arman/science-ation
1
1
Fork 0
forked from science-ation/science-ation
Code Pull Requests Activity
science-ation/admin/project_editor.php
patrick a6a46ec556 Refactor SQL queries
2025-02-09 17:24:37 +00:00

481 lines
17 KiB
PHP
Raw Blame History

<?
/*
* This file is part of the 'Science Fair In A Box' project
* SFIAB Website: http://www.sfiab.ca
*
* Copyright (C) 2005-2006 Sci-Tech Ontario Inc <info@scitechontario.org>
* Copyright (C) 2005-2006 James Grant <james@lightbox.org>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public
* License as published by the Free Software Foundation, version 2.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; see the file COPYING. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
* Boston, MA 02111-1307, USA.
*/
// This file was modified Jan of 2014 by Richard Sin
// Project type has been added and can be toggled by configuration.
// Feedback box also has been added for flagging purposes
?>
<?
require_once ('../common.inc.php');
require_once ('../user.inc.php');
require_once ('../register_participants.inc.php');
$auth_type = user_auth_required(array('fair', 'committee'), 'admin');
$registrations_id = intval($_GET['id']);
$action = $_GET['action'];
/* Extra restrictions for auth_type = fair */
if ($auth_type == 'fair') {
$fairs_id = $_SESSION['fairs_id'];
if ($registrations_id == -1 && ($action == 'registration_load' || $action == 'registration_save')) {
/* we can't check the project it hasn't been created. */
} else {
/* Make sure they have permission to laod this student, check
the master copy of the fairs_id in the project */
$q = $pdo->prepare("SELECT * FROM projects WHERE
registrations_id=?
AND year=?
AND fairs_id=?");
$q->execute([$registrations_id,$config['FAIRYEAR'],$fairs_id]);
if ($q->rowCount() != 1) {
echo 'permission denied.';
exit;
}
/* Ok, they have permission */
}
}
switch ($action) {
case 'project_load':
project_load();
break;
case 'project_regenerate_number':
/* Save first */
project_save();
/* Now generate */
$q = $pdo->prepare("SELECT id FROM projects WHERE registrations_id=? AND year=?");
$q->execute([$registrations_id,$config['FAIRYEAR']]);
$i = $q->fetch(PDO::FETCH_ASSOC);
$id = $i['id'];
$stmt = $pdo->prepare("UPDATE projects SET projectnumber=NULL,projectsort=NULL,
projectnumber_seq='0',projectsort_seq='0'
WHERE id=?");
$stmt->execute([$id]);
show_pdo_errors_if_any($pdo);
list($pn, $ps, $pns, $pss) = generateProjectNumber($registrations_id);
// print("Generated Project Number [$pn]");
$stmt = $pdo->prepare("UPDATE projects SET projectnumber=?,projectsort=?,
projectnumber_seq=?,projectsort_seq=?
WHERE id=?");
$stmt->execute([$pn,$ps,$pns,$pss,$id]);
happy_("Generated and Saved Project Number: $pn");
break;
case 'project_save':
project_save();
break;
default:
break;
}
exit;
function project_save()
{
global $registrations_id, $config, $pdo;
// first, lets make sure this project really does belong to them
$q = $pdo->prepare("SELECT * FROM projects WHERE registrations_id=? AND year=?");
$q->execute([$registrations_id,$config['FAIRYEAR']]);
$projectinfo = $q->fetch(PDO::FETCH_OBJ);
if (!projectinfo) {
echo error(i18n('Invalid project to update'));
}
$summarywords = preg_split('/[\s,]+/', $_POST['summary']);
$summarywordcount = count($summarywords);
if ($summarywordcount > $config['participant_project_summary_wordmax'])
$summarycountok = 0;
else
$summarycountok = 1;
// check if it is flagged then update it
if (empty($_POST['feedback'])) {
$stmt = $pdo->prepare('UPDATE projects SET '
. "flagged='0'"
. "WHERE id=?");
$stmt->execute([intval($_POST['id'])]);
} else {
$stmt = $pdo->prepare('UPDATE projects SET '
. "flagged='1'"
. "WHERE id=?");
$stmt->execute([intval($_POST['id'])]);
}
show_pdo_errors_if_any($pdo);
happy_('Flagging process successfully updated');
if ($config['participant_project_title_charmax'] && strlen(stripslashes($_POST['title'])) > $config['participant_project_title_charmax']) { // 0 for no limit, eg 255 database field limit
$title = substr(stripslashes($_POST['title']), 0, $config['participant_project_title_charmax']);
error_('Project title truncated to %1 characters', array($config['participant_project_title_charmax']));
} else
$title = stripslashes($_POST['title']);
$stmt = $pdo->prepare("UPDATE projects SET
title=?,
projectdivisions_id=?,
projecttype=?,
language=?,
req_table=?,
req_electricity=?,
req_special=?,
human_participants=?,
animal_participants=?,
summary=?,
summarycountok=?,
feedback=?,
projectsort=?
WHERE id=?");
$stmt->execute([
iconv('UTF-8', 'ISO-8859-1//TRANSLIT', $_POST['title']),
intval($_POST['projectdivisions_id']),
$_POST['projecttype'],
$_POST['language'],
$_POST['req_table'],
$_POST['req_electricity'],
$_POST['req_special'],
$_POST['human_participants'],
$_POST['animal_participants'],
iconv('UTF-8', 'ISO-8859-1//TRANSLIT', $_POST['summary']),
$_POST['summarycountok'],
iconv('UTF-8', 'ISO-8859-1//TRANSLIT', $_POST['feedback']),
$_POST['projectsort'],
intval($_POST['id'])
]);
show_pdo_errors_if_any($pdo);
happy_('Project information successfully updated');
// check if they changed the project number
if ($_POST['projectnumber'] != $projectinfo->projectnumber) {
// check if hte new one is available
$q = $pdo->prepare("SELECT * FROM projects WHERE year=?' AND projectnumber=?");
$q->execute([$config['FAIRYEAR'],$_POST['projectnumber']]);
if ($q->rowCount()) {
error_('Could not change project number. %1 is already in use', array($_POST['projectnumber']));
} else {
$stmt = $pdo->prepare("UPDATE projects SET
projectnumber=?
WHERE id=?");
$stmt->execute([$_POST['projectnumber'],$_POST['id']]);
happy_('Project number successfully changed to %1', array($_POST['projectnumber']));
}
}
}
function project_load()
{
global $registrations_id, $config, $pdo, $projectcategories_id;
// $projectcategories_id=null;
// now lets find out their MAX grade, so we can pre-set the Age Category
$q = $pdo->prepare("SELECT MAX(grade) AS maxgrade FROM students WHERE registrations_id=?");
$q->execute([$registrations_id]);
$gradeinfo = $q->fetch(PDO::FETCH_OBJ);
// now lets grab all the age categories, so we can choose one based on the max grade
$q = $pdo->prepare("SELECT * FROM projectcategories WHERE year=? ORDER BY id");
$q->execute([$config['FAIRYEAR']]);
while ($r = $q->fetch(PDO::FETCH_OBJ)) {
// save these in an array, just incase we need them later (FIXME: remove this array if we dont need it)
$agecategories[$r->id]['category'] = $r->category;
$agecategories[$r->id]['mingrade'] = $r->mingrade;
$agecategories[$r->id]['maxgrade'] = $r->maxgrade;
if ($gradeinfo->maxgrade >= $r->mingrade && $gradeinfo->maxgrade <= $r->maxgrade)
$projectcategories_id = $r->id;
}
// now select their project info
$q = $pdo->prepare("SELECT * FROM projects WHERE registrations_id=? AND year=?");
// check if it exists, if we didnt find any record, lets insert one
$q->execute([$registrations_id,$config['FAIRYEAR']]);
$projectinfo = $q->fetch(PDO::FETCH_OBJ);
if (!$projectinfo) {
$stmt = $pdo->prepare("INSERT INTO projects (registrations_id,projectcategories_id,year) VALUES (?,?,?)");
// and then pull it back out
$stmt->execute([$registrations_id,$projectcategories_id,$config['FAIRYEAR']]);
$q = $pdo->prepare("SELECT * FROM projects WHERE registrations_id=? AND year=?");
$q->execute([ $registrations_id,$config['FAIRYEAR']]);
$projectinfo = $q->fetch(PDO::FETCH_OBJ);
}
// make sure that if they changed their grade on the student page, we update their projectcategories_id accordingly
if ($projectcategories_id && $projectinfo->projectcategories_id != $projectcategories_id) {
echo notice(i18n('Age category changed, updating to %1', array($agecategories[$projectcategories_id]['category'])));
$stmt = $pdo->prepare("UPDATE projects SET projectcategories_id=? WHERE id=?");
$stmt->execute([$projectcategories_id,$projectinfo->id]);
}
// output the current status
?>
<script language="javascript" type="text/javascript">
function countwords()
{
var wordmax=<?= $config['participant_project_summary_wordmax']; ?>;
var summaryobj=document.getElementById('summary');
var wordcountobj=document.getElementById('wordcount');
var wordcountmessageobj=document.getElementById('wordcountmessage');
var wordarray=summaryobj.value.replace(/\s+/g," ").split(" ");
var wordcount=wordarray.length;
if(wordcount>wordmax)
wordcountmessageobj.className="incomplete";
else
wordcountmessageobj.className="complete";
wordcountobj.innerHTML=wordcount;
}
</script>
<?
if (!$projectinfo) {
echo error(i18n('Invalid project to edit'));
exit;
}
?>
<form id="project_form">
<input type="hidden" name="id" value="<?= $projectinfo->id ?>">
<table>
<tr> <td><?= i18n('Project Title') ?>: </td>
<td><input type="text" name="title" size="50" value="<?= htmlspecialchars($projectinfo->title, null, 'ISO8859-1') ?>" /><?= REQUIREDFIELD ?>
<?
if ($config['participant_project_title_charmax'])
echo i18n('(Max %1 characters)', array($config['participant_project_title_charmax']));
?>
</td>
</tr><tr>
<td><?= i18n('Project Number') ?>: </td>
<td><input type="text" name="projectnumber" size="10" value="<?= $projectinfo->projectnumber ?>" />
<input type="button" id="project_regenerate_number" value="<?= i18n('Re-Generate Project Number') ?>" />
</td>
</tr><tr>
<td><?= i18n('Project Sort') ?>: </td>
<td><input type="text" name="projectsort" size="10" value="<?= $projectinfo->projectsort ?>" /></td></tr>
<?
if ($config['project_type'] == 'yes') {
$q = $pdo->prepare('SELECT * FROM projecttypes ORDER BY type');
$q->execute();
echo '<tr><td>' . i18n('Project Type') . ': </td><td>';
echo "<select name=\"projecttype\">\n";
echo '<option value="">' . i18n('Select a project type') . "</option>\n";
// FIXME: need to fix the loading glitch
while ($r = $q->fetch(PDO::FETCH_OBJ)) {
if ($r->type == $projectinfo->projecttype) {
$sel = 'selected="selected"';
} else {
$sel = '';
}
echo "<option $sel value=\"$r->type\">" . htmlspecialchars(i18n($r->type), null, 'ISO8859-1') . "</option>\n";
}
echo '</select>' . REQUIREDFIELD . '</td></tr>';
}
?>
<tr>
<td><?= i18n('Age Category') ?>: </td>
<td><?= i18n(get_value_from_2d_array($agecategories, $projectcategories_id, 'category')) ?> (<?= i18n('Grades %1-%2', array($agecategories[$projectcategories_id]['mingrade'], $agecategories[$projectcategories_id]['maxgrade'])) ?>)</td>
</tr><tr>
<td><?= i18n('Division') ?>: </td>
<td>
<?
// ###### Feature Specific - filtering divisions by category
if ($config['filterdivisionbycategory'] == 'yes') {
$q = $pdo->prepare('SELECT projectdivisions.* FROM projectdivisions,projectcategoriesdivisions_link WHERE projectdivisions.id=projectdivisions_id AND projectcategories_id=? AND projectdivisions.year=? AND projectcategoriesdivisions_link.year=? ORDER BY division');
$q->execute([$projectcategories_id,$config['FAIRYEAR'],$config['FAIRYEAR']]);
show_pdo_errors_if_any($pdo);
// ###
} else
$q = $pdo->prepare("SELECT * FROM projectdivisions WHERE year=? ORDER BY division");
$q->execute([$config['FAIRYEAR']]);
echo '<select name="projectdivisions_id">';
echo '<option value="">' . i18n('Select a division') . "</option>\n";
while ($r = $q->fetch(PDO::FETCH_OBJ)) {
if ($r->id == $projectinfo->projectdivisions_id)
$sel = 'selected="selected"';
else
$sel = '';
echo "<option $sel value=\"$r->id\">" . htmlspecialchars(i18n($r->division), null, 'ISO8859-1') . "</option>\n";
}
echo '</select>' . REQUIREDFIELD;
if ($config['usedivisionselector'] == 'yes') {
?>
<script language="javascript" type="text/javascript">
function openDivSelWindow()
{
divselwin=window.open('register_participants_project_divisionselector.php','divsel','width=500,height=220,toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=no')
if(divselwin.opener==null) divselwin.opener=self;
return false;
}
</script>
<?
}
echo '<br />';
echo i18n('WARNING! If you change the division you must manually change the project number too! It will NOT be assigned a new number automatically');
echo '</td></tr>';
echo '<tr><td>' . i18n('Language') . ': </td><td>';
echo "<select name=\"language\">\n";
if ($projectinfo->language)
$currentlang = $projectinfo->language;
else
$currentlang = $_SESSION['lang'];
foreach ($config['languages'] AS $key => $val) {
if ($currentlang == $key)
$selected = 'selected="selected"';
else
$selected = '';
echo "<option $selected value=\"$key\">$val</option>";
}
echo '</select>' . REQUIREDFIELD;
echo '</td></tr>';
echo '<tr><td>' . i18n('Requirements') . ': </td><td>';
echo '<table>';
if ($config['participant_project_table'] == 'no') {
// if we arent asking them if they want a table or not, then we set it to 'yes' assuming everyone will get a table
echo ' <input type="hidden" name="req_table" value="yes" />';
} else {
echo '<tr>';
echo ' <td>' . i18n('Table') . REQUIREDFIELD . '</td>';
if ($projectinfo->req_table == 'yes')
$check = 'checked="checked"';
else
$check = '';
echo " <td><input $check type=\"radio\" name=\"req_table\" value=\"yes\" />Yes</td>";
echo ' <td width="20">&nbsp;</td>';
if ($projectinfo->req_table == 'no')
$check = 'checked="checked"';
else
$check = '';
echo " <td><input $check type=\"radio\" name=\"req_table\" value=\"no\" />No</td>";
echo '</tr>';
}
if ($config['participant_project_electricity'] == 'no') {
// if we arent asking them if they want electricity or not, then we set it to 'yes' assuming everyone will get electricity
echo ' <input type="hidden" name="req_electricity" value="yes" />';
} else {
echo '<tr>';
echo ' <td>' . i18n('Electricity') . REQUIREDFIELD . '</td>';
if ($projectinfo->req_electricity == 'yes')
$check = 'checked="checked"';
else
$check = '';
echo " <td><input $check type=\"radio\" name=\"req_electricity\" value=\"yes\" />Yes</td>";
echo ' <td width="20">&nbsp;</td>';
if ($projectinfo->req_electricity == 'no')
$check = 'checked="checked"';
else
$check = '';
echo " <td><input $check type=\"radio\" name=\"req_electricity\" value=\"no\" />No</td>";
echo '</tr>';
}
echo '<tr>';
echo ' <td>' . i18n('Special') . '</td>';
echo " <td colspan=\"3\"><input type=\"text\" name=\"req_special\" value=\"$projectinfo->req_special\" /></td>";
echo '</tr>';
echo '</table>';
if ($config['ethics_questions'] == 'yes')
// If we have set ethics questions to yes then ask the ethics questions!
{
echo '<tr><td>' . i18n('Ethics Questions') . ':</td><td>';
echo '<table>';
echo '<tr>';
echo ' <td>' . i18n('My project involves human participants') . REQUIREDFIELD . '</td>';
if ($projectinfo->human_participants == 'yes')
$check = 'checked="checked"';
else
$check = '';
echo " <td><input $check type=\"radio\" name=\"human_participants\" value=\"yes\" />Yes</td>";
echo ' <td width="20">&nbsp;</td>';
if ($projectinfo->human_participants == 'no')
$check = 'checked="checked"';
else
$check = '';
echo " <td><input $check type=\"radio\" name=\"human_participants\" value=\"no\" />No</td>";
echo '</tr>';
echo '<tr>';
echo ' <td>' . i18n('My project involves animals') . REQUIREDFIELD . '</td>';
if ($projectinfo->animal_participants == 'yes')
$check = 'checked="checked"';
else
$check = '';
echo " <td><input $check type=\"radio\" name=\"animal_participants\" value=\"yes\" />Yes</td>";
echo ' <td width="20">&nbsp;</td>';
if ($projectinfo->animal_participants == 'no')
$check = 'checked="checked"';
else
$check = '';
echo " <td><input $check type=\"radio\" name=\"animal_participants\" value=\"no\" />No</td>";
echo '</tr>';
echo '</table>';
}
echo '</td></tr>';
echo '<tr><td>' . i18n('Summary') . ': </td><td><textarea onchange=\'countwords()\' onkeypress=\'countwords()\' cols="60" rows="12" id="summary" name="summary">' . htmlspecialchars($projectinfo->summary, ENT_NOQUOTES, 'ISO8859-1') . '</textarea>' . REQUIREDFIELD . '<br />';
$summarywords = preg_split('/[\s,]+/', $projectinfo->summary);
$summarywordcount = count($summarywords);
if ($summarywordcount > $config['participant_project_summary_wordmax'])
echo '<div id="wordcountmessage" class="incomplete">';
else
echo '<div id="wordcountmessage" class="complete">';
echo "<span id=\"wordcount\">$summarywordcount</span>/";
echo i18n('%1 words maximum', array($config['participant_project_summary_wordmax']));
echo '</div>';
echo '<tr><td>' . i18n('Feedback') . ': </td><td><textarea cols="60" rows="4" id="feedback" name="feedback">' . htmlspecialchars($projectinfo->feedback, null, 'ISO8859-1') . '</textarea><br />';
?>
</td></tr>
</table>
<input type="button" id="project_save" value="<?= i18n('Save Project Information') ?>" />
</form>
<?
}
?>
View Git Blame Copy Permalink