require_once('common.inc.php'); require_once('user.inc.php'); // authenticate the login if($_POST['schoolid'] && $_POST['accesscode']) { $q=mysql_query("SELECT * FROM schools WHERE id='".$_POST['schoolid']."' AND accesscode='".$_POST['accesscode']."' AND year='".$config['FAIRYEAR']."'"); if(mysql_num_rows($q)==1) { $_SESSION['schoolid']=$_POST['schoolid']; $_SESSION['schoolaccesscode']=$_POST['accesscode']; mysql_query("UPDATE schools SET lastlogin=NOW() WHERE id='".$_POST['schoolid']."'"); } else $errormsg="Invalid School ID or Access Code"; } // handle a logout request if($_GET['action']=="logout") { unset($_SESSION['schoolid']); unset($_SESSION['schoolaccesscode']); $happymsg=i18n("You have been logged out from the school access page"); } if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode']){ // we're logged in, draw the dashboard $q=mysql_query("SELECT * FROM schools WHERE id='".$_SESSION['schoolid']."' AND accesscode='".$_SESSION['schoolaccesscode']."' AND year='".$config['FAIRYEAR']."'"); echo mysql_error(); $school=mysql_fetch_object($q); if($school) { draw_dashboard(); }else{ echo error(i18n("Invalid School ID or Access Code")); } }else { draw_login(); } send_footer(); // FIXME - this needs to be beautified function draw_dashboard(){ send_header("School Access"); global $config; global $conference; echo "