function createApplicationPDF($user_id, $application_id, $targetDirectory) { $user_id = escape($user_id); $application_id = escape($application_id); //first verify that application belongs to user and has not been submitted yet $checkArray = checkApplication($user_id, $application_id, true); if ($checkArray[0] == -2 || $checkArray[0] == -1) { return array(FALSE, "verification failure"); } $club_id = $checkArray[1]; //get application fields if ($club_id == 0) { $result = mysql_query("SELECT baseapp.varname, baseapp.vardesc, baseapp.vartype, profiles.val, 0 AS sort_col, baseapp.orderId AS sort2_col FROM profiles, baseapp WHERE profiles.user_id = '{$user_id}' AND profiles.var_id = baseapp.id UNION ALL SELECT baseapp.varname, baseapp.vardesc, baseapp.vartype, answers.val, basecat.orderId AS sort_col, baseapp.orderId AS sort2_col FROM answers, baseapp, basecat WHERE answers.application_id = '{$application_id}' AND baseapp.id = answers.var_id AND basecat.id = baseapp.category ORDER BY sort_col, sort2_col"); $sectionheader = "General Application"; } else { $result = mysql_query("SELECT supplements.varname, supplements.vardesc, supplements.vartype, answers.val FROM answers, supplements WHERE answers.application_id = '{$application_id}' AND supplements.id = answers.var_id ORDER BY supplements.orderId"); $clubInfo = clubInfo($club_id); //array (club name, club description, open_time, close_time, num_recommendations) $sectionheader = "Supplement: " . $clubInfo[0]; } $userInfo = getUserInformation($user_id); //array(username, email, name) return generatePDFByResult($result, $targetDirectory, latexSpecialChars($sectionheader), "User ID: " . latexSpecialChars($user_id) . "\\\\" . latexSpecialChars($userInfo[2])); }
<?php include "../include/common.php"; include "../config.php"; include "../include/db_connect.php"; include "../include/session.php"; include "../include/apply_gen.php"; if (isset($_SESSION['user_id'])) { if (isset($_REQUEST['app_id']) && isset($_REQUEST['club_id'])) { $club_id = $_REQUEST['club_id']; $app_id = $_REQUEST['app_id']; $clubInfo = clubInfo($club_id); //passed to page, and also used to validate ownership of application $checkStatus = checkApplication($_SESSION['user_id'], $app_id); if ($checkStatus != -2) { get_page_advanced("club_detail", "apply", array("club_id" => $club_id, "app_id" => $app_id, "clubInfo" => $clubInfo, 'checkStatus' => $checkStatus)); } else { get_page_advanced("message", "apply", array("title" => "Internal error", "message" => "Internal error: application does not appear to belong to the requesting user.")); } } else { get_page_advanced("message", "apply", array("title" => "Internal error", "message" => "Internal error: app_id or club_id unspecified.")); } } else { get_page_advanced("message", "apply", array("title" => "Not Logged In", "message" => "You cannot access the application because you are not logged in. Please <a href=\"../login.php\">login first</a>.")); }
function writeApplication($user_id, $application_id, $category_id = 0) { $user_id = escape($user_id); $application_id = escape($application_id); $category_id = escape($category_id); //only used if application_id = 0, for baseapp //first verify that application belongs to user $checkArray = checkApplication($user_id, $application_id, true); if ($checkArray[0] == -2) { return FALSE; } $mutable = $checkArray[0] == 0; $club_id = $checkArray[1]; //get application fields if ($club_id == 0) { $result = mysql_query("SELECT answers.id, baseapp.id, baseapp.varname, baseapp.vardesc, baseapp.vartype, answers.val FROM answers, baseapp WHERE answers.application_id = '{$application_id}' AND baseapp.id = answers.var_id AND baseapp.category = '{$category_id}' ORDER BY baseapp.orderId"); } else { $result = mysql_query("SELECT answers.id, supplements.id, supplements.varname, supplements.vardesc, supplements.vartype, answers.val FROM answers, supplements WHERE answers.application_id = '{$application_id}' AND supplements.id = answers.var_id ORDER BY supplements.orderId"); } writeApplicationHeader($club_id, $application_id, $category_id); //We write the div here so that the actual question can add more content inside when using writeField while ($row = mysql_fetch_row($result)) { echo '<div class="ctrlHolder">'; writeField($row[1], $row[0], $row[2], $row[3], $row[4], $row[5], $mutable); echo '</div>'; } writeApplicationFooter(); }
$inform["error"] = "{$club_name} is not open yet! Try again after the open date!"; } } } } } } } } } $clubsSubscribed = listSubscriptions($_SESSION['user_id']); $clubsApplied = getUserClubsApplied($_SESSION['user_id']); //matrix maps from club id to array(subscribed?, applystate, applyinfo, clubinfo) $clubsArray = array(); foreach ($clubsSubscribed as $club_id) { $clubsArray[$club_id] = array(true, false, false, false); } foreach ($clubsApplied as $club) { if (!isset($clubsArray[$club[0]])) { $clubsArray[$club[0]] = array(false, false, false, false); } $clubsArray[$club[0]][1] = checkApplication($_SESSION['user_id'], $club[3]); $clubsArray[$club[0]][2] = $club; } foreach (array_keys($clubsArray) as $club_id) { $clubsArray[$club_id][3] = clubInfo($club_id); } get_page_advanced("clubs", "apply", array("clubs" => $clubsArray, "inform" => $inform)); } else { get_page_advanced("message", "apply", array("title" => "Not Logged In", "message" => "You cannot access the application because you are not logged in. Please <a href=\"../login.php\">login first</a>.", "redirect" => "../login.php")); }
function checkCompletedApplication($user_id, $club_id, $application_id) { $user_id = escape($user_id); $club_id = escape($club_id); $application_id = escape($application_id); //verify application belongs to user and hasn't been submitted $checkResult = checkApplication($user_id, $application_id, true); if ($checkResult[0] !== 0) { return array("This application cannot be submitted at this time (has not been started or not in available window)."); } if ($club_id != $checkResult[1]) { return array("Club ID is incorrect!"); } $warnings = array(); if ($club_id == 0) { $result = mysql_query("SELECT baseapp.varname, baseapp.vartype, basecat.name FROM answers, baseapp, basecat WHERE answers.application_id = '{$application_id}' AND answers.var_id = baseapp.id AND answers.val = '' AND basecat.id = baseapp.category ORDER by basecat.orderId"); $category = ""; while ($row = mysql_fetch_array($result)) { $typeArray = getTypeArray($row[1]); if ($typeArray['status'] == "required") { if ($category != $row[2]) { array_push($warnings, "<b>" . $row[2] . "</b>"); $category = $row[2]; } array_push($warnings, "<ul class=\"errorlist\"><li><p>" . $row[0] . "</p></li></ul>"); } } } else { $result = mysql_query("SELECT supplements.varname, supplements.vartype FROM answers, supplements WHERE answers.application_id='{$application_id}' AND answers.var_id = supplements.id AND answers.val = ''"); while ($row = mysql_fetch_array($result)) { $typeArray = getTypeArray($row[1]); if ($typeArray['status'] == "required") { array_push($warnings, $row[0]); } } } return $warnings; }