Esempio n. 1
0
<?php

require_once 'connectDatabase.php';
require_once "includes_php/functions.php";
$CaptainID = string_prepare($_GET["CaptainID"]);
$EventID = string_prepare($_GET["EventID"]);
$TathvaID = string_prepare($_GET["TathvaID"]);
$query = "Select * from Registration ";
$query .= "WHERE ";
$query .= "TathvaID ='{$TathvaID}' AND ";
$query .= "EventCode ='{$EventID}'";
$query_run = mysqli_query($mysql_conn, $query);
$row = mysqli_fetch_assoc($query_run);
if (!$_SESSION["superadmin"] && $row["Participating"]) {
    echo json_encode(array("iscaptain" => 0, "message2" => "Normal User cant change confirmed captain id"));
    die;
}
if ($CaptainID == $TathvaID) {
    $query12 = "update Registration ";
    $query12 .= "SET ";
    $query12 .= "CaptainID = '{$TathvaID}' WHERE ";
    $query12 .= "TathvaID ='{$TathvaID}' AND ";
    $query12 .= "EventCode ='{$EventID}'";
    $query12_run = mysqli_query($mysql_conn, $query12);
    echo json_encode(array("iscaptain" => 1, "message2" => "Successfully Yourself captain"));
    die;
}
$query1 = "Select * from Registration ";
$query1 .= "WHERE ";
$query1 .= "TathvaID ='{$CaptainID}' AND ";
$query1 .= "CaptainID ='{$CaptainID}' AND ";
Esempio n. 2
0
<?php

$TathvaID = string_prepare(strtoupper($_POST['TathvaID']));
$Name = string_prepare($_POST['Name']);
$College = string_prepare($_POST['College']);
$Department = string_prepare($_POST['Department']);
$RollNumber = string_prepare(strtolower($_POST['RollNumber']));
$Email = string_prepare(strtolower($_POST['Email']));
$RegMoney = string_prepare($_POST['totalmoney']);
$PhoneNumber = string_prepare($_POST['PhoneNumber']);
$Comments = string_prepare($_POST['Comments']);
$query = "SELECT TathvaID FROM Participants WHERE PhoneNumber='{$PhoneNumber}'";
$query_run = mysqli_query($mysql_conn, $query);
$row = mysqli_fetch_assoc($query_run);
if ($row['TathvaID'] != $TathvaID) {
    header("Location:event_confirmation.php?TathvaID={$TathvaID}");
    die;
}
$query = "UPDATE Participants SET ";
$query .= "Name = '{$Name}' ,";
$query .= "College = '{$College}',";
$query .= "Department = '{$Department}' ,";
$query .= "RollNumber = '{$RollNumber}' ,";
$query .= "Email = '{$Email}' ,";
$query .= "PhoneNumber = '{$PhoneNumber}' ,";
$query .= "Verified = 1,";
$query .= "RegMoney = RegMoney + {$RegMoney} ,";
$query .= "Comments = '{$Comments}' ";
$query .= "WHERE TathvaID =  '{$TathvaID}'";
//die($query);
$query_run = mysqli_query($mysql_conn, $query);
		<script src="AJ/event_confirmation.js"></script>
	</head>
	<body>
		<a class="button" id="back" href="menu.php">Back</a>
		<div class="labelo" id="Username_display">User:<?php 
echo $username;
?>
</div>
		<a class="button" id="log_out" href="logout.php">Log out</a>
		<div id="main_head">Participant Verification</div>

<?php 
$TathvaID = string_prepare(strtoupper($_POST['TathvaID']));
$PhoneNumber = string_prepare($_POST['PhoneNumber']);
if (empty($TathvaID)) {
    $TathvaID = string_prepare(strtoupper($_GET['TathvaID']));
}
if (!empty($PhoneNumber)) {
    $query = "SELECT * FROM Participants WHERE PhoneNumber = '{$PhoneNumber}'";
    $query_run = mysqli_query($mysql_conn, $query);
    if (mysqli_num_rows($query_run) == 0) {
        echo "<a id='extra' href='event_confirmation.php'> No ID With This Tathva ID Found.</a>";
        die;
    }
    $query_row = mysqli_fetch_array($query_run, MYSQLI_NUM);
    $TathvaID = $query_row[1];
} else {
    if (!empty($TathvaID)) {
        $query = "SELECT * FROM Participants WHERE TathvaID = '{$TathvaID}'";
        $query_run = mysqli_query($mysql_conn, $query);
        if (mysqli_num_rows($query_run) == 0) {