Skip to content
Snippets Groups Projects
susignup.php 3.37 KiB
Newer Older
// gib errars plox
//error_reporting(E_ALL);
//ini_set('display_errors', 1);
// this is the php for sucs.org/susignup

// Include shit we need. like the renew_membership fucntion

// include the suapiv2 stuff like check_su_sid_and_trans()
include "../lib/suapiv2.php";
// since the rewrite by ~imranh this no longer sends out emails
// feel free to add it
// Where do errors go?
$error_email = "admin@sucs.org";

// By default display a page asking for sid and transid
// this is called "login"

// if somone has post'd data to the page then do shit
if (!empty($_REQUEST['sid']) && !empty($_REQUEST['transactionID'])) {

    // stick the post'd data in a variable we can call easily
    $sid = $_REQUEST['sid'];
    $transactionID = $_REQUEST['transactionID'];

    // check if the data posted is valid
    if (check_su_sid_and_trans($sid, $transactionID)) {

        // probe the db for some info thatwe want to use in the if statements below
        $tmpresult = $sucsDB->Execute("SELECT * FROM members WHERE sid=?", array($sid));
        $signuptmpresult = $sucsDB->Execute("SELECT * FROM signup WHERE sid=?", array($sid));

        // check to see if they are already a valid and paid member
        if ($tmpresult->fields["sid"] == $sid && $tmpresult->fields["paid"] == paidUntil(time())) {
            // let them know they are already signed up and renewed
            message_flash("You are a numpty and have already signed up and paid for this year.");
            // else if check to see if they have signedup and paid for the new year but haven't renewed
        } else if ($tmpresult->fields["sid"] == $sid && $tmpresult->fields["paid"] != paidUntil(time())) {
            // renew them!
            renew_membership($tmpresult->fields["username"]);
            // let them know that their account has been renewed
            message_flash("Your SUCS account has been renewed.");
            // else if they aren't in the SUCS DB but have a signup slip, take them back to that part of signup
            // I don't know how you would end up in a state like this but the old code dealt with it so I will as well
        } else if ($tmpresult->fields == false && $signuptmpresult->fields["sid"] == $sid) {
            $mode = "form";
            $smarty->assign("id", $signuptmpresult->fields["id"]);
            $smarty->assign("pass", $signuptmpresult->fields["password"]);
            // else if they aren't in the SUCS DB, then bootstrap signup process
        } else if ($tmpresult->fields == false && $signuptmpresult->fields == false) {
            $mode = "form";
            $pass = make_password();
            $iddata = $sucsDB->Execute("insert into signup (password,sid,issuedby) values( ?, ?, ?) returning id", array($pass, $sid, "99999"));
            $id = $iddata->fields['id'];
            $smarty->assign("id", $id);
            $smarty->assign("pass", $pass);
        } else {
            // they should never get here
            die("You'll see this if there has been a database error. Someone probably knows and is trying to fix it. Sorry.");
        }
    } else {
        trigger_error("That Student Number and Transaction ID combo are invalid.", E_USER_ERROR);
    }
$smarty->assign("mode", $mode);
$output = $smarty->fetch("susignup.tpl");

$smarty->assign("title", "Join");
$smarty->assign("body", $output);


?>