function checkApplication($user_id, $application_id, $extended = false) { $user_id = escape($user_id); $application_id = escape($application_id); $result = mysql_query("SELECT submitted, club_id FROM applications WHERE id='{$application_id}' AND user_id='{$user_id}'"); $returnStatus = 0; $club_id = 0; if ($row = mysql_fetch_array($result)) { if ($row['submitted'] != '') { //already submitted $returnStatus = -1; } else { //check if supplement is still open if (isAvailableWindow($row['club_id'])) { $returnStatus = 0; } else { $returnStatus = -3; } } $club_id = $row['club_id']; } else { //does not belong to user or doesn't exist $returnStatus = -2; } if ($extended) { return array($returnStatus, $club_id); } else { return $returnStatus; } }
include "../config.php"; include "../include/common.php"; include "../include/db_connect.php"; include "../include/session.php"; include "../include/apply_gen.php"; include "../include/apply_admin.php"; if (isset($_SESSION['admin'])) { $club_id = $_SESSION['admin_club_id']; include "category_manager.php"; $message = ""; $isAvailableWindow = false; $editInfo = 0; if ($club_id != 0) { //output a warning if we are in the available window $isAvailableWindow = isAvailableWindow($club_id); } if ($isAvailableWindow) { $inform['warn'] = "Your club is currently in the available window, and users may have already added the club to their applications list! Changes will not automatically be reflected in the user application! They will have to re-add your club's application."; } if (isset($_REQUEST['action'])) { if ($_REQUEST['action'] == "edit" && isset($_REQUEST['id'])) { $qid = escape($_REQUEST['id']); //if the question is edited, update database // otherwise, show the edit form and hide add question forms if (isset($_REQUEST['varname']) && isset($_REQUEST['vardesc']) && isset($_REQUEST['vartype'])) { $varname = escape($_REQUEST['varname']); $vardesc = escape($_REQUEST['vardesc']); $vartype = escape($_REQUEST['vartype']); mysql_query("UPDATE {$database} SET varname='{$varname}', vardesc='{$vardesc}', vartype='{$vartype}' WHERE id='{$qid}' AND {$whereString}"); $message = "Update successful!";
function submitApplication($user_id, $application_id, $do_submit = true) { $user_id = escape($user_id); $application_id = escape($application_id); //verify application belongs to user and hasn't been submitted $checkResult = checkApplication($user_id, $application_id, true); if ($checkResult[0] !== 0) { return "check failed"; } //verify that the user is not trying to submit the general application if ($checkResult[1] == 0) { return ""; } //verify that the application can be submitted at this time // (checkResult checks view_time, not open_time) if (!isAvailableWindow($checkResult[1], true)) { return "application cannot be submitted at this time"; } //verify that enough peer recommendations have been inputted; grab the filenames while we're at it $result = mysql_query("SELECT num_recommend FROM clubs WHERE id = '" . $checkResult[1] . "'"); $recommendResult = mysql_query("SELECT filename FROM recommendations WHERE user_id = '{$user_id}' AND status = '1'"); if ($row = mysql_fetch_array($result)) { if ($row[0] > mysql_num_rows($recommendResult)) { return "not enough peer recommendations"; } } else { return "internal error, club not found"; } $peerString = ""; while ($row = mysql_fetch_array($recommendResult)) { $peerString .= ":" . $row[0]; } //create supplement PDF $createSupplementResult = createApplicationPDF($user_id, $application_id, "../submit/"); if ($createSupplementResult[0] === FALSE) { //true is success, string is error message return $createSupplementResult[1]; } //create general application PDF $gen_app_id = getApplicationByUserClub($user_id, 0); $createGeneralResult = createApplicationPDF($user_id, $gen_app_id, "../submit/"); if ($createGeneralResult[0] === FALSE) { //true is success, string is error message return $createGeneralResult[1]; } //update database if ($do_submit) { $submitName = escape($createGeneralResult[1] . ":" . $createSupplementResult[1] . $peerString); //handle files $result = mysql_query("SELECT val FROM answers WHERE application_id = '{$application_id}' AND val LIKE 'file:%'"); while ($row = mysql_fetch_array($result)) { $fileParts = explode(":", $row[0], 3); $submitName .= escape(":*" . $fileParts[1] . "," . $fileParts[2]); //:*file_id,filename } $result = mysql_query("SELECT val FROM answers WHERE application_id = '{$gen_app_id}' AND val LIKE 'file:%'"); while ($row = mysql_fetch_array($result)) { $fileParts = explode(":", $row[0], 3); $submitName .= escape(":*" . $fileParts[1] . "," . $fileParts[2]); //:*file_id,filename } mysql_query("UPDATE applications SET submitted='{$submitName}' WHERE id='{$application_id}' AND user_id='{$user_id}'"); } //some maintenance include includePath() . "/chk.php"; checkExtraPDFs(true, true); //delete old, extra PDFs return array($createGeneralResult[1], $createSupplementResult[1]); }