arman/science-ation
1
1
Fork 0
forked from science-ation/science-ation
Code Pull Requests Activity
d8321449f9
science-ation/schoolaccess.php
james 6eb1a39d0b add the ability for schools to invite participants IF participant_registration_type=="invite" 
also switch the new participant email to read from the emails table instead of hardcoded from the file
2005-11-25 19:37:10 +00:00

317 lines
12 KiB
PHP
Raw Blame History

<?
include "common.inc.php";
if($_POST['schoolid'] && $_POST['accesscode'])
{
$q=mysql_query("SELECT * FROM schools WHERE id='".$_POST['schoolid']."' AND accesscode='".$_POST['accesscode']."' AND year='".$config['FAIRYEAR']."'");
if(mysql_num_rows($q)==1)
{
$_SESSION['schoolid']=$_POST['schoolid'];
$_SESSION['schoolaccesscode']=$_POST['accesscode'];
mysql_query("UPDATE schools SET lastlogin=NOW() WHERE id='".$_POST['schoolid']."'");
}
else
$errormsg="Invalid School ID or Access Code";
}
send_header(i18n("School Access"));
if($_GET['action']=="logout")
{
unset($_SESSION['schoolid']);
unset($_SESSION['schoolaccesscode']);
echo happy(i18n("You have been logged out from the school access page"));
}
if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode'])
{
$q=mysql_query("SELECT * FROM schools WHERE id='".$_SESSION['schoolid']."' AND accesscode='".$_SESSION['schoolaccesscode']."' AND year='".$config['FAIRYEAR']."'");
echo mysql_error();
$school=mysql_fetch_object($q);
if($school)
{
if($_POST['action']=="save")
{
mysql_query("UPDATE schools SET
school='".mysql_escape_string(stripslashes($_POST['school']))."',
address='".mysql_escape_string(stripslashes($_POST['address']))."',
city='".mysql_escape_string(stripslashes($_POST['city']))."',
province_code='".mysql_escape_string(stripslashes($_POST['province_code']))."',
postalcode='".mysql_escape_string(stripslashes($_POST['postalcode']))."',
phone='".mysql_escape_string(stripslashes($_POST['phone']))."',
fax='".mysql_escape_string(stripslashes($_POST['fax']))."',
sciencehead='".mysql_escape_string(stripslashes($_POST['sciencehead']))."',
scienceheademail='".mysql_escape_string(stripslashes($_POST['scienceheademail']))."',
scienceheadphone='".mysql_escape_string(stripslashes($_POST['scienceheadphone']))."'
WHERE id='$school->id'");
if(mysql_error())
echo error(i18n("An Error occured trying to save the school information"));
else
echo happy(i18n("School information successfully updated"));
//and reselect it
$q=mysql_query("SELECT * FROM schools WHERE id='".$_SESSION['schoolid']."' AND accesscode='".$_SESSION['schoolaccesscode']."' AND year='".$config['FAIRYEAR']."'");
echo mysql_error();
$school=mysql_fetch_object($q);
}
/*
if($_POST['action']=="numbers")
{
mysql_query("UPDATE schools SET
junior='".$_POST['junior']."',
intermediate='".$_POST['intermediate']."',
senior='".$_POST['senior']."'
WHERE id='$school->id'");
echo mysql_error();
$q=mysql_query("SELECT * FROM schools WHERE id='".$_SESSION['schoolid']."' AND accesscode='".$_SESSION['schoolaccesscode']."'");
echo "<font color=blue><b>Participation Information Successfully Updated</b></font><br>\n";
$school=mysql_fetch_object($q);
}
*/
if($_POST['action']=="feedback")
{
$body="";
$body.=$_SERVER['REMOTE_ADDR']." (".$_SERVER['REMOTE_HOST'].")\n";
$body.=date("r")."\n";
$body.="School ID: $school->id\n";
$body.="School Name: $school->school\n";
$body.="Feedback:\n".$_POST['feedbacktext']."\n";
echo "mailing ".$config['fairmanageremail'];
mail($config['fairmanageremail'],"School Feedback",$body,"From: webpage@".$_SERVER['SERVER_NAME']);
echo happy(i18n("Thanks for your feedback!"));
}
if($_POST['action']=="invite")
{
if($_POST['firstname'] && $_POST['lastname'] && $_POST['email'])
{
$regnum=0;
//now create the new registration record, and assign a random/unique registration number to then.
do
{
//random number between
//100000 and 999999 (six digit integer)
$regnum=rand(100000,999999);
$q=mysql_query("SELECT * FROM registrations WHERE num='$regnum' AND year=".$config['FAIRYEAR']);
}while(mysql_num_rows($q)>0);
//actually insert it
mysql_query("INSERT INTO registrations (num,email,start,status,year) VALUES (".
"'$regnum',".
"'".$_POST['email']."',".
"NOW(),".
"'open',".
$config['FAIRYEAR'].
")");
$regid=mysql_insert_id();
mysql_query("INSERT INTO students (registrations_id,email,firstname,lastname,schools_id,year) VALUES (
'$regid',
'".mysql_escape_string($_POST['email'])."',
'".mysql_escape_string($_POST['firstname'])."',
'".mysql_escape_string($_POST['lastname'])."',
'".mysql_escape_string($_SESSION['schoolid'])."',
'".$config['FAIRYEAR']."')");
email_send("new_participant",$_POST['email'],array("FAIRNAME"=>i18n($config['fairname'])),array("REGNUM"=>"$regnum"));
echo happy(i18n("The participant has been successfully invited"));
}
}
echo "<h3>$school->school</h3>";
echo "<h4>School Information</h4>";
echo "Please make sure your school contact information is correct, make any necessary changes:";
echo "<form method=POST action=\"schoolaccess.php\">";
echo "<input type=hidden name=action value=\"save\">";
echo "<table border=0 cellspacing=0 cellpadding=3>";
echo "<tr><td>School Name</td><td><input value=\"$school->school\" type=text name=school size=40></td></tr>";
// echo "<tr><td>Registration Password</td><td><input value=\"$school->registration_password\" type=text name=\"registration_password\" size=\"20\"></td></tr>";
echo "<tr><td>Address</td><td><input value=\"$school->address\" type=text name=address size=40></td></tr>";
echo "<tr><td>City</td><td><input value=\"$school->city\" type=text name=city size=30></td></tr>";
echo "<tr><td>".i18n("Province")."</td><td>";
emit_province_selector("province_code",$school->province_code);
echo "</td></tr>\n";
echo "<tr><td>Postalcode</td><td><input value=\"$school->postalcode\" type=text name=postalcode size=10></td></tr>";
echo "<tr><td>Phone Number</td><td><input value=\"$school->phone\" type=text name=phone size=30></td></tr>";
echo "<tr><td>Fax Number</td><td><input value=\"$school->fax\" type=text name=fax size=30></td></tr>";
echo "<tr><td>Science Teacher</td><td><input value=\"$school->sciencehead\" type=text name=sciencehead size=40></td></tr>";
echo "<tr><td>Science Teacher Email</td><td><input value=\"$school->scienceheademail\" type=text name=scienceheademail size=40></td></tr>";
echo "<tr><td>Science Teacher Phone <br><font size=1>(If different than above)</font></td><td><input value=\"$school->scienceheadphone\" type=text name=scienceheadphone size=30></td></tr>";
echo "</table>";
echo "<input type=submit value=\"Save Changes\">";
echo "</form>";
echo "<br>";
if($config['participant_registration_type']=="schoolpassword")
{
echo "<h4>".i18n("Participant Registration Password")."</h4>";
echo i18n("In order for your school's students to register for the fair, they will need to know your specific school registration password");
echo "<br />";
echo "<br />";
echo i18n("Registration Password: <b>%1</b>",array($school->registration_password));
echo "<br />";
echo "<br />";
}
else if($config['participant_registration_type']=="invite")
{
$q=mysql_query("SELECT (NOW()>'".$config['dates']['regopen']."' AND NOW()<'".$config['dates']['regclose']."') AS datecheck");
$datecheck=mysql_fetch_object($q);
if($datecheck!=0)
{
echo "<h4>".i18n("Participant Registration Invitations")."</h4>";
echo i18n("In order for your school's students to register for the fair, you will need to invite them to register. Simply enter their email address below to invite them to register. <b>Important</b>: for group projects, only add one of the participants, that participant will then add the other group member(s) to the project");
echo "<br />";
echo "<br />";
echo "<form method=POST action=\"schoolaccess.php\">";
echo "<input type=hidden name=action value=\"invite\">";
echo "<table>";
echo "<tr><td>".i18n("Email Address")."</td><td><input type=\"text\" name=\"email\" /></td></tr>";
echo "<tr><td>".i18n("First Name")."</td><td><input type=\"text\" name=\"firstname\" /></td></tr>";
echo "<tr><td>".i18n("Last Name")."</td><td><input type=\"text\" name=\"lastname\" /></td></tr>";
echo "</table>";
echo "<input type=\"submit\" value=\"Invite Participant\">";
echo "</form>";
}
echo "<br />";
echo "<h4>".i18n("Invited participants from your school")."</h4>";
$q=mysql_query("SELECT * FROM students WHERE schools_id='".$school->id."' AND year='".$config['FAIRYEAR']."' ORDER BY lastname,firstname");
echo "<table class=\"summarytable\">";
echo "<tr><th>".i18n("Last Name")."</th><th>".i18n("First Name")."</th><th>".i18n("Email Address")."</th></tr>";
while($r=mysql_fetch_object($q))
{
echo "<tr><td>$r->lastname</td><td>$r->firstname</td><td>$r->email</td></tr>";
}
echo "</table>";
}
/*
//the participation section needs to be updated to handle the age categories as specified
//in the categories table and the numbers from configuration, for now, lets just not do it.
//this code is copied from the ORSF schoolaccess page, thats why its here, but just commented out.
echo "<h4>Participation Information</h4>";
echo "Please select the number of <b>projects</b> you anticipate on sending to the fair in each of the age categories";
echo "<form method=POST action=\"schoolaccess.php\">";
echo "<input type=hidden name=action value=\"numbers\">";
echo "<table border=0 cellspacing=0 cellpadding=3>";
echo "<tr><td>Junior (Grades 7-8)</td><td>";
echo "<select name=junior>";
for($x=0;$x<=12;$x++)
{
if($school->junior==$x) $sel="selected"; else $sel="";
echo "<option $sel value=\"$x\">$x</option>\n";
}
echo "</select>";
echo "</td></tr>";
echo "<tr><td>Intermediate (Grades 9-10)</td><td>";
echo "<select name=intermediate>";
for($x=0;$x<=12;$x++)
{
if($school->intermediate==$x) $sel="selected"; else $sel="";
echo "<option $sel value=\"$x\">$x</option>\n";
}
echo "</select>";
echo "</td></tr>";
echo "<tr><td>Senior (Grades 11-12)</td><td>";
echo "<select name=senior>";
for($x=0;$x<=12;$x++)
{
if($school->senior==$x) $sel="selected"; else $sel="";
echo "<option $sel value=\"$x\">$x</option>\n";
}
echo "</select>";
echo "</td></tr>";
echo "</table>";
echo "<input type=submit value=\"Save Participation Numbers\">";
echo "<br>Please note, these numbers are only an <b>estimate</b> to help us plan the fair. Choosing small numbers here in <b>no way</b> limits your actual participation.<br>\n";
echo "</form>";
*/
echo "<br>";
echo "<h4>School Feedback / Questions</h4>";
echo "<form method=POST action=\"schoolaccess.php\">";
echo "<input type=hidden name=action value=\"feedback\">";
echo "We are always welcome to any feedback (both positive and constructive crisicism!), or any questions you may have. Please use the following box to communicate with us!";
echo "<br><textarea name=feedbacktext rows=8 cols=60></textarea><br>";
echo "<input type=submit value=\"Send Feedback\">";
echo "</form>";
}
else
{
echo "Invalid School ID or Access Code (2)";
}
}
else
{
if($errormsg) echo "<font color=red><b>$errormsg</b></font>";
echo " <form method=POST action=\"schoolaccess.php\">\n";
echo i18n("Welcome to the School Access Page. This page allows your school to provide several key pieces of information for the fair, as well as feedback about the schools experience with/at the fair.");
echo " <br><br>\n";
echo i18n("Please login below by selecting your school and entering your school <b>Access Code</b> that you received in your package");
?>
<br><br>
<table border=0 cellspacing=0 cellpadding=5>
<tr><td><?=i18n("School")?>:</td><td>
<select name="schoolid">
<option value=""><?=i18n("Choose your school")?></option>
<?
$q=mysql_query("SELECT id,school FROM schools WHERE year='".$config['FAIRYEAR']."'");
while($r=mysql_fetch_object($q))
{
echo "<option value=\"$r->id\">$r->school</option>\n";
}
?>
</select>
</td></tr>
<tr><td><?=i18n("Access Code")?>:</td><td><input type=text name=accesscode></td></tr>
<tr><td align=center><input type=submit value="<?=i18n("Login")?>"></td></tr>
</table>
</form>
<br><br>
<?
}
send_footer();
?>
View Git Blame Copy Permalink