<?php
require_once('common.inc.php');
require_once('user.inc.php');
if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode'] && $conference['type'] == 'scienceolympics'){
if($_GET['action'] == 'new'){
$results = process_newRecord($_POST['firstName'], $_POST['lastName'], $_POST['email']);
if($results !== true){
echo "<script type=\"text/javascript\">var savedRecord = false;</script>";
error_($results);
}else{
echo "<script type=\"text/javascript\">var savedRecord = true;</script>";
}
}else if($_GET['action'] == 'delete'){
if(!delete_record($_POST['uid'])){
echo "<script type=\"text/javascript\">var deletedRecord = false;</script>";
error_("Unable to delete record");
}else{
echo "<script type=\"text/javascript\">var deletedRecord = true;</script>";
}
}else{
$title = i18n("Manage Students");
send_header($title, array("School Home" => "schoolaccess.php"));
draw_javascript();
draw_list();
send_footer();
}
}else{
header('Location: schoolaccess.php');
}
// create a new record with the given first name last name and e-mail address
// return true on success, error message on failure
function process_newRecord($firstName, $lastName, $email){
global $conference;
$firstName = trim($firstName);
$lastName = trim($lastName);
$email = strtolower(trim($email));
$uid = null;
// make sure we are actually given a first and last name
if(strlen($firstName) == 0 || strlen($lastName) == 0) return "First and last names are required fields";
if($email != null){
$user = user_load_by_email($email);
}else{
$user = false;
}
if($user != false){
// we're adding an existing user. First find out if they are in the school we have specified
return "e-mail address is already in use";
// $user['firstname'] = $firstName;
// $user['lastname'] = $lastName;
/*
$query = "INSERT INTO users_conferences_link(conferences_id, users_uid) VALUES(";
$query .= $conference['id'] . ', ' . $user['uid'];
$firstName = $user['firstname'];
$lastName = $user['lastname'];
*/
}else{
// we're creating a new user
if(strlen($email) != 0){
if(!isEmailAddress($email)){
// not a valid e-mail address
return "Invalid e-mail address";
}else{
// new e-mail address specified. That'll be the username
$username = $email;
}
}else{
// generate a user name
$nameBase = substr(strtolower($firstName), 0, 1) . strtolower($lastName);
$suffix = '';
do{
$q = mysql_fetch_array(mysql_query('SELECT COUNT(*) AS tally FROM users WHERE username="' . ($nameBase . $suffix) . '";'));
if($q['tally'] > 0){
if($suffix == '') $suffix = 1;
else $suffix++;
}
}while($q['tally'] > 0);
$username = $nameBase . $suffix;
}
// now that we have the username we want to use, let's create the user
$user = user_create('student', $username);
$user['firstname'] = $firstName;
$user['lastname'] = $lastName;
if($username == $email)
$user['email'] = $email;
$user['schools_id'] = $_SESSION['schoolid'];
user_save($user);
$uid = $user['uid'];
}
echo user_row($uid, $username, $firstName, $lastName, $email);
return true;
}
function user_row($uid, $username, $firstName, $lastName, $email){
$rval = "<tr id=\"$uid\">";
$rval .= "<td>$username</td>";
$rval .= "<td>$firstName</td>";
$rval .= "<td>$lastName</td>";
$rval .= "<td>$email</td>";
$rval .= '<td style="text-align:center"><img border="0" src="/sfiab/images/16/button_cancel.png" onclick="deleteRecord(' . $uid . ')"/></td>';
$rval .= "</tr>";
return $rval;
}
// delete the record for the specified user id. Returns true on succes, error message on failure
function delete_record($uid){
$user = user_load_by_uid($uid);
user_delete($user);
$user = user_load_by_uid($uid);
if($user['deleted'] != 'yes'){
return "Failed to delete user";
}
return true;
}
function draw_javascript(){
?>
<script type="text/javascript">
var awaiting_ajax = false; // used to prevent the same record from being submitted multiple times
function deleteRecord(uid){
var params;
if(awaiting_ajax) return false;
awaiting_ajax = true;
params = [{ 'name' : 'uid', 'value' : uid }];
$("#debug").load("schoolstudents.php?action=delete", params, function(response){
if(deletedRecord){
$('#' + uid).remove();
}
awaiting_ajax = false;
});
}
function addNewRecord(){
var params;
var firstName = $('#newFirstName').val();
var lastName = $('#newLastName').val();
var email = $('#newEmail').val();
if(firstName == '' || lastName == ''){
notice_create('error', '<?=i18n('First and last names are required fields'); ?>', 5000);
return false;
}
if(awaiting_ajax) return false;
awaiting_ajax = true;
params = [
{ 'name' : 'firstName', 'value': firstName },
{ 'name' : 'lastName', 'value': lastName },
{ 'name' : 'email', 'value': email }
];
$("#debug").load("schoolstudents.php?action=new", params, function(response){
if(savedRecord){
$('#studentList > tbody:last').append(response);
$('#newFirstName').select();
$('#newFirstName').attr({ value: '' });
$('#newLastName').attr({ value: '' });
$('#newEmail').attr({ value: '' });
}
awaiting_ajax = false;
});
}
</script>
<?php
}
// draw an editable list of all students for this school in the users_stunt table
function draw_list(){
global $conference;
?>
<table id="studentList" class="summarytable">
<thead>
<tr>
<th><?=i18n("Username");?></th>
<th><?=i18n("First Name");?></th>
<th><?=i18n("Last Name");?></th>
<th><?=i18n("Email Address");?></th>
<th></th>
</tr>
<tr>
<th><?=i18n("New:")?></th>
<th><input type="text" id="newFirstName"></input></th>
<th><input type="text" id="newLastName"></input></th>
<th><input type="text" id="newEmail"></input></th>
<th><button name="newRecord" onclick="addNewRecord()"><?=i18n("Add")?></button></th>
</tr>
</thead>
<tbody>
<?php
$query = 'SELECT * FROM users_student';
$query .= ' JOIN users ON users_student.users_id = users.uid';
$query .= ' JOIN users_conferences_link ucl ON ucl.users_uid = users_student.users_id';
$query .= ' WHERE schools_id = ' . $_SESSION['schoolid'];
$query .= ' AND ucl.conferences_id=' . $conference['id'];
$data = mysql_query($query);
if($data){
while($row = mysql_fetch_array($data)){
$uid = $row['users_uid'];
echo user_row($uid, $row['username'], $row['firstname'], $row['lastname'], $row['email']);
}
}
?>
</tbody>
</table>
<?php
}