_id']."' AND judges_teams_id='".$_GET['team_id']."' AND conferences_id='".$conference['id']."'");
 		echo happy(i18n("Removed judge from team #%1 (%2)",array($_GET['team_num'],$_GET['team_name'])));
 		//if there is still members left in the team, make sure we have a captain still
 		$q=mysql_query("SELECT * FROM judges_teams_link WHERE judges_teams_id='".$_GET['team_id']."' AND conferences_id='".$conference['id']."'");
 		if(mysql_num_rows($q))
 		{
 			//make sure the team still has a captain!
 			//FIXME: this might best come from the "i am willing to be a team captain" question under the judges profile
 			$gotcaptain=false;
 			$first=true;
 			while($r=mysql_fetch_object($q))
 			{
 				if($first)
 				{
 					$firstjudge=$r->users_id;
 					$first=false;
 				}
 				if($r->captain=="yes")
 				{
 					$gotcaptain=true;
 					break;
 				}
 			}
 			if(!$gotcaptain)
 			{
 				//make the first judge the captain
 				mysql_query("UPDATE judges_teams_link SET captain='yes' WHERE judges_teams_id='".$_GET['team_id']."' AND users_id='$firstjudge' AND conferences_id='".$conference['id']."'");	
 				echo notice(i18n("Team captain was removed. A new team captain has been automatically assigned"));
 			}
 		}
 	}
 	if($_GET['action']=="empty" && $_GET['team_num'] && $_GET['team_id'])
 	{
 		mysql_query("DELETE FROM judges_teams_link WHERE judges_teams_id='".$_GET['team_id']."' AND conferences_id='".$conference['id']."'");
 		echo happy(i18n("Emptied all judges from team #%1 (%2)",array($_GET['team_num'],$_GET['team_name'])));
 	}
 	if($_POST['action']=="saveteamnames")
 	{
 		if(count($_POST['team_names']))
 		{
 			foreach($_POST['team_names'] AS $team_id=>$team_name)
 			{
 				mysql_query("UPDATE judges_teams SET name='".mysql_escape_string(stripslashes($team_name))."' WHERE id='$team_id'");
 			}
 			echo happy(i18n("Team names successfully saved"));
 		}
 	}
 	if($_GET['action']=="addcaptain")
 	{
 		//teams can have as many captains as they want, so just add it.
 		mysql_query("UPDATE judges_teams_link SET captain='yes' WHERE judges_teams_id='".$_GET['team_id']."' AND users_id='".$_GET['judge_id']."'");
 		echo happy(i18n("Team captain assigned"));
 	}
 	if($_GET['action']=="removecaptain")
 	{
 		//teams must always have at least one captain, so if we only have one, and we are trying to remove it, dont let them!
 		$q=mysql_query("SELECT * FROM judges_teams_link WHERE captain='yes' AND judges_teams_id='".$_GET['team_id']."'");
 		if(mysql_num_rows($q)<2)
 		{
 			echo error(i18n("A judge team must always have at least one captain"));
 		}
 		else
-		{
+			$captain = 'yes';
-			mysql_query("UPDATE judges_teams_link SET captain='no' WHERE judges_teams_id='".$_GET['team_id']."' AND users_id='".$_GET['judge_id']."'");
+	}
-			echo happy(i18n("Team captain removed"));
+	$added = 0;
 	foreach ($_POST['judgelist'] AS $selectedjudge) {
 		// before we insert them, we need to make sure they dont already belong to this team.  We can not have the same judge assigned to the same team multiple times.
 		$q = $pdo->prepare("SELECT * FROM judges_teams_link WHERE users_id='$selectedjudge' AND judges_teams_id='$team_id'");
 		$q->execute();
 		if ($q->rowCount()) {
 			echo notice(i18n('Judge (%1) already belongs to judging team: %2', array($selectedjudge, $team_name)));
 		} else {
 			// lets make the first one we add a captain, the rest, non-captains :)
 			$stmt = $pdo->prepare("INSERT INTO judges_teams_link (users_id,judges_teams_id,captain,year) VALUES ('$selectedjudge','$team_id','$captain','" . $config['FAIRYEAR'] . "')");
 			$stmt->execute();
 			$added++;
 		}
 		// if this is alreayd no, then who cares, but if its the first one that is going into the new team, then
 		// captain will be yes, and we only want the first one assigned to a new team to be the captain
 		// sno now we can set this back to no
 		$captain = 'no';
 	}
 	if ($added == 1)
 		$j = i18n('judge');
 	else
 		$j = i18n('judges');
 	echo happy(i18n('%1 %2 added to team #%3 (%4)', array($added, $j, $_POST['team_num'], $team_name)));
 }
 if (get_value_from_array($_GET, 'action') == 'del' && get_value_from_array($_GET, 'team_num') && get_value_from_array($_GET, 'team_id') && get_value_from_array($_GET, 'users_id')) {
 	$stmt = $pdo->prepare("DELETE FROM judges_teams_link WHERE users_id='" . $_GET['users_id'] . "' AND judges_teams_id='" . $_GET['team_id'] . "' AND year='" . $config['FAIRYEAR'] . "'");
 	$stmt->execute();
 	echo happy(i18n('Removed judge from team #%1 (%2)', array($_GET['team_num'], $_GET['team_name'])));
 	// if there is still members left in the team, make sure we have a captain still
 	$q = $pdo->prepare("SELECT * FROM judges_teams_link WHERE judges_teams_id='" . $_GET['team_id'] . "' AND year='" . $config['FAIRYEAR'] . "'");
 	$q->execute();
 	if ($q->rowCount()) {
 		// make sure the team still has a captain!
 		// FIXME: this might best come from the "i am willing to be a team captain" question under the judges profile
 		$gotcaptain = false;
 		$first = true;
 		while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 			if ($first) {
 				$firstjudge = $r->users_id;
 				$first = false;
 			}
 			if ($r->captain == 'yes') {
 				$gotcaptain = true;
 				break;
 			}
 		}
 		if (!$gotcaptain) {
 			// make the first judge the captain
 			$stmt = $pdo->prepare("UPDATE judges_teams_link SET captain='yes' WHERE judges_teams_id='" . $_GET['team_id'] . "' AND users_id='$firstjudge' AND year='" . $config['FAIRYEAR'] . "'");
 			$stmt->execute();
 			echo notice(i18n('Team captain was removed. A new team captain has been automatically assigned'));
 		}
 	}
 }
-	if(!$_SESSION['viewstate']['judges_teams_list_show'])
+if (get_value_from_array($_GET, 'action') == 'empty' && get_value_from_array($_GET, 'team_num') && get_value_from_array($_GET, 'team_id')) {
-		$_SESSION['viewstate']['judges_teams_list_show']='unassigned';
+	$stmt = $pdo->prepare("DELETE FROM judges_teams_link WHERE judges_teams_id='" . $_GET['team_id'] . "' AND year='" . $config['FAIRYEAR'] . "'");
-	//now update the judges_teams_list_show viewstate
+	$stmt->execute();
-	if($_GET['judges_teams_list_show'])
+	echo happy(i18n('Emptied all judges from team #%1 (%2)', array($_GET['team_num'], $_GET['team_name'])));
-		$_SESSION['viewstate']['judges_teams_list_show']=$_GET['judges_teams_list_show'];
+}
-	echo "<form name=\"judges\" method=\"post\" action=\"judges_teams_members.php\">";
+if (get_value_from_array($_POST, 'action') == 'saveteamnames') {
-	echo "<input type=\"hidden\" name=\"action\">";
+	if (count($_POST['team_names'])) {
-	echo "<input type=\"hidden\" name=\"team_id\">";
+		foreach ($_POST['team_names'] AS $team_id => $team_name) {
-	echo "<input type=\"hidden\" name=\"team_num\">";
+			$stmt = $pdo->prepare("UPDATE judges_teams SET name='" . stripslashes($team_name) . "' WHERE id='$team_id'");
-	echo "<input type=\"hidden\" name=\"team_name\">";
+			$stmt->execute();
-	echo "<input type=\"hidden\" name=\"users_id\">";
+		}
-	echo "<table>";
+		echo happy(i18n('Team names successfully saved'));
 	echo "<tr>";
 	echo "<th>".i18n("Judges List");
 	echo "<br />";
 	echo "<input disabled=\"true\" name=\"judgeinfobutton\" id=\"judgeinfobutton\" onclick=\"showMemberDetails()\" type=\"button\" value=\"".i18n("Judge Info")."\">";
 	echo "</th>";
 	echo "<th>".i18n("Judge Teams")."</th>";
 	echo "</tr>";
 	echo "<tr><td valign=\"top\">";
 	echo "<table width=\"100%\"><tr>";
 	if($_SESSION['viewstate']['judges_teams_list_show']=='all')
 	{
 		echo "<td align=left><a href=\"judges_teams_members.php?judges_teams_list_show=unassigned\">".i18n("show unassigned")."</a></td>";
 		echo "<td align=right><b>".i18n("show all")."</b></td>";
 	}
-	else
+}
 	{
 		echo "<td align=left><b>".i18n("show unassigned")."</b></td>";
 		echo "<td align=right><a href=\"judges_teams_members.php?judges_teams_list_show=all\">".i18n("show all")."</a></td>";
 if (get_value_from_array($_GET, 'action') == 'addcaptain') {
 	// teams can have as many captains as they want, so just add it.
 	$stmt = $pdo->prepare("UPDATE judges_teams_link SET captain='yes' WHERE judges_teams_id='" . $_GET['team_id'] . "' AND users_id='" . $_GET['judge_id'] . "'");
 	$stmt->execute();
 	echo happy(i18n('Team captain assigned'));
 }
 if (get_value_from_array($_GET, 'action') == 'removecaptain') {
 	// teams must always have at least one captain, so if we only have one, and we are trying to remove it, dont let them!
 	$q = $pdo->prepare("SELECT * FROM judges_teams_link WHERE captain='yes' AND judges_teams_id='" . $_GET['team_id'] . "'");
 	$q->execute();
 	if ($q->rowCount() < 2) {
 		echo error(i18n('A judge team must always have at least one captain'));
 	} else {
 		$pdo->prepare("UPDATE judges_teams_link SET captain='no' WHERE judges_teams_id='" . $_GET['team_id'] . "' AND users_id='" . $_GET['judge_id'] . "'");
 		$pdo->execute();
 		echo happy(i18n('Team captain removed'));
 	}
-	echo "</tr></table>";
+}
 if (get_value_from_array($_GET, 'action') == 'autoassignspecial') {
 	/* Load all the judges (judge_complete=yes, deleted=no, year=fairyear) */
 	$judgelist = judges_load_all();
 	/* Load all the teams */
 	$teams = array();
-	$q = mysql_query("SELECT * FROM judges_teams WHERE conferences_id='{$conference['id']}'");
+	$q = $pdo->prepare("SELECT * FROM judges_teams WHERE year='{$config['FAIRYEAR']}'");
-	while($i = mysql_fetch_assoc($q)) {
+	$q->execute();
 	while ($i = $q->fetch(PDO::FETCH_ASSOC)) {
 		$teams[$i['id']] = $i;
 	}
 	/* And the links */
 	$links = array();
-	$q = mysql_query("SELECT * FROM judges_teams_link WHERE conferences_id='{$conference['id']}'");
+	$q = $pdo->prepare("SELECT * FROM judges_teams_link WHERE year='{$config['FAIRYEAR']}'");
-	while($i = mysql_fetch_assoc($q)) {
+	$q->execute();
 	while ($i = $q->fetch(PDO::FETCH_ASSOC)) {
 		$judgelist[$i['users_id']]['teams_links'][] = $i;
 	}
-    $jlist = array();
+	$jlist = array();
-	if($_SESSION['viewstate']['judges_teams_list_show']=='unassigned') {
+
-		/* Remove all judges that have a link */
+	/* Remove all judges that have a link */
-		foreach($judgelist as $j) {
+	foreach ($judgelist as $j) {
-			if(count($j['teams_links']) == 0) $jlist[] = $j['id'];
+		if (count($j['teams_links']) == 0 && $j['special_award_only'] == 'yes')
-		}
+			$jlist[] = $j['id'];
 	} else {
 		$jlist = array_keys($judgelist);
 	}
-
+	echo 'We have ' . count($jlist) . ' special awards judges to assign';
-	echo "<center>";
+	foreach ($jlist AS $jid) {
-	echo i18n("Listing %1 judges",array(count($jlist)));
+		$j = $judgelist[$jid];
-	echo "<br />";
+		if (is_array($j['special_award_selected']) && count($j['special_award_selected'])) {
-	echo "</center>";
+			// assing them to ALL teams for ALL awards
-	echo mysql_error();
+			foreach ($j['special_award_selected'] AS $awardid) {
-	echo "<select name=\"judgelist[]\" onchange=\"switchjudgeinfo()\" multiple=\"multiple\" style=\"width: 250px; height: 600px;\">";
+				echo "Looking for a team for award $awardid <br />";
-
+				// find the award id linked to a team
-	foreach($jlist as $jid) {
+				$q = $pdo->prepare("SELECT * FROM judges_teams_awards_link WHERE award_awards_id='{$awardid}' AND year='{$config['FAIRYEAR']}'");
-		$u = &$judgelist[$jid];
+				$q->execute();
-		if($u['firstname'] && $u['lastname'])
+				if ($q->rowCount()) {
-			echo "<option value=\"$jid\">{$u['firstname']} {$u['lastname']} (" . implode(' ', $u['languages']) . ")</option>\n";
+					while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-	}
+						$stmt = $pdo->prepare("INSERT INTO judges_teams_link (users_id,judges_teams_id,captain,year) VALUES ('$jid','$r->judges_teams_id','yes','{$config['FAIRYEAR']}')");
-	unset($u);
+						$stmt->execute();
-
+						echo happy(i18n('%1 %2 to their special award(s) team(s)', array($j['firstname'], $j['lastname'])));
-	echo "</select>";
+					}
-	echo "</td>";
+				} else {
-	echo "<td valign=\"top\">";
+					echo error(i18n('%1 %2 not assigned - No team found that is judging award id %1', array($awardid)));
-
+				}
-	$teams=getJudgingTeams();
+			}
-
+		} else {
-	foreach($teams AS $team) {
+			echo error(i18n('%1 %2 has indicated special awards only, but didnt selected any awards', array($j['firstname'], $j['lastname'])));
 		echo "<hr>";
 		echo "<table width=\"100%\">";
 		echo "<tr><td valign=top width=\"80\">";
 		echo "<input onclick=\"addbuttonclicked('".$team['num']."')\" type=\"button\" value=\"Add &gt;&gt;\">";
 		echo "</td><td>";
 		echo "<table width=\"100%\">\n";
 		echo "<tr><th colspan=\"2\" align=\"left\">#".$team['num'].": ";
 		echo $team['name'];
 		echo "</th></tr>\n";
 		echo "<tr><td colspan=\"2\">";
 		foreach($team['rounds'] as $ts) {
 			echo "{$ts['name']}: ".format_time($ts['starttime'])." - ".format_time($ts['endtime'])."<br />";
 		}
-		echo "</td></tr>";
+	}
 }
-		if(count($team['members'])) {
+if (!$_SESSION['viewstate']['judges_teams_list_show'])
-			foreach($team['members'] AS $member) {
+	$_SESSION['viewstate']['judges_teams_list_show'] = 'unassigned';
-				$j = &$judgelist[$member['id']];
+// now update the judges_teams_list_show viewstate
-				echo "<tr><td>";
+if (get_value_from_array($_GET, 'judges_teams_list_show'))
 	$_SESSION['viewstate']['judges_teams_list_show'] = $_GET['judges_teams_list_show'];
-				$langerr=false;
+echo '<form name="judges" method="post" action="judges_teams_members.php">';
-				foreach($team['languages'] AS $teamlang) {
+echo '<input type="hidden" name="action">';
-					if(!in_array($teamlang,$j['languages'])) {
+echo '<input type="hidden" name="team_id">';
-						$langerr=true;
+echo '<input type="hidden" name="team_num">';
 echo '<input type="hidden" name="team_name">';
 echo '<input type="hidden" name="users_id">';
 echo '<table>';
 echo '<tr>';
 echo '<th>' . i18n('Judges List');
 echo '<br />';
 echo '<input disabled="true" name="judgeinfobutton" id="judgeinfobutton" onclick="showMemberDetails()" type="button" value="' . i18n('Judge Info') . '">';
 echo '</th>';
 echo '<th>' . i18n('Judge Teams') . '</th>';
 echo '</tr>';
 echo '<tr><td valign="top">';
 echo '<table width="100%"><tr>';
 if ($_SESSION['viewstate']['judges_teams_list_show'] == 'all') {
 	echo '<td align=left><a href="judges_teams_members.php?judges_teams_list_show=unassigned">' . i18n('show unassigned') . '</a></td>';
 	echo '<td align=right><b>' . i18n('show all') . '</b></td>';
 } else {
 	echo '<td align=left><b>' . i18n('show unassigned') . '</b></td>';
 	echo '<td align=right><a href="judges_teams_members.php?judges_teams_list_show=all">' . i18n('show all') . '</a></td>';
 }
 echo '</tr></table>';
 /* Load all the judges (judge_complete=yes, deleted=no, year=fairyear) */
 $judgelist = judges_load_all();
 /* Load all the teams */
 $teams = array();
 $q = $pdo->prepare("SELECT * FROM judges_teams WHERE year='{$config['FAIRYEAR']}'");
 $q->execute();
 while ($i = $q->fetch(PDO::FETCH_ASSOC)) {
 	$teams[$i['id']] = $i;
 }
 /* And the links */
 $links = array();
 $q = $pdo->prepare("SELECT * FROM judges_teams_link WHERE year='{$config['FAIRYEAR']}'");
 $q->execute();
 while ($i = $q->fetch(PDO::FETCH_ASSOC)) {
 	$judgelist[$i['users_id']]['teams_links'][] = $i;
 }
 $jlist = array();
 if ($_SESSION['viewstate']['judges_teams_list_show'] == 'unassigned') {
 	/* Remove all judges that have a link */
 	foreach ($judgelist as $j) {
 		if (count(get_value_from_array($j, 'teams_links', [])) == 0)
 			$jlist[] = $j['id'];
 	}
 } else {
 	$jlist = array_keys($judgelist);
 }
 echo '<center>';
 echo i18n('Listing %1 judges', array(count($jlist)));
 echo '<br />';
 echo '</center>';
 show_pdo_errors_if_any($pdo);
 echo '<select name="judgelist[]" onchange="switchjudgeinfo()" multiple="multiple" style="width: 250px; height: 600px;">';
 foreach ($jlist as $jid) {
 	$u = &$judgelist[$jid];
 	if ($u['firstname'] && $u['lastname']) {
 		if ($u['special_award_only'] == 'yes') {
 			$sp = '[sp] ';
 		} else
 			$sp = '';
 		echo "<option value=\"$jid\">{$sp}{$u['firstname']} {$u['lastname']} (" . implode(' ', $u['languages']) . ")</option>\n";
 	}
 }
 unset($u);
 echo '</select>';
 echo '<br />';
 echo "<a href=\"judges_teams_members.php?action=autoassignspecial\">Auto-Assign Special Awards Judges to Special Awards Teams</a>\n";
 echo '</td>';
 echo '<td valign="top">';
 $teams = getJudgingTeams();
 foreach ($teams AS $team) {
 	echo '<hr>';
 	echo '<table width="100%">';
 	echo '<tr><td valign=top width="80">';
 	echo '<input onclick="addbuttonclicked(\'' . $team['num'] . '\')" type="button" value="Add &gt;&gt;">';
 	echo '</td><td>';
 	echo "<table width=\"100%\">\n";
 	echo '<tr><th colspan="2" align="left">#' . $team['num'] . ': ';
 	echo $team['name'];
 	echo "</th></tr>\n";
 	echo '<tr><td colspan="2">';
 	foreach ($team['rounds'] as $ts) {
 		echo "{$ts['name']}: " . format_time($ts['starttime']) . ' - ' . format_time($ts['endtime']) . '<br />';
 	}
 	echo '</td></tr>';
 	if (count(get_value_from_array($team, 'members', []))) {
 		foreach ($team['members'] AS $member) {
 			$j = &$judgelist[$member['id']];
 			echo '<tr><td>';
 			/*
 			 * if($team['num']=="89") {
 			 * 	echo "<pre>";
 			 * 	print_r($team);
 			 * 	print_r($j);
 			 * 	echo "</pre>";
 			 * }
 			 */
 			$langerr = false;
 			$judgeerr = false;
 			foreach ($team['languages'] AS $teamlang) {
 				if (is_array($j['languages'])) {
 					if (!in_array($teamlang, $j['languages'])) {
 						$langerr = true;
 						break;
 					}
 				} else {
 					$langerr = true;
 				}
 				echo "<a onclick=\"return confirmClick('Are you sure you want to remove this judge from this team?')\" href=\"judges_teams_members.php?action=del&team_id=".$team['id']."&team_num=".$team['num']."&users_id=".$member['id']."&team_name=".rawurlencode($team['name'])."\"><img border=0 src=\"".$config['SFIABDIRECTORY']."/images/16/button_cancel.".$config['icon_extension']."\"></a>";
 				echo "</td><td width=\"100%\">";
 				if($langerr) echo "<span class=\"error\" style=\"width: 100%; display: block;\">";
 				if($member['captain']=="yes") {
 					echo "<a title=\"Captain - Click to remove captain status\" href=\"judges_teams_members.php?action=removecaptain&team_id=".$team['id']."&judge_id=".$member['id']."\">";
 					echo "<img border=0 src=\"".$config['SFIABDIRECTORY']."/images/16/bookmark.".$config['icon_extension']."\">";
 					echo "</a>&nbsp;";
 				}
 				else {
 					echo "<a title=\"Non-Captain - Click to make a team captain\" href=\"judges_teams_members.php?action=addcaptain&team_id=".$team['id']."&judge_id=".$member['id']."\">";
 					echo "<img border=0 src=\"".$config['SFIABDIRECTORY']."/images/16/bookmark_disabled.".$config['icon_extension']."\">";
 					echo "</a>&nbsp;";
 				}
 				echo "<a  onclick=\"showMemberDetails(" . $member['id'] . ");\">";
 				echo $member['firstname']." ".$member['lastname'];
 				if(is_array($j['languages'])) 
 					$l = is_array($j['languages']) ? join(' ',$j['languages']) : '';
 				echo "</a>&nbsp;<span style=\"font-size: 1.0em;\">($l)</span>\n";
 				if($langerr) echo "</span>\n";
 				echo "</td></tr>";
 			}
-			echo "<tr><td colspan=\"2\">";
+			if (!$j['id']) {
-			echo "<a onclick=\"return confirmClick('Are you sure you want to empty all judges from this team?')\" href=\"judges_teams_members.php?action=empty&team_id=".$team['id']."&team_num=".$team['num']."&team_name=".rawurlencode($team['name'])."\">";
+				$judgeerr = true;
-			echo " ".i18n("Empty All Members")." ";
+			}
-			echo "<img border=0 src=\"".$config['SFIABDIRECTORY']."/images/16/button_cancel.".$config['icon_extension']."\">";
+
-			echo "</a>";
+			echo '<a onclick="return confirmClick(\'Are you sure you want to remove this judge from this team?\')" href="judges_teams_members.php?action=del&team_id=' . $team['id'] . '&team_num=' . $team['num'] . '&users_id=' . $member['id'] . '&team_name=' . rawurlencode($team['name']) . '"><img border=0 src="' . $config['SFIABDIRECTORY'] . '/images/16/button_cancel.' . $config['icon_extension'] . '"></a>';
-			echo "</td></tr>";
+			echo '</td><td width="100%">';
-		}
+			if ($langerr || $judgeerr)
-		else
+				echo '<span class="error" style="width: 100%; display: block;">';
-		{
+			if ($judgeerr) {
-			echo "<tr><td colspan=\"2\">";
+				echo 'ERROR: this judge is assigned to the team, but they are not an active/complete judge! <br />';
-			echo error(i18n("Team has no members"),"inline");
+			}
-			echo "</td></tr>";
+
 			if ($member['captain'] == 'yes') {
 				echo '<a title="Captain - Click to remove captain status" href="judges_teams_members.php?action=removecaptain&team_id=' . $team['id'] . '&judge_id=' . $member['id'] . '">';
 				echo '<img border=0 src="' . $config['SFIABDIRECTORY'] . '/images/16/bookmark.' . $config['icon_extension'] . '">';
 				echo '</a>&nbsp;';
 			} else {
 				echo '<a title="Non-Captain - Click to make a team captain" href="judges_teams_members.php?action=addcaptain&team_id=' . $team['id'] . '&judge_id=' . $member['id'] . '">';
 				echo '<img border=0 src="' . $config['SFIABDIRECTORY'] . '/images/16/bookmark_disabled.' . $config['icon_extension'] . '">';
 				echo '</a>&nbsp;';
 			}
 			echo '<a  onclick="showMemberDetails(' . $member['id'] . ');">';
 			echo $member['firstname'] . ' ' . $member['lastname'];
 			if (is_array($j['languages']))
 				$l = is_array($j['languages']) ? join(' ', $j['languages']) : '';
 			echo "</a>&nbsp;<span style=\"font-size: 1.0em;\">($l)</span>\n";
 			if ($langerr || $judgeerr)
 				echo "</span>\n";
 			echo '</td></tr>';
 		}
-		echo "</table>";
+		echo '<tr><td colspan="2">';
-
+		echo '<a onclick="return confirmClick(\'Are you sure you want to empty all judges from this team?\')" href="judges_teams_members.php?action=empty&team_id=' . $team['id'] . '&team_num=' . $team['num'] . '&team_name=' . rawurlencode($team['name']) . '">';
-		echo "</td></tr></table>";
+		echo ' ' . i18n('Empty All Members') . ' ';
 		echo '<img border=0 src="' . $config['SFIABDIRECTORY'] . '/images/16/button_cancel.' . $config['icon_extension'] . '">';
 		echo '</a>';
 		echo '</td></tr>';
 	} else {
 		echo '<tr><td colspan="2">';
 		echo error(i18n('Team has no members'), 'inline');
 		echo '</td></tr>';
 	}
-	echo "<br />";
+	echo '</table>';
-	echo "</td></tr>";
+	echo '</td></tr></table>';
-	echo "</table>";
+}
 	echo "</form>";
 	echo '<div id="infodiv" style="background-color: #DDF; border:solid;'
 		. ' border-width:1px;'
 		. ' border-color: #000;'
 		. ' position:absolute;'
 		. ' top: 0px; left:0px;'
 		. ' overflow:hidden; display:none;"'
 		. '></div>';
 	echo '<div id="infodivcover" style="'
 		. ' position:absolute;'
 		. ' display:none;"'
 		. ' onmouseout="hideMemberDetails();"'
 		. '></div>';
 echo '<br />';
-	send_footer();
+echo '</td></tr>';
-
+echo '</table>';
 echo '</form>';
 echo '<div id="infodiv" style="font-size: 1.2em; background-color: #DDF; border:solid;'
 	. ' border-width:1px;'
 	. ' border-color: #000;'
 	. ' position:absolute;'
 	. ' top: 0px; left:0px;'
 	. ' overflow:hidden; display:none;"'
 	. '></div>';
 echo '<div id="infodivcover" style="'
 	. ' position:absolute;'
 	. ' display:none;"'
 	. ' onmouseout="hideMemberDetails();"'
 	. '></div>';
 send_footer();
 ?>
--- a/admin/judges_teams_projects.php
+++ b/admin/judges_teams_projects.php
@ -1,39 +1,39 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- require("judges.inc.php");
+require ('judges.inc.php');
- require("../projects.inc.php");
+require ('../projects.inc.php');
- send_header("Judging Teams Projects",
+send_header('Judging Teams Projects',
- 		array('Committee Main' => 'committee_main.php',
+	array('Committee Main' => 'committee_main.php',
-			'Administration' => 'admin/index.php',
+		'Administration' => 'admin/index.php',
-			'Judges' => 'admin/judges.php')
+		'Judges' => 'admin/judges.php'));
-				);
+?>
 ?>
 <script language="javascript" type="text/javascript">
 function assign(ts)
 {
@ -56,101 +56,96 @@ function eligibleclick()
 <?
- 	echo "<br />";
+echo '<br />';
 $action = null;
 if (get_value_from_array($_GET, 'actio'))
 	$action = $_GET['action'];
 else if (get_value_from_array($_POST, 'action'))
 	$action = $_POST['action'];
- if($_GET['action']) $action=$_GET['action'];
+if (get_value_from_array($_GET, 'edit'))
- else if($_POST['action']) $action=$_POST['action'];
+	$edit = $_GET['edit'];
 else if (get_value_from_array($_POST, 'edit'))
 	$edit = $_POST['edit'];
- if($_GET['edit']) $edit=$_GET['edit'];
+if (!get_value_from_2d_array($_SESSION, 'viewstate', 'judges_projects_list_show'))
- else if($_POST['edit']) $edit=$_POST['edit'];
+	$_SESSION['viewstate']['judges_projects_list_show'] = 'unassigned';
 // now update the judges_teams_list_show viewstate
 if (get_value_from_array($_GET, 'judges_projects_list_show'))
 	$_SESSION['viewstate']['judges_projects_list_show'] = $_GET['judges_projects_list_show'];
-if(!$_SESSION['viewstate']['judges_projects_list_show'])
+if (!get_value_from_2d_array($_SESSION, 'viewstate', 'judges_projects_list_eligible'))
-	$_SESSION['viewstate']['judges_projects_list_show']='unassigned';
+	$_SESSION['viewstate']['judges_projects_list_eligible'] = 'true';
-//now update the judges_teams_list_show viewstate
+// now update the judges_teams_list_show viewstate
-if($_GET['judges_projects_list_show'])
+if (get_value_from_array($_GET, 'judges_projects_list_eligible'))
-	$_SESSION['viewstate']['judges_projects_list_show']=$_GET['judges_projects_list_show'];
+	$_SESSION['viewstate']['judges_projects_list_eligible'] = $_GET['judges_projects_list_eligible'];
-if(!$_SESSION['viewstate']['judges_projects_list_eligible'])
+if (get_value_from_array($_GET, 'action') == 'delete' && $_GET['delete'] && $_GET['edit']) {
-	$_SESSION['viewstate']['judges_projects_list_eligible']='true';
+	$stmt = $pdo->prepare("DELETE FROM judges_teams_timeslots_projects_link WHERE id='" . $_GET['delete'] . "'");
-//now update the judges_teams_list_show viewstate
+	$stmt->execute();
-if($_GET['judges_projects_list_eligible'])
+	echo happy(i18n('Judging team project successfully removed'));
-	$_SESSION['viewstate']['judges_projects_list_eligible']=$_GET['judges_projects_list_eligible'];
+	$action = 'edit';
 if($_GET['action']=="delete" && $_GET['delete'] && $_GET['edit'])
 {
 	mysql_query("DELETE FROM judges_teams_timeslots_projects_link WHERE id='".$_GET['delete']."'");
 	echo happy(i18n("Judging team project successfully removed"));
 	$action="edit";
 }
-
+if (get_value_from_array($_POST, 'action') == 'assign' && $_POST['edit'] && $_POST['timeslot'] && $_POST['project_id']) {
-if($_POST['action']=="assign" && $_POST['edit'] && $_POST['timeslot'] && $_POST['project_id'])
+	$stmt = $pdo->prepare("INSERT INTO judges_teams_timeslots_projects_link (judges_teams_id,judges_timeslots_id,projects_id,year) VALUES ('" . $_POST['edit'] . "','" . $_POST['timeslot'] . "','" . $_POST['project_id'] . "','" . $config['FAIRYEAR'] . "')");
-{
+	$stmt->execute();
-	mysql_query("INSERT INTO judges_teams_timeslots_projects_link (judges_teams_id,judges_timeslots_id,projects_id,conferences_id) VALUES ('".$_POST['edit']."','".$_POST['timeslot']."','".$_POST['project_id']."','".$conference['id']."')");
+	echo happy(i18n('Project assigned to team timeslot'));
 	echo happy(i18n("Project assigned to team timeslot"));
 }
-$q=mysql_query("SELECT DISTINCT(date) AS d FROM judges_timeslots WHERE conferences_id='".$conference['id']."'");
+$q = $pdo->prepare("SELECT DISTINCT(date) AS d FROM judges_timeslots WHERE year='" . $config['FAIRYEAR'] . "'");
-if(mysql_num_rows($q)>1)
+$q->execute();
-	$show_date=true;
+if ($q->rowCount() > 1)
 	$show_date = true;
 else
-	$show_date=false;
+	$show_date = false;
-
+if (($action == 'edit' || $action == 'assign') && $edit) {
-if( ($action=="edit" || $action=="assign" ) && $edit)
+	echo '<a href="judges_teams_projects.php">Back to Judging Teams Projects List</a>';
- {
+	echo '<form name="teamsprojects" method="post" action="judges_teams_projects.php">';
 	echo "<a href=\"judges_teams_projects.php\">Back to Judging Teams Projects List</a>";
 	echo "<form name=\"teamsprojects\" method=\"post\" action=\"judges_teams_projects.php\">";
 	echo "<input type=\"hidden\" name=\"action\" value=\"assign\">\n";
 	echo "<input type=\"hidden\" name=\"edit\" value=\"$edit\">\n";
 	echo "<input type=\"hidden\" name=\"timeslot\" value=\"\">\n";
-	$team=getJudgingTeam($edit);
+	$team = getJudgingTeam($edit);
-	echo "<b>".$team['name']." (#".$team['num'].")</b><br />";
+	echo '<b>' . $team['name'] . ' (#' . $team['num'] . ')</b><br />';
-	if(count($team['members']))
+	if (count($team['members'])) {
-	{
+		$memberlist = '&nbsp;&nbsp;';
-		$memberlist="&nbsp;&nbsp;";
+		foreach ($team['members'] AS $member) {
-		foreach($team['members'] AS $member)
+			if ($member['captain'] == 'yes')
-		{
+				$memberlist .= '<i>';
-			if($member['captain']=="yes")
+			$memberlist .= $member['firstname'] . ' ' . $member['lastname'];
-				$memberlist.="<i>";
+			if ($member['captain'] == 'yes')
-			$memberlist.=$member['firstname']." ".$member['lastname'];
+				$memberlist .= '</i>';
-			if($member['captain']=="yes")
+			$memberlist .= ', ';
 				$memberlist.="</i>";
 			$memberlist.=", ";
 		}
-		echo "<b>".i18n("Judging Team Members").": </b>";
+		echo '<b>' . i18n('Judging Team Members') . ': </b>';
-		$memberlist=substr($memberlist,0,-2);
+		$memberlist = substr($memberlist, 0, -2);
-		echo "<br />";
+		echo '<br />';
-	}
+	} else
-	else
+		$memberlist = error(i18n('Team has no members assigned to it.  <a href="judges_teams_members.php">Assign Judges Here</a>'));
 		$memberlist=error(i18n("Team has no members assigned to it.  <a href=\"judges_teams_members.php\">Assign Judges Here</a>"));
 	echo $memberlist;
-	echo "<br />";
+	echo '<br />';
-	echo "<br />";
+	echo '<br />';
-	//we need award_ids for use below to get the eligible projects, so lets build the array here while we're displaying the awards
+	// we need award_ids for use below to get the eligible projects, so lets build the array here while we're displaying the awards
-	$award_ids=array();
+	$award_ids = array();
-	if(count($team['awards']))
+	if (count($team['awards'])) {
-	{
+		$awardlist = '&nbsp;&nbsp;';
-		$awardlist="&nbsp;&nbsp;";
+		foreach ($team['awards'] AS $award) {
-		foreach($team['awards'] AS $award)
+			$awardlist .= $award['name'];
-		{
+			$awardlist .= ', ';
-			$awardlist.=$award['name'];
+			$award_ids[] = $award['id'];
 			$awardlist.=", ";
 			$award_ids[]=$award['id'];
 		}
-		echo "<b>".i18n("Judging Team Awards").": </b>";
+		echo '<b>' . i18n('Judging Team Awards') . ': </b>';
-		$awardlist=substr($awardlist,0,-2);
+		$awardlist = substr($awardlist, 0, -2);
-		echo "<br />";
+		echo '<br />';
-	}
+	} else
-	else
+		$awardlist = error(i18n('Team has no awards assigned to it.  <a href="judges_teams.php">Assign Awards Here</a>'));
 		$awardlist=error(i18n("Team has no awards assigned to it.  <a href=\"judges_teams.php\">Assign Awards Here</a>"));
 	echo $awardlist;
-	//get the timeslots that this team has.
+	// get the timeslots that this team has.
-	$q=mysql_query("SELECT 
+	$q = $pdo->prepare("SELECT 
 				judges_timeslots.id,
 				judges_timeslots.date,
 				judges_timeslots.starttime,
@ -160,47 +155,41 @@ if( ($action=="edit" || $action=="assign" ) && $edit)
 				judges_teams,
 				judges_teams_timeslots_link
 			WHERE
-				judges_teams.id='".$team['id']."' AND
+				judges_teams.id='" . $team['id'] . "' AND
 				judges_teams.id=judges_teams_timeslots_link.judges_teams_id AND
 				judges_timeslots.id=judges_teams_timeslots_link.judges_timeslots_id
 			ORDER BY
 				date,starttime
 			");
 	$q->execute();
-
+	$numslots = $q - rowCount();
-	$numslots=mysql_num_rows($q);
+	if ($numslots) {
-	if($numslots)
+		echo '<br />';
-	{
+		echo '<br />';
-
+		if ($_SESSION['viewstate']['judges_projects_list_eligible'] == 'true')
-		echo "<br />";
+			$ch = 'checked="checked"';
 		echo "<br />";
 		if($_SESSION['viewstate']['judges_projects_list_eligible']=='true')
 			$ch="checked=\"checked\"";
 		else
-			$ch="";
+			$ch = '';
-		echo "<input $ch onclick=\"eligibleclick()\" type=\"checkbox\" name=\"showeligible\"> ".i18n("Only show projects eligible/nominated for awards assigned to this team");
+		echo "<input $ch onclick=\"eligibleclick()\" type=\"checkbox\" name=\"showeligible\"> " . i18n('Only show projects eligible/nominated for awards assigned to this team');
-		echo "<table>";
+		echo '<table>';
-		echo "</tr>";
+		echo '</tr>';
-		echo "<tr>";
+		echo '<tr>';
-		if($_SESSION['viewstate']['judges_projects_list_show']=='all')
+		if ($_SESSION['viewstate']['judges_projects_list_show'] == 'all') {
-		{
+			echo "<td align=left><a href=\"judges_teams_projects.php?action=$action&edit=$edit&judges_projects_list_show=unassigned\">" . i18n('show unassigned') . '</a></td>';
-			echo "<td align=left><a href=\"judges_teams_projects.php?action=$action&edit=$edit&judges_projects_list_show=unassigned\">".i18n("show unassigned")."</a></td>";
+			echo '<td align=right><b>' . i18n('show all') . '</b></td>';
-			echo "<td align=right><b>".i18n("show all")."</b></td>";
+		} else {
 			echo '<td align=left><b>' . i18n('show unassigned') . '</b></td>';
 			echo "<td align=right><a href=\"judges_teams_projects.php?action=$action&edit=$edit&judges_projects_list_show=all\">" . i18n('show all') . '</a></td>';
 		}
-		else
+		echo '<td>&nbsp;</td>';
-		{
+		echo '</tr>';
-			echo "<td align=left><b>".i18n("show unassigned")."</b></td>";
+		echo '<tr><td colspan=2>';
 			echo "<td align=right><a href=\"judges_teams_projects.php?action=$action&edit=$edit&judges_projects_list_show=all\">".i18n("show all")."</a></td>";
 		}
 		echo "<td>&nbsp;</td>";
 		echo "</tr>";
 		echo "<tr><td colspan=2>";
-		if($_SESSION['viewstate']['judges_projects_list_show']=='all')
+		if ($_SESSION['viewstate']['judges_projects_list_show'] == 'all') {
-		{
+			$querystr = 'SELECT 
 			$querystr="SELECT 
 					projects.id,
 					projects.projectnumber,
 					projects.title,
@ -210,15 +199,13 @@ if( ($action=="edit" || $action=="assign" ) && $edit)
 					registrations
 				WHERE
 					projectnumber is not null 
-					" . getJudgingEligibilityCode(). " AND
+					' . getJudgingEligibilityCode() . " AND
 					projects.registrations_id=registrations.id AND
-					projects.conferences_id='".$conference['id']."'
+					projects.year='" . $config['FAIRYEAR'] . "'
 				ORDER BY
 					projectnumber";
-		}
+		} else if ($_SESSION['viewstate']['judges_projects_list_show'] == 'unassigned') {
-		else if($_SESSION['viewstate']['judges_projects_list_show']=='unassigned')
+			$querystr = "SELECT 
 		{
 			$querystr="SELECT 
 					projects.id,
 					projects.projectnumber,
 					projects.title,
@ -229,66 +216,66 @@ if( ($action=="edit" || $action=="assign" ) && $edit)
 					registrations
 				WHERE
 					projectnumber is not null 
-					" . getJudgingEligibilityCode(). " AND
+					' . getJudgingEligibilityCode(). ' AND
 					projects.registrations_id=registrations.id AND
 					judges_teams_timeslots_projects_link.projects_id IS NULL AND
-					projects.conferences_id='".$conference['id']."'
+					projects.year='" . $config['FAIRYEAR'] . "'
 				ORDER BY
 					projectnumber";
 		}
 		$pq=mysql_query($querystr);
 		echo mysql_error();
 		$eligibleprojects=getProjectsEligibleOrNominatedForAwards($award_ids);
 //		echo nl2br(print_r($eligibleprojects,true));
 		//the keys are the project numbers, so lets get an array of those too so we can use in_array below
 		$eligibleprojectsnumbers=array_keys($eligibleprojects);
 //		echo nl2br(print_r($eligibleprojects,true));
-		$numprojects=0;
+		$pq = $pdo->prepare($querystr);
-		echo "<select name=\"project_id\">";
+		$pq->execute();
-		echo "<option value=\"\">".i18n("Choose Project to Assign to Timeslot")."</option>\n";
+		show_pdo_errors_if_any($pdo);
-		while($pr=mysql_fetch_object($pq)) {
+
-			if($_SESSION['viewstate']['judges_projects_list_eligible']=='true') {
+		$eligibleprojects = getProjectsEligibleOrNominatedForAwards($award_ids);
-				if(in_array($pr->projectnumber,$eligibleprojectsnumbers)) {
+		//		echo nl2br(print_r($eligibleprojects,true));
 		// the keys are the project numbers, so lets get an array of those too so we can use in_array below
 		$eligibleprojectsnumbers = array_keys($eligibleprojects);
 		//		echo nl2br(print_r($eligibleprojects,true));
 		$numprojects = 0;
 		echo '<select name="project_id">';
 		echo '<option value="">' . i18n('Choose Project to Assign to Timeslot') . "</option>\n";
 		while ($pr = $pq->fetch(PDO::FETCH_OBJ)) {
 			if ($_SESSION['viewstate']['judges_projects_list_eligible'] == 'true') {
 				if (in_array($pr->projectnumber, $eligibleprojectsnumbers)) {
 					echo "<option value=\"$pr->id\">$pr->projectnumber - $pr->title</option>\n";
 					$numprojects++;
 				}
-			}
+			} else {
 			else {
 				echo "<option value=\"$pr->id\">$pr->projectnumber - $pr->title</option>\n";
 				$numprojects++;
 			}
 		}
-		echo "</select>";
+		echo '</select>';
-		echo "</td><td>";
+		echo '</td><td>';
-		echo i18n("%1 projects listed",array($numprojects));
+		echo i18n('%1 projects listed', array($numprojects));
-		echo "</td></tr>";
+		echo '</td></tr>';
-		echo "</table>";
+		echo '</table>';
-		echo "<br />";
+		echo '<br />';
-		echo "<br />";
+		echo '<br />';
-		echo "<table class=\"summarytable\">";
+		echo '<table class="summarytable">';
-		echo "<tr>";
+		echo '<tr>';
-		echo "<th>".i18n("Timeslot")."</th>";
+		echo '<th>' . i18n('Timeslot') . '</th>';
-		echo "<th>".i18n("Project")."</th>";
+		echo '<th>' . i18n('Project') . '</th>';
-		echo "</tr>";
+		echo '</tr>';
 		while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 			echo '<tr><td>';
-		while($r=mysql_fetch_object($q)) {
+			echo '<nobr>';
-			echo "<tr><td>";
+			if ($show_date)
-
+				echo format_date($r->date) . '&nbsp;';
 			echo "<nobr>";
 			if($show_date)
 				echo format_date($r->date)."&nbsp;";
 			echo format_time($r->starttime);
-			echo " - ";
+			echo ' - ';
 			echo format_time($r->endtime);
-			echo "</nobr>";
+			echo '</nobr>';
-			echo "</td><td>";
+			echo '</td><td>';
-			
+
-			$projq=mysql_query("SELECT
+			$projq = $pdo->prepare("SELECT
 						judges_teams_timeslots_projects_link.id AS link_id,
 						projects.projectnumber,
 						projects.id,
@ -298,70 +285,69 @@ if( ($action=="edit" || $action=="assign" ) && $edit)
 						judges_teams_timeslots_projects_link
 					WHERE
 						judges_teams_timeslots_projects_link.judges_timeslots_id='$r->id' AND
-						judges_teams_timeslots_projects_link.judges_teams_id='".$team['id']."' AND
+						judges_teams_timeslots_projects_link.judges_teams_id='" . $team['id'] . "' AND
 						judges_teams_timeslots_projects_link.projects_id=projects.id AND
-						judges_teams_timeslots_projects_link.conferences_id='".$conference['id']."'
+						judges_teams_timeslots_projects_link.year='" . $config['FAIRYEAR'] . "'
 					ORDER BY
 						projectnumber
 					");
 			$projq->execute();
-		echo mysql_Error();
+			show_pdo_errors_if_any($pdo);
-			while($proj=mysql_fetch_object($projq)) {
+			while ($proj = $projq->fetch(PDO::FETCH_OBJ)) {
-				echo "<a onclick=\"return confirmClick('Are you sure you want to remove this project from this team timeslot?')\" href=\"judges_teams_projects.php?action=delete&delete=".$proj->link_id."&edit=".$team['id']."\"><img border=0 src=\"".$config['SFIABDIRECTORY']."/images/16/button_cancel.".$config['icon_extension']."\"></a>";
+				echo '<a onclick="return confirmClick(\'Are you sure you want to remove this project from this team timeslot?\')" href="judges_teams_projects.php?action=delete&delete=' . $proj->link_id . '&edit=' . $team['id'] . '"><img border=0 src="' . $config['SFIABDIRECTORY'] . '/images/16/button_cancel.' . $config['icon_extension'] . '"></a>';
 				echo "$proj->projectnumber - $proj->title <br />";
 			}
-			echo "<input name=\"assignbtn[$r->id]\" type=\"button\" onclick=\"assign('$r->id')\" value=\"".i18n("Assign")."\">";
+			echo "<input name=\"assignbtn[$r->id]\" type=\"button\" onclick=\"assign('$r->id')\" value=\"" . i18n('Assign') . '">';
-
+			echo '</td></tr>';
 			echo "</td></tr>";
 		}
-		echo "</table>";
+		echo '</table>';
-	}
+	} else {
-	else {
+		echo error(i18n('Team has no timeslots assigned to it.  <a href="judges_teams_timeslots.php">Assign Timeslots Here</a>'));
 		echo error(i18n("Team has no timeslots assigned to it.  <a href=\"judges_teams_timeslots.php\">Assign Timeslots Here</a>"));
 	}
-	echo "</form>";
+	echo '</form>';
- }
+} else {
- else {
+	echo '<input type="hidden" name="action" value="assign">';
 	echo "<input type=\"hidden\" name=\"action\" value=\"assign\">";
-	echo "<table class=\"tableview\">";
+	echo '<table class="tableview">';
-	echo "<thead><tr>";
+	echo '<thead><tr>';
-	echo "<th>".i18n("Team")."</th>";
+	echo '<th>' . i18n('Team') . '</th>';
-	echo "<th>".i18n("Timeslots and Projects")."</th>";
+	echo '<th>' . i18n('Timeslots and Projects') . '</th>';
-	echo "</tr></thead>";
+	echo '</tr></thead>';
-	$teams=getJudgingTeams();
+	$teams = getJudgingTeams();
-	foreach($teams AS $team) {
+	foreach ($teams AS $team) {
-		echo "<tr>";
+		echo '<tr>';
-		echo "<td width=\"200\">";
+		echo '<td width="200">';
-		echo "<b>".$team['name']." (#".$team['num'].")</b><br />";
+		echo '<b>' . $team['name'] . ' (#' . $team['num'] . ')</b><br />';
-		$memberlist="";
+		$memberlist = '';
-		if(count($team['members'])) {
+		if (count(get_value_from_array($team, 'members', []))) {
-			foreach($team['members'] AS $member) {
+			foreach ($team['members'] AS $member) {
-				echo "&nbsp;&nbsp;";
+				echo '&nbsp;&nbsp;';
-				$err=false;
+				$err = false;
-				foreach($team['languages_projects'] AS $projectlang) {
+				foreach ($team['languages_projects'] AS $projectlang) {
-					if(!in_array($projectlang, $member['languages_array'])) { 
+					if (!in_array($projectlang, $member['languages_array'])) {
-						$err=true; 
+						$err = true;
-						break; 
+						break;
 					}
 				}
-				if($err) echo "<span class=\"error\">";
+				if ($err)
-				if($member['captain']=="yes")
+					echo '<span class="error">';
-					echo "<i>";
+				if ($member['captain'] == 'yes')
-				echo $member['firstname']." ".$member['lastname']." (".$member['languages'].")<br />";
+					echo '<i>';
-				if($member['captain']=="yes")
+				echo $member['firstname'] . ' ' . $member['lastname'] . ' (' . $member['languages'] . ')<br />';
-					echo "</i>";
+				if ($member['captain'] == 'yes')
-				if($err) echo "</span>";
+					echo '</i>';
 				if ($err)
 					echo '</span>';
 			}
 		}
-		echo "</td>";
+		echo '</td>';
-		echo "<td>";
+		echo '<td>';
-		//get the timeslots that this team has.
+		// get the timeslots that this team has.
-		$q=mysql_query("SELECT 
+		$q = $pdo->prepare("SELECT 
 					judges_timeslots.id,
 					judges_timeslots.date,
 					judges_timeslots.starttime,
@ -371,31 +357,32 @@ if( ($action=="edit" || $action=="assign" ) && $edit)
 					judges_teams,
 					judges_teams_timeslots_link
 				WHERE
-					judges_teams.id='".$team['id']."' AND
+					judges_teams.id='" . $team['id'] . "' AND
 					judges_teams.id=judges_teams_timeslots_link.judges_teams_id AND
 					judges_timeslots.id=judges_teams_timeslots_link.judges_timeslots_id
 				ORDER BY
 					date,starttime
 				");
-		$numslots=mysql_num_rows($q);
+		$q->execute();
 		$numslots = $q->rowCount();
-		echo "<a href=\"judges_teams_projects.php?action=edit&edit=".$team['id']."\">".i18n("Edit team project assignments")."</a>";
+		echo '<a href="judges_teams_projects.php?action=edit&edit=' . $team['id'] . '">' . i18n('Edit team project assignments') . '</a>';
-		echo "<table class=\"tableview\" style=\"margin-left: 0px; width: 100%; font-size: 1.0em;\">";
+		echo '<table class="tableview" style="margin-left: 0px; width: 100%; font-size: 1.0em;">';
-		while($r=mysql_fetch_object($q)) {
+		while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-			echo "<tr><td width=\"100\" align=\"center\">";
+			echo '<tr><td width="100" align="center">';
-			echo "<nobr>";
+			echo '<nobr>';
-			if($show_date)
+			if ($show_date)
-				echo format_date($r->date)."&nbsp;";
+				echo format_date($r->date) . '&nbsp;';
 			echo format_time($r->starttime);
-			echo " - ";
+			echo ' - ';
 			echo format_time($r->endtime);
-			echo "</nobr>";
+			echo '</nobr>';
-			echo "</td><td>";
+			echo '</td><td>';
-			$projq=mysql_query("SELECT
+			$projq = $pdo->prepare("SELECT
 					projects.projectnumber,
 					projects.id,
 					projects.title,
@ -405,35 +392,35 @@ if( ($action=="edit" || $action=="assign" ) && $edit)
 					judges_teams_timeslots_projects_link
 				WHERE
 					judges_teams_timeslots_projects_link.judges_timeslots_id='$r->id' AND
-					judges_teams_timeslots_projects_link.judges_teams_id='".$team['id']."' AND
+					judges_teams_timeslots_projects_link.judges_teams_id='" . $team['id'] . "' AND
 					judges_teams_timeslots_projects_link.projects_id=projects.id AND
-					judges_teams_timeslots_projects_link.conferences_id='".$conference['id']."'
+					judges_teams_timeslots_projects_link.year='" . $config['FAIRYEAR'] . "'
 				ORDER BY
 					projectnumber
 				");
 			$projq->execute();
-			echo mysql_error();
+			show_pdo_errors_if_any($pdo);
-			while($proj=mysql_fetch_object($projq)) {
+			while ($proj = $projq->fetch(PDO::FETCH_OBJ)) {
-                if(!in_array($proj->language,$team['languages_members'])) 
+				if (!in_array($proj->language, $team['languages_members']))
-                    echo "<span class=\"error\">";
+					echo '<span class="error">';
 				echo "$proj->projectnumber - $proj->title ($proj->language)";
-                if(!in_array($proj->language,$team['languages'])) 
+				if (!in_array($proj->language, $team['languages_members']))
-                    echo "</span>\n";
+					echo "</span>\n";
-                echo "<br />";
+				echo '<br />';
 			}
-			echo "</td></tr>";
+			echo '</td></tr>';
 		}
-		echo "</table>";
+		echo '</table>';
-		echo "</td>";
+		echo '</td>';
-		echo "</tr>";
+		echo '</tr>';
 	}
-	echo "</table>";
+	echo '</table>';
 }
- }
+send_footer();
 send_footer();
 ?>
--- a/admin/judges_teams_timeslots.php
+++ b/admin/judges_teams_timeslots.php
@ -1,81 +1,82 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require_once('../common.inc.php');
+require_once ('../common.inc.php');
- require_once('../user.inc.php');
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- require_once('judges.inc.php');
+require_once ('judges.inc.php');
- $round_str = array('timeslot' => 'Judging Timeslot',
+$action = null;
 					'divisional1' => 'Divisional Round 1',
 					'divisional2' => 'Divisional Round 2',
 					'grand' => 'Grand Awards',
 					'special' => 'Special Awards' );
 if(array_key_exists('action',$_GET)) 
 	 $action = $_GET['action'];
 if(array_key_exists('action',$_POST)) 
 	 $action = $_POST['action'];
- if($action == 'delete' && array_key_exists('delete', $_GET)) {
+$round_str = array('timeslot' => 'Judging Timeslot',
 	'divisional1' => 'Divisional Round 1',
 	'divisional2' => 'Divisional Round 2',
 	'grand' => 'Grand Awards',
 	'special' => 'Special Awards');
 if (array_key_exists('action', $_GET))
 	$action = $_GET['action'];
 if (array_key_exists('action', $_POST))
 	$action = $_POST['action'];
 if (get_value_from_array($_GET, 'action') && $action == 'delete') {
 	$id = intval($_GET['delete']);
- 	mysql_query("DELETE FROM judges_teams_timeslots_link WHERE id='$id'");
+	$stmt = $pdo->prepare("DELETE FROM judges_teams_timeslots_link WHERE id='$id'");
-	message_push(happy(i18n("Judging team timeslot successfully removed")));
+	$stmt->execute();
- }
+	message_push(happy(i18n('Judging team timeslot successfully removed')));
 }
- if($action == 'empty' && array_key_exists('empty',$_GET)) {
+if (array_key_exists('empty', $_GET) && $action == 'empty') {
 	$id = intval($_GET['empty']);
- 	mysql_query("DELETE FROM judges_teams_timeslots_link WHERE judges_teams_id='$id'");
+	$stmt = $pdo->prepare("DELETE FROM judges_teams_timeslots_link WHERE judges_teams_id='$id'");
-	message_push(happy(i18n("Judging team timeslots successfully removed")));
+	$stmt->execute();
- }
+	message_push(happy(i18n('Judging team timeslots successfully removed')));
-
+}
 if($action == 'assign') {
 	//the db handles the uniqueness (to ensure the same timeslot isnt assigned to the same team more than once)
 	//so all we'll do here is just mass insert without regards for whats already there.
 	if(count($_POST['teams']) && count($_POST['timeslots'])) {
 		foreach($_POST['teams'] AS $tm) {
 			foreach($_POST['timeslots'] AS $ts) {
 				mysql_query("INSERT INTO judges_teams_timeslots_link (judges_teams_id,judges_timeslots_id,conferences_id) 
 						VALUES ('$tm','$ts','{$conference['id']}')");
 if ($action == 'assign') {
 	// the db handles the uniqueness (to ensure the same timeslot isnt assigned to the same team more than once)
 	// so all we'll do here is just mass insert without regards for whats already there.
 	if (count($_POST['teams']) && count($_POST['timeslots'])) {
 		foreach ($_POST['teams'] AS $tm) {
 			foreach ($_POST['timeslots'] AS $ts) {
 				$stmt = $pdo->prepare("INSERT INTO judges_teams_timeslots_link (judges_teams_id,judges_timeslots_id,year) 
 						VALUES ('$tm','$ts','{$config['FAIRYEAR']}')");
 				$stmt->execute();
 			}
 		}
-		message_push(happy(i18n("%1 Timeslots assigned to %2 teams",array(count($_POST['timeslots']),count($_POST['teams'])))));
+		message_push(happy(i18n('%1 Timeslots assigned to %2 teams', array(count($_POST['timeslots']), count($_POST['teams'])))));
 	} else {
-		message_push(error(i18n("You must select both team(s) and timeslot(s) to assign")));
+		message_push(error(i18n('You must select both team(s) and timeslot(s) to assign')));
 	}
- }
+}
 send_header('Judging Teams Timeslots',
 	array('Committee Main' => 'committee_main.php',
 		'Administration' => 'admin/index.php',
 		'Judges' => 'admin/judges.php'));
-
+?>
  send_header("Judging Teams Timeslots",
 		array('Committee Main' => 'committee_main.php',
 			'Administration' => 'admin/index.php',
 			'Judges' => 'admin/judges.php')
 				);
 ?>
 <script language="javascript" type="text/javascript">
 function checkall(what)
 {
@ -113,96 +114,96 @@ function checkinvert(what)
 <?
- 	echo "<br />";
+echo '<br />';
- 	echo "<form name=\"teamstimeslots\" method=\"post\" action=\"judges_teams_timeslots.php\">";
+echo '<form name="teamstimeslots" method="post" action="judges_teams_timeslots.php">';
-	echo "<input type=\"hidden\" name=\"action\" value=\"assign\">";
+echo '<input type="hidden" name="action" value="assign">';
-	echo "Choose timeslots to assign: <br />";
+echo 'Choose timeslots to assign: <br />';
-	echo "<a href=\"\" onclick=\"return checkall('timeslots')\">select all</a>";
+echo '<a href="" onclick="return checkall(\'timeslots\')">select all</a>';
-	echo "&nbsp;|&nbsp";
+echo '&nbsp;|&nbsp';
-	echo "<a href=\"\" onclick=\"return checknone('timeslots')\">select none</a>";
+echo '<a href="" onclick="return checknone(\'timeslots\')">select none</a>';
-	echo "&nbsp;|&nbsp";
+echo '&nbsp;|&nbsp';
-	echo "<a href=\"\" onclick=\"return checkinvert('timeslots')\">invert selection</a>";
+echo '<a href="" onclick="return checkinvert(\'timeslots\')">invert selection</a>';
 $q = $pdo->prepare("SELECT DISTINCT(date) AS d FROM judges_timeslots WHERE year='" . $config['FAIRYEAR'] . "'");
 $q->execute();
 if ($q->rowCount() > 1)
 	$show_date = true;
 else
 	$show_date = false;
-	$q=mysql_query("SELECT DISTINCT(date) AS d FROM judges_timeslots WHERE conferences_id='".$conference['id']."'");
+echo '<table class="summarytable">';
-	if(mysql_num_rows($q)>1)
+echo '<tr>';
-		$show_date=true;
+echo '<th>&nbsp;</th>';
-	else
+if ($show_date)
-		$show_date=false;
+	echo '<th>' . i18n('Date') . '</th>';
 echo '<th>' . i18n('Start Time') . '</th>';
 echo '<th>' . i18n('End Time') . '</th>';
 echo "</tr>\n";
-	echo "<table class=\"summarytable\">";
+$q = $pdo->prepare("SELECT * FROM judges_timeslots 
-	echo "<tr>";
+			WHERE year='{$config['FAIRYEAR']}' 
 	echo "<th>&nbsp;</th>";
 	if($show_date)	echo "<th>".i18n("Date")."</th>";
 	echo "<th>".i18n("Start Time")."</th>";
 	echo "<th>".i18n("End Time")."</th>";
 	echo "</tr>\n";
 	$q=mysql_query("SELECT * FROM judges_timeslots 
 			WHERE conferences_id='{$conference['id']}' 
 			AND round_id='0' ORDER BY date,starttime");
-	while($r=mysql_fetch_object($q)) {
+$q->execute();
-		echo "<tr>";
+while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-		$span = $show_date ? 4 : 3;
+	echo '<tr>';
-		echo "<td colspan=\"$span\">{$r->name} (".$round_str[$r->type].")</td>";
+	$span = $show_date ? 4 : 3;
-		$qq = mysql_query("SELECT * FROM judges_timeslots 
+	echo "<td colspan=\"$span\">{$r->name} (" . $round_str[$r->type] . ')</td>';
 	$qq = $pdo->prepare("SELECT * FROM judges_timeslots 
 					WHERE round_id='{$r->id}' ORDER BY date,starttime");
-		while($rr = mysql_fetch_object($qq)) {
+	$qq->execute();
-			echo "<tr>";
+	while ($rr = $qq->fetch(PDO::FETCH_OBJ)) {
-			echo "<td><input type=\"checkbox\" name=\"timeslots[]\" value=\"{$rr->id}\" /></td>";
+		echo '<tr>';
-			if($show_date)	echo "<td>".format_date($r->date)."</td>";
+		echo "<td><input type=\"checkbox\" name=\"timeslots[]\" value=\"{$rr->id}\" /></td>";
-			echo "<td align=\"center\">".format_time($rr->starttime)."</td>";
+		if ($show_date)
-			echo "<td align=\"center\">".format_time($rr->endtime)."</td>";
+			echo '<td>' . format_date($r->date) . '</td>';
-			echo "</tr>\n";
+		echo '<td align="center">' . format_time($rr->starttime) . '</td>';
 		echo '<td align="center">' . format_time($rr->endtime) . '</td>';
 		echo "</tr>\n";
 	}
 }
 echo '</table>';
 echo '<br />';
 echo '<br />';
 echo 'Choose teams to assign the above selected timeslots to:';
 echo '<br />';
 echo '<a href="" onclick="return checkall(\'teams\')">select all</a>';
 echo '&nbsp;|&nbsp';
 echo '<a href="" onclick="return checknone(\'teams\')">select none</a>';
 echo '&nbsp;|&nbsp';
 echo '<a href="" onclick="return checkinvert(\'teams\')">invert selection</a>';
 echo '<table class="summarytable">';
 echo '<tr>';
 echo '<th>&nbsp;</th>';
 echo '<th>' . i18n('Team') . '</th>';
 echo '<th>' . i18n('Timeslots') . '</th>';
 echo '</tr>';
 $teams = getJudgingTeams();
 foreach ($teams AS $team) {
 	echo '<tr>';
 	echo '<td><input type="checkbox" name="teams[]" value="' . $team['id'] . '" /></td>';
 	echo '<td>';
 	echo '<b>' . $team['name'] . ' (#' . $team['num'] . ')</b><br />';
 	$memberlist = '';
 	if (count(get_value_from_array($team, 'members', []))) {
 		foreach ($team['members'] AS $member) {
 			echo '&nbsp;&nbsp;';
 			if ($member['captain'] == 'yes')
 				echo '<i>';
 			echo $member['firstname'] . ' ' . $member['lastname'] . '<br />';
 			if ($member['captain'] == 'yes')
 				echo '</i>';
 		}
 	}
-	echo "</table>";
+	echo '</td>';
-
+	echo '<td>';
-	echo "<br />";
+	// get the timeslots that this team has.
-	echo "<br />";
+	$q = $pdo->prepare("SELECT 
 	echo "Choose teams to assign the above selected timeslots to:";
 	echo "<br />";
 	echo "<a href=\"\" onclick=\"return checkall('teams')\">select all</a>";
 	echo "&nbsp;|&nbsp";
 	echo "<a href=\"\" onclick=\"return checknone('teams')\">select none</a>";
 	echo "&nbsp;|&nbsp";
 	echo "<a href=\"\" onclick=\"return checkinvert('teams')\">invert selection</a>";
 	echo "<table class=\"summarytable\">";
 	echo "<tr>";
 	echo "<th>&nbsp;</th>";
 	echo "<th>".i18n("Team")."</th>";
 	echo "<th>".i18n("Timeslots")."</th>";
 	echo "</tr>";
 	$teams=getJudgingTeams();
 	foreach($teams AS $team)
 	{
 		echo "<tr>";
 		echo "<td><input type=\"checkbox\" name=\"teams[]\" value=\"".$team['id']."\" /></td>";
 		echo "<td>";
 		echo "<b>".$team['name']." (#".$team['num'].")</b><br />";
 		$memberlist="";
 		if(count($team['members']))
 		{
 			foreach($team['members'] AS $member)
 			{
 				echo "&nbsp;&nbsp;";
 				if($member['captain']=="yes")
 					echo "<i>";
 				echo $member['firstname']." ".$member['lastname']."<br />";
 				if($member['captain']=="yes")
 					echo "</i>";
 			}
 		}
 		echo "</td>";
 		echo "<td>";
 		//get the timeslots that this team has.
 		$q=mysql_query("SELECT 
 					judges_teams_timeslots_link.id,
 					judges_timeslots.date,
 					judges_timeslots.starttime,
@ -212,40 +213,39 @@ function checkinvert(what)
 					judges_teams,
 					judges_teams_timeslots_link
 				WHERE
-					judges_teams.id='".$team['id']."' AND
+					judges_teams.id='" . $team['id'] . "' AND
 					judges_teams.id=judges_teams_timeslots_link.judges_teams_id AND
 					judges_timeslots.id=judges_teams_timeslots_link.judges_timeslots_id
 				ORDER BY
 					date,starttime
 				");
-		$numslots=mysql_num_rows($q);
+	$q->execute();
 	$numslots = $q->rowCount();
-		while($r=mysql_fetch_object($q))
+	while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-		{
+		echo '<nobr>';
-			echo "<nobr>";
+		if ($show_date)
-			if($show_date)
+			echo format_date($r->date);
-				echo format_date($r->date);
+		echo format_time($r->starttime);
-			echo format_time($r->starttime);
+		echo ' - ';
-			echo " - ";
+		echo format_time($r->endtime);
-			echo format_time($r->endtime);
+		echo "&nbsp;&nbsp;<a onclick=\"return confirmClick('Are you sure you want to remove this timeslot from the team?')\" href=\"judges_teams_timeslots.php?action=delete&delete=$r->id\"><img border=0 src=\"" . $config['SFIABDIRECTORY'] . '/images/16/button_cancel.' . $config['icon_extension'] . '"></a>';
-			echo "&nbsp;&nbsp;<a onclick=\"return confirmClick('Are you sure you want to remove this timeslot from the team?')\" href=\"judges_teams_timeslots.php?action=delete&delete=$r->id\"><img border=0 src=\"".$config['SFIABDIRECTORY']."/images/16/button_cancel.".$config['icon_extension']."\"></a>";
+		echo '</nobr>';
-			echo "</nobr>";
+		echo '<br />';
 			echo "<br />";
 		}
 		if($numslots)
 			echo "&nbsp; <a onclick=\"return confirmClick('Are you sure you want to remove all timeslots from the team?')\" href=\"judges_teams_timeslots.php?action=empty&empty=".$team['id']."\"><img border=0 src=\"".$config['SFIABDIRECTORY']."/images/16/button_cancel.".$config['icon_extension']."\"> remove all</a>";
 		echo "</td>";
 		echo "</tr>";
 	}
 	if ($numslots)
 		echo '&nbsp; <a onclick="return confirmClick(\'Are you sure you want to remove all timeslots from the team?\')" href="judges_teams_timeslots.php?action=empty&empty=' . $team['id'] . '"><img border=0 src="' . $config['SFIABDIRECTORY'] . '/images/16/button_cancel.' . $config['icon_extension'] . '"> remove all</a>';
- echo "</table>";
+	echo '</td>';
 	echo '</tr>';
 }
- echo "<br />";
+echo '</table>';
 echo "<br />";
 echo "<input type=\"submit\" value=\"".i18n("Assign selected timeslots to selected teams")."\">";
 echo "</form>";
 echo '<br />';
 echo '<br />';
 echo '<input type="submit" value="' . i18n('Assign selected timeslots to selected teams') . '">';
 echo '</form>';
- send_footer();
+send_footer();
 ?>
--- a/admin/judges_timeslots.php
+++ b/admin/judges_timeslots.php
@ -1,400 +1,423 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require_once('../common.inc.php');
+require_once ('../common.inc.php');
- require_once('../user.inc.php');
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- $round_str = array('timeslot' => 'Judging Timeslot',
+$round_str = array('timeslot' => 'Judging Timeslot',
- 					'divisional1' => 'Divisional Round 1',
+	'divisional1' => 'Divisional Round 1',
- 					'divisional2' => 'Divisional Round 2',
+	'divisional2' => 'Divisional Round 2',
-					'grand' => 'Grand Awards',
+	'grand' => 'Grand Awards',
-					'special' => 'Special Awards' );
+	'special' => 'Special Awards');
 if(array_key_exists('action',$_POST)) $action = $_POST['action'];
 else if(array_key_exists('action',$_GET)) $action = $_GET['action'];
 else $action = '';
- if(array_key_exists('round_id',$_POST)) $round_id = intval($_POST['round_id']);
+if (array_key_exists('action', $_POST))
- else if(array_key_exists('round_id',$_GET)) $round_id = intval($_GET['round_id']);
+	$action = $_POST['action'];
- else $round_id = 0;
+else if (array_key_exists('action', $_GET))
 	$action = $_GET['action'];
 else
 	$action = '';
- if(array_key_exists('timeslot_id',$_POST)) $timeslot_id = intval($_POST['timeslot_id']);
+if (array_key_exists('round_id', $_POST))
- else if(array_key_exists('timeslot_id',$_GET)) $timeslot_id = intval($_GET['timeslot_id']);
+	$round_id = intval($_POST['round_id']);
- else $timeslot_id = 0;
+else if (array_key_exists('round_id', $_GET))
 	$round_id = intval($_GET['round_id']);
 else
 	$round_id = 0;
- if($action == 'saveround') {
+if (array_key_exists('timeslot_id', $_POST))
 	$timeslot_id = intval($_POST['timeslot_id']);
 else if (array_key_exists('timeslot_id', $_GET))
 	$timeslot_id = intval($_GET['timeslot_id']);
 else
 	$timeslot_id = 0;
 if ($action == 'saveround') {
 	$save = true;
 	/* Sanity check all the values */
 	$y = intval($_POST['date_year']);
 	$m = intval($_POST['date_month']);
 	$d = intval($_POST['date_day']);
-	if($y && $m && $d) $date = "$y-$m-$d";
+	if ($y && $m && $d)
 		$date = "$y-$m-$d";
 	else {
 		$save = false;
-		message_push(error(i18n("Date is required")));
+		message_push(error(i18n('Date is required')));
 	}
-	if(array_key_exists('starttime_hour', $_POST) && array_key_exists('starttime_minute', $_POST)) {
+	if (array_key_exists('starttime_hour', $_POST) && array_key_exists('starttime_minute', $_POST)) {
-		$starttime = sprintf("%02d:%02d:00", intval($_POST['starttime_hour']), intval($_POST['starttime_minute']));
+		$starttime = sprintf('%02d:%02d:00', intval($_POST['starttime_hour']), intval($_POST['starttime_minute']));
 	} else {
 		$save = false;
-		message_push( error(i18n("Start Time is required")));
+		message_push(error(i18n('Start Time is required')));
 	}
-	if(array_key_exists('endtime_hour', $_POST) && array_key_exists('endtime_minute', $_POST)) {
+	if (array_key_exists('endtime_hour', $_POST) && array_key_exists('endtime_minute', $_POST)) {
-		$endtime = sprintf("%02d:%02d:00", intval($_POST['endtime_hour']), intval($_POST['endtime_minute']));
+		$endtime = sprintf('%02d:%02d:00', intval($_POST['endtime_hour']), intval($_POST['endtime_minute']));
 	} else {
 		$save = false;
-		message_push( error(i18n("End Time is required")));
+		message_push(error(i18n('End Time is required')));
 	}
 	$type = $_POST['type'];
-	if(!array_key_exists($type, $round_str)) {
+	if (!array_key_exists($type, $round_str)) {
 		$save = false;
 		message_push(error(i18n('Invalid type specified')));
 	}
-	$name = mysql_escape_string(stripslashes($_POST['name']));
+	$name = stripslashes($_POST['name']);
-	if($save == true) {
+	if ($save == true) {
-		if($round_id == 0) {
+		if ($round_id == 0) {
 			/* New entry */
-			mysql_query("INSERT INTO judges_timeslots (round_id,conferences_id) VALUES('0','{$conference['id']}')");
+			$stmt = $pdo->prepare("INSERT INTO judges_timeslots (round_id,year) VALUES('0','{$config['FAIRYEAR']}')");
-			$round_id = mysql_insert_id();
+			$stmt->execute();
 			$round_id = $pdo->lastInsertId();
 		}
-		mysql_query("UPDATE judges_timeslots SET `date`='$date', 
+		$stmt = $pdo->prepare("UPDATE judges_timeslots SET `date`='$date', 
 								starttime='$starttime', endtime='$endtime',
 								`name`='$name',
 								`type`='$type' WHERE id='$round_id'");
 		$stmt->execute();
-		echo mysql_error();
+		show_pdo_errors_if_any($pdo);
-		message_push(happy(i18n("Round successfully saved")));
+		message_push(happy(i18n('Round successfully saved')));
 		$action = '';
 	}
-	
+}
 }
- if($action == 'deleteround') {
+if ($action == 'deleteround') {
- 	mysql_query("DELETE FROM judges_timeslots WHERE id='$round_id'");
+	$stmt = $pdo->prepare("DELETE FROM judges_timeslots WHERE id='$round_id'");
 	$stmt->execute();
 	/* Also delete all timeslots */
 	mysql_query("DELETE FROM judges_timeslots WHERE round_id='$round_id'");
 	message_push(happy(i18n("Round successfully removed")));
 	$action = '';
 }
 if($action == 'deletetimeslot') {
 	mysql_query("DELETE FROM judges_timeslots WHERE id='$timeslot_id'");
 	message_push(happy(i18n("Timeslot successfully removed")));
 	$action = '';
 } 
- if($action == 'savetimeslot') {
+	$stmt = $pdo->prepare("DELETE FROM judges_timeslots WHERE round_id='$round_id'");
 	$stmt->execute();
 	message_push(happy(i18n('Round successfully removed')));
 	$action = '';
 }
 if ($action == 'deletetimeslot') {
 	$stmt = $pdo->prepare("DELETE FROM judges_timeslots WHERE id='$timeslot_id'");
 	$stmt->execute();
 	message_push(happy(i18n('Timeslot successfully removed')));
 	$action = '';
 }
 if ($action == 'savetimeslot') {
 	$save = true;
-	$q = mysql_query("SELECT * FROM judges_timeslots WHERE id='$round_id'");
+	$q = $pdo->prepare("SELECT * FROM judges_timeslots WHERE id='$round_id'");
-	$round_data = mysql_fetch_assoc($q);
+	$q->execute();
 	$round_data = $q->fetch(PDO::FETCH_ASSOC);
 	$date = $round_data['date'];
-	if(array_key_exists('starttime_hour', $_POST) && array_key_exists('starttime_minute', $_POST)) {
+	if (array_key_exists('starttime_hour', $_POST) && array_key_exists('starttime_minute', $_POST)) {
-		$starttime = sprintf("%02d:%02d:00", intval($_POST['starttime_hour']), intval($_POST['starttime_minute']));
+		$starttime = sprintf('%02d:%02d:00', intval($_POST['starttime_hour']), intval($_POST['starttime_minute']));
 	} else {
 		$save = false;
-		message_push( error(i18n("Start Time is required")));
+		message_push(error(i18n('Start Time is required')));
 	}
-	if(array_key_exists('endtime_hour', $_POST) && array_key_exists('endtime_minute', $_POST)) {
+	if (array_key_exists('endtime_hour', $_POST) && array_key_exists('endtime_minute', $_POST)) {
-		$endtime = sprintf("%02d:%02d:00", intval($_POST['endtime_hour']), intval($_POST['endtime_minute']));
+		$endtime = sprintf('%02d:%02d:00', intval($_POST['endtime_hour']), intval($_POST['endtime_minute']));
 	} else {
 		$save = false;
-		message_push( error(i18n("End Time is required")));
+		message_push(error(i18n('End Time is required')));
 	}
-	if($save == true) {
+	if ($save == true) {
-		if($timeslot_id == 0) {
+		if ($timeslot_id == 0) {
 			/* New entry */
-			mysql_query("INSERT INTO judges_timeslots (round_id,date,type,conferences_id) VALUES('$round_id',
+			$stmt = $pdo->prepare("INSERT INTO judges_timeslots (round_id,date,type,year) VALUES('$round_id',
-								'$date','timeslot','{$conference['id']}')");
+								'$date','timeslot','{$config['FAIRYEAR']}')");
-			$timeslot_id = mysql_insert_id();
+			$stmt->execute();
 			$timeslot_id = $pdo->lastInsertId();
 		}
-		mysql_query("UPDATE judges_timeslots SET starttime='$starttime', endtime='$endtime'
+		$stmt = $pdo->prepare("UPDATE judges_timeslots SET starttime='$starttime', endtime='$endtime'
 								WHERE id='$timeslot_id'");
 		$stmt->execute();
-		echo mysql_error();
+		show_pdo_errors_if_any($pdo);
-		message_push(happy(i18n("Timeslot successfully saved")));
+		message_push(happy(i18n('Timeslot successfully saved')));
 		$action = '';
 	}
- }
+}
-	
+
- if($action=='savemultiple') {
+if ($action == 'savemultiple') {
- 	$save = true;
+	$save = true;
-	
+
 	$addnum = intval($_POST['addnum']);
-	$duration = intval($_POST['duration'] );
+	$duration = intval($_POST['duration']);
 	$break = intval($_POST['break']);
-	if(array_key_exists('starttime_hour', $_POST) && array_key_exists('starttime_minute',$_POST) && $addnum && $duration) {
+	if (array_key_exists('starttime_hour', $_POST) && array_key_exists('starttime_minute', $_POST) && $addnum && $duration) {
-	    	
+		$q = $pdo->prepare("SELECT * FROM judges_timeslots WHERE id='$round_id'");
-		$q = mysql_query("SELECT * FROM judges_timeslots WHERE id='$round_id'");
+		$q->execute();
-		$round_data = mysql_fetch_assoc($q);
+		$round_data = $q->fetch(PDO::FETCH_ASSOC);
 		$date = $round_data['date'];
-		$hr=intval($_POST['starttime_hour']);
+		$hr = intval($_POST['starttime_hour']);
-		$min=intval($_POST['starttime_minute']);
+		$min = intval($_POST['starttime_minute']);
-		$tt=$duration+$break;
+		$tt = $duration + $break;
-		for($x=0;$x<$addnum;$x++) {
+		for ($x = 0; $x < $addnum; $x++) {
-			$q=mysql_query("SELECT 	DATE_ADD('$date $hr:$min:00', INTERVAL $duration MINUTE) AS endtime, 
+			$q = $pdo->prepare("SELECT \tDATE_ADD('$date $hr:$min:00', INTERVAL $duration MINUTE) AS endtime, 
 						DATE_ADD('$date $hr:$min:00', INTERVAL $tt MINUTE) AS startnext ");
-			echo mysql_error();
+			$q->execute();
-			$r=mysql_fetch_object($q);
+			show_pdo_errors_if_any($pdo);
-			list($ed,$et)=explode(" ",$r->endtime);
+			$r = $q->fetch(PDO::FETCH_OBJ);
-			list($nd,$nt)=explode(" ",$r->startnext);
+			list($ed, $et) = explode(' ', $r->endtime);
 			list($nd, $nt) = explode(' ', $r->startnext);
-			$starttime = sprintf("%02d:%02d:00", $hr, $min);
+			$starttime = sprintf('%02d:%02d:00', $hr, $min);
-			mysql_query("INSERT INTO judges_timeslots (date,type,round_id,starttime,endtime,conferences_id) VALUES (
+			$stmt = $pdo->prepare("INSERT INTO judges_timeslots (date,type,round_id,starttime,endtime,year) VALUES (
 					'$date','timeslot','{$round_data['id']}',
 					'$starttime', '$et',
-					'{$conference['id']}')");
+					'{$config['FAIRYEAR']}')");
-			echo mysql_error();
+			$stmt->execute();
-			$date=$nd;
+			show_pdo_errors_if_any($pdo);
-			list($s_h,$s_m,$s_s)=explode(":",$nt);
+			$date = $nd;
-			list($e_h,$e_m,$e_s)=explode(":",$et);
+			list($s_h, $s_m, $s_s) = explode(':', $nt);
-			message_push(happy(i18n("Adding timeslot: %1",array("$date $hr:$min - $e_h:$e_m"))));
+			list($e_h, $e_m, $e_s) = explode(':', $et);
-			$hr=$s_h;
+			message_push(happy(i18n('Adding timeslot: %1', array("$date $hr:$min - $e_h:$e_m"))));
-			$min=$s_m;
+			$hr = $s_h;
 			$min = $s_m;
 		}
 		$action = '';
 	} else {
-		message_push(error(i18n("All fields are required to add multiple timeslots")));
+		message_push(error(i18n('All fields are required to add multiple timeslots')));
 	}
-  }
+}
-
+if ($action == '') {
-
+	send_header('Judging Rounds and Timeslots',
- if($action == '') {
+		array('Committee Main' => 'committee_main.php',
 	 send_header("Judging Rounds and Timeslots",
 		array('Committee Main' => 'committee_main.php',
 			'Administration' => 'admin/index.php',
 			'Judges' => 'admin/judges.php'));
- } else {
+} else {
-	 send_header("Judging Rounds and Timeslots",
+	send_header('Judging Rounds and Timeslots',
- 		array('Committee Main' => 'committee_main.php',
+		array('Committee Main' => 'committee_main.php',
 			'Administration' => 'admin/index.php',
 			'Judges' => 'admin/judges.php',
 			'Judging Rounds and Timeslots' => 'admin/judges_timeslots.php'));
- }
+}
- echo "<br />";
+echo '<br />';
-
+if ($action == 'addround' || $action == 'editround') {
- if($action == 'addround' || $action == 'editround') {
+	echo '<form method="post" action="judges_timeslots.php">';
 	echo "<form method=\"post\" action=\"judges_timeslots.php\">";
 	echo "<input type=\"hidden\" name=\"action\" value=\"saveround\">\n";
 	echo "<input type=\"hidden\" name=\"round_id\" value=\"$round_id\">\n";
-	if($action == 'addround') {
+	if ($action == 'addround') {
-		echo "<h3>Add New Judging Round</h3>";
+		echo '<h3>Add New Judging Round</h3>';
 		$r = array();
 		$r['date'] = $config['dates']['fairdate'];
 	} else {
-		echo "<h3>Edit Judging Round</h3>";
+		echo '<h3>Edit Judging Round</h3>';
-		$q=mysql_query("SELECT * FROM judges_timeslots WHERE id='$round_id'");
+		$q = $pdo->prepare("SELECT * FROM judges_timeslots WHERE id='$round_id'");
-		if(mysql_num_rows($q) != 1) {
+		$q->execute();
-		    	echo "UNKNOWN ROUND $round_id";
+		if ($q->rowCount() != 1) {
 			echo "UNKNOWN ROUND $round_id";
 			exit;
 		}
-		$r = mysql_fetch_assoc($q);
+		$r = $q->fetch(PDO::FETCH_ASSOC);
 	}
-	echo "<table>";
+	echo '<table>';
-	echo "<tr><td>".i18n('Round Type').":</td><td>";
+	echo '<tr><td>' . i18n('Round Type') . ':</td><td>';
-	echo "<select name=\"type\">";
+	echo '<select name="type">';
-	foreach($round_str as $k=>$v) {
+	foreach ($round_str as $k => $v) {
-	    	if($k == 'timeslot') continue;  /* Don't let them add a timeslot directly */
+		if ($k == 'timeslot')
-	    	$s = ($r['type'] == $k) ? 'selected="selected"' : '';
+			continue;  /* Don't let them add a timeslot directly */
 		$s = ($r['type'] == $k) ? 'selected="selected"' : '';
 		echo "<option value=\"$k\" $s>$v</option>";
 	}
-	echo "</select>";
+	echo '</select>';
-	echo "<tr><td>".i18n("Name").":</td><td>";
+	echo '<tr><td>' . i18n('Name') . ':</td><td>';
-	echo "<input type=\"textbox\" name=\"name\" value=\"{$r['name']}\" width=\"60\" /></td></tr>";
+	echo '<input type="textbox" name="name" value="' . get_value_from_array($r, 'name') . '" width="60" /></td></tr>';
-	echo "<tr><td>".i18n("Date").":</td><td>";
+	echo '<tr><td>' . i18n('Date') . ':</td><td>';
-	emit_date_selector("date",$r['date']);
+	emit_date_selector('date', $r['date']);
-	echo "</td></tr>";
+	echo '</td></tr>';
-	echo "<tr><td>".i18n("Start Time").":</td><td>";
+	echo '<tr><td>' . i18n('Start Time') . ':</td><td>';
-	emit_time_selector("starttime",$r['starttime']);
+	emit_time_selector('starttime', get_value_from_array($r, 'starttime'));
-	echo "</td></tr>";
+	echo '</td></tr>';
-	echo "<tr><td>".i18n("End Time").":</td><td>";
+	echo '<tr><td>' . i18n('End Time') . ':</td><td>';
-	emit_time_selector("endtime",$r['endtime']);
+	emit_time_selector('endtime', get_value_from_array($r, 'endtime'));
-	echo "</td></tr>";
+	echo '</td></tr>';
-	echo "</table>";
+	echo '</table>';
-	echo "<input type=\"submit\" value=\"".i18n('Save')."\" />";
+	echo '<input type="submit" value="' . i18n('Save') . '" />';
-	echo "</form>";
+	echo '</form>';
- }
+}
- if($action == 'addtimeslot' || $action == 'edittimeslot') {
+if ($action == 'addtimeslot' || $action == 'edittimeslot') {
-	echo "<form method=\"post\" action=\"judges_timeslots.php\">";
+	echo '<form method="post" action="judges_timeslots.php">';
 	echo "<input type=\"hidden\" name=\"action\" value=\"savetimeslot\">\n";
 	echo "<input type=\"hidden\" name=\"round_id\" value=\"$round_id\">\n";
 	echo "<input type=\"hidden\" name=\"timeslot_id\" value=\"$timeslot_id\">\n";
-	$q = mysql_query("SELECT * FROM judges_timeslots WHERE id='$round_id'");
+	$q = $pdo->prepare("SELECT * FROM judges_timeslots WHERE id='$round_id'");
-	$round_data = mysql_fetch_assoc($q);
+	$q->execute();
 	$round_data = $q->fetch(PDO::FETCH_ASSOC);
-	if($action == 'addtimeslot') {
+	if ($action == 'addtimeslot') {
-		echo "<h3>Add New Judging Timeslot</h3>";
+		echo '<h3>Add New Judging Timeslot</h3>';
 		$r = array();
 		$r['date'] = $round_data['date'];
 	} else {
-		echo "<h3>Edit Judging Timeslot</h3>";
+		echo '<h3>Edit Judging Timeslot</h3>';
-		$q=mysql_query("SELECT * FROM judges_timeslots WHERE id='$timeslot_id'");
+		$q = $pdo->prepare("SELECT * FROM judges_timeslots WHERE id='$timeslot_id'");
-		if(mysql_num_rows($q) != 1) {
+		$q->execute();
-		    	echo "UNKNOWN ROUND $round_id";
+		if ($q->rowCount() != 1) {
 			echo "UNKNOWN ROUND $round_id";
 			exit;
 		}
-		$r = mysql_fetch_assoc($q);
+		$r = $q->fetch(PDO::FETCH_ASSOC);
 	}
-	echo "<table>";
+	echo '<table>';
-	echo "<tr><td>".i18n('Round Type').":</td><td>{$round_str[$round_data['type']]}</td></tr>";
+	echo '<tr><td>' . i18n('Round Type') . ":</td><td>{$round_str[$round_data['type']]}</td></tr>";
-	echo "<tr><td>".i18n("Name").":</td><td>{$round_data['name']}</td></tr>";
+	echo '<tr><td>' . i18n('Name') . ":</td><td>{$round_data['name']}</td></tr>";
-	echo "<tr><td>".i18n("Start Time").":</td><td>";
+	echo '<tr><td>' . i18n('Start Time') . ':</td><td>';
-	emit_time_selector("starttime",$r['starttime']);
+	emit_time_selector('starttime', $r['starttime']);
-	echo "</td></tr>";
+	echo '</td></tr>';
-	echo "<tr><td>".i18n("End Time").":</td><td>";
+	echo '<tr><td>' . i18n('End Time') . ':</td><td>';
-	emit_time_selector("endtime",$r['endtime']);
+	emit_time_selector('endtime', $r['endtime']);
-	echo "</td></tr>";
+	echo '</td></tr>';
-	echo "</table>";
+	echo '</table>';
-	echo "<input type=\"submit\" value=\"".i18n('Save')."\" />";
+	echo '<input type="submit" value="' . i18n('Save') . '" />';
-	echo "</form>";
+	echo '</form>';
- }
+}
- if($action == 'addmultiple') {
+if ($action == 'addmultiple') {
 	echo '<h3>Add Multiple New Judging Timeslots</h3>';
-	echo "<h3>Add Multiple New Judging Timeslots</h3>";
+	echo '<form method="post" action="judges_timeslots.php">';
 	echo "<form method=\"post\" action=\"judges_timeslots.php\">";
 	echo "<input type=\"hidden\" name=\"action\" value=\"savemultiple\">\n";
 	echo "<input type=\"hidden\" name=\"round_id\" value=\"$round_id\">\n";
 	echo "<input type=\"hidden\" name=\"timeslot_id\" value=\"$timeslot_id\">\n";
-	$q = mysql_query("SELECT * FROM judges_timeslots WHERE id='$round_id'");
+	$q = $pdo->prepare("SELECT * FROM judges_timeslots WHERE id='$round_id'");
-	$round_data = mysql_fetch_assoc($q);
+	$q->execute();
 	$round_data = $q->fetch(PDO::FETCH_ASSOC);
-	echo "<table border=\"0\">";
+	echo '<table border="0">';
-	echo "<tr><td>".i18n('Round Type').":</td><td>{$round_str[$round_data['type']]}</td></tr>";
+	echo '<tr><td>' . i18n('Round Type') . ":</td><td>{$round_str[$round_data['type']]}</td></tr>";
-	echo "<tr><td>".i18n("Name").":</td><td>{$round_data['name']}</td></tr>";
+	echo '<tr><td>' . i18n('Name') . ":</td><td>{$round_data['name']}</td></tr>";
-	echo "<tr><td>".i18n("Add")."</td><td>";
+	echo '<tr><td>' . i18n('Add') . '</td><td>';
-	echo "<input type=\"text\" name=\"addnum\" size=\"4\">&nbsp;";
+	echo '<input type="text" name="addnum" size="4">&nbsp;';
-	echo i18n("new timeslots");
+	echo i18n('new timeslots');
-	echo "</td></tr>";
+	echo '</td></tr>';
-	echo "<tr><td>".i18n("Starting timeslots at")."</td><td>";
+	echo '<tr><td>' . i18n('Starting timeslots at') . '</td><td>';
-	emit_time_selector("starttime");
+	emit_time_selector('starttime');
-	echo "</td></tr>";
+	echo '</td></tr>';
-	echo "<tr><td>".i18n("With a duration of")."</td><td>";
+	echo '<tr><td>' . i18n('With a duration of') . '</td><td>';
-	echo "<input type=\"text\" name=\"duration\" size=\"4\">&nbsp;";
+	echo '<input type="text" name="duration" size="4">&nbsp;';
-	echo i18n("minutes")."</td></tr>";
+	echo i18n('minutes') . '</td></tr>';
-	echo "<tr><td>".i18n("And a break of")."</td><td>";
+	echo '<tr><td>' . i18n('And a break of') . '</td><td>';
-	echo "<input type=\"text\" name=\"break\" size=\"4\">&nbsp;";
+	echo '<input type="text" name="break" size="4">&nbsp;';
-	echo i18n("minutes")."</td></tr>";
+	echo i18n('minutes') . '</td></tr>';
-	echo "<tr><td colspan=\"2\">";
+	echo '<tr><td colspan="2">';
-	echo "<input type=\"submit\" value=\"".i18n("Add these timeslots")."\">";
+	echo '<input type="submit" value="' . i18n('Add these timeslots') . '">';
-	echo "</td></tr>";
+	echo '</td></tr>';
-	echo "</table>";
+	echo '</table>';
-	echo "</form>";
+	echo '</form>';
- }
+}
- if($action == '') {
+if ($action == '') {
-	echo "<A href=\"judges_timeslots.php?action=addround&round_id=0\">".i18n("Add new round")."</a> <br />";
+	echo '<A href="judges_timeslots.php?action=addround&round_id=0">' . i18n('Add new round') . '</a> <br />';
-	echo "<br />";
+	echo '<br />';
-	echo "<table class=\"summarytable\">";
+	echo '<table class="summarytable">';
-	echo "<tr>";
+	echo '<tr>';
-	echo "<th>".i18n("Date")."</th>";
+	echo '<th>' . i18n('Date') . '</th>';
-	echo "<th>".i18n("Start Time")."</th>";
+	echo '<th>' . i18n('Start Time') . '</th>';
-	echo "<th>".i18n("End Time")."</th>";
+	echo '<th>' . i18n('End Time') . '</th>';
-	echo "<th>".i18n("Judging Round")."</th>";
+	echo '<th>' . i18n('Judging Round') . '</th>';
-	echo "<th>".i18n("Actions")."</th>";
+	echo '<th>' . i18n('Actions') . '</th>';
-	echo "</tr>";
+	echo '</tr>';
-	$q=mysql_query("SELECT * FROM judges_timeslots WHERE conferences_id='{$conference['id']}' AND `type`!='timeslot' ORDER BY date,starttime");
+	$q = $pdo->prepare("SELECT * FROM judges_timeslots WHERE year='{$config['FAIRYEAR']}' AND `type`!='timeslot' ORDER BY date,starttime");
-	while($r=mysql_fetch_object($q)) {
+	$q->execute();
-		echo "<tr>";
+	while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-		$qq = mysql_query("SELECT * FROM judges_timeslots WHERE round_id='{$r->id}' ORDER BY `date`,`starttime`");
+		echo '<tr>';
-		$c = mysql_num_rows($qq) +1;
+		$qq = $pdo->prepare("SELECT * FROM judges_timeslots WHERE round_id='{$r->id}' ORDER BY `date`,`starttime`");
 		$qq->execute();
 		$c = $qq->rowCount() + 1;
-		echo "<td rowspan=\"$c\"><b>".format_date($r->date)."</b></td>";
+		echo "<td rowspan=\"$c\"><b>" . format_date($r->date) . '</b></td>';
-		echo "<td align=\"center\"><b>".format_time($r->starttime)."</b><br/>";
+		echo '<td align="center"><b>' . format_time($r->starttime) . '</b><br/>';
-		
+
-		echo "</td>";
+		echo '</td>';
-		echo "<td align=\"center\"><b>".format_time($r->endtime)."</b></td>";
+		echo '<td align="center"><b>' . format_time($r->endtime) . '</b></td>';
-		echo "<td align=\"center\"><b>{$r->name}  (".i18n($round_str[$r->type]).")</b></td>";
+		echo "<td align=\"center\"><b>{$r->name}  (" . i18n($round_str[$r->type]) . ')</b></td>';
-		echo " <td align=\"center\">";
+		echo ' <td align="center">';
 		echo "<a href=\"judges_timeslots.php?action=editround&round_id={$r->id}\"><img border=\"0\" src=\"{$config['SFIABDIRECTORY']}/images/16/edit.{$config['icon_extension']}\"></a>";
-		echo "&nbsp;";
+		echo '&nbsp;';
 		echo "<a onclick=\"return confirmClick('Are you sure you want to remove this round?')\" href=\"judges_timeslots.php?action=deleteround&round_id={$r->id}\"><img border=\"0\" src=\"{$config['SFIABDIRECTORY']}/images/16/button_cancel.{$config['icon_extension']}\"></a>";
 		echo "<A href=\"judges_timeslots.php?action=addtimeslot&round_id={$r->id}\">(new)</a>  ";
 		echo "<A href=\"judges_timeslots.php?action=addmultiple&round_id={$r->id}\">(multiple)</a><br />";
 		echo " </td>\n";
-		echo "</tr>";
+		echo '</tr>';
-		while($rr = mysql_fetch_object($qq)) {
+		while ($rr = $qq->fetch(PDO::FETCH_OBJ)) {
-			echo "<tr>";
+			echo '<tr>';
-//			echo "<td></td>";
+			//			echo "<td></td>";
-			echo "<td align=\"right\">".format_time($rr->starttime)."</td>";
+			echo '<td align="right">' . format_time($rr->starttime) . '</td>';
-			echo "<td align=\"right\">".format_time($rr->endtime)."</td>";
+			echo '<td align="right">' . format_time($rr->endtime) . '</td>';
-			echo "<td align=\"center\">".i18n($round_str[$rr->type])."</td>";
+			echo '<td align="center">' . i18n($round_str[$rr->type]) . '</td>';
-
+			echo ' <td align="center">';
 			echo " <td align=\"center\">";
 			echo "<a href=\"judges_timeslots.php?action=edittimeslot&round_id={$r->id}&timeslot_id={$rr->id}\"><img border=\"0\" src=\"{$config['SFIABDIRECTORY']}/images/16/edit.{$config['icon_extension']}\"></a>";
-			echo "&nbsp;";
+			echo '&nbsp;';
 			echo "<a onclick=\"return confirmClick('Are you sure you want to remove this timeslot?')\" href=\"judges_timeslots.php?action=deletetimeslot&timeslot_id={$rr->id}\"><img border=\"0\" src=\"{$config['SFIABDIRECTORY']}/images/16/button_cancel.{$config['icon_extension']}\"></a>";
 			echo " </td>\n";
-			echo "</tr>";
+			echo '</tr>';
 		}
 	}
-	echo "</table>";
+	echo '</table>';
- }
+}
- send_footer();
+send_footer();
 ?>
--- a/admin/judging_score_edit.php
+++ b/admin/judging_score_edit.php
@ -1,113 +1,127 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005-2006 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005-2006 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005-2006 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005-2006 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- require_once("judges.inc.php");
+require_once ('judges.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- send_header("Judging Score Entry - Update",
+send_header('Judging Score Entry - Update',
- 		array('Committee Main' => 'committee_main.php',
+	array('Committee Main' => 'committee_main.php',
-			'Administration' => 'admin/index.php',
+		'Administration' => 'admin/index.php',
-			'Judging Score Entry' => 'admin/judging_score_entry.php')
+		'Judging Score Entry' => 'admin/judging_score_entry.php'));
 				);
- $project_id = NULL;
+$year = $config['FAIRYEAR'];
- if($_GET['projectid']) {
+$project_id = NULL;
-	 $project_id = $_GET['projectid'];
+if ($_GET['projectid']) {
- } else if($_POST['projectid']) {
+	$project_id = $_GET['projectid'];
-	 $project_id = $_POST['projectid'];
+} else if ($_POST['projectid']) {
-	 $curr_team = $_POST['score_count'];
+	$project_id = $_POST['projectid'];
-	 while($curr_team > 0) {
+	$curr_team = $_POST['score_count'];
-		 if($_POST["team_" . $curr_team . "_score"] != "") {
+	while ($curr_team > 0) {
-                         $score = $_POST["team_" . $curr_team . "_score"];
+		if ($_POST['team_' . $curr_team . '_score'] != '') {
-                         if($score == 0) {
+			$score = $_POST['team_' . $curr_team . '_score'];
-                                 $score = "NULL";
+			if ($score == 0) {
-                         } else {
+				$score = 'NULL';
-                                 $score = mysql_real_escape_string($score);
+			} else {
-                         }
+				$score = $score;
-		 mysql_query("UPDATE judges_teams_timeslots_projects_link 
+			}
-				 					SET score=" . $score . 
+			if ($score > 100.0) {
-			          " WHERE judges_teams_id = " . mysql_real_escape_string($_POST["team_" . $curr_team . "_id"]) . 
+				$score_error = '*** ERROR **** You entered a value greater than 100.00';
-			          " and projects_id =$project_id and conferences_id={$conference['id']}");
+			}
-		 echo mysql_error();
+			$stmt = $pdo->prepare("UPDATE judges_teams_timeslots_projects_link 
-		 }
+			\t \t\t\t\t\tSET score=" . $score
-		 $curr_team--;
+				. ' WHERE judges_teams_id = ' . $_POST['team_' . $curr_team . '_id']
-	 }
+				. " and projects_id =$project_id and year=$year");
- }
+			$stmt->execute();
 			show_pdo_errors_if_any($pdo);
 		}
 		$curr_team--;
 	}
 }
-  ?>
+?>
 <?
-if($project_id) {
+if ($project_id) {
-$q=mysql_query("SELECT * FROM projectcategories WHERE conferences_id='{$conference['id']} ORDER BY id");
+	$q = $pdo->prepare("SELECT * FROM projects WHERE projects.id = '" . $project_id . "'");
-while($r=mysql_fetch_object($q))
+	$q->execute();
-	$cats[$r->id]=$r->category;
+	$r = $q->fetch(PDO::FETCH_OBJ);
 	$project_number = $r->projectnumber;
 	$project_title = $r->title;
 	$q = $pdo->prepare("SELECT * FROM projectcategories WHERE year='$year' ORDER BY id");
 	$q->execute();
 	while ($r = $q->fetch(PDO::FETCH_OBJ))
 		$cats[$r->id] = $r->category;
-$q=mysql_query("SELECT * FROM projectdivisions WHERE conferences_id='{$conference['id']} ORDER BY id");
+	$q = $pdo->prepare("SELECT * FROM projectdivisions WHERE year='$year' ORDER BY id");
 	$q->execute();
-
+	$q = $pdo->prepare("SELECT judges_teams_timeslots_projects_link.judges_teams_id, 
-	$q=mysql_query("SELECT judges_teams_timeslots_projects_link.judges_teams_id, 
+											\t score, 
-												 score, 
+											\t judges_teams.num
-												 judges_teams.num
+		\t            FROM judges_teams_timeslots_projects_link, 
-			            FROM judges_teams_timeslots_projects_link, 
+								\t     judges_teams
-									     judges_teams
+		\t            WHERE judges_teams_timeslots_projects_link.judges_teams_id = judges_teams.id 
-			            WHERE judges_teams_timeslots_projects_link.judges_teams_id = judges_teams.id 
+								\t     AND projects_id = " . $project_id . ' ORDER BY judges_teams_id');
-									     AND projects_id = ".mysql_real_escape_string($project_id)." ORDER BY judges_teams_id"
+	$q->execute();
-								);
+	show_pdo_errors_if_any($pdo);
-	echo mysql_error();
+	echo 'Project# ' . $project_number . '  ' . $project_title . '<br />';
-
+	if ($score_error != '') {
-	echo "<form action=\"judging_score_edit.php\" method=\"post\">";
+		echo $score_error . '<br />';
-	echo "<input type=\"hidden\" name=\"score_count\" value=\"" . mysql_num_rows($q) . "\"/>";
+	}
 	echo '<form action="judging_score_edit.php" method="post">';
 	echo '<input type="hidden" name="score_count" value="' . $q->rowCount() . '"/>';
 	echo "<input type=\"hidden\" name=\"projectid\" value=\"$project_id\"/>";
-	echo "<table class=\"tableview\">";
+	echo '<table class="tableview">';
-	echo "<tr>";
+	echo '<tr>';
-	echo "<th>".i18n("Team Number")."</th>";
+	echo '<th>' . i18n('Team Number') . '</th>';
-	echo "<th>".i18n("Judges")."</th>";
+	echo '<th>' . i18n('Judges') . '</th>';
-	echo "<th>".i18n("Score")."</th>";
+	echo '<th>' . i18n('Score') . '</th>';
-	echo "<th>".i18n("New Score")."</th>";
+	echo '<th>' . i18n('New Score') . '</th>';
-	echo "</tr>";
+	echo '</tr>';
 	$i = 1;
-	while($r=mysql_fetch_object($q)) {
+	while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-		$team=getJudgingTeam($r->judges_teams_id);
+		$team = getJudgingTeam($r->judges_teams_id);
-		$teamNames=array_map("teamMemberToName", $team['members']);
+		$teamNames = array_map('teamMemberToName', $team['members']);
 		echo "<tr>\n";
 		echo "<td style=\"vertical-align: middle\">\n";
 		echo $r->num;
-		echo "<input type=\"hidden\" name=\"team_" . $i. "_id\" value=\"$r->judges_teams_id\"/>\n";
+		echo '<input type="hidden" name="team_' . $i . "_id\" value=\"$r->judges_teams_id\"/>\n";
 		echo "</td>\n";
-		echo "<td style=\"vertical-align: middle\">";
+		echo '<td style="vertical-align: middle">';
-		echo implode(", ", $teamNames);
+		echo implode(', ', $teamNames);
 		echo "</td>\n";
 		echo "<td style=\"vertical-align: middle; text-align: center\">\n";
-		if($r->score) {
+		if ($r->score) {
 			echo $r->score;
 		} else {
-			echo "None";
+			echo 'None';
 		}
 		echo "\n</td>\n";
 		echo "<td style=\"vertical-align: middle; text-align: center\">\n";
-		echo "<input type=\"text\" size=\"3\" maxlength=\"3\" name=\"team_" . $i . "_score\" value=\"$r->score\"/>\n";
+		echo '<input type="text" size="5" maxlength="5" name="team_' . $i . "_score\" value=\"$r->score\"/>\n";
 		echo "</td>\n";
 		echo "</tr>\n";
 		$i++;
@ -116,6 +130,5 @@ $q=mysql_query("SELECT * FROM projectdivisions WHERE conferences_id='{$conferenc
 	echo "<input type=\"submit\" />\n";
 	echo "</form>\n";
 } else {
-	echo i18n("Invalid Project ID.");
+	echo i18n('Invalid Project ID.');
 }
--- a/admin/judging_score_entry.php
+++ b/admin/judging_score_entry.php
@ -1,58 +1,62 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005-2006 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005-2006 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005-2006 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005-2006 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- require_once("judges.inc.php");
+require_once ('judges.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- if($_GET['conferences_id']) $conferences_id=$_GET['conferences_id'];
+if ($_GET['year'])
- else $conferences_id=$conference['id'];
+	$year = $_GET['year'];
 else
 	$year = $config['FAIRYEAR'];
- if($_GET['csv'] == 'yes') {
+if ($_GET['csv'] == 'yes') {
-	header("Content-type: text/csv");
+	header('Content-type: text/csv');
-	header("Cache-Control: no-cache");
+	header('Cache-Control: no-cache');
-	header("Content-disposition: inline; filename=judging_scores.csv");
+	header('Content-disposition: inline; filename=judging_scores.csv');
- } else {
+} else {
- 	send_header("Judging Score Entry",
+	send_header('Judging Score Entry',
- 			array('Committee Main' => 'committee_main.php',
+		array('Committee Main' => 'committee_main.php',
-				'Administration' => 'admin/index.php')
+			'Administration' => 'admin/index.php'));
-				);
+}
- }
+?>
 ?>
 <?
-$q=mysql_query("SELECT * FROM projectcategories WHERE conferences_id = '$conferences_id' ORDER BY id");
+$q = $pdo->prepare("SELECT * FROM projectcategories WHERE year='$year' ORDER BY id");
-while($r=mysql_fetch_object($q))
+$q->execute();
-	$cats[$r->id]=$r->category;
+while ($r = $q->fetch(PDO::FETCH_OBJ))
 	$cats[$r->id] = $r->category;
-$q=mysql_query("SELECT * FROM projectdivisions WHERE conferences_id = '$conferences_id' ORDER BY id");
+$q = $pdo->prepare("SELECT * FROM projectdivisions WHERE year='$year' ORDER BY id");
-while($r=mysql_fetch_object($q))
+$q->execute();
-	$divs[$r->id]=$r->division;
+while ($r = $q->fetch(PDO::FETCH_OBJ))
 	$divs[$r->id] = $r->division;
-$ORDERBY="projects.projectcategories_id, projects.projectdivisions_id, projects.projectnumber";
+$ORDERBY = 'projects.projectcategories_id, projects.projectdivisions_id, projects.projectnumber';
-	$q=mysql_query("SELECT  registrations.id AS reg_id,
+$q = $pdo->prepare("SELECT  registrations.id AS reg_id,
 				registrations.num AS reg_num,
 				projects.id as projectid,
 				projects.title,
@ -60,123 +64,82 @@ $ORDERBY="projects.projectcategories_id, projects.projectdivisions_id, projects.
 				projects.projectcategories_id,
 				projects.projectdivisions_id,
 				judges_teams_id as res_team_id,
 				count(score) as score_count,
 				count((SELECT count(*) FROM judges_teams_timeslots_projects_link WHERE 
 					projectid=judges_teams_timeslots_projects_link.projects_id)) as score_total_count,
 				avg(score) as score, 
 				avg(score + (SELECT 70-avg(score) 
-				             FROM judges_teams_timeslots_projects_link 
+			\t             FROM judges_teams_timeslots_projects_link 
-										 WHERE judges_teams_id = res_team_id))
+									\t WHERE judges_teams_id = res_team_id))
-				    AS norm_score
+			\t    AS norm_score
 			FROM
 				registrations
 				left outer join projects on projects.registrations_id=registrations.id
 				left outer join judges_teams_timeslots_projects_link on projects.id=judges_teams_timeslots_projects_link.projects_id
 			WHERE
-				registrations.conferences_id='$conferences_id' "
+				registrations.year='$year' "
-				. getJudgingEligibilityCode() . " 
+	. getJudgingEligibilityCode() . " 
 			GROUP BY projectid
 			ORDER BY
 				$ORDERBY
 			");
-		echo mysql_error();
+$q->execute();
-	
+show_pdo_errors_if_any($pdo);
 	if($_GET['csv'] != 'yes') {
 ?>
 <script language="javascript" type="text/javascript">
 $(document).ready(function() { 
    $("#div-cat-best").click(function() { 
        // set sorting column and direction, this will sort on the first and third column the column index starts at zero 
        var sorting = [[2,0],[3,0],[5,1]]; 
        // sort on the first column 
        $(".tableview").trigger("sorton",[sorting]); 
        // return false to stop default link action 
        return false; 
    }); 
    $("#overall-best").click(function() { 
        // set sorting column and direction, this will sort on the first and third column the column index starts at zero 
        var sorting = [[5,1]]; 
        // sort on the first column 
        $(".tableview").trigger("sorton",[sorting]); 
        // return false to stop default link action 
        return false; 
    }); 
 });
 </script>
 <?php
 		echo "<a href='judging_score_entry.php?csv=yes'>" . i18n("Generate CSV Report") . "</a>\n";
 		echo "<br /><a href='#' id='div-cat-best'>" . i18n("Sort By Best in Division/Category") . "</a>\n";
 		echo "<br /><a href='#' id='overall-best'>" . i18n("Sort By Best Overall") . "</a>\n";
 		echo "<table class=\"tableview\">";
 		echo "<thead>";
 		echo "<tr>";
 		echo  "<th>".i18n("Proj Num")."</th>";
 		echo  "<th>".i18n("Project Title")."</th>";
 		echo  "<th>".i18n("Age Category")."</th>";
 		echo  "<th>".i18n("Division")."</th>";
 		echo  "<th>".i18n("Score")."</th>";
 		echo  "<th>".i18n("Normalized Score")."</th>";
 		echo  "<th>".i18n("Judgings")."</th>";
 		echo  "<th>".i18n("Action")."</th>";
 		echo "</tr>";
 		echo "</thead>";
 		echo "<tbody>";
 	} else {
 		echo "Project #\tTitle\tCategory\tDivision\tScore\tNormalized Scores\tJudge Name\tJudges Score\n";
 	}
-	while($r=mysql_fetch_object($q))
+if ($_GET['csv'] != 'yes') {
-	{
+	echo "<a href='judging_score_entry.php?csv=yes'>" . i18n('Generate CSV Report') . "</a>\n";
-		if($_GET['csv'] == 'yes') {
+	echo '<table class="tableview">';
-			echo "$r->projectnumber \t $r->title \t" . $cats[$r->projectcategories_id] . "\t" . $divs[$r->projectdivisions_id] . " \t $r->score \t $r->norm_score ";
+	echo '<tr>';
-			$p=mysql_query("SELECT judges_teams_timeslots_projects_link.judges_teams_id, 
+	echo '<th>' . i18n('Proj Num') . '</th>';
-								    				 score, 
+	echo '<th>' . i18n('Project Title') . '</th>';
-												     judges_teams.num
+	echo '<th>' . i18n('Age Category') . '</th>';
-			                FROM judges_teams_timeslots_projects_link, 
+	echo '<th>' . i18n('Division') . '</th>';
-									         judges_teams
+	echo '<th>' . i18n('Score') . '</th>';
-			                WHERE judges_teams_timeslots_projects_link.judges_teams_id = judges_teams.id 
+	echo '<th>' . i18n('Normalized Score') . '</th>';
-									          AND projects_id = ".mysql_real_escape_string($r->projectid)." ORDER BY judges_teams_id"
+	echo '<th>' . i18n('Action') . '</th>';
-								);
+	echo '</tr>';
-	echo mysql_error();
+} else {
-			while($s=mysql_fetch_object($p)) {
+	echo "Project #\tTitle\tCategory\tDivision\tScore\tNormalized Scores\tJudge Name\tJudges Score\n";
-                                $team=getJudgingTeam($s->judges_teams_id);
+}
                                $teamNames=array_map("teamMemberToName", $team['members']);
 				echo "\t " . implode(", ", $teamNames) . " \t $s->score";
 			}
 			echo "\n";
-		} else {
+while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-			echo "<tr>";
+	if ($_GET['csv'] == 'yes') {
-			echo "<td>$r->projectnumber</td>\n";
+		echo "$r->projectnumber \t $r->title \t" . $cats[$r->projectcategories_id] . "\t" . $divs[$r->projectdivisions_id] . " \t $r->score \t $r->norm_score ";
-			echo "<td>$r->title</td>\n";
+		$p = $pdo->prepare("SELECT judges_teams_timeslots_projects_link.judges_teams_id, 
-
+							\t    \t\t\t\t score, 
-			echo "<td>".i18n($cats[$r->projectcategories_id])."</td>\n";
+											\t     judges_teams.num
-			echo "<td>".i18n($divs[$r->projectdivisions_id])."</td>\n";
+		\t                FROM judges_teams_timeslots_projects_link, 
-			echo "<td class='judging_score'>" . number_format($r->score, 2) . "</td>\n";
+								\t         judges_teams
-			echo "<td class='judging_score'><strong>" . number_format($r->norm_score, 2) . "</strong></td>\n";
+		\t                WHERE judges_teams_timeslots_projects_link.judges_teams_id = judges_teams.id 
-			if ($r->score_count == $r->score_total_count) {
+								\t          AND projects_id = " . $r->projectid . ' ORDER BY judges_teams_id');
-				echo "<td>";
+		$p->execute();
-			} else if ($r->score_count == 0) {
+		show_pdo_errors_if_any($pdo);
-				echo "<td class='caution'>";
+		while ($s = $p->fetch(PDO::FETCH_OBJ)) {
-			} else {
+			$team = getJudgingTeam($s->judges_teams_id);
-				echo "<td class='error'>";
+			$teamNames = array_map('teamMemberToName', $team['members']);
-			}
+			echo "\t " . implode(', ', $teamNames) . " \t $s->score";
 			echo number_format($r->score_count, 0) . "/" . number_format($r->score_total_count, 0) . "</td>\n";
 			echo "<td align=\"center\">";
 			if($conferences_id == $conference['id']){
 				echo "<a href=\"judging_score_edit.php?projectid=$r->projectid\">";
 				echo i18n("Edit Scores");
 				echo "</a>";
 			}
 			echo "</td>\n";
 			echo "</tr>\n";
 		}
-	}
+		echo "\n";
-	if($_GET['csv'] != 'yes') {
+	} else {
-		echo "</tbody>";
+		echo '<tr>';
-		echo "</table>\n";
+		echo "<td>$r->projectnumber</td>\n";
-		echo "<br />";
+		echo "<td>$r->title</td>\n";
- 		send_footer();
+		echo '<td>' . i18n($cats[$r->projectcategories_id]) . "</td>\n";
 		echo '<td>' . i18n($divs[$r->projectdivisions_id]) . "</td>\n";
 		echo '<td>' . number_format($r->score, 2) . "</td>\n";
 		echo '<td>' . number_format($r->norm_score, 2) . "</td>\n";
 		echo '<td align="center">';
 		if ($year == $config['FAIRYEAR']) {
 			echo "<a href=\"judging_score_edit.php?projectid=$r->projectid\">";
 			echo i18n('Edit Scores');
 			echo '</a>';
 		}
 		echo "</td>\n";
 		echo "</tr>\n";
 	}
 }
 if ($_GET['csv'] != 'yes') {
 	echo "</table>\n";
 	echo '<br />';
 	send_footer();
 }
 ?>
--- a/admin/locations.php
+++ b/admin/locations.php
@ -1,59 +0,0 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
   Copyright (C) 2005 James Grant <james@lightbox.org>
   This program is free software; you can redistribute it and/or
   modify it under the terms of the GNU General Public
   License as published by the Free Software Foundation, version 2.
   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
   General Public License for more details.
   You should have received a copy of the GNU General Public License
   along with this program; see the file COPYING.  If not, write to
   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
   Boston, MA 02111-1307, USA.
 */
 ?>
 <?
 require("../common.inc.php");
 require("../tableeditor.class.php");
 require_once("../user.inc.php");
 user_auth_required('admin');
 send_header("Event Locations", 
 	array('Committee Main' => 'committee_main.php',
 		'Administration' => 'admin/index.php',
 		'Events & Scheduling' => 'admin/eventsscheduling.php'),
 		"events_scheduling" );
 echo "<br />";
 $editor = new TableEditor("locations",
 	array(
 		"name" => "Location Name"
 	),
 	array(
 		"name" => "Location Name"
 	),
 	array(
 		"conferences_id" => $conference['id']
 	)
 );
 $editor->filterList("conferences_id", $conference['id']);
 $editor->setPrimaryKey("id");
 $editor->setRecordType("Location");
 $editor->setDefaultSortField("name");
 $editor->execute();
 send_footer();
 ?>
--- a/admin/project_editor.php
+++ b/admin/project_editor.php
@ -1,177 +1,252 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005-2006 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005-2006 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
 * SFIAB Website: http://www.sfiab.ca
 *
 * Copyright (C) 2005-2006 Sci-Tech Ontario Inc <info@scitechontario.org>
 * Copyright (C) 2005-2006 James Grant <james@lightbox.org>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public
 * License as published by the Free Software Foundation, version 2.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 *  General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
-   This program is free software; you can redistribute it and/or
+// This file was modified Jan of 2014 by Richard Sin
-   modify it under the terms of the GNU General Public
+// Project type has been added and can be toggled by configuration.
-   License as published by the Free Software Foundation, version 2.
+// Feedback box also has been added for flagging purposes
   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    General Public License for more details.
   You should have received a copy of the GNU General Public License
   along with this program; see the file COPYING.  If not, write to
   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
   Boston, MA 02111-1307, USA.
 */
 ?>
 <?
-require_once('../common.inc.php');
+require_once ('../common.inc.php');
-require_once('../user.inc.php');
+require_once ('../user.inc.php');
-require_once('../register_participants.inc.php');
+require_once ('../register_participants.inc.php');
-$auth_type = user_auth_required(array(), array('fair','admin'));
+$auth_type = user_auth_required(array('fair', 'committee'), 'admin');
-$registrations_id=intval($_GET['id']);
+$registrations_id = intval($_GET['id']);
 $action = $_GET['action'];
 /* Extra restrictions for auth_type = fair */
-if($auth_type == 'fair') {
+if ($auth_type == 'fair') {
 	$fairs_id = $_SESSION['fairs_id'];
-	if($registrations_id == -1 && ($action=='registration_load' || $action == 'registration_save')) {
+	if ($registrations_id == -1 && ($action == 'registration_load' || $action == 'registration_save')) {
 		/* we can't check the project it hasn't been created. */
 	} else {
 		/* Make sure they have permission to laod this student, check
 		the master copy of the fairs_id in the project */
-		$q=mysql_query("SELECT * FROM projects WHERE 
+		$q = $pdo->prepare("SELECT * FROM projects WHERE 
 				registrations_id='$registrations_id' 
-				AND conferences_id='{$conference['id']}'
+				AND year='{$config['FAIRYEAR']}'
 				AND fairs_id=$fairs_id");
-		if(mysql_num_rows($q) != 1) {
+
-			echo "permission denied.";
+		$q->execute();
 		if ($q->rowCount() != 1) {
 			echo 'permission denied.';
 			exit;
-		} 
+		}
 		/* Ok, they have permission */
 	}
 }
 switch ($action) {
 	case 'project_load':
 		project_load();
 		break;
 	case 'project_regenerate_number':
 		/* Save first */
 		project_save();
-switch($action) {
+		/* Now generate */
-case 'project_load':
+		$q = $pdo->prepare("SELECT id FROM projects WHERE registrations_id='{$registrations_id}' AND year='{$config['FAIRYEAR']}'");
-	project_load2();
+		$q->execute();
-	break;
+		$i = $q->fetch(PDO::FETCH_ASSOC);
 case 'project_regenerate_number':
 	/* Save first */
 	project_save();
-	/* Now generate */
+		$id = $i['id'];
 	$q=mysql_query("SELECT id FROM projects WHERE registrations_id='{$registrations_id}' AND conferences_id='{$conference['id']}'");
 	$i=mysql_fetch_assoc($q);
 	$id = $i['id'];
-	mysql_query("UPDATE projects SET projectnumber=NULL,projectsort=NULL,
+		$stmt = $pdo->prepare("UPDATE projects SET projectnumber=NULL,projectsort=NULL,
 				projectnumber_seq='0',projectsort_seq='0'
 				WHERE id='$id'");
-	echo mysql_error();
+		$stmt->execute();
- 	list($pn,$ps,$pns,$pss) = generateProjectNumber($registrations_id);
+		show_pdo_errors_if_any($pdo);
-//	print("Generated Project Number [$pn]");
+		list($pn, $ps, $pns, $pss) = generateProjectNumber($registrations_id);
-	mysql_query("UPDATE projects SET projectnumber='$pn',projectsort='$ps',
+
 		//	print("Generated Project Number [$pn]");
 		$stmt = $pdo->prepare("UPDATE projects SET projectnumber='$pn',projectsort='$ps',
 				projectnumber_seq='$pns',projectsort_seq='$pss'
 				WHERE id='$id'");
-	happy_("Generated and Saved Project Number: $pn");
+		$stmt->execute();
-	break;
+		happy_("Generated and Saved Project Number: $pn");
-case 'project_save':
+		break;
-	project_save();
+
-	break;
+	case 'project_save':
-default:
+		project_save();
-	break;
+		break;
 	default:
 		break;
 }
 exit;
 function project_save()
 {
-	global $registrations_id, $config, $conference;
+	global $registrations_id, $config, $pdo;
-	//first, lets make sure this project really does belong to them
+	// first, lets make sure this project really does belong to them
-	$q=mysql_query("SELECT * FROM projects WHERE registrations_id='{$registrations_id}' AND conferences_id='{$conference['id']}'");
+	$q = $pdo->prepare("SELECT * FROM projects WHERE registrations_id='{$registrations_id}' AND year='{$config['FAIRYEAR']}'");
-	$projectinfo=mysql_fetch_object($q);
+	$q->execute();
-	if(!projectinfo) {
+	$projectinfo = $q->fetch(PDO::FETCH_OBJ);
-		echo error(i18n("Invalid project to update"));
+	if (!$projectinfo) {
 		echo error(i18n('Invalid project to update'));
 	}
-	$summarywords=preg_split("/[\s,]+/",$_POST['summary']);
+	$summarywords = preg_split('/[\s,]+/', $_POST['summary']);
-	$summarywordcount=count($summarywords);
+	$summarywordcount = count($summarywords);
-	if($summarywordcount>$config['participant_project_summary_wordmax'])
+	if ($summarywordcount > $config['participant_project_summary_wordmax'])
-		$summarycountok=0;
+		$summarycountok = 0;
 	else
-		$summarycountok=1;
+		$summarycountok = 1;
-	if($config['participant_project_title_charmax'] && strlen(stripslashes($_POST['title']))>$config['participant_project_title_charmax']) {  //0 for no limit, eg 255 database field limit 
+	// check if it is flagged then update it
-		$title=substr(stripslashes($_POST['title']),0,$config['participant_project_title_charmax']);
+
-		error_("Project title truncated to %1 characters",array($config['participant_project_title_charmax']));
+	if (empty($_POST['feedback'])) {
 		$stmt = $pdo->prepare('UPDATE projects SET '
 			. "flagged='0'"
 			. "WHERE id='" . intval($_POST['id']) . "'");
 		$stmt->execute();
 	} else {
 		$stmt = $pdo->prepare('UPDATE projects SET '
 			. "flagged='1'"
 			. "WHERE id='" . intval($_POST['id']) . "'");
 		$stmt->execute();
 	}
 	show_pdo_errors_if_any($pdo);
 	happy_('Flagging process successfully updated');
 	if ($config['participant_project_title_charmax'] && strlen(stripslashes($_POST['title'])) > $config['participant_project_title_charmax']) {  // 0 for no limit, eg 255 database field limit
 		$title = substr(stripslashes($_POST['title']), 0, $config['participant_project_title_charmax']);
 		error_('Project title truncated to %1 characters', array($config['participant_project_title_charmax']));
 	} else
-		$title=stripslashes($_POST['title']);
+		$title = stripslashes($_POST['title']);
-	mysql_query("UPDATE projects SET ".
+	$stmt = $pdo->prepare(
-			"title='".mysql_escape_string($title)."', ".
+		'UPDATE projects SET 
-			"projectdivisions_id='".intval($_POST['projectdivisions_id'])."', ".
+				title = :title,
-			"language='".mysql_escape_string(stripslashes($_POST['language']))."', ".
+				projectdivisions_id = :projectdivisions_id,
-			"req_table='".mysql_escape_string(stripslashes($_POST['req_table']))."', ".
+				projecttype = :projecttype,
-			"req_electricity='".mysql_escape_string(stripslashes($_POST['req_electricity']))."', ".
+				language = :language,
-			"req_special='".mysql_escape_string(stripslashes($_POST['req_special']))."', ".
+				req_table = :req_table,
-			"summary='".mysql_escape_string(stripslashes($_POST['summary']))."', ".
+				req_electricity = :req_electricity,
-			"summarycountok='$summarycountok',".
+				req_special = :req_special,
-			"projectsort='".mysql_escape_string(stripslashes($_POST['projectsort']))."'".
+				human_participants = :human_participants,
-			"WHERE id='".intval($_POST['id'])."'");
+				animal_participants = :animal_participants,
-			echo mysql_error();
+				summary = :summary,
-	happy_('Project Information Saved');
+				summarycountok = :summarycountok,
 				feedback = :feedback,
 				projectsort = :projectsort
 			WHERE id = :id'
 	);
-	//check if they changed the project number
+	$stmt->bindValue(':title', $_POST['title']);
-	if($_POST['projectnumber']!=$projectinfo->projectnumber) {
+	$stmt->bindValue(':projectdivisions_id', intval($_POST['projectdivisions_id']));
-		//check if hte new one is available
+	$stmt->bindValue(':projecttype', $_POST['projecttype']);
-		$q=mysql_query("SELECT * FROM projects WHERE conferences_id='".$conference['id']."' AND projectnumber='".$_POST['projectnumber']."'");
+	$stmt->bindValue(':language', $_POST['language']);
-		if(mysql_num_rows($q)) {
+	$stmt->bindValue(':req_table', $_POST['req_table']);
-			error_("Could not change project number.  %1 is already in use",array($_POST['projectnumber']));
+	$stmt->bindValue(':req_electricity', $_POST['req_electricity']);
 	$stmt->bindValue(':req_special', $_POST['req_special']);
 	$stmt->bindValue(':human_participants', $_POST['human_participants']);
 	$stmt->bindValue(':animal_participants', $_POST['animal_participants']);
 	$stmt->bindValue(':summary', $_POST['summary']);
 	$stmt->bindValue(':summarycountok', $summarycountok);
 	$stmt->bindValue(':feedback', $_POST['feedback']);
 	$stmt->bindValue(':projectsort', $_POST['projectsort']);
 	$stmt->bindValue(':id', intval($_POST['id']));
 	$stmt->execute();
 	show_pdo_errors_if_any($pdo);
 	happy_('Project information successfully updated');
 	// check if they changed the project number
 	if ($_POST['projectnumber'] != $projectinfo->projectnumber) {
 		// check if hte new one is available
 		$q = $pdo->prepare("SELECT * FROM projects WHERE year='" . $config['FAIRYEAR'] . "' AND projectnumber='" . $_POST['projectnumber'] . "'");
 		$q->execute();
 		if ($q->rowCount()) {
 			error_('Could not change project number.  %1 is already in use', array($_POST['projectnumber']));
 		} else {
-			mysql_query("UPDATE projects SET
+			$stmt = $pdo->prepare("UPDATE projects SET
-					projectnumber='".$_POST['projectnumber']."'
+					projectnumber='" . $_POST['projectnumber'] . "'
-					WHERE id='".$_POST['id']."'");
+					WHERE id='" . $_POST['id'] . "'");
-			happy_("Project number successfully changed to %1",array($_POST['projectnumber']));
+			$stmt->execute();
 			happy_('Project number successfully changed to %1', array($_POST['projectnumber']));
 		}
 	}
 }
-
+function project_load()
 function project_load2()
 {
-	global $registrations_id, $config, $conference;
+	global $registrations_id, $config, $pdo;
-	$projectcategories_id=getProjectCategory($registrations_id);
+	// $projectcategories_id=null;
-	//now select their project info
+	// now lets find out their MAX grade, so we can pre-set the Age Category
-	$q=mysql_query("SELECT * FROM projects WHERE registrations_id='".$registrations_id."' AND conferences_id='".$conference['id']."'");
+	$q = $pdo->prepare("SELECT MAX(grade) AS maxgrade FROM students WHERE registrations_id='" . $registrations_id . "'");
-	//check if it exists, if we didnt find any record, lets insert one
+	$q->execute();
-	$projectinfo=mysql_fetch_object($q);
+	$gradeinfo = $q->fetch(PDO::FETCH_OBJ);
-	$q=mysql_query("SELECT * FROM projectcategories WHERE conferences_id='".$conference['id']."' ORDER BY id");
+	// now lets grab all the age categories, so we can choose one based on the max grade
-	while($r=mysql_fetch_object($q)) {
+	$q = $pdo->prepare("SELECT * FROM projectcategories WHERE year='" . $config['FAIRYEAR'] . "' ORDER BY id");
-		//save these in an array, so we can use them below
+	$q->execute();
-	   $agecategories[$r->id]['category']=$r->category;
+	while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-	   $agecategories[$r->id]['mingrade']=$r->mingrade;
+		// save these in an array, just incase we need them later (FIXME: remove this array if we dont need it)
-	   $agecategories[$r->id]['maxgrade']=$r->maxgrade;
+		$agecategories[$r->id]['category'] = $r->category;
 		$agecategories[$r->id]['mingrade'] = $r->mingrade;
 		$agecategories[$r->id]['maxgrade'] = $r->maxgrade;
 		if ($gradeinfo->maxgrade >= $r->mingrade && $gradeinfo->maxgrade <= $r->maxgrade)
 			$projectcategories_id = $r->id;
 	}
-	//make sure that if they changed their grade on the student page, we update their projectcategories_id accordingly
+	// now select their project info
-	if($projectcategories_id && $projectinfo->projectcategories_id!=$projectcategories_id) {
+	$q = $pdo->prepare("SELECT * FROM projects WHERE registrations_id='" . $registrations_id . "' AND year='" . $config['FAIRYEAR'] . "'");
-		echo notice(i18n("Age category changed, updating to %1",array($agecategories[$projectcategories_id]['category'])));
+	// check if it exists, if we didnt find any record, lets insert one
-		mysql_query("UPDATE projects SET projectcategories_id='$projectcategories_id' WHERE id='$projectinfo->id'");
+	$q->execute();
 	$projectinfo = $q->fetch(PDO::FETCH_OBJ);
 	if (!$projectinfo) {
 		$stmt = $pdo->prepare("INSERT INTO projects (registrations_id,projectcategories_id,year) VALUES ('" . $registrations_id . "','$projectcategories_id','" . $config['FAIRYEAR'] . "')");
 		// and then pull it back out
 		$stmt->execute();
 		$q = $pdo->prepare("SELECT * FROM projects WHERE registrations_id='" . $registrations_id . "' AND year='" . $config['FAIRYEAR'] . "'");
 		$q->execute();
 		$projectinfo = $q->fetch(PDO::FETCH_OBJ);
 	}
-	//output the current status
+	// make sure that if they changed their grade on the student page, we update their projectcategories_id accordingly
-?>
+	if ($projectcategories_id && $projectinfo->projectcategories_id != $projectcategories_id) {
 		echo notice(i18n('Age category changed, updating to %1', array($agecategories[$projectcategories_id]['category'])));
 		$stmt = $pdo->prepare("UPDATE projects SET projectcategories_id='$projectcategories_id' WHERE id='$projectinfo->id'");
 		$stmt->execute();
 	}
 	// output the current status
 	?>
 <script language="javascript" type="text/javascript">
 function countwords()
 {
-	var wordmax=<?=$config['participant_project_summary_wordmax'];?>;
+	var wordmax=<?= $config['participant_project_summary_wordmax']; ?>;
 	var summaryobj=document.getElementById('summary');
 	var wordcountobj=document.getElementById('wordcount');
 	var wordcountmessageobj=document.getElementById('wordcountmessage');
@ -189,55 +264,81 @@ function countwords()
 </script>
 <?
-	if(!$projectinfo) {
+	if (!$projectinfo) {
-		echo error(i18n("Invalid project to edit"));
+		echo error(i18n('Invalid project to edit'));
 		exit;
 	}
-?>
+	?>
 	<form id="project_form">
-	<input type="hidden" name="id" value="<?=$projectinfo->id?>">
+	<input type="hidden" name="id" value="<?= $projectinfo->id ?>">
 	<table>
-	<tr>	<td><?=i18n("Project Title")?>: </td>
+	<tr>	<td><?= i18n('Project Title') ?>: </td>
-		<td><input type="text" name="title" size="50" value="<?=htmlspecialchars($projectinfo->title)?>" /><?=REQUIREDFIELD?>
+		<td><input type="text" name="title" size="50" value="<?= htmlspecialchars($projectinfo->title, null, 'ISO8859-1') ?>" /><?= REQUIREDFIELD ?>
 <?
-	if($config['participant_project_title_charmax'])
+	if ($config['participant_project_title_charmax'])
-		echo i18n("(Max %1 characters)",array($config['participant_project_title_charmax']));
+		echo i18n('(Max %1 characters)', array($config['participant_project_title_charmax']));
-?>
+	?>
 		</td>
 	</tr><tr>
-		<td><?=i18n("Project Number")?>: </td>
+		<td><?= i18n('Project Number') ?>: </td>
-		<td><input type="text" name="projectnumber" size="10" value="<?=$projectinfo->projectnumber?>" />
+		<td><input type="text" name="projectnumber" size="10" value="<?= $projectinfo->projectnumber ?>" />
-			<input type="button" id="project_regenerate_number" value="<?=i18n("Re-Generate Project Number")?>" />
+			<input type="button" id="project_regenerate_number" value="<?= i18n('Re-Generate Project Number') ?>" />
 		</td>
 	</tr><tr>
-		<td><?=i18n("Project Sort")?>: </td>
+		<td><?= i18n('Project Sort') ?>: </td>
-		<td><input type="text" name="projectsort" size="10" value="<?=$projectinfo->projectsort?>" /></td>
+		<td><input type="text" name="projectsort" size="10" value="<?= $projectinfo->projectsort ?>" /></td></tr>
 <?
 	if ($config['project_type'] == 'yes') {
 		$q = $pdo->prepare('SELECT * FROM projecttypes ORDER BY type');
 		$q->execute();
 		echo '<tr><td>' . i18n('Project Type') . ': </td><td>';
 		echo "<select name=\"projecttype\">\n";
 		echo '<option value="">' . i18n('Select a project type') . "</option>\n";
 		// FIXME: need to fix the loading glitch
 		while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 			if ($r->type == $projectinfo->projecttype) {
 				$sel = 'selected="selected"';
 			} else {
 				$sel = '';
 			}
 			echo "<option $sel value=\"$r->type\">" . htmlspecialchars(i18n($r->type), null, 'ISO8859-1') . "</option>\n";
 		}
 		echo '</select>' . REQUIREDFIELD . '</td></tr>';
 	}
 	?>
 	<tr>
 		<td><?= i18n('Age Category') ?>: </td>
 		<td><?= i18n($agecategories[$projectcategories_id]['category']) ?> (<?= i18n('Grades %1-%2', array($agecategories[$projectcategories_id]['mingrade'], $agecategories[$projectcategories_id]['maxgrade'])) ?>)</td>
 	</tr><tr>
-		<td><?=i18n("Age Category")?>: </td>
+		<td><?= i18n('Division') ?>: </td>
 		<td><?=i18n($agecategories[$projectcategories_id]['category'])?> (<?=i18n("Grades %1-%2",array($agecategories[$projectcategories_id]['mingrade'],$agecategories[$projectcategories_id]['maxgrade']))?>)</td>
 	</tr><tr>
 		<td><?=i18n("Division")?>: </td>
 		<td>
 <?
-	//###### Feature Specific - filtering divisions by category
+	// ###### Feature Specific - filtering divisions by category
-	if($config['filterdivisionbycategory']=="yes"){
+	if ($config['filterdivisionbycategory'] == 'yes') {
-		$q=mysql_query("SELECT projectdivisions.* FROM projectdivisions,projectcategoriesdivisions_link WHERE projectdivisions.id=projectdivisions_id AND projectcategories_id=".$projectcategories_id." AND projectdivisions.conferences_id='".$conference['id']."' AND projectcategoriesdivisions_link.conferences_id='".$conference['id']."' ORDER BY division"); 
+		$q = $pdo->prepare('SELECT projectdivisions.* FROM projectdivisions,projectcategoriesdivisions_link WHERE projectdivisions.id=projectdivisions_id AND projectcategories_id=' . $projectcategories_id . " AND projectdivisions.year='" . $config['FAIRYEAR'] . "' AND projectcategoriesdivisions_link.year='" . $config['FAIRYEAR'] . "' ORDER BY division");
-		echo mysql_error();
+		$q->execute();
-	//###
+		show_pdo_errors_if_any($pdo);
-	} else
+		// ###
-		$q=mysql_query("SELECT * FROM projectdivisions WHERE conferences_id='".$conference['id']."' ORDER BY division");
+	} else {
-
+		$q = $pdo->prepare("SELECT * FROM projectdivisions WHERE year='" . $config['FAIRYEAR'] . "' ORDER BY division");
-	echo "<select name=\"projectdivisions_id\">";
+		$q->execute();
 	echo "<option value=\"\">".i18n("Select a division")."</option>\n";
 	while($r=mysql_fetch_object($q)) {
 		if($r->id == $projectinfo->projectdivisions_id) $sel="selected=\"selected\""; else $sel="";
 		echo "<option $sel value=\"$r->id\">".htmlspecialchars(i18n($r->division))."</option>\n";
 	}
 	echo "</select>".REQUIREDFIELD;
-	if($config['usedivisionselector']=="yes") {
+	echo '<select name="projectdivisions_id">';
-	 ?>
+	echo '<option value="">' . i18n('Select a division') . "</option>\n";
 	while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 		if ($r->id == $projectinfo->projectdivisions_id)
 			$sel = 'selected="selected"';
 		else
 			$sel = '';
 		echo "<option $sel value=\"$r->id\">" . htmlspecialchars(i18n($r->division), null, 'ISO8859-1') . "</option>\n";
 	}
 	echo '</select>' . REQUIREDFIELD;
 	if ($config['usedivisionselector'] == 'yes') {
 		?>
 		<script language="javascript" type="text/javascript">
 		function openDivSelWindow()
@ -250,86 +351,136 @@ function countwords()
 	<?
 	}
-	echo "<br />";
+	echo '<br />';
-	echo i18n("WARNING!  If you change the division you must manually change the project number too!  It will NOT be assigned a new number automatically");
+	echo i18n('WARNING!  If you change the division you must manually change the project number too!  It will NOT be assigned a new number automatically');
-	echo "</td></tr>";
+	echo '</td></tr>';
-	echo "<tr><td>".i18n("Language").": </td><td>";
+	echo '<tr><td>' . i18n('Language') . ': </td><td>';
 	echo "<select name=\"language\">\n";
-	if($projectinfo->language)
+	if ($projectinfo->language)
-		$currentlang=$projectinfo->language;
+		$currentlang = $projectinfo->language;
 	else
-		$currentlang=$_SESSION['lang'];
+		$currentlang = $_SESSION['lang'];
-	foreach($config['languages'] AS $key=>$val) { 
+	foreach ($config['languages'] AS $key => $val) {
-		if($currentlang==$key) $selected="selected=\"selected\""; else $selected="";
+		if ($currentlang == $key)
 			$selected = 'selected="selected"';
 		else
 			$selected = '';
 		echo "<option $selected value=\"$key\">$val</option>";
 	}
-	echo "</select>".REQUIREDFIELD;
+	echo '</select>' . REQUIREDFIELD;
-	echo "</td></tr>";
+	echo '</td></tr>';
-	echo "<tr><td>".i18n("Requirements").": </td><td>";
+	echo '<tr><td>' . i18n('Requirements') . ': </td><td>';
-	echo "<table>";
+	echo '<table>';
-	if($config['participant_project_table']=="no") {
+	if ($config['participant_project_table'] == 'no') {
-		//if we arent asking them if they want a table or not, then we set it to 'yes' assuming everyone will get a table
+		// if we arent asking them if they want a table or not, then we set it to 'yes' assuming everyone will get a table
-		echo " <input type=\"hidden\" name=\"req_table\" value=\"yes\" />";
+		echo ' <input type="hidden" name="req_table" value="yes" />';
 	} else {
-		echo "<tr>";
+		echo '<tr>';
-		echo " <td>".i18n("Table").REQUIREDFIELD."</td>";
+		echo ' <td>' . i18n('Table') . REQUIREDFIELD . '</td>';
-		if($projectinfo->req_table=="yes") $check="checked=\"checked\""; else $check="";
+		if ($projectinfo->req_table == 'yes')
 			$check = 'checked="checked"';
 		else
 			$check = '';
 		echo " <td><input $check type=\"radio\" name=\"req_table\" value=\"yes\" />Yes</td>";
-		echo " <td width=\"20\">&nbsp;</td>";
+		echo ' <td width="20">&nbsp;</td>';
-		if($projectinfo->req_table=="no") $check="checked=\"checked\""; else $check="";
+		if ($projectinfo->req_table == 'no')
 			$check = 'checked="checked"';
 		else
 			$check = '';
 		echo " <td><input $check type=\"radio\" name=\"req_table\" value=\"no\" />No</td>";
-		echo "</tr>";
+		echo '</tr>';
 	}
-	if($config['participant_project_electricity']=="no")
+	if ($config['participant_project_electricity'] == 'no') {
-	{
+		// if we arent asking them if they want electricity or not, then we set it to 'yes' assuming everyone will get electricity
-		//if we arent asking them if they want electricity or not, then we set it to 'yes' assuming everyone will get electricity
+		echo ' <input type="hidden" name="req_electricity" value="yes" />';
-		echo " <input type=\"hidden\" name=\"req_electricity\" value=\"yes\" />";
+	} else {
-	}
+		echo '<tr>';
-	else
+		echo ' <td>' . i18n('Electricity') . REQUIREDFIELD . '</td>';
-	{
+		if ($projectinfo->req_electricity == 'yes')
-		echo "<tr>";
+			$check = 'checked="checked"';
-		echo " <td>".i18n("Electricity").REQUIREDFIELD."</td>";
+		else
-		if($projectinfo->req_electricity=="yes") $check="checked=\"checked\""; else $check="";
+			$check = '';
 		echo " <td><input $check type=\"radio\" name=\"req_electricity\" value=\"yes\" />Yes</td>";
-		echo " <td width=\"20\">&nbsp;</td>";
+		echo ' <td width="20">&nbsp;</td>';
-		if($projectinfo->req_electricity=="no") $check="checked=\"checked\""; else $check="";
+		if ($projectinfo->req_electricity == 'no')
 			$check = 'checked="checked"';
 		else
 			$check = '';
 		echo " <td><input $check type=\"radio\" name=\"req_electricity\" value=\"no\" />No</td>";
-		echo "</tr>";
+		echo '</tr>';
 	}
-	echo "<tr>";
+	echo '<tr>';
-	echo " <td>".i18n("Special")."</td>";
+	echo ' <td>' . i18n('Special') . '</td>';
 	echo " <td colspan=\"3\"><input type=\"text\" name=\"req_special\" value=\"$projectinfo->req_special\" /></td>";
-	echo "</tr>";
+	echo '</tr>';
-	echo "</table>";
+	echo '</table>';
-	echo "</td></tr>";
+	if ($config['ethics_questions'] == 'yes')
 	// If we have set ethics questions to yes then ask the ethics questions!
 	{
 		echo '<tr><td>' . i18n('Ethics Questions') . ':</td><td>';
 		echo '<table>';
 		echo '<tr>';
 		echo ' <td>' . i18n('My project involves human participants') . REQUIREDFIELD . '</td>';
 		if ($projectinfo->human_participants == 'yes')
 			$check = 'checked="checked"';
 		else
 			$check = '';
 		echo " <td><input $check type=\"radio\" name=\"human_participants\" value=\"yes\" />Yes</td>";
 		echo ' <td width="20">&nbsp;</td>';
 		if ($projectinfo->human_participants == 'no')
 			$check = 'checked="checked"';
 		else
 			$check = '';
 		echo " <td><input $check type=\"radio\" name=\"human_participants\" value=\"no\" />No</td>";
 		echo '</tr>';
-	echo "<tr><td>".i18n("Summary").": </td><td><textarea onchange='countwords()' onkeypress='countwords()' cols=\"60\" rows=\"12\" id=\"summary\" name=\"summary\">".htmlspecialchars($projectinfo->summary)."</textarea>".REQUIREDFIELD."<br />";
+		echo '<tr>';
 		echo ' <td>' . i18n('My project involves animals') . REQUIREDFIELD . '</td>';
 		if ($projectinfo->animal_participants == 'yes')
 			$check = 'checked="checked"';
 		else
 			$check = '';
 		echo " <td><input $check type=\"radio\" name=\"animal_participants\" value=\"yes\" />Yes</td>";
 		echo ' <td width="20">&nbsp;</td>';
 		if ($projectinfo->animal_participants == 'no')
 			$check = 'checked="checked"';
 		else
 			$check = '';
 		echo " <td><input $check type=\"radio\" name=\"animal_participants\" value=\"no\" />No</td>";
 		echo '</tr>';
 		echo '</table>';
 	}
 	echo '</td></tr>';
-	$summarywords=preg_split("/[\s,]+/",$projectinfo->summary);
+	echo '<tr><td>' . i18n('Summary') . ': </td><td><textarea onchange=\'countwords()\' onkeypress=\'countwords()\' cols="60" rows="12" id="summary" name="summary">' . htmlspecialchars($projectinfo->summary, ENT_NOQUOTES, 'ISO8859-1') . '</textarea>' . REQUIREDFIELD . '<br />';
-	$summarywordcount=count($summarywords);
+
-	if($summarywordcount>$config['participant_project_summary_wordmax'])
+	$summarywords = preg_split('/[\s,]+/', $projectinfo->summary);
-		echo "<div id=\"wordcountmessage\" class=\"incomplete\">";
+	$summarywordcount = count($summarywords);
 	if ($summarywordcount > $config['participant_project_summary_wordmax'])
 		echo '<div id="wordcountmessage" class="incomplete">';
 	else
-		echo "<div id=\"wordcountmessage\" class=\"complete\">";
+		echo '<div id="wordcountmessage" class="complete">';
 	echo "<span id=\"wordcount\">$summarywordcount</span>/";
-	echo i18n("%1 words maximum",array($config['participant_project_summary_wordmax']));
+	echo i18n('%1 words maximum', array($config['participant_project_summary_wordmax']));
-	echo "</div>";
+	echo '</div>';
-?>
+	echo '<tr><td>' . i18n('Feedback') . ': </td><td><textarea cols="60" rows="4" id="feedback" name="feedback">' . htmlspecialchars($projectinfo->feedback, null, 'ISO8859-1') . '</textarea><br />';
 	?>
 	</td></tr>
 	</table>
-	<input type="button" id="project_save" value="<?=i18n("Save Project Information")?>" />
+	<input type="button" id="project_save" value="<?= i18n('Save Project Information') ?>" />
 	</form>
 <?
 }
--- a/admin/regfee_items_manager.php
+++ b/admin/regfee_items_manager.php
@ -1,56 +1,55 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2007 James Grant <james@lightbox.org>
+/*
-
+ * This file is part of the 'Science Fair In A Box' project
-   This program is free software; you can redistribute it and/or
+ * SFIAB Website: http://www.sfiab.ca
-   modify it under the terms of the GNU General Public
+ *
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2007 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require("../tableeditor.class.php");
+require ('../tableeditor.class.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- send_header("Registration Fee Items Manager",
+send_header('Registration Fee Items Manager',
- 		array('Committee Main' => 'committee_main.php',
+    array('Committee Main' => 'committee_main.php',
-			'Administration' => 'admin/index.php'),
+        'Administration' => 'admin/index.php'),
-            "registration_fee_items_management"
+    'registration_fee_items_management');
 			);
- $editor=new TableEditor("regfee_items",
+$editor = new TableEditor('regfee_items',
- 			array(  'name' => 'Name (for regfee line)',
+    array(
-				'description' => 'Description',
+        'name' => 'Name (for regfee line)',
-				'cost' => 'Cost',
+        'description' => 'Description',
-				'per' => 'Cost Per',
+        'cost' => 'Cost',
-			), null,
+        'per' => 'Cost Per',
-			array('conference' => $conference['name'])
+    ), null,
-			);
+    array('year' => $config['FAIRYEAR']));
- $editor->setPrimaryKey("id");
+$editor->setPrimaryKey('id');
- $editor->setDefaultSortField("description");
+$editor->setDefaultSortField('description');
- $editor->setRecordType("Registration Fee Item");
+$editor->setRecordType('Registration Fee Item');
- $editor->setFieldOptions("per", array( array('key' => 'student', 'val' => "Student"),
+$editor->setFieldOptions('per', array(array('key' => 'student', 'val' => 'Student'),
-					array('key' => 'project', 'val' => "Project") 
+    array('key' => 'project', 'val' => 'Project')));
-			              )  );
+$editor->setFieldInputType('per', 'select');
- $editor->setFieldInputType("per", 'select');
+$editor->filterList('year', $config['FAIRYEAR']);
 $editor->filterList('conference',$conference['name']);
 $editor->execute();
- send_footer();
+$editor->execute();
 send_footer();
 ?>
--- a/admin/registration.php
+++ b/admin/registration.php
@ -1,42 +1,41 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+include '../config/signaturepage_or_permissionform.php';
- user_auth_required('admin');
+require_once ('../user.inc.php');
- send_header("Participant Registration",
+user_auth_required('committee', 'admin');
- 		array('Committee Main' => 'committee_main.php',
+send_header('Participant Registration',
-			'Administration' => 'admin/index.php'),
+    array('Committee Main' => 'committee_main.php',
-            "participant_registration"
+        'Administration' => 'admin/index.php'),
-			);
+    'participant_registration');
- echo "<br />";
+echo '<br />';
- echo "<a href=\"registration_receivedforms.php\">".i18n("Input Received Signature Forms")."</a> <br />";
+echo '<a href="registration_receivedforms.php">' . i18n("Input Received $plural_participationform") . '</a> <br />';
- echo "<a href=\"registration_list.php\">".i18n("Registration List and Student/Project Editor")."</a> <br />";
+echo '<a href="registration_list.php">' . i18n('Registration List and Student/Project Editor') . '</a> <br />';
- echo "<a href=\"registration_stats.php\">".i18n("Registration Statistics")."</a> <br />";
+echo '<a href="registration_stats.php">' . i18n('Registration Statistics') . '</a> <br />';
- echo "<a href=\"registration_webconsent.php\">".i18n("Website Consent")."</a> <br />";
+echo '<a href="registration_webconsent.php">' . i18n('Website Consent') . '</a> <br />';
-
+send_footer();
 send_footer();
 ?>
--- a/admin/registration_list.php
+++ b/admin/registration_list.php
@ -1,93 +1,122 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005-2006 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005-2006 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
 * SFIAB Website: http://www.sfiab.ca
 *
 * Copyright (C) 2005-2006 Sci-Tech Ontario Inc <info@scitechontario.org>
 * Copyright (C) 2005-2006 James Grant <james@lightbox.org>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public
 * License as published by the Free Software Foundation, version 2.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 *  General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
-   This program is free software; you can redistribute it and/or
+// This file was modified Jan of 2014 by Richard Sin
-   modify it under the terms of the GNU General Public
+// Flagging has been added to monitor projects with concern.
   License as published by the Free Software Foundation, version 2.
   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    General Public License for more details.
   You should have received a copy of the GNU General Public License
   along with this program; see the file COPYING.  If not, write to
   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
   Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require_once('../common.inc.php');
+require_once ('../common.inc.php');
- require_once('../user.inc.php');
+require_once ('../user.inc.php');
-$auth_type = user_auth_required(array(), array('fair', 'admin'));
+$auth_type = user_auth_required(array('fair', 'committee'), 'admin');
-//require_once('../register_participants.inc.php');
+// require_once('../register_participants.inc.php');
- if($_GET['conference_id']) $conference_id=intval($_GET['conference_id']);
+if (get_value_from_array($_GET, 'year'))
- else $conference_id=$conference['id'];
+	$year = $_GET['year'];
 else
 	$year = $config['FAIRYEAR'];
-$q=mysql_query("SELECT * FROM projectcategories WHERE conferences_id='{$conference['id']}' ORDER BY id");
+$q = $pdo->prepare("SELECT * FROM projectcategories WHERE year='$year' ORDER BY id");
-while($r=mysql_fetch_object($q))
+$q->execute();
 	$cats[$r->id]=$r->category;
-$q=mysql_query("SELECT * FROM projectdivisions WHERE conferences_id='{$conference['id']}' ORDER BY id");
+while ($r = $q->fetch(PDO::FETCH_OBJ))
-while($r=mysql_fetch_object($q))
+	$cats[$r->id] = $r->category;
 	$divs[$r->id]=$r->division;
-$action=$_GET['action'];
+$q = $pdo->prepare("SELECT * FROM projectdivisions WHERE year='$year' ORDER BY id");
-switch($action) {
+$q->execute();
 case 'load_row':
 	$id = intval($_GET['id']);
 	$q = list_query($conference_id, '', $id);
 	$r = mysql_fetch_object($q);
 	print_row($r);
 	exit;
-case 'delete':
+while ($r = $q->fetch(PDO::FETCH_OBJ))
-	$regid = intval($_GET['id']);
+	$divs[$r->id] = $r->division;
-	$q = mysql_query("SELECT * FROM projects WHERE registrations_id='$regid'");
+
-	if(mysql_num_rows($q)) {
+$action = get_value_from_array($_GET, 'action');
-		$p = mysql_fetch_assoc($q);
+switch ($action) {
-		mysql_query("DELETE FROM winners WHERE projects_id='{$p['id']}'");
+	case 'load_row':
-	}
+		$id = intval($_GET['id']);
- 	mysql_query("DELETE FROM registrations WHERE id='$regid' AND conferences_id='".$conference['id']."'");
+		$q = list_query($year, '', $id);
-	mysql_query("DELETE FROM users WHERE registrations_id='$regid' AND conferences_id='".$conference['id']."'");
+		$r = $q->fetch(PDO::FETCH_OBJ);
-	mysql_query("DELETE FROM projects WHERE registrations_id='$regid' AND conferences_id='".$conference['id']."'");
+		print_row($r);
-	mysql_query("DELETE FROM safety WHERE registrations_id='$regid' AND conferences_id='".$conference['id']."'");
+		exit;
-//	mysql_query("DELETE FROM questions_answers WHERE registrations_id='$regid' AND conferences_id='".$conference['id']."'");
+
-	mysql_query("DELETE FROM mentors WHERE registrations_id='$regid' AND conferences_id='".$conference['id']."'");
+	case 'delete':
-	mysql_query("DELETE FROM emergencycontact WHERE registrations_id='$regid' AND conferences_id='".$conference['id']."'");
+		$regid = intval($_GET['id']);
-	happy_("Registration and all related data successfully deleted");
+		$q = $pdo->prepare("SELECT * FROM projects WHERE registrations_id='$regid'");
-	exit;
+		$q->execute();
 		if ($q->rowCount()) {
 			$p = $q->fetch(PDO::FETCH_ASSOC);
 			$stmt = $pdo->prepare("DELETE FROM winners WHERE projects_id='{$p['id']}'");
 			$stmt->execute();
 		}
 		$stmt = $pdo->prepare("DELETE FROM registrations WHERE id='$regid' AND year='" . $config['FAIRYEAR'] . "'");
 		$stmt->execute();
 		$stmt = $pdo->prepare("DELETE FROM students WHERE registrations_id='$regid' AND year='" . $config['FAIRYEAR'] . "'");
 		$stmt->execute();
 		$stmt = $pdo->prepare("DELETE FROM projects WHERE registrations_id='$regid' AND year='" . $config['FAIRYEAR'] . "'");
 		$stmt->execute();
 		$stmt = $pdo->prepare("DELETE FROM safety WHERE registrations_id='$regid' AND year='" . $config['FAIRYEAR'] . "'");
 		$stmt->execute();
 		$stmt = $pdo->prepare("DELETE FROM questions_answers WHERE registrations_id='$regid' AND year='" . $config['FAIRYEAR'] . "'");
 		$stmt->execute();
 		$stmt = $pdo->prepare("DELETE FROM mentors WHERE registrations_id='$regid' AND year='" . $config['FAIRYEAR'] . "'");
 		$stmt->execute();
 		$stmt = $pdo->prepare("DELETE FROM emergencycontact WHERE registrations_id='$regid' AND year='" . $config['FAIRYEAR'] . "'");
 		$stmt->execute();
 		happy_('Registration and all related data successfully deleted');
 		exit;
 }
-if($auth_type == 'committee') {
+if ($auth_type == 'committee') {
-	 send_header("Registration Management",
+	send_header('Registration Management',
- 		array('Committee Main' => 'committee_main.php',
+		array('Committee Main' => 'committee_main.php',
 			'Administration' => 'admin/index.php',
-			'Participant Registration' => 'admin/registration.php')
+			'Participant Registration' => 'admin/registration.php'));
 				);
 } else {
-	 send_header("Student/Project Management",
+	send_header('Student/Project Management',
- 		array('Fair Main' => 'fair_main.php') );
+		array('Fair Main' => 'fair_main.php'));
 }
- ?>
+?>
 <div id="student_editor" title="Student/Project Editor" style="display: none">
 	<div id="editor_tabs" >
 		<ul>
-			<li><a href="#editor_tab_reg"><span><?=i18n('Registration')?></span></a></li>
+			<li><a href="#editor_tab_reg"><span><?= i18n('Registration') ?></span></a></li>
-			<li><a href="#editor_tab_students"><span><?=i18n('Students')?></span></a></li>
+			<li><a href="#editor_tab_students"><span><?= i18n('Students') ?></span></a></li>
-			<li><a href="#editor_tab_project"><span><?=i18n('Project')?></span></a></li>
+			<li><a href="#editor_tab_project"><span><?= i18n('Project') ?></span></a></li>
 		</ul>
-		<div id="editor_tab_reg">Loading...</div>
+		<div id="editor_tab_reg">Loading...
 		</div>
 		<div id="editor_tab_students">Loading...</div>
 		<div id="editor_tab_project">Loading...</div>
 	</div>
@ -105,6 +134,7 @@ function popup_editor(id, open_tab)
 	var h = (document.documentElement.clientHeight * 0.9);
 	registrations_id = id;
 	registrations_new = 0;
 	if(id == -1) {
@ -115,23 +145,24 @@ function popup_editor(id, open_tab)
 	/* Force no tabs to be selected, need to set collapsible 
 	 * to true first */
 	$('#editor_tabs').tabs('option', 'collapsible', true);
-	$('#editor_tabs').tabs('option', 'selected', -1);
+	$('#editor_tabs').tabs('option', 'active', -1);
 	/* Then we'll select a tab to force a reload */
 	switch(open_tab) {
 	case 'reg':
 		/* If we open on the reg tab, disable the others until a save */
 		$('#editor_tabs').tabs('option', 'disabled', [1,2]);
-		$('#editor_tabs').tabs('select', 0);
+		$('#editor_tabs').tabs('option', 'active', 0);
 		break;
 	case 'project':
 		$('#editor_tabs').tabs('option', 'disabled', []);
-		$('#editor_tabs').tabs('select', 2);
+		$('#editor_tabs').tabs('option', 'active', 2);
 		break;
 	default:
 		$('#editor_tabs').tabs('option', 'disabled', []);
-		$('#editor_tabs').tabs('select', 1);
+		$('#editor_tabs').tabs('option', 'active', 1);
 		break;
 	}
 	/* Don't let anything collapse */
@ -168,7 +199,7 @@ function update_students(numstudents)
 			$(".students_remove_button").click(function() {		
 				var id = registrations_id;
 				var sid = $("#"+this.id +"_students_id").val();
-				var conf = confirmClick('<?=i18n("Are you sure you want to remove this student from the project?")?>');
+				var conf = confirmClick('<?= i18n('Are you sure you want to remove this student from the project?') ?>');
 				if(conf == false) return false;
@ -214,10 +245,10 @@ function update_project()
 function delete_registration(id)
 {
 	registrations_id=id;
-	var conf = confirmClick('<?=i18n("Are you sure you want to completely delete this registration?")?>');
+	var conf = confirmClick('<?= i18n('Are you sure you want to completely delete this registration?') ?>');
 	if(conf == false) return false;
-	$("#debug").load("<?=$_SERVER['PHP_SELF']?>?action=delete&id="+id,{},
+	$("#debug").load("<?= $_SERVER['PHP_SELF'] ?>?action=delete&id="+id,{},
 			function(responseText, textStatus, XMLHttpRequest) {
 				var id = registrations_id;
 				$("#row_"+id).remove();
@ -257,13 +288,13 @@ $(document).ready(function() {
 		modal: true, resizable: false,
 		draggable: false,
 		buttons: { 
-/*			"<?=i18n('Cancel')?>": function() { 
+/*			"<?= i18n('Cancel') ?>": function() { 
 				$(this).dialog("close"); 
 			},
-			"<?=i18n('Save')?>": function() { 
+			"<?= i18n('Save') ?>": function() { 
 				save_report();	
 				$(this).dialog("close"); */
-			"<?=i18n('Close')?>": function() { 
+			"<?= i18n('Close') ?>": function() { 
 //				save_report();	
 				$(this).dialog("close"); 
 			} 
@ -275,14 +306,30 @@ $(document).ready(function() {
 				/* Create a row before loading it */
 				$("#registration_list").append("<tr id=\"row_"+id+"\"></tr>");
 			}
-			$("#row_"+id).load("<?$_SERVER['PHP_SELF']?>?action=load_row&id="+id);
+			$("#" + $.escapeSelector("row_" + id)).load("<? $_SERVER['PHP_SELF'] ?>?action=load_row&id="+id);
-			$("#row_"+id).effect('highlight',{},500);			
+			$("#" + $.escapeSelector("row_" + id)).effect('highlight',{},500);			
 		}
 	});
 	$("#editor_tabs").tabs({
 		create: function(event, ui) {
            update_students();
 			update_project();
 			update_reg();
        },
 		activate: function( event, ui ) {
 			update_students();
 			update_project();
 			update_reg();
 		},
 		selected: -1
 	});
 	/*$("#editor_tabs").tabs({
 		show: function(event, ui) {
 			console.log('hi');
 			switch(ui.panel.id) {
 			case 'editor_tab_students':
 				update_students();
@ -298,142 +345,175 @@ $(document).ready(function() {
 			}
 		},
 		selected: -1
-	});
+	});*/
-/*
+	$("#newproject").on("click", (function() {
 	$("#newproject").click(function() {
 			popup_editor(-1);
 		}
-	);
+	));
 	*/
 });
 </script>
 <br />
-<table style="width: 500px;">
+<table width="100%">
 <tr><td>
 	<?= i18n('Choose Status') ?>:
 	<form name="statuschangerform" method="get" action="registration_list.php">
 	<?=i18n("Choose Status")?>:
 	<select name="showstatus" onchange="document.forms.statuschangerform.submit()">
 <?
- //if there is no reg fee, then we dont need to show this status, because nobody will ever be in this status
+// if there is no reg fee, then we dont need to show this status, because nobody will ever be in this status
- $status_str = array('' => 'Any Status', 'complete' =>  'Complete',
+$status_str = array('' => 'Any Status', 'complete' => 'Complete',
-		'paymentpending' => ($config['regfee']>0) ? 'Payment Pending' : '',
+	'paymentpending' => ($config['regfee'] > 0) ? 'Payment Pending' : '',
-		'completeorpaymentpending' => ($config['regfee']>0) ? 'Complete or Payment Pending' : '',
+	'completeorpaymentpending' => ($config['regfee'] > 0) ? 'Complete or Payment Pending' : '',
-		'open' => 'Open', 'new' => 'New');
+	'open' => 'Open', 'new' => 'New');
- $showstatus = $_GET['showstatus'];
+$showstatus = $_GET['showstatus'];
- foreach($status_str as $s=>$str) {
+foreach ($status_str as $s => $str) {
-	if($str == '') continue;
+	if ($str == '')
-	$sel = ($showstatus == $s) ? "selected=\"selected\"" : '';
+		continue;
-	echo "<option $sel value=\"$s\">".i18n($str)."</option>\n";
+	$sel = ($showstatus == $s) ? 'selected="selected"' : '';
- }
+	echo "<option $sel value=\"$s\">" . i18n($str) . "</option>\n";
 }
 ?>
 	</select></form></td>
-	<?
+	<td align="right"><button id="newproject"><?= i18n('Create New Project') ?></button></td>
 	// echo <td align=\"right\"><button id=\"newproject\">".i18n("Create New Project")."</button></td>\n";
 	?>
 	</tr></table>
 <?
-if($showstatus) {
+if ($showstatus) {
-	switch($showstatus) {
+	switch ($showstatus) {
-		case "complete": $wherestatus="AND status='complete' "; break;
+		case 'complete':
-		case "paymentpending": $wherestatus="AND status='paymentpending' "; break;
+			$wherestatus = "AND status='complete' ";
-		case "completeorpaymentpending": $wherestatus="AND (status='complete' OR status='paymentpending') "; break;
+			break;
-		case "open": $wherestatus="AND status='open' "; break;
+		case 'paymentpending':
-		case "new": $wherestatus="AND status='new' "; break;
+			$wherestatus = "AND status='paymentpending' ";
-		default: $wherestatus="";
+			break;
 		case 'completeorpaymentpending':
 			$wherestatus = "AND (status='complete' OR status='paymentpending') ";
 			break;
 		case 'open':
 			$wherestatus = "AND status='open' ";
 			break;
 		case 'new':
 			$wherestatus = "AND status='new' ";
 			break;
 		default:
 			$wherestatus = '';
 	}
-}
+} else
-else $wherestatus="";
+	$wherestatus = '';
-$q = list_query($conference_id, $wherestatus, false);
+$q = list_query($year, $wherestatus, false);
 echo "<table id=\"registration_list\" class=\"tableview\">";
 echo "<thead><tr>";
 if($showstatus) $stat="&showstatus=".$showstatus;
 echo  "<th>".i18n("Status")."</th>";
 echo  "<th>".i18n("Reg Num")."</th>";
 echo  "<th>".i18n("Proj Num")."</th>";
 echo  "<th>".i18n("Project Title")."</th>";
 echo  "<th>".i18n("Age Category")."</th>";
 echo  "<th>".i18n("Division")."</th>";
 echo  "<th>".i18n("Participant Details")."</th>";
 echo  "<th>".i18n("Action")."</th>";
 echo "</tr></thead>";
 echo "<tbody>";
-while($r=mysql_fetch_object($q)) {
+echo '<table id="registration_list" class="tableview">';
 echo "<thead><tr style='background: black';>";
 if ($showstatus)
 	$stat = '&showstatus=' . $showstatus;
 echo '<th>' . i18n('Status') . '</th>';
 echo '<th>' . i18n('Email Address') . '</th>';
 echo '<th>' . i18n('Reg Num') . '</th>';
 echo '<th>' . i18n('Proj Num') . '</th>';
 echo '<th>' . i18n('Project Title') . '</th>';
 echo '<th>' . i18n('Age Category') . '</th>';
 echo '<th>' . i18n('Division') . '</th>';
 echo '<th>' . i18n('School(s)') . '</th>';
 echo '<th>' . i18n('Student(s)') . '</th>';
 echo '<th>' . i18n('Flagged') . '</th>';
 echo '<th>' . i18n('Action') . '</th>';
 echo '</tr></thead>';
 while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 	echo "<tr id=\"row_{$r->reg_id}\">";
 	print_row($r);
-	echo "</tr>";
+	echo '</tr>';
 }
-echo "</tbody>";
+echo '</table>';
 echo "</table>";
-
+echo '<br/><br/>The statistics have moved here: <a href="registration_stats.php">Registration Statistics</a><br/><br/>';
 echo "<br/><br/>The statistics have moved here: <a href=\"registration_stats.php\">Registration Statistics</a><br/><br/>";
 send_footer();
-/* Now some helper fucntions we call more than once */
+/* Now some helper functions we call more than once */
-function list_query($conference_id, $wherestatus, $reg_id)
+function list_query($year, $wherestatus, $reg_id)
 {
-	global $auth_type;
+	global $auth_type, $pdo;
 	$reg = '';
-	if($reg_id != false)
+	if ($reg_id != false)
 		$reg = "AND registrations.id='$reg_id'";
 	$fair = '';
-	if($auth_type == 'fair') {
+	if ($auth_type == 'fair') {
 		$fair = "AND projects.fairs_id='{$_SESSION['fairs_id']}'";
 	}
-	$q=mysql_query("SELECT  registrations.id AS reg_id,
+	$q = $pdo->prepare("SELECT  registrations.id AS reg_id,
 				registrations.num AS reg_num,
 				registrations.status,
 				registrations.email,
 				projects.title,
 				projects.projectnumber,
 				projects.projectcategories_id,
-				projects.projectdivisions_id
+				projects.projectdivisions_id,
 				projects.feedback,
 				projects.flagged
 			FROM
 				registrations
 				left outer join projects on projects.registrations_id=registrations.id
 			WHERE
 				1
-				AND registrations.conferences_id='$conference_id' 
+				AND registrations.year='$year' 
 				$wherestatus
 				$reg $fair
 			ORDER BY
 				registrations.status DESC, projects.title
 			");
-	echo mysql_error();
+
 	$q->execute();
 	// FIXME
 	show_pdo_errors_if_any($pdo);
 	return $q;
 }
 function print_row($r)
 {
-	global $cats, $divs, $config, $conference_id, $conference;
+	global $cats, $divs, $config, $year, $pdo;
-	switch($r->status) {
+	$status_text = null;
-	case "new": $status_text="New"; break;
+	switch (get_value_property_or_default($r, 'status')) {
-	case "open": $status_text="Open"; break;
+		case 'new':
-	case "paymentpending": $status_text="Payment Pending"; break;
+			$status_text = 'New';
-	case "complete": $status_text="Complete"; break;
+			break;
 		case 'open':
 			$status_text = 'Open';
 			break;
 		case 'paymentpending':
 			$status_text = 'Payment Pending';
 			break;
 		case 'complete':
 			$status_text = 'Complete';
 			break;
 	}
-	$status_text=i18n($status_text);
+	$status_text = i18n($status_text);
-	$scl = "style=\"cursor:pointer;\" onclick=\"popup_editor('{$r->reg_id}','');\"";
+	$scl = 'style="cursor:pointer;" onclick="popup_editor(\'' . get_value_property_or_default($r, 'reg_id') . "','');\"";
-	$pcl = "style=\"cursor:pointer;\" onclick=\"popup_editor('{$r->reg_id}','project');\"";
+	$pcl = 'style="cursor:pointer;" onclick="popup_editor(\'' . get_value_property_or_default($r, 'reg_id') . "','project');\"";
 	echo "<td $scl>{$status_text}</td>";
-//	echo "<td $scl>{$r->email}</td>";
+	// echo "<td $scl>" . get_value_property_or_default($r, 'email') . '</td>';
 	// echo "<td $scl>" . get_value_property_or_default($r, 'reg_num') . '</td>';
 	// $pn = str_replace(' ', '&nbsp;', get_value_property_or_default($r, 'projectnumber', ''));
 	// echo "<td $scl>$pn</td>";
 	// echo "<td $pcl>" . get_value_property_or_default($r, 'title') . '</td>';
 	// echo "<td $scl>" . i18n(get_value_from_array($cats, get_value_property_or_default($r, 'projectcategories_id'), '')) . '</td>';
 	// echo "<td $scl>" . i18n(get_value_from_array($divs, get_value_property_or_default($r, 'projectdivisions_id', ''))) . '</td>';
 	echo "<td $scl>{$r->email}</td>";
 	echo "<td $scl>{$r->reg_num}</td>";
 	$pn = str_replace(' ', '&nbsp;', $r->projectnumber);
 	echo "<td $scl>$pn</td>";
@ -442,70 +522,59 @@ function print_row($r)
 	echo "<td $scl>".i18n($cats[$r->projectcategories_id])."</td>";
 	echo "<td $scl>".i18n($divs[$r->projectdivisions_id])."</td>";
 	echo "<td>";
-	$sq=mysql_query("SELECT users.firstname,
+
-				users.lastname,
+	$sq = $pdo->prepare("SELECT students.firstname,
-				users.id,
+				students.lastname,
 				students.id,
 				schools.school,
 				schools.board,
-				schools.id AS schools_id,
+				schools.id AS schools_id
 				accounts.username,
 				accounts.email,
 				accounts.pendingemail
 			FROM
-				users
+				students,schools
 				JOIN accounts ON users.accounts_id=accounts.id
 				LEFT JOIN schools ON users.schools_id=schools.id
 			WHERE
-				users.registrations_id='$r->reg_id'
+				students.registrations_id='$r->reg_id'
 				AND
 				students.schools_id=schools.id
 			");
-			echo mysql_error();
+	$sq->execute();
 	show_pdo_errors_if_any($pdo);
-	$studnum=1;
+	$studnum = 1;
-	$schools="";
+	$schools = '';
-	$students="";
+	$students = '';
-	$scl = "style=\"cursor:pointer;\" onclick=\"popup_editor('{$r->reg_id}','');\"";
+	while ($studentinfo = $sq->fetch(PDO::FETCH_OBJ)) {
-	//if theres more than 1, we should show some headings between the tables
+		$students .= "$studentinfo->firstname $studentinfo->lastname<br />";
-	if(mysql_num_rows($sq)>1) $showheadings=true;
+		$schools .= "$studentinfo->school <br />";
 	while($studentinfo=mysql_fetch_object($sq)) {
 		if($studentinfo->email) $e=$studentinfo->email;
 		else if($studentinfo->pendingemail) $e=$studentinfo->pendingemail;
 		else $e="";
 		if($showheadings) 
 			echo "<b>Participant #$studnum</b><br />";
 		echo "<table style=\"cursor:pointer; border-collapse: collapse;\" onclick=\"popup_editor('{$r->reg_id}','');\">";
 		echo "<tr><th>Name</th><td>$studentinfo->firstname $studentinfo->lastname</td></tr>\n";
 		echo "<tr><th>Username</th><td>$studentinfo->username</td></tr>\n";
 		if($e && $studentinfo->username!=$e) {
 			echo "<tr><th>Email</th><td>$e</td></tr>\n";
 		}
 		echo "<tr><th>School</th><td>$studentinfo->school</td></tr>\n";
 		echo "</table>\n";
 		$studnum++;
 	}
 	echo "</td>";
 	echo "<td $scl>$schools</td>";
 	echo "<td $scl>$students</td>";
-	echo "<td align=\"center\"  >";
+	echo '<td align="center"  >';
-	if($conference_id==$conference['id']) {
+	if ($r->flagged == false) {
-		echo "<a title=\"".i18n("Delete this registration")."\" href=\"#\" onClick=\"delete_registration({$r->reg_id});return false\" >";
+		echo '<a title="' . i18n('Not flagged') . "\" href=\"#\" onClick=\"popup_editor('$r->reg_id','project');\" >";
-		echo "<img src=\"".$config['SFIABDIRECTORY']."/images/16/button_cancel.".$config['icon_extension']."\" border=0>";
+		echo '<img src="' . $config['SFIABDIRECTORY'] . '/images/16/ok.' . $config['icon_extension'] . '" border=0>';
-		echo "</a>";
+		echo '</a>';
-		/*
+	} else {
-		echo "<form target=\"_blank\" method=\"post\" action=\"../register_participants.php\">";
+		echo '<a title="' . i18n('Flagged') . "\" href=\"#\" onClick=\"popup_editor('$r->reg_id','project');\" >";
-		echo "<input type=\"hidden\" name=\"action\" value=\"continue\">";
+		echo '<img src="' . $config['SFIABDIRECTORY'] . '/images/16/flagged.' . $config['icon_extension'] . '" border=0>';
 		echo '</a>';
 	}
 	echo '<td align="center"  >';
 	if ($year == $config['FAIRYEAR']) {
 		echo '<a title="' . i18n('Delete this registration') . "\" href=\"#\" onClick=\"delete_registration({$r->reg_id});return false\" >";
 		echo '<img src="' . $config['SFIABDIRECTORY'] . '/images/16/button_cancel.' . $config['icon_extension'] . '" border=0>';
 		echo '</a>';
 		echo '<form target="_blank" method="post" action="../register_participants.php">';
 		echo '<input type="hidden" name="action" value="continue">';
 		echo "<input type=\"hidden\" name=\"email\" value=\"$r->email\">";
 		echo "<input type=\"hidden\" name=\"regnum\" value=\"$r->reg_num\">";
-		echo "<input type=\"submit\" value=\"".i18n("Login")."\">";
+		echo '<input type="submit" value="' . i18n('Login') . '">';
-		echo "</form>";
+		echo '</form>';
 		*/
 	}
-	echo "</td>";
+	echo '</td>';
 }
 ?>
--- a/admin/registration_receivedforms.php
+++ b/admin/registration_receivedforms.php
@ -1,302 +1,431 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
 * SFIAB Website: http://www.sfiab.ca
 *
 * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
 * Copyright (C) 2005 James Grant <james@lightbox.org>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public
 * License as published by the Free Software Foundation, version 2.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 *  General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
-   This program is free software; you can redistribute it and/or
+// This file was modified March of 2015 by Sebastian Ruan
-   modify it under the terms of the GNU General Public
+// Receive all button was added
   License as published by the Free Software Foundation, version 2.
   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    General Public License for more details.
   You should have received a copy of the GNU General Public License
   along with this program; see the file COPYING.  If not, write to
   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
   Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require_once("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+include '../config/signaturepage_or_permissionform.php';
- user_auth_required('admin');
+require_once ('../user.inc.php');
- require_once("../register_participants.inc.php");
+user_auth_required('committee', 'admin');
 require ('../register_participants.inc.php');
- send_header("Input Received Signature Forms",
+send_header("Input Received $plural_participationform",
- 		array('Committee Main' => 'committee_main.php',
+	array('Committee Main' => 'committee_main.php',
-			'Administration' => 'admin/index.php',
+		'Administration' => 'admin/index.php',
-			'Participant Registration' => 'admin/registration.php')
+		'Participant Registration' => 'admin/registration.php'));
-				);
+echo '<br />';
 echo "<br />";
-$showformatbottom=true;
+$showformatbottom = true;
- if($_POST['action']=="received" && $_POST['registration_number'])
+if (get_value_from_array($_POST, 'action') == 'received' && get_value_from_array($_POST, 'registration_number')) {
- {
+	$q = $pdo->prepare("SELECT * FROM registrations WHERE num='" . $_POST['registration_number'] . "' AND year='" . $config['FAIRYEAR'] . "'");
- 	$q=mysql_query("SELECT * FROM registrations WHERE num='".$_POST['registration_number']."' AND conferences_id='".$conference['id']."'");
+	$q->execute();
-	if(mysql_num_rows($q)==1)
+	if ($q->rowCount() == 1) {
-	{
+		$r = $q->fetch(PDO::FETCH_OBJ);
-		$r=mysql_fetch_object($q);
+		$reg_id = $r->id;
-		$reg_id=$r->id;
+		$reg_num = $r->num;
-		$reg_num=$r->num;
+		$reg_status = $r->status;
 		$reg_status=$r->status;
-		if($r->status=='new') {
+		if ($r->status == 'new') {
-			echo error(i18n("Invalid Registration Status (%1 is New).  Cannot receive an empty form.",array($_POST['registration_number'])));
+			echo error(i18n('Invalid Registration Status (%1 is New).  Cannot receive an empty form.', array($_POST['registration_number'])));
-		}
+		} else {
-		else
+			// make sure all of the statuses are correct
-		{
+			$statusstudent = studentStatus($reg_id);
-			//make sure all of the statuses are correct
+			$statusemergencycontact = emergencycontactStatus($reg_id);
-			$statusstudent=studentsStatus($reg_id);
+			$statusproject = projectStatus($reg_id);
-			$statusemergencycontact=emergencycontactStatus($reg_id);
+			if ($config['participant_mentor'] == 'yes')
-			$statusproject=projectStatus($reg_id);
+				$statusmentor = mentorStatus($reg_id);
 			if($config['participant_mentor']=="yes")
 				$statusmentor=mentorStatus($reg_id);
 			else
-				$statusmentor="complete";
+				$statusmentor = 'complete';
-			$statussafety=safetyStatus($reg_id);
+			$statussafety = safetyStatus($reg_id);
-			$statusnamecheck=namecheckStatus($reg_id);
+			$statusnamecheck = namecheckStatus($reg_id);
-			if(
+			if (
-				$statusstudent == "complete" &&
+				$statusstudent == 'complete' &&
-				$statusemergencycontact == "complete" &&
+				$statusemergencycontact == 'complete' &&
-				$statusproject == "complete" &&
+				$statusproject == 'complete' &&
-				$statusmentor == "complete" &&
+				$statusmentor == 'complete' &&
-				$statussafety == "complete" &&
+				$statussafety == 'complete' &&
-				$statusnamecheck == "complete"
+				$statusnamecheck == 'complete'
 			) {
-				
+				$q = $pdo->prepare("SELECT projects.title,
 				$q=mysql_query("SELECT projects.title,
 							projectcategories.category,
 							projectdivisions.division
 						FROM
 							projects,projectcategories,projectdivisions
 						WHERE
 							projects.registrations_id='$reg_id'
-							AND projects.projectcategories_id=projectcategories.id
+							AND
-							AND projects.projectdivisions_id=projectdivisions.id
+							projects.projectcategories_id=projectcategories.id
-							AND projectcategories.conferences_id=projects.conferences_id
+							AND
-							AND projectdivisions.conferences_id=projects.conferences_id
+							projects.projectdivisions_id=projectdivisions.id
 							AND 
 							projectcategories.year=projects.year
 							AND
 							projectdivisions.year=projects.year
 						");
 				$q->execute();
-echo mysql_Error();
+				show_pdo_errors_if_any($pdo);
-				$projectinfo=mysql_fetch_object($q);
+				$projectinfo = $q->fetch(PDO::FETCH_OBJ);
-				echo "<table class=\"summarytable\">";
+				echo '<table class="summarytable">';
- 				echo "<tr><th colspan=\"2\">".i18n("Registration Summary for %1",array($reg_num))."</th></tr>";
+				echo '<tr><th colspan="2">' . i18n('Registration Summary for %1', array($reg_num)) . '</th></tr>';
-				switch($reg_status)
+				switch ($reg_status) {
-				{
+					case 'paymentpending':
-					case "paymentpending": $status_text="Payment Pending"; break;
+						$status_text = 'Payment Pending';
-					case "complete": $status_text="Complete"; break;
+						break;
-					case "open": $status_text="Open"; break;
+					case 'complete':
 						$status_text = 'Complete';
 						break;
 					case 'open':
 						$status_text = 'Open';
 						break;
 				}
-				echo "<tr><td><b>".i18n("Registration Status")."</b></td><td>$status_text</td></tr>";
+				echo '<tr><td><b>' . i18n('Registration Status') . "</b></td><td>$status_text</td></tr>";
-				echo "<tr><td><b>".i18n("Registration Number")."</b></td><td>$reg_num</td></tr>";
+				echo '<tr><td><b>' . i18n('Registration Number') . "</b></td><td>$reg_num</td></tr>";
-				echo "<tr><td><b>".i18n("Project Title")."</b></td><td>$projectinfo->title</td></tr>";
+				echo '<tr><td><b>' . i18n('Project Title') . "</b></td><td>$projectinfo->title</td></tr>";
-				echo "<tr><td><b>".i18n("Category / Division")."</b></td><td>$projectinfo->category / $projectinfo->division</td></tr>";
+				echo '<tr><td><b>' . i18n('Category / Division') . "</b></td><td>$projectinfo->category / $projectinfo->division</td></tr>";
-				$q=mysql_query("SELECT users.firstname,
+				$q = $pdo->prepare("SELECT students.firstname,
-							users.lastname,
+							students.lastname,
 							schools.school
 						FROM
-							users,schools
+							students,schools
 						WHERE
-							users.registrations_id='$reg_id'
+							students.registrations_id='$reg_id'
 							AND
-							users.schools_id=schools.id
+							students.schools_id=schools.id
 						");
 				$q->execute();
-				$studnum=1;
+				$studnum = 1;
-				while($studentinfo=mysql_fetch_object($q))
+				while ($studentinfo = $q->fetch(PDO::FETCH_OBJ)) {
-				{
+					echo '<tr><td><b>' . i18n('School %1', array($studnum)) . "</b></td><td>$studentinfo->school </td></tr>";
 					echo "<tr><td><b>".i18n("School %1",array($studnum))."</b></td><td>$studentinfo->school </td></tr>";
-					echo "<tr><td><b>".i18n("Student %1",array($studnum))."</b></td><td>$studentinfo->firstname $studentinfo->lastname </td></tr>";
+					echo '<tr><td><b>' . i18n('Student %1', array($studnum)) . "</b></td><td>$studentinfo->firstname $studentinfo->lastname </td></tr>";
 					$studnum++;
 				}
-				list($regfee,$regfeedata) = computeRegistrationFee($reg_id);
+				list($regfee, $regfeedata) = computeRegistrationFee($reg_id);
-				echo "<tr><td><b>".i18n("Registration Fee")."</b></td><td>".sprintf("$%.02f", $regfee)."</td></tr>";
+				echo '<tr><td><b>' . i18n('Registration Fee') . '</b></td><td>' . sprintf('$%.02f', $regfee) . '</td></tr>';
 				echo "</table>\n";
-					echo "<br />";
+				echo '<br />';
-				if($r->status!='complete') {
+				if ($r->status != 'complete') {
-					echo "<table style=\"margin-left: 30px;\">";
+					echo '<table style="margin-left: 30px;">';
-					echo "<tr><td colspan=\"3\">";
+					echo '<tr><td colspan="3">';
-					echo i18n("Is this the correct form to register?");
+					echo i18n('Is this the correct form to register?');
-					echo "</td></tr>";
+					echo '</td></tr>';
-					echo "<tr>";
+					echo '<tr>';
-					echo "<td>";
+					echo '<td>';
-					echo "<form method=\"post\" action=\"registration_receivedforms.php\">";
+					echo '<form method="post" action="registration_receivedforms.php">';
 					echo "<input type=\"hidden\" name=\"registration_number\" value=\"$reg_num\" />";
-					echo "<input type=\"hidden\" name=\"action\" value=\"receivedno\" />";
+					echo '<input type="hidden" name="action" value="receivedno" />';
-					echo "<input type=submit value=\"".i18n("No, this is the wrong form")."\" style=\"width: 400px; height: 40px; margin: 10px;\"/>";
+					echo '<input type=submit value="' . i18n('No, this is the wrong form') . '" style="width: 400px; height: 40px; margin: 10px;"/>';
-					echo "</form>";
+					echo '</form>';
-					if($config['regfee']>0) {
+					if ($config['regfee'] > 0) {
-
+						echo '<form method="post" action="registration_receivedforms.php">';
 						echo "<form method=\"post\" action=\"registration_receivedforms.php\">";
 						echo "<input type=\"hidden\" name=\"registration_number\" value=\"$reg_num\" />";
-						echo "<input type=\"hidden\" name=\"action\" value=\"receivedyes\" />";
+						echo '<input type="hidden" name="action" value="receivedyes" />';
-						echo "<input type=submit value=\"".i18n("Yes, right form with registration fee")."\" style=\"width: 400px; height: 40px; margin: 10px;\"/>";
+						echo '<input type=submit value="' . i18n('Yes, right form with registration fee') . '" style="width: 400px; height: 40px; margin: 10px;"/>';
-						echo "</form>";
+						echo '</form>';
-						echo "<form method=\"post\" action=\"registration_receivedforms.php\">";
+						echo '<form method="post" action="registration_receivedforms.php">';
 						echo "<input type=\"hidden\" name=\"registration_number\" value=\"$reg_num\" />";
-						echo "<input type=\"hidden\" name=\"action\" value=\"receivedyesnocash\" />";
+						echo '<input type="hidden" name="action" value="receivedyesnocash" />';
-						echo "<input type=submit value=\"".i18n("Yes, right form without registration fee")."\" style=\"width: 400px; height: 40px; margin: 10px;\"/>";
+						echo '<input type=submit value="' . i18n('Yes, right form without registration fee') . '" style="width: 400px; height: 40px; margin: 10px;"/>';
-						echo "</form>";
+						echo '</form>';
 					} else {
 						echo '<form method="post" action="registration_receivedforms.php">';
 						echo "<input type=\"hidden\" name=\"registration_number\" value=\"$reg_num\" />";
 						echo '<input type="hidden" name="action" value="receivedyes" />';
 						echo '<input type=submit value="' . i18n('Yes, this is the right form') . '" style="width: 400px; height: 40px; margin: 10px;"/>';
 						echo '</form>';
 					}
-					else {
+					echo '<br />';
 						echo "<form method=\"post\" action=\"registration_receivedforms.php\">";
 						echo "<input type=\"hidden\" name=\"registration_number\" value=\"$reg_num\" />";
 						echo "<input type=\"hidden\" name=\"action\" value=\"receivedyes\" />";
 						echo "<input type=submit value=\"".i18n("Yes, this is the right form")."\" style=\"width: 400px; height: 40px; margin: 10px;\"/>";
 						echo "</form>";
 					}
 					echo "<br />";
 					echo "</td>\n";
-					echo "</tr>";
+					echo '</tr>';
-					echo "</table>";
+					echo '</table>';
-					$showformatbottom=false;
+					$showformatbottom = false;
 				} else {
 					echo i18n('This form has already been received.  Registration is complete');
 					echo '<br />';
 					echo "<a href=\"registration_receivedforms.php?action=unregister&registration_number=$reg_num\">" . i18n('Click here to unregister this project') . '</a>';
 					echo '<br />';
 					echo '<hr />';
 				}
-				else {
+			} else {
-					echo i18n("This form has already been received.  Registration is complete");
+				echo error(i18n('All registration sections are not complete.  Cannot register incomplete form'));
 					echo "<br />";
 					echo "<a href=\"registration_receivedforms.php?action=unregister&registration_number=$reg_num\">".i18n("Click here to unregister this project")."</a>";
 					echo "<br />";
 					echo "<hr />";
 				}
 			}
 			else {
 				echo error(i18n("All registration sections are not complete.  Cannot register incomplete form"));
 				$reg=getRegistration($reg_id);
 				echo "<table class=\"tableview\">";
 				echo "<b>Registration Number: {$reg['registration_number']}</b><br />\n";
 				foreach($reg['status'] AS $k=>$v) {
 					echo "<tr><th>$k</td><td>".outputStatus($v)."</td></tr>\n";
 				}
 				echo "</table>\n";
 				echo "<br /><br />\n";
 			}
 		}
 	} else {
 		echo error(i18n('Invalid Registration Number (%1)', array($_POST['registration_number'])));
 	}
-	else
+} else if ((get_value_from_array($_POST, 'action') == 'receivedyes' || get_value_from_array($_POST, 'action') == 'receivedyesnocash') && get_value_from_array($_POST, 'registration_number')) {
 	{
 		echo error(i18n("Invalid Registration Number (%1)",array($_POST['registration_number'])));
 	}
 }
 else if(($_POST['action']=="receivedyes" || $_POST['action']=="receivedyesnocash") && $_POST['registration_number']) {
 	$regnum = intval($_POST['registration_number']);
- 	$checkNumQuery=mysql_query("SELECT projectnumber
+	$checkNumQuery = $pdo->prepare("SELECT projectnumber
 					FROM projects, registrations 
 					WHERE projects.registrations_id = registrations.id 
 						AND num='$regnum'
-						AND registrations.conferences_id='{$conference['id']}'");
+						AND registrations.year='{$config['FAIRYEAR']}'");
-	$checkNumResults=mysql_fetch_object($checkNumQuery);
+	$checkNumQuery->execute();
- 	$projectnum=$checkNumResults->projectnumber;
+	$checkNumResults = $checkNumQuery->fetch(PDO::FETCH_OBJ);
 	$projectnum = $checkNumResults->projectnumber;
-	$q=mysql_query("SELECT id FROM registrations WHERE num='$regnum' AND conferences_id='{$conference['id']}'");
+	$q = $pdo->prepare("SELECT id FROM registrations WHERE num='$regnum' AND year='{$config['FAIRYEAR']}'");
-	$r=mysql_fetch_object($q);
+	$q->execute();
 	$r = $q->fetch(PDO::FETCH_OBJ);
 	$reg_id = $r->id;
- 	if($projectnum == null)
+	if ($projectnum == null) {
- 	{
+		list($projectnumber, $ps, $pns, $pss) = generateProjectNumber($reg_id);
-	 	list($projectnumber,$ps,$pns,$pss) = generateProjectNumber($reg_id);
+		$stmt = $pdo->prepare("UPDATE projects SET projectnumber='$projectnumber',
 		mysql_query("UPDATE projects SET projectnumber='$projectnumber',
 				projectsort='$ps',projectnumber_seq='$pns',projectsort_seq='$pss'
-				WHERE registrations_id='$reg_id' AND conferences_id='{$conference['id']}'");
+				WHERE registrations_id='$reg_id' AND year=$config{['FAIRYEAR']}");
-		echo happy(i18n("Assigned Project Number: %1",array($projectnumber)));
+		$stmt->execute();
- 	}
+		echo happy(i18n('Assigned Project Number: %1', array($projectnumber)));
-	else
+	} else
-		$projectnumber=$projectnum;
+		$projectnumber = $projectnum;
-	//get all students with this registration number
+	// get all students with this registration number
-	$recipients=getEmailRecipientsForRegistration($reg_id);
+	$recipients = getEmailRecipientsForRegistration($reg_id);
- 	if($_POST['action']=="receivedyes") {
+	if ($_POST['action'] == 'receivedyes') {
- 		//actually set it to 'complete'
+		// actually set it to 'complete'
-		mysql_query("UPDATE registrations SET status='complete' WHERE num='$regnum' AND conferences_id='{$conference['id']}'");
+		$stmt = $pdo->prepare("UPDATE registrations SET status='complete' WHERE num='$regnum' AND year='{$config['FAIRYEAR']}'");
-
+		$stmt->execute();
-		foreach($recipients AS $recip) {
+		foreach ($recipients AS $recip) {
-			$subsub=array();
+			$to = $recip['to'];
-			$subbod=array(
+			$subsub = array();
-				"EMAIL"=>$recip['email'],
+			$subbod = array(
-				"FIRSTNAME"=>$recip['firstname'],
+				'TO' => $recip['to'],
-				"LASTNAME"=>$recip['lastname'],
+				'EMAIL' => $recip['email'],
-				"USERNAME"=>$recip['username'],
+				'FIRSTNAME' => $recip['firstname'],
-				"NAME"=>$recip['firstname']." ".$recip['lastname'],
+				'LASTNAME' => $recip['lastname'],
-				"REGNUM"=>$regnum,
+				'NAME' => $recip['firstname'] . ' ' . $recip['lastname'],
-				"PROJECTNUMBER"=>$projectnumber,
+				'REGNUM' => $regnum,
-				);
+				'PROJECTNUMBER' => $projectnumber,
-			$res=email_send("register_participants_received",$recip['email'],$subsub,$subbod);
+			);
 			email_send('register_participants_received', $to, $subsub, $subbod);
 		}
-	 	echo happy(i18n("Registration of form %1 successfully completed",array($regnum)));
+		echo happy(i18n('Registration of form %1 successfully completed', array($regnum)));
- 	}
+	} else if ($_POST['action'] == 'receivedyesnocash') {
- 	else if($_POST['action']=="receivedyesnocash")
+		// actually set it to 'paymentpending'
- 	{
+		$stmt = $pdo->prepare("UPDATE registrations SET status='paymentpending' WHERE num='$regnum' AND year='{$config['FAIRYEAR']}'");
- 		//actually set it to 'paymentpending'
+		$stmt->execute();
-		mysql_query("UPDATE registrations SET status='paymentpending' WHERE num='$regnum' AND conferences_id='{$conference['id']}'");
+		foreach ($recipients AS $recip) {
 			$to = $recip['to'];
 			$subsub = array();
 			$subbod = array(
 				'TO' => $recip['to'],
 				'EMAIL' => $recip['email'],
 				'FIRSTNAME' => $recip['firstname'],
 				'LASTNAME' => $recip['lastname'],
 				'NAME' => $recip['firstname'] . ' ' . $recip['lastname'],
 				'REGNUM' => $regnum,
 				'PROJECTNUMBER' => $projectnumber,
 			);
-		foreach($recipients AS $recip) {
+			email_send('register_participants_paymentpending', $to, $subsub, $subbod);
 			$subsub=array();
 			$subbod=array(
 				"EMAIL"=>$recip['email'],
 				"FIRSTNAME"=>$recip['firstname'],
 				"LASTNAME"=>$recip['lastname'],
 				"USERNAME"=>$recip['username'],
 				"NAME"=>$recip['firstname']." ".$recip['lastname'],
 				"REGNUM"=>$regnum,
 				"PROJECTNUMBER"=>$projectnumber,
 				);
 			email_send("register_participants_paymentpending",$recip['email'],$subsub,$subbod);
 		}
- 		echo happy(i18n("Registration of form %1 marked as payment pending",array($regnum)));
+		echo happy(i18n('Registration of form %1 marked as payment pending', array($regnum)));
- 	}
+	}
- }
+} else if (get_value_from_array($_POST, 'action') == 'receivedno' && get_value_from_array($_POST, 'registration_number')) {
- else if($_POST['action']=="receivedno" && $_POST['registration_number']) {
+	echo notice(i18n('Registration of form %1 cancelled', array($_POST['registration_number'])));
- 	echo notice(i18n("Registration of form %1 cancelled",array($_POST['registration_number'])));
+} else if (get_value_from_array($_GET, 'action') == 'unregister' && get_value_from_array($_GET, 'registration_number')) {
 	$reg_num = intval(trim($_GET['registration_number']));
 	$q = $pdo->prepare("SELECT registrations.id AS reg_id, projects.id AS proj_id FROM projects,registrations WHERE projects.registrations_id=registrations.id AND registrations.year='{$config['FAIRYEAR']}' AND registrations.num='$reg_num'");
 	$q->execute();
 	$r = $q->fetch(PDO::FETCH_OBJ);
 	$stmt = $pdo->prepare("UPDATE projects SET projectnumber=null, projectsort=null, projectnumber_seq=0, projectsort_seq=0 WHERE id='$r->proj_id' AND year='{$config['FAIRYEAR']}'");
 	$stmt->execute();
 	$stmt = $pdo->prepare("UPDATE registrations SET status='open' WHERE id='$r->reg_id' AND year='{$config['FAIRYEAR']}'");
 	$stmt->execute();
 	echo happy(i18n('Successfully unregistered project'));
 }
- }
+if ($showformatbottom) {
- else if($_GET['action']=="unregister" && $_GET['registration_number']) {
+	echo '<table>';
- 	$reg_num=intval(trim($_GET['registration_number']));
+	echo '<tr><td>';
- 	$q=mysql_query("SELECT registrations.id AS reg_id, projects.id AS proj_id FROM projects,registrations WHERE projects.registrations_id=registrations.id AND registrations.conferences_id='{$conference['id']}' AND registrations.num='$reg_num'");
+	echo '<form id="inputform" method="post" action="registration_receivedforms.php">';
-	$r=mysql_fetch_object($q);
+	echo '<input type="hidden" name="action" value="received" />';
- 	mysql_query("UPDATE projects SET projectnumber=null, projectsort=null, projectnumber_seq=0, projectsort_seq=0 WHERE id='$r->proj_id' AND conferences_id='{$conference['id']}'");
+	echo i18n("Enter the registration number from the $signatureformpermissionform : ") . '<br />';
- 	mysql_query("UPDATE registrations SET status='open' WHERE id='$r->reg_id' AND conferences_id='{$conference['id']}'");
+	echo '<input id="registration_number" type="text" size="15" name="registration_number" />';
-	echo happy(i18n("Successfully unregistered project"));
+	echo '<input type="submit" value="' . i18n('Lookup Registration Number') . '" />';
- }
+	echo '</form>';
-
+	?>
 if($showformatbottom) {
 	 echo "<form id=\"inputform\" method=\"post\" action=\"registration_receivedforms.php\">";
 	 echo "<input type=\"hidden\" name=\"action\" value=\"received\" />";
 	 echo i18n("Enter the registration number from the signature form: ")."<br />";
 	 echo "<input id=\"registration_number\" type=\"text\" size=\"15\" name=\"registration_number\" />";
 	 echo "<input type=\"submit\" value=\"".i18n("Lookup Registration Number")."\" />";
 	 echo "</form>";
 	 ?>
 	 <script type="text/javascript">
 	 document.forms.inputform.registration_number.focus();
 	 </script>
 	 <?
 }
- send_footer();
+	echo '<br/><br/>';
-?>
+	echo '</td></tr><tr><td>';
 	echo '<font size="2" color="red">This button does not keep track of payments</font>';
 	echo '</td></tr><tr><td>';
 	echo '<form method="post" action="registration_receivedforms.php">';
 	echo '<input type="hidden" name="action" value="receive_all" />';
 	echo '<input type="submit" value="' . i18n('Receive All') . "\" onclick=\"return confirmClick('Are you sure you wish to mark all students as has having their $signatureformpermissionform received?')\" />";
 	echo '</form>';
 	echo '</tr></td>';
 	echo '</table>';
 	echo '<br>';
 	echo i18n(" <lh>'Receive All' notes:</lh> <ul><li>The button will mark all open-status students that have completed registration as having their $signatureformpermissionform received.
  <li> Students with above status will be emailed a \"$signatureformpermissionform received\" confirmation.
 <li> Project numbers will be assigned to these students' projects.
 </ul>");
 }
 if (get_value_from_array($_POST, 'action') == 'receive_all') {
 	// Grab all projects that don't have project numbers. Status should therefor be open or new but not complete
 	$query_noprojectnumber = $pdo->prepare('SELECT * FROM projects WHERE projectnumber IS NULL AND year =' . $config['FAIRYEAR'] . '');
 	// Define arrays to append to later
 	$query_noprojectnumber->execute();
 	$completed_students = array();
 	$incomplete_students = array();
 	$newstatus_students = array();
 	// loop through each project that doesn't have a project number
 	while ($studentproject = $query_noprojectnumber->fetch(PDO::FETCH_ASSOC)) {
 		// Grab registration information about the current project
 		$q = $pdo->prepare("SELECT * FROM registrations WHERE id='" . $studentproject['registrations_id'] . "' AND year='" . $config['FAIRYEAR'] . "'");
 		$q->execute();
 		$r = $q->fetch(PDO::FETCH_OBJ);
 		$reg_id = $r->id;
 		$reg_num = $r->num;
 		$reg_status = $r->status;
 		// student has completed some or all of the registration process for their project. Let's find out which one is true
 		if ($r->status != 'new') {
 			// make sure all of the statuses are correct
 			$statusstudent = studentStatus($reg_id);
 			$statusemergencycontact = emergencycontactStatus($reg_id);
 			$statusproject = projectStatus($reg_id);
 			if ($config['participant_mentor'] == 'yes')
 				$statusmentor = mentorStatus($reg_id);
 			else
 				$statusmentor = 'complete';
 			$statussafety = safetyStatus($reg_id);
 			$statusnamecheck = namecheckStatus($reg_id);
 			if (
 				$statusstudent == 'complete' &&
 				$statusemergencycontact == 'complete' &&
 				// S$statusproject == "complete" &&
 				$statusmentor == 'complete' &&
 				$statussafety == 'complete' &&
 				$statusnamecheck == 'complete' &&
 				$r->status != 'complete'
 				// above: project status must not be complete. If it is complete signature page/permission form has already been received.
 			) {
 				// Generate project number and update it in data base
 				list($projectnumber, $ps, $pns, $pss) = generateProjectNumber($reg_id);
 				$stmt = $pdo->prepare("UPDATE projects SET projectnumber='$projectnumber',
 							projectsort='$ps',projectnumber_seq='$pns',projectsort_seq='$pss'
 							WHERE registrations_id='$reg_id' AND year='{$config['FAIRYEAR']}'");
 				$stmt->execute();
 				// email stuff
 				// get all students with this registration number
 				// $recipients=getEmailRecipientsForRegistration($reg_id);
 				// Set status to 'complete'
 				$stmt = $pdo->prepare("UPDATE registrations SET status='complete' WHERE num='$reg_num' AND year='{$config['FAIRYEAR']}'");
 				$stmt->execute();
 				/*foreach($recipients AS $recip) {
 					$to=$recip['to'];
 					$subsub=array();
 					$subbod=array(
 						"TO"=>$recip['to'],
 						"EMAIL"=>$recip['email'],
 						"FIRSTNAME"=>$recip['firstname'],
 						"LASTNAME"=>$recip['lastname'],
 						"NAME"=>$recip['firstname']." ".$recip['lastname'],
 						"REGNUM"=>$regnum,
 						"PROJECTNUMBER"=>$projectnumber,
 						);
 					email_send("register_participants_received",$to,$subsub,$subbod);
 				}*/
 				// End email stuff
 				// add cuurent registration number to completed_students array
 				$completed_students[] = $reg_num;
 			} else {
 				// or add current registration number to incomplete_student array
 				$incomplete_students[] = $reg_num;
 			}
 		}
 		// New status automatically means student has not completed the registration process for their project. So execute below:
 		else {
 			// or add current registration number to newstatus_students array
 			$newstatus_students[] = $reg_num;
 		}
 	}
 	// Find how many project numbers were assigned/how many projects have complete status (ie signature page/permission form is considered received)
 	$total_completed = count($completed_students);
 	// since incomplete_students and newstatus_students both did not get project numbers and are not considered as having signature page/permission form received
 	//    combine them
 	$total_incomplete = array_merge($incomplete_students, $newstatus_students);
 	echo '<br><br>';
 	echo '<table>';
 	echo '<tr><td>' . i18n("$total_completed student(s) registered as $non_capital_participationform received.") . '</td></tr>';
 	// display below only if there are registration numbers that don't have project numbers and the students have not completed the registration process
 	if (count($total_incomplete) > 0) {
 		echo '<tr><td>' . i18n("Registration numbers which are NOT marked as having their $non_capital_participationform received are shown below:") . '</td></tr>';
 		echo '<tr><td>&nbsp</td></tr>';
 		$string = '';
 		echo '<tr><td>';
 		// create a string that contains all incomplete registration numbers
 		foreach ($total_incomplete as $regnum) {
 			$string = $string . i18n($regnum);
 			$string = $string . ', ';
 		}
 		// delete the comma at the end of the string
 		$string = substr($string, 0, strlen($string) - 2);
 		echo $string;
 		echo '</td></tr>';
 		echo '<tr><td>&nbsp</td></tr>';
 		echo '<tr><td>';
 		echo i18n('The above registration numbers correspond to projects in which the registration process has not been completed by the student.');
 		echo '</td></tr>';
 	}
 	echo '</table>';
 	echo happy_(i18n('Received all permision forms for complete students'));
 }
 send_footer();
 ?>
--- a/admin/registration_stats.php
+++ b/admin/registration_stats.php
@ -1,96 +1,125 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005-2006 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005-2006 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005-2006 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005-2006 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require_once("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- require_once("../register_participants.inc.php");
+require ('../register_participants.inc.php');
- if($_GET['conferences_id']) $conferences_id=$_GET['conferences_id'];
+if (get_value_from_array($_GET, 'year'))
- else $conferences_id=$conference['id'];
+	$year = $_GET['year'];
 else
 	$year = $config['FAIRYEAR'];
- send_header("Registration Statistics",
+send_header('Registration Statistics',
- 		array('Committee Main' => 'committee_main.php',
+	array('Committee Main' => 'committee_main.php',
-			'Administration' => 'admin/index.php',
+		'Administration' => 'admin/index.php',
-			'Participant Registration' => 'admin/registration.php')
+		'Participant Registration' => 'admin/registration.php'));
 				);
- echo "<br />";
+echo '<br />';
- echo i18n("Choose Status").":";
+echo i18n('Choose Status') . ':';
- echo "<form name=\"statuschangerform\" method=\"get\" action=\"registration_stats.php\">";
+echo '<form name="statuschangerform" method="get" action="registration_stats.php">';
- echo "<select name=\"showstatus\" onchange=\"document.forms.statuschangerform.submit()\">";
+echo '<select name="showstatus" onchange="document.forms.statuschangerform.submit()">';
- $status_str = array();
+$status_str = array();
- $status_str[''] = i18n("Any Status");
+$status_str[''] = i18n('Any Status');
- $status_str['complete'] = i18n("Complete");
+$status_str['complete'] = i18n('Complete');
- //if there is no reg fee, then we dont need to show this status, because nobody will ever be in this status
+// if there is no reg fee, then we dont need to show this status, because nobody will ever be in this status
- if($config['regfee']>0)  {
+if ($config['regfee'] > 0) {
-	 $status_str['paymentpending'] = i18n("Payment Pending");
+	$status_str['paymentpending'] = i18n('Payment Pending');
-	 $status_str['completeorpaymentpending'] = i18n("Complete or Payment Pending");
+	$status_str['completeorpaymentpending'] = i18n('Complete or Payment Pending');
 }
 $status_str['open'] = i18n("Open");
 $status_str['new'] = i18n("New");
 $showstatus = $_GET['showstatus'];
 foreach($status_str as $s=>$str) {
 	$sel = ($showstatus == $s) ? "selected=\"selected\"" : '';
 	echo "<option $sel value=\"$s\">$str</option>\n";
 }
 echo "</select>";
 echo "</form>";
 $q=mysql_query("SELECT * FROM projectcategories WHERE conferences_id='$conferences_id' ORDER BY id");
 while($r=mysql_fetch_object($q))
 	$cats[$r->id]=$r->category;
 $q=mysql_query("SELECT * FROM projectdivisions WHERE conferences_id='$conferences_id' ORDER BY id");
 while($r=mysql_fetch_object($q))
 	$divs[$r->id]=$r->division;
 if($showstatus) {
 	switch($showstatus) {
 		case "complete": $wherestatus="AND status='complete' "; break;
 		case "paymentpending": $wherestatus="AND status='paymentpending' "; break;
 		case "completeorpaymentpending": $wherestatus="AND (status='complete' OR status='paymentpending') "; break;
 		case "open": $wherestatus="AND status='open' "; break;
 		case "new": $wherestatus="AND status='new' "; break;
 		default: $wherestatus="";
 	}
 }
-else $wherestatus="";
+$status_str['open'] = i18n('Open');
-	switch($_GET['sort']) {
+$status_str['new'] = i18n('New');
 		case 'status': 	$ORDERBY="registrations.status DESC, projects.title"; break;
 		case 'num': 	$ORDERBY="registrations.num"; break;
 		case 'projnum':	$ORDERBY="projects.projectsort, projects.projectnumber"; break;
 		case 'title': 	$ORDERBY="projects.title, registrations.status DESC"; break;
 		case 'cat': 	$ORDERBY="projects.projectcategories_id, projects.title"; break;
 		case 'div': 	$ORDERBY="projects.projectdivisions_id, projects.title"; break;
 		default:	$ORDERBY="registrations.status DESC, projects.title"; break;
 	}
-	$q=mysql_query("SELECT  registrations.id AS reg_id,
+$showstatus = $_GET['showstatus'];
 foreach ($status_str as $s => $str) {
 	$sel = ($showstatus == $s) ? 'selected="selected"' : '';
 	echo "<option $sel value=\"$s\">$str</option>\n";
 }
 echo '</select>';
 echo '</form>';
 $q = $pdo->prepare("SELECT * FROM projectcategories WHERE year='$year' ORDER BY id");
 $q->execute();
 while ($r = $q->fetch(PDO::FETCH_OBJ))
 	$cats[$r->id] = $r->category;
 $q = $pdo->prepare("SELECT * FROM projectdivisions WHERE year='$year' ORDER BY id");
 $q->execute();
 while ($r = $q->fetch(PDO::FETCH_OBJ))
 	$divs[$r->id] = $r->division;
 if ($showstatus) {
 	switch ($showstatus) {
 		case 'complete':
 			$wherestatus = "AND status='complete' ";
 			break;
 		case 'paymentpending':
 			$wherestatus = "AND status='paymentpending' ";
 			break;
 		case 'completeorpaymentpending':
 			$wherestatus = "AND (status='complete' OR status='paymentpending') ";
 			break;
 		case 'open':
 			$wherestatus = "AND status='open' ";
 			break;
 		case 'new':
 			$wherestatus = "AND status='new' ";
 			break;
 		default:
 			$wherestatus = '';
 	}
 } else
 	$wherestatus = '';
 switch (get_value_from_array($_GET, 'sort')) {
 	case 'status':
 		$ORDERBY = 'registrations.status DESC, projects.title';
 		break;
 	case 'num':
 		$ORDERBY = 'registrations.num';
 		break;
 	case 'projnum':
 		$ORDERBY = 'projects.projectsort, projects.projectnumber';
 		break;
 	case 'title':
 		$ORDERBY = 'projects.title, registrations.status DESC';
 		break;
 	case 'cat':
 		$ORDERBY = 'projects.projectcategories_id, projects.title';
 		break;
 	case 'div':
 		$ORDERBY = 'projects.projectdivisions_id, projects.title';
 		break;
 	default:
 		$ORDERBY = 'registrations.status DESC, projects.title';
 		break;
 }
 $q = $pdo->prepare("SELECT  registrations.id AS reg_id,
 				registrations.num AS reg_num,
 				registrations.status,
 				registrations.email,
@ -104,237 +133,241 @@ else $wherestatus="";
 				left outer join projects on projects.registrations_id=registrations.id
 			WHERE
 				1
-				AND registrations.conferences_id='$conferences_id' 
+				AND registrations.year='$year' 
 				$wherestatus
 			ORDER BY
 				$ORDERBY
 			");
-		echo mysql_error();
+$q->execute();
-	
+show_pdo_errors_if_any($pdo);
 	$stats_totalprojects=0;
 	$stats_totalstudents=0;
 	$stats_divisions=array();
 	$stats_categories=array();
 	$stats_students_catdiv=array();
 	$stats_projects_catdiv=array();
 	$stats_students_schools=array();
 	$stats_projects_schools=array();
 	$stats_projects_lang=array();
 	$schools_names=array();
 	$languages=array();
-	while($r=mysql_fetch_object($q))
+$stats_totalprojects = 0;
-	{
+$stats_totalstudents = 0;
-		$stats_totalprojects++;
+$stats_divisions = array();
-		$stats_divisions[$r->projectdivisions_id]++;
+$stats_categories = array();
-		$stats_categories[$r->projectcategories_id]++;
+$stats_students_catdiv = array();
-		$stats_projects_catdiv[$r->projectcategories_id][$r->projectdivisions_id]++;
+$stats_projects_catdiv = array();
-		$stats_projects_lang[$r->projectcategories_id][$r->projectdivisions_id][$r->language]++;
+$stats_students_schools = array();
-		$languages[$r->language]++;
+$stats_projects_schools = array();
 $stats_projects_lang = array();
 $schools_names = array();
 $languages = array();
-		switch($r->status)
+while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-		{
+	$stats_totalprojects++;
 			case "new": $status_text="New"; break;
 			case "open": $status_text="Open"; break;
 			case "paymentpending": $status_text="Payment Pending"; break;
 			case "complete": $status_text="Complete"; break;
 		}
 		$status_text=i18n($status_text);
 	$stats_divisions[$r->projectdivisions_id] = add_or_initialize($stats_divisions, $r->projectdivisions_id);
 	$stats_categories[$r->projectcategories_id] = add_or_initialize($stats_categories, $r->projectcategories_id);
 	$stats_projects_catdiv[$r->projectcategories_id][$r->projectdivisions_id] = add_or_initialize_multi_2($stats_projects_catdiv, $r->projectcategories_id, $r->projectdivisions_id);
 	$stats_projects_lang[$r->projectcategories_id][$r->projectdivisions_id][$r->language] = add_or_initialize_multi_3($stats_projects_lang, $r->projectcategories_id, $r->projectdivisions_id, $r->language);
-		$sq=mysql_query("SELECT users.firstname,
+	$languages[$r->language] = add_or_initialize($languages, $r->language);
-					users.lastname,
+
-					users.id,
+	switch ($r->status) {
 		case 'new':
 			$status_text = 'New';
 			break;
 		case 'open':
 			$status_text = 'Open';
 			break;
 		case 'paymentpending':
 			$status_text = 'Payment Pending';
 			break;
 		case 'complete':
 			$status_text = 'Complete';
 			break;
 	}
 	$status_text = i18n($status_text);
 	$sq = $pdo->prepare("SELECT students.firstname,
 					students.lastname,
 					students.id,
 					schools.school,
 					schools.board,
 					schools.id AS schools_id
 				FROM
-					users,schools
+					students,schools
 				WHERE
-					users.registrations_id='$r->reg_id'
+					students.registrations_id='$r->reg_id'
 					AND
-					users.schools_id=schools.id
+					students.schools_id=schools.id
 				");
-				echo mysql_error();
+	show_pdo_errors_if_any($pdo);
-		$studnum=1;
+	$studnum = 1;
-		$schools="";
+	$schools = '';
-		$students="";
+	$students = '';
-		while($studentinfo=mysql_fetch_object($sq))
+	$lastschoolid = -1;
-		{
+	while ($studentinfo = $sq->fetch(PDO::FETCH_OBJ)) {
-			$stats_totalstudents++;
+		$stats_totalstudents++;
-			$stats_students_catdiv[$r->projectcategories_id][$r->projectdivisions_id]++;
+		$stats_students_catdiv[$r->projectcategories_id][$r->projectdivisions_id]++;
-			$stats_students_schools[$r->projectcategories_id][$studentinfo->schools_id]++;
+		$stats_students_schools[$r->projectcategories_id][$studentinfo->schools_id]++;
-			$schools_names[$studentinfo->schools_id]=$studentinfo->school." ($studentinfo->board)";
+		$schools_names[$studentinfo->schools_id] = $studentinfo->school . " ($studentinfo->board)";
-			$lastschoolid=$studentinfo->schools_id;
+		$lastschoolid = $studentinfo->schools_id;
 		}
 		//this really isnt right, its only taking the school from the last student in the project to count towards the school's project totals
 		//but there's really no other way
 		$stats_projects_schools[$r->projectcategories_id][$lastschoolid]++;
 	}
 	// this really isnt right, its only taking the school from the last student in the project to count towards the school's project totals
 	// but there's really no other way
 	$stats_projects_schools[$r->projectcategories_id][$lastschoolid] = add_or_initialize_multi_2($stats_projects_schools, $r->projectcategories_id, $lastschoolid);
 }
-	echo "<table style=\"margin-left: 50px;\">";	
+echo '<table style="margin-left: 50px;">';
-	echo "<tr><td colspan=\"2\"><h3>{$status_str[$showstatus]} - ".i18n("Students / projects per age category / division")."</h3></td></tr>";
+echo "<tr><td colspan=\"2\"><h3>{$status_str[$showstatus]} - " . i18n('Students / projects per age category / division') . '</h3></td></tr>';
-	echo "<tr><td colspan=\"2\">";
+echo '<tr><td colspan="2">';
-	echo "<table class=\"tableview\" width=\"100%\">";	
+echo '<table class="tableview" width="100%">';
-	echo "<thead><tr><td width=\"50%\"></td>";
+echo '<thead><tr><td width="50%"></td>';
-	foreach($cats AS $c=>$cn) {
+foreach ($cats AS $c => $cn) {
-		echo "<th>$cn<br /><nobr>".i18n("Stud | Proj")."</nobr></th>";
+	echo "<th>$cn<br /><nobr>" . i18n('Stud | Proj') . '</nobr></th>';
-	}
+}
-	echo "<th>".i18n("Total")."<br /><nobr>".i18n("Stud | Proj")."</th>";
+echo '<th>' . i18n('Total') . '<br /><nobr>' . i18n('Stud | Proj') . '</th>';
-	echo "</tr></thead>";
+echo '</tr></thead>';
-	echo "<tbody>";
+foreach ($divs AS $d => $dn) {
-	foreach($divs AS $d=>$dn) {
+	echo "<tr><td>$dn</td>";
-		echo "<tr><td>$dn</td>";
+	$tstud = 0;
-		$tstud=0;
+	$tstudcat = array();
-		$tproj=0;
+	$tproj = 0;
 		foreach($cats AS $c=>$cn)
 		{
 			echo "<td align=\"center\">";
 			echo ($stats_students_catdiv[$c][$d]?$stats_students_catdiv[$c][$d]:0);
 			echo "&nbsp;&nbsp;&nbsp;&nbsp;";
 			echo ($stats_projects_catdiv[$c][$d]?$stats_projects_catdiv[$c][$d]:0);
 			echo "</td>";
 			$tstud+=$stats_students_catdiv[$c][$d];
 			$tproj+=$stats_projects_catdiv[$c][$d];
 			$tstudcat[$c]+=$stats_students_catdiv[$c][$d];
 			$tprojcat[$c]+=$stats_projects_catdiv[$c][$d];
 		}
 		echo "<td align=\"center\"><b>";
 		echo ($tstud?$tstud:0);
 		echo "&nbsp;&nbsp;&nbsp;&nbsp;";
 		echo ($tproj?$tproj:0);
 		echo "</b></td>";
 		echo "</tr>";
 	}
 	echo "<tr><td><b>".i18n("Total")."</b></td>";
 	$tstud=0;
 	$tproj=0;
 	foreach($cats AS $c=>$cn) {
 		echo "<td align=\"center\"><b>";
 		echo ($tstudcat[$c]?$tstudcat[$c]:0);
 		echo "&nbsp;&nbsp;&nbsp;&nbsp;";
 		echo ($tprojcat[$c]?$tprojcat[$c]:0);
 		echo "</b></td>";
 		$tstud+=$tstudcat[$c];
 		$tproj+=$tprojcat[$c];
 	}
 	echo "<td align=\"center\"><b>";
 	echo ($tstud);
 	echo "&nbsp;&nbsp;&nbsp;&nbsp;";
 	echo ($tproj);
 	echo "</b></td>";
 	echo "</tr>";
 	echo "</tbody>";
 	echo "</table>";
 	echo "</td></tr>";
 	echo "<tr><td colspan=\"2\"><br /></td></tr>";
 	echo "<tr><td colspan=\"2\"><h3>{$status_str[$showstatus]} - ".i18n("Students / projects per age category / school")."</h3></td></tr>";
 	echo "<tr><td colspan=\"2\">";
 	echo "<table class=\"tableview\" width=\"100%\">";	
 	echo "<thead><tr><td width=\"50%\"></td>";
 	foreach($cats AS $c=>$cn) {
 		echo "<th>$cn<br /><nobr>".i18n("Stud | Proj")."</nobr></th>";
 	}
 	echo "<th>".i18n("Total")."<br /><nobr>".i18n("Stud | Proj")."</nobr></th>";
 	echo "</tr></thead>";
 	echo "<tbody>";
 	asort($schools_names);
 	foreach($schools_names AS $id=>$sn) {
 		echo "<tr><td>$sn</td>";
 		$tstud=0;
 		$tproj=0;
 		foreach($cats AS $c=>$cn) {
 			echo "<td align=\"center\">".($stats_students_schools[$c][$id]?$stats_students_schools[$c][$id]:0);
 			echo "&nbsp;&nbsp;&nbsp;&nbsp;";
 			echo ($stats_projects_schools[$c][$id]?$stats_projects_schools[$c][$id]:0)."</td>";
 			$tstud+=$stats_students_schools[$c][$id];
 			$tproj+=$stats_projects_schools[$c][$id];
 		}
 		echo "<td align=\"center\"><b>".($tstud?$tstud:0);
 		echo "&nbsp;&nbsp;&nbsp;&nbsp;";
 		echo ($tproj?$tproj:0)."</b></td>";
 		echo "</tr>";
 	}
 	echo "</tbody>";
 	echo "</table>";
 	echo i18n("%1 schools total",array(count($schools_names)));
 	echo "</td></tr>";
 	echo "<tr><td colspan=\"2\"><br /></td></tr>";
 	echo "<tr><td colspan=\"2\"><h3>{$status_str[$showstatus]} - ".i18n("Projects per age category / division / language")."</h3></td></tr>";
 	echo "<tr><td colspan=\"2\">";
 	echo "<table class=\"tableview\" width=\"100%\">";	
 	echo "<thead><tr><th rowspan='2' width=\"50%\"></th>";
 	foreach($cats AS $c=>$cn) {
 		echo "<th colspan='".count($languages)."'>$cn</th>";
 	}
 	echo "<th colspan='".count($languages)."'>".i18n("Total")."</nobr></th>";
 	echo "</tr><tr>";
 	ksort($languages);
 	$tprojcat = array();
-	foreach($cats AS $c=>$cn) {
+	foreach ($cats AS $c => $cn) {
-		foreach($languages AS $l=>$ln) {
+		echo '<td align="center">';
-			echo "<th>$l</th>";
+
-		}
+		echo ($stats_students_catdiv[$c][$d] ?? 0);
 		echo '&nbsp;&nbsp;&nbsp;&nbsp;';
 		echo ($stats_projects_catdiv[$c][$d] ?? 0);
 		echo '</td>';
 		$tstud += $stats_students_catdiv[$c][$d] ?? 0;
 		$tproj += $stats_projects_catdiv[$c][$d] ?? 0;
 		$tstudcat[$c] = add_or_initialize($tstudcat, $c, $stats_students_catdiv[$c][$d] ?? 0);
 		$tprojcat[$c] = add_or_initialize($tprojcat, $c, $stats_projects_catdiv[$c][$d] ?? 0);
 	}
-	foreach($languages AS $l=>$ln) {
+	echo '<td align="center"><b>';
 	echo ($tstud ? $tstud : 0);
 	echo '&nbsp;&nbsp;&nbsp;&nbsp;';
 	echo ($tproj ? $tproj : 0);
 	echo '</b></td>';
 	echo '</tr>';
 }
 echo '<tr><td><b>' . i18n('Total') . '</b></td>';
 $tstud = 0;
 $tproj = 0;
 foreach ($cats AS $c => $cn) {
 	echo '<td align="center"><b>';
 	echo ($tstudcat[$c] ? $tstudcat[$c] : 0);
 	echo '&nbsp;&nbsp;&nbsp;&nbsp;';
 	echo ($tprojcat[$c] ? $tprojcat[$c] : 0);
 	echo '</b></td>';
 	$tstud += $tstudcat[$c];
 	$tproj += $tprojcat[$c];
 }
 echo '<td align="center"><b>';
 echo ($tstud);
 echo '&nbsp;&nbsp;&nbsp;&nbsp;';
 echo ($tproj);
 echo '</b></td>';
 echo '</tr>';
 echo '</table>';
 echo '</td></tr>';
 echo '<tr><td colspan="2"><br /></td></tr>';
 echo "<tr><td colspan=\"2\"><h3>{$status_str[$showstatus]} - " . i18n('Students / projects per age category / school') . '</h3></td></tr>';
 echo '<tr><td colspan="2">';
 echo '<table class="tableview" width="100%">';
 echo '<thead><tr><td width="50%"></td>';
 foreach ($cats AS $c => $cn) {
 	echo "<th>$cn<br /><nobr>" . i18n('Stud | Proj') . '</nobr></th>';
 }
 echo '<th>' . i18n('Total') . '<br /><nobr>' . i18n('Stud | Proj') . '</nobr></th>';
 echo '</tr></thead>';
 asort($schools_names);
 foreach ($schools_names AS $id => $sn) {
 	echo "<tr><td>$sn</td>";
 	$tstud = 0;
 	$tproj = 0;
 	foreach ($cats AS $c => $cn) {
 		echo '<td align="center">' . ($stats_students_schools[$c][$id] ? $stats_students_schools[$c][$id] : 0);
 		echo '&nbsp;&nbsp;&nbsp;&nbsp;';
 		echo ($stats_projects_schools[$c][$id] ? $stats_projects_schools[$c][$id] : 0) . '</td>';
 		$tstud += $stats_students_schools[$c][$id];
 		$tproj += $stats_projects_schools[$c][$id];
 	}
 	echo '<td align="center"><b>' . ($tstud ? $tstud : 0);
 	echo '&nbsp;&nbsp;&nbsp;&nbsp;';
 	echo ($tproj ? $tproj : 0) . '</b></td>';
 	echo '</tr>';
 }
 echo '</table>';
 echo i18n('%1 schools total', array(count($schools_names)));
 echo '</td></tr>';
 echo '<tr><td colspan="2"><br /></td></tr>';
 echo "<tr><td colspan=\"2\"><h3>{$status_str[$showstatus]} - " . i18n('Projects per age category / division / language') . '</h3></td></tr>';
 echo '<tr><td colspan="2">';
 echo '<table class="tableview" width="100%">';
 echo '<thead><tr><td rowspan=\'2\' width="50%"></td>';
 foreach ($cats AS $c => $cn) {
 	echo "<th colspan='" . count($languages) . "'>$cn</th>";
 }
 echo "<th colspan='" . count($languages) . "'>" . i18n('Total') . '</nobr></th>';
 echo '</tr><tr>';
 ksort($languages);
 $tprojcat = array();
 foreach ($cats AS $c => $cn) {
 	foreach ($languages AS $l => $ln) {
 		echo "<th>$l</th>";
 	}
-	echo "</tr></thead>";
+}
-	echo "<tbody>";
+foreach ($languages AS $l => $ln) {
-	foreach($divs AS $d=>$dn) {
+	echo "<th>$l</th>";
-		echo "<tr><td>$dn</td>";
+}
-		$tproj=array();
+echo '</tr></thead>';
-		foreach($cats AS $c=>$cn) {
+foreach ($divs AS $d => $dn) {
-			foreach($languages AS $l=>$ln) {
+	echo "<tr><td>$dn</td>";
-				echo "<td align=\"center\">";
+	$tproj = array();
-				echo ($stats_projects_lang[$c][$d][$l]?$stats_projects_lang[$c][$d][$l]:0);
+	foreach ($cats AS $c => $cn) {
-				echo "</td>";
+		foreach ($languages AS $l => $ln) {
-				$tproj[$l]+=$stats_projects_lang[$c][$d][$l];
+			echo '<td align="center">';
-
+			echo ($stats_projects_lang[$c][$d][$l] ?? 0);
-				$tprojcat[$c][$l]+=$stats_projects_lang[$c][$d][$l];
+			echo '</td>';
-			}
+			$tproj[$l] = add_or_initialize($tproj, $l, $stats_projects_lang[$c][$d][$l] ?? 0);
-		}
+			$tprojcat[$c][$l] = add_or_initialize_multi_2($tprojcat, $c, $l, $stats_projects_lang[$c][$d][$l] ?? 0);
 		foreach($tproj AS $l=>$ln) {
 			echo "<td align=\"center\"><b>";
 			echo ($ln?$ln:0);
 			echo "</b></td>";
 		}
 		echo "</tr>";
 	}
 	echo "<tr><td><b>".i18n("Total")."</b></td>";
 	$tproj=array();
 	foreach($cats AS $c=>$cn) {
 		foreach($languages AS $l=>$ln) {
 			echo "<td align=\"center\"><b>";
 			echo ($tprojcat[$c][$l]?$tprojcat[$c][$l]:0);
 			echo "</b></td>";
 			$tproj[$l]+=$tprojcat[$c][$l];
 		}
 	}
-	foreach($tproj AS $l=>$ln) {
+	foreach ($tproj AS $l => $ln) {
-		echo "<td align=\"center\"><b>";
+		echo '<td align="center"><b>';
-		echo ($ln);
+		echo ($ln ? $ln : 0);
-		echo "</b></td>";
+		echo '</b></td>';
 	}
-	echo "</tr>";
+	echo '</tr>';
 }
 echo '<tr><td><b>' . i18n('Total') . '</b></td>';
 $tproj = array();
 foreach ($cats AS $c => $cn) {
 	foreach ($languages AS $l => $ln) {
 		echo '<td align="center"><b>';
 		echo ($tprojcat[$c][$l] ? $tprojcat[$c][$l] : 0);
 		echo '</b></td>';
 		$tproj[$l] = add_or_initialize($tproj, $l, $tprojcat[$c][$l] ?? 0);
 	}
 }
 foreach ($tproj AS $l => $ln) {
 	echo '<td align="center"><b>';
 	echo ($ln);
 	echo '</b></td>';
 }
 echo '</tr>';
-	echo "</tbody>";
+echo '</table>';
 	echo "</table>";
-	echo "</td></tr>";
+echo '</td></tr>';
-	echo "</table>";
+echo '</table>';
-	echo "<br />";
+echo '<br />';
-	echo i18n("Note: statistics reflect the numbers of the current 'Status' selected at the top of the page");
+echo i18n("Note: statistics reflect the numbers of the current 'Status' selected at the top of the page");
-	echo "<br />";
+echo '<br />';
-	echo "<br />";
+echo '<br />';
-
+send_footer();
 send_footer();
 ?>
--- a/admin/registration_webconsent.php
+++ b/admin/registration_webconsent.php
@ -1,63 +1,67 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005-2006 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005-2006 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005-2006 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005-2006 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- send_header("Web Consent", 
+send_header('Web Consent',
- 		array('Committee Main' => 'committee_main.php',
+	array('Committee Main' => 'committee_main.php',
-			'Administration' => 'admin/index.php',
+		'Administration' => 'admin/index.php',
-			'Participant Registration' => 'admin/registration.php')
+		'Participant Registration' => 'admin/registration.php'));
 				);
- echo "<br />";
+echo '<br />';
- if(is_array($_POST['changed'])) {
+if (get_value_from_array($_POST, 'changed')) {
- 	$numchanged=0;
+	$numchanged = 0;
- 	foreach($_POST['changed'] AS $id=>$val) {
+	foreach ($_POST['changed'] AS $id => $val) {
-		if($val==1) {
+		if ($val == 1) {
 			$numchanged++;
-			$webfirst=$_POST['webfirst'][$id]=="yes"?"yes":"no";
+			$webfirst = get_value_from_2d_array($_POST, 'webfirst', $id) == 'yes' ? 'yes' : 'no';
-			$weblast=$_POST['weblast'][$id]=="yes"?"yes":"no";
+			$weblast = get_value_from_2d_array($_POST, 'weblast', $id) == 'yes' ? 'yes' : 'no';
-			$webphoto=$_POST['webphoto'][$id]=="yes"?"yes":"no";
+			$webphoto = get_value_from_2d_array($_POST, 'webphoto', $id) == 'yes' ? 'yes' : 'no';
-			mysql_query("UPDATE users SET 
+
 			$stmt = $pdo->prepare("UPDATE students SET 
 					webfirst='$webfirst',
 					weblast='$weblast',
 					webphoto='$webphoto'
 					WHERE
 					id='$id'");
 			$stmt->execute();
 		}
 	}
- 	if($numchanged==1)
+
-		echo happy(i18n("1 student record updated"));
+	if ($numchanged == 1) {
-	else if($numchanged>1)
+		echo happy(i18n('1 student record updated'));
-		echo happy(i18n("%1 student records updated",array($numchanged)));
+	} else if ($numchanged > 1) {
-	else
+		echo happy(i18n('%1 student records updated', array($numchanged)));
-		echo error(i18n("No student records where changed"));
+	} else {
 		echo error(i18n('No student records where changed'));
 	}
 }
- ?>
+?>
 <script type="text/javascript">
 function changed(id)
 {
@ -68,55 +72,54 @@
 <?
-		$sq=mysql_query("SELECT users.firstname,
+$sq = $pdo->prepare("SELECT students.firstname,
-					users.lastname,
+				students.lastname,
-					users.id,
+				students.id,
-					projects.projectnumber,
+				projects.projectnumber,
-					users.webfirst,
+				students.webfirst,
-					users.weblast,
+				students.weblast,
-					users.webphoto
+				students.webphoto
-				FROM
+			FROM
-					users,
+				students,
-					registrations,
+				registrations,
-					projects
+				projects
-				WHERE
+			WHERE
-				 	users.registrations_id=registrations.id
+				students.registrations_id=registrations.id
-				AND	( registrations.status = 'complete' OR registrations.status='paymentpending' )
+			AND\t( registrations.status = 'complete' OR registrations.status='paymentpending' )
-				AND	projects.registrations_id=registrations.id
+			AND\tprojects.registrations_id=registrations.id
-				AND 	registrations.conferences_id='".$conference['id']."' 
+			AND \tregistrations.year='" . $config['FAIRYEAR'] . "' 
-				AND 	projects.conferences_id='".$conference['id']."' 
+			AND \tprojects.year='" . $config['FAIRYEAR'] . "' 
-				AND 	users.conferences_id='".$conference['id']."' 
+			AND \tstudents.year='" . $config['FAIRYEAR'] . "' 
-				ORDER BY projectnumber
+			ORDER BY projectnumber
-				");
+			");
-				echo mysql_error();
+$sq->execute();
 show_pdo_errors_if_any($pdo);
-	echo "<form method=\"post\" action=\"registration_webconsent.php\">";
+echo '<form method="post" action="registration_webconsent.php">';
-	echo "<table class=\"tableview\">";
+echo '<table class="tableview">';
-	echo "<thead><tr>";
+echo '<thead><tr>';
-	echo " <th>".i18n("Proj #")."</th>";
+echo ' <th>' . i18n('Proj #') . '</th>';
-	echo " <th>".i18n("Student Name")."</th>";
+echo ' <th>' . i18n('Student Name') . '</th>';
-	echo " <th>".i18n("First")."</th>";
+echo ' <th>' . i18n('First') . '</th>';
-	echo " <th>".i18n("Last")."</th>";
+echo ' <th>' . i18n('Last') . '</th>';
-	echo " <th>".i18n("Photo")."</th>";
+echo ' <th>' . i18n('Photo') . '</th>';
-	echo "</tr></thead>";
+echo '</tr></thead>';
 	echo "<tbody>";
 	while($r=mysql_fetch_object($sq))
 	{
 		echo "<tr>";
 		echo "<td>$r->projectnumber<input id=\"changed_$r->id\" type=\"hidden\" name=\"changed[$r->id]\" value=\"0\"></td>";
 		echo "<td>$r->firstname $r->lastname</td>";
 		$ch=$r->webfirst=="yes"?"checked=\"checked\"":"";
 		echo "<td><input $ch type=\"checkbox\" name=\"webfirst[$r->id]\" value=\"yes\" onchange=\"changed($r->id)\"></td>";
 		$ch=$r->weblast=="yes"?"checked=\"checked\"":"";
 		echo "<td><input $ch type=\"checkbox\" name=\"weblast[$r->id]\" value=\"yes\" onchange=\"changed($r->id)\"></td>";
 		$ch=$r->webphoto=="yes"?"checked=\"checked\"":"";
 		echo "<td><input $ch type=\"checkbox\" name=\"webphoto[$r->id]\" value=\"yes\" onchange=\"changed($r->id)\"></td>";
 		echo "</tr>";
 	}
 	echo "</tbody>";
 	echo "</table>";
 	echo "<input type=\"submit\" value=\"".i18n("Save Changes")."\">";
 	echo "</form>";
- send_footer();
+while ($r = $sq->fetch(PDO::FETCH_OBJ)) {
 	echo '<tr>';
 	echo "<td>$r->projectnumber<input id=\"changed_$r->id\" type=\"hidden\" name=\"changed[$r->id]\" value=\"0\"></td>";
 	echo "<td>$r->firstname $r->lastname</td>";
 	$ch = $r->webfirst == 'yes' ? 'checked="checked"' : '';
 	echo "<td><input $ch type=\"checkbox\" name=\"webfirst[$r->id]\" value=\"yes\" onchange=\"changed($r->id)\"></td>";
 	$ch = $r->weblast == 'yes' ? 'checked="checked"' : '';
 	echo "<td><input $ch type=\"checkbox\" name=\"weblast[$r->id]\" value=\"yes\" onchange=\"changed($r->id)\"></td>";
 	$ch = $r->webphoto == 'yes' ? 'checked="checked"' : '';
 	echo "<td><input $ch type=\"checkbox\" name=\"webphoto[$r->id]\" value=\"yes\" onchange=\"changed($r->id)\"></td>";
 	echo '</tr>';
 }
 echo '</table>';
 echo '<input type="submit" value="' . i18n('Save Changes') . '">';
 echo '</form>';
 send_footer();
 ?>
--- a/admin/reports.inc.php
+++ b/admin/reports.inc.php
@ -1,31 +1,38 @@
 <?
-/* 
+/*
-   This file is part of the 'Science Fair In A Box' project
+ * This file is part of the Science-ation project
-   SFIAB Website: http://www.sfiab.ca
+ * Science-ation Website: https://science-ation.ca
 *
 * This file was part of the 'Science Fair In A Box' project
 *
 *
 * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
 * Copyright (C) 2005 James Grant <james@lightbox.org>
 * Copyright (C) 2024 AlgoLibre Inc. <science-ation@algolibre.io>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public
 * License as published by the Free Software Foundation, version 2.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 *  General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+// This file was modified Jan of 2014 by Richard Sin
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+// A glitch that prints out both english and french columns has been modified.
-   This program is free software; you can redistribute it and/or
+ require_once("reports_students.inc.php");  	/* $report_students_fields */
-   modify it under the terms of the GNU General Public
+ require_once("reports_judges.inc.php");  	/* $report_students_fields */
-   License as published by the Free Software Foundation, version 2.
+ require_once("reports_awards.inc.php");  	/* $report_students_fields */
-
+ require_once("reports_committees.inc.php"); 	/* $report_students_fields */
-   This program is distributed in the hope that it will be useful,
+ require_once("reports_volunteers.inc.php"); 	/* $report_volunteers_fields */
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    General Public License for more details.
   You should have received a copy of the GNU General Public License
   along with this program; see the file COPYING.  If not, write to
   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
   Boston, MA 02111-1307, USA.
 */
 require_once("reports_students.inc.php");  /* $report_students_fields */
 require_once("reports_judges.inc.php");  /* $report_students_fields */
 require_once("reports_awards.inc.php");  /* $report_students_fields */
 require_once("reports_committees.inc.php");  /* $report_students_fields */
 require_once("reports_volunteers.inc.php"); /* $report_volunteers_fields */
 require_once("reports_schools.inc.php");
 require_once("reports_tours.inc.php");
 require_once("reports_fairs.inc.php");
@ -49,7 +56,7 @@
 $report_options = array();
 $report_options['type'] = array('desc' => 'Report Format',
- 				'values' => array('pdf' => 'PDF', 'label'=>'Label', 'csv'=>'CSV (for Excel)', 'text'=>'Coming Soon: Text (Plain text in columns)', 'html'=>'Coming Soon: HTML (Browser Renderable)' )
+ 				'values' => array('pdf'=>'PDF', 'csv'=>'CSV', 'label'=>'Label', 'tcpdf_label'=>'TCPDF Label (experimental)')
 		);
 $report_options['group_new_page'] = array('desc' => 'Start each new grouping on a new page',
 					'values' => array('no'=>'No', 'yes'=>'Yes')
@ -66,6 +73,12 @@
 $report_options['field_box'] = array('desc' => 'Draw a box around each text field on the label',
 					'values' => array('no'=>'No', 'yes'=>'Yes')
 		);
 $report_options['label_fairname'] = array('desc' => 'Print the fair name at the top of each label',
 					'values' => array('no'=>'No', 'yes'=>'Yes')
 		);
 $report_options['label_logo'] = array('desc' => 'Print the fair logo at the top of each label',
 					'values' => array('no'=>'No', 'yes'=>'Yes')
 		);
 $report_options['default_font_size'] = array('desc' => 'Default font size to use in the report',
 					'values' => array(
 					'10'=>'10', 
@ -90,138 +103,175 @@ LRP 180		99765	5967	4	1 3/4 x 1/2 	80 */
 /* FIXME: put these in a databse */
 /* All dimensions are in millimeters */
 $report_stock = array();
 $report_stock['fullpage'] = array('name' => 'Letter 8.5 x 11 (3/4" margin)',
 			'page_width' => 8.5,
 			'page_height' => 11,
 			'label_width' => 7,
 			'x_spacing' => 0,
 			'cols' => 1,
 			'label_height' => 9.5,
 			'y_spacing' => 0,
 			'rows' => 1,
 			'page_format' => 'LETTER',
 			'page_orientation' => 'P',
 			'label_width' => 177.8,
 			'label_height' => 241.3,
 			'x_spacing' => 0,
 			'y_spacing' => 0,
 			'cols' => 1,
 			'rows' => 1,
 			);
 $report_stock['fullpage_landscape'] = array('name' => 'Letter 8.5 x 11 Landscape (3/4" margin)',
 			'page_width' => 11,
 			'page_height' => 8.5,
 			'label_width' => 9.5,
 			'x_spacing' => 0,
 			'cols' => 1,
 			'label_height' => 7,
 			'y_spacing' => 0,
 			'rows' => 1,
 			'page_format' => 'LETTER',
 			'page_orientation' => 'L',
 			'label_width' => 241.3,
 			'label_height' => 177.8,
 			'x_spacing' => 0,
 			'y_spacing' => 0,
 			'cols' => 1,
 			'rows' => 1,
 			);
 $report_stock['fullpage_full'] = array('name' => 'Letter 8.5 x 11 (no margin)',
 			'page_width' => 8.5,
 			'page_height' => 11,
 			'label_width' => 8.5,
 			'x_spacing' => 0,
 			'cols' => 1,
 			'label_height' => 11,
 			'y_spacing' => 0,
 			'rows' => 1,
 			'page_format' => 'LETTER',
 			'page_orientation' => 'P',
 			'label_width' => 215.9,
 			'label_height' => 279.4,
 			'x_spacing' => 0,
 			'y_spacing' => 0,
 			'cols' => 1,
 			'rows' => 1,
 			);
 $report_stock['fullpage_landscape_full'] = array('name' => 'Letter 8.5 x 11 Landscape (no margin)',
 			'page_width' => 11,
 			'page_height' => 8.5,
 			'label_width' => 11,
 			'x_spacing' => 0,
 			'cols' => 1,
 			'label_height' => 8.5,
 			'y_spacing' => 0,
 			'rows' => 1,
 			'page_format' => 'LETTER',
 			'page_orientation' => 'L',
 			'label_width' => 279.4,
 			'label_height' => 215.9,
 			'x_spacing' => 0,
 			'y_spacing' => 0,
 			'cols' => 1,
 			'rows' => 1,
 			);
 $report_stock['5161'] = array('name' => 'Avery 5161/5261/5961/8161, G&T 99189 (1"x4")',
 			'page_width' => 8.5,
 			'page_height' => 11,
 			'label_width' => 4,
 			'x_spacing' => 0.15,
 			'cols' => 2,
 			'label_height' => 1,
 			'y_spacing' => 0.00,
 			'y_padding' => 0.05,
 			'rows' => 10,
 			'page_format' => 'LETTER',
 			'page_orientation' => 'P',
 			'label_width' => 101.6,
 			'label_height' => 25.4,
 			'x_spacing' => 3.81,
 			'y_spacing' => 0.00,
 			'cols' => 2,
 			'rows' => 10,
 			);
 $report_stock['5162'] = array('name' => 'Avery 5162/5262/5962/8162/8462, G&T 99190 (1 1/3"x4")',
 			'page_width' => 8.5,
 			'page_height' => 11,
 			'label_width' => 3.99,
 			'x_spacing' => 0.187,
 			'cols' => 2,
 			'label_height' => 1.326,
 			'y_spacing' => 0.00,
 			'y_padding' => 0.30,
 			'rows' => 7,
 			'page_format' => 'LETTER',
 			'page_orientation' => 'P',
 			'label_width' => 101.35,
 			'label_height' => 33.6804,
 			'x_spacing' => 4.7498,
 			'y_spacing' => 0.00,
 			'cols' => 2,
 			'rows' => 7,
 			);
 $report_stock['5163'] = array('name' => 'Avery 5163/5263/5963/8163/8463, G&T 99181 (2"x4")',
 			'page_width' => 8.5,
 			'page_height' => 11,
 			'label_width' => 4,
 			'x_spacing' => 0.1719,
 			'cols' => 2,
 			'label_height' => 2,
 			'y_spacing' => 0.00,
 			'rows' => 5,
 			'page_format' => 'LETTER',
 			'page_orientation' => 'P',
 			'label_width' => 101.6,
 			'label_height' => 50.8,
 			'x_spacing' => 4.3663,
 			'y_spacing' => 0.00,
 			'cols' => 2,
 			'rows' => 5,
 			);
 /* This is combined with 5161
 $report_stock['5961'] = array('name' => 'Avery 5961, G&T 99189 (1"x4")',
 			'page_width' => 8.5,
 			'page_height' => 11,
 			'label_width' => 4,
 			'x_spacing' => 0.08,
 			'cols' => 2,
 			'label_height' => 1,
 			'y_spacing' => 0.08,
 			'rows' => 10,
 			);
 */		
 $report_stock['5164'] = array('name' => 'Avery 5164/5264/5964/8164, G&T 99763 (4"x3 1/3")',
 			'page_width' => 8.5,
 			'page_height' => 11,
 			'label_width' => 4,
 			'x_spacing' => 3/16,
 			'cols' => 2,
 			'label_height' => 3 + 1/3,
 			'y_spacing' => 0,
 			'rows' => 3,
 			'page_format' => 'LETTER',	/* tcpdf format */
 			'page_orientation' => 'P',	/* tcpdf orientation */
 			'label_width' => 101.6,
 			'label_height' => 84.6667,
 			'x_spacing' => 4.7625,
 			'y_spacing' => 0,
 			'cols' => 2,
 			'rows' => 3,
 			);
 $report_stock['nametag'] = array('name' => 'Cards 4"x3"',
 			'page_width' => 8.5,
 			'page_height' => 11,
 			'label_width' => 4,
 			'x_spacing' => 0,
 			'cols' => 2,
 			'label_height' => 3,
 			'y_spacing' => 0,
 			'rows' => 3,
 			'page_format' => 'LETTER',
 			'page_orientation' => 'P',
 			'label_width' => 101.6,
 			'label_height' => 76.2,
 			'x_spacing' => 0,
 			'y_spacing' => 0,
 			'cols' => 2,
 			'rows' => 3,
 			);
 $report_stock['letter_4up'] = array('name' => 'Fullpage, 4up',
 			'page_width' => 8.5,
 			'page_height' => 11,
 			'label_width' => 4,
 			'x_spacing' => 0.25,
 			'cols' => 2,
 			'label_height' => 5,
 			'y_spacing' => 0.25,
 			'rows' => 2,
 			'page_format' => 'LETTER',
 			'page_orientation' => 'P',
 			'label_width' => 101.6,
 			'label_height' => 127.0,
 			'x_spacing' => 0.25,
 			'y_spacing' => 0.25,
 			'cols' => 2,
 			'rows' => 2,
 			);
 $report_stock['ledger'] = array('name' => 'Ledger/Tabloid 11 x 17',
-			'page_format' => 'TABLOID',
+			'page_width' => 11,
-			'page_orientation' => 'P',
+			'page_height' => 17,
-			'label_width' => 279.4,
+			'label_width' => 11,
 			'label_height' => 431.8,
 			'x_spacing' => 0,
 			'y_spacing' => 0,
 			'cols' => 1,
 			'label_height' => 17,
 			'y_spacing' => 0,
 			'rows' => 1,
 			'page_format' => 'LETTER',
 			'page_orientation' => 'P',
 			);
 $report_stock['ledger_landscape'] = array('name' => 'Ledger/Tabloid 11 x 17 Landscape',
-			'page_format' => 'TABLOID',
+			'page_width' => 17,
-			'page_orientation' => 'L',
+			'page_height' => 11,
-			'label_width' => 431.8,
+			'label_width' => 17,
 			'label_height' => 279.4,
 			'x_spacing' => 0,
 			'y_spacing' => 0,
 			'cols' => 1,
 			'label_height' => 11,
 			'y_spacing' => 0,
 			'rows' => 1,
 			'page_format' => 'LETTER',
 			'page_orientation' => 'P',
 			);
@ -294,14 +344,16 @@ foreach($report_stock as $n=>$v) {
 	global $report_volunteers_fields, $report_fairs_fields;
 	global $report_tours_fields, $report_fundraisings_fields;
 	global $pdo;
 	$fieldvar = "report_{$report['type']}s_fields";
 	$allow_fields = array_keys($$fieldvar);
 	/* First delete all existing fields */
-	mysql_query("DELETE FROM reports_items 
+	$stmt = $pdo->prepare("DELETE FROM reports_items 
 			WHERE `reports_id`='{$report['id']}'
 			AND `type`='$type'");
 	$stmt->execute();
 	/* Now add new ones */
 	if(count($report[$type]) == 0) return;
@ -310,28 +362,33 @@ foreach($report_stock as $n=>$v) {
 	$x = 0;
 	foreach($report[$type] as $k=>$v) {
 		if($type == 'option') {
-			/* field, value, x, y, w, h, align, valign, fn, fs, fsize, overflow */
+			/* field, value, x, y, w, h, lines, face, align, valign, fn, fs, fsize, overflow */
-			$vals = "'$k','$v','0','0','0','0','','','','','0','truncate'";
+			$vals = "".$pdo->quote($k).",".$pdo->quote($v).",'0','0','0','0','0','','','','','','0','truncate'";
 		} else {
-			$fs = is_array($v['fontstyle']) ? implode(',',$v['fontstyle']) : '';
+			if(get_value_from_array($v, 'lines') == 0) $v['lines'] =1;
-			$vals = "'{$v['field']}','{$v['value']}',
+			$fs = is_array(get_value_from_array($v,'fontstyle')) ? implode(',',$v['fontstyle']) : '';
-				'{$v['x']}','{$v['y']}','{$v['w']}','{$v['h']}',
+			$opts = get_value_from_array($v, 'align') . " " .$pdo->quote(get_value_from_array($v, 'valign', ''));
-				'{$v['align']}','{$v['valign']}',
+			$vals = "'".get_value_from_array($v, 'field')."','".get_value_from_array($v, 'value')."',
-				'{$v['fontname']}','$fs','{$v['fontsize']}',
+				'".get_value_from_array($v,'x')."','".get_value_from_array($v, 'y')."','".get_value_from_array($v, 'w')."',
-				'{$v['on_overflow']}'";
+				'".get_value_from_array($v, 'h')."','".get_value_from_array($v,'lines')."','".get_value_from_array($v, 'face')."',
 				'$opts','".get_value_from_array($v, 'valign')."',
 				'".get_value_from_array($v, 'fontname')."','$fs','".get_value_from_array($v, 'fontsize')."',
 				'".get_value_from_array($v, 'on_overflow')."'";
 		}
 		if($q != '') $q .= ',';
 		$q .= "({$report['id']}, '$type','$x',$vals)";
 		$x++;
 	}
-	mysql_query("INSERT INTO reports_items(`reports_id`,`type`,`ord`,
+	
 	$stmt = $pdo->prepare("INSERT INTO reports_items(`reports_id`,`type`,`ord`,
 				`field`,`value`,`x`, `y`, `w`, `h`,
-				`align`,`valign`,
+				`lines`, `face`, `align`,`valign`,
 				`fontname`,`fontstyle`,`fontsize`,`on_overflow`) 
-			VALUES $q;");
+			VALUES $q");
-	echo mysql_error();
+	$stmt->execute();
 	show_pdo_errors_if_any($pdo);
 }
@ -343,16 +400,19 @@ foreach($report_stock as $n=>$v) {
 	global $report_tours_fields, $report_fairs_fields;
 	global $report_fundraisings_fields;
 	global $pdo;
 	$report = array();
-	$q = mysql_query("SELECT * FROM reports WHERE id='$report_id'");
+	$q = $pdo->prepare("SELECT * FROM reports WHERE id='$report_id'");
-	$r = mysql_fetch_assoc($q);
+	$q->execute();
-	$report['name'] = $r['name'];
+	$r = $q->fetch(PDO::FETCH_ASSOC);
-	$report['id'] = $r['id'];
+	$report['name'] = get_value_from_array($r, 'name');
-	$report['system_report_id'] = $r['system_report_id']; 
+	$report['id'] = get_value_from_array($r, 'id');
-	$report['desc'] = $r['desc'];
+	$report['system_report_id'] = get_value_from_array($r, 'system_report_id'); 
-	$report['creator'] = $r['creator'];
+	$report['desc'] = get_value_from_array($r,'desc');
-	$report['type'] = $r['type'];
+	$report['creator'] = get_value_from_array($r,'creator');
 	$report['type'] = get_value_from_array($r, 'type');
 	$report['col'] = array();
 	$report['sort'] = array();
@ -363,19 +423,21 @@ foreach($report_stock as $n=>$v) {
 	$report['loc'] = array();
 	$fieldvar = "report_{$report['type']}s_fields";
 	if(is_array($$fieldvar)) 
 		$allow_fields = array_keys($$fieldvar);
 	else
 		$allow_fields=array();
- 	$q = mysql_query("SELECT * FROM reports_items 
+ 	$q = $pdo->prepare("SELECT * FROM reports_items 
 			WHERE reports_id='{$report['id']}' 
 			ORDER BY `ord`");
-	print(mysql_error());
+	$q->execute();
 	show_pdo_errors_if_any($pdo);
-	if(mysql_num_rows($q) == 0) return $ret;
+	if($q->rowCount() == 0) return $report;
-	while($a = mysql_fetch_assoc($q)) {
+	while($a = $q->fetch(PDO::FETCH_ASSOC)) {
 		$f = $a['field'];
 		$t = $a['type'];
 		switch($t) {
@ -383,22 +445,33 @@ foreach($report_stock as $n=>$v) {
 			/* We dont' care about order, just construct
 			 * ['option'][name] = value; */
 			if(!in_array($f, $allow_options)) {
-				print("Type[$type] Field[$f] not allowed.\n");
+//				print("Type[$type] Field[$f] not allowed.\n");
-				continue;
+				break;
 			}
 			$report['option'][$f] = $a['value'];
 			break;
 		default:
 			if(!in_array($f, $allow_fields)) {
-				print("Type[$type] Field[$f] not allowed.\n");
+//				print("Type[$type] Field[$f] not allowed.\n");
-				continue;
+				break;
 			}
 			/* Pull out all the data */
 			$val = array();
-			$col_fields = array('field', 'x', 'y', 'w', 'h', 'align', 'valign', 'value', 'fontname','fontsize','on_overflow');
+			$col_fields = array('field', 'x', 'y', 'w', 'h', 'lines', 'face', 'align', 'valign', 'value', 'fontname','fontsize','on_overflow');
 			foreach($col_fields as $lf) $val[$lf] = $a[$lf];
 			$val['fontstyle'] = explode(',', $a['fontstyle']);
 			/* valign, fontname, fontsize,fontstyle are unused, except in tcpdf reports 
 			(i.e. nothign has changed, only adding on */
 			if($val['lines'] == 0) $val['lines'] = 1;
 			$opts = explode(" ", $val['align']);
 			$align_opts = array ('left', 'right', 'center');
 			$valign_opts = array ('vtop', 'vbottom', 'vcenter');
 			$style_opts = array ('bold');
 			foreach($opts as $o) {
 				if(in_array($o, $align_opts)) $val['align'] = $o;
 				if(in_array($o, $valign_opts)) $val['valign'] = $o;
 				if(in_array($o, $valign_opts)) $val['face'] = $o;
 			}
 			$report[$t][$a['ord']] = $val;
 			break;
@ -409,16 +482,18 @@ foreach($report_stock as $n=>$v) {
 }
 function report_save($report)
- {
+ {	global $pdo;
 	if($report['id'] == 0) {
 		/* New report */
-		mysql_query("INSERT INTO reports (`id`) VALUES ('')");
+		$stmt = $pdo->prepare("INSERT INTO reports (`id`) VALUES ('')");
-		$report['id'] = mysql_insert_id();
+		$stmt->execute();
 		$report['id'] = $pdo->lastInsertId();
 	} else {
 		/* if the report['id'] is not zero, see if this is a
 		 * systeim report before doing anything. */
-		$q = mysql_query("SELECT system_report_id FROM reports WHERE id='{$report['id']}'");
+		$q = $pdo->prepare("SELECT system_report_id FROM reports WHERE id='{$report['id']}'");
-		$i = mysql_fetch_assoc($q);
+		$q->execute();
 		$i = $q->fetch(PDO::FETCH_ASSOC);
 		if(intval($i['system_report_id']) != 0) {
 			/* This is a system report, the editor (should)
 			 * properly setup the editor pages so that the user
@ -437,14 +512,15 @@ foreach($report_stock as $n=>$v) {
 	print("</pre>");
 */
- 	mysql_query("UPDATE reports SET 
+ 	$stmt = $pdo->prepare("UPDATE reports SET 
-			`name`='".mysql_escape_string($report['name'])."',
+			`name`='".$report['name']."',
-			`desc`='".mysql_escape_string($report['desc'])."',
+			`desc`='".$report['desc']."',
-			`creator`='".mysql_escape_string($report['creator'])."',
+			`creator`='".$report['creator']."',
-			`type`='".mysql_escape_string($report['type'])."'
+			`type`='".$report['type']."'
 			WHERE `id`={$report['id']}");
 	$stmt->execute();
-	report_save_field($report, 'col', $report['loc']);
+	report_save_field($report, 'col', get_value_from_array($report, 'loc'));
 	report_save_field($report, 'group', array());
 	report_save_field($report, 'sort', array());
 	report_save_field($report, 'distinct', array());
@ -454,11 +530,11 @@ foreach($report_stock as $n=>$v) {
 }
 function report_load_all() 
- {
+ {	global $pdo;
 	$ret = array();
- 	$q = mysql_query("SELECT * FROM reports ORDER BY `name`");
+ 	$q = $pdo->prepare("SELECT * FROM reports ORDER BY `name`");
-	while($r = mysql_fetch_assoc($q)) {
+	while($r = $q->fetch(PDO::FETCH_ASSOC)) {
 		$report = array();
 	        $report['name'] = $r['name'];
 	        $report['id'] = $r['id'];
@ -475,8 +551,9 @@ foreach($report_stock as $n=>$v) {
 	$r = intval($report_id);
 	/* if the report['id'] is not zero, see if this is a
 	 * systeim report before doing anything. */
-	$q = mysql_query("SELECT system_report_id FROM reports WHERE id='$r'");
+	$q = $pdo->prepare("SELECT system_report_id FROM reports WHERE id='$r'");
-	$i = mysql_fetch_assoc($q);
+	$q->execute();
 	$i = $q->fetch(PDO::FETCH_ASSOC);
 	if(intval($i['system_report_id']) != 0) {
 		/* This is a system report, the editor (should)
 		 * properly setup the editor pages so that the user
@ -486,20 +563,27 @@ foreach($report_stock as $n=>$v) {
 		echo "ERROR: attempt to delete a system report (reports.id=$r)";
 		exit;
 	}
- 	mysql_query("DELETE FROM reports WHERE `id`=$r");
+ 	$stmt = $pdo->prepare("DELETE FROM reports WHERE `id`=$r");
-	mysql_query("DELETE FROM reports_items WHERE `reports_id`=$r");
+	$stmt->execute();
- }
+	$stmt = $pdo->prepare("DELETE FROM reports_items WHERE `reports_id`=$r");
 $stmt->execute();}
 function report_gen($report) 
 {
- 	global $config, $report_students_fields, $report_judges_fields, $report_awards_fields, $report_schools_fields;
+foreach($report['col'] as $v)
 	global $config, $report_students_fields, $report_judges_fields, $report_awards_fields, $report_schools_fields;
 	global $report_stock, $report_committees_fields, $report_volunteers_fields;
 	global $report_tours_fields, $report_fairs_fields;
 	global $report_fundraisings_fields;
 	global $filter_ops;
 	global $conference;
-	//print_r($report);
+//foreach($report as $k=>$v){
 //print_r($k.' ~	>');
 //print_r($v);
 //print_r('<br> <br>');
 //}
 	$fieldvar = "report_{$report['type']}s_fields";
 	$fields = $$fieldvar;
@ -507,7 +591,9 @@ foreach($report_stock as $n=>$v) {
 	$fieldname = array();
 	$thead = array();
-	$table['col']=array();
+	$table['header']=array();
 	$table['widths']=array();
 	$table['dataalign']=array();
 	$table['option']=array();
 	$table['total']=0;
@ -524,40 +610,53 @@ foreach($report_stock as $n=>$v) {
 		$rep=new lcsv(i18n($report['name']));
 		$gen_mode = 'table';
 		break;
 	case 'label':
 		/* Label */
 		$label_stock = $report_stock[$report['option']['stock']];
 		$rep=new lpdf(	i18n($config['fairname']),
 				i18n($report['name']),
 				$_SERVER['DOCUMENT_ROOT'].$config['SFIABDIRECTORY']."/data/logo.gif");
 		$rep->setPageStyle("labels");
 		$rep->newPage($label_stock['page_width'], $label_stock['page_height']);
 		$rep->setFontSize(11);
 		$rep->setLabelDimensions($label_stock['label_width'], $label_stock['label_height'],
 				$label_stock['x_spacing'], $label_stock['y_spacing'],11,$label_stock['y_padding']);
 		$gen_mode = 'label';
 		break;
 	case 'pdf': case '':
 		/* FIXME: handle landscape pages in here */
 		$label_stock = $report_stock[$report['option']['stock']];
 		$rep=new lpdf(	i18n($config['fairname']),
 				i18n($report['name']),
 				$_SERVER['DOCUMENT_ROOT'].$config['SFIABDIRECTORY']."/data/logo.gif");
 		$rep->newPage($label_stock['page_width'], $label_stock['page_height']);
 		if($report['option']['default_font_size']) {
 			$rep->setDefaultFontSize($report['option']['default_font_size']);
 			$rep->setFontSize($report['option']['default_font_size']);
 		}
 		else {
 			$rep->setDefaultFontSize(11);
 			$rep->setFontSize(11);
 		}
 		$gen_mode = 'table';
 		if($report['option']['allow_multiline'] == 'yes') 
 			$table['option']['allow_multiline'] = true;
 		break;
 	case 'tcpdf_label':
 		$label_stock = $report_stock[$report['option']['stock']];
 		$show_box = ($report['option']['label_box'] == 'yes') ? true : false;
 		$show_fair = ($report['option']['label_fairname'] == 'yes') ? true : false;
 		$show_logo = ($report['option']['label_logo'] == 'yes') ? true : false;
 		$rep=new pdf($report['name'], $label_stock['page_format'], $label_stock['page_orientation']);
 		$rep->setup_for_labels($show_box, $show_fair, $show_logo, 
-				$label_stock['label_width'], $label_stock['label_height'],
+				$label_stock['label_width'] * 25.4, $label_stock['label_height'] * 25.4,
-				$label_stock['x_spacing'], $label_stock['y_spacing'],
+				$label_stock['x_spacing'] * 25.4, $label_stock['y_spacing'] * 25.4,
 				$label_stock['rows'], $label_stock['cols']);
-		$gen_mode = 'label';
+		$gen_mode = 'tcpdf_label';
 		break;
 	case 'pdf': case '':
 		$label_stock = $report_stock[$report['option']['stock']];
 		if($report['option']['allow_multiline'] == 'yes') 
 			$on_overflow = 'nothing';
 		else 
 			$on_overflow = '...';
 		$rep=new pdf($report['name'], $label_stock['page_format'], $label_stock['page_orientation']);
 		$rep->setup_for_tables($show_box, $show_fair, $show_logo, 
 				$label_stock['label_width'], $label_stock['label_height'],
 				$label_stock['x_spacing'], $label_stock['y_spacing'],
 				$label_stock['rows'], $label_stock['cols']);
 		$gen_mode = 'table';
 		break;
 	case 'text':
 		echo "Not implemented [{$report['option']['type']}]";
 		exit;
 	default:
 		echo "Invalid type [{$report['option']['type']}]";
 		exit;
@ -572,51 +671,51 @@ foreach($report_stock as $n=>$v) {
 	$total_width = 0;
 	$scale_width = 0;
 	$temp=array();
 	$count=0;
 	foreach($report['col'] as $o=>$d) {
 		if($config['default_language']!='fr'){
 			if(strpos($d['field'],'fr_')!='fr_'){
 			$temp[$count]=$d;
 			$count++;
 			}
 		} 
 	}
 	$report['col']=$temp;
 	/* Add up the column widths, and figure out which
 	 * ones are scalable, just in case */
 	foreach($report['col'] as $o=>$d) {
 		$f = $d['field'];
-		if($d['w'] != 0) { 
+		$total_width += $fields[$f]['width'];
-			/* Always 0 on old reports, so we never get in here */
+		if($fields[$f]['scalable'] == true)
-			$total_width += $d['w'];
+			$scale_width += $fields[$f]['width'];
 			/* For the rest of the computation, this field is
 			 * not scalable */
 			 /* FIXME! */
 		} else {
 			$total_width += $fields[$f]['width'];
 			if($fields[$f]['scalable'] == true) 
 				$scale_width += $fields[$f]['width'];
 		}
 	}
 	/* Determine the scale factor (use the label width so
 	 * we can enforce margins) */
 	if($report['option']['fit_columns'] == 'yes') { // && $total_width > $label_stock['label_width'])  {
 		$static_width = $total_width - $scale_width;
-		if($scale_width) 
+        	if($scale_width){
-			$scale_factor = ($label_stock['label_width'] - $static_width) / $scale_width;
+			if ($label_stock['label_width'] - $static_width > 0) {
-		else
+	        		$scale_factor = ($label_stock['label_width'] - $static_width) / $scale_width;
-			$scale_factor = 1.0;
+ 			} else {
 				$scale_factor = $label_stock['label_width']/$total_width;
 			} 
 		} else {
        		$scale_factor = 1.0;
 		}
 	} else {
-		$scale_factor = 1.0;
+			$scale_factor = 1.0;
 	}
 	/* Select columns to display */
 	foreach($report['col'] as $o=>$d) {
 		$f = $d['field'];
-
+		$table['header'][] = i18n($fields[$f]['header']);
-		/* If width is specificed, use that, else compute based on default field width */
+		$sf = ($fields[$f]['scalable'] == true) ? $scale_factor : 1.0;
-		if($d['w'] == 0)
+		$table['widths'][] = $fields[$f]['width'] * $sf;
-			$width = $fields[$f]['width'] * (($fields[$f]['scalable'] == true) ? $scale_factor : 1.0);
+		$table['dataalign'][] = 'left';
 		else 
 			$width = $d['w'];
 		$col = array(	'header' => i18n($fields[$f]['header']),
 				'width' => $width,
 				'align' => 'left',
 				'on_overflow' => $on_overflow);
 		$table['col'][] = $col;
 		$sel[] = "{$fields[$f]['table']} AS C$x";
 		$fieldname[$f] = "C$x";
 		/* We want to add these to group by, but AFTER all the other group bys */
@ -638,7 +737,7 @@ foreach($report_stock as $n=>$v) {
 			$fieldname[$f] = "G$o";
 		}
-		if(isset($fields[$f]['able_sort']))
+		if(isset($fields[$f]['table_sort']))
 			$order[] = $fields[$f]['table_sort'];
 		else
 			$order[] = $fieldname[$f];
@ -649,6 +748,7 @@ foreach($report_stock as $n=>$v) {
 		}
 	}
 	/* If no sort order is specified, make the first field the order */
 	if(count($report['sort']) == 0) 
 		$report['sort'] = array(0 => array('field' => $report['col'][0]['field']));
@ -692,8 +792,8 @@ foreach($report_stock as $n=>$v) {
 	$order = implode(",", $order);
-	if(!isset($report['conferences_id'])){
+	if(!isset($report['year'])) {
-		$report['conferences_id'] = $conference['id'];
+		$report['year'] = $config['FAIRYEAR'];
 	}
 	$group_by = array_merge($group_by, $post_group_by);
@ -711,11 +811,13 @@ foreach($report_stock as $n=>$v) {
 	$q = call_user_func_array($func, array($report, $components));
 	$q = "SELECT $sel  $q  $filter_query $group_query ORDER BY $order";
-	$r = mysql_query($q);
+	$r = $pdo->prepare($q);
-
+	$r->execute();
 //	print_r($report);
 //	print_r($report['filter']);
 //	echo "$q";
 	if($r == false) {
 		echo "The report database query has failed.  This is
@ -725,20 +827,19 @@ foreach($report_stock as $n=>$v) {
 		a bug report so we can get this fixed.<br />"; 
 		echo "<pre>";
 		echo "Query: [$q]<br />";
-		echo "Error: [".mysql_error()."]<br />";
+		echo "Error: [".$pdo->erroInfo()."]<br />";
 		echo "</pre>";
 		exit;
 	}
-	echo mysql_error();
+	show_pdo_errors_if_any($pdo);
 	$ncols = count($report['col']);
 	$n_groups = count($report['group']);
 	$last_group_data = array();
 //	echo "<pre>";print_r($rep);
-
+	while($i = $r->fetch(PDO::FETCH_ASSOC)) {
-	while($i = mysql_fetch_assoc($r)) {
+		
 		if($n_groups > 0) {
 			$group_change = false;
 			/* See if any of the "group" fields have changed */
@ -758,48 +859,78 @@ foreach($report_stock as $n=>$v) {
 			if($group_change) {
 				/* Dump the last table */
 				if(count($table['data'])) {
 				//	print_r($table);
-					$rep->addTable($table);
+					$rep->addTable($table);  //table is the content
 					$rep->nextLine();
 					$table['data'] = array();
 					$table['total'] = 0;
 					/* Start a new page AFTER a table is
 					* dumped, so the first page doesn't
 					* end up blank */
 					if($report['option']['group_new_page'] == 'yes') {
-						$rep->addpage();
+						$rep->newPage();
 					} else {
 						$rep->hr();
 						$rep->vspace(-0.1);
 					}
 				}
 				/* Construct a new header */
 				$h = implode(" -- ", $last_group_data);
 				$rep->heading($h);
 				$rep->nextLine();
 			}
 		}
 		$data = array();
 		if($gen_mode == 'label') {
 			$show_box = ($report['option']['label_box'] == 'yes') ? true : false;
 			$show_fair = ($report['option']['label_fairname'] == 'yes') ? true : false;
 			$show_logo = ($report['option']['label_logo'] == 'yes') ? true : false;
 			$rep->newLabel($show_box, $show_fair, $show_logo);
 		} else if($gen_mode == 'tcpdf_label') {
 			$rep->label_new();
 		}
-		foreach($report['col'] as $o=>$d) {
+		foreach($report['col'] as $o=>$d) {			//fill in one page
 			$f = $d['field'];
 			if(is_array($fields[$f]['value_map'])) {
 				$v = $fields[$f]['value_map'][$i["C$o"]];
 			} else if(is_callable($fields[$f]['exec_function'])) {
 				$v = call_user_func_array($fields[$f]['exec_function'], array($report, $f, $i["C$o"]));
 //			} else if(isset($fields[$f]['exec_code'])) {
 //				Somethign like this, how do we pass $i["C$o"] in?
 //				$v = exec($fields[$f]['exec_code']);
 			} else {
 				$v =  $i["C$o"];
 			}
 			if($gen_mode == 'table') {
 				$data[] = $v;
 			} else if($gen_mode == 'label') {
 				$opt = array();
 				if($d['face'] == 'bold') $opt[] = 'bold';
 				$opt[] = $d['align'];
 				$opt[] = $d['valign'];
 				if($report['option']['field_box'] == 'yes') 
 					$opt[] = 'field_box';
 //the page content is filled
 				/* Special column, draw a box */
 				if($f == 'static_box') {
 					$rep->addLabelBox($d['x'], $d['y'], $d['w'],
 								$d['h']);
 				} else {
 					/* Special column, override result with static text */
 					if($f == 'static_text') $v = $d['value'];
 					$lh = ($d['lines'] == 0) ? 0 : $d['h']/$d['lines'];
 					$rep->addLabelText2($d['x'], $d['y'], $d['w'],
 							$d['h'], $lh,
 							$v, $opt);
 				}
 			} else if($gen_mode == 'tcpdf_label') {
 				/* Setup additional options */
 				$show_box = ($report['option']['field_box'] == 'yes') ? true : false;
@ -809,7 +940,7 @@ foreach($report_stock as $n=>$v) {
 				case 'static_box':
 					$rep->label_rect($d['x'], $d['y'], $d['w'], $d['h']);
 					break;
-				case 'conference_logo':
+				case 'fair_logo':
 					$rep->label_fair_logo($d['x'], $d['y'], $d['w'], $d['h'], $show_box);
 					break;
 				case "projectbarcode":
@ -819,8 +950,8 @@ foreach($report_stock as $n=>$v) {
 					'hpadding' => 'auto',
 					'fgcolor' => array(0,0,0),
 					'bgcolor' => false, //array(255,255,255)
-					'module_width' => 3, // width of a single module in points
+					'module_width' => 2, // width of a single module in points
-					'module_height' => 3 // height of a single module in points
+					'module_height' => 2 // height of a single module in points
 					);
 					$rep->label_barcode($v, 'QRCODE,H', $d['x'], $d['y'], $d['w'], $d['h'], $style, 'N');
 				break;
@ -829,6 +960,8 @@ foreach($report_stock as $n=>$v) {
 					if($f == 'static_text') 
 						$v = $d['value'];
 					$v = iconv("ISO-8859-1","UTF-8",$v);
 					$rep->label_text($d['x'], $d['y'], $d['w'], $d['h'],
 					$v, $show_box, $d['align'], $d['valign'],
 					$d['fontname'],$d['fontstyle'],$d['fontsize'],
@ -837,7 +970,39 @@ foreach($report_stock as $n=>$v) {
 					break;
 				}
 /*
 				if($f == 'static_box') {
 					$rep->label_rect($d['x'], $d['y'], $d['w'], $d['h']);
 				} else {
 					if($f == 'static_text') $v = $d['value'];
 					$v = iconv("ISO-8859-1//TRANSLIT", "UTF-8", $v);
 					if($f=="projectbarcode") {
 						$style = array(
 							'border' => 2,
 							'vpadding' => 'auto',
 							'hpadding' => 'auto',
 							'fgcolor' => array(0,0,0),
 							'bgcolor' => false, //array(255,255,255)
 							'module_width' => 2, // width of a single module in points
 							'module_height' => 2 // height of a single module in points
 						);
 						$rep->label_barcode($v, 'QRCODE,H', $d['x'], $d['y'], $d['w'], $d['h'], $style, 'N');
 					}
 					else {
 						$rep->label_text($d['x'], $d['y'], $d['w'], $d['h'],
 								$v, $show_box, $d['align'], $d['valign'],
 								$d['fontname'],$d['fontstyle'],$d['fontsize'],
 								$d['on_overflow']);
 					}
 				}
 				*/
 			}
 //}
 			if($fields[$f]['total'] == true)
 				$table['total'] += $v;
--- a/admin/reports.php
+++ b/admin/reports.php
@ -1,136 +1,143 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2007 James Grant <james@lightbox.org>
+ * This file is part of the Science-ation project
-   Copyright (C) 2007 David Grant <dave@lightbox.org>
+ * Science-ation Website: https://science-ation.ca
-
+ *
-   This program is free software; you can redistribute it and/or
+ * This file was part of the 'Science Fair In A Box' project
-   modify it under the terms of the GNU General Public
+ *
-   License as published by the Free Software Foundation, version 2.
+ *
-
+ * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   This program is distributed in the hope that it will be useful,
+ * Copyright (C) 2005 James Grant <james@lightbox.org>
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * Copyright (C) 2024 AlgoLibre Inc. <science-ation@algolibre.io>
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *
-    General Public License for more details.
+ * This program is free software; you can redistribute it and/or
-
+ * modify it under the terms of the GNU General Public
-   You should have received a copy of the GNU General Public License
+ * License as published by the Free Software Foundation, version 2.
-   along with this program; see the file COPYING.  If not, write to
+ *
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ * This program is distributed in the hope that it will be useful,
-   Boston, MA 02111-1307, USA.
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-*/
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 *  General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require_once('../common.inc.php');
+require_once ('../common.inc.php');
- require_once('../user.inc.php');
+require_once ('../user.inc.php');
- require_once('reports.inc.php');
+require_once ('reports.inc.php');
- user_auth_required('committee');
+user_auth_required('committee');
-$option_keys = array('type','stock');
+$option_keys = array('type', 'stock');
 switch (get_value_from_array($_GET, 'action')) {
 	case 'remove_report':
 		$id = intval($_GET['id']);
 		$stmt = $pdo->prepare("DELETE FROM reports_committee WHERE
 			users_id='{$_SESSION['users_uid']}' AND id='$id'");
 		$stmt->execute();
 		happy_('Report successfully removed');
 		exit;
 	case 'reload':
 		$edit_mode = true;
 		$reports_id = intval(get_value_from_array($_POST, 'reports_id'));
 		exit;
-switch($_GET['action']) {
+	case 'load_report':
-case 'remove_report':
+		$id = intval($_GET['id']);
 	$id = intval($_GET['id']);
 	mysql_query("DELETE FROM reports_committee WHERE
 			users_id='{$_SESSION['accounts_id']}' AND id='$id'");
 	happy_('Report successfully removed');
 	exit;
 case 'reload':
 	$edit_mode = true;
 	$reports_id = intval($_POST['reports_id']);
 	exit;
-case 'load_report':
+		/* Load report */
- 	$id = intval($_GET['id']);
+		if ($id == -1) {
 			$reports_id = intval($_GET['reports_id']);
 			$report = report_load($reports_id);
-	/* Load report */
+			$ret['id'] = -1;
-	if($id == -1) {
+			$ret['reports_id'] = $reports_id;
-		$reports_id = intval($_GET['reports_id']);
+			$ret['type'] = $report['option']['type'];
-		$report = report_load($reports_id);
+			$ret['stock'] = $report['option']['stock'];
 			$ret['comment'] = $report['desc'];
 			$ret['name'] = $report['name'];
 			$ret['category'] = '';
 		} else {
 			$q = $pdo->prepare("SELECT * FROM reports_committee WHERE id='$id'");
 			$ret = $q->fetch(PDO::FETCH_ASSOC);
 			$ret['type'] = $ret['format'];
 		}
-		$ret['id'] = -1;
+		/* Load available categories */
-		$ret['reports_id'] = $reports_id;
+		$q = $pdo->prepare("SELECT DISTINCT category FROM reports_committee
-		$ret['type'] = $report['option']['type'];
+ \t\t\tWHERE users_id='{$_SESSION['users_uid']}'
 		$ret['stock'] = $report['option']['stock'];
 		$ret['comment'] = $report['desc'];
 		$ret['name'] = $report['name'];
 		$ret['category'] = '';
 	} else {
 		$q = mysql_query("SELECT * FROM reports_committee WHERE id='$id'");
 		$ret = mysql_fetch_assoc($q);
 		$ret['type'] = $ret['format'];
 	}
 	/* Load available categories */
 	$q = mysql_query("SELECT DISTINCT category FROM reports_committee
 			WHERE users_id='{$_SESSION['accounts_id']}'
 			ORDER BY category");
-	while($i = mysql_fetch_object($q))
+		$q->execute();
-		$ret['cat'][] = $i->category;
+		while ($i = $q->fetch(PDO::FETCH_OBJ))
-	echo json_encode($ret);
+			$ret['cat'][] = $i->category;
-	exit;
+		echo json_encode($ret);
 		exit;
-case 'save':
+	case 'save':
-	echo "POST: ";
+		echo 'POST: ';
-	print_r($_POST);
+		print_r($_POST);
-	$id = intval($_POST['id']);
+		$id = intval($_POST['id']);
- 	$reports_id = intval($_POST['reports_id']);
+		$reports_id = intval($_POST['reports_id']);
-	if($id == -1) {
+		if ($id == -1) {
-		/* New entry */
+			/* New entry */
-		mysql_query("INSERT INTO `reports_committee` (`users_id`,`reports_id`) 
+			$stmt = $pdo->prepare("INSERT INTO `reports_committee` (`users_id`,`reports_id`) 
-			VALUES('{$_SESSION['accounts_id']}','$reports_id');");
+			VALUES('{$_SESSION['users_uid']}','$reports_id');");
-		echo mysql_error();
+			$stmt->execute();
-		$id = mysql_insert_id();
+			show_pdo_errors_if_any($pdo);
-	}
+			$id = $pdo->lastInsertId();
 	/* Update entry */
 	$category = $_POST['category'];
 	$category_exist = $_POST['category_exist'];
 	$comment = mysql_real_escape_string(stripslashes($_POST['comment']));
 	if($category_exist != '') $category = $category_exist;
 	$category = mysql_real_escape_string(stripslashes(trim($category)));
 	if($category == '') $category = 'default';
 	if($reports_id > 0) {
 		/* SFIAB report */
 		$type = $_POST['type'];
 		$stock = $_POST['stock'];
 		if(!array_key_exists($type, $report_options['type']['values'])) {
 			error_("Invalid format: type=$type");
 			exit;
 		}
 		if(!array_key_exists($stock, $report_stock)) {
 			error_("Invalid stock: stock=$stock");
 			exit;
 		}
 	} else {
 		/* Old custom */
 		$type = '';
 		$stock = '';
 	}
-	mysql_query("UPDATE `reports_committee` SET
+		/* Update entry */
 		$category = $_POST['category'];
 		$category_exist = $_POST['category_exist'];
 		$comment = stripslashes($_POST['comment']);
 		if ($category_exist != '')
 			$category = $category_exist;
 		$category = stripslashes(trim($category));
 		if ($category == '')
 			$category = 'default';
 		if ($reports_id > 0) {
 			/* SFIAB report */
 			$type = $_POST['type'];
 			$stock = $_POST['stock'];
 			if (!array_key_exists($type, $report_options['type']['values'])) {
 				error_("Invalid format: type=$type");
 				exit;
 			}
 			if (!array_key_exists($stock, $report_stock)) {
 				error_("Invalid stock: stock=$stock");
 				exit;
 			}
 		} else {
 			/* Old custom */
 			$type = '';
 			$stock = '';
 		}
 		$stmt = $pdo->prepare("UPDATE `reports_committee` SET
 			`category`='$category',
 			`comment`='$comment',
 			`format`='$type',
 			`stock`='$stock'
 			WHERE id='$id'");
-	happy_("Saved");
+		$stmt->execute();
-	exit;
+		happy_('Saved');
- }
+		exit;
 }
-
+// send the header
- //send the header
+send_header('My Reports',
-send_header("My Reports", 
+	array('Committee Main' => 'committee_main.php'),
-		array("Committee Main" => "committee_main.php"),
+	'print/export_reports');
 		            "print/export_reports"
 		);
 /* Send a greeting */
 echo i18n('Welcome to the new report interface.  You can select and save specific reports under specific categories so you can always find the report you need without having to go through the list each time.  To begin customizing this list, click on the "Edit This List" button at the bottom of this page.');
@ -141,16 +148,16 @@ echo i18n('Welcome to the new report interface.  You can select and save specifi
 function remove_report(id)
 {
-	$('#debug').load("<?$_SERVER['PHP_SELF']?>?action=remove_report&id="+id);
+	$('#debug').load("<? $_SERVER['PHP_SELF'] ?>?action=remove_report&id="+id);
 	$("#report_tr_"+id).remove();
 }
 function edit_report(id,reports_id)
 {
 	var r = (id == -1) ? '&reports_id='+reports_id : '';
-	$.getJSON("<?=$_SERVER['PHP_SELF']?>?action=load_report&id="+id+r,
+	$.getJSON("<?= $_SERVER['PHP_SELF'] ?>?action=load_report&id="+id+r,
 		function(json){
-			$("#report_category_exist").html("<option value=\"\">-- <?=i18n('Use New Category')?> --</option>");
+			$("#report_category_exist").html("<option value=\"\">-- <?= i18n('Use New Category') ?> --</option>");
 			for(var i in json.cat ) {
 				var c = json.cat[i];
 				$("#report_category_exist").append("<option value=\""+c+"\">"+c+"</option>");
@ -162,7 +169,7 @@ function edit_report(id,reports_id)
 			$("#report_format").val(json.format);
 			$("#report_comment").val(json.comment);
 			/* Update the dialog title */
-			$('#popup_editor').dialog('option', 'title', "<?=i18n('Report')?>: " + json.name);
+			$('#popup_editor').dialog('option', 'title', "<?= i18n('Report') ?>: " + json.name);
 			popup_editor(id);
 		});
@ -170,7 +177,7 @@ function edit_report(id,reports_id)
 function save_report()
 {
-	$('#debug').load("<?$_SERVER['PHP_SELF']?>?action=save", $('#report_form').serializeArray(), function() {
+	$('#debug').load("<? $_SERVER['PHP_SELF'] ?>?action=save", $('#report_form').serializeArray(), function() {
 		window.location.reload();
 	});
 }
@ -189,12 +196,12 @@ var edit=false;
 function edit_toggle()
 {
 	if(edit == false) {
-		$('#edit_toggle').val("<?=i18n("Done Editing")?>");
+		$('#edit_toggle').val("<?= i18n('Done Editing') ?>");
 		$('#edit_info').show();
 		$('.edit_buttons').show();
 		edit = true;
 	} else {
-		$('#edit_toggle').val("<?=i18n("Edit This List")?>");
+		$('#edit_toggle').val("<?= i18n('Edit This List') ?>");
 		$('#edit_info').hide();
 		$('.edit_buttons').hide();
 		edit = false;
@ -222,10 +229,10 @@ $(document).ready(function() {
 			modal: true, resizable: false,
 			draggable: false,
 			buttons: { 
-				"<?=i18n('Cancel')?>": function() { 
+				"<?= i18n('Cancel') ?>": function() { 
 					$(this).dialog("close"); 
 				},
-				"<?=i18n('Save')?>": function() { 
+				"<?= i18n('Save') ?>": function() { 
 					save_report();	
 					$(this).dialog("close"); 
 				} 
@ -236,98 +243,110 @@ $(document).ready(function() {
 </script>
 <?
- /* Load all the users reports */
+global $edit_mode;
- $q = mysql_query("SELECT reports_committee.*,reports.name
+/* Load all the users reports */
- 			FROM reports_committee 
+$q = $pdo->prepare("SELECT reports_committee.*,reports.name
 \t\t\tFROM reports_committee 
 				LEFT JOIN reports ON reports.id=reports_committee.reports_id
- 			WHERE users_id='{$_SESSION['accounts_id']}'
+ \t\t\tWHERE users_id='{$_SESSION['users_uid']}'
 			ORDER BY category,id");
- echo mysql_error();
+$q->execute();
- if(mysql_num_rows($q) == 0) {
+show_pdo_errors_if_any($pdo);
- 	echo i18n('You have no reports saved');
+if ($q->rowCount() == 0) {
- } else {
+	echo i18n('You have no reports saved');
-
+} else {
 	$last_category = '';
-	$x=0;
+	$x = 0;
-	echo "<table class=\"tableview\" style=\"border:0px;\">";
+	echo '<table class="tableview" style="border:0px;">';
-	while($i = mysql_fetch_object($q)) {
+	while ($i = $q->fetch(PDO::FETCH_OBJ)) {
 		$x++;
-		if($last_category != $i->category) {
+		if ($last_category != $i->category) {
 			/* New category */
 			echo '<tr><td style="border:0px;" colspan="3" style="even"><h3>';
-			if($edit_mode == true) echo i18n('Category').': ';
+			if (get_value_or_default($edit_mode) == true)
 				echo i18n('Category') . ': ';
 			echo "{$i->category}</h3></td></tr>";
 			$last_category = $i->category;
 		}
-		if($i->reports_id > 0) { 
+		if ($i->reports_id > 0) {
-//			$url = "admin/reports_gen.php?id={$i->reports_id}&show_options=1";
+			//			$url = "admin/reports_gen.php?id={$i->reports_id}&show_options=1";
 			$name = "<a href=\"#\" onclick=\"return report_gen({$i->reports_id})\">{$i->name}</a>";
 		} else {
 			$name = "<a href=\"{$config['SFIABDIRECTORY']}/{$report_custom[-$i->reports_id]['custom_url']}\">
 					{$report_custom[-$i->reports_id]['name']}</a>";
 		}
-?>
+		?>
-		<tr id="report_tr_<?=$i->id?>">
+		<tr id="report_tr_<?= $i->id ?>">
-		<td style="border:0px;"><?=$name?></td>
+		<td style="border:0px;"><?= $name ?></td>
-		<td style="border:0px;"><?=$i->comment?></td>
+		<td style="border:0px;"><?= $i->comment ?></td>
 		<td style="border:0px;">
 			<div class="edit_buttons" style="display:none">
-			<a title="Edit Report" onclick="edit_report(<?=$i->id?>,0);return false;" href="#">
+			<a title="Edit Report" onclick="edit_report(<?= $i->id ?>,0);return false;" href="#">
-				<img border="0" src="<?=$config['SFIABDIRECTORY']?>/images/16/edit.<?=$config['icon_extension']?>" />
+				<img border="0" src="<?= $config['SFIABDIRECTORY'] ?>/images/16/edit.<?= $config['icon_extension'] ?>" />
 			</a>
-			<a title="Remove Report" onclick="remove_report(<?=$i->id?>);return false;" href="#">
+			<a title="Remove Report" onclick="remove_report(<?= $i->id ?>);return false;" href="#">
-				<img src="<?=$config['SFIABDIRECTORY']?>/images/16/button_cancel.<?=$config['icon_extension']?>" border="0" alt="Remove Report" />
+				<img src="<?= $config['SFIABDIRECTORY'] ?>/images/16/button_cancel.<?= $config['icon_extension'] ?>" border="0" alt="Remove Report" />
 			</a>&nbsp;
 			</div>
 			</td>
 		</tr>			
 <?
 		/*
 		 * if($i->reports_id > 0) {
 		 * 	echo '<tr><td width=\"20px\"></td><td>';
 		 * 	echo '<span style=\"font-size: 0.75em;\">';
 		 * 	echo i18n('Format').": {$i->format}, ";
 		 * 	echo i18n('Paper').": {$report_stock[$i->stock]['name']}, ";
 		 * 	echo i18n('Year').": {$config['FAIRYEAR']}";
 		 * 	echo '</span>';
 		 * 	echo '</td></tr>';
 		 * }
 		 */
 	}
-	echo "</table>";
+	echo '</table>';
-		
+}
- }
+
 ?>
 <div id="edit_info" style="display:none;"> 
-<p>* <?=i18n('Deleting all the reports from a category will also delete the category.')?></p>
+<p>* <?= i18n('Deleting all the reports from a category will also delete the category.') ?></p>
-<p>* <?=i18n('Deleting a report only unlinks it from your list, it doesn\'t delete it from the system.')?></p>
+<p>* <?= i18n("Deleting a report only unlinks it from your list, it doesn't delete it from the system.") ?></p>
 </div>
 <br />
-<input id="edit_toggle" type="submit" onclick="edit_toggle();return false;" value="<?=i18n("Edit This List")?>">
+<input id="edit_toggle" type="submit" onclick="edit_toggle();return false;" value="<?= i18n('Edit This List') ?>">
 <br />
 <br />
 <?
- /* Load available reports */
+/* Load available reports */
- $reports = report_load_all();
+$reports = report_load_all();
- foreach($report_custom as $id=>$r) {
+foreach ($report_custom as $id => $r) {
- 	$r['id'] = -$id;
+	$r['id'] = -$id;
- 	$reports[-$id] = $r;
+	$reports[-$id] = $r;
- }
+}
 ?>
 <hr />
-<h4><?=i18n("All Reports")?></h3>
+<h4><?= i18n('All Reports') ?></h3>
 <form name="reportgen" >
 <select name="id" id="report">
-<option value="0"><?=i18n("Select a Report")?></option>
+<option value="0"><?= i18n('Select a Report') ?></option>
 <?
-foreach($reports as $r) {
+foreach ($reports as $r) {
 	echo "<option value=\"{$r['id']}\">{$r['name']}</option>\n";
 }
 ?>
 </select><br />
-<input type="submit" onclick="gen_report();return false;" value="<?=i18n("Generate Report")?>">
+<input type="submit" onclick="gen_report();return false;" value="<?= i18n('Generate Report') ?>">
-<input type="submit" onclick="add_report();return false;" value="<?=i18n("Add this Report to my list")?>">
+<input type="submit" onclick="add_report();return false;" value="<?= i18n('Add this Report to my list') ?>">
 </form>
 <br />
 <?
- /* Create an add report box */
+/* Create an add report box */
 ?>
 <div id="popup_editor" title="Report" style="display: none">
@ -337,25 +356,26 @@ foreach($reports as $r) {
 <br />
 <table class="tableedit">
 <tr>
-	<td><?=i18n("Category")?>:</td>
+	<td><?= i18n('Category') ?>:</td>
-	<td><?=i18n("Existing Category")?>: <select name="category_exist" id="report_category_exist" onchange="$('#report_category').val('')" >
+	<td><?= i18n('Existing Category') ?>: <select name="category_exist" id="report_category_exist" onchange="$('#report_category').val('')" >
 			</select><br />
-		<?=i18n("OR New Category")?>: <input type="text" id="report_category" name="category" onkeypress="$('#report_category_exist').val('')" >
+		<?= i18n('OR New Category') ?>: <input type="text" id="report_category" name="category" onkeypress="$('#report_category_exist').val('')" >
 	</td>
 </tr>
 <?
- foreach($report_options as $ok=>$o) {
+foreach ($report_options as $ok => $o) {
- 	if(!in_array($ok, $option_keys)) continue;
+	if (!in_array($ok, $option_keys))
- 	echo "<tr><td>{$o['desc']}:</td>";
+		continue;
 	echo "<tr><td>{$o['desc']}:</td>";
 	echo "<td><select name=\"$ok\" id=\"report_$ok\">";
-	foreach($o['values'] as $k=>$v) {
+	foreach ($o['values'] as $k => $v) {
 		echo "<option value=\"$k\">$v</option>\n";
 	}
-	echo "</select><span id=\"report{$ok}custom\" style=\"display: none;\">".i18n("Custom")."</span></td></tr>";
+	echo "</select><span id=\"report{$ok}custom\" style=\"display: none;\">" . i18n('Custom') . '</span></td></tr>';
- }
+}
 ?> 
 <tr>
-	<td><?=i18n("Comments")?>:</td>
+	<td><?= i18n('Comments') ?>:</td>
 	<td><textarea rows="3" cols="40" name="comment" id="report_comment"></textarea></td>
 </tr>
 </table>
--- a/admin/reports_acscript.php
+++ b/admin/reports_acscript.php
@ -1,67 +1,72 @@
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- require("../lpdf.php");
+require ('../lpdf.php');
- require("../lcsv.php");
+require ('../lcsv.php');
- if($_GET['foryear']){
+if ($_GET['year'])
- 	// backwards compatability
+	$foryear = $_GET['year'];
-	$r = mysql_fetch_assoc(mysql_query("SELECT id FROM conferences WHERE year = " . $_GET['foryear']));
+else
-	if(is_array($r)){
+	$foryear = $config['FAIRYEAR'];
-		$forconference = $r['id'];
+
-	}else{
+if ($_GET['awardtype'] == 'All')
-		$forconference = $conference['id'];
+	$awardtype = '';
 else if ($_GET['awardtype'])
 	$awardtype = " AND award_types.type='" . $_GET['awardtype'] . "'";
 else
 	$awardtype = '';
 if (get_value_from_array($_GET, 'show_unawarded_awards') == 'on')
 	$show_unawarded_awards = 'yes';
 else
 	$show_unawarded_awards = 'no';
 if (get_value_from_array($_GET, 'show_unawarded_prizes') == 'on')
 	$show_unawarded_prizes = 'yes';
 else
 	$show_unawarded_prizes = 'no';
 $show_pronunciation = get_value_from_array($_GET, 'show_pronunciation' == 'on') ? TRUE : FALSE;
 $group_by_prize = (get_value_from_array($_GET, 'group_by_prize') == 'on') ? true : false;
 if (is_array($_GET['show_category'])) {
 	$show_category = array();
 	foreach ($_GET['show_category'] as $id => $val) {
 		$show_category[] = "projects.projectcategories_id='$id'";
 	}
- }
+	if ($show_unawarded_prizes == 'yes') {
- if($_GET['conference']) $forconference=$_GET['conference'];
+		$show_category[] = 'projects.projectcategories_id IS NULL';
 else $forconference=$conference['id'];
 if($_GET['awardtype']=="All") $awardtype="";
 else if($_GET['awardtype']) $awardtype=" AND award_types.type='".mysql_escape_string($_GET['awardtype'])."'";
 else $awardtype="";
 if($_GET['show_unawarded_awards']=="on") $show_unawarded_awards="yes";
 else $show_unawarded_awards="no";
 if($_GET['show_unawarded_prizes']=="on") $show_unawarded_prizes="yes";
 else $show_unawarded_prizes="no";
 $show_pronunciation= ($_GET['show_pronunciation'] == 'on') ? TRUE : FALSE;
 $group_by_prize= ($_GET['group_by_prize'] == 'on') ? true : false;
 if(is_array($_GET['show_category'])) {
 	 $show_category = array();
 	foreach($_GET['show_category'] as $id=>$val) {
 		$show_category[] = "award_awards_projectcategories.projectcategories_id='$id'";
 	}
 	$and_categories = join(' OR ', $show_category);
- } else {
+} else {
- 	$and_categories = '1';
+	$and_categories = '1';
- }
+}
- $show_criteria = ($_GET['show_criteria']=='on') ? true : false;
+$show_criteria = (get_value_from_array($_GET, 'show_criteria') == 'on') ? true : false;
- $type=$_GET['type'];
+$type = $_GET['type'];
- if(!$type) $type="pdf";
+if (!$type)
 	$type = 'pdf';
-$scriptformat=$_GET['scriptformat'];
+$scriptformat = $_GET['scriptformat'];
-if(!$scriptformat) $scriptformat="default";
+if (!$scriptformat)
 	$scriptformat = 'default';
-	if($type=="pdf") {
+if ($type == 'pdf') {
-		$rep=new lpdf(	i18n($config['fairname']),
+	$rep = new lpdf(i18n($config['fairname']),
-				i18n("Awards Ceremony Script"),
+		i18n('Awards Ceremony Script'),
-				$_SERVER['DOCUMENT_ROOT'].$config['SFIABDIRECTORY']."/data/{$conference['id']}-logo-200.gif"
+		$_SERVER['DOCUMENT_ROOT'] . $config['SFIABDIRECTORY'] . '/data/logo-200.gif');
 				);
-		$rep->newPage();
+	$rep->newPage();
-		if($scriptformat=="default") $rep->setFontSize(12);
+	if ($scriptformat == 'default')
-		if($scriptformat=="formatted") $rep->setFontSize(14);
+		$rep->setFontSize(12);
-	}
+	if ($scriptformat == 'formatted')
-	else if($type=="csv") {
+		$rep->setFontSize(14);
-		$rep=new lcsv(i18n("Awards Ceremony Script"));
+} else if ($type == 'csv') {
-	}
+	$rep = new lcsv(i18n('Awards Ceremony Script'));
-	$q=mysql_query("SELECT 
+}
 $q = $pdo->prepare("SELECT 
 				award_awards.id,
 				award_awards.name,
 				award_awards.presenter,
@ -73,31 +78,27 @@ if(!$scriptformat) $scriptformat="default";
 			FROM 
 				award_awards,
 				award_types,
-				sponsors,
+				sponsors
 				award_awards_projectcategories
 			WHERE 
-					award_awards.conferences_id='$forconference'
+					award_awards.year='$foryear'
-				AND	award_types.conferences_id='$forconference'
+				AND\taward_types.year='$foryear'
-				AND	award_awards.award_types_id=award_types.id
+				AND\taward_awards.award_types_id=award_types.id
-				AND	award_awards.sponsors_id=sponsors.id
+				AND\taward_awards.sponsors_id=sponsors.id
-				AND     award_awards.id=award_awards_projectcategories.award_awards_id
+				AND\taward_awards.excludefromac='0'
 				AND	award_awards.excludefromac='0'
 				AND ($and_categories)
 				$awardtype
 			GROUP BY award_awards.id
 			ORDER BY awards_order");
 $q->execute();
-	echo mysql_error();
+show_pdo_errors_if_any($pdo);
 //	echo "<pre>";
-	if(!mysql_num_rows($q)) {
+if (!$q->rowCount()) {
-		$rep->output();
+	$rep->output();
-		exit;
+	exit;
-	}
+}
-	$awards = array();
+$awards = array();
-	while($r=mysql_fetch_object($q)) {
+while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-
+	$pq = $pdo->prepare("SELECT 
 		$pq=mysql_query("SELECT 
 						award_prizes.prize,
 						award_prizes.number,
 						award_prizes.id,
@ -114,190 +115,196 @@ if(!$scriptformat) $scriptformat="default";
 						LEFT JOIN projects ON projects.id=winners.projects_id
 					WHERE 
 						award_awards_id='{$r->id}' 
-						AND award_prizes.conferences_id='$forconference'
+						AND award_prizes.year='$foryear'
 						AND award_prizes.excludefromac='0'
 						AND ($and_categories)
 					ORDER BY 
 						`order`,
 						projects.projectnumber");
-					echo mysql_error();
+	$pq->execute();
 	show_pdo_errors_if_any($pdo);
-		$r->winners = array();
+	$r->winners = array();
-		$r->awarded_count = 0;
+	$r->awarded_count = 0;
 		while($w = mysql_fetch_object($pq)) {
 			if($w->projects_id)
 			{
 				$r->awarded_count++;
 			}
 			if($r->type == 'Divisional' && $group_by_prize==true) {
 				/* Search awards for an award name that matches this prize */
 				$found = false;
 				foreach($awards as &$p_award) {
 					if($p_award->name == $w->prize) {
 						/* Match!  Set the prize name to the award name, 
 						 * and add the prize to the award */
 						$w->prize = $r->name;
 						$p_award->winners[] = $w;
 						$found = true;
 //						echo "Add to award {$p_award->name}: ";		print_r($w);
 						break;
 					}
 				}
 				if($found == false) {
 					/* Make a new award and set it equal to the prize name */
 					$n = $r->name;
 					$new_award = clone($r);
 					$new_award->name = $w->prize;
 					/* Now add the prize with the award's name */
 					$w->prize = $n;
 					$new_award->winners[] = $w;
 					$awards[] = $new_award;
 //					echo "Create Award:"; print_r($new_award);
 				}
-			} else {
+	while ($w = $pq->fetch(PDO::FETCH_OBJ)) {
-//				echo "Add non-div winner\n";
+		if ($w->projects_id) {
-				$r->winners[] = $w;
+			$r->awarded_count++;
 			}
 		}
-
+		if ($r->type == 'Divisional' && $group_by_prize == true) {
-		if($show_unawarded_awards=="no" && $r->awarded_count == 0)  {
+			/* Search awards for an award name that matches this prize */
-			/* No winners */
+			$found = false;
-			continue;
+			foreach ($awards as &$p_award) {
-		}
+				if ($p_award->name == $w->prize) {
-
+					/*
-
+					 * Match!  Set the prize name to the award name,
-		if($r->type == 'Divisional' && $group_by_prize == true) {
+					 * and add the prize to the award
-			/* Do nothing */
+					 */
 					$w->prize = $r->name;
 					$p_award->winners[] = $w;
 					$found = true;
 					//						echo "Add to award {$p_award->name}: ";		print_r($w);
 					break;
 				}
 			}
 			if ($found == false) {
 				/* Make a new award and set it equal to the prize name */
 				$n = $r->name;
 				$new_award = clone ($r);
 				$new_award->name = $w->prize;
 				/* Now add the prize with the award's name */
 				$w->prize = $n;
 				$new_award->winners[] = $w;
 				$awards[] = $new_award;
 				//					echo "Create Award:"; print_r($new_award);
 			}
 		} else {
-			$awards[] = $r;
+			//				echo "Add non-div winner\n";
 			$r->winners[] = $w;
 		}
 	}
 	if ($show_unawarded_awards == 'no' && $r->awarded_count == 0) {
 		/* No winners */
 		continue;
 	}
 	if ($r->type == 'Divisional' && $group_by_prize == true) {
 		/* Do nothing */
 	} else {
 		$awards[] = $r;
 	}
 }
 //	echo '<pre>';	print_r($awards);
-	foreach($awards as $r) {
+foreach ($awards as $r) {
 	if ($scriptformat == 'formatted')
 		$rep->newPage();
-		if($scriptformat=="formatted") 
+	if ($scriptformat == 'default')
-			$rep->newPage();
+		$rep->heading("$r->name  ($r->type)");
 	if ($scriptformat == 'formatted') {
 		$rep->setFontBold();
 		$rep->addText("$r->name  ($r->type)");
 		$rep->setFontNormal();
 	}
 	if ($r->type != 'Divisional')
 		$rep->addText(i18n('Sponsored by: %1', array($r->organization)));
 	if ($r->presenter)
 		$rep->addText(i18n('Presented by: %1', array($r->presenter)));
 	if ($r->description)
 		$rep->addText(i18n('Description: %1', array($r->description)));
 	if ($show_criteria)
 		$rep->addText(i18n('Criteria: %1', array($r->criteria)));
-		if($scriptformat=="default") 
+	if ($scriptformat == 'formatted')
-			$rep->heading("$r->name  ($r->type)");
+		$rep->nextline();
 		if($scriptformat=="formatted") {
 			$rep->setFontBold();
 			$rep->addText("$r->name  ($r->type)");
 			$rep->setFontNormal();
 		}
 		if($r->type!="Divisional")
 			$rep->addText(i18n("Sponsored by: %1",array($r->organization)));
 		if($r->presenter)
 			$rep->addText(i18n("Presented by: %1",array($r->presenter)));
 		if($r->description)
 			$rep->addText(i18n("Description: %1",array($r->description)));
 		if($show_criteria)
 			$rep->addText(i18n("Criteria: %1",array($r->criteria)));
-		if($scriptformat=="formatted") $rep->nextline();
+	if ($r->awarded_count == 0) {
 		$rep->addText('Not awarded');
 	}
-		if($r->awarded_count == 0)
+	$prevprizeid = -1;
 		{
 			$rep->addText("Not awarded");
 		}
-		$prevprizeid=-1;
+	foreach ($r->winners as $pr) {
 		if ($pr->projectnumber || $show_unawarded_prizes == 'yes') {
 			if ($prevprizeid != $pr->id) {
 				$prizetext = $pr->prize;
-		foreach($r->winners as $pr) {
+				if ($pr->cash || $pr->scholarship) {
 					$prizetext .= ' (';
 					if ($pr->cash && $pr->scholarship)
 						$prizetext .= "\$$pr->cash cash / \$$pr->scholarship scholarship";
 					else if ($pr->cash)
 						$prizetext .= "\$$pr->cash cash";
 					else if ($pr->scholarship)
 						$prizetext .= "\$$pr->scholarship scholarship";
 					$prizetext .= ')';
 				}
 				if ($scriptformat == 'default')
 					$rep->addText($prizetext);
 				if ($scriptformat == 'formatted') {
 					$rep->setFontBold();
 					$rep->addText($prizetext);
 					$rep->setFontNormal();
 					$rep->nextline();
 				}
-				if($pr->projectnumber || $show_unawarded_prizes=="yes") {
+				$prevprizeid = $pr->id;
-					if($prevprizeid!=$pr->id) {
+			}
 						$prizetext=$pr->prize;
 						if($pr->cash || $pr->scholarship) {
 							$prizetext.=" (";
 							if($pr->cash && $pr->scholarship)
 								$prizetext.="\$$pr->cash cash / \$$pr->scholarship scholarship";
 							else if($pr->cash)
 								$prizetext.= "\$$pr->cash cash";
 							else if($pr->scholarship)
 								$prizetext.= "\$$pr->scholarship scholarship";
 							$prizetext.= ")";
 						}
 						if($scriptformat=="default") 
 							$rep->addText($prizetext);
 						if($scriptformat=="formatted") {
 							$rep->setFontBold();
 							$rep->addText($prizetext);
 							$rep->setFontNormal();
 							$rep->nextline();
 						}
 						$prevprizeid=$pr->id;
 					}
-					if($pr->projectnumber) {
+			if ($pr->projectnumber) {
-						if($scriptformat=="default") 
+				if ($scriptformat == 'default')
-							$rep->addText( "    ($pr->projectnumber) $pr->title");
+					$rep->addText("    ($pr->projectnumber) $pr->title");
-						$sq=mysql_query("SELECT users.firstname,
+				$sq = $pdo->prepare("SELECT students.firstname,
-									users.lastname,
+									students.lastname,
-									users.pronunciation,
+									students.pronunciation,
-									users.schools_id,
+									students.schools_id,
 									schools.school
 								FROM
-									users,
+									students,
 									schools
 								WHERE
-									users.registrations_id='$pr->reg_id'
+									students.registrations_id='$pr->reg_id'
-									AND users.schools_id=schools.id
+									AND students.schools_id=schools.id
 								");
-	
+				$sq->execute();
 						$students="       Students: ";
 						$studnum=0;
 						$pronounce = "";
 						$rawpronounce = "";
 						while($studentinfo=mysql_fetch_object($sq)) {
 							if($studnum>0) $students.=", ";
 							$students.="$studentinfo->firstname $studentinfo->lastname";
-							if($studentinfo->pronunciation) {
+				$students = '       Students: ';
-								$students .= "    (Pronounced \"{$studentinfo->pronunciation}\")";
+				$studnum = 0;
-							}
+				$pronounce = '';
 				$rawpronounce = '';
 				while ($studentinfo = $sq->fetch(PDO::FETCH_OBJ)) {
 					if ($studnum > 0)
 						$students .= ', ';
 					$students .= "$studentinfo->firstname $studentinfo->lastname";
-							$student_winner[$studnum] = "$studentinfo->firstname $studentinfo->lastname";
+					if ($studnum > 0)
-							$student_win_pronunc[$studnum] = "$studentinfo->pronunciation";
+						$pronounce .= ', ';
-							$student_school[$studnum] = $studentinfo->school;
+					$pronounce .= "\"{$studentinfo->pronunciation}\"";
-							$studnum++;
+					$rawpronounce .= "{$studentinfo->pronunciation}";
 						}
-						if($scriptformat=="default") {
+					$student_winner[$studnum] = "$studentinfo->firstname $studentinfo->lastname";
-							$rep->addText($students);
+					$student_win_pronunc[$studnum] = "$studentinfo->pronunciation";
-							$rep->addText("       School: {$student_school[0]}");
+					$student_school[$studnum] = $studentinfo->school;
-						}
+					$studnum++;
 						if($scriptformat=="formatted") {
 							$rep->addTextX("$pr->projectnumber",0.5);
 							for($x=0; $x<$studnum; $x++) {
 								$rep->addTextX($student_winner[$x],1.4);
 								$rep->addTextX($student_school[$x],5.5);
 								if($show_pronunciation == TRUE && $student_win_pronunc[$x]) {
 									$rep->nextline();
 									$rep->addTextX("({$student_win_pronunc[$x]})",2.0);
 								}
 								if($type=="pdf") 
 									$rep->nextline();
 							}
 							if(($studnum==1) && ($type == "csv")) $rep->addTextX("");
 							if(($studnum==1) && ($type == "csv")) $rep->addTextX("");
 							$rep->addText($pr->title,'left', 1.4);
 							if($type=="pdf") $rep->nextline();
 							$rep->nextline();
 						}
 					}
 					else {
 						$rep->addText("    Prize not awarded");
 					}
 				}
 			}
 			$rep->nextLine();
 		}
-	$rep->output();
+				if ($scriptformat == 'default') {
 					$rep->addText($students);
 					if (trim($rawpronounce) != '' && $show_pronunciation == TRUE)
 						$rep->addText("       Pronunciation: $pronounce");
 					$rep->addText("       School: {$student_school[0]}");
 				}
 				if ($scriptformat == 'formatted') {
 					$rep->addTextX("$pr->projectnumber", 0.5);
 					for ($x = 0; $x < $studnum; $x++) {
 						$rep->addTextX($student_winner[$x], 1.4);
 						$rep->addTextX($student_school[$x], 5.5);
 						if ($show_pronunciation == TRUE && $student_win_pronunc[$x]) {
 							$rep->nextline();
 							$rep->addTextX("({$student_win_pronunc[$x]})", 2.0);
 						}
 						if ($type == 'pdf')
 							$rep->nextline();
 					}
 					if (($studnum == 1) && ($type == 'csv'))
 						$rep->addTextX('');
 					if (($studnum == 1) && ($type == 'csv'))
 						$rep->addTextX('');
 					$rep->addText($pr->title, 'left', 1.4);
 					if ($type == 'pdf')
 						$rep->nextline();
 					$rep->nextline();
 				}
 			} else {
 				$rep->addText('    Prize not awarded');
 			}
 		}
 	}
 	$rep->nextLine();
 }
 $rep->output();
 ?>
--- a/admin/reports_appeal_letters.php
+++ b/admin/reports_appeal_letters.php
@ -1,36 +1,37 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
-require_once('../common.inc.php');
+require_once ('../common.inc.php');
-require_once('../user.inc.php');
+require_once ('../user.inc.php');
-user_auth_required('admin');
+user_auth_required('committee', 'admin');
-require_once('../tcpdf/tcpdf_sfiab_config.php');
+require_once ('../tcpdf/tcpdf_sfiab_config.php');
-require_once('../tcpdf/tcpdf.php');
+require_once ('../tcpdf/tcpdf.php');
 $fcid = intval($_GET['fundraising_campaigns_id']);
-$key = mysql_real_escape_string($_GET['key']);
+$key = $_GET['key'];
 /* Start an output PDF */
 $pdf = new TCPDF(PDF_PAGE_ORIENTATION, PDF_UNIT, PDF_PAGE_FORMAT, true, 'UTF-8', false);
@ -52,53 +53,53 @@ $pdf->setFooterFont(Array(PDF_FONT_NAME_DATA, '', PDF_FONT_SIZE_DATA));
 // set default monospaced font
 $pdf->SetDefaultMonospacedFont(PDF_FONT_MONOSPACED);
-//set margins
+// set margins
 $pdf->SetMargins(PDF_MARGIN_LEFT, PDF_MARGIN_TOP, PDF_MARGIN_RIGHT);
 $pdf->SetHeaderMargin(PDF_MARGIN_HEADER);
 $pdf->SetFooterMargin(PDF_MARGIN_FOOTER);
-//set auto page breaks
+// set auto page breaks
 $pdf->SetAutoPageBreak(TRUE, PDF_MARGIN_BOTTOM);
 $pdf->setPrintFooter(false);
-//set image scale factor
+// set image scale factor
-$pdf->setImageScale(PDF_IMAGE_SCALE_RATIO); 
+$pdf->setImageScale(PDF_IMAGE_SCALE_RATIO);
-//set some language-dependent strings
+// set some language-dependent strings
-//$pdf->setLanguageArray($l); 
+// $pdf->setLanguageArray($l);
 /* Load the users */
 $users = array();
-$q = mysql_query("SELECT * FROM fundraising_campaigns_users_link WHERE fundraising_campaigns_id='$fcid'");
+$q = $pdo->prepare("SELECT * FROM fundraising_campaigns_users_link WHERE fundraising_campaigns_id='$fcid'");
-while($l = mysql_fetch_assoc($q)) {
+while ($l = $q->fetch(PDO::FETCH_ASSOC)) {
 	$uid = $l['users_uid'];
 	$users[$uid] = user_load_by_uid($uid);
 }
 /* Grab all the emails */
-$q = mysql_query("SELECT * FROM emails WHERE fundraising_campaigns_id='$fcid' AND val='$key'");
+$q = $pdo->prepare("SELECT * FROM emails WHERE fundraising_campaigns_id='$fcid' AND val='$key'");
 $q->execute();
-while($e = mysql_fetch_assoc($q)) {
+while ($e = $q->fetch(PDO::FETCH_ASSOC)) {
-
+	foreach ($users as $uid => &$u) {
-	foreach($users as $uid=>&$u) {
+		$subject = communication_replace_vars($e['subject'], $u);
 	 	$subject = communication_replace_vars($e['subject'], $u);
 		$body = communication_replace_vars($e['bodyhtml'], $u);
 		/* these dont' need substitutions */
 		$to = $u['name'];
-		$date = date("F j, Y");
+		$date = date('F j, Y');
- 		$html = "<table><tr><td align=\"right\" width=\"25\%\"><b>Attn:  </b></td><td>$to</td></tr>
+		$html = "<table><tr><td align=\"right\" width=\"25\%\"><b>Attn:  </b></td><td>$to</td></tr>
 				<tr><td align=\"right\" width=\"25\%\"><b>Subject:  </b></td><td>$subject</td></tr>
 				<tr><td align=\"right\" width=\"25\%\"><b>Date:  </b></td><td>$date</td></tr>
 			</table>
 			<hr />";
-	 	$pdf->AddPage();
+		$pdf->AddPage();
 		$pdf->writeHTML($html);
 		$pdf->writeHTML($body);
 		$pdf->lastPage();
 	}
- }
+}
- $pdf->Output('report.pdf','I');
+$pdf->Output('report.pdf', 'I');
 ?>
--- a/admin/reports_awards.inc.php
+++ b/admin/reports_awards.inc.php
@ -1,395 +1,431 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the Science-ation project
 * Science-ation Website: https://science-ation.ca
 *
 * This file was part of the 'Science Fair In A Box' project
 *
 *
 * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
 * Copyright (C) 2005 James Grant <james@lightbox.org>
 * Copyright (C) 2024 AlgoLibre Inc. <science-ation@algolibre.io>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public
 * License as published by the Free Software Foundation, version 2.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 *  General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
-   This program is free software; you can redistribute it and/or
+function report_awards_fr($report, $field, $text)
-   modify it under the terms of the GNU General Public
+{
-   License as published by the Free Software Foundation, version 2.
+	return i18n($text, array(), array(), 'fr');
 }
-   This program is distributed in the hope that it will be useful,
+function report_cash_words($report, $field, $text)
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+{
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+	return wordify($text, true);
-    General Public License for more details.
+}
   You should have received a copy of the GNU General Public License
   along with this program; see the file COPYING.  If not, write to
   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
   Boston, MA 02111-1307, USA.
 */
 $report_awards_fields = array(
-	'name' =>  array(
+	'name' => array(
 		'start_option_group' => 'Award Information',
 		'name' => 'Award -- Name',
 		'header' => 'Award Name',
-		'width' => 76.2 /*mm*/,
+		'width' => 3.0,
-		'table' => 'award_awards.name' ),
+		'table' => 'award_awards.name'
-
+	),
-	'criteria' =>  array(
+	'name_fr' => array(
 		'name' => 'Award -- Name (French)',
 		'header' => 'Award Name',
 		'width' => 3.0,
 		'table' => 'award_awards.name',
 		'exec_function' => 'report_awards_fr'
 	),
 	'criteria' => array(
 		'name' => 'Award -- Criteria',
 		'header' => 'Award Criteria',
-		'width' => 76.2 /*mm*/,
+		'width' => 3.0,
-		'table' => 'award_awards.criteria' ),
+		'table' => 'award_awards.criteria'
-
+	),
-	'presenter' =>  array(
+	'criteria_fr' => array(
 		'name' => 'Award -- Criteria (French)',
 		'header' => 'Award Criteria',
 		'width' => 3.0,
 		'table' => 'award_awards.criteria',
 		'exec_function' => 'report_awards_fr'
 	),
 	'presenter' => array(
 		'name' => 'Award -- Presenter',
 		'header' => 'Award Presenter',
-		'width' => 38.1 /*mm*/,
+		'width' => 1.5,
-		'table' => 'award_awards.presenter' ),
+		'table' => 'award_awards.presenter'
-
+	),
-	'order' =>  array(
+	'order' => array(
 		'name' => 'Award -- Order',
 		'header' => 'Award Order',
-		'width' => 12.7 /*mm*/,
+		'width' => 0.5,
-		'table' => 'award_awards.order' ),
+		'table' => 'award_awards.order'
-
+	),
-	'cwsfaward' =>  array(
+	'cwsfaward' => array(
 		'name' => 'Award -- CWSF Award',
 		'header' => 'CWSF',
-		'width' => 12.7 /*mm*/,
+		'width' => 0.5,
 		'table' => 'award_awards.cwsfaward',
-		'value_map' => array ('0' => 'No', '1' => 'Yes')),
+		'value_map' => array('0' => 'No', '1' => 'Yes')
-
+	),
 	'type' => array(
 		'name' => 'Award -- Type',
 		'header' => 'Award Type',
-		'width' => 25.4 /*mm*/,
+		'width' => 1.0,
-		'table' => 'award_types.type' ),
+		'table' => 'award_types.type'
-
+	),
 	'empty_winner_box' => array(
 		'name' => 'Award -- Empty Winner Box (for hand entry on printed reports)',
 		'header' => 'Winner',
-		'width' => 25.4 /*mm*/,
+		'width' => 1.0,
-		'table' => "CONCAT('')" ),
+		'table' => "CONCAT('')"
-
+	),
 	'sponsor_organization' => array(
 		'start_option_group' => 'Sponsor Information',
 		'name' => 'Sponsor -- Organization',
 		'header' => 'Sponsor Organization',
-		'width' => 50.8 /*mm*/,
+		'width' => 2.0,
-		'table' => 'sponsors.organization' ),
+		'table' => 'sponsors.organization'
-
+	),
 	'sponsor_phone' => array(
 		'name' => 'Sponsor -- Phone',
 		'header' => 'Sp. Phone',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
-		'table' => 'sponsors.phone' ),
+		'table' => 'sponsors.phone'
-
+	),
 	'sponsor_fax' => array(
 		'name' => 'Sponsor -- Fax',
 		'header' => 'Sp. Fax',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
-		'table' => 'sponsors.fax' ),
+		'table' => 'sponsors.fax'
-
+	),
-	'sponsor_address' =>  array(
+	'sponsor_address' => array(
 		'name' => 'Sponsor -- Street Address',
 		'header' => 'Sponsor Address',
-		'width' => 50.8 /*mm*/,
+		'width' => 2.0,
-		'table' => 'sponsors.address'),
+		'table' => 'sponsors.address'
-
+	),
-	'sponsor_city' =>  array(
+	'sponsor_city' => array(
 		'name' => 'Sponsor -- City',
 		'header' => 'Sp. City',
-		'width' => 38.1 /*mm*/,
+		'width' => 1.5,
-		'table' => 'sponsors.city' ),
+		'table' => 'sponsors.city'
-
+	),
-	'sponsor_province' =>  array(
+	'sponsor_province' => array(
-		'name' => 'Sponsor -- '.$config['provincestate'],
+		'name' => 'Sponsor -- ' . $config['provincestate'],
-		'header' => 'Sp. '.$config['provincestate'],
+		'header' => 'Sp. ' . $config['provincestate'],
-		'width' => 19.05 /*mm*/,
+		'width' => 0.75,
-		'table' => 'sponsors.province_code' ),
+		'table' => 'sponsors.province_code'
-
+	),
-	'sponsor_postal' =>  array(
+	'sponsor_postal' => array(
-		'name' => 'Sponsor -- '.$config['postalzip'],
+		'name' => 'Sponsor -- ' . $config['postalzip'],
-		'header' => 'Sp. '.$config['postalzip'],
+		'header' => 'Sp. ' . $config['postalzip'],
-		'width' => 19.05 /*mm*/,
+		'width' => 0.75,
-		'table' => 'sponsors.postalcode' ),
+		'table' => 'sponsors.postalcode'
-
+	),
-	'sponsor_notes' =>  array(
+	'sponsor_notes' => array(
 		'name' => 'Sponsor -- Notes',
 		'header' => 'Sponsor Notes',
-		'width' => 76.2 /*mm*/,
+		'width' => 3,
-		'table' => 'sponsors.notes' ),
+		'table' => 'sponsors.notes'
-
+	),
-	'sponsorship_status' =>  array(
+	'sponsorship_status' => array(
 		'name' => 'Sponsorship -- Status',
 		'header' => 'Sp. Status',
-		'width' => 12.7 /*mm*/,
+		'width' => 0.5,
 		'table' => 'sponsorships.status',
-		'value_map' => array ('pending' => 'Pending', 'confirmed' => 'Confirmed'), "received"=>"Received"),
+		'value_map' => array('pending' => 'Pending', 'confirmed' => 'Confirmed'), 'received' => 'Received'
-
+	),
-	'pcontact_salutation' =>  array(
+	'pcontact_salutation' => array(
 		'start_option_group' => 'Sponsor Primary Contact',
 		'name' => 'Primary Contact -- Salutation',
 		'header' => 'Cnct. Salutation',
-		'width' => 25.4 /*mm*/,
+		'width' => 1.0,
-		'table' => 'PRIMARYCONTACTUSER.salutation' ),
+		'table' => 'PRIMARYCONTACTUSER.salutation'
-
+	),
-	'pcontact_last_name' =>  array(
+	'pcontact_last_name' => array(
 		'name' => 'Primary Contact -- Last Name',
 		'header' => 'Cnct. Last Name',
-		'width' => 25.4 /*mm*/,
+		'width' => 1.0,
-		'table' => 'PRIMARYCONTACTUSER.lastname' ),
+		'table' => 'PRIMARYCONTACTUSER.lastname'
-
+	),
 	'pcontact_first_name' => array(
 		'name' => 'Primary Contact -- First Name',
 		'header' => 'Cnct. First Name',
-		'width' => 25.4 /*mm*/,
+		'width' => 1.0,
-		'table' => 'PRIMARYCONTACTUSER.firstname' ),
+		'table' => 'PRIMARYCONTACTUSER.firstname'
-
+	),
-	'pcontact_name' =>  array(
+	'pcontact_name' => array(
 		'name' => 'Primary Contact -- Full Name (last, first)',
 		'header' => 'Contact Name',
-		'width' => 44.45 /*mm*/,
+		'width' => 1.75,
 		'table' => "CONCAT(PRIMARYCONTACTUSER.lastname, ', ', PRIMARYCONTACTUSER.firstname)",
-		'table_sort'=> 'PRIMARYCONTACTUSER.lastname' ),
+		'table_sort' => 'PRIMARYCONTACTUSER.lastname'
-		
+	),
-	'pcontact_namefl' =>  array(
+	'pcontact_namefl' => array(
 		'name' => 'Primary Contact -- Full Name (salutation first last)',
 		'header' => 'Contact Name',
-		'width' => 44.45 /*mm*/,
+		'width' => 1.75,
 		'table' => "CONCAT(PRIMARYCONTACTUSER.salutation, ' ', PRIMARYCONTACTUSER.firstname, ' ', PRIMARYCONTACTUSER.lastname)",
-		'table_sort'=> 'PRIMARYCONTACTUSER.lastname' ),
+		'table_sort' => 'PRIMARYCONTACTUSER.lastname'
-
+	),
-	'pcontact_position' =>  array(
+	'pcontact_position' => array(
 		'name' => 'Primary Contact -- Position',
 		'header' => 'Cnct. Position',
-		'width' => 31.75 /*mm*/,
+		'width' => 1.25,
-		'table' => 'PRIMARYCONTACT.position'),
+		'table' => 'PRIMARYCONTACT.position'
-
+	),
-	'pcontact_email' =>  array(
+	'pcontact_email' => array(
 		'name' => 'Primary Contact -- Email',
 		'header' => 'Cnct. Email',
-		'width' => 50.8 /*mm*/,
+		'width' => 2.0,
-		'table' => 'PRIMARYCONTACTUSER.email'),
+		'table' => 'PRIMARYCONTACTUSER.email'
-
+	),
 	'pcontact_hphone' => array(
 		'name' => 'Primary Contact -- Home Phone',
 		'header' => 'Cnct. Home',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
-		'table' => 'PRIMARYCONTACTUSER.phonehome' ),
+		'table' => 'PRIMARYCONTACTUSER.phonehome'
-
+	),
 	'pcontact_wphone' => array(
 		'name' => 'Primary Contact -- Work Phone',
 		'header' => 'Cnct. Work',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
-		'table' => 'PRIMARYCONTACTUSER.phonework' ),
+		'table' => 'PRIMARYCONTACTUSER.phonework'
-
+	),
 	'pcontact_cphone' => array(
 		'name' => 'Primary Contact -- Cell Phone',
 		'header' => 'Cnct. Cell',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
-		'table' => 'PRIMARYCONTACTUSER.phonecell' ),
+		'table' => 'PRIMARYCONTACTUSER.phonecell'
-
+	),
 	'pcontact_fax' => array(
 		'name' => 'Primary Contact -- Fax',
 		'header' => 'Cnct. Fax',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
-		'table' => 'PRIMARYCONTACTUSER.fax' ),
+		'table' => 'PRIMARYCONTACTUSER.fax'
-		
+	),
-	'pcontact_notes' =>  array(
+	'pcontact_notes' => array(
 		'name' => 'Primary Contact -- Notes',
 		'header' => 'Contact Notes',
-		'width' => 76.2 /*mm*/,
+		'width' => 3,
-		'table' => 'PRIMARYCONTACT.notes' ),
+		'table' => 'PRIMARYCONTACT.notes'
-
+	),
-	'pcontact_address' =>  array(
+	'pcontact_address' => array(
 		'name' => 'Primary Contact Address -- Street',
 		'header' => 'Address',
-		'width' => 50.8 /*mm*/,
+		'width' => 2.0,
-		'table' => "CONCAT(PRIMARYCONTACTUSER.address, ' ', PRIMARYCONTACTUSER.address2)"),
+		'table' => "CONCAT(PRIMARYCONTACTUSER.address, ' ', PRIMARYCONTACTUSER.address2)"
-
+	),
-	'pcontact_city' =>  array(
+	'pcontact_city' => array(
 		'name' => 'Primary Contact Address -- City',
 		'header' => 'City',
-		'width' => 38.1 /*mm*/,
+		'width' => 1.5,
-		'table' => 'PRIMARYCONTACTUSER.city'),
+		'table' => 'PRIMARYCONTACTUSER.city'
-
+	),
-	'pcontact_province' =>  array(
+	'pcontact_province' => array(
-		'name' => 'Primary Contact Address -- '.$config['provincestate'],
+		'name' => 'Primary Contact Address -- ' . $config['provincestate'],
 		'header' => $config['provincestate'],
-		'width' => 19.05 /*mm*/,
+		'width' => 0.75,
-		'table' => 'PRIMARYCONTACTUSER.province'),
+		'table' => 'PRIMARYCONTACTUSER.province'
-
+	),
-	'pcontact_postal' =>  array(
+	'pcontact_postal' => array(
-		'name' => 'Primary Contact Address -- '.$config['postalzip'],
+		'name' => 'Primary Contact Address -- ' . $config['postalzip'],
 		'header' => $config['postalzip'],
-		'width' => 19.05 /*mm*/,
+		'width' => 0.75,
-		'table' => 'PRIMARYCONTACTUSER.postalcode' ),
+		'table' => 'PRIMARYCONTACTUSER.postalcode'
-
+	),
- 	'pcontact_city_prov' =>  array(
+	'pcontact_city_prov' => array(
-                'name' => 'Primary Contact Address -- City, '.$config['provincestate'].' (for mailing)',
+		'name' => 'Primary Contact Address -- City, ' . $config['provincestate'] . ' (for mailing)',
-                'header' => 'City',
+		'header' => 'City',
-                'width' => 38.1 /*mm*/,
+		'width' => 1.5,
-                'table' => "CONCAT(PRIMARYCONTACTUSER.city, ', ', PRIMARYCONTACTUSER.province)"),
+		'table' => "CONCAT(PRIMARYCONTACTUSER.city, ', ', PRIMARYCONTACTUSER.province)"
-
+	),
 	'judgeteamname' => array(
 		'start_option_group' => 'Judging Team',
 		'components' => array('judgingteam'),
 		'name' => 'Judging Team -- Name',
 		'header' => 'Judging Team',
-		'width' => 76.2 /*mm*/,
+		'width' => 3.0,
-		'table' => 'judges_teams.name'),
+		'table' => 'judges_teams.name'
-
+	),
 	'judgeteamnum' => array(
 		'components' => array('judgingteam'),
 		'name' => 'Judging Team -- Number',
 		'header' => 'Team',
-		'width' => 12.7 /*mm*/,
+		'width' => 0.5,
-		'table' => 'judges_teams.num'),
+		'table' => 'judges_teams.num'
-
+	),
 	'judgeteammembers_name' => array(
 		'components' => array('judgingteam', 'judgingteammembers'),
 		'name' => 'Judging Team -- Judge Name',
 		'header' => 'Judge Name',
-		'width' => 38.1 /*mm*/,
+		'width' => 1.5,
-		'table' => "CONCAT(judges.firstname, ' ', judges.lastname)"),
+		'table' => "CONCAT(judges.firstname, ' ', judges.lastname)"
-
+	),
 	'judgeteammembers' => array(
 		'components' => array('judgingteam', 'judgingteammembers'),
 		'name' => 'Judging Team -- Members (REQUIRES MySQL 5.0)',
 		'header' => 'Team Members',
-		'width' => 76.2 /*mm*/,
+		'width' => 3.0,
 		'table' => "GROUP_CONCAT(judges.firstname, ' ', judges.lastname ORDER BY judges.lastname SEPARATOR ', ')",
-		'group_by' => array('award_awards.id', 'judges_teams.num') ),
+		'group_by' => array('award_awards.id', 'judges_teams.num')
-
+	),
 	'prize_name' => array(
 		'start_option_group' => 'Prize Info (Duplicates award data for each prize, omits awards with no prizes)',
 		'name' => 'Prize -- Name',
 		'header' => 'Prize Name',
-		'width' => 50.8 /*mm*/,
+		'width' => 2,
 		'table' => 'award_prizes.prize',
-		'components' => array('prizes')),
+		'components' => array('prizes')
-
+	),
 	'prize_cash' => array(
 		'name' => 'Prize --  Cash Amount',
 		'header' => 'Cash',
-		'width' => 12.7 /*mm*/,
+		'width' => 0.5,
 		'table' => 'award_prizes.cash',
-		'components' => array('prizes')),
+		'components' => array('prizes')
-
+	),
 	'prize_cash_words' => array(
 		'name' => 'Prize --  Cash Amount In Words',
 		'header' => 'Cash',
 		'width' => 0.5,
 		'table' => 'award_prizes.cash',
 		'components' => array('prizes'),
 		'exec_function' => 'report_cash_words'
 	),
 	'prize_scholarship' => array(
 		'name' => 'Prize --  Scholarship Amount',
 		'header' => 'Scholarship',
-		'width' => 19.05 /*mm*/,
+		'width' => 0.75,
 		'table' => 'award_prizes.scholarship',
-		'components' => array('prizes')),
+		'components' => array('prizes')
-
+	),
 	'prize_value' => array(
 		'name' => 'Prize --  Value Amount',
 		'header' => 'Value',
-		'width' => 12.7 /*mm*/,
+		'width' => 0.5,
 		'table' => 'award_prizes.value',
-		'components' => array('prizes')),
+		'components' => array('prizes')
 	),
-/* Don't have projectcategories and projectdivisions
+	/*
-	'prize_fullname' => array(
+	 * Don't have projectcategories and projectdivisions
-		'name' => 'Prize --  Name, Category, Division',
+	 * 	'prize_fullname' => array(
-		'header' => 'Prize Name',
+	 * 		'name' => 'Prize --  Name, Category, Division',
-		'width' => 101.6 /*mm,
+	 * 		'header' => 'Prize Name',
-		'table' => "CONCAT(award_prizes.prize,' in ',projectcategories.category,' ', projectdivisions.division)",
+	 * 		'width' => 4,
-		'table_sort' => 'award_prizes.order',
+	 * 		'table' => "CONCAT(award_prizes.prize,' in ',projectcategories.category,' ', projectdivisions.division)",
-		'components' => array('prizes')),
+	 * 		'table_sort' => 'award_prizes.order',
-*/
+	 * 		'components' => array('prizes')),
 	 */
 	'prize_trophy_any' => array(
-		'name' => 'Prize -- Trophy (\'Yes\' if the award has a trophy)',
+		'name' => "Prize -- Trophy ('Yes' if the award has a trophy)",
 		'header' => 'Trophy',
-		'width' => 12.7 /*mm*/,
+		'width' => 0.5,
 		'table' => "IF ( award_prizes.trophystudentkeeper=1
 				OR award_prizes.trophystudentreturn=1
 				OR award_prizes.trophyschoolkeeper=1
 				OR award_prizes.trophyschoolreturn=1, 'Yes', 'No')",
-		'components' => array('prizes')),
+		'components' => array('prizes')
-
+	),
 	'prize_trophy_return' => array(
-		'name' => 'Prize -- Annual Trophy (\'Yes\' if the award has a school or student trophy that isn\'t a keeper)',
+		'name' => "Prize -- Annual Trophy ('Yes' if the award has a school or student trophy that isn't a keeper)",
 		'header' => 'Trophy',
-		'width' => 12.7 /*mm*/,
+		'width' => 0.5,
 		'table' => "IF ( award_prizes.trophystudentreturn=1
 				OR award_prizes.trophyschoolreturn=1, 'Yes', 'No')",
-		'components' => array('prizes')),
+		'components' => array('prizes')
-
+	),
 	'prize_trophy_return_student' => array(
-		'name' => 'Prize -- Annual Student Trophy (\'Yes\' if the award has astudent trophy that isn\'t a keeper)',
+		'name' => "Prize -- Annual Student Trophy ('Yes' if the award has astudent trophy that isn't a keeper)",
 		'header' => 'Ind.',
-		'width' => 12.7 /*mm*/,
+		'width' => 0.5,
 		'table' => "IF ( award_prizes.trophystudentreturn=1, 'Yes', 'No')",
-		'components' => array('prizes')),
+		'components' => array('prizes')
-
+	),
 	'prize_trophy_return_school' => array(
-		'name' => 'Prize -- Annual School Trophy (\'Yes\' if the award has a school trophy that isn\'t a keeper)',
+		'name' => "Prize -- Annual School Trophy ('Yes' if the award has a school trophy that isn't a keeper)",
 		'header' => 'Sch.',
-		'width' => 12.7 /*mm*/,
+		'width' => 0.5,
 		'table' => "IF ( award_prizes.trophyschoolreturn=1, 'Yes', 'No')",
-		'components' => array('prizes')),
+		'components' => array('prizes')
-
+	),
 	'prize_all' => array(
 		'name' => 'Prize -- Lists all prize data (name, cash, scholarship, value, trophies)',
 		'header' => 'Prize',
-		'width' => 50.8 /*mm*/,
+		'width' => 2,
 		'table' => "CONCAT(
-				IF(award_prizes.prize != '', CONCAT(award_prizes.prize,'\n', ''),''),
+				IF(award_prizes.prize != '', CONCAT(award_prizes.prize,'
-				IF(award_prizes.cash != '', CONCAT('$',award_prizes.cash,'\n'), ''),
+', ''),''),
-				IF(award_prizes.scholarship != '', CONCAT('$',award_prizes.scholarship,' scholarship\n'), ''),
+				IF(award_prizes.cash != '', CONCAT('\$',award_prizes.cash,'
-				IF(award_prizes.value != '', CONCAT('$',award_prizes.value,' value\n'), ''),
+'), ''),
-				IF(award_prizes.trophystudentkeeper != '', CONCAT('Student Keeper Trophy\n'), ''),
+				IF(award_prizes.scholarship != '', CONCAT('\$',award_prizes.scholarship,' scholarship
-				IF(award_prizes.trophystudentreturn != '', CONCAT('Student Annual-Return Trophy\n'), ''),
+'), ''),
-				IF(award_prizes.trophyschoolkeeper != '', CONCAT('School Keeper Trophy\n'), ''),
+				IF(award_prizes.value != '', CONCAT('\$',award_prizes.value,' value
-				IF(award_prizes.trophyschoolreturn != '', CONCAT('School Annual-Return Trophy\n'), '')
+'), ''),
 				IF(award_prizes.trophystudentkeeper != '', CONCAT('Student Keeper Trophy
 '), ''),
 				IF(award_prizes.trophystudentreturn != '', CONCAT('Student Annual-Return Trophy
 '), ''),
 				IF(award_prizes.trophyschoolkeeper != '', CONCAT('School Keeper Trophy
 '), ''),
 				IF(award_prizes.trophyschoolreturn != '', CONCAT('School Annual-Return Trophy
 '), '')
 				)",
-		'components' => array('prizes')),
+		'components' => array('prizes')
-
+	),
 	/* The label system depends on each report type having conference_name and conference_logo */
 	'conference_name' =>  array(
 		'start_option_group' => 'Conference Information',
                'name' => 'Conference -- Name',
                'header' => 'Conference Name',
                'width' => 76.2 /*mm*/,
                'table' => "'".mysql_escape_string($conference['name'])."'"),
 	'conference_logo' =>  array(
 		'name' => 'Conference -- Logo (for Labels only)',
 		'header' => '',
 		'width' => 1 /*mm*/,
 		'table' => "CONCAT(' ')"),
 );
- function report_awards_fromwhere($report, $components)
+function report_awards_fromwhere($report, $components)
- {
+{
- 	global $config, $report_awards_fields;
+	global $config, $report_awards_fields;
-	
+
 	$fields = $report_awards_fields;
-	$conferenceId = $report['conference_id'];
+	$year = $report['year'];
 	$judges_join = '';
 	$judges_where = '';
-	if(in_array('judgingteam', $components)) {
+	if (in_array('judgingteam', $components)) {
-	   	$judges_join = 'LEFT JOIN judges_teams_awards_link ON judges_teams_awards_link.award_awards_id=award_awards.id
+		$judges_join = 'LEFT JOIN judges_teams_awards_link ON judges_teams_awards_link.award_awards_id=award_awards.id
 				LEFT JOIN judges_teams ON judges_teams.id=judges_teams_awards_link.judges_teams_id';
-		$judges_where = "AND judges_teams_awards_link.conferences_id='$conferenceId'
+		$judges_where = "AND judges_teams_awards_link.year='$year'
-				AND judges_teams.conferences_id='$conferenceId'";
+				AND judges_teams.year='$year'";
 	}
 	$judges_members_join = '';
 	$judges_members_where = '';
-	if(in_array('judgingteammembers', $components)) {
+	if (in_array('judgingteammembers', $components)) {
 		$judges_members_join = 'LEFT JOIN judges_teams_link ON judges_teams_link.judges_teams_id=judges_teams.id
 				LEFT JOIN judges ON judges.id=judges_teams_link.judges_id';
-		$judges_members_where = "AND judges_teams_link.conferences_id='$conferenceId'";
+		$judges_members_where = "AND judges_teams_link.year='$year'";
 	}
 	$prizes_join = '';
-	if(in_array('prizes', $components)) {
+	if (in_array('prizes', $components)) {
 		$prizes_join = 'LEFT JOIN award_prizes ON award_prizes.award_awards_id=award_awards.id';
 		/* Don't need a where filter, the prize is attached by unique ID to an award
 		 * that is already from the correct conference. */
 	}
 		/*
 		 * Don't need a where filter, the prize is attached by unique ID to an award
 		 * that is already from the correct year.
 		 */
 	}
 	$q = "	FROM  award_awards 
 			LEFT JOIN sponsors ON (
@ -404,12 +440,13 @@ $report_awards_fields = array(
 			$judges_members_join
 			$prizes_join
 		WHERE
-			award_awards.conferences_id='$conferenceId'
+			award_awards.year='$year'
-			AND award_types.conferences_id='$conferenceId'
+			AND award_types.year='$year'
 			$judges_where 
 			$judges_members_where
 		";
 	return $q;
 }
 ?>
--- a/admin/reports_ceremony.php
+++ b/admin/reports_ceremony.php
@ -1,111 +1,109 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- require_once('reports.inc.php');
+require_once ('reports.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- send_header("Award Ceremony Scripts",
+send_header('Award Ceremony Scripts',
- 		array('Main' => 'user_main.php',
+	array('Committee Main' => 'committee_main.php',
-			'Administration' => 'admin/index.php'),
+		'Administration' => 'admin/index.php'),
-            "print_awards_ceremony_scripts"
+	'print_awards_ceremony_scripts');
-			);
+echo '<br />';
- echo "<br />";
+echo '<form action="reports_acscript.php" method="get">';
- echo "<form action=\"reports_acscript.php\" method=\"get\">";
+echo '<table class="tableedit">';
 echo "<table class=\"tableedit\">";
 echo "<tr><td><b>".i18n("Year").":</b></td><td>";
- //get the year information, use fairname since it should be there for all years[right?]
+echo '<tr><td><b>' . i18n('Year') . ':</b></td><td>';
 /* Find our conference oid */
 $q = mysql_query("SELECT oid FROM conferences WHERE id='{$_SESSION['conferences_id']}'");
 $c = mysql_fetch_assoc($q);
 $conferences_oid = $c['oid'];
- $results = mysql_query("SELECT year FROM conferences WHERE oid='$conferences_oid' AND year > 0 ORDER BY year DESC");
+// get the year information, use fairname since it should be there for all years[right?]
- 
+$results = $pdo->prepare("SELECT year FROM config WHERE var='fairname' AND year > 0 ORDER BY year DESC");
- echo "<select name=\"year\" size=1>";
+$results->execute();
 while($r=mysql_fetch_object($results)) {
 	echo "<option>$r->year</option>";
 }
 echo "</select></td></tr>";
- //list output formats
+echo '<select name="year" size=1>';
- echo "<tr><td>
+while ($r = $results->fetch(PDO::FETCH_OBJ)) {
- 		<b>".i18n("Type").":</b>
+	echo "<option>$r->year</option>";
-	   </td>
+}
-	   <td>
+echo '</select></td></tr>';
-	   	<select name=\"type\" size=1>
+
 // list output formats
 echo "<tr><td>
 \t\t<b>" . i18n('Type') . ":</b>
 \t   </td>
 \t   <td>
 \t   \t<select name=\"type\" size=1>
 			<option value=\"pdf\">PDF</option>
 			<option value=\"csv\">CSV</option>
 	</select></td>";
- echo "</td></tr>\n";
+echo "</td></tr>\n";
- echo "<tr>";
+echo '<tr>';
- //list award subsets to output
+// list award subsets to output
- echo "<td><b>".i18n("Award Type").":</b></td> <td> <select name=\"awardtype\" size=1>";
+echo '<td><b>' . i18n('Award Type') . ':</b></td> <td> <select name="awardtype" size=1>';
- $results = mysql_query("SELECT type FROM award_types WHERE conferences_id=".$conference['id']." ORDER BY type");
+$results = $pdo->prepare('SELECT type FROM award_types WHERE year=' . $config['FAIRYEAR'] . ' ORDER BY type');
- echo "<option value=\"All\">".i18n("All")."</option>";
+$results->execute();
- while($r=mysql_fetch_object($results)) {
+echo '<option value="All">' . i18n('All') . '</option>';
- 	echo "<option value=\"$r->type\">".i18n("$r->type")."</option>";
+while ($r = $results->fetch(PDO::FETCH_OBJ)) {
- }
+	echo "<option value=\"$r->type\">" . i18n("$r->type") . '</option>';
- echo "</select></td>";
+}
- echo "</td></tr>\n";
+echo '</select></td>';
- echo "<tr>";
+echo "</td></tr>\n";
 echo '<tr>';
- //list award formats to output
+// list award formats to output
- echo "<td>
+echo '<td>
-	<b>".i18n("Script Format").":</b>
+	<b>' . i18n('Script Format') . ":</b>
 	</td> 
 	<td> 
 		<select name=\"scriptformat\" size=1>
 			<option value=\"default\">Default</option>
 			<option value=\"formatted\">Formatted</option>
- 	</select></td></tr>";
+ \t</select></td></tr>";
- echo "<tr><td ><b>".i18n("Show awards without winners").":</b></td>";
+echo '<tr><td ><b>' . i18n('Show awards without winners') . ':</b></td>';
- echo "<td><input name=\"show_unawarded_awards\" type=\"checkbox\" ".($config['reports_show_unawarded_awards'] == 'yes' ? "checked" : "")."/></td></tr>";
+echo '<td><input name="show_unawarded_awards" type="checkbox" ' . ($config['reports_show_unawarded_awards'] == 'yes' ? 'checked' : '') . '/></td></tr>';
- echo "<tr><td ><b>".i18n("Show prizes without winners").":</b></td>";
+echo '<tr><td ><b>' . i18n('Show prizes without winners') . ':</b></td>';
- echo "<td><input name=\"show_unawarded_prizes\" type=\"checkbox\" ".($config['reports_show_unawarded_prizes'] == 'yes' ? "checked" : "")."/></td></tr>";
+echo '<td><input name="show_unawarded_prizes" type="checkbox" ' . ($config['reports_show_unawarded_prizes'] == 'yes' ? 'checked' : '') . '/></td></tr>';
- echo "<tr><td ><b>".i18n("Show criteria for each award").":</b></td>";
+echo '<tr><td ><b>' . i18n('Show criteria for each award') . ':</b></td>';
- echo "<td><input name=\"show_criteria\" type=\"checkbox\" ".($config['reports_show_criteria'] == 'yes' ? "checked" : "")." value=\"on\"/></td></tr>";
+echo '<td><input name="show_criteria" type="checkbox" ' . ($config['reports_show_criteria'] == 'yes' ? 'checked' : '') . ' value="on"/></td></tr>';
- echo "<tr><td ><b>".i18n("Show student name pronunciation").":</b></td>";
+echo '<tr><td ><b>' . i18n('Show student name pronunciation') . ':</b></td>';
- echo "<td><input name=\"show_pronunciation\" type=\"checkbox\" /></td></tr>";
+echo '<td><input name="show_pronunciation" type="checkbox" /></td></tr>';
- echo "<tr><td width=\"30%\"><b>".i18n("Group divisional results by Prize (instead of Award Name).  This groups all the honourable mentions in all divisions together, all the bronzes together, etc."). ":</b></td>";
+echo '<tr><td width="30%"><b>' . i18n('Group divisional results by Prize (instead of Award Name).  This groups all the honourable mentions in all divisions together, all the bronzes together, etc.') . ':</b></td>';
- echo "<td><input name=\"group_by_prize\" type=\"checkbox\" /></td></tr>";
+echo '<td><input name="group_by_prize" type="checkbox" /></td></tr>';
- echo "<tr><td><b>".i18n("Include the following age categories").":</b></td>";
+echo '<tr><td><b>' . i18n('Include the following age categories') . ':</b></td>';
- echo "<td>";
+echo '<td>';
- $q=mysql_query("SELECT * FROM projectcategories WHERE conferences_id='{$conference['id']}' ORDER BY id");
+$q = $pdo->prepare("SELECT * FROM projectcategories WHERE year='{$config['FAIRYEAR']}' ORDER BY id");
- while($r=mysql_fetch_object($q)) {
+$q->execute();
 while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 	echo "<input name=\"show_category[{$r->id}]\" type=\"checkbox\" checked=\"checked\" />";
-	echo "".i18n($r->category)."<br />";
+	echo '' . i18n($r->category) . '<br />';
- }
+}
- echo "</table>";
+echo '</table>';
- echo "<input type=\"submit\" value=\"".i18n("Generate Script")."\" />";
+echo '<input type="submit" value="' . i18n('Generate Script') . '" />';
- echo "</form>";
+echo '</form>';
- send_footer();
+send_footer();
 ?>
--- a/admin/reports_committees.inc.php
+++ b/admin/reports_committees.inc.php
@ -1,165 +1,170 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 $report_committees_fields = array(
-	'name' =>  array(
+	'name' => array(
 		'start_option_group' => 'Committee Member Name',
 		'name' => 'Committee Member -- Full Name ',
 		'header' => 'Name',
-		'width' => 44.45 /*mm*/,
+		'width' => 1.75,
 		'table' => "CONCAT(users.firstname, ' ', users.lastname)",
-		'table_sort' => 'users.lastname'),
+		'table_sort' => 'users.lastname'
-
+	),
-	'last_name' =>  array(
+	'last_name' => array(
 		'name' => 'Committee Member -- Last Name',
 		'header' => 'Last Name',
-		'width' => 25.4 /*mm*/,
+		'width' => 1.0,
-		'table' => 'users.lastname' ),
+		'table' => 'users.lastname'
-
+	),
 	'first_name' => array(
 		'name' => 'Committee Member -- First Name',
 		'header' => 'First Name',
-		'width' => 25.4 /*mm*/,
+		'width' => 1.0,
-		'table' => 'users.firstname' ),
+		'table' => 'users.firstname'
-
+	),
-	'email' =>  array(
+	'email' => array(
 		'start_option_group' => 'Committee Member Contact Information',
 		'name' => 'Committee Member -- Email',
 		'header' => 'Email',
-		'width' => 50.8 /*mm*/,
+		'width' => 2.0,
-		'table' => 'accounts.email'),
+		'table' => 'users.email'
-
+	),
 	'phone_home' => array(
 		'name' => 'Committee Member -- Phone (Home)',
 		'header' => 'Phone(Home)',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
-		'table' => 'users.phonehome'),
+		'table' => 'users.phonehome'
-
+	),
 	'phone_work' => array(
 		'name' => 'Committee Member -- Phone (Work)',
 		'header' => 'Phone(Work)',
-		'width' => 31.75 /*mm*/,
+		'width' => 1.25,
-		'table' => 'users.phonework'),
+		'table' => 'users.phonework'
-		
+	),
 	'phone_cel' => array(
-		'name' => 'Committee Member -- Phone (Cell)',
+		'name' => 'Committee Member -- Phone (Cel)',
-		'header' => 'Phone(Cell)',
+		'header' => 'Phone(Cel)',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
-		'table' => 'users.phonecell'),
+		'table' => 'users.phonecell'
-
+	),
-	'address' =>  array(
+	'address' => array(
 		'name' => 'Committee Member -- Address Street',
 		'header' => 'Address',
-		'width' => 50.8 /*mm*/,
+		'width' => 2.0,
-		'table' => "CONCAT(users.address, ' ', users.address2)"),
+		'table' => "CONCAT(users.address, ' ', users.address2)"
-
+	),
-	'city' =>  array(
+	'city' => array(
 		'name' => 'Committee Member -- Address City',
 		'header' => 'City',
-		'width' => 38.1 /*mm*/,
+		'width' => 1.5,
-		'table' => 'users.city' ),
+		'table' => 'users.city'
-
+	),
-	'province' =>  array(
+	'province' => array(
-		'name' => 'Committee Member -- Address '.$config['provincestate'],
+		'name' => 'Committee Member -- Address ' . $config['provincestate'],
 		'header' => $config['provincestate'],
-		'width' => 19.05 /*mm*/,
+		'width' => 0.75,
-		'table' => 'users.province' ),
+		'table' => 'users.province'
-
+	),
-	'postal' =>  array(
+	'postal' => array(
-		'name' => 'Committee Member -- Address '.$config['postalzip'],
+		'name' => 'Committee Member -- Address ' . $config['postalzip'],
 		'header' => $config['postalzip'],
-		'width' => 19.05 /*mm*/,
+		'width' => 0.75,
-		'table' => 'users.postalcode' ),
+		'table' => 'users.postalcode'
-
+	),
 	'organization' => array(
 		'start_option_group' => 'Committee Member Misc.',
 		'name' => 'Committee Member -- Organization',
 		'header' => 'Organization',
-		'width' => 50.8 /*mm*/,
+		'width' => 2,
-		'table' => 'users.organization'),
+		'table' => 'users.organization'
-
+	),
 	'committee' => array(
 		'name' => 'Committee Member -- Committee Name',
 		'header' => 'Committee',
 		'width' => 2,
 		'table' => 'committees.name'
 	),
 	'title' => array(
 		'name' => 'Committee Member -- Title on Committee',
 		'header' => 'Title',
 		'width' => 2,
 		'table' => 'committees_link.title'
 	),
 	'committeetitle' => array(
 		'name' => 'Committee Member -- Committee and Title',
 		'header' => 'Committee and Title',
 		'width' => 2,
 		'table' => "CONCAT(committees.name, ' - ', committees_link.title)"
 	),
 	'firstaid' => array(
 		'name' => 'Committee Member -- First Aid Training',
 		'header' => 'F.Aid',
-		'width' => 12.7 /*mm*/,
+		'width' => 0.5,
 		'table' => 'users.firstaid',
-		'value_map' =>array ('no' => 'no', 'yes' => 'YES')),
+		'value_map' => array('no' => 'no', 'yes' => 'YES')
-
+	),
 	'cpr' => array(
 		'name' => 'Committee Member -- CPR Training',
 		'header' => 'CPR',
-		'width' => 12.7 /*mm*/,
+		'width' => 0.5,
 		'table' => 'users.cpr',
-		'value_map' =>array ('no' => 'no', 'yes' => 'YES')),
+		'value_map' => array('no' => 'no', 'yes' => 'YES')
-
+	),
-		
+	'static_text' => array(
 	/* The label system depends on each report type having conference_name and conference_logo */
 	'conference_name' =>  array(
 		'start_option_group' => 'Conference Information',
                'name' => 'Conference -- Name',
                'header' => 'Conference Name',
                'width' => 76.2 /*mm*/,
                'table' => "'".mysql_escape_string($conference['name'])."'"),
 	'conference_logo' =>  array(
 		'name' => 'Conference -- Logo (for Labels only)',
 		'header' => '',
 		'width' => 1 /*mm*/,
 		'table' => "CONCAT(' ')"),
 	'static_text' =>  array(
 		'start_option_group' => 'Special Fields',
 		'name' => 'Static Text (useful for labels)',
 		'header' => '',
-		'width' => 2.54 /*mm*/,
+		'width' => 0.1,
-		'table' => "CONCAT(' ')"),
+		'table' => "CONCAT(' ')"
-
+	),
 );
- function report_committees_fromwhere($report, $components)
+function report_committees_fromwhere($report, $components)
- {
+{
- 	global $config, $report_committees_fields;
+	global $config, $report_committees_fields;
-	
+
 	$fields = $report_committees_fields;
 /*
 	// if this gets unremarked for future use, then the year references will need to be updated to use conferences instead
 	$year = $report['year'];
-	$teams_from = '';
+	/*
-	$teams_where = '';
+	 * $teams_from = '';
-	if(in_array('teams', $components)) {
+	 * $teams_where = '';
-		$teams_from = ",committees_teams_link, committees_teams";
+	 * if(in_array('teams', $components)) {
-		$teams_where = "AND committees_teams_link.committees_id=users.id
+	 *     $teams_from = ",committees_teams_link, committees_teams";
-                	        AND committees_teams_link.year='$year'
+	 *     $teams_where = "AND committees_teams_link.committees_id=users.id
-                        	AND committees_teams.id=committees_teams_link.committees_teams_id
+	 *                 	    AND committees_teams_link.year='$year'
-				AND committees_teams.year='$year'";
+	 *                         AND committees_teams.id=committees_teams_link.committees_teams_id
-	}
+	 *             AND committees_teams.year='$year'";
-*/										
+	 * }
-	$q = "	FROM 	users
+	 */
-			LEFT JOIN user_roles on user_roles.users_id=users.id
+	$q = "\tFROM 
-			LEFT JOIN accounts ON accounts.id=users.accounts_id
+			committees_link
 			JOIN committees ON committees_link.committees_id=committees.id
 			JOIN users
 				ON committees_link.users_uid=users.uid
 			LEFT OUTER JOIN users u2
 				ON u2.uid=users.uid
 				AND u2.year>users.year
 		WHERE
-			user_role.type='committee'
+			users.types LIKE '%committee%'
 			AND u2.uid IS NULL
 		";
 	return $q;
--- a/admin/reports_editor.php
+++ b/admin/reports_editor.php
@ -1,186 +1,201 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
 require("../common.inc.php");
 require_once("../user.inc.php");
 user_auth_required('admin');
- require_once('reports_students.inc.php');
+require ('../common.inc.php');
- require_once('reports_judges.inc.php');
+require_once ('../user.inc.php');
- require_once('reports_awards.inc.php');
+user_auth_required('committee', 'admin');
 require_once('reports_committees.inc.php');
 require_once('reports_schools.inc.php');
 require_once('reports_volunteers.inc.php');
 require_once('reports_tours.inc.php');
 require_once('reports_fairs.inc.php');
 require_once('reports_fundraising.inc.php');
 require_once('reports.inc.php');
 require_once('../tcpdf.inc.php');
- $fields = array();
+require_once ('reports_students.inc.php');
- $locs = array('X' => 'x', 'Y' => 'y', 'W' => 'w', 'H' => 'h');
+require_once ('reports_judges.inc.php');
 require_once ('reports_awards.inc.php');
 require_once ('reports_committees.inc.php');
 require_once ('reports_schools.inc.php');
 require_once ('reports_volunteers.inc.php');
 require_once ('reports_tours.inc.php');
 require_once ('reports_fairs.inc.php');
 require_once ('reports_fundraising.inc.php');
 require_once ('reports.inc.php');
 require_once ('../tcpdf.inc.php');
- function field_selector($name, $id, $selected)
+$fields = array();
- {
+$locs = array('X' => 'x', 'Y' => 'y', 'W' => 'w', 'H' => 'h', 'Lines' => 'lines');
- 	global $fields;
+
 function field_selector($name, $id, $selected)
 {
 	global $fields;
 	$in_optgroup = false;
- 	echo "<select name=\"$name\" id=\"$id\">";
+	echo "<select name=\"$name\" id=\"$id\">";
-	echo "<option value=\"\" />-- None --</option>";
+	echo '<option value="" />-- None --</option>';
-	foreach($fields as $k=>$f) {
+	foreach ($fields as $k => $f) {
-		if($f['editor_disabled'] == true) continue;
+		if ($f['editor_disabled'] == true)
-		if(array_key_exists('start_option_group', $f)) {
+			continue;
-			if($in_optgroup) echo '</optgroup>';
+		if (array_key_exists('start_option_group', $f)) {
-			echo '<optgroup label="'.i18n($f['start_option_group']).'">';
+			if ($in_optgroup)
 				echo '</optgroup>';
 			echo '<optgroup label="' . i18n($f['start_option_group']) . '">';
 		}
-		$sel = ($selected == $k) ? 'selected=\"selected\"': '' ;
+		if ($f['name'] == 'Project -- Type') {  // filter out if the configuration setting does not allow for the project type
-        	echo "<option value=\"$k\" $sel >{$f['name']}</option>";
+			global $config;
-	}	
+			if ($config['project_type'] == 'no')
-	if($in_optgroup) echo '</optgroup>';
+				continue;
-	echo "</select>"; 
+		}
- }
+		$sel = ($selected == $k) ? 'selected=\"selected\"' : '';
 		echo "<option value=\"$k\" $sel >{$f['name']}</option>";
 	}
 	if ($in_optgroup)
 		echo '</optgroup>';
 	echo '</select>';
 }
- function selector($name, $a, $selected, $onchange='')
+function selector($name, $a, $selected, $onchange = '')
- {
+{
 	echo "<select name=\"$name\" $onchange >";
-	foreach($a as $v=>$val) {
+	foreach ($a as $v => $val) {
-		$sel = ($selected == $v) ? 'selected=\"selected\"' : '';
+		$sel = ($selected == $v) ? 'selected=selected' : '';
 		echo "<option value=\"$v\" $sel>$val</option>";
 	}
 	echo '</select>';
- }
+}
- function parse_fields($f) 
+function parse_fields($f)
- {
+{
- 	global $locs;
+	global $locs;
- 	$ret = array();
+	$ret = array();
- 	if(!is_array($_POST[$f])) return array();
+	if (!is_array(get_value_from_array($_POST, $f)))
 		return array();
 	$x = 0;
-	foreach($_POST[$f] as $o=>$d) {
+	foreach ($_POST[$f] as $o => $d) {
-		if(is_array($d)) {
+		if (is_array($d)) {
 			$a = array();
-			foreach($d as $l=>$v) {
+			foreach ($d as $l => $v) {
 				/* Scrub the array data */
 				$floatloc = array_values($locs);
-				if($l == 'field' || $l == 'value') {
+				if ($l == 'field' || $l == 'value') {
 					$v = stripslashes($v);
-				} else if(in_array($l, $floatloc)) {
+				} else if (in_array($l, $floatloc)) {
 					$v = floatval($v);
-					if($l == 'lines' && $v==0) $v=1;
+					if ($l == 'lines' && $v == 0)
-				} else if($l == 'face') {
+						$v = 1;
 				} else if ($l == 'face') {
 					$v = ($v == 'bold') ? 'bold' : '';
-				} else if($l == 'align') {
+				} else if ($l == 'align') {
 					$aligns = array('left', 'right', 'center');
-					if(!in_array($v, $aligns)) {
+					if (!in_array($v, $aligns)) {
 						echo "Invalid alignment $v";
 						exit;
 					}
-				} else if($l == 'valign') {
+				} else if ($l == 'valign') {
-					$aligns = array('vtop', 'vbottom', 'vcenter', 'top','middle','bottom');
+					$aligns = array('vtop', 'vbottom', 'vcenter', 'top', 'middle', 'bottom');
-					if(!in_array($v, $aligns)) {
+					if (!in_array($v, $aligns)) {
 						echo "Invalid valignment $v";
 						exit;
 					}
-				} 
+				}
 				$a[$l] = $v;
 			}
-			if(trim($a['field']) == '') continue;
+			if (trim($a['field']) == '')
 				continue;
 			$ret[$x] = $a;
 		} else {
-			if(trim($d) == '') continue;
+			if (trim($d) == '')
 				continue;
 			$ret[$x]['field'] = stripslashes($d);
 		}
 		$x++;
 	}
 	return $ret;
- }
+}
- function parse_options($f) 
+
- {
+function parse_options($f)
- 	$ret = array();
+{
- 	if(!is_array($_POST[$f])) return array();
+	$ret = array();
-	foreach($_POST[$f] as $c=>$v) {
+	if (!is_array(get_value_from_array($_POST, $f)))
-		if(trim($c) == '') continue;
+		return array();
 	foreach ($_POST[$f] as $c => $v) {
 		if (trim($c) == '')
 			continue;
 		$ret[$c] = stripslashes($v);
 	}
 	return $ret;
- }
+}
- /* Decode the report */
+/* Decode the report */
- $report = array();
+$report = array();
- $report['id'] = intval($_POST['id']);
+$report['id'] = intval(get_value_from_array($_POST, 'id', ''));
- $report['name'] = stripslashes($_POST['name']);
+$report['name'] = stripslashes(get_value_from_array($_POST, 'name', ''));
- $report['creator'] = stripslashes($_POST['creator']);
+$report['creator'] = stripslashes(get_value_from_array($_POST, 'creator', ''));
- $report['desc'] = stripslashes($_POST['desc']);
+$report['desc'] = stripslashes(get_value_from_array($_POST, 'desc', ''));
- $report['type'] = stripslashes($_POST['type']);
+$report['type'] = stripslashes(get_value_from_array($_POST, 'type', ''));
- $report['col'] = parse_fields('col');
+$report['col'] = parse_fields('col');
- $report['group'] = parse_fields('group');
+$report['group'] = parse_fields('group');
- $report['sort'] = parse_fields('sort');
+$report['sort'] = parse_fields('sort');
- $report['distinct'] = parse_fields('distinct');
+$report['distinct'] = parse_fields('distinct');
- $report['option'] = parse_options('option');
+$report['option'] = parse_options('option');
- $report['filter'] = parse_fields('filter');
+$report['filter'] = parse_fields('filter');
 // print("<pre>");print_r($_POST);print("</pre>");
 // print("<pre>");print_r($report);print("</pre>");
- $reloadaction = $_POST['reloadaction'];
+$reloadaction = get_value_from_array($_POST, 'reloadaction', '');
- $loadaction = $_POST['loadaction'];
+$loadaction = get_value_from_array($_POST, 'loadaction', '');
- $colaction = $_POST['colaction'];
+$colaction = get_value_from_array($_POST, 'colaction', '');
- $repaction = $_POST['repaction'];
+$repaction = get_value_from_array($_POST, 'repaction', '');
- $repaction_save = $repaction;
+$repaction_save = $repaction;
- /* Sort out priorities */
+/* Sort out priorities */
- if($reloadaction != '') {
+if ($reloadaction != '') {
- 	$loadaction = '';
+	$loadaction = '';
 	$colaction = '';
 	$repaction = '';
- }
+}
- if($loadaction != '') {
+if ($loadaction != '') {
 	$id = intval($_POST['id']);
 	$report = report_load($id);
-	if($id == 0) $report['type'] = 'student';
+	if ($id == 0)
 		$report['type'] = 'student';
 	$colaction = '';
 	$repaction = '';
- }
+}
- if($colaction != '') {
+if ($colaction != '') {
- 	$repaction = '';
+	$repaction = '';
- }
+}
- if($repaction == 'try') {
+if ($repaction == 'try') {
- 	/* Generate the report from what was passed through POST */
+	/* Generate the report from what was passed through POST */
 	report_gen($report);
 	exit;
- }
+}
 send_header("Report Management",
 		array('Committee Main' => 'committee_main.php',
 			'Administration' => 'admin/index.php'),
            "report_management"
 			);
 send_header('Reports Editor',
 	array('Committee Main' => 'committee_main.php',
 		'Administration' => 'admin/index.php'),
 	'report_management');
 ?>
 <script type="text/javascript">
@ -203,7 +218,53 @@ function initCanvas(w,h,lw,lh) {
 	labelHeight=lh;
 }
-function createData(x,y,w,h,align,valign,fontname,fontstyle,fontsize,value) {
+function createData(x,y,w,h,l,face,align,valign,value) {
 	var canvas=document.getElementById('layoutcanvas');
 	var newdiv=document.createElement('div');
 	if(valign=="vcenter") verticalAlign="middle";
 	else if(valign=="vtop") verticalAlign="top";
 	else if(valign=="vbottom") verticalAlign="bottom";
 	else verticalAlign="top";
 //	alert(verticalAlign);
 	//convert x,y,w,h from % to absolute
 	var dx=Math.round(x*canvasWidth/100);
 	var dy=Math.round(y*canvasHeight/100);
 	var dw=Math.round(w*canvasWidth/100);
 	var dh=Math.round(h*canvasHeight/100);
 //	alert(dx+','+dy+','+dw+','+dh);
 	var fontheight=Math.round(dh/l);
 	newdiv.setAttribute('id','o_'+canvasObjectIndex);
 	newdiv.style.display="table-cell";
 	newdiv.style.position="absolute";
 	newdiv.style.width=dw+"px";
 	newdiv.style.height=dh+"px";
 	newdiv.style.left=dx+"px";
 	newdiv.style.top=dy+"px";
 	newdiv.style.textAlign=align;
 	newdiv.style.verticalAlign=verticalAlign;
 	newdiv.style.padding="0 0 0 0";
 	newdiv.style.margin="0 0 0 0";
 //	newdiv.style.vertical-align=valign;
 	newdiv.style.border="1px solid blue";
 	newdiv.style.fontSize=fontheight+"px";
 	newdiv.style.lineHeight=fontheight+"px";
 	newdiv.style.fontFamily="Verdana";
 	newdiv.style.fontSizeAdjust=0.65;
 	var maxlength=Math.floor(dw/(fontheight*0.7))*l;
 	if(value.length>maxlength) value=value.substring(0,maxlength);
 	newdiv.innerHTML=value; //"Maple Test xxxx"; //value;
 	canvas.appendChild(newdiv);
 	canvasObjectIndex++;
 }
 function createDataTCPDF(x,y,w,h,align,valign,fontname,fontstyle,fontsize,value) {
 	var canvas=document.getElementById('layoutcanvas');
 	var newdiv=document.createElement('div');
@ -252,312 +313,353 @@ function createData(x,y,w,h,align,valign,fontname,fontstyle,fontsize,value) {
 </script>
 <?
- if($repaction == 'save') {
+if ($repaction == 'save') {
- 	/* Save the report */
+	/* Save the report */
 	$report['id'] = report_save($report);
-	echo happy(i18n("Report Saved"));
+	echo happy(i18n('Report Saved'));
- }
+}
- if($repaction == 'del') {
+if ($repaction == 'del') {
- 	report_delete($report['id']);
+	report_delete($report['id']);
-	echo happy(i18n("Report Deleted"));
+	echo happy(i18n('Report Deleted'));
- }
+}
- if($repaction == 'dupe') {
+if ($repaction == 'dupe') {
- 	$report['id'] = 0;
+	$report['id'] = 0;
- 	$report['id'] = report_save($report);
+	$report['id'] = report_save($report);
-	echo happy(i18n("Report Duplicated"));
+	echo happy(i18n('Report Duplicated'));
- }
+}
- if($repaction == 'export') {
+if ($repaction == 'export') {
- 	echo "<pre>";
+	echo '<pre>';
-	$q = mysql_query("SELECT system_report_id FROM reports WHERE 1 ORDER BY system_report_id DESC");
+	$q = $pdo->prepare('SELECT system_report_id FROM reports WHERE 1 ORDER BY system_report_id DESC');
-	$r = mysql_fetch_assoc($q);
+	$q->execute();
 	$r = $q->fetch(PDO::FETCH_ASSOC);
 	$sid = $r['system_report_id'] + 1;
-	$n = mysql_escape_string($report['name']);
+	$n = $report['name'];
-	$c = mysql_escape_string($report['creator']);
+	$c = $report['creator'];
-	$d = mysql_escape_string($report['desc']);
+	$d = $report['desc'];
-	$t = mysql_escape_string($report['type']);
+	$t = $report['type'];
- 	echo "INSERT INTO `reports` (`id`, `system_report_id`, `name`, `desc`, `creator`, `type`) VALUES\n";
+	echo "INSERT INTO `reports` (`id`, `system_report_id`, `name`, `desc`, `creator`, `type`) VALUES\n";
-	echo "\t('', '$sid', '$n', '$d', '$c', '$t');\n";
+	echo "	('', '$sid', '$n', '$d', '$c', '$t');\n";
-	echo "INSERT INTO `reports_items` (`id`, `reports_id`, `type`, `ord`, `field`, `value`, `x`, `y`, `w`, `h`, `lines`, `face`, `align`) VALUES ";
+	echo 'INSERT INTO `reports_items` (`id`, `reports_id`, `type`, `ord`, `field`, `value`, `x`, `y`, `w`, `h`, `lines`, `face`, `align`) VALUES ';
 	/* Do the options */
 	$x = 0;
-	foreach($report['option'] as $k=>$v) {
+	foreach ($report['option'] as $k => $v) {
-		echo "\n\t('', LAST_INSERT_ID(), 'option', $x, '$k', '$v', 0, 0, 0, 0, 0, '', ''),";
+		echo "\n\t('', LAST_INSERT_ID(), 'option', $x, '$k', '" . $v . "', 0, 0, 0, 0, 0, '', ''),";
 		$x++;
 	}
 	/* Do the fields */
 	$fs = array('col', 'group', 'sort', 'distinct', 'filter');
 	$first = true;
-	foreach($fs as $f) {
+	foreach ($fs as $f) {
-		foreach($report[$f] as $x=>$v) {
+		foreach ($report[$f] as $x => $v) {
 			$k = $v['field'];
 			$vx = intval($v['x']);
 			$vy = intval($v['y']);
 			$vw = intval($v['w']);
 			$vh = intval($v['h']);
 			$vlines = intval($v['lines']);
-			if($vlines == 0) $vlines = 1;
+			if ($vlines == 0)
 				$vlines = 1;
 			$face = $v['face'];
-			$align = $v['align']. ' ' . $v['valign'];
+			$align = $v['align'] . ' ' . $v['valign'];
-			$value=mysql_escape_string(stripslashes($v['value']));
+			$value = stripslashes($v['value']);
-			if(!$first) echo ',';
+			if (!$first)
 				echo ',';
 			$first = false;
 			echo "\n\t('', LAST_INSERT_ID(), '$f', $x, '$k', '$value', $vx, $vy, $vw, $vh, $vlines, '$face', '$align')";
 		}
 	}
 	echo ";\n";
-	echo "</pre>";
+	echo '</pre>';
 }
 /* ---- Setup  ------ */
 $n_columns = intval($_POST['ncolumns']);
 $n = count($report['col']) + 1;
 if($n > $n_columns) $n_columns = $n;
 if($colaction == 'add') $n_columns+=3;
 $fieldvar = "report_{$report['type']}s_fields";
 if(isset($$fieldvar)) $fields = $$fieldvar;
 echo "<br />";
 echo "<form method=\"post\" name=\"reportload\" action=\"reports_editor.php\" onChange=\"document.reportload.submit()\">";
 echo "<input type=\"hidden\" name=\"loadaction\" value=\"load\" />";
 echo "<select name=\"id\" id=\"report\">";
 echo "<option value=\"0\">".i18n("Create New Report")."</option>\n";
 $reports = report_load_all();
 $x=0;
 foreach($reports as $r) {
 	$sel = ($report['id'] == $r['id']) ? 'selected=\"selected\"' : '';
 	echo "<option value=\"{$r['id']}\" $sel>{$r['name']}</option>\n";
 }
 echo "</select>";
 echo "<input type=\"submit\" value=\"Load\"></form>";
 echo "<hr />";
- echo "<form method=\"post\" name=\"report\" action=\"reports_editor.php\">";
+/* ---- Setup  ------ */
 echo "<input type=\"hidden\" name=\"id\" value=\"{$report['id']}\" />";
 echo "<input type=\"hidden\" name=\"ncolumns\" value=\"$n_columns\" />";
- echo "<h4>Report Information</h4>";
+$n_columns = intval(get_value_from_array($_POST, 'ncolumns'));
- echo "<table>";
+$n = count($report['col']) + 1;
- echo "<tr><td>Name: </td>";
+if ($n > $n_columns)
- echo "<td><input type=\"text\" name=\"name\" size=\"80\" value=\"{$report['name']}\" /></td>";
+	$n_columns = $n;
- echo "</tr>";
+if ($colaction == 'add')
- echo "<tr><td>Created By: </td>";
+	$n_columns += 3;
- echo "<td><input type=\"text\" name=\"creator\" size=\"80\" value=\"{$report['creator']}\" /></td>";
+
- echo "</tr>";
+$fieldvar = "report_{$report['type']}s_fields";
- echo "<tr><td>Description: </td>";
+if (isset($$fieldvar))
- echo "<td><textarea name=\"desc\" rows=\"3\" cols=\"60\">{$report['desc']}</textarea></td>";
+	$fields = $$fieldvar;
- echo "</tr>";
+
- echo "<tr><td>Type: </td>";
+echo '<br />';
- echo "<td>";
+
- selector('type', array('student' => 'Student Report', 'judge' => 'Judge Report', 
+echo '<form method="post" name="reportload" action="reports_editor.php" onChange="document.reportload.submit()">';
- 			'award' => 'Award Report', 'committee' => 'Committee Member Report',
+echo '<input type="hidden" name="loadaction" value="load" />';
-			'school' => 'School Report', 'volunteer' => 'Volunteer Report',
+echo '<select name="id" id="report">';
-			'tour' => 'Tour Report', 'fair' => 'Feeder Fair Report',
+echo '<option value="0">' . i18n('Create New Report') . "</option>\n";
-			'fundraising' => 'Fundraising Report'),
+
-		$report['type'],
+$reports = report_load_all();
-		"onChange=\"reportReload();\"");
+$x = 0;
- echo "<input type=\"hidden\" name=\"reloadaction\" value=\"\">";
+foreach ($reports as $r) {
- echo "</td>";
+	$sel = ($report['id'] == $r['id']) ? 'selected=\"selected\"' : '';
- echo "</tr></table>";
+	echo "<option value=\"{$r['id']}\" $sel>{$r['name']}</option>\n";
- 
+}
- echo "<h4>Report Data</h4>";
+echo '</select>';
- echo "<table>";
+echo '<input type="submit" value="Load"></form>';
- $x=0;
+echo '<hr />';
- //only go through the columns if there are columns to go through
+
- if(count($report['col'])) {
+echo '<form method="post" name="report" action="reports_editor.php">';
-	 foreach($report['col'] as $o=>$d) {
+echo "<input type=\"hidden\" name=\"id\" value=\"{$report['id']}\" />";
-		echo "<tr><td>Column&nbsp;".($x + 1).": </td>";
+echo "<input type=\"hidden\" name=\"ncolumns\" value=\"$n_columns\" />";
-		echo "<td>";
+
-		if(intval($x) != intval($o)) {
+echo '<h4>Report Information</h4>';
-			echo ("WARNING, out of order!");
+echo '<table>';
 echo '<tr><td>Name: </td>';
 echo "<td><input type=\"text\" name=\"name\" size=\"80\" value=\"{$report['name']}\" /></td>";
 echo '</tr>';
 echo '<tr><td>Created By: </td>';
 echo "<td><input type=\"text\" name=\"creator\" size=\"80\" value=\"{$report['creator']}\" /></td>";
 echo '</tr>';
 echo '<tr><td>Description: </td>';
 echo "<td><textarea name=\"desc\" rows=\"3\" cols=\"60\">{$report['desc']}</textarea></td>";
 echo '</tr>';
 echo '<tr><td>Type: </td>';
 echo '<td>';
 selector('type', array('student' => 'Student Report', 'judge' => 'Judge Report',
 		'award' => 'Award Report', 'committee' => 'Committee Member Report',
 		'school' => 'School Report', 'volunteer' => 'Volunteer Report',
 		'tour' => 'Tour Report', 'fair' => 'Feeder Fair Report',
 		'fundraising' => 'Fundraising Report'),
 	$report['type'],
 	'onChange="reportReload();"');
 echo '<input type="hidden" name="reloadaction" value="">';
 echo '</td>';
 echo '</tr></table>';
 echo '<h4>Report Data</h4>';
 echo '<table>';
 $x = 0;
 // only go through the columns if there are columns to go through
 if (count($report['col'])) {
 	foreach ($report['col'] as $o => $d) {
 		echo '<tr><td>Column&nbsp;' . ($x + 1) . ': </td>';
 		echo '<td>';
 		if (intval($x) != intval($o)) {
 			echo ('WARNING, out of order!');
 		}
 		field_selector("col[$o][field]", "col$o", $d['field']);
-		echo "</td></tr>"; 
+		echo '</td></tr>';
 		$x++;
-		$canvasLabels[]=$fields[$report['col'][$o]['field']]['name']; //['field'];
+		$canvasLabels[] = $fields[$report['col'][$o]['field']]['name'];  // ['field'];
-	 }
+	}
- }
+}
- for(;$x<$n_columns;$x++) {
+for (; $x < $n_columns; $x++) {
-	echo "<tr><td>Column&nbsp;".($x + 1).": </td>";
+	echo '<tr><td>Column&nbsp;' . ($x + 1) . ': </td>';
-	echo "<td>";
+	echo '<td>';
 	field_selector("col[$x][field]", "col$x", '');
-	echo "</td></tr>"; 
+	echo '</td></tr>';
 }
 echo '<tr><td></td>';
 echo '<td align="right">';
 echo '<select name="colaction"><option value=""></option><option value="add">Add more columns</option></select>';
 echo '<input type="submit" value="Go">';
 echo '</td></tr>';
 echo "</table>\n";
 }
 echo "<tr><td></td>";
 echo "<td align=\"right\">";
 echo "<select name=\"colaction\"><option value=\"\"></option><option value=\"add\">Add more columns</option></select>";
 echo "<input type=\"submit\" value=\"Go\">";
 echo "</td></tr>";
 echo "</table>\n";
 $doCanvasSample = false;
- $l_w=$report_stock[$report['option']['stock']]['label_width'];
+$doCanvasSampletcpdf = false;
- $l_h=$report_stock[$report['option']['stock']]['label_height'];
+$l_w = get_value_from_2d_array($report_stock, get_value_from_2d_array($report, 'option', 'stock', ''), 'label_width');
 $l_h = get_value_from_2d_array($report_stock, get_value_from_2d_array($report, 'option', 'stock', ''), 'label_height');
- if($l_w && $l_h && $report['option']['type']=='label') {
+if ($l_w && $l_h && $report['option']['type'] == 'label') {
-     echo "<h4>Label Data Locations</h4>";
+	echo '<h4>Label Data Locations</h4>';
-
+	pdf_begin_page;
-	$doCanvasSample=true;
+	$doCanvasSample = true;
-	$ratio=$l_h/$l_w;
+	$ratio = $l_h / $l_w;
-	$canvaswidth=600;
+	$canvaswidth = 600;
-	$canvasheight=round($canvaswidth*$ratio);
+	$canvasheight = round($canvaswidth * $ratio);
 	echo "<div id=\"layoutcanvas\" style=\"border: 1px solid red; position: relative; width: {$canvaswidth}px; height: {$canvasheight}px;\">";
 	echo "</div>\n";
 	echo "<script type=\"text/javascript\">initCanvas($canvaswidth,$canvasheight,$l_w,$l_h)</script>\n";
- }
+}
 if ($l_w && $l_h && $report['option']['type'] == 'tcpdf_label') {
 	echo '<h4>Label Data Locations - TCPDF</h4>';
- $x=0;
+	$l_w *= 25.4;
- 
+	$l_h *= 25.4;
- if($report['option']['type'] == 'label') {
+	$doCanvasSampletcpdf = true;
- 	$fontlist = array('' => 'Default');
+	$ratio = $l_h / $l_w;
 	$canvaswidth = 600;
 	$canvasheight = round($canvaswidth * $ratio);
 	echo "<div id=\"layoutcanvas\" style=\"border: 1px solid red; position: relative; width: {$canvaswidth}px; height: {$canvasheight}px;\">";
 	echo "</div>\n";
 	echo "<script type=\"text/javascript\">initCanvas($canvaswidth,$canvasheight,$l_w,$l_h)</script>\n";
 }
 echo '<table>';
 $x = 0;
 if (get_value_from_2d_array($report, 'option', 'type') == 'label' || get_value_from_2d_array($report, 'option', 'type') == 'tcpdf_label') {
 	$fontlist = array('' => 'Default');
 	$fl = PDF::getFontList();
-	foreach($fl as $f) $fontlist[$f] = $f;
+	foreach ($fl as $f)
-//	print_r($fl);
+		$fontlist[$f] = $f;
-			  
+	//	print_r($fl);
- 	foreach($report['col'] as $o=>$d) {
+
 	foreach ($report['col'] as $o => $d) {
 		$f = $d['field'];
-		echo "<b>{$fields[$d['field']]['name']}: </b><br/>";
+		echo '<tr><td align="right">Loc ' . ($o + 1) . ': </td>';
-		$script="";
+		echo '<td>';
-		foreach($locs as $k=>$v) {
+		$script = '';
-			echo "$k=<input type=\"text\" size=\"5\" name=\"col[$x][$v]\" value=\"{$d[$v]}\">";
+		foreach ($locs as $k => $v) {
-			$script.="{$d[$v]},";
+			if ($k == 'Lines' && $report['option']['type'] != 'label')
 				continue;
 			echo "$k=<input type=\"text\" size=\"3\" name=\"col[$x][$v]\" value=\"{$d[$v]}\">";
 			$script .= "{$d[$v]},";
 		}
 		if ($report['option']['type'] == 'label') {
 			echo 'Face=';
 			selector("col[$x][face]", array('' => '', 'bold' => 'Bold'), $d['face']);
 		}
 		echo 'Align';
-		selector("col[$x][align]", array('center' => 'Center', 'left' => 'Left', 'right' => 'Right'), 
+		selector("col[$x][align]", array('center' => 'Center', 'left' => 'Left', 'right' => 'Right'),
-				$d['align']);
+			$d['align']);
 		echo 'vAlign';
-		selector("col[$x][valign]", array('middle' => 'Middle', 'top' => 'Top', 'bottom' => 'Bottom'), 
+		if ($report['option']['type'] == 'label') {
 			selector("col[$x][valign]", array('vcenter' => 'Center', 'vtop' => 'Top', 'vbottom' => 'Bottom'),
 				$d['valign']);
 		} else {
 			selector("col[$x][valign]", array('middle' => 'Middle', 'top' => 'Top', 'bottom' => 'Bottom'),
 				$d['valign']);
 		echo '<br/>';	
 		echo 'Font=';
 		selector("col[$x][fontname]", $fontlist, $d['fontname']);
 		selector("col[$x][fontstyle]", array('' => '', 'bold' => 'Bold'), $d['fontstyle']);
 		echo "<input type=\"text\" size=\"3\" name=\"col[$x][fontsize]\" value=\"{$d['fontsize']}\">";
 		echo 'pt  ';
 		echo 'OnOverflow=';
 		selector("col[$x][on_overflow]", array('nothing'=>'Nothing (overflow the box)', 'truncate'=>'Truncate','...'=>'Truncate and add ellipses (...)', 'scale'=>'Scale'), $d['on_overflow']);
-		if($f == 'static_text') {
+			echo 'Font=';
 			selector("col[$x][fontname]", $fontlist, $d['fontname']);
 			selector("col[$x][fontstyle]", array('' => '', 'bold' => 'Bold'), $d['fontstyle']);
 			echo "<input type=\"text\" size=\"3\" name=\"col[$x][fontsize]\" value=\"{$d['fontsize']}\">";
 			echo 'pt  ';
 			echo 'OnOverflow=';
 			selector("col[$x][on_overflow]", array('tuncate' => 'Truncate', '...' => 'Add ...', 'scale' => 'Scale'), $d['on_overflow']);
 		}
 		if ($f == 'static_text') {
 			echo "<br />Text=<input type=\"text\" size=\"40\" name=\"col[$x][value]\" value=\"{$d['value']}\">";
 		} else {
 			echo "<input type=\"hidden\" name=\"col[$x][value]\" value=\"\">";
 		}
-		if($doCanvasSample)
+		if ($doCanvasSample)
-			echo "<script type=\"text/javascript\">createData({$script}'{$d['align']}','{$d['valign']}','{$d['fontname']}','{$d['fontstyle']}','{$d['fontsize']}','{$canvasLabels[$x]}')</script>\n";
+			echo "<script type=\"text/javascript\">createData({$script}'{$d['face']}','{$d['align']}','{$d['valign']}','{$canvasLabels[$x]}')</script>\n";
 		if ($doCanvasSampletcpdf)
 			echo "<script type=\"text/javascript\">createDataTCPDF({$script}'{$d['align']}','{$d['valign']}','{$d['fontname']}','{$d['fontstyle']}','{$d['fontsize']}','{$canvasLabels[$x]}')</script>\n";
 		$x++;
 		echo '<br/><br/>';
 	}
- 	for(;$x<$n_columns;$x++) {
+	for (; $x < $n_columns; $x++) {
-		echo "<b>New Column ".($x+1).": </b><br/> ";
+		echo '<tr><td align="right">Loc ' . ($x + 1) . ': </td>';
-		foreach($locs as $k=>$v) {
+		echo '<td>';
-			echo "$k=<input type=\"text\" size=\"5\" name=\"col[$x][$v]\" value=\"0\">";
+		foreach ($locs as $k => $v) {
 			if ($k == 'Lines' && $report['option']['type'] != 'label')
 				continue;
 			echo "$k=<input type=\"text\" size=\"3\" name=\"col[$x][$v]\" value=\"0\">";
 		}
 		if ($report['option']['type'] == 'label') {
 			echo 'Face=';
 			selector("col[$x][face]", array('' => '', 'bold' => 'Bold'), '');
 		}
 		echo 'Align';
-		selector("col[$x][align]", array('center' => 'Center', 'left' => 'Left', 'right' => 'Right'), 
+		selector("col[$x][align]", array('center' => 'Center', 'left' => 'Left', 'right' => 'Right'),
-				'center');
+			'center');
 		echo 'vAlign';
-		selector("col[$x][valign]", array('middle' => 'Middle', 'top' => 'Top', 'bottom' => 'Bottom'), 'middle');
+		if ($report['option']['type'] == 'label') {
-			
+			selector("col[$x][valign]", array('vcenter' => 'Center', 'vtop' => 'Top', 'vbottom' => 'Bottom'),
-		echo '<br/>';	
+				'top');
-		echo 'Font=';
+		} else {
-		selector("col[$x][fontname]", $fontlist, '');
+			selector("col[$x][valign]", array('middle' => 'Middle', 'top' => 'Top', 'bottom' => 'Bottom'), 'middle');
 		selector("col[$x][fontstyle]", array('' => '', 'bold' => 'Bold'), '');
 		echo "<input type=\"text\" size=\"3\" name=\"col[$x][fontsize]\" value=\"\">";
 		echo 'pt  ';
 		echo 'OnOverflow=';
 		selector("col[$x][on_overflow]", array('nothing'=>'Nothing (overflow the box)', 'truncate'=>'Truncate','...'=>'Truncate and add ellipses (...)', 'scale'=>'Scale'),'truncate');
 			echo 'Font=';
 			selector("col[$x][fontname]", $fontlist, '');
 			selector("col[$x][fontstyle]", array('' => '', 'bold' => 'Bold'), '');
 			echo "<input type=\"text\" size=\"3\" name=\"col[$x][fontsize]\" value=\"\">";
 			echo 'pt  ';
 			echo 'OnOverflow=';
 			selector("col[$x][on_overflow]", array('Truncate' => 'truncate', 'Add ...' => '...', 'Scale' => 'scale'), '');
 		}
 		echo "<input type=\"hidden\" name=\"col[$x][value]\" value=\"\">";
-		echo "<br/><br/>"; 
+		echo '</td></tr>';
 	}
- }
+}
- echo "<h4>Grouping</h4>";
+echo "</table>\n";
- for($x=0;$x<2;$x++) {
+echo '<h4>Grouping</h4>';
-	echo "Group By".($x + 1).": ";
+for ($x = 0; $x < 3; $x++) {
-	$f = $report['group'][$x]['field'];
+	echo 'Group By' . ($x + 1) . ': ';
 	$f = get_value_from_3d_array($report, 'group', $x, 'field');
 	field_selector("group[$x]", "group$x", $f);
-	echo "<br />"; 
+	echo '<br />';
- }
+}
- echo "<h4>Sorting</h4>";
+echo '<h4>Sorting</h4>';
- for($x=0;$x<3;$x++) {
+for ($x = 0; $x < 5; $x++) {
-	echo "Sort By".($x + 1).": ";
+	echo 'Sort By' . ($x + 1) . ': ';
-	$f = $report['sort'][$x]['field'];
+	$f = get_value_from_3d_array($report, 'sort', $x, 'field');
-	field_selector("sort[$x]", "sort$x",$f); 
+	field_selector("sort[$x]", "sort$x", $f);
-	echo "<br />"; 
+	echo '<br />';
- }
+}
- echo "<h4>Distinct</h4>";
+echo '<h4>Distinct</h4>';
- echo "Distinct Column:   ";
+echo 'Distinct Column:   ';
- $x=0;
+$x = 0;
- $f = $report['distinct'][$x]['field'];
+$f = get_value_from_3d_array($report, 'distinct', $x, 'field');
- field_selector("distinct[$x]", "distinct0", $f);
+field_selector("distinct[$x]", 'distinct0', $f);
- echo "<h4>Filtering</h4>";
+echo '<h4>Filtering</h4>';
- echo "<table>";
+echo '<table>';
- for($x=0;$x<3;$x++) {
+for ($x = 0; $x < 3; $x++) {
-	echo "<tr><td>Filter".($x + 1).":</td><td>";
+	echo '<tr><td>Filter' . ($x + 1) . ':</td><td>';
-	field_selector("filter[$x][field]", "filter$x",$report['filter'][$x]['field']); 
+	field_selector("filter[$x][field]", "filter$x", get_value_from_3d_array($report, 'filter', $x, 'field'));
-	echo "<br />";
+	echo '<br />';
-	selector("filter[$x][x]", $filter_ops,$report['filter'][$x]['x']); 
+	selector("filter[$x][x]", $filter_ops, get_value_from_3d_array($report, 'filter', $x, 'x'));
-	$v = $report['filter'][$x]['value'];
+	$v = get_value_from_3d_array($report, 'filter', $x, 'value');
 	echo "Text=<input type=\"text\" size=\"20\" name=\"filter[$x][value]\" value=\"$v\">";
-	echo "</td></tr>"; 
+	echo '</td></tr>';
- }
+}
- echo "</table>";
+echo '</table>';
- echo "<h4>Options</h4>";
+echo '<h4>Options</h4>';
- foreach($report_options as $ok=>$o) {
+foreach ($report_options as $ok => $o) {
- 	echo "{$o['desc']}: <select name=\"option[$ok]\" id=\"$ok\">";
+	echo "{$o['desc']}: <select name=\"option[$ok]\" id=\"$ok\">";
-	foreach($o['values'] as $k=>$v) {
+	foreach ($o['values'] as $k => $v) {
 		$sel = ($report['option'][$ok] == $k) ? 'selected=\"selected\"' : '';
 		echo "<option value=\"$k\" $sel>$v</option>";
 	}
 	echo "</select><br />\n";
- } 
+}
- echo "<br />";
+echo '<br />';
- if($report['system_report_id'] != 0) {
+if (get_value_from_array($report, 'system_report_id') != 0) {
- 	echo notice(i18n('This is a system report, it cannot be changed or deleted.  To save changes you have made to it, please select the \'Save as a new report\' option.'));
+	echo notice(i18n("This is a system report, it cannot be changed or deleted.  To save changes you have made to it, please select the 'Save as a new report' option."));
- }
+}
- echo "<select name=\"repaction\">";
+echo '<select name="repaction">';
- if($report['system_report_id'] == 0) {
+if ($report['system_report_id'] == 0) {
-	$sel = ($repaction_save == 'save') ? "selected=\"selected\"" : '';
+	$sel = ($repaction_save == 'save') ? 'selected="selected"' : '';
 	echo " <option value=\"save\" $sel>Save this report</option>";
-	$sel = ($repaction_save == 'try') ? "selected=\"selected\"" : '';
+	$sel = ($repaction_save == 'try') ? 'selected="selected"' : '';
 	echo " <option value=\"try\" $sel>Try this report</option>";
-	echo " <option value=\"export\">Export this report</option>";
+	echo ' <option value="export">Export this report</option>';
-	echo " <option value=\"\" ></option>";
+	echo ' <option value="" ></option>';
-	echo " <option value=\"dupe\" >Save as a new report(duplicate)</option>";
+	echo ' <option value="dupe" >Save as a new report(duplicate)</option>';
-	echo " <option value=\"\" ></option>";
+	echo ' <option value="" ></option>';
-	echo " <option value=\"del\" >Delete this report</option>";
+	echo ' <option value="del" >Delete this report</option>';
- } else {
+} else {
- 	echo " <option value=\"dupe\" >Save as a new report(duplicate)</option>";
+	echo ' <option value="dupe" >Save as a new report(duplicate)</option>';
-	$sel = ($repaction_save == 'try') ? "selected=\"selected\"" : '';
+	$sel = ($repaction_save == 'try') ? 'selected="selected"' : '';
 	echo " <option value=\"try\" $sel>Try this report</option>";
-	echo " <option value=\"export\">Export this report</option>";
+	echo ' <option value="export">Export this report</option>';
- }
+}
 echo "</select>";
 echo "<input type=\"submit\" value=\"Go\">";
- echo "</form>";
+echo '</select>';
 echo '<input type="submit" value="Go">';
- send_footer();
+echo '</form>';
 send_footer();
 ?>
--- a/admin/reports_fairs.inc.php
+++ b/admin/reports_fairs.inc.php
@ -1,441 +1,474 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 David Grant <dave@lightbox.org>
+/*
 * This file is part of the 'Science Fair In A Box' project
 * SFIAB Website: http://www.sfiab.ca
 *
 * Copyright (C) 2005 David Grant <dave@lightbox.org>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public
 * License as published by the Free Software Foundation, version 2.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 *  General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
   This program is free software; you can redistribute it and/or
   modify it under the terms of the GNU General Public
   License as published by the Free Software Foundation, version 2.
   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    General Public License for more details.
   You should have received a copy of the GNU General Public License
   along with this program; see the file COPYING.  If not, write to
   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
   Boston, MA 02111-1307, USA.
 */
 $parts = explode('-', $config['dates']['fairdate']);
 $fairYear = $parts[0];
 $report_fairs_fields = array(
-
+	'fair_name' => array(
 	'fairinfo_name' =>  array(
 		'start_option_group' => 'Fair Information',
 		'name' => 'Fair -- Fair Name',
 		'header' => 'Name',
-		'width' => 38.1 /*mm*/,
+		'width' => 1.5,
-		'table' => 'fairs.name'),
+		'table' => 'fairs.name'
-
+	),
-	'fairstats_year' => array (
+	'fairstats_year' => array(
 		'start_option_group' => 'Fair Statistics',
 		'name' => 'Fair Stats -- Year',
 		'header' => 'Year',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.year',
-		'components' => array('fairs_stats')),
+		'components' => array('fairs_stats')
-
+	),
-	'fairstats_year' => array (
+	'fairstats_year' => array(
 		'name' => 'Fair Stats -- Year',
 		'header' => 'Year',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.year',
-		'components' => array('fairs_stats')),
+		'components' => array('fairs_stats')
-
+	),
-	'fairstats_start_date' => array (
+	'fairstats_start_date' => array(
 		'name' => 'Fair Stats -- Fair Start',
 		'header' => 'Fair Start',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.start_date',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-
+	),
-	'fairstats_end_date' => array (
+	'fairstats_end_date' => array(
 		'name' => 'Fair Stats -- Fair End',
 		'header' => 'Fair End',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.end_date',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-
+	),
-	'fairstats_budget' => array (
+	'fairstats_budget' => array(
 		'name' => 'Fair Stats -- Budget',
 		'header' => 'Budget',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.budget',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-
+	),
-	'fairstats_address' => array (
+	'fairstats_address' => array(
 		'name' => 'Fair Stats -- Fair Location',
 		'header' => 'Fair Location',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.address',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_ysf_affiliation_complete' => array (
+	),
 	'fairstats_ysf_affiliation_complete' => array(
 		'name' => 'Fair Stats -- YSC Affilitation Complete',
 		'header' => 'YSC Affilitation Complete',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.ysf_affiliation_complete',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_charity' => array (
+	),
 	'fairstats_charity' => array(
 		'name' => 'Fair Stats -- Charity Number/Info',
 		'header' => 'Charity Number/Info',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.charity',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_scholarships' => array (
+	),
 	'fairstats_scholarships' => array(
 		'name' => 'Fair Stats -- Scholarship Info',
 		'header' => 'Scholarship Info',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.scholarships',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_male_1' => array (
+	),
 	'fairstats_male_1' => array(
 		'name' => 'Fair Stats -- Males Grade 1-3',
 		'header' => 'Males Grade 1-3',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.male_1',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_male_4' => array (
+	),
 	'fairstats_male_4' => array(
 		'name' => 'Fair Stats -- Males Grade 4-6',
 		'header' => 'Males Grade 4-6',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.male_4',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_male_7' => array (
+	),
 	'fairstats_male_7' => array(
 		'name' => 'Fair Stats -- Males Grade 7-8',
 		'header' => 'Males Grade 7-8',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.male_7',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_male_9' => array (
+	),
 	'fairstats_male_9' => array(
 		'name' => 'Fair Stats -- Males Grade 9-10',
 		'header' => 'Males Grade 9-10',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.male_9',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_male_11' => array (
+	),
 	'fairstats_male_11' => array(
 		'name' => 'Fair Stats -- Males Grade 11-12',
 		'header' => 'Males Grade 11-12',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.male_11',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_female_1' => array (
+	),
 	'fairstats_female_1' => array(
 		'name' => 'Fair Stats -- Females Grade 1-3',
 		'header' => 'Females Grade 1-3',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.female_1',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_female_4' => array (
+	),
 	'fairstats_female_4' => array(
 		'name' => 'Fair Stats -- Females Grade 4-6',
 		'header' => 'Females Grade 4-6',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.female_4',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_female_7' => array (
+	),
 	'fairstats_female_7' => array(
 		'name' => 'Fair Stats -- Females Grade 7-8',
 		'header' => 'Females Grade 7-8',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.female_7',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_female_9' => array (
+	),
 	'fairstats_female_9' => array(
 		'name' => 'Fair Stats -- Females Grade 9-10',
 		'header' => 'Females Grade 9-10',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.female_9',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_female_11' => array (
+	),
 	'fairstats_female_11' => array(
 		'name' => 'Fair Stats -- Females Grade 11-12',
 		'header' => 'Females Grade 11-12',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.female_11',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_projects_1' => array (
+	),
 	'fairstats_projects_1' => array(
 		'name' => 'Fair Stats -- Projects Grade 1-3',
 		'header' => 'Projects Grade 1-3',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.projects_1',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_projects_4' => array (
+	),
 	'fairstats_projects_4' => array(
 		'name' => 'Fair Stats -- Projects Grade 4-6',
 		'header' => 'Projects Grade 4-6',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.projects_4',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_projects_7' => array (
+	),
 	'fairstats_projects_7' => array(
 		'name' => 'Fair Stats -- Projects Grade 7-8',
 		'header' => 'Projects Grade 7-8',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.projects_7',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_projects_9' => array (
+	),
 	'fairstats_projects_9' => array(
 		'name' => 'Fair Stats -- Projects Grade 9-10',
 		'header' => 'Projects Grade 9-10',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.projects_9',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_projects_11' => array (
+	),
 	'fairstats_projects_11' => array(
 		'name' => 'Fair Stats -- Projects Grade 11-12',
 		'header' => 'Projects Grade 11-12',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.projects_11',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_firstnations' => array (
+	),
 	'fairstats_firstnations' => array(
 		'name' => 'Fair Stats -- First Nations Students',
 		'header' => 'First Nations Students',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.firstnations',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_students_atrisk' => array (
+	),
 	'fairstats_students_atrisk' => array(
 		'name' => 'Fair Stats -- Inner City Students',
 		'header' => 'Inner City Students',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.students_atrisk',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_schools_atrisk' => array (
+	),
 	'fairstats_schools_atrisk' => array(
 		'name' => 'Fair Stats -- Inner City Schools',
 		'header' => 'Inner City Schools',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.schools_atrisk',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_students_total' => array (
+	),
 	'fairstats_students_total' => array(
 		'name' => 'Fair Stats -- Total Participants',
 		'header' => 'Total Participants',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.students_total',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_schools_total' => array (
+	),
 	'fairstats_schools_total' => array(
 		'name' => 'Fair Stats -- Total Schools',
 		'header' => 'Total Schools',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.schools_total',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_schools_active' => array (
+	),
 	'fairstats_schools_active' => array(
 		'name' => 'Fair Stats -- Active Schools',
 		'header' => 'Active Schools',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.schools_active',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_students_public' => array (
+	),
 	'fairstats_students_public' => array(
 		'name' => 'Fair Stats -- Participants from Public',
 		'header' => 'Participants from Public',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.students_public',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_schools_public' => array (
+	),
 	'fairstats_schools_public' => array(
 		'name' => 'Fair Stats -- Public Schools',
 		'header' => 'Public Schools',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.schools_public',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_students_private' => array (
+	),
 	'fairstats_students_private' => array(
 		'name' => 'Fair Stats -- Participants from Independent',
 		'header' => 'Participants from Independent',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.students_private',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_schools_private' => array (
+	),
 	'fairstats_schools_private' => array(
 		'name' => 'Fair Stats -- Independent Schools',
 		'header' => 'Independent Schools',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.schools_private',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_schools_districts' => array (
+	),
 	'fairstats_schools_districts' => array(
 		'name' => 'Fair Stats -- School Districts',
 		'header' => 'School Districts',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.schools_districts',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_studentsvisiting' => array (
+	),
 	'fairstats_studentsvisiting' => array(
 		'name' => 'Fair Stats -- Students Visiting',
 		'header' => 'Students Visiting',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.studentsvisiting',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_publicvisiting' => array (
+	),
 	'fairstats_publicvisiting' => array(
 		'name' => 'Fair Stats -- Public Guests Visting',
 		'header' => 'Public Guests Visting',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.publicvisiting',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_teacherssupporting' => array (
+	),
 	'fairstats_teacherssupporting' => array(
 		'name' => 'Fair Stats -- Teachers Supporting Projects',
 		'header' => 'Teachers Supporting Projects',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.teacherssupporting',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_increasedinterest' => array (
+	),
 	'fairstats_increasedinterest' => array(
 		'name' => 'Fair Stats -- Students Increased Interest in Science',
 		'header' => 'Students Increased Interest in Science',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.increasedinterest',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_consideringcareer' => array (
+	),
 	'fairstats_consideringcareer' => array(
 		'name' => 'Fair Stats -- Students Considering Career in Science',
 		'header' => 'Students Considering Career in Science',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.consideringcareer',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_committee_members' => array (
+	),
 	'fairstats_committee_members' => array(
 		'name' => 'Fair Stats -- Committee Members',
 		'header' => 'Committee Members',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.committee_members',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_judges' => array (
+	),
 	'fairstats_judges' => array(
 		'name' => 'Fair Stats -- Judges',
 		'header' => 'Judges',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.judges',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_next_chair_name' => array (
+	),
 	'fairstats_next_chair_name' => array(
 		'name' => 'Fair Stats -- Regional Chairperson Name',
 		'header' => 'Regional Chairperson Name',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.next_chair_name',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_next_chair_email' => array (
+	),
 	'fairstats_next_chair_email' => array(
 		'name' => 'Fair Stats -- Email',
 		'header' => 'Email',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.next_chair_email',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_next_chair_hphone' => array (
+	),
 	'fairstats_next_chair_hphone' => array(
 		'name' => 'Fair Stats -- Home Phone',
 		'header' => 'Home Phone',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.next_chair_hphone',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_next_chair_bphone' => array (
+	),
 	'fairstats_next_chair_bphone' => array(
 		'name' => 'Fair Stats -- Business Phone',
 		'header' => 'Business Phone',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.next_chair_bphone',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_next_chair_fax' => array (
+	),
 	'fairstats_next_chair_fax' => array(
 		'name' => 'Fair Stats -- Fax',
 		'header' => 'Fax',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.next_chair_fax',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_delegate1' => array (
+	),
 	'fairstats_delegate1' => array(
 		'name' => 'Fair Stats -- Delegate 1',
 		'header' => 'Delegate 1',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.delegate1',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_delegate2' => array (
+	),
 	'fairstats_delegate2' => array(
 		'name' => 'Fair Stats -- Delegate 2',
 		'header' => 'Delegate 2',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.delegate2',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_delegate3' => array (
+	),
 	'fairstats_delegate3' => array(
 		'name' => 'Fair Stats -- Delegate 3',
 		'header' => 'Delegate 3',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.delegate3',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_delegate4' => array (
+	),
 	'fairstats_delegate4' => array(
 		'name' => 'Fair Stats -- Delegate 4',
 		'header' => 'Delegate 4',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.delegate4',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_delegate1_email' => array (
+	),
 	'fairstats_delegate1_email' => array(
 		'name' => 'Fair Stats -- Delegate 1 Email',
 		'header' => 'Delegate 1 Email',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.delegate1_email',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_delegate2_email' => array (
+	),
 	'fairstats_delegate2_email' => array(
 		'name' => 'Fair Stats -- Delegate 2 Email',
 		'header' => 'Delegate 2 Email',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.delegate2_email',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_delegate3_email' => array (
+	),
 	'fairstats_delegate3_email' => array(
 		'name' => 'Fair Stats -- Delegate 3 Email',
 		'header' => 'Delegate 3 Email',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.delegate3_email',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_delegate4_email' => array (
+	),
 	'fairstats_delegate4_email' => array(
 		'name' => 'Fair Stats -- Delegate 4 Email',
 		'header' => 'Delegate 4 Email',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.delegate4_email',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_delegate1_size' => array (
+	),
 	'fairstats_delegate1_size' => array(
 		'name' => 'Fair Stats -- Delegate 1 Jacket Size',
 		'header' => 'Delegate 1 Jacket Size',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.delegate1_size',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_delegate2_size' => array (
+	),
 	'fairstats_delegate2_size' => array(
 		'name' => 'Fair Stats -- Delegate 2 Jacket Size',
 		'header' => 'Delegate 2 Jacket Size',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.delegate2_size',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_delegate3_size' => array (
+	),
 	'fairstats_delegate3_size' => array(
 		'name' => 'Fair Stats -- Delegate 3 Jacket Size',
 		'header' => 'Delegate 3 Jacket Size',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.delegate3_size',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-	'fairstats_delegate4_size' => array (
+	),
 	'fairstats_delegate4_size' => array(
 		'name' => 'Fair Stats -- Delegate 4 Jacket Size',
 		'header' => 'Delegate 4 Jacket Size',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'fairs_stats.delegate4_size',
-		'components' => array('fairs_stats')), 
+		'components' => array('fairs_stats')
-
+	),
-	/* The label system depends on each report type having conference_name and conference_logo */
+	'static_text' => array(
 	'conference_name' =>  array(
 		'start_option_group' => 'Local Conference Information',
                'name' => 'Conference -- Name',
                'header' => 'Conference Name',
                'width' => 76.2 /*mm*/,
                'table' => "'".mysql_escape_string($conference['name'])."'"),
 	'conference_logo' =>  array(
 		'name' => 'Conference -- Logo (for Labels only)',
 		'header' => '',
 		'width' => 1 /*mm*/,
 		'table' => "CONCAT(' ')"),
 	'static_text' => array (
 		'name' => 'Static Text (useful for labels)',
 		'header' => '',
-		'width' => 2.54 /*mm*/,
+		'width' => 0.1,
-		'table' => "CONCAT(' ')"),
+		'table' => "CONCAT(' ')"
-
+	),
 );
- function report_fairs_fromwhere($report, $components)
+function report_fairs_fromwhere($report, $components)
- {
+{
- 	global $config, $report_fairs_fields;
+	global $config, $report_fairs_fields;
-	
+
 	$fields = $report_fairs_fields;
-	$conferences_id = $report['conferences_id'];
+	$year = $report['year'];
-	if(in_array('fairs_stats', $components)) {
+	if (in_array('fairs_stats', $components)) {
 		$fs_from = 'LEFT JOIN fairs_stats ON fairs_stats.fairs_id=fairs.id';
-		$fs_where = "fairs_stats.conferences_id='$conferences_id' AND";
+		$fs_where = "fairs_stats.year='$year'";
 	}
-	$q = "	FROM 	fairs 
+	$q = "	FROM \tfairs 
 			$fs_from
 		WHERE
 			1 AND 
 			$fs_where
 			1
 		";
 	return $q;
 }
 ?>
--- a/admin/reports_fundraising.inc.php
+++ b/admin/reports_fundraising.inc.php
@ -1,213 +1,199 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
 * SFIAB Website: http://www.sfiab.ca
 *
 * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
 * Copyright (C) 2005 James Grant <james@lightbox.org>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public
 * License as published by the Free Software Foundation, version 2.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 *  General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
-   This program is free software; you can redistribute it and/or
+/*
-   modify it under the terms of the GNU General Public
+ * Take the language array in users_fundraising, unserialize it, and join it
-   License as published by the Free Software Foundation, version 2.
+ * with a space
-
+ */
-   This program is distributed in the hope that it will be useful,
+function report_fundraisings_languages($report, $field, $text)
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    General Public License for more details.
   You should have received a copy of the GNU General Public License
   along with this program; see the file COPYING.  If not, write to
   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
   Boston, MA 02111-1307, USA.
 */
 /* Take the language array in users_fundraising, unserialize it, and join it
 * with a space */
 function report_fundraisings_languages(&$report, $field, $text)
 {
-		$l = unserialize($text);
+	$l = unserialize($text);
-		return join(' ', $l);
+	return join(' ', $l);
 }
 /* Components: */
-/* Yes, fundraisings, the generator takes the report type (also the user.type in many cases) and
+
- * just adds an 's' to find the fields and the functions. */
+/*
 * Yes, fundraisings, the generator takes the report type (also the user.type in many cases) and
 * just adds an 's' to find the fields and the functions.
 */
 $report_fundraisings_fields = array(
 	'fundraising_campaigns_id' => array(
 		'start_option_group' => 'Campaign ID',
 		'name' => 'Fundraising Campaign numerical ID',
 		'header' => 'ID',
-		'width' => 6.35 /*mm*/,
+		'width' => 0.25,
-		'table' => "fundraising_campaigns.id"),
+		'table' => 'fundraising_campaigns.id'
-	
+	),
-	'salutation' =>  array(
+	'salutation' => array(
 		'start_option_group' => 'Contact Information',
 		'name' => 'Contact -- Salutation (Mr., Mrs., etc.)',
 		'header' => 'Sal',
-		'width' => 12.7 /*mm*/,
+		'width' => 0.5,
-		'table' => "users.salutation",
+		'table' => 'users.salutation',
-		'components' => array('users') ),
+		'components' => array('users')
-
+	),
-	'namefl' =>  array(
+	'namefl' => array(
 		'name' => 'Contact -- Full Name (first last)',
 		'header' => 'Name',
-		'width' => 44.45 /*mm*/,
+		'width' => 1.75,
 		'table' => "CONCAT(users.firstname, ' ', users.lastname)",
-		'table_sort'=> 'users.lastname',
+		'table_sort' => 'users.lastname',
-		'components' => array('users') ),
+		'components' => array('users')
-
+	),
-	'email' =>  array(
+	'email' => array(
 		'name' => 'Contact -- Email',
 		'header' => 'Email',
-		'width' => 50.8 /*mm*/,
+		'width' => 2.0,
 		'table' => 'users.email',
-		'components' => array('users') ),
+		'components' => array('users')
-
+	),
 	'phone_home' => array(
 		'name' => 'Contact -- Phone (Home)',
 		'header' => 'Phone(Home)',
-		'width' => 25.4 /*mm*/,
+		'width' => 1,
 		'table' => 'users.phonehome',
-		'components' => array('users') ),
+		'components' => array('users')
-
+	),
 	'phone_work' => array(
 		'name' => 'Contact -- Phone (Work)',
 		'header' => 'Phone(Work)',
-		'width' => 31.75 /*mm*/,
+		'width' => 1.25,
-		'table' => "users.phonework",
+		'table' => 'users.phonework',
-		'components' => array('users') ),
+		'components' => array('users')
-
+	),
 	'organization' => array(
 		'name' => 'Contact -- Organization',
 		'header' => 'Organization',
-		'width' => 50.8 /*mm*/,
+		'width' => 2,
 		'table' => 'users.organization',
-		'components' => array('users') ),
+		'components' => array('users')
-
+	),
 	'position' => array(
 		'name' => 'Contact -- Position',
 		'header' => 'Position',
-		'width' => 50.8 /*mm*/,
+		'width' => 2,
 		'table' => 'users_sponsor.position',
-		'components' => array('users') ),
+		'components' => array('users')
-
+	),
-	'address' =>  array(
+	'address' => array(
 		'start_option_group' => 'Contact Address',
 		'name' => 'Contact Address -- Street',
 		'header' => 'Address',
-		'width' => 50.8 /*mm*/,
+		'width' => 2.0,
 		'table' => "CONCAT(users.address, ' ', users.address2)",
-		'components' => array('users') ),
+		'components' => array('users')
-
+	),
-	'city' =>  array(
+	'city' => array(
 		'name' => 'Contact Address -- City',
 		'header' => 'City',
-		'width' => 38.1 /*mm*/,
+		'width' => 1.5,
 		'table' => 'users.city',
-		'components' => array('users') ),
+		'components' => array('users')
-
+	),
-	'province' =>  array(
+	'province' => array(
-		'name' => 'Contact Address -- '.$config['provincestate'],
+		'name' => 'Contact Address -- ' . $config['provincestate'],
-			'header' => $config['provincestate'],
+		'header' => $config['provincestate'],
-		'width' => 19.05 /*mm*/,
+		'width' => 0.75,
 		'table' => 'users.province',
-		'components' => array('users') ),
+		'components' => array('users')
-
+	),
-	'postal' =>  array(
+	'postal' => array(
-		'name' => 'Contact Address -- '.$config['postalzip'],
+		'name' => 'Contact Address -- ' . $config['postalzip'],
 		'header' => $config['postalzip'],
-		'width' => 19.05 /*mm*/,
+		'width' => 0.75,
-		'table' => 'users.postalcode' ,
+		'table' => 'users.postalcode',
-		'components' => array('users') ),
+		'components' => array('users')
-
+	),
-       'city_prov' =>  array(
+	'city_prov' => array(
-                'name' => 'Contact Address -- City, '.$config['provincestate'].' (for mailing)',
+		'name' => 'Contact Address -- City, ' . $config['provincestate'] . ' (for mailing)',
-                'header' => 'City',
+		'header' => 'City',
-                'width' => 38.1 /*mm*/,
+		'width' => 1.5,
-                'table' => "CONCAT(users.city, ', ', users.province)",
+		'table' => "CONCAT(users.city, ', ', users.province)",
-		'components' => array('users') ),
+		'components' => array('users')
-/* // FIXME - not sure what to do with these options, converting from years to conferences	
+	),
-	'year' =>  array(
+	'year' => array(
 		'start_option_group' => 'Miscellaneous',
 		'name' => 'Contact -- Year',
 		'header' => 'Year',
-		'width' => 12.7 //mm,
+		'width' => 0.5,
 		'table' => 'users.year',
-		'components' => array('users') ),
+		'components' => array('users')
-
+	),
 	'user_filter' => array(
 		'name' => 'User Filter by MAX(year)',
 		'header' => '',
-		'width' => 2.54 //mm,
+		'width' => 0.1,
 		'table' => 'MAX(users.year)',
-		'group_by' => array('users.accounts_id'),
+		'group_by' => array('users.uid'),
-		'components' => array('users') ),
+		'components' => array('users')
-*/
+	),
-	'static_text' =>  array(
+	'static_text' => array(
 		'name' => 'Static Text (useful for labels)',
 		'header' => '',
-		'width' => 2.54 /*mm*/,
+		'width' => 0.1,
-		'table' => "CONCAT(' ')"),
+		'table' => "CONCAT(' ')"
-
+	),
 	/* The label system depends on each report type having conference_name and conference_logo */
 	'conference_name' =>  array(
 		'start_option_group' => 'Conference Information',
                'name' => 'Conference -- Name',
                'header' => 'Conference Name',
                'width' => 76.2 /*mm*/,
                'table' => "'".mysql_escape_string($conference['name'])."'"),
 	'conference_logo' =>  array(
 		'name' => 'Conference -- Logo (for Labels only)',
 		'header' => '',
 		'width' => 1 /*mm*/,
 		'table' => "CONCAT(' ')"),
 );
- function report_fundraisings_fromwhere($report, $components)
+function report_fundraisings_fromwhere($report, $components)
- {
+{
- 	global $config, $report_fundraisings_fields;
+	global $config, $report_fundraisings_fields;
 	$fields = $report_fundraisings_fields;
 //	$conferences_id = $report['conferences_id'];
-	if(in_array('users', $components)) {
+	$fields = $report_fundraisings_fields;
 	$year = $report['year'];
 	if (in_array('users', $components)) {
 		$users_from = 'LEFT JOIN fundraising_campaigns_users_link ON fundraising_campaigns.id=fundraising_campaigns_users_link.fundraising_campaigns_id
-				LEFT JOIN users ON users.accounts_id=fundraising_campaigns_users_link.users_uid
+				LEFT JOIN users ON users.uid=fundraising_campaigns_users_link.users_uid
 				LEFT JOIN users_sponsor ON users_sponsor.users_id=users.id';
 		$users_where = "users.deleted!='yes' AND";
 	}
-/*
+	/*
-	// this chunk of code was already remarked when updating the system to use conferences
+	 * $teams_from = '';
-	// instead of fair years.  If it gets re-used however, then it will need to be updated
+	 * $teams_where = '';
-	// accordingly.  Not sure as I write this comment how the fundraising years will link
+	 * if(in_array('teams', $components)) {
-	// to the conferences, rather than to the fair years that were previously used.
+	 * 	$teams_from = "LEFT JOIN fundraisings_teams_link ON judges_teams_link.users_id=users.id
 	 * 			LEFT JOIN fundraisings_teams ON judges_teams.id=judges_teams_link.judges_teams_id";
 	 * 	$teams_where = "AND fundraisings_teams_link.year='$year'
 	 * 			AND fundraisings_teams.year='$year'";
 	 * }
 	 *
 	 * $projects_from='';
 	 * $projects_where='';
 	 * if(in_array('projects', $components)) {
 	 * 	$projects_from = "LEFT JOIN fundraisings_teams_timeslots_projects_link ON
 	 * 				fundraisings_teams_timeslots_projects_link.judges_teams_id=judges_teams.id
 	 * 			LEFT JOIN projects ON projects.id=fundraisings_teams_timeslots_projects_link.projects_id
 	 * 			LEFT JOIN fundraisings_timeslots ON judges_timeslots.id=judges_teams_timeslots_projects_link.judges_timeslots_id";
 	 * 	$projects_where = "AND fundraisings_teams_timeslots_projects_link.year='$year'
 	 * 			AND projects.year='$year'";
 	 * }
 	 */
-	$teams_from = '';
+	$q = "  FROM \tfundraising_campaigns
 	$teams_where = '';
 	if(in_array('teams', $components)) {
 		$teams_from = "LEFT JOIN fundraisings_teams_link ON judges_teams_link.users_id=users.id
 				LEFT JOIN fundraisings_teams ON judges_teams.id=judges_teams_link.judges_teams_id";
 		$teams_where = "AND fundraisings_teams_link.year='$year'
 				AND fundraisings_teams.year='$year'";
 	}
 	$projects_from='';
 	$projects_where='';
 	if(in_array('projects', $components)) {
 		$projects_from = "LEFT JOIN fundraisings_teams_timeslots_projects_link ON
 					fundraisings_teams_timeslots_projects_link.judges_teams_id=judges_teams.id
 				LEFT JOIN projects ON projects.id=fundraisings_teams_timeslots_projects_link.projects_id
 				LEFT JOIN fundraisings_timeslots ON judges_timeslots.id=judges_teams_timeslots_projects_link.judges_timeslots_id";
 		$projects_where = "AND fundraisings_teams_timeslots_projects_link.year='$year'
 				AND projects.year='$year'";
 	}
 */
 	$q = "  FROM 	fundraising_campaigns
 			$users_from
 		WHERE
 			$users_where
--- a/admin/reports_gen.php
+++ b/admin/reports_gen.php
@ -1,144 +1,142 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
-require_once("../common.inc.php");
+require_once ('../common.inc.php');
-require_once("../user.inc.php");
+require_once ('../user.inc.php');
-user_auth_required('admin');
+user_auth_required('committee', 'admin');
-require_once('reports.inc.php');
+require_once ('reports.inc.php');
 $id = intval($_GET['id']);
-$type = $_GET['type'];
+$type = stripslashes($_GET['type']);
-$stock = $_GET['stock'];
+$stock = stripslashes($_GET['stock']);
-if(array_key_exists('conferences_id', $_GET)){
+$year = intval($_GET['year']);
 	$conferences_id = intval($_GET['conferences_id']);
 	$result = mysql_result(mysql_query("SELECT COUNT(*) FROM conferences WHERE id = $conferences_id"), 0);
 	if($result != 1) $conferences_id = $conference['id'];
 }else{
 	$conferences_id = $conference['id'];
 }
 $include_incomplete_registrations = ($_GET['include_incomplete_registrations'] == 'yes') ? 'yes' : '';
 $show_options = array_key_exists('show_options', $_GET);
 if ($year < 1000)
 	$year = $config['FAIRYEAR'];
 /* If it's a system report, turn that into the actual report id */
-if(array_key_exists('sid', $_GET)) {
+if (array_key_exists('sid', $_GET)) {
 	$sid = intval($_GET['sid']);
-	$q = mysql_query("SELECT id FROM reports WHERE system_report_id='$sid'");
+	$q = $pdo->prepare("SELECT id FROM reports WHERE system_report_id='$sid'");
-	$r = mysql_fetch_assoc($q);
+	$q->execute();
 	$r = $q->fetch(PDO::FETCH_OBJ);
 	$id = $r['id'];
 }
 $report = report_load($id);
 /* Add a custom filter if specified */
 $filter_args = '';
-if(is_array($_GET['filter'])) {
+if (is_array($_GET['filter'])) {
-	foreach($_GET['filter'] as $f=>$v) {
+	foreach ($_GET['filter'] as $f => $v) {
-		$report['filter'][] = array('field'=>$v['field'],'x'=>$v['x'],'value'=>$v['value']);
+		$report['filter'][] = array('field' => $v['field'], 'x' => $v['x'], 'value' => $v['value']);
-		$filter_args.="&filter[$f][field]={$v['field']}&filter[$f][x]={$v['x']}&filter[$f][value]={$v['value']}";
+		$filter_args .= "&filter[$f][field]={$v['field']}&filter[$f][x]={$v['x']}&filter[$f][value]={$v['value']}";
 	}
 }
-switch($_GET['action']) {
+switch ($_GET['action']) {
-    case 'dialog_gen':
+	case 'dialog_gen':
-	if($id < 0) {
+		if ($id < 0) {
-		$u = "{$config['SFIABDIRECTORY']}/{$report_custom[-$id]['custom_url']}";
+			$u = "{$config['SFIABDIRECTORY']}/{$report_custom[-$id]['custom_url']}";
-		?>
+			?>
 		<script type="text/javascript">
-			window.location.href="<?=$u?>";
+			window.location.href="<?= $u ?>";
 		</script>
 		<?
-		exit;
+			exit;
-	}
+		}
-	?>
+		?>
 	<div id="report_dialog_gen" title="Generate Report" style="display: none">
 	<div id="report_gen_tabs">
-	<ul><li><a href="#report_gen_tab_info"><span><?=i18n('Report Information')?></span></a></li>
+	<ul><li><a href="#report_gen_tab_info"><span><?= i18n('Report Information') ?></span></a></li>
-	<li><a href="#report_gen_tab_advanced"><span><?=i18n('Advanced Options')?></span></a></li>
+	<li><a href="#report_gen_tab_advanced"><span><?= i18n('Advanced Options') ?></span></a></li>
 	</ul>
 	<form id="report_dialog_form" >
 	<div id="report_gen_tab_info">
-	<input type="hidden" name="id" value="<?=$id?>" />
+	<input type="hidden" name="id" value="<?= $id ?>" />
 	<table class="editor" style="width:95%"><tr>
-		<td colspan="2"><br /><h3><?=i18n('Report Information')?></h3><br /></td>
+		<td colspan="2"><br /><h3><?= i18n('Report Information') ?></h3><br /></td>
 	</tr><tr>
-		<td class="label"><b><?=i18n("Report Name")?></b>:</td>
+		<td class="label"><b><?= i18n('Report Name') ?></b>:</td>
-		<td class="input"><?=$report['name']?></b></td>
+		<td class="input"><?= $report['name'] ?></b></td>
 	</tr><tr>
-		<td class="label"><b><?=i18n("Description")?></b>:</td>
+		<td class="label"><b><?= i18n('Description') ?></b>:</td>
-		<td class="input"><?=$report['desc']?></b></td>
+		<td class="input"><?= $report['desc'] ?></b></td>
 	</tr><tr>
-		<td class="label"><b><?=i18n("Created By")?></b>:</td>
+		<td class="label"><b><?= i18n('Created By') ?></b>:</td>
-		<td class="input"><?=$report['creator']?></td>
+		<td class="input"><?= $report['creator'] ?></td>
 	</tr><tr>
 	<?
 	/* See if the report is in this committee member's list */
-	$q = mysql_query("SELECT * FROM reports_committee 
+	$q = $pd->prepare("SELECT * FROM reports_committee 
-				WHERE users_id='{$_SESSION['accounts_id']}'
+ \t\t\t\tWHERE users_id='{$_SESSION['users_uid']}'
 				AND reports_id='{$report['id']}'");
-	if(mysql_num_rows($q) > 0) {
+	$q->execute();
-		$i = mysql_fetch_assoc($q);
+	if ($q->rowCount() > 0) {
 		$i = $q->fetch(PDO::FETCH_ASSOC);
 		?>
-		<td colspan="2"><hr /><h3><?=i18n('My Reports Info')?></h3></td>
+		<td colspan="2"><hr /><h3><?= i18n('My Reports Info') ?></h3></td>
 		</tr><tr>
-			<td class="label"><b><?=i18n("Category")?></b>:</td>
+			<td class="label"><b><?= i18n('Category') ?></b>:</td>
-			<td class="input"><?=$i['category']?></b></td>
+			<td class="input"><?= $i['category'] ?></b></td>
 		</tr><tr>
-			<td class="label"><b><?=i18n("Comment")?></b>:</td>
+			<td class="label"><b><?= i18n('Comment') ?></b>:</td>
-			<td class="input"><?=$i['comment']?></b></td>
+			<td class="input"><?= $i['comment'] ?></b></td>
 		</tr><tr>
 	<? } ?>
-		<td colspan="2"><br /><hr /><h3><?=i18n('Report Options')?></h3><br /></td>
+		<td colspan="2"><br /><hr /><h3><?= i18n('Report Options') ?></h3><br /></td>
 	</tr>
 	<?
 	$format = $report['options']['type'];
 	$stock = $report['options']['stock'];
-	$conferences_id = $conference['id'];
+	$year = $config['FAIRYEAR'];
-	 /* Out of all the report optins, we really only want these ones */
+	/* Out of all the report optins, we really only want these ones */
-	$option_keys = array('type','stock');
+	$option_keys = array('type', 'stock');
-	foreach($report_options as $ok=>$o) {
+	foreach ($report_options as $ok => $o) {
-		if(!in_array($ok, $option_keys)) continue;
+		if (!in_array($ok, $option_keys))
 			continue;
 		echo "<tr><td class=\"label\"><b>{$o['desc']}</b>:</td>";
 		echo "<td class=\"input\"><select name=\"$ok\" id=\"$ok\">";
-		foreach($o['values'] as $k=>$v) {
+		foreach ($o['values'] as $k => $v) {
 			$sel = ($report['option'][$ok] == $k) ? 'selected="selected"' : '';
-			echo "<option value=\"$k\" $sel>".htmlspecialchars($v)."</option>";
+			echo "<option value=\"$k\" $sel>" . htmlspecialchars($v) . '</option>';
 		}
 		echo "</select></td></tr>\n";
 	}
-
+	/* Find all the years */
-	// Find all conferences
+	$q = $pdo->prepare('SELECT DISTINCT year FROM config WHERE year>1000 ORDER BY year DESC');
-	$q = mysql_query("SELECT conferences.name, conferences.id, dates.date FROM conferences JOIN dates on dates.conferences_id = conferences.id WHERE dates.name='fairdate' ORDER BY dates.date DESC");
+	$q->execute();
-	echo "<tr><td  class=\"label\"><b>".i18n('Conference')."</b>:</td>";
+	echo '<tr><td  class="label"><b>' . i18n('Year') . '</b>:</td>';
-	echo "<td class=\"input\"><select name=\"conferences_id\" id=\"conferences_id\">";
+	echo '<td class="input"><select name="year" id="year">';
-	while($row = mysql_fetch_assoc($q)){
+	while ($i = $q->fetch(PDO::FETCH_ASSOC)) {
-		$parts = explode(' ', $row['date']);
+		$y = $i['year'];
-		$date = $parts[0];
+		$sel = ($config['FAIRYEAR'] == $y) ? 'selected="selected"' : '';
-		$sel = ($row['id'] == $conferences_id) ? 'selected="selected"' : '';
+		echo "<option value=\"$y\" $sel>$y</option>";
 		echo "<option value=\"{$row['id']}\" $sel>{$row['name']} ($date)</option>";
 	}
 	echo "</select></td></tr>\n";
 	?>
@ -146,10 +144,10 @@ switch($_GET['action']) {
 	</div>
 	<div id="report_gen_tab_advanced">
 	<table class="editor" style="width:95%"><tr>
-		<td colspan="2"><br /><h4><?=i18n('Advanced Options')?></h4><br /></td>
+		<td colspan="2"><br /><h4><?= i18n('Advanced Options') ?></h4><br /></td>
 	</tr><tr>
 		<td class="label"><input type="checkbox" name="include_incomplete_registrations" value="yes" /></td>
-		<td class="input"><?=i18n('Include student and project data from incomplete registrations.  The registration only needs to have a division and category selected.')?></td>
+		<td class="input"><?= i18n('Include student and project data from incomplete registrations.  The registration only needs to have a division and category selected.') ?></td>
 	</table>
 	</div>
 	</form>
@ -167,13 +165,13 @@ switch($_GET['action']) {
 						$(this).dialog('destroy');
 						$('#report_dialog_gen').remove();
 					},
-				buttons: { "<?=i18n("Cancel")?>": function() {  
+				buttons: { "<?= i18n('Cancel') ?>": function() {  
 							$('#report_dialog_gen').dialog("close");
 							return false;
 						},
-					   "<?=i18n("Download Report")?>": function() { 
+					   "<?= i18n('Download Report') ?>": function() { 
-							var dlargs = $('#report_dialog_form').serialize()+"<?=$filter_args?>";
+							var dlargs = $('#report_dialog_form').serialize()+"<?= $filter_args ?>";
-							var dlurl = "<?=$config['SFIABDIRECTORY']?>/admin/reports_gen.php?"+dlargs;
+							var dlurl = "<?= $config['SFIABDIRECTORY'] ?>/admin/reports_gen.php?"+dlargs;
 							$('#debug').html(dlurl);
 	//						alert(dlurl);
 	//						$('#content').attr('src',dlurl);
@ -186,96 +184,97 @@ switch($_GET['action']) {
 	</script>
 	<?
 		exit;
 }
 if ($show_options == false) {
 	if ($id && $year) {
 		$report['year'] = $year;
 		if ($type != '')
 			$report['option']['type'] = $type;
 		if ($stock != '')
 			$report['option']['stock'] = $stock;
 		if ($include_incomplete_registrations != '')
 			$report['option']['include_incomplete_registrations'] = 'yes';
 		report_gen($report);
 	} else {
 		exit;
 		header('Location: reports.php');
 	}
 	exit;
 }
 if($show_options == false) {
 	 if($id && $conferences_id) {
 		$report['conferences_id'] = $conferences_id;
 		if($type != '') $report['option']['type'] = $type;
 		if($stock != '') $report['option']['stock'] = $stock;
 		if($include_incomplete_registrations != '') $report['option']['include_incomplete_registrations'] = 'yes';
 		report_gen($report);
 	 } else {
 	 exit;
 		header("Location: reports.php");
 	 }
 	 exit;
 }
 send_header('Report Options', array(
-		'Committee Main' => 'committee_main.php',
+	'Committee Main' => 'committee_main.php',
-		'My Reports' => 'admin/reports.php'));
+	'My Reports' => 'admin/reports.php'
 ));
 echo '<form method=\"get\" action="reports_gen.php">';
 echo "<input type=\"hidden\" name=\"id\" value=\"$id\">";
 echo '<table class="tableedit">';
-echo "<tr><td><b>".i18n('Report&nbsp;Name')."</b>:</td>";
+echo '<tr><td><b>' . i18n('Report&nbsp;Name') . '</b>:</td>';
 echo "<td>{$report['name']}</td></tr>";
-echo "<tr><td><b>".i18n('Description')."</b>:</td>";
+echo '<tr><td><b>' . i18n('Description') . '</b>:</td>';
 echo "<td>{$report['desc']}</td></tr>";
-echo "<tr><td><b>".i18n('Created By')."</b>:</td>";
+echo '<tr><td><b>' . i18n('Created By') . '</b>:</td>';
 echo "<td>{$report['creator']}</td></tr>";
 echo '<tr><td colspan="2"><hr /></td></tr>';
 /* See if the report is in this committee member's list */
-$q = mysql_query("SELECT * FROM reports_committee 
+$q = $pdo->prepare("SELECT * FROM reports_committee 
-			WHERE users_id='{$_SESSION['accounts_id']}'
+ \t\t\tWHERE users_id='{$_SESSION['users_uid']}'
 			AND reports_id='{$report['id']}'");
-echo "<tr><td colspan=\"2\"><h3>".i18n('My Reports Info')."</h3></td></tr>";
+$q->execute();
-if(mysql_num_rows($q) > 0) {
+echo '<tr><td colspan="2"><h3>' . i18n('My Reports Info') . '</h3></td></tr>';
 if ($q->rowCount() > 0) {
 	/* Yes, it is */
-	$i = mysql_fetch_object($q);
+	$i = $q->fetch(PDO::FETCH_OBJ);
-	echo "<tr><td><b>".i18n('Category')."</b>:</td>";
+	echo '<tr><td><b>' . i18n('Category') . '</b>:</td>';
 	echo "<td>{$i->category}</td></tr>";
-	echo "<tr><td><b>".i18n('Comment')."</b>:</td>";
+	echo '<tr><td><b>' . i18n('Comment') . '</b>:</td>';
 	echo "<td>{$i->comment}</td></tr>";
 } else {
-	echo "<tr><td></td><td>".i18n('This report is NOT in your \'My Reports\' list.')."</td></tr>";
+	echo '<tr><td></td><td>' . i18n("This report is NOT in your 'My Reports' list.") . '</td></tr>';
 }
 echo '<tr><td colspan="2"><hr /></td></tr>';
-echo "<tr><td colspan=\"2\"><h3>".i18n('Report Options')."</h3></td></tr>";
+echo '<tr><td colspan="2"><h3>' . i18n('Report Options') . '</h3></td></tr>';
 $format = $report['options']['type'];
 $stock = $report['options']['stock'];
-$conferences_id = $conference['id'];
+$year = $config['FAIRYEAR'];
 /* Out of all the report optoins, we really only want these ones */
-$option_keys = array('type','stock');
+$option_keys = array('type', 'stock');
-foreach($report_options as $ok=>$o) {
+foreach ($report_options as $ok => $o) {
-	if(!in_array($ok, $option_keys)) continue;
+	if (!in_array($ok, $option_keys))
 		continue;
 	echo "<tr><td><b>{$o['desc']}</b>:</td>";
 	echo "<td><select name=\"$ok\" id=\"$ok\">";
-	foreach($o['values'] as $k=>$v) {
+	foreach ($o['values'] as $k => $v) {
 		$sel = ($report['option'][$ok] == $k) ? 'selected="selected"' : '';
 		echo "<option value=\"$k\" $sel>$v</option>";
 	}
-	echo "</select></td></tr>";
+	echo '</select></td></tr>';
 }
-
+/* Find all the years */
-// Find all conferences
+$q = $pdo->prepare('SELECT DISTINCT year FROM config WHERE year>1000 ORDER BY year DESC');
-$q = mysql_query("SELECT conferences.name, conferences.id, dates.date FROM conferences JOIN dates on dates.conferences_id = conferences.id WHERE dates.name='fairdate' ORDER BY dates.date DESC");
+$q->execute();
-echo "<tr><td  class=\"label\"><b>".i18n('Conference')."</b>:</td>";
+echo '<tr><td><b>' . i18n('Year') . '</b>:</td>';
-echo "<td class=\"input\"><select name=\"conferences_id\" id=\"conferences_id\">";
+echo '<td><select name="year" id="year">';
-while($row = mysql_fetch_assoc($q)){
+while ($i = $q->fetch(PDO::FETCH_ASSOC)) {
-	$parts = explode(' ', $row['date']);
+	$y = $i['year'];
-	$date = $parts[0];
+	$sel = ($config['FAIRYEAR'] == $y) ? 'selected="selected"' : '';
-	$sel = ($row['id'] == $conferences_id) ? 'selected="selected"' : '';
+	echo "<option value=\"$y\" $sel>$y</option>";
 	echo "<option value=\"{$row['id']}\" $sel>{$row['name']} ($date)</option>";
 }
-echo "</select></td></tr>\n";
+echo '</select></td></tr>';
-echo "</table>";
+echo '</table>';
 echo '<br />';
-echo "<input type=\"submit\" value=\"".i18n('Generate Report')."\" />";
+echo '<input type="submit" value="' . i18n('Generate Report') . '" />';
 echo '</form>';
 send_footer();
 ?>
--- a/admin/reports_judges.inc.php
+++ b/admin/reports_judges.inc.php
--- a/admin/reports_judges.php
+++ b/admin/reports_judges.php
@ -1,156 +1,209 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- require("../lpdf.php");
+require ('../lpdf.php');
- require("../lcsv.php");
+require ('../lcsv.php');
- require("../questions.inc.php");
+require ('../questions.inc.php');
- if(!$_GET['type']) $type="csv";
+if (!$_GET['type'])
- else $type=$_GET['type'];
+	$type = 'csv';
 else
 	$type = $_GET['type'];
-if($type=="pdf")
+if ($type == 'pdf') {
-{
+	$rep = new lpdf(i18n($config['fairname']),
-	$rep=new lpdf(	i18n($config['fairname']),
+		i18n('Judge List'),
-			i18n("Judge List"),
+		$_SERVER['DOCUMENT_ROOT'] . $config['SFIABDIRECTORY'] . '/data/logo-200.gif');
 			$_SERVER['DOCUMENT_ROOT'].$config['SFIABDIRECTORY']."/data/{$conference['id']}-logo-200.gif"
 			);
 	$rep->newPage();
 	$rep->setFontSize(11);
-}
+} else if ($type == 'csv') {
-else if($type=="csv")
+	$rep = new lcsv(i18n('Judge List'));
 {
 	$rep=new lcsv(i18n("Judge List"));
 }
-$table=array();
+$table = array();
-$table['header']=array( 
+$table['header'] = array(
-			i18n("ID"),	
+	i18n('ID'),
-			i18n("Unique ID"),	
+	i18n('Unique ID'),
-			i18n("Last Name"),
+	i18n('Last Name'),
-			i18n("First Name"),
+	i18n('First Name'),
-			i18n("Email"),
+	i18n('Email'),
-			i18n("Phone Home"),
+	i18n('Phone Home'),
-			i18n("Phone Work"),
+	i18n('Phone Work'),
-			i18n("Phone Work Ext"),
+	i18n('Phone Work Ext'),
-			i18n("Phone Cell"),
+	i18n('Phone Cell'),
-			i18n("Languages"),
+	i18n('Languages'),
-			i18n("Organization"),
+	i18n('Organization'),
-			i18n("Address 1"),
+	i18n('Address 1'),
-			i18n("Address 2"),
+	i18n('Address 2'),
-			i18n("City"),
+	i18n('City'),
-			i18n($config['provincestate']),
+	i18n($config['provincestate']),
-			i18n($config['postalzip']),
+	i18n($config['postalzip']),
-			i18n("Highest PostSecDeg"),
+	i18n('Highest PostSecDeg'),
-			i18n("Professional Quals"),
+	i18n('Professional Quals'),
-			i18n("Expertise Other"));
+	i18n('Expertise Other')
 );
 /* Append headers for all the custom questions */
-$qs=questions_load_questions('judgereg', $conference['id']);
+$qs = questions_load_questions('judgereg', $config['FAIRYEAR']);
 $keys = array_keys($qs);
-foreach($keys as $qid) {
+foreach ($keys as $qid) {
 	$table['header'][] = i18n($qs[$qid]['db_heading']);
 }
-
+// grab the list of divisions, because the last fields of the table will be the sub-divisions
-//grab the list of divisions, because the last fields of the table will be the sub-divisions 
+$q = $pdo->prepare("SELECT * FROM projectcategories WHERE year='" . $config['FAIRYEAR'] . "' ORDER BY id");
-$q=mysql_query("SELECT * FROM projectcategories WHERE conferences_id='".$conference['id']."' ORDER BY id");
+$q->execute();
-$numcats=mysql_num_rows($q);
+$numcats = $q->rowCount();
-$catheadings=array();
+$catheadings = array();
-while($r=mysql_fetch_object($q))
+while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-{
+	$cats[] = $r->id;
-	$cats[]=$r->id;
+	$catheadings[] = "$r->category (out of 5)";
 	$catheadings[]="$r->category (out of 5)";
 }
-//grab the list of divisions, because the last fields of the table will be the sub-divisions 
+// grab the list of divisions, because the last fields of the table will be the sub-divisions
-$q=mysql_query("SELECT * FROM projectdivisions WHERE conferences_id='".$conference['id']."' ORDER BY id");
+$q = $pdo->prepare("SELECT * FROM projectdivisions WHERE year='" . $config['FAIRYEAR'] . "' ORDER BY id");
-$divheadings=array();
+$q->execute();
-while($r=mysql_fetch_object($q))
+$divheadings = array();
-{
+while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-	$divs[]=$r->id;
+	$divs[] = $r->id;
-	$divheadings[]="$r->division (out of 5)";
+	$divheadings[] = "$r->division (out of 5)";
-	$divheadings[]="$r->division subdivisions";
+	$divheadings[] = "$r->division subdivisions";
 }
-//now append the arrays together
+// now append the arrays together
-$table['header']=array_merge($table['header'],array_merge($catheadings,$divheadings));
+$table['header'] = array_merge($table['header'], array_merge($catheadings, $divheadings));
 $times = array();
 $datetimeheadings = array();
-//fill these in if we ever make this PDFable
+/* Load the judging rounds */
-$table['widths']=array();
+$q = $pdo->prepare("SELECT date,starttime,endtime,name FROM judges_timeslots WHERE round_id='0' AND year='{$config['FAIRYEAR']}' ORDER BY starttime,type");
-$table['dataalign']=array();
+$q->execute();
 $x = 0;
 while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 	$found = false;
 	foreach ($times as $xx => $t) {
 		if ($t['date'] == $r->date && $t['starttime'] == $r->starttime && $t['endtime'] == $r->endtime) {
 			$times[$xx]['name'] .= ", {$r->name}";
 			$found = true;
 			break;
 		}
 	}
 	if (!$found) {
 		$times[$x] = array('date' => $r->date,
 			'starttime' => $r->starttime,
 			'endtime' => $r->endtime,
 			'name' => $r->name);
 		$datetimeheadings[] = $r->name;
 		$x++;
 	}
 }
-$q=mysql_query("SELECT 
+$table['header'] = array_merge($table['header'], $datetimeheadings);
-				users.*
+
 // fill these in if we ever make this PDFable
 $table['widths'] = array();
 $table['dataalign'] = array();
 $q = $pdo->prepare("SELECT 
 				users.*,
 				users_judge.*
 			FROM 
 				users
-				JOIN user_roles ON user_roles.users_id = users.id
+				JOIN users_judge ON users.id=users_judge.users_id
-				JOIN roles ON roles.id = user_roles.roles_id
+			WHERE 
 			WHERE
 				roles.type = 'judge' AND
 				users.deleted='no' AND 
-				users.conferences_id='".$conference['id']."'
+				users.year='" . $config['FAIRYEAR'] . "'
 				AND users.types LIKE '%judge%'
 			ORDER BY 
 				lastname,
 				firstname");
-echo mysql_error();
+$q->execute();
-while($r=mysql_fetch_object($q)) {
+show_pdo_errors_if_any($pdo);
-	$u=user_load($r->id);
+while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 	$u = user_load($r->id);
-	$expertise_other=str_replace("\n"," ",$r->expertise_other);
+	$expertise_other = str_replace("\n", ' ', $r->expertise_other);
-	$expertise_other=str_replace("\r","",$expertise_other);
+	$expertise_other = str_replace("\r", '', $expertise_other);
-	if(isset($divdata)) unset($divdata); $divdata=array();
+	if (isset($divdata))
-	if(isset($catdata)) unset($catdata); $catdata=array();
+		unset($divdata);
-	$languages="";
+	$divdata = array();
 	if (isset($catdata))
 		unset($catdata);
 	$catdata = array();
 	$languages = '';
-	foreach($u['cat_prefs'] AS $c) {
+	foreach ($u['cat_prefs'] AS $c) {
-		$catdata[]=$c+2;
+		$catdata[] = $c + 2;
 	}
-	foreach($u['div_prefs'] AS $d) {
+	foreach ($u['div_prefs'] AS $d) {
-		$divdata[]=$d;
+		$divdata[] = $d;
-		//FIXME: 2010-01-22 - James - get the sub divisions for now we use a placeholder
+		// FIXME: 2010-01-22 - James - get the sub divisions for now we use a placeholder
-		$divdata[]="";
+		$divdata[] = '';
 	}
-	foreach($u['languages'] AS $k=>$v) {
+	foreach ($u['languages'] AS $k => $v) {
-		$languages.="$v/";
+		$languages .= "$v/";
 	}
-	$languages=substr($languages,0,-1);
+	$languages = substr($languages, 0, -1);
 	$qarray = array();
-	$qans = questions_load_answers('judgereg', $r->id, $conference['id']);
+	$qans = questions_load_answers('judgereg', $r->id, $config['FAIRYEAR']);
 	$keys = array_keys($qans);
-	foreach($keys as $qid) {
+	foreach ($keys as $qid) {
 		$qarray[] = $qans[$qid];
 	}
-		
+
-	$tmp=array(
+	$tq = $pdo->prepare('SELECT * FROM judges_availability WHERE users_id="' . $r->id . '" ORDER BY `start`');
 	$tq->execute();
 	$sel = array();
 	$timedata = array();
 	while ($tr = $tq->fetch(PDO::FETCH_OBJ)) {
 		foreach ($times as $x => $t) {
 			if ($tr->start == $t['starttime'] && $tr->end == $t['endtime'] && $tr->date == $t['date']) {
 				$sel[$x] = true;
 			}
 		}
 	}
 	foreach ($times as $x => $t) {
 		if (get_value_from_array($sel, $x) == true) {
 			$timedata[] = 'yes';
 		} else {
 			$timedata[] = 'no';
 		}
 	}
 	$tmp = array(
 		$r->id,
 		$r->uid,
 		$r->lastname,
@ -158,7 +211,7 @@ while($r=mysql_fetch_object($q)) {
 		$r->email,
 		$r->phonehome,
 		$r->phonework,
-		$r->phoneworkext,
+		get_value_property_or_default($r, 'phoneworkext'),
 		$r->phonecell,
 		$languages,
 		$r->organization,
@ -168,13 +221,13 @@ while($r=mysql_fetch_object($q)) {
 		$r->province,
 		$r->postalcode,
 		$r->highest_psd,
-		$r->professional_quals,
+		get_value_property_or_default($r, 'professional_quals'),
 		$expertise_other
-		);
+	);
 	$tmp = array_merge($tmp, $qarray);
-	$extradata=array_merge($catdata,$divdata);
+	$extradata = array_merge($catdata, $divdata);
-	$table['data'][]=array_merge($tmp,$extradata);
+	$table['data'][] = array_merge(array_merge($tmp, $extradata), $timedata);
 }
 $rep->addTable($table);
--- a/admin/reports_judges_allyears.php
+++ b/admin/reports_judges_allyears.php
@ -1,111 +1,109 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- user_auth_required('committee', 'admin');
+user_auth_required('committee', 'admin');
- require("../lpdf.php");
+require ('../lpdf.php');
- require("../lcsv.php");
+require ('../lcsv.php');
- require("../questions.inc.php");
+require ('../questions.inc.php');
- if(!$_GET['type']) $type="csv";
+if (!$_GET['type'])
- else $type=$_GET['type'];
+	$type = 'csv';
 else
 	$type = $_GET['type'];
-if($type=="pdf")
+if ($type == 'pdf') {
-{
+	$rep = new lpdf(i18n($config['fairname']),
-	$rep=new lpdf(	i18n($config['fairname']),
+		i18n('Judge List'),
-			i18n("Judge List"),
+		$_SERVER['DOCUMENT_ROOT'] . $config['SFIABDIRECTORY'] . '/data/logo-200.gif');
 			$_SERVER['DOCUMENT_ROOT'].$config['SFIABDIRECTORY']."/data/logo-200.gif"
 			);
 	$rep->newPage();
 	$rep->setFontSize(11);
-}
+} else if ($type == 'csv') {
-else if($type=="csv")
+	$rep = new lcsv(i18n('Judge List'));
 {
 	$rep=new lcsv(i18n("Judge List"));
 }
-$table=array();
+$table = array();
-$table['header']=array( 
+$table['header'] = array(
-			i18n("ID"),	
+	i18n('ID'),
-			i18n("Unique ID"),	
+	i18n('Unique ID'),
-			i18n("Year"),	
+	i18n('Year'),
-			i18n("Last Name"),
+	i18n('Last Name'),
-			i18n("First Name"),
+	i18n('First Name'),
-			i18n("Email"),
+	i18n('Email'),
-			i18n("Phone Home"),
+	i18n('Phone Home'),
-			i18n("Phone Work"),
+	i18n('Phone Work'),
-			i18n("Phone Work Ext"),
+	i18n('Phone Work Ext'),
-			i18n("Phone Cell"),
+	i18n('Phone Cell'),
-			i18n("Languages"),
+	i18n('Languages'),
-			i18n("Organization"),
+	i18n('Organization'),
-			i18n("Address 1"),
+	i18n('Address 1'),
-			i18n("Address 2"),
+	i18n('Address 2'),
-			i18n("City"),
+	i18n('City'),
-			i18n($config['provincestate']),
+	i18n($config['provincestate']),
-			i18n($config['postalzip']),
+	i18n($config['postalzip']),
-			i18n("Highest PostSecDeg"),
+	i18n('Highest PostSecDeg'),
-			i18n("Professional Quals"),
+	i18n('Professional Quals'),
-			i18n("Expertise Other"));
+	i18n('Expertise Other')
 );
 /* Append headers for all the custom questions */
-$qs=questions_load_questions('judgereg', $config['FAIRYEAR']);
+$qs = questions_load_questions('judgereg', $config['FAIRYEAR']);
 $keys = array_keys($qs);
-foreach($keys as $qid) {
+foreach ($keys as $qid) {
 	$table['header'][] = i18n($qs[$qid]['db_heading']);
 }
-
+// grab the list of divisions, because the last fields of the table will be the sub-divisions
-//grab the list of divisions, because the last fields of the table will be the sub-divisions 
+$q = $pdo->prepare("SELECT * FROM projectcategories WHERE year='" . $config['FAIRYEAR'] . "' ORDER BY id");
-$q=mysql_query("SELECT * FROM projectcategories WHERE year='".$config['FAIRYEAR']."' ORDER BY id");
+$q->execute();
-$numcats=mysql_num_rows($q);
+$numcats = $q->rowCount();
-$catheadings=array();
+$catheadings = array();
-while($r=mysql_fetch_object($q))
+while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-{
+	$cats[] = $r->id;
-	$cats[]=$r->id;
+	$catheadings[] = "$r->category (out of 5)";
 	$catheadings[]="$r->category (out of 5)";
 }
-//grab the list of divisions, because the last fields of the table will be the sub-divisions 
+// grab the list of divisions, because the last fields of the table will be the sub-divisions
-$q=mysql_query("SELECT * FROM projectdivisions WHERE year='".$config['FAIRYEAR']."' ORDER BY id");
+$q = $pdo->prepare("SELECT * FROM projectdivisions WHERE year='" . $config['FAIRYEAR'] . "' ORDER BY id");
-$divheadings=array();
+$q->execute();
-while($r=mysql_fetch_object($q))
+$divheadings = array();
-{
+while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-	$divs[]=$r->id;
+	$divs[] = $r->id;
-	$divheadings[]="$r->division (out of 5)";
+	$divheadings[] = "$r->division (out of 5)";
-	$divheadings[]="$r->division subdivisions";
+	$divheadings[] = "$r->division subdivisions";
 }
-//now append the arrays together
+// now append the arrays together
-$table['header']=array_merge($table['header'],array_merge($catheadings,$divheadings));
+$table['header'] = array_merge($table['header'], array_merge($catheadings, $divheadings));
 // fill these in if we ever make this PDFable
 $table['widths'] = array();
 $table['dataalign'] = array();
-//fill these in if we ever make this PDFable
+$q = $pdo->prepare("SELECT 
 $table['widths']=array();
 $table['dataalign']=array();
 $q=mysql_query("SELECT 
 				users.*,
 				users_judge.*
 			FROM 
@ -118,40 +116,45 @@ $q=mysql_query("SELECT
 				lastname,
 				firstname,
 				year");
-echo mysql_error();
+$q->execute();
-while($r=mysql_fetch_object($q)) {
+show_pdo_errors_if_any($pdo);
-	$u=user_load($r->id);
+while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 	$u = user_load($r->id);
-	$expertise_other=str_replace("\n"," ",$r->expertise_other);
+	$expertise_other = str_replace("\n", ' ', $r->expertise_other);
-	$expertise_other=str_replace("\r","",$expertise_other);
+	$expertise_other = str_replace("\r", '', $expertise_other);
-	if(isset($divdata)) unset($divdata); $divdata=array();
+	if (isset($divdata))
-	if(isset($catdata)) unset($catdata); $catdata=array();
+		unset($divdata);
-	$languages="";
+	$divdata = array();
 	if (isset($catdata))
 		unset($catdata);
 	$catdata = array();
 	$languages = '';
-	foreach($u['cat_prefs'] AS $c) {
+	foreach ($u['cat_prefs'] AS $c) {
-		$catdata[]=$c+2;
+		$catdata[] = $c + 2;
 	}
-	foreach($u['div_prefs'] AS $d) {
+	foreach ($u['div_prefs'] AS $d) {
-		$divdata[]=$d;
+		$divdata[] = $d;
-		//FIXME: 2010-01-22 - James - get the sub divisions for now we use a placeholder
+		// FIXME: 2010-01-22 - James - get the sub divisions for now we use a placeholder
-		$divdata[]="";
+		$divdata[] = '';
 	}
-	foreach($u['languages'] AS $k=>$v) {
+	foreach ($u['languages'] AS $k => $v) {
-		$languages.="$v/";
+		$languages .= "$v/";
 	}
-	$languages=substr($languages,0,-1);
+	$languages = substr($languages, 0, -1);
 	$qarray = array();
 	$qans = questions_load_answers('judgereg', $r->id, $config['FAIRYEAR']);
 	$keys = array_keys($qans);
-	foreach($keys as $qid) {
+	foreach ($keys as $qid) {
 		$qarray[] = $qans[$qid];
 	}
-		
+
-	$tmp=array(
+	$tmp = array(
 		$r->id,
 		$r->uid,
 		$r->year,
@ -160,7 +163,7 @@ while($r=mysql_fetch_object($q)) {
 		$r->email,
 		$r->phonehome,
 		$r->phonework,
-		$r->phoneworkext,
+		get_value_property_or_default($r, 'phoneworkext'),
 		$r->phonecell,
 		$languages,
 		$r->organization,
@ -170,13 +173,13 @@ while($r=mysql_fetch_object($q)) {
 		$r->province,
 		$r->postalcode,
 		$r->highest_psd,
-		$r->professional_quals,
+		get_value_property_or_default($r, 'professional_quals'),
 		$expertise_other
-		);
+	);
 	$tmp = array_merge($tmp, $qarray);
-	$extradata=array_merge($catdata,$divdata);
+	$extradata = array_merge($catdata, $divdata);
-	$table['data'][]=array_merge($tmp,$extradata);
+	$table['data'][] = array_merge($tmp, $extradata);
 }
 $rep->addTable($table);
--- a/admin/reports_judges_teams_projects.php
+++ b/admin/reports_judges_teams_projects.php
@ -1,125 +1,119 @@
 <?
 /* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca
-   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
+/*
-   Copyright (C) 2005 James Grant <james@lightbox.org>
+ * This file is part of the 'Science Fair In A Box' project
-
+ * SFIAB Website: http://www.sfiab.ca
-   This program is free software; you can redistribute it and/or
+ *
-   modify it under the terms of the GNU General Public
+ * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
-   License as published by the Free Software Foundation, version 2.
+ * Copyright (C) 2005 James Grant <james@lightbox.org>
-
+ *
-   This program is distributed in the hope that it will be useful,
+ * This program is free software; you can redistribute it and/or
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * modify it under the terms of the GNU General Public
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * License as published by the Free Software Foundation, version 2.
-    General Public License for more details.
+ *
-
+ * This program is distributed in the hope that it will be useful,
-   You should have received a copy of the GNU General Public License
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-   along with this program; see the file COPYING.  If not, write to
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ *  General Public License for more details.
-   Boston, MA 02111-1307, USA.
+ *
-*/
+ * You should have received a copy of the GNU General Public License
 * along with this program; see the file COPYING.  If not, write to
 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */
 ?>
 <?
- require("../common.inc.php");
+require ('../common.inc.php');
- require_once("../user.inc.php");
+require_once ('../user.inc.php');
- user_auth_required('admin');
+user_auth_required('committee', 'admin');
- require("../lpdf.php");
+require ('../lpdf.php');
- require("../lcsv.php");
+require ('../lcsv.php');
- require("judges.inc.php");
+require ('judges.inc.php');
- $type=$_GET['type'];
+$type = $_GET['type'];
-	if($type=="pdf")
+if ($type == 'pdf') {
-	{
+	$rep = new lpdf(i18n($config['fairname']),
 		i18n('Judging Team Project Assignments'),
 		$_SERVER['DOCUMENT_ROOT'] . $config['SFIABDIRECTORY'] . '/data/logo-200.gif');
-		$rep=new lpdf(	i18n($config['fairname']),
+	$rep->newPage();
-				i18n("Judging Team Project Assignments"),
+	$rep->setFontSize(11);
-				$_SERVER['DOCUMENT_ROOT'].$config['SFIABDIRECTORY']."/data/{$conference['id']}-logo-200.gif"
+} else if ($type == 'csv') {
-				);
+	$rep = new lcsv(i18n('Judging Team Project Assignments'));
 }
-		$rep->newPage();
+$teams = getJudgingTeams();
 		$rep->setFontSize(11);
 	}
 	else if($type=="csv")
 	{
 		$rep=new lcsv(i18n("Judging Team Project Assignments"));
 	}
-	$teams=getJudgingTeams();
+$q = $pdo->prepare("SELECT DISTINCT(date) AS d FROM judges_timeslots WHERE year='" . $config['FAIRYEAR'] . "'");
 $q->execute();
 if ($q->rowCount() > 1)
 	$show_date = true;
 else
 	$show_date = false;
-	$q=mysql_query("SELECT DISTINCT(date) AS d FROM judges_timeslots WHERE conferences_id='".$conference['id']."'");
+foreach ($teams AS $team) {
-	if(mysql_num_rows($q)>1)
+	$table = array();
-		$show_date=true;
+	$table['header'] = array(i18n('Timeslot'), i18n('Proj #'), i18n('Project Title'));
 	if ($show_date)
 		$table['widths'] = array(2.5, 0.75, 3.75);
 	else
-		$show_date=false;
+		$table['widths'] = array(1.5, 0.75, 4.75);
-	foreach($teams AS $team)
+	$table['dataalign'] = array('center', 'center', 'left');
 	{
 		$table=array();
 		$table['header']=array(i18n("Timeslot"),i18n("Proj #"),i18n("Project Title"));
 		if($show_date)
 			$table['widths']=array(		2.25,		0.75, 		4.00);
 		else
 			$table['widths']=array(		1.5,		0.75, 		4.75);
-		$table['dataalign']=array("center","center","left");
+	$rep->heading($team['name'] . ' (' . $team['num'] . ')');
-		$rep->heading($team['name']." (".$team['num'].")");
+	$memberlist = '';
-
+	if (count(get_value_from_array($team, 'members', []))) {
-		$memberlist="";
+		foreach ($team['members'] AS $member) {
-		if(count($team['members']))
+			$memberlist .= $member['firstname'] . ' ' . $member['lastname'];
-		{
+			if ($member['captain'] == 'yes')
-			foreach($team['members'] AS $member)
+				$memberlist .= '*';
-			{
+			$memberlist .= ', ';
 				$memberlist.=$member['firstname']." ".$member['lastname'];
 				if($member['captain']=="yes")
 					$memberlist.="*";
 				$memberlist.=", ";
 			}
 			$memberlist=substr($memberlist,0,-2);
 		}
-		$rep->addText($memberlist);
+		$memberlist = substr($memberlist, 0, -2);
 	}
 	$rep->addText($memberlist);
-		if(count($team['awards']))
+	if (count($team['awards'])) {
-		{
+		$rep->heading(i18n('Awards that this team judges') . ':');
-			$rep->heading(i18n("Awards that this team judges").":");
+		foreach ($team['awards'] AS $award) {
-			foreach($team['awards'] AS $award)
+			$rep->addText($award['name']);
-			{
+			$rep->addText(i18n('Criteria') . ': ' . $award['criteria']);
 				$rep->addText($award['name']);
 				$rep->addText(i18n("Criteria").": ".$award['criteria']);
-				//get category eligibility
+			// get category eligibility
-				$q=mysql_query("SELECT projectcategories.category FROM projectcategories, award_awards_projectcategories WHERE award_awards_projectcategories.projectcategories_id=projectcategories.id AND award_awards_projectcategories.award_awards_id='{$award['id']}' AND award_awards_projectcategories.conferences_id='{$conference['id']}' AND projectcategories.conferences_id='{$conference['id']}' ORDER BY category");
+			$q = $pdo->prepare("SELECT projectcategories.category FROM projectcategories, award_awards_projectcategories WHERE award_awards_projectcategories.projectcategories_id=projectcategories.id AND award_awards_projectcategories.award_awards_id='{$award['id']}' AND award_awards_projectcategories.year='{$config['FAIRYEAR']}' AND projectcategories.year='{$config['FAIRYEAR']}' ORDER BY category");
-				echo mysql_error();
+			$q->execute();
-				$cats="";
+			show_pdo_errors_if_any($pdo);
-				while($r=mysql_fetch_object($q))
+			$cats = '';
-				{
+			while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-					if($cats) $cats.=", ".i18n($r->category);
+				if ($cats)
-					else $cats=i18n($r->category);
+					$cats .= ', ' . i18n($r->category);
-				}
+				else
-				$rep->addText(i18n("Categories").": $cats");
+					$cats = i18n($r->category);
 				//get division eligibility
 				$q=mysql_query("SELECT projectdivisions.division_shortform FROM projectdivisions, award_awards_projectdivisions WHERE award_awards_projectdivisions.projectdivisions_id=projectdivisions.id AND award_awards_projectdivisions.award_awards_id='{$award['id']}' AND award_awards_projectdivisions.conferences_id='{$conference['id']}' AND projectdivisions.conferences_id='{$conference['id']}' ORDER BY division_shortform");
 				echo mysql_error();
 				$divs="";
 				while($r=mysql_fetch_object($q))
 				{
 					if($divs) $divs.=", ".i18n($r->division_shortform);
 					else $divs=i18n($r->division_shortform);
 				}
 				$rep->addText(i18n("Divisions").": $divs");
 			}
 			$rep->addText(i18n('Categories') . ": $cats");
 			// get division eligibility
 			$q = $pdo->prepare("SELECT projectdivisions.division_shortform FROM projectdivisions, award_awards_projectdivisions WHERE award_awards_projectdivisions.projectdivisions_id=projectdivisions.id AND award_awards_projectdivisions.award_awards_id='{$award['id']}' AND award_awards_projectdivisions.year='{$config['FAIRYEAR']}' AND projectdivisions.year='{$config['FAIRYEAR']}' ORDER BY division_shortform");
 			$q->execute();
 			show_pdo_errors_if_any($pdo);
 			$divs = '';
 			while ($r = $q->fetch(PDO::FETCH_OBJ)) {
 				if ($divs)
 					$divs .= ', ' . i18n($r->division_shortform);
 				else
 					$divs = i18n($r->division_shortform);
 			}
 			$rep->addText(i18n('Divisions') . ": $divs");
 		}
 	}
-		$rep->nextLine();
+	$rep->nextLine();
-		//get the timeslots that this team has.
+	// get the timeslots that this team has.
-		$q=mysql_query("SELECT 
+	$q = $pdo->prepare("SELECT 
 					judges_timeslots.id,
 					judges_timeslots.date,
 					judges_timeslots.starttime,
@ -129,23 +123,23 @@
 					judges_teams,
 					judges_teams_timeslots_link
 				WHERE
-					judges_teams.id='".$team['id']."' AND
+					judges_teams.id='" . $team['id'] . "' AND
 					judges_teams.id=judges_teams_timeslots_link.judges_teams_id AND
 					judges_timeslots.id=judges_teams_timeslots_link.judges_timeslots_id
 				ORDER BY
 					date,starttime
 				");
-		$numslots=mysql_num_rows($q);
+	$q->execute();
 	$numslots = $q->rowCount();
-		while($r=mysql_fetch_object($q))
+	while ($r = $q->fetch(PDO::FETCH_OBJ)) {
-		{
+		if ($show_date)
-			if($show_date)
+			$timeslot = format_date($r->date) . ' ';
-				$timeslot=$r->date." ";
+		else
-			else
+			$timeslot = '';
-				$timeslot="";
+		$timeslot .= format_time($r->starttime) . ' - ' . format_time($r->endtime);
 			$timeslot.=format_time($r->starttime)." - ".format_time($r->endtime);
-			$projq=mysql_query("SELECT
+		$projq = $pdo->prepare("SELECT
 					projects.projectnumber,
 					projects.id,
 					projects.title
@ -154,24 +148,24 @@
 					judges_teams_timeslots_projects_link
 				WHERE
 					judges_teams_timeslots_projects_link.judges_timeslots_id='$r->id' AND
-					judges_teams_timeslots_projects_link.judges_teams_id='".$team['id']."' AND
+					judges_teams_timeslots_projects_link.judges_teams_id='" . $team['id'] . "' AND
 					judges_teams_timeslots_projects_link.projects_id=projects.id AND
-					judges_teams_timeslots_projects_link.conferences_id='".$conference['id']."'
+					judges_teams_timeslots_projects_link.year='" . $config['FAIRYEAR'] . "'
 				ORDER BY
 					projectnumber
 				");
 		$projq->execute();
-			while($proj=mysql_fetch_object($projq))
+		while ($proj = $projq->fetch(PDO::FETCH_OBJ)) {
-			{
+			$table['data'][] = array($timeslot, $proj->projectnumber, $proj->title);
-				$table['data'][]=array($timeslot, $proj->projectnumber,$proj->title);
+			// make the timeslot empty so we dont list it each time if there's more than one project in the timeslot
-				//make the timeslot empty so we dont list it each time if there's more than one project in the timeslot
+			$timeslot = '';
 				$timeslot="";
 			}
 		}
 		$rep->addTable($table);
 		$rep->newPage();
 		unset($table);
 	}
 	$rep->addTable($table);
 	$rep->newPage();
 	unset($table);
 }
-	$rep->output();
+$rep->output();
 ?>
--- a/Show More
+++ b/Show More