* Copyright (C) 2005 James Grant * Copyright (C) 2024 AlgoLibre Inc. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public * License as published by the Free Software Foundation, version 2. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; see the file COPYING. If not, write to * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 02111-1307, USA. */ ?> prepare("INSERT INTO schools (year) VALUES ('" . $config['FAIRYEAR'] . "')"); $q->execute(); $id = $pdo->lastInsertId(); } else $id = intval(get_value_from_array($_POST, 'id')); $atrisk = get_value_from_array($_POST, 'atrisk') == 'yes' ? 'yes' : 'no'; /* * "sciencehead='".mysql_escape_string(stripslashes($_POST['sciencehead']))."', ". * "scienceheadphone='".mysql_escape_string(stripslashes($_POST['scienceheadphone']))."', ". * "scienceheademail='".mysql_escape_string(stripslashes($_POST['scienceheademail']))."', ". * "principal='".mysql_escape_string(stripslashes($_POST['principal']))."', ". */ /* Get the uids for principal/science head */ $q = $pdo->prepare("SELECT principal_uid,sciencehead_uid FROM schools WHERE id='$id'"); $q->execute(); $i = $q->fetch(PDO::FETCH_ASSOC); $principal_update = ''; $sciencehead_update = ''; // list($first, $last) $split = explode(' ', get_value_from_array($_POST, 'principal') ?? '', 2); if (count($split) === 2) { list($first, $last) = $split; } else { $first = $split[0]; $last = ''; } /* * Load existing entry if it exists, else make an entry if * there is data, else, do nothing */ if (get_value_from_array($i, 'principal_uid') > 0) $pl = user_load_by_uid($i['principal_uid']); else if ($first != '' && $last != '') { $pl = user_create('principal', "*$first$last" . generatePassword()); $principal_update = "principal_uid='{$pl['uid']}',"; } else $pl = false; $em = get_value_from_array($_POST, 'principalemail'); /* * If we loaded or created an entry, either * update and save, or purge it */ if (is_array($pl)) { if ($first == '' && $last == '') { user_purge($pl, 'principal'); $principal_update = 'principal_uid=NULL,'; } else { $pl['firstname'] = $first; $pl['lastname'] = $last; $pl['email'] = $em; user_save($pl); } } /* Get info about science head */ // FIX ME $split = explode(' ', get_value_from_array($_POST, 'principal') ?? '', 2); if (count($split) === 2) { list($first, $last) = $split; } else { $first = $split[0]; $last = ''; } $em = get_value_from_array($_POST, 'scienceheademail'); if ($em == '' && ($first != '' || $last != '')) $em = "*$first$last" . generatePassword(); /* * Load existing record, or create new if there's something * to insert */ $sh = false; if ($i['sciencehead_uid'] > 0) { $sh = user_load_by_uid($i['sciencehead_uid']); /* * It's possile for sh to be false now, happens when the user is * deleted outside the school editor, this condition needs to be * fixed. If we let it go, the saving the teacher info will * silently fail. So let's just create a new teacher */ if (is_array($sh) && ($em != $sh['email'] || $em == '')) { /* * If the emails don't match we have no way of knowing if we're creating a different * user, or doing a correction, assume it's a different user */ user_purge($sh, 'teacher'); $sh = false; } } /* * If there was no teacher loaded, or if we just purged it, create a new one * if there's an email address */ if ($sh == false && $em != '') { $sh = user_create('teacher', $em); $sciencehead_update = "sciencehead_uid='{$sh['uid']}',"; } /* If we have a record update it */ if (is_array($sh)) { $sh['firstname'] = $first; $sh['lastname'] = $last; $sh['phonework'] = $_POST['scienceheadphone']; $sh['email'] = $em; $sh['username'] = $em; user_save($sh); } $exec = 'UPDATE schools SET ' . "school='" . get_value_from_array($_POST, 'school') . "', " . "schoollang='" . get_value_from_array($_POST, 'schoollang') . "', " . "designate='" . get_value_from_array($_POST, 'schooldesignate') . "', " . "schoollevel='" . get_value_from_array($_POST, 'schoollevel') . "', " . "school='" . get_value_from_array($_POST, 'school') . "', " . "board='" . get_value_from_array($_POST, 'board') . "', " . "district='" . get_value_from_array($_POST, 'district') . "', " . "address='" . get_value_from_array($_POST, 'address') . "', " . "city='" . get_value_from_array($_POST, 'city') . "', " . "province_code='" . get_value_from_array($_POST, 'province_code') . "', " . "postalcode='" . get_value_from_array($_POST, 'postalcode') . "', " . "schoolemail='" . get_value_from_array($_POST, 'schoolemail') . "', " . "phone='" . get_value_from_array($_POST, 'phone') . "', " . "fax='" . get_value_from_array($_POST, 'fax') . "', " . "registration_password='" . get_value_from_array($_POST, 'registration_password') . "', " . "projectlimit='" . get_value_from_array($_POST, 'projectlimit', 0) . "', " . "projectlimitper='" . get_value_from_array($_POST, 'projectlimitper', 'total') . "', " . "accesscode='" . get_value_from_array($_POST, 'accesscode') . "', " . $sciencehead_update . $principal_update . "atrisk='$atrisk' " . "WHERE id='$id'"; $stmt = $pdo->prepare($exec); $stmt->execute(); show_pdo_errors_if_any($pdo); if (get_value_from_array($_POST, 'save') == 'add') $notice = 'added'; else $notice = 'saved'; } if (get_value_from_array($_GET, 'action') == 'delete' && get_value_from_array($_GET, 'delete', '')) { $stmt = $pdo->prepare("DELETE FROM schools WHERE id='" . $_GET['delete'] . "'"); $stmt->execute(); $notice = 'deleted'; } if (get_value_from_array($_GET, 'action') == 'clearaccesscodes') { $stmt = $pdo->prepare("UPDATE schools SET accesscode='' WHERE year='{$config['FAIRYEAR']}'"); $stmt->execute(); $notice = 'clearaccess'; } if (get_value_from_array($_GET, 'action') == 'makeaccesscodes') { $q = $pdo->prepare("SELECT id FROM schools WHERE year='{$config['FAIRYEAR']}' AND (accesscode IS NULL OR accesscode='')"); $q->execute(); while ($r = $q->fetch(PDO::FETCH_OBJ)) { $ac = generatePassword(5); $stmt = $pdo->prepare("UPDATE schools SET accesscode='$ac' WHERE id='$r->id' AND year='{$config['FAIRYEAR']}'"); $stmt->execute(); } $notice = 'makeaccess'; } if (get_value_from_array($_GET, 'action') == 'edit' || get_value_from_array($_GET, 'action') == 'add') { send_header(get_value_from_array($_GET, 'action') == 'edit' ? 'Edit School' : 'Add New School', array('Committee Main' => 'committee_main.php', 'Administration' => 'admin/index.php', 'School Management' => 'admin/schools.php'), 'schools_management'); if (get_value_from_array($_GET, 'action') == 'edit') { $buttontext = 'Save School'; $q = $pdo->prepare("SELECT * FROM schools WHERE id='" . get_value_from_array($_GET, 'edit', '') . "'"); $q->execute(); $r = $q->fetch(PDO::FETCH_OBJ); } else if (get_value_from_array($_GET, 'action') == 'add') { $buttontext = 'Add School'; } $buttontext = i18n($buttontext); echo "

\n"; echo '\n"; if (get_value_from_array($_GET, 'action') == 'edit') echo '\n"; echo "\n"; echo '\n"; echo '\n"; echo '\n"; echo '\n"; echo '\n"; echo '\n"; echo '\n"; echo '\n"; echo '\n"; echo '\n"; echo '\n"; echo '\n"; if (get_value_property_or_default($r, 'principal_uid') > 0) $pl = user_load_by_uid(get_value_property_or_default($r, 'principal_uid')); else $pl = array(); /* Don't show autogenerated emails */ $e = get_value_from_array($pl, 'email', 0) == '*' ? '' : get_value_from_array($pl, 'email'); echo '\n"; echo '\n"; echo '\n"; echo '\n"; echo ''; if (get_value_property_or_default($r, 'sciencehead_uid', '') > 0) $sh = user_load_by_uid(get_value_property_or_default($r, 'sciencehead_uid', '')); else $sh = array(); /* Don't show autogenerated emails */ $e = get_value_from_2d_array($sh, 'email', 0, '') == '*' ? '' : get_value_from_2d_array($sh, 'email', ''); echo '\n"; echo '\n"; echo '\n"; if ($config['participant_registration_type'] == 'schoolpassword') { echo ''; echo '\n"; } echo ''; if ($config['participant_registration_type'] == 'invite') { echo ''; echo '\n"; } else { echo ''; } echo ''; $ch = get_value_property_or_default($r, 'atrisk', '') == 'yes' ? 'checked="checked"' : ''; echo "\n"; echo ''; echo "\n"; echo "

' . i18n('School Name') . '
' . i18n('School Language') . '	'; echo ''; echo '' . i18n('Choose') . "\n"; foreach ($config['languages'] AS $k => $l) { echo "" . i18n($l) . "\n"; } echo ''; echo "
' . i18n('School Designation') . '	'; $des = array('' => 'Choose', 'public' => 'Public', 'independent' => 'Independent/Private', 'home' => 'Home School'); echo ''; foreach ($des as $k => $v) { $sel = ($r->designate == $k) ? 'selected="selected"' : ''; echo "" . i18n($v) . "\n"; } echo "
' . i18n('School Level') . '
' . i18n('School Board') . '
' . i18n('School District') . '
' . i18n('Address') . '
' . i18n('City') . '
' . i18n($config['provincestate']) . '	'; emit_province_selector('province_code', get_value_property_or_default($r, 'province_code', '')); echo "
' . i18n($config['postalzip']) . '
' . i18n('Phone') . '
' . i18n('Fax') . '
' . i18n('Principal') . '
' . i18n('Principal Email') . '
' . i18n('School Email') . '
' . i18n('Access Code') . '
' . i18n('Science head/teacher or science fair contact at school') . '
' . i18n('Email') . '
' . i18n('Name') . '
' . i18n('Phone') . '
' . i18n('Participant Registration Password') . '
' . i18n('Password') . '
' . i18n('Participant Registration Limits') . '
' . i18n('Set to 0 to have no registration limit') . '
' . i18n('Maximum of') . ' '; echo ''; echo ' '; echo i18n('projects'); echo ' '; echo ''; if ($r->projectlimitper == 'total') $sel = 'selected="selected"'; else $sel = ''; echo "" . i18n('total') . "\n"; if ($r->projectlimitper == 'agecategory') $sel = 'selected="selected"'; else $sel = ''; echo "" . i18n('per age category') . "\n"; echo ''; echo "
' . i18n("Participant registration limits are currently disabled. In order to use participant registration limits for schools, the participant registration type must be set to 'invite' in Configuration / Configuration Variables") . '
' . i18n('Demographic Information') . '
	" . i18n('Inner City or At-Risk school') . "

\n"; echo "

\n"; } else { send_header('School Management', array('Committee Main' => 'committee_main.php', 'Administration' => 'admin/index.php'), 'schools_management'); global $notice; switch ($notice) { case 'added': echo happy('School successfully added'); break; case 'saved': echo happy('Successfully saved changes to school'); break; case 'deleted': echo happy('School successfully deleted'); break; case 'clearaccess': echo happy('Access Codes successfully cleared from all schools'); break; case 'makeaccess': echo happy("Access Codes successfully set for schools that didn't have one"); break; } echo '
'; echo '' . i18n('Add new school') . "\n"; echo '
'; echo '' . i18n('Import schools from CSV') . "\n"; echo '
'; echo '' . i18n('Create Access Code for any school without one') . "\n"; echo '
'; echo '' . i18n('Remove Access Codes from all schools') . "\n"; echo '
'; echo ''; echo ''; echo ' '; echo ' '; echo ' '; echo ' '; if ($config['participant_registration_type'] == 'schoolpassword') echo ' '; echo ' '; echo ' '; echo "\n"; $q = $pdo->prepare("SELECT * FROM schools WHERE year='" . $config['FAIRYEAR'] . "' ORDER BY school"); $q->execute(); while ($r = $q->fetch(PDO::FETCH_OBJ)) { echo "\n"; echo " \n"; echo " \n"; echo " \n"; $sciencehead = ''; if ($r->sciencehead_uid > 0) { $sh = user_load_by_uid($r->sciencehead_uid); $sciencehead = $sh['name']; } echo " \n"; if ($config['participant_registration_type'] == 'schoolpassword') echo " \n"; echo " \n"; echo ' \n"; echo "\n"; } echo "

' . i18n('School') . '	' . i18n('Address') . '	' . i18n('Phone') . '	' . i18n('Contact') . '	' . i18n('Reg Pass') . '	' . i18n('Access Code') . '	' . i18n('Action') . '
$r->school	$r->address, $r->city, $r->postalcode	$r->phone	$sciencehead	$r->registration_password	$r->accesscode	'; echo "id\">'; echo ' '; echo "id\">'; echo "

\n"; } send_footer(); ?>