Newer
Older
Callum Massey
committed
<?php
//error_reporting(E_ALL);
//ini_set('display_errors', 1);
Callum Massey
committed
// this is the php for sucs.org/susignup
// Include shit we need. like the renew_membership fucntion
Callum Massey
committed
include "../lib/member_functions.php";
include "../lib/date.php";
// include the suapiv2 stuff like check_su_sid_and_trans()
include "../lib/suapiv2.php";
Callum Massey
committed
// since the rewrite by ~imranh this no longer sends out emails
// feel free to add it
$error_email = "admin@sucs.org";
// By default display a page asking for sid and transid
// this is called "login"
Callum Massey
committed
$mode = 'login';
// if somone has post'd data to the page then do shit
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
if (!empty($_REQUEST['sid']) && !empty($_REQUEST['transactionID'])) {
// stick the post'd data in a variable we can call easily
$sid = $_REQUEST['sid'];
$transactionID = $_REQUEST['transactionID'];
// check if the data posted is valid
if (check_su_sid_and_trans($sid, $transactionID)) {
// probe the db for some info thatwe want to use in the if statements below
$tmpresult = $sucsDB->Execute("SELECT * FROM members WHERE sid=?", array($sid));
$signuptmpresult = $sucsDB->Execute("SELECT * FROM signup WHERE sid=?", array($sid));
// check to see if they are already a valid and paid member
if ($tmpresult->fields["sid"] == $sid && $tmpresult->fields["paid"] == paidUntil(time())) {
// let them know they are already signed up and renewed
message_flash("You are a numpty and have already signed up and paid for this year.");
// else if check to see if they have signedup and paid for the new year but haven't renewed
} else if ($tmpresult->fields["sid"] == $sid && $tmpresult->fields["paid"] != paidUntil(time())) {
// renew them!
renew_membership($tmpresult->fields["username"]);
// let them know that their account has been renewed
message_flash("Your SUCS account has been renewed.");
// else if they aren't in the SUCS DB but have a signup slip, take them back to that part of signup
// I don't know how you would end up in a state like this but the old code dealt with it so I will as well
} else if ($tmpresult->fields == false && $signuptmpresult->fields["sid"] == $sid) {
$mode = "form";
$smarty->assign("id", $signuptmpresult->fields["id"]);
$smarty->assign("pass", $signuptmpresult->fields["password"]);
// else if they aren't in the SUCS DB, then bootstrap signup process
} else if ($tmpresult->fields == false && $signuptmpresult->fields == false) {
$mode = "form";
$pass = make_password();
$iddata = $sucsDB->Execute("insert into signup (password,sid,issuedby) values( ?, ?, ?) returning id", array($pass, $sid, "99999"));
$id = $iddata->fields['id'];
$smarty->assign("id", $id);
$smarty->assign("pass", $pass);
} else {
// they should never get here
die("You'll see this if there has been a database error. Someone probably knows and is trying to fix it. Sorry.");
}
} else {
trigger_error("That Student Number and Transaction ID combo are invalid.", E_USER_ERROR);
}
Callum Massey
committed
$smarty->assign("mode", $mode);
$output = $smarty->fetch("susignup.tpl");
$smarty->assign("title", "Join");
$smarty->assign("body", $output);
?>