function GetRubricsList()
{
/*
if($_SESSION['admin'] == "false"){
error_log("In project_get_list.php: NOT and admin!");
echo "error: not authorised.";
return false;
}
*/
$project_id = $_GET['project_id'];
$task_id = $_GET['task_id'];
//Return metadata about the columns in each table for a given database (table_schema)
$qry = "SELECT id, p_name, p_details FROM tb_projects order by id";
$dbConn = opendatabase();
$result = mysqli_query($dbConn, $qry);
if (!$result || mysqli_num_rows($result) <= 0) {
echo "Could not obtain metadata information.";
return false;
}
$options = "";
while ($row = mysqli_fetch_array($result)) {
$options .= "<option value='" . $row['id'] . "'>";
$options .= $row['p_name'] . "</option>";
}
echo $options;
//return $options;
}
function EditRubric()
{
$newproject = false;
$project_id = 0;
/*
if($_SESSION['admin'] == "false"){
error_log("In project_edit: NOT an admin!");
echo "error: not authorised.";
return false;
}
*/
$project_id = $_POST['project_id'];
$task_id = $_POST['task_id'];
$r_level = $_POST['r_level'];
$r_text = $_POST['r_text'];
$dbConn = opendatabase();
$stmt = $dbConn->stmt_init();
$sql = "UPDATE tb_rubrics SET r_text = ? WHERE task_id = ? and r_level = ?;";
error_log("QRY: " . $sql);
error_log("VALUES: " . $task_id . ", " . $r_level . ", " . $r_text);
if ($stmt->prepare($sql)) {
// Bind parameters: s - string, b - blob, i - int, etc
$stmt->bind_param("sii", $r_text, $task_id, $r_level);
/* Execute it */
$stmt->execute();
/* Close statement */
$stmt->close();
error_log("Insert/update successful.", 0);
} else {
error_log("Error!Prepare failed: (" . $dbConn->errno . ") " . $dbConn->error, 0);
}
$dbConn->close();
}
function Editproject()
{
$newproject = false;
$project_id = 0;
/*
if($_SESSION['admin'] == "false"){
error_log("In project_edit: NOT an admin!");
echo "error: not authorised.";
return false;
}
*/
if (is_null($_POST['projects_list']) || $_POST['projects_list'] == 0) {
$newproject = true;
} else {
$project_id = $_POST['projects_list'];
}
$project = $_POST['project'];
$project_details = $_POST['p_details'];
if (!$newproject) {
$qry = "UPDATE tb_projects SET p_name='" . $project . "',p_details = '" . $project_details . "' WHERE id = " . $project_id;
} else {
$qry = "INSERT INTO tb_projects( p_name, p_details) " . "VALUES ('" . $project . "', '" . $project_details . "');";
}
error_log($qry);
$dbConn = opendatabase();
if (!mysqli_query($dbConn, $qry)) {
echo "error: Error inserting projects choice data to the table\nquery:" . $qry;
mysqli_close($dbConn);
return false;
} else {
echo "Success!";
mysqli_close($dbConn);
return true;
}
}
function EditTask()
{
$newproject = false;
$project_id = 0;
/*
if($_SESSION['admin'] == "false"){
error_log("In project_edit: NOT an admin!");
echo "error: not authorised.";
return false;
}
*/
$project_id = $_POST['project_id'];
$task_desc = $_POST['task_desc'];
error_log("task_add.php: project_id = " . $project_id);
error_log("task_add.php: task_desc = " . $task_desc);
$dbConn = opendatabase();
$stmt = $dbConn->stmt_init();
$sql = "INSERT INTO tb_tasks(project_id, task_text) VALUES (?,?);";
error_log("QRY: " . $sql);
if ($stmt->prepare($sql)) {
// Bind parameters: s - string, b - blob, i - int, etc
$stmt->bind_param("is", $project_id, $task_desc);
/* Execute it */
$stmt->execute();
$last_id = $stmt->insert_id;
error_log("New Record has id: " . $last_id);
/* Close statement */
$stmt->close();
error_log("Insert/update successful.", 0);
echo $last_id;
} else {
error_log("Error!Prepare failed: (" . $dbConn->errno . ") " . $dbConn->error, 0);
}
$dbConn->close();
}
function GetProjectDetail($projId)
{
//Return metadata about the columns in each table for a given database (table_schema)
$qry = "SELECT id, p_name, p_details FROM tb_projects where id = " . $projId;
date_default_timezone_set('Australia/Sydney');
error_log("In project_get_detail.php...\n" . $qry);
$dbConn = opendatabase();
$result = mysqli_query($dbConn, $qry);
date_default_timezone_set('Australia/Sydney');
error_log("Records in Projects: " . mysqli_num_rows($result));
if (!$result || mysqli_num_rows($result) <= 0) {
echo "Could not obtain metadata information.";
return false;
}
/*****************************************************************/
$xml = new XMLWriter();
//$projXml = new DOMDocument();
//$xml->openURI("php://output");
$xml->openMemory();
$xml->startDocument();
$xml->setIndent(true);
$xml->startElement("projects");
while ($row = mysqli_fetch_assoc($result)) {
$xml->startElement("project");
$xml->writeAttribute('id', $projId);
$xml->writeRaw($row['p_name']);
$xml->endElement();
$xml->startElement("project_details");
$xml->startCData("details");
$xml->writeRaw($row['p_details']);
$xml->endCData();
$xml->endElement();
}
$xml->endElement();
$xml->endDocument();
$dbConn->close();
header('Content-type: text/xml');
$strXML = $xml->outputMemory(TRUE);
$xml->flush();
date_default_timezone_set('Australia/Sydney');
error_log("String XML:\n " . $strXML);
//$projXml->loadXML($strXML);
echo $strXML;
/*****************************************************************
$options = array();
while ($row = mysqli_fetch_assoc($result)){
$options['object_row'][] = $row;
}
echo json_encode($options);
*****************************************************************/
}
function DeleteProject()
{
$newSport = false;
$projectId = $_POST['projectId'];
error_log("In DeleteProject - Proj ID : " . $projectId);
$qry = "DELETE from tb_projects where id = " . $projectId;
$dbConn = opendatabase();
error_log("Deleting Project : " . $qry);
if (!mysqli_query($dbConn, $qry)) {
echo "error: deleting project!";
error_log("Deleting Project : " . $qry);
return false;
} else {
return true;
}
$dbConn . close();
}
<?php
/****************************************************************************/
/* {The Code Shoppe} */
/* DataPages Version 1.0 */
/* File Name: index.php */
/* Last Updated: July 21st, 2004 */
/* Author: Lee Babin <www.leebabin.com><*****@*****.**> */
/* Copyright {The Code Shoppe}. All Rights Reserved. */
/* www.thecodeshoppe.com <403.255.9767> */
/****************************************************************************/
session_start();
include "config.php";
//Path to the processing script.
require $dynamic_processing;
opendatabase();
$yesno = checkcookies();
//Validate against people hacking.
if ($_GET['yesno'] != "") {
$yesno = "bad";
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title><?php
echo $dynamic_companyname;
?>
.Site_Administration</title>
<script language="javascript" type="text/javascript" src="scripts/overlib.js"></script>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
function checkthesecurity($tempid, $levelcheck, $levelsallowed)
{
opendatabase();
$areweclear = false;
if ($seccheckquery = mysql_query("SELECT " . $levelcheck . " FROM stafflogin WHERE staffloginid='{$tempid}'")) {
$seccheckdata = mysql_fetch_array($seccheckquery);
//Now, check the id within the array.
$secid = $seccheckdata[$levelcheck];
if (in_array($secid, $levelsallowed)) {
$areweclear = true;
}
} else {
DoError(1, "", mysql_error());
}
return $areweclear;
}
function GetProjectRubrics($projId)
{
//Return metadata about the columns in each table for a given database (table_schema)
$qry = "SELECT r_level, r_text, task_id, tb_tasks.task_text FROM tb_rubrics " . "INNER JOIN tb_tasks ON tb_rubrics.task_id = tb_tasks.id " . "WHERE tb_tasks.project_id = " . $projId . " ORDER BY tb_tasks.id, tb_rubrics.r_level;";
date_default_timezone_set('Australia/Sydney');
error_log("In get_project_rubrics.php...\n" . $qry);
$dbConn = opendatabase();
$result = mysqli_query($dbConn, $qry);
date_default_timezone_set('Australia/Sydney');
error_log("Records in Projects: " . mysqli_num_rows($result));
$row_cnt = mysqli_num_rows($result);
$field_cnt = $result->field_count;
error_log("Fields: " . $field_cnt);
if (!$result || mysqli_num_rows($result) <= 0) {
//echo("Could not obtain metadata information.");
return false;
}
/*****************************************************************/
$xml = new XMLWriter();
$xml->openMemory();
$xml->startDocument();
$xml->setIndent(true);
$xml->startElement("task_rubrics");
/* fetch associative array */
/*
$row = mysqli_fetch_row($result);
for($i = 0; $i < $field_cnt; $i++){
error_log("Row[". $i . "] = " . $row[$i]);
error_log("Row[". $i . "] = " . $row[$i].name);
}
*/
/*
$finfo = $result->fetch_fields();
foreach ($finfo as $val) {
error_log("Name: " . $val->name);
error_log("Table: " . $val->table);
error_log("Max. Len: " . $val->max_length);
error_log("Length: " . $val->length);
error_log("charsetnr: " . $val->charsetnr);
error_log("Flags: " . $val->flags);
error_log("Type: " . $val->type);
}
$result->free();
*/
while ($row = mysqli_fetch_assoc($result)) {
$xml->startElement("task");
$xml->writeAttribute('id', $row['task_id']);
$xml->writeRaw($row['task_text']);
$xml->startElement("rubric_details");
$xml->writeAttribute('r_level', $row['r_level']);
$xml->startCData("details");
$xml->writeRaw($row['r_text']);
$xml->endCData();
$xml->endElement();
$xml->endElement();
}
$xml->endElement();
$xml->endDocument();
$dbConn->close();
header('Content-type: text/xml');
$strXML = $xml->outputMemory(TRUE);
$xml->flush();
date_default_timezone_set('Australia/Sydney');
//error_log("String XML:\n " . $strXML);
$projXml = new DOMDocument();
$projXml->loadXML($strXML);
error_log("loading xsl document...");
$xsl = new DOMDocument();
$xsl->load('xsl/proj_rub_html.xsl');
// Configure the transformer
$proc = new XSLTProcessor();
$proc->importStyleSheet($xsl);
// attach the xsl rules
$projRubs = $proc->transformToXML($projXml);
//error_log("XML Transform result\n" . $projRubs);
echo $proc->transformToXML($projXml);
}
function findadmin($theid)
{
opendatabase();
if ($findadminquery = mysql_query("SELECT a.whosclient FROM useraccount a, userlogin b WHERE b.userloginid='{$theid}' AND a.useraccountid=b.useraccountid")) {
$admindata = mysql_fetch_array($findadminquery);
return $admindata['whosclient'];
} else {
DoError(1, "");
}
}
function GetTaskDetails($taskId)
{
//Return metadata about the columns in each table for a given database (table_schema)
$qry = "SELECT r_level, r_text, tb_tasks.task_text FROM tb_rubrics " . "INNER JOIN tb_tasks on tb_rubrics.task_id = tb_tasks.id " . "WHERE task_id = " . $taskId . " ORDER by r_level;";
date_default_timezone_set('Australia/Sydney');
error_log("In get_task_details.php...\n" . $qry);
$dbConn = opendatabase();
$result = mysqli_query($dbConn, $qry);
date_default_timezone_set('Australia/Sydney');
error_log("Records in Projects: " . mysqli_num_rows($result));
$row_cnt = mysqli_num_rows($result);
$field_cnt = $result->field_count;
error_log("Fields: " . $field_cnt);
if (!$result || mysqli_num_rows($result) <= 0) {
//echo("Could not obtain metadata information.");
return false;
}
/*****************************************************************/
$xml = new XMLWriter();
$xml->openMemory();
$xml->startDocument();
$xml->setIndent(true);
$xml->startElement("task_rubrics");
/* fetch associative array */
while ($row = mysqli_fetch_assoc($result)) {
$xml->startElement("task");
$xml->writeAttribute('id', $taskId);
$xml->writeRaw($row['task_text']);
$xml->startElement("rubric_details");
$xml->writeAttribute('r_level', $row['r_level']);
$xml->startCData("details");
$xml->writeRaw($row['r_text']);
$xml->endCData();
$xml->endElement();
$xml->endElement();
}
$xml->endElement();
$xml->endDocument();
$dbConn->close();
header('Content-type: text/xml');
$strXML = $xml->outputMemory(TRUE);
$xml->flush();
date_default_timezone_set('Australia/Sydney');
error_log("String XML:\n " . $strXML);
//$projXml->loadXML($strXML);
//echo $strXML;
$projXml = new DOMDocument();
$projXml->loadXML($strXML);
//error_log($projXml->saveXML());
error_log("loading xsl document...");
$xsl = new DOMDocument();
$xsl->load('xsl/task_rub_html.xsl');
//error_log($xsl->saveXML());
// Configure the transformer
$proc = new XSLTProcessor();
$proc->importStyleSheet($xsl);
// attach the xsl rules
$projRubs = $proc->transformToXML($projXml);
error_log("XML Transform result\n" . $projRubs);
echo $proc->transformToXML($projXml);
}
