Users are idiots. add error handling

d6cd4954 · Imran Hussain · 9da9071a · d6cd4954
Commit d6cd4954 authored 9 years ago by Imran Hussain
--- a/components/susignup-admin.php
+++ b/components/susignup-admin.php
@@ -37,28 +37,43 @@ if (isset($session->groups[$permission])) {
 				$mode = 'error';
 				$smarty->assign("error_text", "Search term doesn't look like a valid student ID");
 			} else {
-				// they have given us a valid sid lets check t see if they have paid
-				if (check_su_sid($_REQUEST['sid'])) {
-					// lets make them a signup slip
-					$pass = make_password();
-					$query = "INSERT INTO signup (password,sid,issuedby) VALUES ( ?, ?, ?) RETURNING id";
-					$attribs[]=$pass;
-					$attribs[]=$_REQUEST['sid'];
-					$attribs[]='99999'; //SUCS Magic internal use UID
+				// they have given us a valid sid lets check to see if they have paid

-					$id = $sucsDB->Execute($query,$attribs);
-					$id = $id->fields['id'];
-					if (!$id) {
-						$mode="error";
-						$smarty->assign("error_text", "An error occurred generating a signup ID. Report the following message to the admins:<br /><pre>".$sucsDB->ErrorMsg()."</pre>");
-					} else {
-						$smarty->assign('slipid', $id);
-						$smarty->assign('slippass', $pass);
-						$smarty->assign('sid', $_REQUEST['sid']);
-					}
+				// make sure the user/admin/exec isn't an idiot
+				// check if they are already signed up and tell them so
+				$tmpresult = $sucsDB->Execute("SELECT * FROM members WHERE sid=?", array($_REQUEST['sid']));
+				if($tmpresult->fields["sid"] == $sid && $tmpresult->fields["paid"] == paidUntil(time())){
+					// let them know they are already signed up and renewed
+					message_flash("You are a numpty and have already signed up and paid for this year.");
+				// else if check to see if they have signedup and paid for the new year but haven't renewed
+				} else if ($tmpresult->fields["sid"] == $sid && $tmpresult->fields["paid"] != paidUntil(time())){
+					// renew them!
+					renew_membership($tmpresult->fields["username"]);
+					// let them know that their account has been renewed
+					message_flash("Your SUCS account has been renewed.");
 				}else{
-					$mode='error';
-					$smarty->assign("error_text", "Student does not appear to have paid. Extract fees");
+					if (check_su_sid($_REQUEST['sid'])) {
+						// lets make them a signup slip
+						$pass = make_password();
+						$query = "INSERT INTO signup (password,sid,issuedby) VALUES ( ?, ?, ?) RETURNING id";
+						$attribs[]=$pass;
+						$attribs[]=$_REQUEST['sid'];
+						$attribs[]='99999'; //SUCS Magic internal use UID
+
+						$id = $sucsDB->Execute($query,$attribs);
+						$id = $id->fields['id'];
+						if (!$id) {
+							$mode="error";
+							$smarty->assign("error_text", "An error occurred generating a signup ID. Report the following message to the admins:<br /><pre>".$sucsDB->ErrorMsg()."</pre>");
+						} else {
+							$smarty->assign('slipid', $id);
+							$smarty->assign('slippass', $pass);
+							$smarty->assign('sid', $_REQUEST['sid']);
+						}
+					}else{
+						$mode='error';
+						$smarty->assign("error_text", "Student does not appear to have paid. Extract fees");
+					}
 				}
 			}
 		}