forked from science-ation/science-ation
224 lines
6.4 KiB
PHP
224 lines
6.4 KiB
PHP
<?php
|
|
require_once('common.inc.php');
|
|
require_once('user.inc.php');
|
|
|
|
if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode'] && $conference['type'] == 'scienceolympics'){
|
|
|
|
if($_GET['action'] == 'new'){
|
|
$results = process_newRecord($_POST['firstName'], $_POST['lastName'], $_POST['email']);
|
|
if($results !== true){
|
|
echo "<script type=\"text/javascript\">var savedRecord = false;</script>";
|
|
error_($results);
|
|
}else{
|
|
echo "<script type=\"text/javascript\">var savedRecord = true;</script>";
|
|
}
|
|
}else if($_GET['action'] == 'delete'){
|
|
if(!delete_record($_POST['uid'])){
|
|
echo "<script type=\"text/javascript\">var deletedRecord = false;</script>";
|
|
error_("Unable to delete record");
|
|
}else{
|
|
echo "<script type=\"text/javascript\">var deletedRecord = true;</script>";
|
|
}
|
|
}else{
|
|
$title = i18n("Manage Students");
|
|
send_header($title, array("School Home" => "schoolaccess.php"));
|
|
draw_javascript();
|
|
draw_list();
|
|
send_footer();
|
|
}
|
|
}else{
|
|
header('Location: schoolaccess.php');
|
|
}
|
|
|
|
// create a new record with the given first name last name and e-mail address
|
|
// return true on success, error message on failure
|
|
function process_newRecord($firstName, $lastName, $email){
|
|
global $conference;
|
|
$firstName = trim($firstName);
|
|
$lastName = trim($lastName);
|
|
$email = strtolower(trim($email));
|
|
$uid = null;
|
|
|
|
// make sure we are actually given a first and last name
|
|
if(strlen($firstName) == 0 || strlen($lastName) == 0) return "First and last names are required fields";
|
|
if($email != null){
|
|
$user = user_load_by_email($email);
|
|
|
|
}else{
|
|
$user = false;
|
|
}
|
|
if($user != false){
|
|
// we're adding an existing user. First find out if they are in the school we have specified
|
|
return "e-mail address is already in use";
|
|
// $user['firstname'] = $firstName;
|
|
// $user['lastname'] = $lastName;
|
|
|
|
/*
|
|
$query = "INSERT INTO users_conferences_link(conferences_id, users_uid) VALUES(";
|
|
$query .= $conference['id'] . ', ' . $user['uid'];
|
|
$firstName = $user['firstname'];
|
|
$lastName = $user['lastname'];
|
|
*/
|
|
}else{
|
|
// we're creating a new user
|
|
if(strlen($email) != 0){
|
|
if(!isEmailAddress($email)){
|
|
// not a valid e-mail address
|
|
return "Invalid e-mail address";
|
|
}else{
|
|
// new e-mail address specified. That'll be the username
|
|
$username = $email;
|
|
}
|
|
}else{
|
|
// generate a user name
|
|
$nameBase = substr(strtolower($firstName), 0, 1) . strtolower($lastName);
|
|
$suffix = '';
|
|
do{
|
|
$q = mysql_fetch_array(mysql_query('SELECT COUNT(*) AS tally FROM users WHERE username="' . ($nameBase . $suffix) . '";'));
|
|
if($q['tally'] > 0){
|
|
if($suffix == '') $suffix = 1;
|
|
else $suffix++;
|
|
}
|
|
}while($q['tally'] > 0);
|
|
$username = $nameBase . $suffix;
|
|
|
|
}
|
|
// now that we have the username we want to use, let's create the user
|
|
$user = user_create('student', $username);
|
|
$user['firstname'] = $firstName;
|
|
$user['lastname'] = $lastName;
|
|
if($username == $email)
|
|
$user['email'] = $email;
|
|
$user['schools_id'] = $_SESSION['schoolid'];
|
|
user_save($user);
|
|
$uid = $user['uid'];
|
|
}
|
|
|
|
echo user_row($uid, $username, $firstName, $lastName, $email);
|
|
return true;
|
|
}
|
|
|
|
function user_row($uid, $username, $firstName, $lastName, $email){
|
|
$rval = "<tr id=\"$uid\">";
|
|
$rval .= "<td>$username</td>";
|
|
$rval .= "<td>$firstName</td>";
|
|
$rval .= "<td>$lastName</td>";
|
|
$rval .= "<td>$email</td>";
|
|
$rval .= '<td style="text-align:center"><img border="0" src="/sfiab/images/16/button_cancel.png" onclick="deleteRecord(' . $uid . ')"/></td>';
|
|
$rval .= "</tr>";
|
|
return $rval;
|
|
}
|
|
|
|
// delete the record for the specified user id. Returns true on succes, error message on failure
|
|
function delete_record($uid){
|
|
$user = user_load_by_uid($uid);
|
|
user_delete($user);
|
|
$user = user_load_by_uid($uid);
|
|
|
|
if($user['deleted'] != 'yes'){
|
|
return "Failed to delete user";
|
|
}
|
|
return true;
|
|
}
|
|
|
|
function draw_javascript(){
|
|
?>
|
|
<script type="text/javascript">
|
|
var awaiting_ajax = false; // used to prevent the same record from being submitted multiple times
|
|
|
|
function deleteRecord(uid){
|
|
var params;
|
|
if(awaiting_ajax) return false;
|
|
awaiting_ajax = true;
|
|
|
|
params = [{ 'name' : 'uid', 'value' : uid }];
|
|
|
|
$("#debug").load("schoolstudents.php?action=delete", params, function(response){
|
|
if(deletedRecord){
|
|
$('#' + uid).remove();
|
|
}
|
|
awaiting_ajax = false;
|
|
});
|
|
|
|
}
|
|
|
|
function addNewRecord(){
|
|
var params;
|
|
var firstName = $('#newFirstName').val();
|
|
var lastName = $('#newLastName').val();
|
|
var email = $('#newEmail').val();
|
|
|
|
if(firstName == '' || lastName == ''){
|
|
notice_create('error', '<?=i18n('First and last names are required fields'); ?>', 5000);
|
|
|
|
return false;
|
|
}
|
|
if(awaiting_ajax) return false;
|
|
awaiting_ajax = true;
|
|
|
|
params = [
|
|
{ 'name' : 'firstName', 'value': firstName },
|
|
{ 'name' : 'lastName', 'value': lastName },
|
|
{ 'name' : 'email', 'value': email }
|
|
];
|
|
|
|
$("#debug").load("schoolstudents.php?action=new", params, function(response){
|
|
if(savedRecord){
|
|
$('#studentList > tbody:last').append(response);
|
|
$('#newFirstName').select();
|
|
$('#newFirstName').attr({ value: '' });
|
|
$('#newLastName').attr({ value: '' });
|
|
$('#newEmail').attr({ value: '' });
|
|
}
|
|
awaiting_ajax = false;
|
|
});
|
|
|
|
}
|
|
</script>
|
|
<?php
|
|
}
|
|
|
|
// draw an editable list of all students for this school in the users_stunt table
|
|
function draw_list(){
|
|
global $conference;
|
|
?>
|
|
|
|
<table id="studentList" class="summarytable">
|
|
<thead>
|
|
<tr>
|
|
<th><?=i18n("Username");?></th>
|
|
<th><?=i18n("First Name");?></th>
|
|
<th><?=i18n("Last Name");?></th>
|
|
<th><?=i18n("Email Address");?></th>
|
|
<th></th>
|
|
</tr>
|
|
<tr>
|
|
<th><?=i18n("New:")?></th>
|
|
<th><input type="text" id="newFirstName"></input></th>
|
|
<th><input type="text" id="newLastName"></input></th>
|
|
<th><input type="text" id="newEmail"></input></th>
|
|
<th><button name="newRecord" onclick="addNewRecord()"><?=i18n("Add")?></button></th>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
<?php
|
|
$query = 'SELECT * FROM users_student';
|
|
$query .= ' JOIN users ON users_student.users_id = users.uid';
|
|
$query .= ' JOIN users_conferences_link ucl ON ucl.users_uid = users_student.users_id';
|
|
$query .= ' WHERE schools_id = ' . $_SESSION['schoolid'];
|
|
$query .= ' AND ucl.conferences_id=' . $conference['id'];
|
|
$data = mysql_query($query);
|
|
if($data){
|
|
while($row = mysql_fetch_array($data)){
|
|
$uid = $row['users_uid'];
|
|
echo user_row($uid, $row['username'], $row['firstname'], $row['lastname'], $row['email']);
|
|
}
|
|
}
|
|
|
|
?>
|
|
</tbody>
|
|
</table>
|
|
|
|
<?php
|
|
}
|