}
if (preg_match('/^publisher$/i', $project['code_name'])) {
$sql = sprintf("SELECT u.* FROM user u WHERE u.status = 1");
} else {
$sql = sprintf("SELECT u.* FROM user u, project p \n\t\t\t\tWHERE u.status = 1 \n\t\t\t\tAND p.id = %d\n\t\t\t\tAND u.id NOT IN (SELECT user_id FROM project_membership WHERE project_id = '%s') ORDER BY last_name ", $_GET['project_id'], $_GET['project_id']);
}
$alluser_st = @mysql_query($sql, $indaba_dbh);
$allusersOpt = "<SELECT id=alluser_user_id name=alluser_user_id class=sel_list size=25 multiple>";
while ($user = @mysql_fetch_assoc($alluser_st)) {
$allusersOpt .= "<option name=a value=" . $user['id'] . ">" . $user['username'] . " - " . $user['last_name'] . ", " . $user['first_name'] . "</option>";
}
$allusersOpt .= "</SELECT>";
$sql = sprintf("SELECT a.user_id as user_id, b.first_name, b.last_name, b.username as username, c.name as role FROM project_membership a, user b, role c WHERE a.project_id = '%s' AND a.user_id = b.id AND a.role_id = c.id AND b.status = 1 ORDER BY last_name", $_GET['project_id']);
$projuser_st = @mysql_query($sql, $indaba_dbh);
$projusersOpt = "<SELECT name=project_user_id class=sel_list size=25 multiple>";
while ($user = fetch_html_entities($projuser_st)) {
$projusersOpt .= "<option name=a value=" . $user['user_id'] . ">" . $user['username'] . " - " . $user['role'] . " - " . $user['last_name'] . ", " . $user['first_name'] . "</option>";
}
$projusersOpt .= "</SELECT>";
$sql = sprintf("SELECT a.role_id as role_id, b.name as name, b.description as description FROM project_roles a, role b WHERE project_id = '%s' AND a.role_id = b.id", $_GET['project_id']);
$roleOpt = "<SELECT name=role_id><option name=a value=''>Select role for users</option>";
$role_st = @mysql_query($sql, $indaba_dbh);
while ($role = @mysql_fetch_assoc($role_st)) {
$roleOpt .= "<option name=a value='" . $role['role_id'] . "'>" . $role['name'] . "</option>";
}
$roleOpt .= "</SELECT>";
?>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Managing Users for Project <?php
echo $project['code_name'];
$required = "<font color=red>*</font>";
if (isset($_GET['action']) && $_GET['action'] == 'show_project_list') {
// get project list
$project_id = isset($_GET['id']) ? $_GET['id'] : '';
$project_list = "<li class='ui-widget-content' style='margin:5px 40px 5px 50px; ' id=0 >Add New Project</li>";
$p_sql = "SELECT * FROM project";
$st = mysql_query($p_sql);
while ($project = mysql_fetch_assoc($st)) {
$selected = $project_id == $project['id'] ? " class=ui-selected " : " class=ui-widget-content ";
$project_list .= "<li " . $selected . " style='float:left; margin-left:10px; width:180px;' id=" . $project['id'] . ">" . $project['code_name'] . "</li>";
}
// get admin_user_list drop down
$admin_user_list = "<SELECT id=admin_user_id ><option value=0>Select Admin User</option>";
$u_sql = "SELECT * FROM user WHERE status = 1 ORDER BY last_name";
$st = mysql_query($u_sql);
while ($user = fetch_html_entities($st)) {
$user['first_name'] = $user['first_name'];
$user['last_name'] = $user['last_name'];
$admin_user_list .= "<option value=" . $user['id'] . ">" . $user['last_name'] . ", " . $user['first_name'] . "</option>";
}
$admin_user_list .= "</SELECT>" . $required;
// get organization_list drop down
$organization_list = "<SELECT id=organization_id><option value=0>Select Organization</option>";
$o_sql = "SELECT * FROM organization";
$st = mysql_query($o_sql);
while ($org = mysql_fetch_assoc($st)) {
$org['name'] = htmlentities($org['name'], ENT_QUOTES, 'UTF-8');
$organization_list .= "<option value=" . $org['id'] . ">" . $org['name'] . "</option>";
}
$organization_list .= "</SELECT>" . $required;
// get access_matrix_list drop down
function showOrganization($action, $id)
{
$updateButton = "<table border=0 width='80%'><tr><td align=center><INPUT type=button class=btn value=Update id='update' onClick='updateOrganization();' /></td>" . "<td align=center><INPUT type=button class=btn value=Delete id='delete' onClick='updateOrganization();' /></td>" . "<td align=center><INPUT type=reset class=btn value=Reset /></td></tr></table>";
$addButton = "<table border=0 width='80%'><tr><td align=center><INPUT type=button class=btn value='Add New' id='addnew' onClick='updateOrganization();' /></td>" . "<td align=center><INPUT type=reset class=btn value=Reset /></td></tr></table>";
if ($action == 'show') {
$sql = sprintf("SELECT * FROM organization WHERE id = '%s'", $id);
$st = @mysql_query($sql);
$organization = fetch_html_entities($st);
$button = $updateButton;
$id = "<INPUT type=hidden id=organization_id name=organization_id value=\"" . $organization['id'] . "\" />";
}
if ($action == 'add') {
$button = $addButton;
$id = '';
}
$name = isset($organization['name']) ? $organization['name'] : '';
$address = isset($organization['address']) ? $organization['address'] : '';
$url = isset($organization['url']) ? $organization['url'] : '';
$admin_user_id = isset($organization['admin_user_id']) ? $organization['admin_user_id'] : 0;
$form = "<form> <table width='80%' border=0>\n\t <tr>\n\t\t<td align=center>Organization Name</td>\n\t\t<td align=center>URL</td>\n\t\t<td align=center>Address</td>\n\t </tr>\n\t <tr>\n\t\t<td align=center><INPUT type=text size=10 id=organization_name name=organization_name value=\"" . htmlentities($name, ENT_QUOTES, 'UTF-8') . "\" /></td>\n\t\t<td align=center><INPUT type=text size=40 id=url name=url value=\"" . htmlentities($url, ENT_QUOTES, 'UTF-8') . "\" /></td>\n\t \t<td colspan=2 align=center><textarea cols=30 rows=5 id=address name=address>" . htmlentities($address, ENT_QUOTES, 'UTF-8') . "</textarea></td>\n\t </tr>\n\t <tr>\n\t\t<td colspan=3> </td>\n\t </tr>\n\t <tr><td colspan=3 align=center>" . $button . $id . "</td>\n\t </tr>\n\t</table></form>";
return $form;
}
function show_sub_categories($current_type, $parent_category_id, $survey_config_id)
{
if ($current_type == 'Category') {
// show Sub Category list
$id_name = "sub_category_id_";
$func_name = "sub_categorySelected";
$sub_list = "<div id=sub_category_id_0 style='width:255px;' onClick='" . $func_name . "(this);' ><INPUT style='font-size:14px; text-align:center;color:red;' id=add_new_sub class=select_input size=25 align=center readonly='readonly' value='Add New Sub Category' /></div>";
} elseif ($current_type == 'Sub Category') {
// show Question Set list
$id_name = "question_set_id_";
$func_name = "question_setSelected";
$sub_list = "<div id=" . $id_name . "0 onClick='" . $func_name . "(this);' ><INPUT style='font-size:14px; text-align:center;color:red;' id=add_new_set class=select_input size=25 align=center readonly='readonly' value='Add New Question Set' /></div>";
} else {
// show Questions list
$id_name = "question_id_";
$func_name = "questionSelected";
$sub_list = "";
$sql = sprintf("SELECT * FROM survey_question WHERE survey_category_id = %d ORDER by weight", $parent_category_id);
$st = mysql_query($sql);
while ($questions = fetch_html_entities($st)) {
$sub_list .= "<div id=" . $id_name . $questions['id'] . " onClick='" . $func_name . "(this);' >\n\t\t\t\t<INPUT class=select_input id=q_" . $id_name . $questions['id'] . " readonly='readonly' size=25 value='" . $questions['name'] . "' /></div>";
}
$rt = array('sql' => $sql, 'query_msg' => mysql_error(), 'sub_list' => $sub_list);
echo json_encode($rt);
exit;
}
$sql = sprintf("SELECT * FROM survey_category WHERE survey_config_id = %d AND parent_category_id = %d ORDER BY weight", $survey_config_id, $parent_category_id);
$st = mysql_query($sql);
while ($sub = fetch_html_entities($st)) {
$sub_list .= "<div id=" . $id_name . $sub['id'] . " onClick='" . $func_name . "(this);' ><INPUT class=select_input readonly='readonly' size=25 value='" . $sub['name'] . "' /></div>";
}
$rt = array('sql' => $sql, 'sub_list' => $sub_list, 'query_msg' => mysql_error());
return $rt;
}
$org_id = $_GET['indicator_id'];
$sql = sprintf("INSERT INTO survey_indicator (name, question, answer_type, answer_type_id, reference_id, tip, create_user_id, create_time, original_indicator_id)\n\t\t\t\t\t\tSELECT concat(name, '-clone'), question, answer_type, answer_type_id, reference_id, tip, create_user_id, now(), id\n\t\t\t\t\t\t\tFROM survey_indicator\n\t\t\t\t\t\t\tWHERE id = %d", $org_id);
$st = mysql_query($sql);
if ($st) {
$query_status = 0;
$query_msg = "Indicator cloned";
$id = mysql_insert_id();
} else {
$query_status = 1;
$query_msg = "Error cloning indicator: " . mysql_error();
exit;
}
// now clone answer
$sel_sql = "SELECT * FROM survey_indicator WHERE id = " . $id;
$st = mysql_query($sel_sql);
$new = fetch_html_entities($st);
if ($new['answer_type'] == SINGLE || $new['answer_type'] == MULTIPLE) {
$at_sql = "INSERT INTO answer_type_choice VALUES ()";
$st = mysql_query($at_sql);
$answer_type_choice_id = mysql_insert_id();
$at_sql = sprintf("INSERT INTO atc_choice (answer_type_choice_id, label, score, criteria, weight, mask, default_selected)\n\t\t\t\t\t\t\tSELECT %d, label, score, criteria, weight, mask, default_selected\n\t\t\t\t\t\t\t\tFROM atc_choice\n\t\t\t\t\t\t\t\tWHERE answer_type_choice_id = %d", $answer_type_choice_id, $new['answer_type_id']);
} elseif ($new['answer_type'] == INTEGER || $new['answer_type'] == FLOAT) {
$table = $new['answer_type'] == INTEGER ? "answer_type_integer" : "answer_type_float";
$at_sql = sprintf("INSERT INTO %s (min_value, max_value, default_value, criteria)\n\t\t\t\t\t\t\t\tSELECT min_value, max_value, default_value, criteria\n\t\t\t\t\t\t\t\t\tFROM %s \n\t\t\t\t\t\t\t\t\tWHERE id = %d", $table, $table, $new['answer_type_id']);
} else {
$at_sql = sprintf("INSERT INTO answer_type_text (min_chars, max_chars, criteria)\n\t\t\t\t\t\t\t\tSELECT min_chars, max_chars, criteria\n\t\t\t\t\t\t\t\t\tFROM answer_type_text\n\t\t\t\t\t\t\t\t\tWHERE id = %d", $new['answer_type_id']);
}
$st = mysql_query($at_sql);
if ($st) {
$query_msg .= " and answer is cloned as well";
$answer_type_id = mysql_insert_id();
function showUser($id)
{
// build userlist
$rt = array();
$user_list = "<li class='ui-widget-content' style='margin:5px 40px 5px 50px; ' id=0 >Add New User</li>";
$sql = sprintf("SELECT * FROM user WHERE status <> %d ORDER BY last_name ", DELETED);
$st = @mysql_query($sql);
while ($user = fetch_html_entities($st)) {
$selected = " class=ui-widget-content ";
$font_begin = '';
$font_end = '';
//$user['last_name'] = htmlentities($user['last_name'], ENT_QUOTES, "UTF-8");
//$user['first_name'] = htmlentities($user['first_name'], ENT_QUOTES, "UTF-8");
//$user['username'] = htmlentities($user['username'], ENT_QUOTES, "UTF-8");
//$user['bio'] = htmlentities($user['bio'], ENT_QUOTES, "UTF-8");
//$user['address'] = htmlentities($user['address'], ENT_QUOTES, "UTF-8");
if ($user['id'] == $id) {
// return details
$rt = $user;
$rt['photo'] = $rt['photo'] == '' ? NULL : "upload_files/peopleicons/" . $rt['photo'];
$selected = " class=ui-selected ";
}
if ($user['status'] == INACTIVE) {
$font_begin = "<font style='color:red; '>";
$font_end = "</font>";
}
$user_list .= "<li " . $selected . "style='float:left; margin-left:10px; width:280px;' id=" . $user['id'] . ">" . $font_begin . $user['username'] . " - " . $user['last_name'] . ", " . $user['first_name'] . $font_end . "</li>";
}
if (empty($rt)) {
$rt = array('username' => '', 'first_name' => '', 'last_name' => '', 'organization_id' => 0, 'email' => '', 'password' => '', 'forward_inbox_msg' => 1, 'site_admin' => 0, 'number_msgs_per_screen' => 10, 'email_detail_level' => 1, 'status' => 1, 'timezone' => -5, 'phone' => '', 'cell_phone' => '', 'address' => '', 'location' => '', 'photo' => '', 'bio' => '');
} else {
$_SESSION['current_user_id'] = $id;
$_SESSION['photo_type'] = "user_photo";
}
$rt['user_list'] = $user_list;
// build user_language
$user_language = "<SELECT id=language_id>";
$sql = "SELECT * FROM language WHERE status = 0";
$st = mysql_query($sql);
while ($language = mysql_fetch_assoc($st)) {
$selected = isset($rt['language_id']) && $language['id'] == $rt['language_id'] ? " selected=selected " : '';
$user_language .= "<option value=" . $language['id'] . $selected . ">" . $language['language'] . " - " . $language['language_desc'] . "</option>";
}
$user_language .= "</SELECT>";
$rt['user_language'] = $user_language;
// build organization list
$user_organization = "<SELECT id=organization_id>";
$sql = "SELECT * FROM organization";
$st = mysql_query($sql);
while ($org = mysql_fetch_assoc($st)) {
$selected = isset($rt['organization_id']) && $org['id'] == $rt['organization_id'] ? " selected=selected " : '';
$user_organization .= "<option value=" . $org['id'] . $selected . ">" . $org['name'] . "</option>";
}
$rt['user_organization'] = $user_organization;
return $rt;
}
