science-ation/schoolstudents.php

300 lines
8.5 KiB
PHP

<?php
require_once('common.inc.php');
require_once('user.inc.php');
if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode'] && $conference['type'] == 'scienceolympics'){
switch($_GET['action']){
case 'new':
$results = process_newRecord($_POST['firstName'], $_POST['lastName'], $_POST['email']);
if($results !== true){
echo "<script type=\"text/javascript\">var success = false;</script>";
error_($results);
}else{
echo "<script type=\"text/javascript\">var success = true;</script>";
}
break;
case 'update':
$results = alter_record($_POST['recordId'], $_POST['firstName'], $_POST['lastName'], $_POST['email']);
if($results !== true){
echo "<script type=\"text/javascript\">var success = false;</script>";
error_($results);
}else{
echo "<script type=\"text/javascript\">var success = true;</script>";
}
break;
case 'delete':
if(!delete_record($_POST['uid'])){
echo "<script type=\"text/javascript\">var success = false;</script>";
error_("Unable to delete record");
}else{
echo "<script type=\"text/javascript\">var success = true;</script>";
}
break;
default:
$title = i18n("Manage Students");
send_header($title, array("School Home" => "schoolaccess.php"));
draw_javascript();
draw_list();
send_footer();
}
}else{
header('Location: schoolaccess.php');
}
// alter an existing user record. returns true on success, error message on failure
function alter_record($uid, $firstName, $lastName, $email){
global $conference;
$returnval = true;
$firstName = trim($firstName);
$lastName = trim($lastName);
$email = strtolower(trim($email));
$user = user_load(null, $uid);
if($user){
$user['firstname'] = $firstName;
$user['lastname'] = $lastName;
$user['email'] = $email;
user_save($user);
echo user_row($uid, $user['username'], $firstName, $lastName, $email);
}else{
$returnval = "User not found";
}
return $returnval;
}
// create a new record with the given first name last name and e-mail address
// return true on success, error message on failure
function process_newRecord($firstName, $lastName, $email){
global $conference;
$firstName = trim($firstName);
$lastName = trim($lastName);
$email = strtolower(trim($email));
$uid = null;
// make sure we are actually given a first and last name
if(strlen($firstName) == 0 || strlen($lastName) == 0){
return "First and last names are required fields";
}
// if they have an e-mail address, make sure it's not already in use
if($email != null){
$user = user_load_by_email($email);
}else{
$user = false;
}
if($user != false){
return "e-mail address is already in use";
}else{
// we're creating a new user
if(strlen($email) != 0){
if(!isEmailAddress($email)){
// not a valid e-mail address
return "Invalid e-mail address";
}else{
// new e-mail address specified. That'll be the username
$username = $email;
}
}else{
// generate a user name
$nameBase = substr(strtolower($firstName), 0, 1) . strtolower($lastName);
$suffix = '';
do{
$q = mysql_fetch_array(mysql_query('SELECT COUNT(*) AS tally FROM users WHERE username="' . ($nameBase . $suffix) . '";'));
if($q['tally'] > 0){
if($suffix == '') $suffix = 1;
else $suffix++;
}
}while($q['tally'] > 0);
$username = $nameBase . $suffix;
}
// now that we have the username we want to use, let's create the user
$user = user_create('student', $username);
$user['firstname'] = $firstName;
$user['lastname'] = $lastName;
$user['active'] = 'yes';
$user['complete'] = 'yes';
if($username == $email)
$user['email'] = $email;
$user['schools_id'] = $_SESSION['schoolid'];
user_save($user);
}
$uid = $user['uid'];
echo user_row($uid, $username, $firstName, $lastName, $email);
return true;
}
// generate the table row for thisa given record
function user_row($uid, $username, $firstName, $lastName, $email){
$rval = "<tr id=\"$uid\">";
$rval .= "<td onclick=\"populate($uid);\"";
$rval .= " onmouseover=\"document.body.style.cursor='pointer';\"";
$rval .= " onmouseout=\"document.body.style.cursor='auto';\"";
$rval .= ">$username</td>";
$rval .= "<td>$firstName</td>";
$rval .= "<td>$lastName</td>";
$rval .= "<td>$email</td>";
$rval .= '<td style="text-align:center"><img border="0" src="/sfiab/images/16/button_cancel.png" onclick="deleteRecord(' . $uid . ')"/></td>';
$rval .= "</tr>";
return $rval;
}
// delete the record for the specified user id. Returns true on succes, error message on failure
function delete_record($uid){
$user = user_load_by_uid($uid);
user_delete($user);
$user = user_load_by_uid($uid);
if($user['deleted'] != 'yes'){
return "Failed to delete user";
}
return true;
}
function draw_javascript(){
?>
<script type="text/javascript">
var awaiting_ajax = false; // used to prevent the same record from being submitted multiple times
// populate the edit fields with this user's info
function populate(uid){
// extract the user's info from our table
var n = 0;
$('#' + uid + ' > td').each(function() {
switch(n){
case 1: $('#newFirstName').attr({value:this.innerHTML}); break;
case 2: $('#newLastName').attr({value:this.innerHTML}); break;
case 3: $('#newEmail').attr({value:this.innerHTML}); break;
}
n++;
});
$('#existingRecordId').attr({value:uid});
}
function clearFields(){
$('#newFirstName').select();
$('#existingRecordId').attr({ value: -1 });
$('#newFirstName').attr({ value: '' });
$('#newLastName').attr({ value: '' });
$('#newEmail').attr({ value: '' });
}
function deleteRecord(uid){
var params;
if(awaiting_ajax) return false;
awaiting_ajax = true;
params = [{ 'name' : 'uid', 'value' : uid }];
$("#debug").load("schoolstudents.php?action=delete", params, function(response){
if(success){
$('#' + uid).remove();
}
awaiting_ajax = false;
});
}
function saveRecord(){
var params;
var firstName = $('#newFirstName').val();
var lastName = $('#newLastName').val();
var email = $('#newEmail').val();
var recordId = $('#existingRecordId').val();
if(firstName == '' || lastName == ''){
notice_create('error', '<?=i18n('First and last names are required fields'); ?>', 5000);
return false;
}
// don't allow multiple submits
if(awaiting_ajax) return false;
awaiting_ajax = true;
params = [
{ 'name' : 'recordId', 'value' : recordId },
{ 'name' : 'firstName', 'value' : firstName },
{ 'name' : 'lastName', 'value' : lastName },
{ 'name' : 'email', 'value' : email }
];
if(recordId != -1){
$("#debug").load("schoolstudents.php?action=update", params, function(response){
if(success){
$('#' + recordId).remove();
$('#studentList > tbody:last').append(response);
clearFields();
}
awaiting_ajax = false;
});
}else{
$("#debug").load("schoolstudents.php?action=new", params, function(response){
if(success){
$('#studentList > tbody:last').append(response);
clearFields();
}
awaiting_ajax = false;
});
}
}
</script>
<?php
}
// draw an editable list of all students for this school in the users_stunt table
function draw_list(){
global $conference;
?>
<table id="studentList" class="summarytable">
<thead>
<tr>
<th><?=i18n("Username");?></th>
<th><?=i18n("First Name");?></th>
<th><?=i18n("Last Name");?></th>
<th><?=i18n("Email Address");?></th>
<th></th>
</tr>
<tr>
<th><span
onclick="clearFields();"
onmouseover="document.body.style.cursor='pointer';"
onmouseout="document.body.style.cursor='auto';">
<?=i18n("New:")?>
</span>
<input type="hidden" id="existingRecordId" value="-1"></input>
</th>
<th><input type="text" id="newFirstName"></input></th>
<th><input type="text" id="newLastName"></input></th>
<th><input type="text" id="newEmail"></input></th>
<th><button name="newRecord" onclick="saveRecord()"><?=i18n("Add")?></button></th>
</tr>
</thead>
<tbody>
<?php
$query = 'SELECT * FROM users_student';
$query .= ' JOIN users ON users_student.users_id = users.uid';
$query .= ' JOIN users_conferences_link ucl ON ucl.users_uid = users_student.users_id';
$query .= ' WHERE schools_id = ' . $_SESSION['schoolid'];
$query .= ' AND ucl.conferences_id=' . $conference['id'];
$query .= ' AND users.deleted = "no"';
$data = mysql_query($query);
if($data){
while($row = mysql_fetch_array($data)){
$uid = $row['users_uid'];
echo user_row($uid, $row['username'], $row['firstname'], $row['lastname'], $row['email']);
}
}
?>
</tbody>
</table>
<?php
}