forked from science-ation/science-ation
141 lines
4.9 KiB
PHP
141 lines
4.9 KiB
PHP
<?
|
|
/*
|
|
This file is part of the 'Science Fair In A Box' project
|
|
SFIAB Website: http://www.sfiab.ca
|
|
|
|
Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
|
|
Copyright (C) 2005 James Grant <james@lightbox.org>
|
|
Copyright (C) 2007 David Grant <dave@lightbox.org>
|
|
|
|
This program is free software; you can redistribute it and/or
|
|
modify it under the terms of the GNU General Public
|
|
License as published by the Free Software Foundation, version 2.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program; see the file COPYING. If not, write to
|
|
the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
|
|
Boston, MA 02111-1307, USA.
|
|
*/
|
|
|
|
require_once('common.inc.php');
|
|
require_once('user.inc.php');
|
|
|
|
/* Ensure they're logged in as something, anything */
|
|
user_auth_required();
|
|
|
|
$edit_id = isset($_GET['users_id']) ? intval($_GET['users_id']) : $_SESSION['users_id'];
|
|
if($edit_id != $_SESSION['users_id'])
|
|
user_auth_required('admin');
|
|
else
|
|
user_auth_required();
|
|
|
|
$u = user_load($edit_id);
|
|
|
|
if(array_key_exists('action', $_POST)){
|
|
switch($_POST['action']){
|
|
case 'submit_code':
|
|
$code = mysql_real_escape_string($_POST['code']);
|
|
$school = mysql_real_escape_string($_POST['school']);
|
|
$query = "SELECT * FROM schools WHERE id = $school AND accesscode = '$code'";
|
|
$data = mysql_fetch_assoc(mysql_query($query));
|
|
if(is_array($data)){
|
|
$query = "UPDATE users SET schools_id = $school WHERE id = $edit_id";
|
|
if(mysql_query($query)){
|
|
// we successfully updated the school for this user. Now send the info back to papulate the page
|
|
$schoolData = mysql_fetch_assoc(mysql_query("SELECT school, address, city, province_code, postalcode, phone FROM schools WHERE id='$school'"));
|
|
echo "schoolInfo = '" . implode("<br/>", $schoolData) . "';";
|
|
}
|
|
}
|
|
break;
|
|
default:
|
|
// invalid action
|
|
break;
|
|
}
|
|
exit;
|
|
}
|
|
|
|
$translations = array(
|
|
'if_incorrect' => i18n("If this is incorrect, please select the correct school and enter its access code in the fields below."),
|
|
'incorrect' => i18n("That does not appear to be the correct access code. Please select the school and enter its access code in the fields below."),
|
|
'not_associated' => i18n("You are not currently associated with any school. Please select the school and enter its access code in the fields below.")
|
|
);
|
|
|
|
?>
|
|
<script type="text/javascript">
|
|
function submitSchoolCode(){
|
|
$.post('user_school.php',
|
|
{
|
|
'action' : 'submit_code',
|
|
'code' : $('#accessCode').val(),
|
|
'school' : $('#schoolId').val(),
|
|
'uid' : <?=$edit_id;?>
|
|
},
|
|
function(response){
|
|
var schoolInfo = null;
|
|
eval(response);
|
|
if(schoolInfo != null){
|
|
$('#infobox').html(schoolInfo);
|
|
$('#instructions').html("<?=$translations['if_incorrect'];?>");
|
|
}else{
|
|
$('#instructions').html("<?=$translations['incorrect'];?>");
|
|
}
|
|
|
|
}
|
|
);
|
|
}
|
|
</script>
|
|
<?php
|
|
|
|
// draw the info area
|
|
echo "<h4>" . i18n("School Information") . "</h4>";
|
|
$currentSchool = $u['schools_id'];
|
|
if($currentSchool != null){
|
|
echo i18n("You are currently listed as a member of") . "<br/>";
|
|
echo '<div id="infobox" style="margin:10px;padding:5px;border:solid;border-width:1px;font-weight:bold">';
|
|
$schoolData = mysql_fetch_assoc(mysql_query("SELECT school, address, city, province_code, postalcode, phone FROM schools WHERE id='$currentSchool'"));
|
|
echo implode('<br/>', $schoolData);
|
|
echo '</div>';
|
|
echo '<p id="instructions">' . $translations['if_incorrect'] . "</p>";
|
|
}else{
|
|
echo '<div id="infobox" style="margin:10px;padding:5px;border:solid;border-width:1px;font-weight:bold"></div>';
|
|
echo '<p id="instructions">' . $translations['not_associated'] . "</p>";
|
|
}
|
|
|
|
// draw the form elements for changing the school
|
|
echo "<table><tr><td>";
|
|
echo "<strong>" . i18n("School") . ": </strong>";
|
|
echo "</td><td>";
|
|
|
|
// build a select box for them to pick out a school
|
|
echo '<select id="schoolId">';
|
|
$query = "SELECT MAX(id) AS id,school,city FROM schools GROUP BY school, city";
|
|
$q = mysql_query($query);
|
|
$prev="somethingthatdoesnotexist";
|
|
while($r=mysql_fetch_object($q)){
|
|
if($r->school == $schoolData['school']){
|
|
$selected = "SELECTED";
|
|
}else{
|
|
$selected = "";
|
|
}
|
|
if($r->school==$prev)
|
|
echo "<option $selected value=\"$r->id\">$r->school ($r->city)</option>\n";
|
|
else
|
|
echo "<option $selected value=\"$r->id\">$r->school</option>\n";
|
|
$prev=$r->school;
|
|
}
|
|
echo "</select>";
|
|
echo "</td></tr><tr><td>";
|
|
|
|
// and the rest of the form...
|
|
echo "<strong>" . i18n("Access Code") . ": </strong>";
|
|
echo "</td><td>";
|
|
echo '<input type="text" id="accessCode"></input><br/>';
|
|
echo "</td></tr><tr><td colspan = 2>";
|
|
echo '<button onClick = "submitSchoolCode()">' . i18n("Submit") . '</button>';
|
|
echo "</td></tr></table>";
|