function isCurrentUserInfoComplete() { $username = getUsername(); $check2 = mysql_query("SELECT * FROM users WHERE username = '******'") or die(mysql_error()); $info2 = mysql_fetch_array($check2); if ($info2 && isUserInfoComplete($info2)) { return TRUE; } else { return FALSE; } }
function displayUserInfoPage() { require 'include/configGlobals.php'; $hashUsername = getCookie('ID'); $check = mysql_query("SELECT * FROM users WHERE sha256_user = '******'") or die(mysql_error()); while ($info = mysql_fetch_array($check)) { $username = $info['username']; if (isset($_POST['submitEdit'])) { $storedMemberType = $info['member']; $postFname = addslashes($_POST['firstName']); $postLname = addslashes($_POST['lastName']); $postAddr1 = addslashes($_POST['address1']); $postAddr2 = addslashes($_POST['address2']); $postCity = addslashes($_POST['city']); $postState = addslashes($_POST['state']); $postZip = addslashes($_POST['zipCode']); $postHphone = addslashes($_POST['homePhone']); $postCphone = addslashes($_POST['cellPhone']); $postEmail = addslashes($_POST['email']); $postEcontact = addslashes($_POST['eContact']); $postEcPhone = addslashes($_POST['eContactPhone']); $postEcRel = addslashes($_POST['eContactRel']); $postClub = addslashes($_POST['club']); if ($storedMemberType == 0 || $storedMemberType == 2 || $storedMemberType == 3) { if ($postClub == $club_Abbr) { $postMemberType = 2; } else { if ($postClub == "None") { $postMemberType = 0; } else { $postMemberType = 3; } } // Partner-member } else { if ($storedMemberType == 1) { $postClub = $club_Abbr; $postMemberType = 1; // Club member (registered on-line) } } // now we insert it into the database $update = "UPDATE users SET \n fname='{$postFname}', \n lname='{$postLname}', \n addr1='{$postAddr1}', \n addr2='{$postAddr2}', \n city='{$postCity}', \n state='{$postState}', \n zip='{$postZip}', \n hphone='{$postHphone}',\n cphone='{$postCphone}',\n email='{$postEmail}',\n econtact='{$postEcontact}',\n econtact_phone='{$postEcPhone}',\n econtact_rel='{$postEcRel}',\n member='{$postMemberType}',\n club='{$postClub}'\n WHERE username='******'"; mysql_query($update); $check2 = mysql_query("SELECT * FROM users WHERE username = '******'") or die(mysql_error()); $info2 = mysql_fetch_array($check2); if ($info2 && !isUserInfoComplete($info2)) { mysql_close(); echo "<script type=\"text/javascript\">\n"; echo "parent.main_enablePopupBackButtonHistory();\n"; echo "</script>\n"; die("Required user info not complete. Please go back to continue.</body></html>"); } else { ignore_user_abort(true); updateMemberStatus(); echo "<html><body>\n"; echo "<script language=\"javascript\" type=\"text/javascript\">\n"; echo "parent.main_enableVehiclesButton(true)\n"; if (doesUserHaveVehicles()) { echo "parent.main_enableRegisterButton(true);\n"; } else { echo "parent.main_enableRegisterButton(false);\n"; } echo "parent.main_popupWindowCancel();\n"; echo "</script></body></html>"; } } else { displayUserInfoForm($info); } } }
function adminDisplayUserInfoPage() { $hashUsername = getCookie('ID'); $check = mysql_query("SELECT * FROM users WHERE sha256_user = '******'") or die(mysql_error()); $info = mysql_fetch_array($check); if ($info['admin'] != 1) { die("ERROR: You are not an admin."); } $username = $_GET['USER']; $check = mysql_query("SELECT * FROM users WHERE username = '******'") or die(mysql_error()); while ($info = mysql_fetch_array($check)) { if ($info['admin'] == 1) { die("ERROR: Not allowed to edit admin info"); } if (isset($_POST['submitEdit'])) { $storedMemberType = $info['member']; $postFname = addslashes($_POST['firstName']); $postLname = addslashes($_POST['lastName']); $postAddr1 = addslashes($_POST['address1']); $postAddr2 = addslashes($_POST['address2']); $postCity = addslashes($_POST['city']); $postState = addslashes($_POST['state']); $postZip = addslashes($_POST['zipCode']); $postHphone = addslashes($_POST['homePhone']); $postCphone = addslashes($_POST['cellPhone']); $postEmail = addslashes($_POST['email']); $postEcontact = addslashes($_POST['eContact']); $postEcPhone = addslashes($_POST['eContactPhone']); $postEcRel = addslashes($_POST['eContactRel']); $postClub = addslashes($_POST['club']); if ($storedMemberType == 0 || $storedMemberType == 2 || $storedMemberType == 3) { if ($postClub == "SCCNH") { $postMemberType = 2; } else { if ($postClub == "None") { $postMemberType = 0; } else { $postMemberType = 3; } } // Partner-member } else { if ($storedMemberType == 1) { $postClub = "SCCNH"; $postMemberType = 1; // SCCNH member (registered on-line) } } // now we insert it into the database $update = "UPDATE users SET \n fname='{$postFname}', \n lname='{$postLname}', \n addr1='{$postAddr1}', \n addr2='{$postAddr2}', \n city='{$postCity}', \n state='{$postState}', \n zip='{$postZip}', \n hphone='{$postHphone}',\n cphone='{$postCphone}',\n email='{$postEmail}',\n econtact='{$postEcontact}',\n econtact_phone='{$postEcPhone}',\n econtact_rel='{$postEcRel}',\n member='{$postMemberType}',\n club='{$postClub}'\n WHERE username='******'"; mysql_query($update); $check2 = mysql_query("SELECT * FROM users WHERE username = '******'") or die(mysql_error()); $info2 = mysql_fetch_array($check2); if ($info2 && !isUserInfoComplete($info2)) { mysql_close(); die("Required user info not complete. Please <a href=\"userinfo.php\">go back</a> to continue.</html>"); } else { mysql_close(); // echo "Saved?".$update."!"; // below lines must be html commented when working outside of php system or it will be interpreted and executed // reload the admin/user screen. echo "<script type=\"text/javascript\">parent.main_setBodyFrame('admin_users.php');\n"; // return to the user screen. echo "parent.main_popupWindowCancel();</script></body></html>"; } } else { if (isset($_POST['submitDelete'])) { // check for vehicles first... $vehcheck = mysql_query("SELECT * FROM vehicles WHERE userOwner = '{$username}'") or die(mysql_error()); while ($vehinfo = mysql_fetch_assoc($vehcheck)) { $qVehID = $vehinfo['vehicleID']; // first delete the owners vehicles from any events deleteVehicleFromEvents($qVehID); // then delete the vehicle. mysql_query("DELETE FROM vehicles WHERE vehicleID = '{$qVehID}'"); } // now delete the user mysql_query("DELETE FROM users WHERE username = '******'"); mysql_close(); // below lines must be html commented when working outside of php system or it will be interpreted and executed // reload the admin/user screen. echo "<script type=\"text/javascript\">parent.main_setBodyFrame('admin_users.php');\n"; // return to the user screen. echo "parent.main_popupWindowCancel();</script></body></html>"; } else { displayUserInfoForm($info); } } } }
function displayEvents($sqlArray) { require 'include/configGlobals.php'; echo "<script type=\"text/javascript\">\n"; echo "parent.main_disablePopupBackButton();\n"; echo "</script>\n"; // Display events $eventcheck = mysql_query("SELECT * FROM events ORDER BY `events`.`eventDate`, `events`.`eventDB` ASC") or die(mysql_error()); echo "<table class=\"default\" width=\"100%\">\n"; echo "<th colspan=\"6\">Events</th>\n"; echo "<tr><td>Event Type</td><td>Event Name</td><td>Event Location</td><td>Event Date</td><td>Pre-registered</td><td>Pre-Registration</td></tr>\n"; while ($eventinfo = mysql_fetch_assoc($eventcheck)) { $paymentStatus = ""; $today = date('Y-m-d'); if ($eventinfo['eventType'] == "Autocross") { if ($eventinfo['eventName'] == "All " . date('Y') . " Autocross Regular Events") { $allAutoXEvents = 0x1; $regBegin = date('Y-m-d', mktime(0, 0, 0, substr($eventinfo['eventDate'], 5, 2), substr($eventinfo['eventDate'], 8, 2) - 90, substr($eventinfo['eventDate'], 0, 4))); } else { $regBegin = date('Y-m-d', mktime(0, 0, 0, substr($eventinfo['eventDate'], 5, 2), substr($eventinfo['eventDate'], 8, 2) - 30, substr($eventinfo['eventDate'], 0, 4))); } $regCutoff = date('Y-m-d', mktime(0, 0, 0, substr($eventinfo['eventDate'], 5, 2), substr($eventinfo['eventDate'], 8, 2) - 2, substr($eventinfo['eventDate'], 0, 4))); } else { if ($eventinfo['eventType'] == "Hillclimb") { $regCutoff = date('Y-m-d', mktime(0, 0, 0, substr($eventinfo['eventDate'], 5, 2), substr($eventinfo['eventDate'], 8, 2) - 7, substr($eventinfo['eventDate'], 0, 4))); $regBegin = date('Y-m-d', mktime(0, 0, 0, substr($eventinfo['eventDate'], 5, 2), substr($eventinfo['eventDate'], 8, 2) - 60, substr($eventinfo['eventDate'], 0, 4))); $regLateCutoff = date('Y-m-d', mktime(0, 0, 0, 05, 14, 2008)); } } echo "<tr>\n"; echo "<td>" . $eventinfo['eventType'] . "</td>"; echo "<td>" . $eventinfo['eventName'] . "</td>"; echo "<td>" . $eventinfo['eventLocation'] . "</td>"; echo "<td>" . $eventinfo['eventDate'] . "</td>"; echo "<td>"; $tempquery = $eventinfo['eventDB']; $tempEventcheck = mysql_query("SELECT * FROM {$tempquery}") or die(mysql_error()); $reg_count = 0; $userRegistered = 0; while ($tempEventInfo = mysql_fetch_assoc($tempEventcheck)) { $reg_count = $reg_count + 1; if ($tempEventInfo['registeredUser'] == $sqlArray['username']) { $userRegistered = 1; } } if ($reg_count > 0) { if ($today <= $eventinfo['eventDate']) { echo "<form action=\"eventregistered.php\" method=\"POST\">\n"; echo "[ " . $reg_count . " ] "; echo "<input type=\"hidden\" name=\"regEventName\" value=\"" . $eventinfo['eventDB'] . "\" />"; echo " <input type=\"submit\" name=\"showRegistration\" value=\"Show\" />\n"; if ($sqlArray['admin'] != 0) { echo "<input type=\"hidden\" name=\"regEventKey\" value=\"" . $eventinfo['eventID'] . "\" />\n"; // echo "<br /><input type=\"submit\" name=\"downloadMember\" value=\"Download Member File\" />"; // echo "<br /><input type=\"submit\" name=\"downloadEntries\" value=\"Download Entries File\" />"; // echo "<br /><input type=\"submit\" name=\"downloadPrintable\" value=\"Download Printable File\" />"; echo "<br /><input type=\"submit\" name=\"downloadAllFiles\" value=\"Download All Files\" />\n"; } echo "</form>\n"; } else { echo "-"; } } else { echo "None"; } echo "</td>\n"; echo "<td>\n"; echo "<table class=\"blank\"><tr><td>\n"; if (!isUserInfoComplete($sqlArray)) { echo "User Info Incomplete\n"; echo "<form action=\"events.php\" method=\"POST\">\n"; } else { if ($userRegistered && $today < $regCutoff) { $paymentStatus = displayPaypalEvent($sqlArray, $eventinfo); echo "<form action=\"events.php\" method=\"POST\">\n"; } elseif ($reg_count < 50) { echo "<form action=\"events.php\" method=\"POST\">\n"; if ($today < $regBegin) { echo "Not Open Yet \n"; } else { if ($today < $regCutoff) { if ($eventinfo['eventType'] != "Hillclimb" && $eventinfo['eventName'] != "4th Annual North Country Rumble" && $allAutoXEvents != 0x1) { echo "<input type=\"image\" src=\"images/classy-icons-set/png/32x32/folder_add.png\" name=\"register\" value=\"Register\" alt=\"Register\" title=\"Register For This Event\"onClick=\"alert('After registering for this event online you will still need to check-in with registration at the event.')\" />\n"; } if ($allAutoXEvents == 0x1) { echo "Not Available \n"; } } else { echo "Closed \n"; } } } else { echo "Full \n"; } } echo "</td><td>\n"; echo "<input type=\"hidden\" name=\"regEventName\" value=\"" . $eventinfo['eventDB'] . "\">\n"; if ($userRegistered && ($today >= $regBegin && $today < $regCutoff)) { echo "<input type=\"image\" src=\"images/classy-icons-set/png/32x32/folder_edit.png\" name=\"editregistration\" value=\"EditRegistration\" alt=\"Edit Registration\" title=\"Edit Registration\" />\n"; } if ($userRegistered && ($paymentStatus == "" || $paymentStatus != "Completed" && $paymentStatus != "Pending" && $paymentStatus != "Processed" && $paymentStatus != "In-Progress")) { // User is registered, but payment hasn't been completed. Allow them to unregister. if ($today >= $regBegin && $today < $regCutoff) { echo "<input type=\"image\" src=\"images/classy-icons-set/png/32x32/folder_remove.png\" name=\"unregister\" value=\"Unregister\" alt=\"Unregister\" title=\"Unregister\" />\n"; } } else { if ($eventinfo['eventType'] == "Autocross") { $allAutoXEvents |= 0x2; } } echo "</td></tr></table>\n"; if ($eventinfo['eventType'] == "Hillclimb" && $today < $regCutoff && $today >= $regBegin) { if (isUserAdmin()) { $itemName = $club_Abbr . " " . $eventinfo['eventType'] . " " . $eventinfo['eventName'] . " " . $eventinfo['eventDate']; $hashinput = $itemName . $sqlArray['username']; $itemNumber = hash('md5', $hashinput); echo "<a href=\"#\" onclick=\"parent.main_openPopupWindow('entryHillclimb.php?" . $itemNumber . "')\">Register (testing)</a>\n"; } // echo "<a target=\"_blank\" href=\"http://www.hillclimb.org/events/ascutney/ascutney.htm\">Register</a>\n"; echo "<a target=\"_blank\" href=\"http://www.sccnh.org/hillclimbreg.html\">Register at sccnh.org</a>\n"; } else { if ($eventinfo['eventName'] == "4th Annual North Country Rumble") { echo "Rumble registration not fully completed<br>\n"; echo "Use <a target=\"_blank\" href=\"http://sccnh.xhub.com/SCCNH%20Rumble%20Registration%20Form%202008.pdf\">Official Entry Form [pdf]</a>\n"; echo "for now.\n"; } } echo "</td></form>\n"; echo "</tr>\n"; } echo "</table>\n"; }