<? /* * This file is part of the 'Science Fair In A Box' project * SFIAB Website: http://www.sfiab.ca * * Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org> * Copyright (C) 2005 James Grant <james@lightbox.org> * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public * License as published by the Free Software Foundation, version 2. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; see the file COPYING. If not, write to * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 02111-1307, USA. */ ?> <? require ('../common.inc.php'); require_once ('../user.inc.php'); user_auth_required('committee', 'config'); send_header('Safety Questions', array('Committee Main' => 'committee_main.php', 'Science-ation Configuration' => 'config/index.php'), 'project_safety_questions'); if (get_value_from_array($_POST, 'action') == 'save' && get_value_from_array($_POST, 'save')) { if ($_POST['question']) { if (!preg_match('/^[0-9]*$/', $_POST['ord'])) echo notice(i18n('Defaulting non-numeric order value %1 to 0', array($_POST['ord']))); $stmt = $pdo->prepare("UPDATE safetyquestions SET question=?, `type`=?, `required`=?, ord=? WHERE id=? AND year=?"); $stmt->execute([stripslashes($_POST['question']),stripslashes($_POST['type']),stripslashes($_POST['required']), stripslashes($_POST['ord']),$_POST['save'],$config['FAIRYEAR']]); show_pdo_errors_if_any($pdo); echo happy(i18n('Safety question successfully saved')); } else echo error(i18n('Question is required')); } if (get_value_from_array($_POST, 'action') == 'new') { if ($_POST['ord'] == ''){ $_POST['ord'] = 0; } if ($_POST['question']) { $stmt = $pdo->prepare("INSERT INTO safetyquestions (question,type,required,ord,year) VALUES ( ?, ?, ?, ?, ? )"); $stmt->execute([stripslashes($_POST['question']),stripslashes($_POST['type']),stripslashes($_POST['required']), stripslashes($_POST['ord']),$config['FAIRYEAR'] ]); show_pdo_errors_if_any($pdo); echo happy(i18n('Safety question successfully added')); } else echo error(i18n('Question is required')); } if (get_value_from_array($_GET, 'action') == 'remove' && get_value_from_array($_GET, 'remove')) { $stmt = $pdo->prepare("DELETE FROM safetyquestions WHERE id=? AND year=?"); $stmt->execute([$_GET['remove'],$config['FAIRYEAR']]); echo happy(i18n('Safety question successfully removed')); } if ((get_value_from_array($_GET, 'action') == 'edit' && get_value_from_array($_GET, 'edit')) || get_value_from_array($_GET, 'action') == 'new') { $showform = true; echo '<form method="post" action="safetyquestions.php">'; if ($_GET['action'] == 'new') { $buttontext = 'Add safety question'; echo "<input type=\"hidden\" name=\"action\" value=\"new\">\n"; $r = null; } else if ($_GET['action'] == 'edit') { $buttontext = 'Save safety question'; echo "<input type=\"hidden\" name=\"action\" value=\"save\">\n"; $q = $pdo->prepare("SELECT * FROM safetyquestions WHERE id=? AND year=?"); $q->execute([$_GET['edit'],$config['FAIRYEAR'] ]); echo '<input type="hidden" name="save" value="' . $_GET['edit'] . "\">\n"; if (!$r = $q->fetch(PDO::FETCH_OBJ)) { $showform = false; echo error(i18n('Invalid safety question')); } } if ($showform) { echo '<table class="summarytable">'; echo '<tr><td>' . i18n('Question') . '</td><td>'; echo '<input size="60" type="text" name="question" value="' . htmlspecialchars($r->question) . "\">\n"; echo '</td></tr>'; echo '<tr><td>' . i18n('Type') . '</td><td>'; echo '<select name="type">'; if ($r->type == 'check') $sel = 'selected="selected"'; else $sel = ''; echo "<option $sel value=\"check\">" . i18n('Check box') . "</option>\n"; if ($r->type == 'yesno') $sel = 'selected="selected"'; else $sel = ''; echo "<option $sel value=\"yesno\">" . i18n('Yes/No') . "</option>\n"; echo '</select>'; echo '</td>'; echo '<tr><td>' . i18n('Required?') . '</td><td>'; echo '<select name="required">'; if ($r->required == 'yes') $sel = 'selected="selected"'; else $sel = ''; echo "<option $sel value=\"yes\">" . i18n('Yes') . "</option>\n"; if ($r->required == 'no') $sel = 'selected="selected"'; else $sel = ''; echo "<option $sel value=\"no\">" . i18n('No') . "</option>\n"; echo '</select>'; echo '</td>'; echo '<tr><td>' . i18n('Display Order') . '</td><td>'; echo '<input size="5" type="text" name="ord" value="' . htmlspecialchars($r->ord) . "\">\n"; echo '</td></tr>'; echo '<tr><td colspan="2" align="center">'; echo '<input type="submit" value="' . i18n($buttontext) . "\" />\n"; echo '</td></tr>'; echo '</table>'; echo '</form>'; echo '<br />'; echo '<hr />'; } else { } } echo '<br />'; echo '<a href="safetyquestions.php?action=new">' . i18n('Add new safety question') . '</a>'; echo '<table class="summarytable">'; $q = $pdo->prepare("SELECT * FROM safetyquestions WHERE year=? ORDER BY ord"); $q->execute([$config['FAIRYEAR']]); echo '<tr><th>' . i18n('Ord') . '</th><th>' . i18n('Question') . '</th><th>' . i18n('Type') . '</th><th>' . i18n('Required') . '</th><th>' . i18n('Actions') . '</th></tr>'; while ($r = $q->fetch(PDO::FETCH_OBJ)) { echo '<tr>'; echo "<td>$r->ord</td>"; echo "<td>$r->question</td>"; echo "<td align=\"center\">$r->type</td>"; echo "<td align=\"center\">$r->required</td>"; echo '<td align="center">'; echo '<a title="Edit" href="' . $_SERVER['PHP_SELF'] . "?action=edit&edit=$r->id\"><img src=\"" . $config['SFIABDIRECTORY'] . '/images/16/edit.' . $config['icon_extension'] . '" border=0></a>'; echo ' '; echo '<a title="Remove" onClick="return confirmClick(\'' . i18n('Are you sure you want to remove this safety question?') . '\');" href="' . $_SERVER['PHP_SELF'] . "?action=remove&remove=$r->id\"><img src=\"" . $config['SFIABDIRECTORY'] . '/images/16/button_cancel.' . $config['icon_extension'] . '" border=0></a>'; echo '</td>'; echo '</tr>'; } echo '</table>'; send_footer(); ?>