<?
/*
* This file is part of the 'Science Fair In A Box' project
* SFIAB Website: http://www.sfiab.ca
*
* Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
* Copyright (C) 2005 James Grant <james@lightbox.org>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public
* License as published by the Free Software Foundation, version 2.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; see the file COPYING. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
* Boston, MA 02111-1307, USA.
*/
?>
<?
require ('common.inc.php');
include 'register_participants.inc.php';
include 'user.inc.php';
// authenticate based on email address and registration number from the SESSION
if (!$_SESSION['email']) {
header('Location: register_participants.php');
exit;
}
if (!$_SESSION['registration_number']) {
header('Location: register_participants.php');
exit;
}
global $pdo;
$q = $pdo->prepare('SELECT registrations.id AS regid, students.id AS studentid, students.firstname FROM registrations,students '
. 'WHERE students.email=?'
. 'AND registrations.num=?'
. 'AND registrations.id=?'
. 'AND students.registrations_id=registrations.id '
. 'AND registrations.year=?'
. 'AND students.year=?');
$q->execute([$_SESSION['email'], $_SESSION['registration_number'], $_SESSION['registration_id'], $config['FAIRYEAR'], $config['FAIRYEAR']]);
show_pdo_errors_if_any($pdo);
if ($q->rowCount() == 0) {
header('Location: register_participants.php');
exit;
}
$authinfo = $q->fetch(PDO::FETCH_OBJ);
// send the header
send_header('Participant Registration - Emergency Contact Information');
echo '<a href="register_participants_main.php"><< ' . i18n('Back to Participant Registration Summary') . '</a><br />';
echo '<br />';
$studentstatus = studentStatus();
if ($studentstatus != 'complete') {
echo error(i18n('Please complete the <a href="register_participants_students.php">Student Information Page</a> first'));
send_footer();
exit;
}
if ($_POST['action'] == 'save') {
if (registrationFormsReceived()) {
echo error(i18n('Cannot make changes to forms once they have been received by the fair'));
} else if (registrationDeadlinePassed()) {
echo error(i18n('Cannot make changes to forms after registration deadline'));
} else {
// first, lets make sure this emergency contact really does belong to them
foreach ($_POST['ids'] AS $id) {
$q = $pdo->prepare('SELECT * FROM emergencycontact WHERE id=? AND registrations_id=? AND year=?');
$q->execute([$id, $_SESSION['registration_id'], $config['FAIRYEAR']]);
if ($q->rowCount() == 1) {
$e = stripslashes($_POST['email'][$id]);
if ($_POST['relation'][$id] == 'Parent' && $e && user_valid_email($e)) {
if ($u = user_load_by_email($e)) {
$u['firstname'] = stripslashes($_POST['firstname'][$id]);
$u['lastname'] = stripslashes($_POST['lastname'][$id]);
$u['phonehome'] = stripslashes($_POST['phone1'][$id]);
$u['phonework'] = stripslashes($_POST['phone2'][$id]);
$u['email'] = $e;
$u['types'][] = 'parent';
user_save($u);
} else {
$u = user_create('parent', $e);
$u['firstname'] = stripslashes($_POST['firstname'][$id]);
$u['lastname'] = stripslashes($_POST['lastname'][$id]);
$u['phonehome'] = stripslashes($_POST['phone1'][$id]);
$u['phonework'] = stripslashes($_POST['phone2'][$id]);
$u['email'] = $e;
user_save($u);
}
}
$stmt = $pdo->prepare('UPDATE emergencycontact SET '
. 'firstname=?, '
. 'lastname=?, '
. 'relation=?, '
. 'phone1=?, '
. 'phone2=?, '
. 'phone3=?, '
. 'phone4=?, '
. 'email=? '
. 'WHERE id=?');
$stmt->execute([stripslashes($_POST['firstname'][$id]), stripslashes($_POST['lastname'][$id]), stripslashes($_POST['relation'][$id]), stripslashes($_POST['phone1'][$id]), stripslashes($_POST['phone2'][$id]), stripslashes($_POST['phone3'][$id]), stripslashes($_POST['phone4'][$id]), stripslashes($_POST['email'][$id]), $id]);
show_pdo_errors_if_any($pdo);
echo notice(i18n('Emergency contact information successfully updated'));
} else {
echo error(i18n('Invalid emergency contact to update (%1)'), array($id));
}
}
}
}
// output the current status
$newstatus = emergencycontactStatus();
if ($newstatus != 'complete') {
echo error(i18n('Emergency Contact Information Incomplete'));
} else if ($newstatus == 'complete') {
echo happy(i18n('Emergency Contact Information Complete'));
}
$sq = $pdo->prepare('SELECT id,firstname,lastname FROM students WHERE registrations_id=? AND year=?');
$sq->execute([$_SESSION['registration_id'], $config['FAIRYEAR']]);
$numstudents = $sq->rowCount();
echo "<form name=\"emergencycontactform\" method=\"post\" action=\"register_participants_emergencycontact.php\">\n";
echo "<input type=\"hidden\" name=\"action\" value=\"save\">\n";
while ($sr = $sq->fetch(PDO::FETCH_OBJ)) {
$q = $pdo->prepare('SELECT * FROM emergencycontact WHERE registrations_id=? AND year=? AND students_id=?');
$q->execute([$_SESSION['registration_id'], $config['FAIRYEAR'], $sr->id]);
if ($q->rowCount() == 0) {
$stmt = $pdo->prepare('INSERT INTO emergencycontact (registrations_id,students_id,year) VALUES (?,?,?)');
$stmt->execute([
$_SESSION['registration_id'],
$sr->id,
$config['FAIRYEAR']
]);
$id = $pdo->lastInsertId();
unset($r);
} else {
$r = $q->fetch(PDO::FETCH_OBJ);
$id = $r->id;
}
echo '<h3>' . i18n('Emergency Contact for %1 %2', array($sr->firstname, $sr->lastname)) . '</h3>';
echo "<input type=\"hidden\" name=\"ids[]\" value=\"$id\">";
echo "<table>\n";
echo '<tr>';
echo ' <td>' . i18n('First Name') . ": </td><td><input type=\"text\" name=\"firstname[$id]\" size=\"20\" value=\"$r->firstname\" />" . REQUIREDFIELD . '</td>';
echo ' <td>' . i18n('Last Name') . ": </td><td><input type=\"text\" name=\"lastname[$id]\" size=\"20\" value=\"$r->lastname\" />" . REQUIREDFIELD . '</td>';
echo "</tr>\n";
echo '<tr>';
echo ' <td>' . i18n('Relation') . ': </td><td>';
echo " <select name=\"relation[$id]\">\n";
echo ' <option value="">' . i18n('Choose a relation') . "</option>\n";
$relations = array('Parent', 'Legal Guardian', 'Grandparent', 'Family Friend', 'Other');
foreach ($relations AS $rel) {
if ($r->relation == $rel)
$sel = 'selected="selected"';
else
$sel = '';
echo "<option $sel value=\"$rel\">" . i18n($rel) . "</option>\n";
}
echo " </select>\n";
echo REQUIREDFIELD . '</td>';
echo ' <td>' . i18n('Email Address') . ": </td><td><input type=\"text\" name=\"email[$id]\" size=\"20\" value=\"$r->email\" />". REQUIREDFIELD ."</td>";
echo "</tr>\n";
echo '<tr>';
echo ' <td>' . i18n('Phone 1') . ": </td><td><input type=\"text\" name=\"phone1[$id]\" size=\"20\" value=\"$r->phone1\" />" . REQUIREDFIELD . '</td>';
echo ' <td>' . i18n('Phone 2') . ": </td><td><input type=\"text\" name=\"phone2[$id]\" size=\"20\" value=\"$r->phone2\" /></td>";
echo "</tr>\n";
echo '<tr>';
echo ' <td>' . i18n('Phone 3') . ": </td><td><input type=\"text\" name=\"phone3[$id]\" size=\"20\" value=\"$r->phone3\" /></td>";
echo ' <td><b>' . i18n('Student Cell') . "</b>: </td><td><input type=\"text\" name=\"phone4[$id]\" size=\"20\" value=\"$r->phone4\" /></td>";
echo "</tr>\n";
echo '</table>';
echo '<br />';
echo '<br />';
}
echo '<input type="submit" value="' . i18n('Save Emergency Contact Information') . "\" />\n";
echo '</form>';
send_footer();
?>