Newer
Older

Callum Massey
committed
<?php
//error_reporting(E_ALL);
//ini_set('display_errors', 1);

Callum Massey
committed
// this is the php for sucs.org/susignup
// Include shit we need. like the renew_membership fucntion

Callum Massey
committed
include "../lib/member_functions.php";
include "../lib/date.php";
// include the suapiv2 stuff like check_su_sid_and_trans()
include "../lib/suapiv2.php";

Callum Massey
committed
// since the rewrite by ~imranh this no longer sends out emails
// feel free to add it
$error_email = "admin@sucs.org";
// By default display a page asking for sid and transid
// this is called "login"

Callum Massey
committed
$mode = 'login';
// if somone has post'd data to the page then do shit
if(!empty($_REQUEST['sid'])&&!empty($_REQUEST['transactionID'])){
// stick the post'd data in a variable we can call easily

Callum Massey
committed
$sid = $_REQUEST['sid'];
$transactionID = $_REQUEST['transactionID'];
// check if the data posted is valid
if(check_su_sid_and_trans($sid,$transactionID)){
// probe the db for some info thatwe want to use in the if statements below
$tmpresult = $sucsDB->Execute("SELECT * FROM members WHERE sid=?", array($sid));
$signuptmpresult = $sucsDB->Execute("SELECT * FROM signup WHERE sid=?", array($sid));
// check to see if they are already a valid and paid member
if($tmpresult->fields["sid"] == $sid && $tmpresult->fields["paid"] == paidUntil(time())){
// let them know they are already signed up and renewed
message_flash("You are a numpty and have already signed up and paid for this year.");
// else if check to see if they have signedup and paid for the new year but haven't renewed
}else if ($tmpresult->fields["sid"] == $sid && $tmpresult->fields["paid"] != paidUntil(time())){
// renew them!
renew_membership($tmpresult->fields["username"]);
// let them know that their account has been renewed
message_flash("Your SUCS account has been renewed.");
// else if they aren't in the SUCS DB but have a signup slip, take them back to that part of signup
// I don't know how you would end up in a state like this but the old code dealt with it so I will as well
} else if ($tmpresult->fields == false && $signuptmpresult->fields["sid"] == $sid) {
$mode = "form";
$smarty->assign("id",$signuptmpresult->fields["id"]);
$smarty->assign("pass",$signuptmpresult->fields["password"]);
// else if they aren't in the SUCS DB, then bootstrap signup process
} else if ($tmpresult->fields == false && $signuptmpresult->fields == false) {
$mode = "form";
$pass = make_password();
$iddata = $sucsDB->Execute("insert into signup (password,sid,issuedby) values( ?, ?, ?) returning id",array($pass,$sid,"99999"));
$id = $iddata->fields['id'];
$smarty->assign("id", $id);
$smarty->assign("pass", $pass);
} else {
// they should never get here
die("You'll see this if there has been a database error. Someone probably knows and is trying to fix it. Sorry.");
trigger_error("That Student Number and Transaction ID combo are invalid.", E_USER_ERROR);

Callum Massey
committed
$smarty->assign("mode", $mode);
$output = $smarty->fetch("susignup.tpl");
$smarty->assign("title", "Join");
$smarty->assign("body", $output);
?>