[LON-CAPA-cvs] cvs: modules /raeburn/register register.pm

raeburn raeburn at source.lon-capa.org
Tue Mar 14 15:38:57 EDT 2017


raeburn		Tue Mar 14 19:38:57 2017 EDT

  Modified files:              
    /modules/raeburn/register	register.pm 
  Log:
  - switch to Apache2/mod_perl2 calls.
  - use » entity as item separator in breadcrumbs
  - support use of 'condition' as column name in mariadb database.
  - satisfy w3c validation
  - static HTML link to payment site replaces web form (MSU PCIDSS compliance)
  - coding style -- push()
  - add parentheses to WHERE clauses in SQL queries
  - code to apply localdiscount for a number of conferences (past and present)
  - consortium waiver information  
  
  
-------------- next part --------------
Index: modules/raeburn/register/register.pm
diff -u modules/raeburn/register/register.pm:1.19 modules/raeburn/register/register.pm:1.20
--- modules/raeburn/register/register.pm:1.19	Fri Apr  8 22:51:34 2011
+++ modules/raeburn/register/register.pm	Tue Mar 14 19:38:56 2017
@@ -3,7 +3,7 @@
 # Session-based registration for conferences/workshops
 # Data read/written from MySQL database.
 #
-# $Id: register.pm,v 1.19 2011/04/08 22:51:34 raeburn Exp $
+# $Id: register.pm,v 1.20 2017/03/14 19:38:56 raeburn Exp $
 #
 # Stuart P Raeburn
 #
@@ -15,8 +15,12 @@
   $ENV{'SYBASE'} = '/usr/local/freetds';
 }
 
-use Apache::RequestRec();
-use Apache::Const qw(OK SERVER_ERROR);
+use Apache2::RequestRec();
+use Apache2::Const qw(OK SERVER_ERROR);
+use Apache2::RequestIO();
+use Apache2::Response();
+use Apache2::Access();
+use Apache2::Connection ();
 use HTML::Entities;
 use DBI;
 use LWP;
@@ -79,7 +83,6 @@
     }
 
     $r->content_type('text/html');
-    $r->send_http_header;
 
     my $exitpage = "http://loncapa.org/conferences.html";
     my %items = ();
@@ -123,7 +126,7 @@
         }
         if ($wid) {
             my $quoted_wid = $dbh->quote( $wid );
-            my $statement = "SELECT p.event_id, p.user_id, w.state FROM purchaser p, webcredit w WHERE w.wid = $quoted_wid AND w.pid = p.pid";
+            my $statement = "SELECT p.event_id, p.user_id, w.state FROM purchaser p, webcredit w WHERE (w.wid = $quoted_wid AND w.pid = p.pid)";
             ($event_id,$user_id,$paymentstate) = $dbh->selectrow_array($statement);
             if (($user_id eq $user) && ($event_id)) {
                 $statement = "SELECT event, year FROM event_config WHERE event_id = '$event_id'";
@@ -168,7 +171,7 @@
         $event_quoted = $dbh->quote( $event );
     }
     if ($year && $event) {
-        ($event_id,$webpath,$fees,$condmail,$feesmsg,$localfeesmsg) = $dbh->selectrow_array("SELECT event_id,webpath,fees,condmail,feesmsg,localfeesmsg FROM event_config WHERE year=$year_quoted AND event=$event_quoted");
+        ($event_id,$webpath,$fees,$condmail,$feesmsg,$localfeesmsg) = $dbh->selectrow_array("SELECT event_id,webpath,fees,condmail,feesmsg,localfeesmsg FROM event_config WHERE (year=$year_quoted AND event=$event_quoted)");
         $portal = $webpath.$returnpage;
         if ($event_id eq '') {
             &invalid_event($r,$dbh,$page,$year,$event,$portal,$returnpage,$exitpage,\@sponsors,\%sponsorinfo,$domain);
@@ -177,7 +180,7 @@
             my $sth = $dbh->prepare("SELECT name,url,image_path,orientation FROM event_sponsors WHERE event_id = '$event_id' ORDER BY position");
             $sth->execute();
             while (my ($name,$url,$image_path,$orientation) = $sth->fetchrow_array) {
-                push @sponsors, $name;
+                push(@sponsors,$name);
                 %{$sponsorinfo{$name}} = ();
                 $sponsorinfo{$name}{url} = $url;
                 $sponsorinfo{$name}{image_path} = $image_path;
@@ -205,35 +208,35 @@
                 $sth = $dbh->prepare("SELECT user_id FROM consortium");
                 $sth->execute;
                 while (my $user_id = $sth->fetchrow_array) {
-                    push @consortium, $user_id;
+                    push(@consortium,$user_id);
                 }
                 $sth->finish;
             }
 # get items that should appear in event_registration table
-            my $sth = $dbh->prepare("SELECT name FROM event_formfields WHERE event_id = '$event_id' AND tablename = 'event_registration'");
+            my $sth = $dbh->prepare("SELECT name FROM event_formfields WHERE (event_id = '$event_id' AND tablename = 'event_registration')");
             $sth->execute;
             while (my $name = $sth->fetchrow_array) {
-                push @regitems, $name;
+                push(@regitems,$name);
             }
             $sth->finish;
 
 # get items that should appear in support_user table
-            $sth = $dbh->prepare("SELECT name FROM event_formfields WHERE event_id = '$event_id' AND tablename = 'support_user'");
+            $sth = $dbh->prepare("SELECT name FROM event_formfields WHERE (event_id = '$event_id' AND tablename = 'support_user')");
             $sth->execute;
             while (my $name = $sth->fetchrow_array) {
-                push @info, $name;
+                push(@info,$name);
             }
             $sth->finish;
             if (!grep/^created$/, at info) {
-                push @info, 'created';
+                push(@info,'created');
             }
 
 # get items that should appear in workshop_registration table
-            $sth = $dbh->prepare("SELECT name FROM event_formfields WHERE event_id = '$event_id' AND tablename = 'workshop_registration'");
+            $sth = $dbh->prepare("SELECT name FROM event_formfields WHERE (event_id = '$event_id' AND tablename = 'workshop_registration')");
             $sth->execute;
             while (my @row = $sth->fetchrow_array) {
                 if (@row > 0) {
-                    push @workshop, @row;
+                    push(@workshop, at row);
                 }
             }
             $sth->finish;
@@ -281,7 +284,7 @@
                 $form_elements{$name}{'alignment'} = $alignment;
                 $form_elements{$name}{'size'} = $size;
                 $form_elements{$name}{'tablename'} = $tablename;
-                push @{$items{$type}}, $name;
+                push(@{$items{$type}},$name);
                 my $vpos = $v_position-1;
                 my $hpos = $h_position-1;
                 unless(exists($rowitems[$vpos])) {
@@ -292,11 +295,11 @@
             }
             $sth->finish;
 # get existing workshop registration data for this user and event
-            $sth= $dbh->prepare("SELECT name FROM workshop_registration WHERE user_id = $quoted_user AND event_id = '$event_id'");
+            $sth= $dbh->prepare("SELECT name FROM workshop_registration WHERE (user_id = $quoted_user AND event_id = '$event_id')");
             $sth->execute();
             while (my @row = $sth->fetchrow_array) {
                 if (@row > 0) {
-                    push @curr_workshops, @row;
+                    push(@curr_workshops, at row);
                 }
             }
             $sth->finish;
@@ -311,7 +314,7 @@
 # figure out what page we're on and where we're heading.
     my $current_page = &calculate_page($page,$command);
     if ($current_page == 3) {
-         my $status = $dbh->selectrow_array("SELECT status FROM event_registration WHERE user_id = $quoted_user AND event_id = '$event_id'");
+         my $status = $dbh->selectrow_array("SELECT status FROM event_registration WHERE (user_id = $quoted_user AND event_id = '$event_id')");
          &display_three($r,$event,$year,$event_id,$status,$domain,$portal,$returnpage,$exitpage,$dbh,$current_page,$contact_email,$contact_name,\@sponsors,\%sponsorinfo);
     } elsif ($current_page == 2) {
         &display_two($r,$event,$year,$event_id,\%params,$user,$domain,$portal,$returnpage,$exitpage,\%items,\@info,\@workshop,$dbh,$current_page,$contact_email,$contact_name,\%form_elements,\@rowitems,\@rowtitles,\@sponsors,\%sponsorinfo,$fees,\%feeinfo,\@consortium,$condmail);
@@ -353,14 +356,14 @@
     <table class="LC_breadcrumb">
      <tr>
       <td>
-       <a HREF="http://loncapa.org/">Home</a> --> <a href="$exitpage">Events</a> --> <a href="$portal">Information</a>--> <b>Choose a LON-CAPA event</b>
+       <a HREF="http://loncapa.org/">Home</a> » <a href="$exitpage">Events</a> » <a href="$portal">Information</a> » <b>Choose a LON-CAPA event</b>
       </td>
       <td> </td>
       <td align="right" valign="top">
-       <img border="0" src="/images/login/logout_red.gif" width="90" height="23" align="right" usemap="#event_header">
-        <map name = "event_header">
-         <area shape='rect' coords=10,2,80,18' href="/logout?portal=$logoutportal">
-         <area shape = 'default' nohref>
+       <img border="0" src="/images/login/logout_red.gif" width="90" height="23" align="right" usemap="#event_header" alt="logout button" />
+        <map name="event_header" id="logoutmapchoose">
+         <area shape="rect" coords="10,2,80,18" href="/logout?portal=$logoutportal" alt="logout">
+         <area shape="default" nohref="nohref" alt="">
         </map>
       </td>
      </tr>
@@ -377,11 +380,11 @@
           <th>Dates</th>
          </tr>
 END_OF_B
-     my $sth=$dbh->prepare("SELECT event,year,eventstart,eventend,location,webpath FROM event_config ORDER BY eventstart");
+     my $sth=$dbh->prepare("SELECT event,year,eventstart,eventend,location,webpath FROM event_config ORDER BY eventstart desc");
      $sth->execute;
      while ( my ($event,$year,$eventstart,$eventend,$location,$webpath) = $sth->fetchrow_array) {
          my $regurl = "event=$event&year=$year";
-         $regurl = &HTML::Entities::encode($regurl);
+         $regurl = &HTML::Entities::encode($regurl,'"<>&');
          $regurl =~ tr/ /+/;
          $r->print("<tr><td><a href='/register?$regurl'>LON-CAPA $event ($year)</a></td><td>$location</td><td>$eventstart - $eventend</td></tr>");
      }
@@ -432,35 +435,36 @@
         $userinfo{'institution'} = 'Michigan State University';
         $userinfo{'citystate'} = 'East Lansing, MI';
         $userinfo{'zip'} = '48824';
+        $userinfo{'country'} = 'United States of America';
         $$domain = 'msu';
 #        my $response = &checkmsu($user,\%userinfo);
     }
 
 # Is there already conference data for this user?
-    my $status = $dbh->selectrow_array("SELECT status FROM event_registration WHERE user_id = $quoted_user AND event_id = '$event_id'");
+    my $status = $dbh->selectrow_array("SELECT status FROM event_registration WHERE (user_id = $quoted_user AND event_id = '$event_id')");
 # Get existing values
     if ($status eq 'enroll' || $status eq 'cancel') {
         my $statement = "SELECT ";
         foreach my $name (keys %{$form_elements}) {
             if ($$form_elements{$name}{tablename} eq 'event_registration') {
                 $statement .= "$name,";
-                push @curr_values, $name;
+                push(@curr_values,$name);
             }
         }
         chop($statement);
-        $statement .= " FROM event_registration WHERE user_id = $quoted_user AND event_id = '$event_id'";
+        $statement .= " FROM event_registration WHERE (user_id = $quoted_user AND event_id = '$event_id')";
         my @row = $dbh->selectrow_array("$statement");
         for (my $i=0; $i<@curr_values; $i++) {
             $curr{$curr_values[$i]} = $row[$i];
         }
 
 # Is there attendance days data for this user?
-        $statement = "SELECT name FROM attendancedays WHERE user_id = $quoted_user AND event_id = '$event_id'";
+        $statement = "SELECT name FROM attendancedays WHERE (user_id = $quoted_user AND event_id = '$event_id')";
         my $sth = $dbh->prepare("$statement");
         $sth->execute();
         while (my @row = $sth->fetchrow_array) {
             if (@row > 0) {
-                push @curr_attendancedays, @row;
+                push(@curr_attendancedays, at row);
             }
         }
         $sth->finish;
@@ -471,11 +475,12 @@
         }
         if (@curr_attendancedays > 0) {
             my (%check_ok,%regtype);
-            $statement = "SELECT iid,description FROM products WHERE event_id = '$event_id' AND registration = 'Y'";
+            $statement = "SELECT iid,description FROM products WHERE (event_id = '$event_id' AND registration = 'Y')";
             my $sth = $dbh->prepare($statement);
             $sth->execute();
             while (my ($iid,$desc) =  $sth->fetchrow_array()) {
-                $check_ok{$iid} = &check_conditions($dbh,$iid,$event_id,$quoted_user);               $regtype{$iid} = $desc;
+                $check_ok{$iid} = &check_conditions($dbh,$iid,$event_id,$quoted_user);
+                $regtype{$iid} = $desc;
             }
             $sth->finish;
             foreach my $iid (keys(%check_ok)) {
@@ -486,12 +491,12 @@
         }
 
 # Is there workshop data for this user?
-        $statement = "SELECT name FROM workshop_registration WHERE user_id = $quoted_user AND event_id = '$event_id'";
+        $statement = "SELECT name FROM workshop_registration WHERE (user_id = $quoted_user AND event_id = '$event_id')";
         my $sth = $dbh->prepare("$statement");
         $sth->execute();
         while (my @row = $sth->fetchrow_array) {
             if (@row > 0) {
-                push @curr_workshops, @row;
+                push(@curr_workshops, at row);
             }
         }
         $sth->finish;
@@ -501,7 +506,7 @@
             $curr{'workshop'} = '"'.$curr_workshops[0].'"'; 
         }
 # Is there accommodation data for this user?
-        $statement = "SELECT type,nights FROM event_accommodation WHERE user_id = $quoted_user AND event_id = '$event_id'";
+        $statement = "SELECT type,nights FROM event_accommodation WHERE (user_id = $quoted_user AND event_id = '$event_id')";
         $sth = $dbh->prepare("$statement");
         $sth->execute();
         while (my ($type,$nights) = $sth->fetchrow_array) {
@@ -529,7 +534,7 @@
     }
 
 # Is there already payment data?
-    my $payinfo;
+    my $payinfo = ''; 
     if ($fees) {
         my (%total,%balance,%credit);
         my $statement = "SELECT t.tid,t.iid,t.quantity,t.status,t.amount FROM purchaser p, transactions t, webcredit w WHERE p.event_id = '$event_id' AND p.user_id = $quoted_user AND p.pid = t.pid AND w.wid = t.wid AND w.state IS NOT NULL ORDER BY t.tid";
@@ -631,7 +636,7 @@
                     } else {
                         $payinfo .= ' Unless you choose to re-register, and choose to participate in the '.$$feeinfo{$iid}{'longdesc'}.' this amount will be credited to you.';
                     }
-                    $payinfo .'<br />';
+                    $payinfo .= '<br />';
                 }
             }
         }
@@ -889,14 +894,14 @@
     <table class="LC_breadcrumb">
      <tr>
       <td>
-       <a HREF="http://loncapa.org/">Home</a> --> <a href="$exitpage">Events</a> --> <a href="$portal">Information</a>--> <b>Add/Cancel/Modify Registration</b>
+       <a HREF="http://loncapa.org/">Home</a> »; <a href="$exitpage">Events</a> » <a href="$portal">Information</a> » <b>Add/Cancel/Modify Registration</b>
       </td>
       <td> </td>
       <td align="right" valign="top">
-       <img border="0" src="/images/login/logout_red.gif" width="90" height="23" align="right" usemap="#event_header">
-        <map name = 'event_header'>
-         <area shape='rect' coords=10,2,80,18' href="/logout?portal=$logoutportal">
-         <area shape = 'default' nohref>
+       <img border="0" src="/images/login/logout_red.gif" width="90" height="23" align="right" usemap="#event_header" alt="logout button" />
+        <map name = 'event_header' id='logoutmapreg'>
+         <area shape="rect" coords="10,2,80,18" href="/logout?portal=$logoutportal" alt="logout">
+         <area shape="default" nohref="nohref" alt="">
         </map>
       </td>
      </tr>
@@ -924,7 +929,7 @@
             $r->print("<b>Use this form to reactivate your cancelled registration.</b><br />");
             if ($fees) {
                 if (keys(%{$feeinfo}) > 0) {
-                    $r->print(&feedisplay($feeinfo,$feesmsg,$localfeesmsg,$user,$event_id));
+                    $r->print(&feedisplay($feeinfo,$feesmsg,$localfeesmsg,$user,$event_id,$consortium));
                     $r->print(&refund_info($endcredit,$now).'<br />');
                 }
             }
@@ -939,7 +944,7 @@
             $r->print("<b>Please submit your registration for the $year LON-CAPA $event.</b>");
             if ($fees) {
                 if (keys(%{$feeinfo}) > 0) {
-                    $r->print(&feedisplay($feeinfo,$feesmsg,$localfeesmsg,$user,$event_id));
+                    $r->print(&feedisplay($feeinfo,$feesmsg,$localfeesmsg,$user,$event_id,$consortium));
                     $r->print(&refund_info($endcredit,$now).'<br />');
                 }
             }
@@ -1093,7 +1098,7 @@
                         }
                         $r->print('<td valign="top" align="'.$$form_elements{$$rowitems[$i][$j]}{alignment}.'">');
                     }
-                    $r->print('<nobr><input type="checkbox" name="'.$$rowitems[$i][$j].'" value="'.$value.'">'.$name.'</nobr></td>'."\n");
+                    $r->print('<nobr><label><input type="checkbox" name="'.$$rowitems[$i][$j].'" value="'.$value.'">'.$name.'</label></nobr></td>'."\n");
                 }
             } elsif ($$form_elements{$$rowitems[$i][$j]}{type} eq 'selectbox') {
                 my @items = split/\&/,$$form_elements{$$rowitems[$i][$j]}{contents};
@@ -1145,7 +1150,7 @@
 
 sub display_two() {
     my ($r,$event,$year,$event_id,$params,$user,$domain,$portal,$returnpage,$exitpage,$items,$info,$workshop,$dbh,$page,$contact_email,$contact_name,$form_elements,$rowitems,$rowtitles,$sponsors,$sponsorinfo,$fees,$feeinfo,$consortium,$condmail) = @_;
-    my $enc_event = &HTML::Entities::encode($event);
+    my $enc_event = &HTML::Entities::encode($event,'"<>&');
     $enc_event =~ tr/ /+/;
     my $action = $$params{'nextaction'};
     my $quoted_user = $dbh->quote( $user );
@@ -1240,7 +1245,7 @@
             foreach my $field (@{$$items{$_}}) {
                 if ($$form_elements{$field}{tablename} eq 'event_registration') {
                     $statement .= "$field,";
-                    push @curr_values, $field;
+                    push(@curr_values,$field);
                 }
             }
         }
@@ -1255,12 +1260,12 @@
             foreach my $field (@{$$items{$type}}) {
                 if ($$form_elements{$field}{tablename} eq 'event_registration') {
                     if ($$params{$field} ne $curr{$field}) {
-                        push @changes, $field;
+                        push(@changes,$field);
                     }
                 }
                 if ($$form_elements{$field}{tablename} eq 'event_accommodation') {
                     if ($$params{$field} ne $curr{$field}) {
-                        push @accomchgs, $field;
+                        push(@accomchgs,$field);
                     }
                 }
             }
@@ -1271,19 +1276,19 @@
         $sth->execute();
         while (my @row = $sth->fetchrow_array) {
             if (@row > 0) {
-                push @workshops, @row;
+                push(@workshops, at row);
             }
         }
         $sth->finish;
         foreach my $name (@workshops) {
             unless (grep/^$name$/, at new_workshops) {
-                push @removals,$name;
+                push(@removals,$name);
             }
         }
         foreach my $name (@new_workshops) {
             unless ($name eq '') {
                 unless (grep/^$name$/, at workshops) {
-                    push @additions,$name;
+                    push(@additions,$name);
                 }
             }
         }
@@ -1292,31 +1297,31 @@
         $sth->execute();
         while (my @row = $sth->fetchrow_array) {
             if (@row > 0) {
-                push @attendancedays, @row;
+                push(@attendancedays, at row);
             }
         }
         $sth->finish;
         foreach my $name (@attendancedays) {
             unless (grep/^$name$/, at new_attendancedays) {
-                push @outdays,$name;
+                push(@outdays,$name);
             }
         }
         foreach my $name (@new_attendancedays) {
             unless ($name eq '') {
                 unless (grep/^$name$/, at attendancedays) {
-                    push @indays,$name;
+                    push(@indays,$name);
                 }
             }
         }
     } else {
         foreach my $name (@new_workshops) {
             unless ($name eq '') {
-                push @additions,$name;
+                push(@additions,$name);
             }
         }
         foreach my $name (@new_attendancedays) {
             unless ($name eq '') {
-                push @indays,$name;
+                push(@indays,$name);
             }
         }
     }
@@ -1334,10 +1339,10 @@
     }
 
     if ($userdata{'created'}) {
-        foreach (@{$info}) {
-            unless ($_ eq 'created') {
-                if ($$params{$_} ne $userdata{$_}) {
-                    push @infochanges, $_;
+        foreach my $field (@{$info}) {
+            unless ($field eq 'created') {
+                if ($params->{$field} ne $userdata{$field}) {
+                    push(@infochanges,$field);
                 }
             }
         }
@@ -1370,7 +1375,7 @@
     $sth = $dbh->prepare("SELECT name,tablename FROM event_formfields WHERE event_id = '$event_id'");
     $sth->execute;
     while (my ($name,$tablename) = $sth->fetchrow_array) {
-        push @{$table_items{$tablename}}, $name;
+        push(@{$table_items{$tablename}},$name);
     }
     $sth->finish;
 
@@ -1390,6 +1395,8 @@
             $statement .= " WHERE user_id=$quoted_user AND event_id = '$event_id'";
             $dbh->do($statement);
             if (grep/^(accommodation|dormroom|arrival|departure)$/, at changes) {
+                # Is there accommodation data for this user?
+                my $count = $dbh->selectrow_array("SELECT COUNT(type) FROM event_accommodation WHERE (user_id = $quoted_user AND event_id = '$event_id')");
                 if ($params->{'accommodation'} eq 'dorm') {
                     if (ref($table_items{'event_accommodation'}) eq 'ARRAY') {
                         if (@{$table_items{'event_accommodation'}} > 0) {
@@ -1398,11 +1405,17 @@
                                 $quoted_params{'dormroom'} = 
                                     $dbh->quote( $$params{'dormroom'} );
                             }
-                            $dbh->do("UPDATE event_accommodation SET nights='$nights',type=$quoted_params{'dormroom'} WHERE user_id=$quoted_user AND event_id ='$event_id'");
+                            if ($count) {
+                                $dbh->do("UPDATE event_accommodation SET nights='$nights',type=$quoted_params{'dormroom'} WHERE user_id=$quoted_user AND event_id ='$event_id'");
+                            } else {
+                                $dbh->do("INSERT INTO event_accommodation VALUES ($quoted_user,'$event_id','$nights',$quoted_params{dormroom})"); 
+                            }
                         }
                     }
                 } else {
-                    $dbh->do("UPDATE event_accommodation SET nights='0' WHERE user_id=$quoted_user AND event_id ='$event_id'");
+                    if ($count) {
+                        $dbh->do("UPDATE event_accommodation SET nights='0' WHERE user_id=$quoted_user AND event_id ='$event_id'");
+                    }
                 }
             }
             foreach (@additions) {
@@ -1444,7 +1457,7 @@
                             $quoted_params{'dormroom'} = 
                                 $dbh->quote( $$params{'dormroom'} );
                         }
-                        $dbh->do("INSERT INTO event_accommodation VALUES ($quoted_user,'$event_id','$nights',$quoted_params{dormroom})");
+                        $dbh->do("INSERT INTO event_accommodation VALUES ($quoted_user,'$event_id','$nights',$quoted_params{'dormroom'})");
                     }
                 }
             }
@@ -1472,8 +1485,11 @@
         }
         $statement .= " WHERE user_id=$quoted_user AND event_id = '$event_id'";
         $dbh->do($statement);
+
         if ((grep/^(accommodation|arrival|departure)$/, at changes)  ||
             (@accomchgs > 0)) {
+            # Is there accommodation data for this user?
+            my $count = $dbh->selectrow_array("SELECT COUNT(type) FROM event_accommodation WHERE (user_id = $quoted_user AND event_id = '$event_id')");
             if ($params->{'accommodation'} eq 'dorm') {
                 if (ref($table_items{'event_accommodation'}) eq 'ARRAY') {
                     if (@{$table_items{'event_accommodation'}} > 0) {
@@ -1482,11 +1498,17 @@
                             $quoted_params{'dormroom'} = 
                                 $dbh->quote( $$params{'dormroom'} );
                         }
-                        $dbh->do("UPDATE event_accommodation SET nights='$nights',type=$quoted_params{'dormroom'} WHERE user_id=$quoted_user AND event_id ='$event_id'");
+                        if ($count) {
+                            $dbh->do("UPDATE event_accommodation SET nights='$nights',type=$quoted_params{'dormroom'} WHERE user_id=$quoted_user AND event_id ='$event_id'");
+                        } else {
+                            $dbh->do("INSERT INTO event_accommodation VALUES ($quoted_user,'$event_id','$nights',$quoted_params{dormroom})");
+                        }
                     }
                 }
             } else {
-                $dbh->do("UPDATE event_accommodation SET nights='0' WHERE user_id=$quoted_user AND event_id ='$event_id'");
+                if ($count) {
+                    $dbh->do("UPDATE event_accommodation SET nights='0' WHERE user_id=$quoted_user AND event_id ='$event_id'");
+                }
             }
         }
         if (@changes > 0 || @removals > 0 || @additions > 0 || @outdays > 0|| @indays > 0) {
@@ -1526,7 +1548,7 @@
     foreach my $name (keys %{$form_elements}) {
         if ($$form_elements{$name}{tablename} eq 'event_registration') {
             $statement .= "$name,";
-            push @final_values, $name;
+            push(@final_values,$name);
         }
     }
     chop($statement);
@@ -1542,7 +1564,7 @@
     foreach my $name (keys %{$form_elements}) {
         if ($$form_elements{$name}{tablename} eq 'support_user') {
             $statement .= "$name,";
-            push @final_uservals, $name;
+            push(@final_uservals,$name);
         }
     }
     chop($statement);
@@ -1558,7 +1580,7 @@
     my $sth = $dbh->prepare("$statement");
     $sth->execute();
     while (my @row = $sth->fetchrow_array) {
-        push @finalworkshops, @row;
+        push(@finalworkshops, at row);
     }
     $sth->finish;
     if (@finalworkshops) {
@@ -1586,7 +1608,7 @@
     my $sth = $dbh->prepare("$statement");
     $sth->execute();
     while (my @row = $sth->fetchrow_array) {
-        push @finalattendancedays, @row;
+        push(@finalattendancedays, at row);
     }
     $sth->finish;
     if (@finalattendancedays > 0) {
@@ -1677,10 +1699,11 @@
     }
 
 # Get payment data?
-    my (%total,%balance,%ccard,$payinfo,%costs,%quantities,%transactions,%credtrans);
+    my (%total,%balance,%ccard,%costs,%quantities,%transactions,%credtrans);
     my $order = 0;
     my $paynum = 0;
     my $creditnum = 0;
+    my $payinfo = '';
     my $curr_pid = $dbh->selectrow_array("SELECT pid FROM purchaser WHERE event_id = '$event_id' AND user_id = $quoted_user");
     my $currstatus = $dbh->selectrow_array("SELECT status FROM event_registration WHERE user_id = $quoted_user AND event_id = '$event_id'");
     if ($fees) {
@@ -1771,7 +1794,7 @@
                             } elsif ($feehash{$key}{'type'} eq 'attendancedays') {
                                 $payinfo .= 'As your attendance plans have changed, a credit of $'.$ccard{$key}.' will be credited to you.<br />';
                             } else {
-                                $payinfo .= 'As you will not be attending the '.$$feeinfo{$feehash{$key}{'iid'}}{'longdesc'}..' a credit of $'.$ccard{$key}.' will be credited to you.<br />';
+                                $payinfo .= 'As you will not be attending the '.$$feeinfo{$feehash{$key}{'iid'}}{'longdesc'}.' a credit of $'.$ccard{$key}.' will be credited to you.<br />';
                             }
                         }
                     } elsif ($currstatus eq 'cancel') {
@@ -1803,19 +1826,19 @@
     "Thank you for your interest in the $year LON-CAPA $event.\n\n".
     "The following changes were made to your registration: \n".
     "$msg\n"."$statusmsg{mail}\n";
-         if ($action eq 'modify' || $action eq 'add') {
-             if ($fees) {
-                 $requestmail .= &refund_info($endcredit,$now)."\n\n";
-             }
-             if ($condmail eq 'Y') {
-                 %mailextra = &custommail($dbh,$condmail,$event_id,$params,
+        if ($action eq 'modify' || $action eq 'add') {
+            if ($fees) {
+                $requestmail .= &refund_info($endcredit,$now)."\n\n";
+            }
+            if ($condmail eq 'Y') {
+                %mailextra = &custommail($dbh,$condmail,$event_id,$params,
                                           \%linefeed);
-                 if ($mailextra{'mail'}) {
-                     $requestmail .= $mailextra{'mail'}."\n";
-                 }
-             }
-         }
-         $requestmail .= "MSU LON-CAPA group\n".
+                if ($mailextra{'mail'}) {
+                    $requestmail .= $mailextra{'mail'}."\n";
+                }
+            }
+        }
+        $requestmail .= "MSU LON-CAPA group\n".
     "$contact_email\n";
         if (open(MAIL, "|/usr/lib/sendmail -oi -t -odb")) {
             print MAIL $requestmail;
@@ -1825,7 +1848,7 @@
             return;
         }
         my $mailcopy = "To: helpdesk\@loncapa.org\n".
-    "From: loncapa\@loncapa.org\n".
+    "From: registrations\@loncapa.org\n".
     "Subject: LON-CAPA conference/workshop change\n".
     "The following transaction occurred for $user in the LON-CAPA events registration system: \n".
     "$msg\n"."$statusmsg{mail}\n".$mailextra{'mail'};
@@ -1864,14 +1887,14 @@
     <table class="LC_breadcrumb">
      <tr>
       <td>
-       <a HREF="http://loncapa.org/">Home</a> --> <a href="$exitpage">Events</a> --> <a href="$portal">Information</a>--> <a href="/register?year=$year&event=$enc_event">Add/Cancel/Modify registration</a> --> <b>Confirmation</b>
+       <a HREF="http://loncapa.org/">Home</a> » <a href="$exitpage">Events</a> » <a href="$portal">Information</a> » <a href="/register?year=$year&event=$enc_event">Add/Cancel/Modify registration</a> » <b>Confirmation</b>
       </td>
       <td> </td>
       <td align="right" valign="top">
-       <img border="0" src="/images/login/logout_red.gif" width="90" height="23" align="right" usemap="#event_header">
-        <map name = 'event_header'>
-         <area shape='rect' coords=10,2,80,18' href="/logout?portal=$logoutportal">
-         <area shape = 'default' nohref>
+       <img border="0" src="/images/login/logout_red.gif" width="90" height="23" align="right" usemap="#event_header" alt="logout button" />
+        <map name = 'event_header' id='logoutmapconf'>
+         <area shape="rect" coords="10,2,80,18" href="/logout?portal=$logoutportal" alt="logout">
+         <area shape="default" nohref="nohref" alt="">
         </map>
       </td>
      </tr>
@@ -2084,7 +2107,7 @@
 
 sub display_three {
     my ($r,$event,$year,$event_id,$status,$domain,$portal,$returnpage,$exitpage,$dbh,$page,$contact_email,$contact_name,$sponsors,$sponsorinfo) = @_;
-    my $enc_event = &HTML::Entities::encode($event);
+    my $enc_event = &HTML::Entities::encode($event,'"<>&');
     $enc_event =~ tr/ /+/;
 
     my %lateraction = (
@@ -2120,14 +2143,14 @@
     <table class="LC_breadcrumb">
      <tr>
       <td>
-       <a HREF="http://loncapa.org/">Home</a> --> <a href="$exitpage">Events</a> --> <a href="$portal">Information</a>--> <a href="/register?year=$year&event=$enc_event">Add/Cancel/Modify registration</a> --> <b>Payment</b>
+       <a HREF="http://loncapa.org/">Home</a> » <a href="$exitpage">Events</a> » <a href="$portal">Information</a> » <a href="/register?year=$year&event=$enc_event">Add/Cancel/Modify registration</a> » <b>Payment</b>
       </td>
       <td> </td>
       <td align="right" valign="top">
-       <img border="0" src="/images/login/logout_red.gif" width="90" height="23" align="right" usemap="#event_header">
-        <map name = 'event_header'>
-         <area shape='rect' coords=10,2,80,18' href="/logout?portal=$logoutportal">
-         <area shape = 'default' nohref>
+       <img border="0" src="/images/login/logout_red.gif" width="90" height="23" align="right" usemap="#event_header" alt="logout button" />
+        <map name="event_header" id="logoutmappay">
+         <area shape="rect" coords="10,2,80,18" href="/logout?portal=$logoutportal" alt="logout">
+         <area shape="default" nohref="nohref" alt="">
         </map>
       </td>
      </tr>
@@ -2200,7 +2223,7 @@
 
 
 sub feedisplay {
-    my ($feeinfo,$feesmsg,$localfeesmsg,$user,$event_id) = @_;
+    my ($feeinfo,$feesmsg,$localfeesmsg,$user,$event_id,$consortium) = @_;
     my $output = "<br />After submitting this form you will be directed to MSU's secure payment site to provide your credit card details, so the appropriate registration fee can be collected:<br />";
     if (keys(%{$feeinfo}) > 0) {
         my @products;
@@ -2211,15 +2234,24 @@
         foreach my $item (@products) {
             $output .= '<li>';
             if (($$feeinfo{$item}{reqd} eq 'N') && ($$feeinfo{$item}{displayoptional} eq 'Y')) {
-                $output .= 'optional ';
+                unless ($event_id eq '19') {
+                    $output .= 'optional ';
+                }
             }
             if ($$feeinfo{$item}{'infotext'} eq '') {
+                if ($$feeinfo{$item}{cost} =~ /^(\d+)\.(\d*)$/) {
+                    $$feeinfo{$item}{cost} = sprintf("%.2f",$$feeinfo{$item}{cost});
+                }
                 $output .= $$feeinfo{$item}{longdesc}.' - US$'.$$feeinfo{$item}{cost};
             } else {
                 $output .= $$feeinfo{$item}{infotext};
             }
             if ($$feeinfo{$item}{'type'} eq 'accomm') {
                 $output .= ' (per night)';
+            } elsif (ref($consortium) eq 'ARRAY') {
+                if (($$feeinfo{$item}{'waiver'} eq 'Y') && (grep/^\Q$user\E$/,@{$consortium})) {
+                    $output .= ' (waived for Board member)';
+                }
             }
             $output .= '</li>';
         }
@@ -2249,20 +2281,20 @@
     my $address = $finaldat->{'streetaddress'};
     my $citystate = $finaldat->{'citystate'};
     $citystate =~ s/\s+$//;
+    $citystate =~ s{/}{ }g;
+    $citystate =~ s{,}{, };
+    $citystate =~ s/\s+/ /g; 
     my ($city,$state) = ($citystate =~ /^(.+)\s+([^\s]+)$/);
     $city =~ s/,$//;
     my $country = $finaldat->{'country'};
-    my $action = 'https://commerce.CASHNet.com/msu_3420';
-    my $output .= <<END_A;
-<form name="webcredit" action="$action" method="post">
-<input type="hidden" name="Email_g" Value="$finaldat->{'email'}">
-<input type="hidden" name="Name_g" Value="$name">
-<input type="hidden" name="Addr_g" Value="$address">
-<input type="hidden" name="City_g" Value="$city">
-<input type="hidden" name="State_g" Value="$state">
-<input type="hidden" name="Country_g" Value="$country">
-<input type="hidden" name="Zip_g" Value="$finaldat->{'zip'}">
-END_A
+    my $action = 'https://commerce.cashnet.com/msu_3420';
+    my $urlemail = 'Email_g='.&HTML::Entities::encode($finaldat->{'email'},'"<>&');
+    my $urlname = 'Name_g='.&HTML::Entities::encode($name,'"<>&');
+    my $urladdress = 'Addr_g='.&HTML::Entities::encode($address,'"<>&');
+    my $urlcity = 'City_g='.&HTML::Entities::encode($city,'"<>&');
+    my $urlstate = 'State_g='.&HTML::Entities::encode($state,'"<>&');
+    my $urlcountry = 'Country_g='.&HTML::Entities::encode($country,'"<>&');
+    my $urlzip = 'Zip_g='.&HTML::Entities::encode($finaldat->{'zip'},'"<>&');  
     my $n = 0;
     foreach my $item (keys(%{$ccard})) {
         if ($ccard->{$item} < 0) {
@@ -2270,6 +2302,8 @@
         }
     }
     my %cashnet = &cashnet_itemcodes();
+    my $cashneturl = 'https://commerce.cashnet.com/msu_3420?';
+    my $cashnetquerystr;
     foreach my $iid (sort(keys(%sort_by_id))) {
         my $item = $sort_by_id{$iid};
         $n ++;
@@ -2277,20 +2311,20 @@
         $debt = sprintf("%.2f",$debt);
         my $quant = $quantities->{$item} - $total->{$feehash->{$item}{'iid'}};
         my $itemcode = '3420-'.$cashnet{$item};
-        $output .= <<END_B;
-<input type="hidden" name="itemcode$n" value="$itemcode">
-<input type="hidden" name="Itemcnt$n" value="$quant">
-<input type="hidden" name="Amount$n" value="$debt">
-<input  name="ref1Type$n" type="hidden" value="FKEY">
-<input  name="ref1val$n" type="hidden" value="$wid">
-END_B
-    }
-
-    $output .= <<END_C;
-<input type="hidden" name="itemcnt" value="$n" \>
-<input type="button" class="buttoncolored" value="Proceed to secure payment site" onClick="submit()" />
-</form>
-END_C
+        $cashnetquerystr .= 'itemcode'.$n.'='.$itemcode.'&'.
+                            'Itemcnt'.$n.'='.$quant.'&'.
+                            'Amount'.$n.'='.$debt.'&'.
+                            'ref1Type'.$n.'=FKEY&'.
+                            'ref1val'.$n.'='.$wid.'&';
+    }
+    $cashnetquerystr .= $urlemail.'&'.
+                        $urlname.'&'.
+                        $urladdress.'&'.
+                        $urlcity.'&'.
+                        $urlstate.'&'.
+                        $urlcountry.'&'.
+                        $urlzip;
+    my $output = '<a href="'.$cashneturl.$cashnetquerystr.'" class="buttonlink">Proceed to secure payment site</a>'; 
     return $output;
 }
 
@@ -2371,6 +2405,7 @@
                     registration        => 'CONFREG',
                     thursday            => 'CONFONE',
                     virtualregistration => 'VIRTREG',
+                    dorm_msusingle      => 'DORM',
                   );
     return %cashnet;
 }
@@ -2394,7 +2429,7 @@
     <table class="LC_breadcrumb">
      <tr>
       <td>
-       <a HREF="http://loncapa.org">Home</a> --> <a href="http://loncapa.org/conferences.html/">Events information</a> --> <b>Add/Cancel/Modify Registration</b>
+       <a HREF="http://loncapa.org">Home</a> » <a href="http://loncapa.org/conferences.html/">Events information</a> » <b>Add/Cancel/Modify Registration</b>
       </td>
       <td> </td>
      </tr>
@@ -2445,7 +2480,7 @@
     <table border="0" cellspacing="0" cellpadding="0" width="100%">
      <tr>
       <td align="left">
-       <img border='0' src="/images/login/tmcc.jpg" width="420" height="60">
+       <img border='0' src="/images/login/tmcc.jpg" width="420" height="60" alt="participants - TMCC" />
       </td>
       <td class="LC_boxtitle"><b>LON-CAPA <br />$event $year</b></td> 
      </tr>
@@ -2462,7 +2497,7 @@
     my ($dbh,$iid,$event_id,$quoted_user) = @_;
     my $check_ok = 0;
     my (%passed,%failed,%needpass, at nums,$totalpasses,$totalfails,$statement,$sth);
-    $statement = "SELECT name,tablename,value,condition,num FROM product_dependencies WHERE iid = '$iid'";
+    $statement = 'SELECT name,tablename,value,`condition`,num FROM product_dependencies WHERE iid = '."'$iid'";
     $sth = $dbh->prepare($statement);
     $sth->execute();
     while (my ($name,$table,$value,$condition,$num) = $sth->fetchrow_array()) {
@@ -2860,7 +2895,37 @@
     } elsif ($event_id eq '17') {
         if ($user =~ /^([^@]+):(vcu)$/i) {
             $count = 1;
-        } elsif ($user =~ /^([^@]+)\@vcu\.edu$/i) {
+        } elsif ($user =~ /^([^@]+)\@vcu\.edu(:vcu|)$/i) {
+            $count = 1;
+        }
+    } elsif ($event_id eq '19') {
+        if ($user =~ /^([^@]+):(uiuc)$/i) {
+            $count = 1;
+        } elsif ($user =~ /^([^@]+)\@(illinois|uiuc)\.edu(:uiuc|)$/i) {
+            $count = 1;
+        }
+    } elsif (($event_id eq '21') || ($event_id eq '23') || ($event_id eq '24') || ($event_id eq '26')) {
+        if ($user =~ /^([^@]+)\Q:msu\E$/i) {
+            $count = 1;
+        } elsif ($user =~ /^([^@]+)\@\Qmsu.edu\E(:msu|)$/i) {
+            $count = 1;
+        } elsif ($user =~ /^([^:@]+)$/) {
+            my $netid = $1;
+            my $ldapfilter = '(uid='.$netid.')';
+            my ($status,$uid) = &ldap_search('netid',$ldapfilter);
+            if ($uid) {
+                $count = 1;
+            }
+        }
+        if ($event_id eq '23') {
+            if ($user =~ /^([^@]+)\@courseweaver\.com$/i) {
+                $count = 1;
+            }
+        }
+    } elsif ($event_id eq '25') {
+        if ($user =~ /^([^@]+):(purdue)$/i) {
+            $count = 1;
+        } elsif ($user =~ /^([^@]+)\@purdue\.edu(:purdue|)$/i) {
             $count = 1;
         }
     }


More information about the LON-CAPA-cvs mailing list