From 88cdfebdea356c187f2aec3372c81ad76041b6ce Mon Sep 17 00:00:00 2001 From: james Date: Wed, 1 Sep 2010 17:53:35 +0000 Subject: [PATCH] Move team management to teacher interface --- schoolteams.php | 28 ++++++++++++++++------------ so_teams.inc.php | 12 +++++------- user.inc.php | 10 ++++++++++ 3 files changed, 31 insertions(+), 19 deletions(-) diff --git a/schoolteams.php b/schoolteams.php index e3ac690..aca16c1 100644 --- a/schoolteams.php +++ b/schoolteams.php @@ -3,11 +3,14 @@ require_once('common.inc.php'); require_once('user.inc.php'); require_once("so_teams.inc.php"); -if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode'] && $conference['type'] == 'scienceolympics'){ +user_auth_required("teacher"); +$schoolid=user_field_required("schools_id","user_edit.php?tab=school"); + +if($conference['type'] == 'scienceolympics'){ switch($_GET['action']){ - case 'saveNew': - $teamName = mysql_real_escape_string($_POST['teamname']); - $success = so_team_add($_SESSION['schoolid'], $conference['id'], $teamName); + case 'add': + $success = so_team_add($schoolid, $conference['id'], $_POST['teamname']); + echo mysql_Error(); draw_page(); break; case 'save': @@ -16,12 +19,12 @@ if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode'] && $conference['type'] $teamName = mysql_real_escape_string($_POST['teamname']); // a quick check to make sure the team being updated does indeed belong // to this school - $query = 'SELECT COUNT(*) AS tally FROM so_teams WHERE schools_id=' . $_SESSION['schoolid'] . ' AND id=' . $teamId; + $query = 'SELECT COUNT(*) AS tally FROM so_teams WHERE schools_id=' . $schoolid . ' AND id=' . $teamId; $testResults = mysql_fetch_array(mysql_query($query)); if($testResults['tally'] == 1){ // ok, the team belongs to the school that this session belongs to. We can // can go ahead and save the changes. - $success=so_team_edit($_SESSION['schoolid'],$teamId,$teamName); + $success=so_team_edit($schoolid,$teamId,$teamName); } if($success){ happy_("Team successfully updated"); @@ -37,12 +40,12 @@ if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode'] && $conference['type'] $teamName = mysql_real_escape_string($_POST['teamname']); // a quick check to make sure the team being updated does indeed belong // to this school - $query = 'SELECT COUNT(*) AS tally FROM so_teams WHERE schools_id=' . $_SESSION['schoolid'] . ' AND id=' . $teamId; + $query = 'SELECT COUNT(*) AS tally FROM so_teams WHERE schools_id=' . $schoolid . ' AND id=' . $teamId; $testResults = mysql_fetch_array(mysql_query($query)); if($testResults['tally'] == 1){ // ok, the team belongs to the school that this session belongs to. We can // can go ahead and save the changes. - $success=so_team_delete($_SESSION['schoolid'],$teamId); + $success=so_team_delete($schoolid,$teamId); } if($success){ happy_("Team successfully deleted"); @@ -62,8 +65,9 @@ if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode'] && $conference['type'] function draw_page(){ global $conference; + global $schoolid; $title = i18n("Manage Teams"); - send_header($title, array("School Home" => "schoolaccess.php")); + send_header($title, array("Teacher" => "schoolaccess.php")); ?> '; - $teamList = mysql_query("SELECT * FROM so_teams WHERE schools_id = " . $_SESSION['schoolid'] . " AND conferences_id = " . $conference['id']); + echo '