forked from science-ation/science-ation
300 lines
8.5 KiB
PHP
300 lines
8.5 KiB
PHP
<?php
|
|
require_once('common.inc.php');
|
|
require_once('user.inc.php');
|
|
|
|
if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode'] && $conference['type'] == 'scienceolympics'){
|
|
|
|
switch($_GET['action']){
|
|
case 'new':
|
|
$results = process_newRecord($_POST['firstName'], $_POST['lastName'], $_POST['email']);
|
|
if($results !== true){
|
|
echo "<script type=\"text/javascript\">var success = false;</script>";
|
|
error_($results);
|
|
}else{
|
|
echo "<script type=\"text/javascript\">var success = true;</script>";
|
|
}
|
|
break;
|
|
|
|
case 'update':
|
|
$results = alter_record($_POST['recordId'], $_POST['firstName'], $_POST['lastName'], $_POST['email']);
|
|
if($results !== true){
|
|
echo "<script type=\"text/javascript\">var success = false;</script>";
|
|
error_($results);
|
|
}else{
|
|
echo "<script type=\"text/javascript\">var success = true;</script>";
|
|
}
|
|
break;
|
|
|
|
case 'delete':
|
|
if(!delete_record($_POST['uid'])){
|
|
echo "<script type=\"text/javascript\">var success = false;</script>";
|
|
error_("Unable to delete record");
|
|
}else{
|
|
echo "<script type=\"text/javascript\">var success = true;</script>";
|
|
}
|
|
break;
|
|
|
|
default:
|
|
$title = i18n("Manage Students");
|
|
send_header($title, array("School Home" => "schoolaccess.php"));
|
|
draw_javascript();
|
|
draw_list();
|
|
send_footer();
|
|
}
|
|
}else{
|
|
header('Location: schoolaccess.php');
|
|
}
|
|
|
|
// alter an existing user record. returns true on success, error message on failure
|
|
function alter_record($uid, $firstName, $lastName, $email){
|
|
global $conference;
|
|
$returnval = true;
|
|
$firstName = trim($firstName);
|
|
$lastName = trim($lastName);
|
|
$email = strtolower(trim($email));
|
|
$user = user_load(null, $uid);
|
|
if($user){
|
|
$user['firstname'] = $firstName;
|
|
$user['lastname'] = $lastName;
|
|
$user['email'] = $email;
|
|
user_save($user);
|
|
echo user_row($uid, $user['username'], $firstName, $lastName, $email);
|
|
}else{
|
|
$returnval = "User not found";
|
|
}
|
|
return $returnval;
|
|
}
|
|
|
|
// create a new record with the given first name last name and e-mail address
|
|
// return true on success, error message on failure
|
|
function process_newRecord($firstName, $lastName, $email){
|
|
global $conference;
|
|
$firstName = trim($firstName);
|
|
$lastName = trim($lastName);
|
|
$email = strtolower(trim($email));
|
|
$uid = null;
|
|
|
|
// make sure we are actually given a first and last name
|
|
if(strlen($firstName) == 0 || strlen($lastName) == 0){
|
|
return "First and last names are required fields";
|
|
}
|
|
|
|
// if they have an e-mail address, make sure it's not already in use
|
|
if($email != null){
|
|
$user = user_load_by_email($email);
|
|
}else{
|
|
$user = false;
|
|
}
|
|
if($user != false){
|
|
return "e-mail address is already in use";
|
|
}else{
|
|
// we're creating a new user
|
|
if(strlen($email) != 0){
|
|
if(!isEmailAddress($email)){
|
|
// not a valid e-mail address
|
|
return "Invalid e-mail address";
|
|
}else{
|
|
// new e-mail address specified. That'll be the username
|
|
$username = $email;
|
|
}
|
|
}else{
|
|
// generate a user name
|
|
$nameBase = substr(strtolower($firstName), 0, 1) . strtolower($lastName);
|
|
$suffix = '';
|
|
do{
|
|
$q = mysql_fetch_array(mysql_query('SELECT COUNT(*) AS tally FROM users WHERE username="' . ($nameBase . $suffix) . '";'));
|
|
if($q['tally'] > 0){
|
|
if($suffix == '') $suffix = 1;
|
|
else $suffix++;
|
|
}
|
|
}while($q['tally'] > 0);
|
|
$username = $nameBase . $suffix;
|
|
|
|
}
|
|
// now that we have the username we want to use, let's create the user
|
|
$user = user_create('student', $username);
|
|
$user['firstname'] = $firstName;
|
|
$user['lastname'] = $lastName;
|
|
$user['active'] = 'yes';
|
|
$user['complete'] = 'yes';
|
|
if($username == $email)
|
|
$user['email'] = $email;
|
|
$user['schools_id'] = $_SESSION['schoolid'];
|
|
user_save($user);
|
|
}
|
|
|
|
$uid = $user['uid'];
|
|
echo user_row($uid, $username, $firstName, $lastName, $email);
|
|
return true;
|
|
}
|
|
|
|
// generate the table row for thisa given record
|
|
function user_row($uid, $username, $firstName, $lastName, $email){
|
|
$rval = "<tr id=\"$uid\">";
|
|
$rval .= "<td onclick=\"populate($uid);\"";
|
|
$rval .= " onmouseover=\"document.body.style.cursor='pointer';\"";
|
|
$rval .= " onmouseout=\"document.body.style.cursor='auto';\"";
|
|
$rval .= ">$username</td>";
|
|
|
|
$rval .= "<td>$firstName</td>";
|
|
$rval .= "<td>$lastName</td>";
|
|
$rval .= "<td>$email</td>";
|
|
$rval .= '<td style="text-align:center"><img border="0" src="/sfiab/images/16/button_cancel.png" onclick="deleteRecord(' . $uid . ')"/></td>';
|
|
$rval .= "</tr>";
|
|
return $rval;
|
|
}
|
|
|
|
// delete the record for the specified user id. Returns true on succes, error message on failure
|
|
function delete_record($uid){
|
|
$user = user_load_by_uid($uid);
|
|
user_delete($user);
|
|
$user = user_load_by_uid($uid);
|
|
|
|
if($user['deleted'] != 'yes'){
|
|
return "Failed to delete user";
|
|
}
|
|
return true;
|
|
}
|
|
|
|
function draw_javascript(){
|
|
?>
|
|
<script type="text/javascript">
|
|
var awaiting_ajax = false; // used to prevent the same record from being submitted multiple times
|
|
|
|
// populate the edit fields with this user's info
|
|
function populate(uid){
|
|
// extract the user's info from our table
|
|
var n = 0;
|
|
$('#' + uid + ' > td').each(function() {
|
|
switch(n){
|
|
case 1: $('#newFirstName').attr({value:this.innerHTML}); break;
|
|
case 2: $('#newLastName').attr({value:this.innerHTML}); break;
|
|
case 3: $('#newEmail').attr({value:this.innerHTML}); break;
|
|
}
|
|
n++;
|
|
});
|
|
$('#existingRecordId').attr({value:uid});
|
|
}
|
|
|
|
function clearFields(){
|
|
$('#newFirstName').select();
|
|
$('#existingRecordId').attr({ value: -1 });
|
|
$('#newFirstName').attr({ value: '' });
|
|
$('#newLastName').attr({ value: '' });
|
|
$('#newEmail').attr({ value: '' });
|
|
}
|
|
|
|
function deleteRecord(uid){
|
|
var params;
|
|
if(awaiting_ajax) return false;
|
|
awaiting_ajax = true;
|
|
|
|
params = [{ 'name' : 'uid', 'value' : uid }];
|
|
|
|
$("#debug").load("schoolstudents.php?action=delete", params, function(response){
|
|
if(success){
|
|
$('#' + uid).remove();
|
|
}
|
|
awaiting_ajax = false;
|
|
});
|
|
|
|
}
|
|
|
|
function saveRecord(){
|
|
var params;
|
|
var firstName = $('#newFirstName').val();
|
|
var lastName = $('#newLastName').val();
|
|
var email = $('#newEmail').val();
|
|
var recordId = $('#existingRecordId').val();
|
|
|
|
if(firstName == '' || lastName == ''){
|
|
notice_create('error', '<?=i18n('First and last names are required fields'); ?>', 5000);
|
|
|
|
return false;
|
|
}
|
|
|
|
// don't allow multiple submits
|
|
if(awaiting_ajax) return false;
|
|
awaiting_ajax = true;
|
|
|
|
params = [
|
|
{ 'name' : 'recordId', 'value' : recordId },
|
|
{ 'name' : 'firstName', 'value' : firstName },
|
|
{ 'name' : 'lastName', 'value' : lastName },
|
|
{ 'name' : 'email', 'value' : email }
|
|
];
|
|
|
|
if(recordId != -1){
|
|
$("#debug").load("schoolstudents.php?action=update", params, function(response){
|
|
if(success){
|
|
$('#' + recordId).remove();
|
|
$('#studentList > tbody:last').append(response);
|
|
clearFields();
|
|
}
|
|
awaiting_ajax = false;
|
|
});
|
|
}else{
|
|
$("#debug").load("schoolstudents.php?action=new", params, function(response){
|
|
if(success){
|
|
$('#studentList > tbody:last').append(response);
|
|
clearFields();
|
|
}
|
|
awaiting_ajax = false;
|
|
});
|
|
}
|
|
}
|
|
</script>
|
|
<?php
|
|
}
|
|
|
|
// draw an editable list of all students for this school in the users_stunt table
|
|
function draw_list(){
|
|
global $conference;
|
|
?>
|
|
|
|
<table id="studentList" class="summarytable">
|
|
<thead>
|
|
<tr>
|
|
<th><?=i18n("Username");?></th>
|
|
<th><?=i18n("First Name");?></th>
|
|
<th><?=i18n("Last Name");?></th>
|
|
<th><?=i18n("Email Address");?></th>
|
|
<th></th>
|
|
</tr>
|
|
<tr>
|
|
<th><span
|
|
onclick="clearFields();"
|
|
onmouseover="document.body.style.cursor='pointer';"
|
|
onmouseout="document.body.style.cursor='auto';">
|
|
<?=i18n("New:")?>
|
|
</span>
|
|
<input type="hidden" id="existingRecordId" value="-1"></input>
|
|
</th>
|
|
<th><input type="text" id="newFirstName"></input></th>
|
|
<th><input type="text" id="newLastName"></input></th>
|
|
<th><input type="text" id="newEmail"></input></th>
|
|
<th><button name="newRecord" onclick="saveRecord()"><?=i18n("Add")?></button></th>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
<?php
|
|
$query = 'SELECT * FROM users_student';
|
|
$query .= ' JOIN users ON users_student.users_id = users.uid';
|
|
$query .= ' JOIN users_conferences_link ucl ON ucl.users_uid = users_student.users_id';
|
|
$query .= ' WHERE schools_id = ' . $_SESSION['schoolid'];
|
|
$query .= ' AND ucl.conferences_id=' . $conference['id'];
|
|
$query .= ' AND users.deleted = "no"';
|
|
$data = mysql_query($query);
|
|
if($data){
|
|
while($row = mysql_fetch_array($data)){
|
|
$uid = $row['users_uid'];
|
|
echo user_row($uid, $row['username'], $row['firstname'], $row['lastname'], $row['email']);
|
|
}
|
|
}
|
|
?>
|
|
</tbody>
|
|
</table>
|
|
|
|
<?php
|
|
}
|