2005-05-13 17:36:01 +00:00
< ?
/*
This file is part of the 'Science Fair In A Box' project
SFIAB Website : http :// www . sfiab . ca
Copyright ( C ) 2005 Sci - Tech Ontario Inc < info @ scitechontario . org >
Copyright ( C ) 2005 James Grant < james @ lightbox . org >
This program is free software ; you can redistribute it and / or
modify it under the terms of the GNU General Public
License as published by the Free Software Foundation , version 2.
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the GNU
General Public License for more details .
You should have received a copy of the GNU General Public License
along with this program ; see the file COPYING . If not , write to
the Free Software Foundation , Inc . , 59 Temple Place - Suite 330 ,
Boston , MA 02111 - 1307 , USA .
*/
?>
< ?
require ( " ../common.inc.php " );
2007-11-21 17:02:09 +00:00
require_once ( " ../user.inc.php " );
2007-11-18 23:50:23 +00:00
user_auth_required ( 'committee' , 'admin' );
2005-05-13 17:36:01 +00:00
if ( $_POST [ 'save' ] == " edit " || $_POST [ 'save' ] == " add " )
{
if ( $_POST [ 'save' ] == " add " )
{
$q = mysql_query ( " INSERT INTO schools (year) VALUES (' " . $config [ 'FAIRYEAR' ] . " ') " );
$id = mysql_insert_id ();
}
else
2009-10-11 03:32:14 +00:00
$id = intval ( $_POST [ 'id' ]);
2005-05-13 17:36:01 +00:00
2009-09-09 00:26:12 +00:00
$atrisk = $_POST [ 'atrisk' ] == 'yes' ? 'yes' : 'no' ;
2005-05-13 17:36:01 +00:00
2009-10-11 03:32:14 +00:00
/*
" sciencehead=' " . mysql_escape_string ( stripslashes ( $_POST [ 'sciencehead' ])) . " ', " .
" scienceheadphone=' " . mysql_escape_string ( stripslashes ( $_POST [ 'scienceheadphone' ])) . " ', " .
" scienceheademail=' " . mysql_escape_string ( stripslashes ( $_POST [ 'scienceheademail' ])) . " ', " .
" principal=' " . mysql_escape_string ( stripslashes ( $_POST [ 'principal' ])) . " ', " .
*/
/* Get the uids for principal/science head */
$q = mysql_query ( " SELECT principal_uid,sciencehead_uid FROM schools WHERE id=' $id ' " );
$i = mysql_fetch_assoc ( $q );
$principal_update = '' ;
$sciencehead_update = '' ;
list ( $first , $last ) = split ( ' ' , $_POST [ 'principal' ], 2 );
/* Load existing entry if it exists , else make an entry if
* there is data , else , do nothing */
if ( $i [ 'principal_uid' ] > 0 )
$pl = user_load_by_uid ( $i [ 'principal_uid' ]);
else if ( $first != '' && $last != '' ) {
$pl = user_create ( 'principal' , " * $first $last " . user_generate_password ());
$principal_update = " principal_uid=' { $pl [ 'uid' ] } ', " ;
} else
$pl = false ;
/* If we loaded or created an entry , either
* update and save , or purge it */
if ( is_array ( $pl )) {
if ( $first == '' && $last == '' ) {
user_purge ( $pl , 'principal' );
$principal_update = 'principal_uid=NULL,' ;
} else {
$pl [ 'firstname' ] = $first ;
$pl [ 'lastname' ] = $last ;
user_save ( $pl );
}
}
/* Get info about science head */
list ( $first , $last ) = split ( ' ' , $_POST [ 'sciencehead' ], 2 );
$em = $_POST [ 'scienceheademail' ];
if ( $em == '' && ( $first != '' || $last != '' )) $em = " * $first $last " . user_generate_password ();
/* Load existing record , or create new if there ' s something
* to insert */
if ( $i [ 'sciencehead_uid' ] > 0 )
$sh = user_load_by_uid ( $i [ 'sciencehead_uid' ]);
else if ( $em != '' ) {
$sh = user_create ( 'teacher' , $em );
$sciencehead_update = " sciencehead_uid=' { $sh [ 'uid' ] } ', " ;
} else
$sh = false ;
/* If we have a record, either delete it or update it */
if ( is_array ( $sh )) {
if ( $em == '' ) {
user_purge ( $sh , 'teacher' );
$sciencehead_update = 'sciencehead_uid=NULL,' ;
} else {
$sh [ 'firstname' ] = $first ;
$sh [ 'lastname' ] = $last ;
$sh [ 'phonework' ] = $_POST [ 'scienceheadphone' ];
$sh [ 'email' ] = $em ;
$sh [ 'username' ] = $em ;
user_save ( $sh );
}
}
2005-05-13 17:36:01 +00:00
$exec = " UPDATE schools SET " .
2006-10-15 17:11:56 +00:00
" school=' " . mysql_escape_string ( stripslashes ( $_POST [ 'school' ])) . " ', " .
" schoollang=' " . mysql_escape_string ( stripslashes ( $_POST [ 'schoollang' ])) . " ', " .
2009-09-09 00:26:12 +00:00
" designate=' " . mysql_escape_string ( stripslashes ( $_POST [ 'schooldesignate' ])) . " ', " .
2006-10-15 17:11:56 +00:00
" schoollevel=' " . mysql_escape_string ( stripslashes ( $_POST [ 'schoollevel' ])) . " ', " .
2005-05-13 17:36:01 +00:00
" school=' " . mysql_escape_string ( stripslashes ( $_POST [ 'school' ])) . " ', " .
2006-01-27 18:36:53 +00:00
" board=' " . mysql_escape_string ( stripslashes ( $_POST [ 'board' ])) . " ', " .
" district=' " . mysql_escape_string ( stripslashes ( $_POST [ 'district' ])) . " ', " .
2005-05-13 17:36:01 +00:00
" address=' " . mysql_escape_string ( stripslashes ( $_POST [ 'address' ])) . " ', " .
" city=' " . mysql_escape_string ( stripslashes ( $_POST [ 'city' ])) . " ', " .
" province_code=' " . mysql_escape_string ( stripslashes ( $_POST [ 'province_code' ])) . " ', " .
" postalcode=' " . mysql_escape_string ( stripslashes ( $_POST [ 'postalcode' ])) . " ', " .
2006-10-15 17:11:56 +00:00
" schoolemail=' " . mysql_escape_string ( stripslashes ( $_POST [ 'schoolemail' ])) . " ', " .
2005-05-13 17:36:01 +00:00
" phone=' " . mysql_escape_string ( stripslashes ( $_POST [ 'phone' ])) . " ', " .
" fax=' " . mysql_escape_string ( stripslashes ( $_POST [ 'fax' ])) . " ', " .
2005-11-24 20:21:55 +00:00
" registration_password=' " . mysql_escape_string ( stripslashes ( $_POST [ 'registration_password' ])) . " ', " .
2006-01-18 05:22:58 +00:00
" projectlimit=' " . mysql_escape_string ( stripslashes ( $_POST [ 'projectlimit' ])) . " ', " .
" projectlimitper=' " . mysql_escape_string ( stripslashes ( $_POST [ 'projectlimitper' ])) . " ', " .
2009-09-09 00:26:12 +00:00
" accesscode=' " . mysql_escape_string ( stripslashes ( $_POST [ 'accesscode' ])) . " ', " .
2009-10-11 03:32:14 +00:00
$sciencehead_update . $principal_update .
2009-09-09 00:26:12 +00:00
" atrisk=' $atrisk ' " .
2005-05-13 17:36:01 +00:00
" WHERE id=' $id ' " ;
mysql_query ( $exec );
echo mysql_error ();
if ( $_POST [ 'save' ] == " add " )
2007-11-18 23:50:23 +00:00
$notice = 'added' ;
2005-05-13 17:36:01 +00:00
else
2007-11-18 23:50:23 +00:00
$notice = 'saved' ;
2005-05-13 17:36:01 +00:00
}
if ( $_GET [ 'action' ] == " delete " && $_GET [ 'delete' ])
{
mysql_query ( " DELETE FROM schools WHERE id=' " . $_GET [ 'delete' ] . " ' " );
2007-11-18 23:50:23 +00:00
$notice = 'deleted' ;
2005-05-13 17:36:01 +00:00
}
2006-12-06 19:24:09 +00:00
if ( $_GET [ 'action' ] == " clearaccesscodes " )
{
mysql_query ( " UPDATE schools SET accesscode=NULL WHERE year=' { $config [ 'FAIRYEAR' ] } ' " );
2007-11-18 23:50:23 +00:00
$notice = 'clearaccess' ;
2006-12-06 19:24:09 +00:00
}
if ( $_GET [ 'action' ] == " makeaccesscodes " )
{
$q = mysql_query ( " SELECT id FROM schools WHERE year=' { $config [ 'FAIRYEAR' ] } ' AND (accesscode IS NULL OR accesscode='') " );
while ( $r = mysql_fetch_object ( $q ))
{
$ac = generatePassword ( 5 );
mysql_query ( " UPDATE schools SET accesscode=' $ac ' WHERE id=' $r->id ' AND year=' { $config [ 'FAIRYEAR' ] } ' " );
}
2007-11-18 23:50:23 +00:00
$notice = 'makeaccess' ;
2006-12-06 19:24:09 +00:00
}
2005-12-15 22:28:04 +00:00
if ( $_GET [ 'action' ] == " edit " || $_GET [ 'action' ] == " add " )
2005-05-13 17:36:01 +00:00
{
2007-11-18 23:50:23 +00:00
send_header (( $_GET [ 'action' ] == 'edit' ) ? " Edit School " : " Add New School " ,
array ( 'Committee Main' => 'committee_main.php' ,
'Administration' => 'admin/index.php' ,
2008-08-22 20:50:38 +00:00
'School Management' => 'admin/schools.php' ),
" schools_management "
2007-11-18 23:50:23 +00:00
);
2005-05-13 17:36:01 +00:00
if ( $_GET [ 'action' ] == " edit " )
{
$buttontext = " Save School " ;
$q = mysql_query ( " SELECT * FROM schools WHERE id=' " . $_GET [ 'edit' ] . " ' " );
$r = mysql_fetch_object ( $q );
}
2005-12-15 22:28:04 +00:00
else if ( $_GET [ 'action' ] == " add " )
2005-05-13 17:36:01 +00:00
{
$buttontext = " Add School " ;
}
$buttontext = i18n ( $buttontext );
echo " <form method= \" post \" action= \" schools.php \" > \n " ;
echo " <input type= \" hidden \" name= \" save \" value= \" " . $_GET [ 'action' ] . " \" > \n " ;
if ( $_GET [ 'action' ] == " edit " )
echo " <input type= \" hidden \" name= \" id \" value= \" " . $_GET [ 'edit' ] . " \" > \n " ;
echo " <table> \n " ;
2006-01-27 18:36:53 +00:00
echo " <tr><td> " . i18n ( " School Name " ) . " </td><td><input type= \" text \" name= \" school \" value= \" " . htmlspecialchars ( $r -> school ) . " \" size= \" 60 \" maxlength= \" 64 \" /></td></tr> \n " ;
2006-10-15 17:11:56 +00:00
echo " <tr><td> " . i18n ( " School Language " ) . " </td><td> " ;
echo " <select name= \" schoollang \" > " ;
echo " <option value= \" \" > " . i18n ( " Choose " ) . " </option> \n " ;
foreach ( $config [ 'languages' ] AS $k => $l )
{
if ( $r -> schoollang == $k ) $sel = " selected= \" selected \" " ; else $sel = " " ;
echo " <option $sel value= \" $k\ " > " .i18n( $l ). " </ option > \n " ;
}
echo " </select> " ;
echo " </td></tr> \n " ;
2009-09-09 00:26:12 +00:00
echo " <tr><td> " . i18n ( " School Designation " ) . " </td><td> " ;
$des = array ( '' => 'Choose' , 'public' => 'Public' ,
'independent' => 'Independent/Private' ,
'home' => 'Home School' );
echo " <select name= \" schooldesignate \" > " ;
foreach ( $des as $k => $v ) {
$sel = ( $r -> designate == $k ) ? 'selected="selected"' : '' ;
echo " <option $sel value= \" $k\ " > " .i18n( $v ). " </ option > \n " ;
}
echo " </select></td></tr> \n " ;
2006-10-15 17:11:56 +00:00
echo " <tr><td> " . i18n ( " School Level " ) . " </td><td><input type= \" text \" name= \" schoollevel \" value= \" " . htmlspecialchars ( $r -> schoollevel ) . " \" size= \" 32 \" maxlength= \" 32 \" /></td></tr> \n " ;
2006-01-27 18:36:53 +00:00
echo " <tr><td> " . i18n ( " School Board " ) . " </td><td><input type= \" text \" name= \" board \" value= \" " . htmlspecialchars ( $r -> board ) . " \" size= \" 60 \" maxlength= \" 64 \" /></td></tr> \n " ;
echo " <tr><td> " . i18n ( " School District " ) . " </td><td><input type= \" text \" name= \" district \" value= \" " . htmlspecialchars ( $r -> district ) . " \" size= \" 60 \" maxlength= \" 64 \" /></td></tr> \n " ;
2005-05-13 17:36:01 +00:00
echo " <tr><td> " . i18n ( " Address " ) . " </td><td><input type= \" text \" name= \" address \" value= \" " . htmlspecialchars ( $r -> address ) . " \" size= \" 60 \" maxlength= \" 64 \" /></td></tr> \n " ;
echo " <tr><td> " . i18n ( " City " ) . " </td><td><input type= \" text \" name= \" city \" value= \" " . htmlspecialchars ( $r -> city ) . " \" size= \" 32 \" maxlength= \" 32 \" /></td></tr> \n " ;
2008-07-16 17:23:53 +00:00
echo " <tr><td> " . i18n ( $config [ 'provincestate' ]) . " </td><td> " ;
2005-05-13 17:36:01 +00:00
emit_province_selector ( " province_code " , $r -> province_code );
echo " </td></tr> \n " ;
2008-07-16 17:23:53 +00:00
echo " <tr><td> " . i18n ( $config [ 'postalzip' ]) . " </td><td><input type= \" text \" name= \" postalcode \" value= \" $r->postalcode\ " size = \ " 8 \" maxlength= \" 7 \" /></td></tr> \n " ;
2005-05-13 17:36:01 +00:00
echo " <tr><td> " . i18n ( " Phone " ) . " </td><td><input type= \" text \" name= \" phone \" value= \" " . htmlspecialchars ( $r -> phone ) . " \" size= \" 16 \" maxlength= \" 16 \" /></td></tr> \n " ;
echo " <tr><td> " . i18n ( " Fax " ) . " </td><td><input type= \" text \" name= \" fax \" value= \" " . htmlspecialchars ( $r -> fax ) . " \" size= \" 16 \" maxlength= \" 16 \" /></td></tr> \n " ;
2009-10-11 03:32:14 +00:00
if ( $r -> principal_uid > 0 )
$pl = user_load_by_uid ( $r -> principal_uid );
else
$pl = array ();
echo " <tr><td> " . i18n ( " Principal " ) . " </td><td><input type= \" text \" name= \" principal \" value= \" " . htmlspecialchars ( $pl [ 'name' ]) . " \" size= \" 60 \" maxlength= \" 64 \" /></td></tr> \n " ;
2006-10-15 17:11:56 +00:00
echo " <tr><td> " . i18n ( " School Email " ) . " </td><td><input type= \" text \" name= \" schoolemail \" value= \" " . htmlspecialchars ( $r -> schoolemail ) . " \" size= \" 60 \" maxlength= \" 128 \" /></td></tr> \n " ;
2005-05-13 17:36:01 +00:00
echo " <tr><td> " . i18n ( " Access Code " ) . " </td><td><input type= \" text \" name= \" accesscode \" value= \" " . htmlspecialchars ( $r -> accesscode ) . " \" size= \" 32 \" maxlength= \" 32 \" /></td></tr> \n " ;
echo " <tr><td colspan=2><br /><b> " . i18n ( " Science head/teacher or science fair contact at school " ) . " </b></td></tr> " ;
2009-10-11 03:32:14 +00:00
if ( $r -> sciencehead_uid > 0 )
$sh = user_load_by_uid ( $r -> sciencehead_uid );
else
$sh = array ();
/* Don't show autogenerated emails */
$e = $sh [ 'email' ][ 0 ] == '*' ? '' : $sh [ 'email' ];
echo " <tr><td> " . i18n ( " Email " ) . " </td><td><input type= \" text \" name= \" scienceheademail \" value= \" " . htmlspecialchars ( $e ) . " \" size= \" 60 \" maxlength= \" 128 \" /></td></tr> \n " ;
echo " <tr><td> " . i18n ( " Name " ) . " </td><td><input type= \" text \" name= \" sciencehead \" value= \" " . htmlspecialchars ( $sh [ 'name' ]) . " \" size= \" 60 \" maxlength= \" 64 \" /></td></tr> \n " ;
echo " <tr><td> " . i18n ( " Phone " ) . " </td><td><input type= \" text \" name= \" scienceheadphone \" value= \" " . htmlspecialchars ( $sh [ 'phonework' ]) . " \" size= \" 16 \" maxlength= \" 16 \" /></td></tr> \n " ;
2005-11-24 20:21:55 +00:00
if ( $config [ 'participant_registration_type' ] == " schoolpassword " )
{
echo " <tr><td colspan=2><br /><b> " . i18n ( " Participant Registration Password " ) . " </b></td></tr> " ;
echo " <tr><td> " . i18n ( " Password " ) . " </td><td><input type= \" text \" name= \" registration_password \" value= \" " . htmlspecialchars ( $r -> registration_password ) . " \" size= \" 32 \" maxlength= \" 32 \" /></td></tr> \n " ;
2006-01-18 05:22:58 +00:00
}
echo " <tr><td colspan=2><br /><b> " . i18n ( " Participant Registration Limits " ) . " </b></td></tr> " ;
if ( $config [ 'participant_registration_type' ] == " invite " )
{
echo " <tr><td colspan=2> " . i18n ( " Set to 0 to have no registration limit " ) . " </td></tr> " ;
echo " <tr><td colspan=2> " . i18n ( " Maximum of " ) . " " ;
echo " <input type= \" text \" name= \" projectlimit \" value= \" " . htmlspecialchars ( $r -> projectlimit ) . " \" size= \" 4 \" maxlength= \" 4 \" /> " ;
echo " " ;
echo i18n ( " projects " );
echo " " ;
echo " <select name= \" projectlimitper \" > " ;
if ( $r -> projectlimitper == " total " ) $sel = " selected= \" selected \" " ; else $sel = " " ;
echo " <option $sel value= \" total \" > " . i18n ( " total " ) . " </option> \n " ;
if ( $r -> projectlimitper == " agecategory " ) $sel = " selected= \" selected \" " ; else $sel = " " ;
echo " <option $sel value= \" agecategory \" > " . i18n ( " per age category " ) . " </option> \n " ;
echo " </select> " ;
echo " </td></tr> \n " ;
}
else
{
echo " <tr><td colspan=2> " . i18n ( " Participant registration limits are currently disabled. In order to use participant registration limits for schools, the participant registration type must be set to 'invite' in Configuration / Configuration Variables " ) . " </td></tr> " ;
2005-11-24 20:21:55 +00:00
}
2009-09-09 00:26:12 +00:00
echo " <tr><td colspan=2><br /><b> " . i18n ( " Demographic Information " ) . " </b></td></tr> " ;
$ch = ( $r -> atrisk ) == 'yes' ? 'checked="checked"' : '' ;
echo " <tr><td align= \" right \" ><input type= \" checkbox \" name= \" atrisk \" value= \" yes \" $ch /></td><td> " . i18n ( " Inner City or At-Risk school " ) . " </td></tr> \n " ;
2005-11-24 20:21:55 +00:00
echo " <tr><td colspan= \" 2 \" > </td></tr> " ;
2005-05-13 17:36:01 +00:00
echo " <tr><td colspan= \" 2 \" align= \" center \" ><input type= \" submit \" value= \" $buttontext\ " /></ td ></ tr > \n " ;
echo " </table> \n " ;
echo " </form> \n " ;
}
else
{
2007-11-18 23:50:23 +00:00
send_header ( " School Management " ,
array ( 'Committee Main' => 'committee_main.php' ,
2008-08-22 20:50:38 +00:00
'Administration' => 'admin/index.php' ),
" schools_management "
2007-11-18 23:50:23 +00:00
);
switch ( $notice ) {
case 'added' :
echo happy ( " School successfully added " );
break ;
case 'saved' :
echo happy ( " Successfully saved changes to school " );
break ;
case 'deleted' :
echo happy ( " School successfully deleted " );
break ;
case 'clearaccess' :
echo happy ( " Access Codes successfully cleared from all schools " );
break ;
case 'makeaccess' :
echo happy ( " Access Codes successfully set for schools that didn't have one " );
break ;
}
2005-05-13 17:36:01 +00:00
echo " <br /> " ;
2008-10-06 19:09:00 +00:00
echo " <a href= \" schools.php?action=add \" > " . i18n ( " Add new school " ) . " </a> \n " ;
2005-05-13 17:36:01 +00:00
echo " <br /> " ;
2008-10-06 19:09:00 +00:00
echo " <a href= \" schoolsimport.php?action=add \" > " . i18n ( " Import schools from CSV " ) . " </a> \n " ;
2006-09-11 17:32:02 +00:00
echo " <br /> " ;
2008-10-06 19:09:00 +00:00
echo " <a href= \" schools.php?action=makeaccesscodes \" > " . i18n ( " Create Access Code for any school without one " ) . " </a> \n " ;
2006-12-06 19:24:09 +00:00
echo " <br /> " ;
2008-10-06 19:09:00 +00:00
echo " <a onclick= \" return confirmClick(' " . i18n ( " Are you sure you want to remove all access codes from all schools? " ) . " ') \" href= \" schools.php?action=clearaccesscodes \" > " . i18n ( " Remove Access Codes from all schools " ) . " </a> \n " ;
2006-12-06 19:24:09 +00:00
echo " <br /> " ;
2009-09-11 16:18:47 +00:00
echo " <table class= \" tableview \" > " ;
2005-05-13 17:36:01 +00:00
echo " <tr> " ;
2008-10-06 19:09:00 +00:00
echo " <th> " . i18n ( " School " ) . " </th> " ;
echo " <th> " . i18n ( " Address " ) . " </th> " ;
echo " <th> " . i18n ( " Phone " ) . " </th> " ;
echo " <th> " . i18n ( " Contact " ) . " </th> " ;
2005-11-24 20:21:55 +00:00
if ( $config [ 'participant_registration_type' ] == " schoolpassword " )
2008-10-06 19:09:00 +00:00
echo " <th> " . i18n ( " Reg Pass " ) . " </th> " ;
echo " <th> " . i18n ( " Access Code " ) . " </th> " ;
echo " <th> " . i18n ( " Action " ) . " </th> " ;
2005-05-13 17:36:01 +00:00
echo " </tr> \n " ;
$q = mysql_query ( " SELECT * FROM schools WHERE year=' " . $config [ 'FAIRYEAR' ] . " ' ORDER BY school " );
while ( $r = mysql_fetch_object ( $q ))
{
echo " <tr> \n " ;
echo " <td> $r->school </td> \n " ;
echo " <td> $r->address , $r->city , $r->postalcode </td> \n " ;
echo " <td> $r->phone </td> \n " ;
echo " <td> $r->sciencehead </td> \n " ;
2005-11-24 20:21:55 +00:00
if ( $config [ 'participant_registration_type' ] == " schoolpassword " )
echo " <td> $r->registration_password </td> \n " ;
2006-12-06 19:24:09 +00:00
echo " <td> $r->accesscode </td> \n " ;
2005-05-13 17:36:01 +00:00
echo " <td align= \" center \" > " ;
echo " <a href= \" schools.php?action=edit&edit= $r->id\ " >< img border = \ " 0 \" src= \" " . $config [ 'SFIABDIRECTORY' ] . " /images/16/edit. " . $config [ 'icon_extension' ] . " \" ></a> " ;
echo " " ;
echo " <a onclick= \" return confirmClick('Are you sure you want to remove this school?') \" href= \" schools.php?action=delete&delete= $r->id\ " >< img border = 0 src = \ " " . $config [ 'SFIABDIRECTORY' ] . " /images/16/button_cancel. " . $config [ 'icon_extension' ] . " \" ></a> " ;
echo " </td> \n " ;
echo " </tr> \n " ;
}
echo " </table> \n " ;
}
send_footer ();
?>