arman/science-ation
1
1
Fork 0
forked from science-ation/science-ation
Code Pull Requests Activity

Turn student_editor.php into a set of ajax calls

Browse Source
This commit is contained in:
dave 2010-01-21 20:32:58 +00:00
parent b15ad9a7e0
commit bc9bfde34f
1 changed files with 142 additions and 142 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

284
admin/student_editor.php
View File

@ -22,174 +22,163 @@
*/
?>
<?
require("../common.inc.php");
require_once("../user.inc.php");
require_once('../common.inc.php');
require_once('../user.inc.php');
user_auth_required('committee', 'admin');
send_header("Student Editor",
array('Committee Main' => 'committee_main.php',
'Administration' => 'admin/index.php',
'Participant Registration' => 'admin/registration.php',
'Registration List and Statistics' => 'admin/registration_list.php')
);
echo "<br />";
if($_POST['registration_id']) $registration_id=$_POST['registration_id'];
else if($_GET['registration_id']) $registration_id=$_GET['registration_id'];
$registrations_id = intval($_GET['id']);
$action = $_GET['action'];
switch($action) {
case 'students_load':
students_load();
exit;
case 'students_save':
students_save();
exit;
case 'student_remove':
$remove_id = intval($_GET['students_id']);
$q=mysql_query("SELECT id FROM students WHERE id='$remove_id' AND registrations_id='$registrations_id'");
if(mysql_num_rows($q)!=1) {
error_("Invalid student to remove");
exit;
}
mysql_query("DELETE FROM students WHERE id='$remove_id' AND registrations_id='$registrations_id'");
//now see if they have an emergency contact that also needs to be removed
$q=mysql_query("SELECT id FROM emergencycontact WHERE students_id='$remove_id' AND registrations_id='$registrations_id' AND year='{$config['FAIRYEAR']}'");
//no need to error message if this doesnt exist
if(mysql_num_rows($q)==1)
mysql_query("DELETE FROM emergencycontact WHERE students_id='$remove_id' AND registrations_id='$registrations_id' AND year='{$config['FAIRYEAR']}'");
happy_("Student successfully removed");
exit;
default:
exit;
}
exit;
//now do any data saves
if($_POST['action']=="save")
function students_save()
{
// {
$x=1;
while($_POST["num"][$x])
{
if($_POST['id'][$x]==0)
{
//if they use schoolpassword or singlepassword, then we need to set the school based on the school stored in the registration record. for anything else they can school the school on their own.
if($config['participant_registration_type']=="schoolpassword" || $config['participant_registration_type']=="invite")
{
$q=mysql_query("SELECT schools_id FROM registrations WHERE id='".$registration_id."' AND YEAR='".$config['FAIRYEAR']."'");
$r=mysql_fetch_object($q);
$schools_id=$r->schools_id;
$schoolvalue="'$schools_id', ";
}
else
{
$schoolvalue="'".mysql_escape_string(stripslashes($_POST['schools_id'][$x]))."', ";
}
//INSERT new record
$dob=$_POST['year'][$x]."-".$_POST['month'][$x]."-".$_POST['day'][$x];
mysql_query("INSERT INTO students (registrations_id,firstname,lastname,sex,email,address,city,province,postalcode,phone,dateofbirth,grade,schools_id,tshirt,medicalalert,foodreq,teachername,teacheremail,year) VALUES (".
"'".$registration_id."', ".
"'".mysql_escape_string(stripslashes($_POST['firstname'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['lastname'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['sex'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['email'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['address'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['city'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['province'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['postalcode'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['phone'][$x]))."', ".
"'$dob', ".
"'".mysql_escape_string(stripslashes($_POST['grade'][$x]))."', ".
$schoolvalue.
"'".mysql_escape_string(stripslashes($_POST['tshirt'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['medicalalert'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['foodreq'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['teachername'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['teacheremail'][$x]))."', ".
"'".$config['FAIRYEAR']."')");
echo notice(i18n("%1 %2 successfully added",array($_POST['firstname'][$x],$_POST['lastname'][$x])));
global $registrations_id, $config;
$x=1;
happy_("here!");
while($_POST["num"][$x]) {
if($_POST['id'][$x]==0) {
//if they use schoolpassword or singlepassword, then we need to set the school based on the school stored in the registration record. for anything else they can school the school on their own.
if($config['participant_registration_type']=="schoolpassword" || $config['participant_registration_type']=="invite") {
$q=mysql_query("SELECT schools_id FROM registrations WHERE id='$registrations_id' AND YEAR='{$config['FAIRYEAR']}'");
$r=mysql_fetch_object($q);
$schools_id=$r->schools_id;
$schoolvalue="'$schools_id', ";
} else {
$schoolvalue="'".mysql_escape_string(stripslashes($_POST['schools_id'][$x]))."', ";
}
else
{
//INSERT new record
$dob=$_POST['year'][$x]."-".$_POST['month'][$x]."-".$_POST['day'][$x];
mysql_query("INSERT INTO students (registrations_id,firstname,lastname,sex,email,address,city,province,postalcode,phone,dateofbirth,grade,schools_id,tshirt,medicalalert,foodreq,teachername,teacheremail,year) VALUES (".
"'".$registrations_id."', ".
"'".mysql_escape_string(stripslashes($_POST['firstname'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['lastname'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['sex'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['email'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['address'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['city'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['province'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['postalcode'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['phone'][$x]))."', ".
"'$dob', ".
"'".mysql_escape_string(stripslashes($_POST['grade'][$x]))."', ".
$schoolvalue.
"'".mysql_escape_string(stripslashes($_POST['tshirt'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['medicalalert'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['foodreq'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['teachername'][$x]))."', ".
"'".mysql_escape_string(stripslashes($_POST['teacheremail'][$x]))."', ".
"'".$config['FAIRYEAR']."')");
//if they use schoolpassword or singlepassword, then we dont need to save teh schools_id because its already set when they inserted the record, and we dont allow them to change their school.
if(( $config['participant_registration_type']=="schoolpassword" || $config['participant_registration_type']=="invite") && !$_POST['schools_id'][$x])
{
$schoolquery="";
}
else if($_POST['schools_id'][$x]) {
$schoolquery="schools_id='".mysql_escape_string(stripslashes($_POST['schools_id'][$x]))."', ";
}
else
$schoolquery="";
happy_("%1 %2 successfully added",array($_POST['firstname'][$x],$_POST['lastname'][$x]));
} else {
//if they use schoolpassword or singlepassword, then we dont need to save teh schools_id because its already set when they inserted the record, and we dont allow them to change their school.
if(( $config['participant_registration_type']=="schoolpassword" || $config['participant_registration_type']=="invite") && !$_POST['schools_id'][$x]) {
$schoolquery="";
} else if($_POST['schools_id'][$x]) {
$schoolquery="schools_id='".mysql_escape_string(stripslashes($_POST['schools_id'][$x]))."', ";
} else
$schoolquery="";
//UPDATE existing record
$dob=$_POST['year'][$x]."-".$_POST['month'][$x]."-".$_POST['day'][$x];
mysql_query("UPDATE students SET ".
"firstname='".mysql_escape_string(stripslashes($_POST['firstname'][$x]))."', ".
"lastname='".mysql_escape_string(stripslashes($_POST['lastname'][$x]))."', ".
"sex='".mysql_escape_string(stripslashes($_POST['sex'][$x]))."', ".
"email='".mysql_escape_string(stripslashes($_POST['email'][$x]))."', ".
"address='".mysql_escape_string(stripslashes($_POST['address'][$x]))."', ".
"city='".mysql_escape_string(stripslashes($_POST['city'][$x]))."', ".
"province='".mysql_escape_string(stripslashes($_POST['province'][$x]))."', ".
"postalcode='".mysql_escape_string(stripslashes($_POST['postalcode'][$x]))."', ".
"phone='".mysql_escape_string(stripslashes($_POST['phone'][$x]))."', ".
"dateofbirth='$dob', ".
"grade='".mysql_escape_string(stripslashes($_POST['grade'][$x]))."', ".
$schoolquery.
"medicalalert='".mysql_escape_string(stripslashes($_POST['medicalalert'][$x]))."', ".
"foodreq='".mysql_escape_string(stripslashes($_POST['foodreq'][$x]))."', ".
"teachername='".mysql_escape_string(stripslashes($_POST['teachername'][$x]))."', ".
"teacheremail='".mysql_escape_string(stripslashes($_POST['teacheremail'][$x]))."', ".
"tshirt='".mysql_escape_string(stripslashes($_POST['tshirt'][$x]))."' ".
"WHERE id='".$_POST['id'][$x]."'");
echo notice(i18n("%1 %2 successfully updated",array($_POST['firstname'][$x],$_POST['lastname'][$x])));
}
$x++;
//UPDATE existing record
$dob=$_POST['year'][$x]."-".$_POST['month'][$x]."-".$_POST['day'][$x];
mysql_query("UPDATE students SET ".
"firstname='".mysql_escape_string(stripslashes($_POST['firstname'][$x]))."', ".
"lastname='".mysql_escape_string(stripslashes($_POST['lastname'][$x]))."', ".
"sex='".mysql_escape_string(stripslashes($_POST['sex'][$x]))."', ".
"email='".mysql_escape_string(stripslashes($_POST['email'][$x]))."', ".
"address='".mysql_escape_string(stripslashes($_POST['address'][$x]))."', ".
"city='".mysql_escape_string(stripslashes($_POST['city'][$x]))."', ".
"province='".mysql_escape_string(stripslashes($_POST['province'][$x]))."', ".
"postalcode='".mysql_escape_string(stripslashes($_POST['postalcode'][$x]))."', ".
"phone='".mysql_escape_string(stripslashes($_POST['phone'][$x]))."', ".
"dateofbirth='$dob', ".
"grade='".mysql_escape_string(stripslashes($_POST['grade'][$x]))."', ".
$schoolquery.
"medicalalert='".mysql_escape_string(stripslashes($_POST['medicalalert'][$x]))."', ".
"foodreq='".mysql_escape_string(stripslashes($_POST['foodreq'][$x]))."', ".
"teachername='".mysql_escape_string(stripslashes($_POST['teachername'][$x]))."', ".
"teacheremail='".mysql_escape_string(stripslashes($_POST['teacheremail'][$x]))."', ".
"tshirt='".mysql_escape_string(stripslashes($_POST['tshirt'][$x]))."' ".
"WHERE id='".$_POST['id'][$x]."'");
happy_("%1 %2 successfully updated",array($_POST['firstname'][$x],$_POST['lastname'][$x]));
}
// }
$x++;
}
}
if($_GET['action']=="removestudent")
function students_load()
{
// {
//first make sure this is one belonging to this registration id
$q=mysql_query("SELECT id FROM students WHERE id='".$_GET['removestudent']."' AND registrations_id='".$registration_id."'");
if(mysql_num_rows($q)==1)
{
mysql_query("DELETE FROM students WHERE id='".$_GET['removestudent']."' AND registrations_id='".$registration_id."'");
//now see if they have an emergency contact that also needs to be removed
$q=mysql_query("SELECT id FROM emergencycontact WHERE students_id='".$_GET['removestudent']."' AND registrations_id='".$registration_id."' AND year='".$config['FAIRYEAR']."'");
//no need to error message if this doesnt exist
if(mysql_num_rows($q)==1)
mysql_query("DELETE FROM emergencycontact WHERE students_id='".$_GET['removestudent']."' AND registrations_id='".$registration_id."' AND year='".$config['FAIRYEAR']."'");
echo notice(i18n("Student successfully removed"));
}
else
{
echo error(i18n("Invalid student to remove"));
}
// }
}
global $registrations_id;
global $config;
//now query and display
$q=mysql_query("SELECT * FROM students WHERE registrations_id='".$registration_id."' AND year='".$config['FAIRYEAR']."'");
$q=mysql_query("SELECT * FROM students WHERE registrations_id='".$registrations_id."' AND year='".$config['FAIRYEAR']."'");
echo mysql_error();
$numfound=mysql_num_rows($q);
if($_GET['numstudents'])
$numtoshow=$_GET['numstudents'];
else
$numtoshow=$numfound;
$numtoshow = intval($_GET['numstudents']);
if($numtoshow == 0) $numtoshow=$numfound;
echo "<form name=\"numstudentsform\" method=\"get\" action=\"student_editor.php\">";
echo "<input type=\"hidden\" name=\"registration_id\" value=\"$registration_id\">";
echo "<form>";
echo i18n("Number of students that worked on the project: ");
echo "<select name=\"numstudents\" onchange=\"document.forms.numstudentsform.submit()\">\n";
for($x=$config['minstudentsperproject'];$x<=$config['maxstudentsperproject'];$x++)
{
if($x<$numfound)
continue;
echo "<select id=\"students_num\">\n";
for($x=$config['minstudentsperproject'];$x<=$config['maxstudentsperproject'];$x++) {
/* Don't let them go back to fewer student by selection,
* force them to delete one */
if($x<$numfound) continue;
if($numtoshow==$x) $selected="selected=\"selected\""; else $selected="";
echo "<option $selected value=\"$x\">$x</option>\n";
$sel = ($numtoshow==$x) ? 'selected="selected"' : '';
echo "<option $sel value=\"$x\">$x</option>\n";
}
echo "</select>";
echo "</form>";
echo "<form name=\"studentdata\" method=\"post\" action=\"student_editor.php\">";
echo "<input type=\"hidden\" name=\"action\" value=\"save\" />";
echo "<input type=\"hidden\" name=\"registration_id\" value=\"$registration_id\">";
for($x=1;$x<=$numtoshow;$x++)
{
echo "<form id=\"students_form\" >";
for($x=1;$x<=$numtoshow;$x++) {
$studentinfo=mysql_fetch_object($q);
echo "<h3>".i18n("Student %1 Details",array($x))."</h3>";
//if we have a valid student, set their ID, so we can UPDATE when we submit
@ -361,7 +350,17 @@ if($config['participant_student_personal']=="yes")
if($numfound>$config['minstudentsperproject'] && $studentinfo->id)
{
echo "<div align=\"right\"><a onclick=\"return confirmClick('".i18n("Are you sure you want to remove this student from the project?")."');\" class=\"caution\" href=\"student_editor.php?registration_id=$registration_id&amp;action=removestudent&amp;removestudent=$studentinfo->id\">".i18n("Remove this student from project")."</a></div>";
/* Create a hidden with same id as the button and some extra, so we can find it inside
* the button even with: this.id"+_studebts_id" */
echo "<input type=\"hidden\" id=\"students_remove_{$studentinfo->id}_students_id\" name=\"students_remove[]\" value=\"{$studentinfo->id}\" />";
/* Define the button */
echo "<div align=\"right\"><button id=\"students_remove_{$studentinfo->id}\" class=\"students_remove_button\" >";
echo "<img style=\"vertical-align:middle\" src=\"".$config['SFIABDIRECTORY']."/images/16/button_cancel.".$config['icon_extension']."\" border=0>";
echo "&nbsp;&nbsp;".i18n("Remove this student from project");
echo "</button></div>";
echo "<br/><hr/>";
}
echo "<br />";
@ -370,9 +369,10 @@ if($config['participant_student_personal']=="yes")
echo "<br />";
echo i18n("WARNING! If you make a change to the grade that would affect the project number, you must update the project number manually, it will NOT be automatically updated");
echo "<br />";
echo "<input type=\"submit\" value=\"".i18n("Save Student Information")."\" />\n";
echo "<input type=\"button\" id=\"students_save\" value=\"".i18n("Save Student Information")."\" />\n";
echo "</form>";
echo "<br />";
}
send_footer();
?>