/**
* return a user's latest grades as a rss feed
*
* gets $user's $number latest grades (from $class; 'all' for all their classes),
* using get_latest_grades(), and makes a rss feed out of them
*/
function rss_latest_grades($user, $number, $class)
{
$real_name = "SELECT `firstname`,`surname` FROM `users` WHERE `ID`='{$user}' LIMIT 1";
$realname = query($real_name) or die("Error getting information from the database.");
while ($row = result($realname)) {
$real_name = stripslashes($row->firstname) . " " . stripslashes($row->surname);
}
$latest_date = "SELECT MAX(`date_assigned`) FROM `grades` WHERE `student_ID`='{$user}' LIMIT 1";
$latest_date = @query($latest_date) or die("Error getting information from the database.");
$latest_date = command_result($latest_date, 0);
rss_header("{$real_name}'s grades", "your latest grades", "http://" . server_root . "classes.php", $latest_date);
$grades = get_latest_grades($user, $number, $class, current_semester);
// break the grades string down into individual grades
$grades = explode("--", $grades);
foreach ($grades as $grade) {
// to get rid of the empty grade
if ($grade != "") {
// break the grade string down into its individual pieces
list($class_id, $assign_id, $assign_name, $assign_date, $points_possible, $points_scored, $grading_period) = split("::", $grade);
// get the class's name and print the grade
$class_name = @query("SELECT `name` FROM `classes` WHERE `ID`='{$class_id}' LIMIT 1") or die("Error getting class name.");
$result = result($class_name);
$class_name = $result->name;
// time to rss-ify 'em
rss_item($class_name . "-- " . $assign_name, "{$points_scored}/{$points_possible}", server_root . "/assignment.php?class={$class_id}%26id={$assign_id}", $assign_date);
}
}
rss_footer();
}
rss_header("phpmygrades mailbox", "your phpmygrades mailbox", "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['PHP_SELF'], $latest);
$messages = @query("SELECT * FROM `mail` WHERE `to`='{$id}' AND `deleted`='0' ORDER BY `id`") or die("Error getting the messages from the database.");
while ($row = result($messages)) {
$subject = stripslashes($row->subject);
$from = $row->from;
$body = stripslashes($row->body);
$link = server_root . "messages.php";
$timestamp = $row->timestamp;
$sender_query = @query("SELECT `firstname`,`surname` FROM `users` WHERE `ID`='{$from}' LIMIT 1") or die("Error getting information from the database.");
while ($row2 = result($sender_query)) {
$sender = stripslashes($row2->firstname . " " . $row2->surname);
$body = "Sent by {$sender}:<br />" . $body;
rss_item($subject, $body, $link, $timestamp);
}
}
rss_footer();
disconnect_sql();
die;
}
if (is_logged_in() == FALSE) {
$_SESSION['not_this_page'] = 1;
cust_die("You'll need to login to access the page you've requested.");
}
display_header("messaging system");
display_menu();
print "<div class=\"container2\">";
// if they'd like to write a message
if (isset($_GET['compose'])) {
$stuff = "\n\t<table><form action=\"messages.php\" method=\"post\">\n\t<tr><td>To:</td><td><select name=\"to\" \">";
if (isset($_GET['id']) and is_numeric($_GET['id']) == TRUE) {
$requested_id = escape_string($_GET['id']);
