prepare("SELECT * FROM schools WHERE id='" . $_POST['schoolid'] . "' AND accesscode='" . $_POST['accesscode'] . "' AND year='" . $config['FAIRYEAR'] . "'"); $q->execute(); if ($q->rowCount() == 1) { $_SESSION['schoolid'] = $_POST['schoolid']; $_SESSION['schoolaccesscode'] = $_POST['accesscode']; $stmt = $pdo->prepare("UPDATE schools SET lastlogin=NOW() WHERE id='" . $_POST['schoolid'] . "'"); $stmt->execute(); } else $errormsg = 'Invalid School ID or Access Code'; } if (get_value_from_array($_GET, 'action') == 'logout') { unset($_SESSION['schoolid']); unset($_SESSION['schoolaccesscode']); $happymsg = i18n('You have been logged out from the school access page'); } send_header('School Access'); if (get_value_from_array($_SESSION, 'schoolid') && $_SESSION['schoolaccesscode']) { $q = $pdo->prepare("SELECT * FROM schools WHERE id='" . $_SESSION['schoolid'] . "' AND accesscode='" . $_SESSION['schoolaccesscode'] . "' AND year='" . $config['FAIRYEAR'] . "'"); $q->execute(); show_pdo_errors_if_any($pdo); $school = $q->fetch(PDO::FETCH_OBJ); if ($school) { if (get_value_from_array($_POST, 'action') == 'save') { /* Get info about science head */ $sciencehead_update = ''; list($first, $last) = explode(' ', $_POST['sciencehead'], 2); $em = $_POST['scienceheademail']; if ($em == '' && ($first != '' || $last != '')) $em = "*$first$last" . generatePassword(); /* * Load existing record, or create new if there's something * to insert */ if ($school->sciencehead_uid > 0) $sh = user_load_by_uid($school->sciencehead_uid); else if ($em != '') { $sh = user_create('teacher', $em); $sciencehead_update = "sciencehead_uid='{$sh['uid']}',"; } else $sh = false; /* If we have a record, either delete it or update it */ if (is_array($sh)) { if ($em == '') { user_purge($sh, 'teacher'); $sciencehead_update = 'sciencehead_uid=NULL,'; } else { $sh['firstname'] = $first; $sh['lastname'] = $last; $sh['phonework'] = $_POST['scienceheadphone']; $sh['email'] = $em; $sh['username'] = $em; user_save($sh); } } $stmt = $pdo->prepare("UPDATE schools SET school='" . stripslashes($_POST['school']) . "', address='" . stripslashes($_POST['address']) . "', city='" . stripslashes($_POST['city']) . "', province_code='" . stripslashes($_POST['province_code']) . "', postalcode='" . stripslashes($_POST['postalcode']) . "', phone='" . stripslashes($_POST['phone']) . "', $sciencehead_update fax='" . stripslashes($_POST['fax']) . "' WHERE id='$school->id'"); $stmt->execute(); show_pdo_errors_if_any($pdo); if (check_for_pdo_errors($pdo)) echo error(i18n('An Error occured trying to save the school information')); else echo happy(i18n('School information successfully updated')); // and reselect it $q = $pdo->prepare("SELECT * FROM schools WHERE id='" . $_SESSION['schoolid'] . "' AND accesscode='" . $_SESSION['schoolaccesscode'] . "' AND year='" . $config['FAIRYEAR'] . "'"); $q->execute(); show_pdo_errors_if_any($pdo); $school = $q->fetch(PDO::FETCH_OBJ); } /* * if($_POST['action']=="numbers") * { * mysql_query("UPDATE schools SET * junior='".$_POST['junior']."', * intermediate='".$_POST['intermediate']."', * senior='".$_POST['senior']."' * WHERE id='$school->id'"); * * show_pdo_errors_if_any($pdo); * * $q=mysql_query("SELECT * FROM schools WHERE id='".$_SESSION['schoolid']."' AND accesscode='".$_SESSION['schoolaccesscode']."'"); * echo "Participation Information Successfully Updated
\n"; * $school=$q->fetch(PDO::FETCH_OBJ); * * } */ if ($school->sciencehead_uid > 0) $sh = user_load_by_uid($school->sciencehead_uid); else $sh = array(); $sh_email = ($sh['email'] != '' && $sh['email'][0] != '*') ? $sh['email'] : ''; if (get_value_from_array($_POST, 'action') == 'feedback') { $body = ''; $body .= date('r') . "\n"; $body .= get_value_from_array($_SERVER, 'REMOTE_ADDR') . ' (' . get_value_from_array($_SERVER, 'REMOTE_HOST') . ")\n"; $body .= "School ID: $school->id\n"; $body .= "School Name: $school->school\n"; if ($sh['name']) $body .= "Science Teacher: {$sh['name']}\n"; if ($sh['phonework']) $body .= "Science Teacher Phone: {$sh['phonework']}\n"; if ($sh_email) $body .= "Science Teacher Email: $sh_email\n"; $body .= "\nFeedback:\n" . stripslashes($_POST['feedbacktext']) . "\n"; $returnEmailAddress = $sh_email; mail($config['fairmanageremail'], 'School Feedback', $body, 'From: ' . $returnEmailAddress . "\nReply-To: " . $returnEmailAddress . "\nReturn-Path: " . $returnEmailAddress); echo happy(i18n('Your feedback has been sent')); } echo "

$school->school

"; echo '

' . i18n('School Information') . '

'; echo i18n('Please make sure your school contact information is correct, make any necessary changes:'); echo '

'; echo ''; echo ''; echo '"; // echo ""; echo '"; echo '"; echo '\n"; echo '"; echo '"; echo '"; echo '"; echo '"; echo '"; echo '

' . i18n('School Name') . "	school\" type=text name=school size=40>
Registration Password	registration_password\" type=text name=\"registration_password\" size=\"20\">
' . i18n('Address') . "	address\" type=text name=address size=40>
' . i18n('City') . "	city\" type=text name=city size=30>
' . i18n($config['provincestate']) . '	'; emit_province_selector('province_code', $school->province_code); echo "
' . i18n($config['postalzip']) . "	postalcode\" type=text name=postalcode size=10>
' . i18n('Phone Number') . "	phone\" type=text name=phone size=30>
' . i18n('Fax Number') . "	fax\" type=text name=fax size=30>
' . i18n('Science Teacher') . "
' . i18n('Science Teacher Email') . "
' . i18n('Science Teacher Phone') . ' (' . i18n('If different than above') . ")

'; echo ''; echo '

'; echo '
'; if ($config['participant_registration_type'] == 'schoolpassword') { echo '

' . i18n('Participant Registration Password') . '

'; echo i18n("In order for your school's students to register for the fair, they will need to know your specific school registration password"); echo '
'; echo '
'; echo i18n('Registration Password: %1', array($school->registration_password)); echo '
'; echo '
'; } else if ($config['participant_registration_type'] == 'invite' || $config['participant_registration_type'] == 'openorinvite') { echo '

' . i18n('Participant Registration Invitations') . '

'; if ($config['participant_registration_type'] == 'invite') echo i18n("In order for your school's students to register for the fair, you must first invite them via email. Use the 'Participant Registration Invitations' link below to invite your students to the fair"); else if ($config['participant_registration_type'] == 'openorinvite') echo i18n("In order for your school's students to register for the fair, you can invite them via email using the 'Participant Registration Invitations' link below, or they can register on their own by accessing the 'Participant Registration' link in the menu."); echo '
'; echo '
'; echo ' ' . i18n('Participant Registration Invitations') . ''; echo '
'; } echo '
'; echo '

' . i18n('School Feedback / Questions') . '

'; echo i18n('We are always welcome to any feedback (both positive and constructive criticism!), or any questions you may have. Please use the following form to communicate with the science fair committee!'); if ($sh_email != '') { echo ''; } else echo error(i18n('Feedback is disabled until a science teacher email address is entered above')); } else { echo error(i18n('Invalid School ID or Access Code')); } } else { if ($errormsg) echo "$errormsg"; if ($happymsg) echo happy($happymsg); echo "\t

\n"; echo output_page_text('schoolaccess'); if ($config['participant_registration_type'] == 'open' || $config['participant_registration_type'] == 'openorinvite') { echo "

\n"; echo i18n('Note: Schools do not need to login in order to have students register from their school. Students can register by going to the Participant Registration Page. The only benefit of logging in is to update your school contact information or submit feedback.:'); echo '
'; echo ' ', i18n('Participant Registration') . '
'; } echo '
'; echo i18n('Please login below by selecting your school and entering your school Access Code that you received in your package'); ?>

:
: