Skip to content
Snippets Groups Projects
Commit d6cd4954 authored by Imran Hussain's avatar Imran Hussain
Browse files

Users are idiots. add error handling

parent 9da9071a
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
components/susignup-admin.php
+ 35
20
View file @ d6cd4954
...@@ -37,28 +37,43 @@ if (isset($session->groups[$permission])) { ...@@ -37,28 +37,43 @@ if (isset($session->groups[$permission])) {
$mode = 'error'; $mode = 'error';
$smarty->assign("error_text", "Search term doesn't look like a valid student ID"); $smarty->assign("error_text", "Search term doesn't look like a valid student ID");
} else { } else {
// they have given us a valid sid lets check t see if they have paid // they have given us a valid sid lets check to see if they have paid
if (check_su_sid($_REQUEST['sid'])) {
// lets make them a signup slip
$pass = make_password();
$query = "INSERT INTO signup (password,sid,issuedby) VALUES ( ?, ?, ?) RETURNING id";
$attribs[]=$pass;
$attribs[]=$_REQUEST['sid'];
$attribs[]='99999'; //SUCS Magic internal use UID
$id = $sucsDB->Execute($query,$attribs); // make sure the user/admin/exec isn't an idiot
$id = $id->fields['id']; // check if they are already signed up and tell them so
if (!$id) { $tmpresult = $sucsDB->Execute("SELECT * FROM members WHERE sid=?", array($_REQUEST['sid']));
$mode="error"; if($tmpresult->fields["sid"] == $sid && $tmpresult->fields["paid"] == paidUntil(time())){
$smarty->assign("error_text", "An error occurred generating a signup ID. Report the following message to the admins:<br /><pre>".$sucsDB->ErrorMsg()."</pre>"); // let them know they are already signed up and renewed
} else { message_flash("You are a numpty and have already signed up and paid for this year.");
$smarty->assign('slipid', $id); // else if check to see if they have signedup and paid for the new year but haven't renewed
$smarty->assign('slippass', $pass); } else if ($tmpresult->fields["sid"] == $sid && $tmpresult->fields["paid"] != paidUntil(time())){
$smarty->assign('sid', $_REQUEST['sid']); // renew them!
} renew_membership($tmpresult->fields["username"]);
// let them know that their account has been renewed
message_flash("Your SUCS account has been renewed.");
}else{ }else{
$mode='error'; if (check_su_sid($_REQUEST['sid'])) {
$smarty->assign("error_text", "Student does not appear to have paid. Extract fees"); // lets make them a signup slip
$pass = make_password();
$query = "INSERT INTO signup (password,sid,issuedby) VALUES ( ?, ?, ?) RETURNING id";
$attribs[]=$pass;
$attribs[]=$_REQUEST['sid'];
$attribs[]='99999'; //SUCS Magic internal use UID
$id = $sucsDB->Execute($query,$attribs);
$id = $id->fields['id'];
if (!$id) {
$mode="error";
$smarty->assign("error_text", "An error occurred generating a signup ID. Report the following message to the admins:<br /><pre>".$sucsDB->ErrorMsg()."</pre>");
} else {
$smarty->assign('slipid', $id);
$smarty->assign('slippass', $pass);
$smarty->assign('sid', $_REQUEST['sid']);
}
}else{
$mode='error';
$smarty->assign("error_text", "Student does not appear to have paid. Extract fees");
}
} }
} }
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment