<?php
require_once 'connectDatabase.php';
require_once "includes_php/functions.php";
$CaptainID = string_prepare($_GET["CaptainID"]);
$EventID = string_prepare($_GET["EventID"]);
$TathvaID = string_prepare($_GET["TathvaID"]);
$query = "Select * from Registration ";
$query .= "WHERE ";
$query .= "TathvaID ='{$TathvaID}' AND ";
$query .= "EventCode ='{$EventID}'";
$query_run = mysqli_query($mysql_conn, $query);
$row = mysqli_fetch_assoc($query_run);
if (!$_SESSION["superadmin"] && $row["Participating"]) {
echo json_encode(array("iscaptain" => 0, "message2" => "Normal User cant change confirmed captain id"));
die;
}
if ($CaptainID == $TathvaID) {
$query12 = "update Registration ";
$query12 .= "SET ";
$query12 .= "CaptainID = '{$TathvaID}' WHERE ";
$query12 .= "TathvaID ='{$TathvaID}' AND ";
$query12 .= "EventCode ='{$EventID}'";
$query12_run = mysqli_query($mysql_conn, $query12);
echo json_encode(array("iscaptain" => 1, "message2" => "Successfully Yourself captain"));
die;
}
$query1 = "Select * from Registration ";
$query1 .= "WHERE ";
$query1 .= "TathvaID ='{$CaptainID}' AND ";
$query1 .= "CaptainID ='{$CaptainID}' AND ";
<?php
$TathvaID = string_prepare(strtoupper($_POST['TathvaID']));
$Name = string_prepare($_POST['Name']);
$College = string_prepare($_POST['College']);
$Department = string_prepare($_POST['Department']);
$RollNumber = string_prepare(strtolower($_POST['RollNumber']));
$Email = string_prepare(strtolower($_POST['Email']));
$RegMoney = string_prepare($_POST['totalmoney']);
$PhoneNumber = string_prepare($_POST['PhoneNumber']);
$Comments = string_prepare($_POST['Comments']);
$query = "SELECT TathvaID FROM Participants WHERE PhoneNumber='{$PhoneNumber}'";
$query_run = mysqli_query($mysql_conn, $query);
$row = mysqli_fetch_assoc($query_run);
if ($row['TathvaID'] != $TathvaID) {
header("Location:event_confirmation.php?TathvaID={$TathvaID}");
die;
}
$query = "UPDATE Participants SET ";
$query .= "Name = '{$Name}' ,";
$query .= "College = '{$College}',";
$query .= "Department = '{$Department}' ,";
$query .= "RollNumber = '{$RollNumber}' ,";
$query .= "Email = '{$Email}' ,";
$query .= "PhoneNumber = '{$PhoneNumber}' ,";
$query .= "Verified = 1,";
$query .= "RegMoney = RegMoney + {$RegMoney} ,";
$query .= "Comments = '{$Comments}' ";
$query .= "WHERE TathvaID = '{$TathvaID}'";
//die($query);
$query_run = mysqli_query($mysql_conn, $query);
<script src="AJ/event_confirmation.js"></script>
</head>
<body>
<a class="button" id="back" href="menu.php">Back</a>
<div class="labelo" id="Username_display">User:<?php
echo $username;
?>
</div>
<a class="button" id="log_out" href="logout.php">Log out</a>
<div id="main_head">Participant Verification</div>
<?php
$TathvaID = string_prepare(strtoupper($_POST['TathvaID']));
$PhoneNumber = string_prepare($_POST['PhoneNumber']);
if (empty($TathvaID)) {
$TathvaID = string_prepare(strtoupper($_GET['TathvaID']));
}
if (!empty($PhoneNumber)) {
$query = "SELECT * FROM Participants WHERE PhoneNumber = '{$PhoneNumber}'";
$query_run = mysqli_query($mysql_conn, $query);
if (mysqli_num_rows($query_run) == 0) {
echo "<a id='extra' href='event_confirmation.php'> No ID With This Tathva ID Found.</a>";
die;
}
$query_row = mysqli_fetch_array($query_run, MYSQLI_NUM);
$TathvaID = $query_row[1];
} else {
if (!empty($TathvaID)) {
$query = "SELECT * FROM Participants WHERE TathvaID = '{$TathvaID}'";
$query_run = mysqli_query($mysql_conn, $query);
if (mysqli_num_rows($query_run) == 0) {
