<?php echo "\n<div class='row'>\n <div class='col-md-8 col-md-offset-2'>"; // TODO Clean up the SELECT * query $query = "SELECT * FROM Persons WHERE id_person = {$id_person};"; $result = mysqli_query($cxn, $query) or die("Couldn't execute query"); if (mysqli_num_rows($result) == 1) { $person = mysqli_fetch_array($result); } else { exit_with_footer(); } $query = "SELECT id_group, " . "CONCAT(name_group,' (',name_kingdom,')') as Name_Group, " . "Groups.id_kingdom!=" . HOST_KINGDOM_ID . " as In_Kingdom " . "FROM Groups, Kingdoms " . "WHERE Groups.id_kingdom = Kingdoms.id_kingdom " . "Order By In_Kingdom, Name_Group;"; $groups = mysqli_query($cxn, $query) or die("Couldn't execute query"); // Display form with all person's info. echo '<form action="edit_person.php" method="post">'; echo form_title("Editing Personal Information"); echo button_link("person.php?id=" . $id_person, "To Personal Overview Page"); echo '<input type="hidden" name="id" value="' . $person["id_person"] . '">'; echo "<table class='table table-condensed table-bordered'>"; //<thead><td class='text-right'>Column</td><td class='text-left'>Value</td></thead>"; // SCA Name: if (isset($_POST["SCA_name"]) && is_string($_POST["SCA_name"])) { $sca_name = $_POST["SCA_name"]; } else { $sca_name = $person["name_person"]; } echo '<tr><td class="text-right">SCA Name:</td><td><input type="text" name="SCA_name" value="' . $sca_name . '"></td></tr>'; // Mundane Name if (isset($_POST["mundane_name"]) && is_string($_POST["mundane_name"])) { $mundane_name = $_POST["mundane_name"]; } else {
<?php // Assumption: this is only loaded from reports.php so don't need to access check again // Note: cxn is live. echo "<div class='row'><div class='col-md-8 col-md-offset-2'>"; echo '<form action="report_herald.php" method="post">'; echo form_title("Please select a Heraldic report"); echo "<table class='table table-condensed table-bordered'>"; echo '<tr><td class="text-right">Report:</td>'; echo '<td><select name="id_report" >'; echo '<option value="1">Obsidian: List of all awards</option>'; echo '</select></td></tr>'; //echo '<tr><td>Download as a file?</td>'; // echo '<td><input type="checkbox" name="get_file" value="1">'; // echo '</td></tr>'; echo "</table>"; echo '<input type="submit" value="Get Report">'; echo "</form>"; echo "</div></div>";
} $cxn = open_db_browse(); $query = "SELECT id_award, name_award, id_group, id_kingdom, id_rank " . "FROM Awards " . "WHERE Awards.id_award={$id_award};"; //echo "Query is :<br>$query<p>"; $result = mysqli_query($cxn, $query) or die("Couldn't execute query"); $award = mysqli_fetch_array($result); $query = "SELECT id_group, " . "CONCAT(name_group,' (',name_kingdom,')') as name_group, " . "Groups.id_kingdom!=" . HOST_KINGDOM_ID . " as In_Kingdom " . "FROM Groups, Kingdoms " . "WHERE Groups.id_kingdom = Kingdoms.id_kingdom " . "AND id_group >= 0 " . "Order By In_Kingdom, name_group;"; //echo $query; $groups = mysqli_query($cxn, $query) or die("Couldn't execute query"); $query = "SELECT id_kingdom, name_kingdom FROM Kingdoms;"; $kingdoms = mysqli_query($cxn, $query) or die("Couldn't execute query"); $query = "SELECT id_rank, name_rank FROM Ranks;"; $ranks = mysqli_query($cxn, $query) or die("Couldn't execute query"); echo "\n<div class='row'>\n <div class='col-md-8 col-md-offset-2'>"; echo '<form action="edit_award.php" method="post">'; echo form_title("Editing Award Information"); echo button_link("search.php?name=" . $search, "Return to Search Page"); echo button_link("./list.php?award={$id_award}", "List all Recipients of Award"); echo "<p>"; echo '<input type="hidden" name="id" value="' . $id_award . '">'; echo '<input type="hidden" name="name" value="' . $search . '">'; echo "<table class='table table-condensed table-bordered'>"; $varname = "name_award"; if (isset($_POST[$varname]) && is_string($_POST[$varname])) { $name_award = $_POST[$varname]; } else { $name_award = $award[$varname]; } echo "<tr><td class='text-right'>Award Name</td>" . "<td><input type='text' name='{$name_award}' value='{$name_award}'" . "</td></tr>"; $varname = "id_group"; if (isset($_POST[$varname]) && is_string($_POST[$varname])) {
<?php require "../includes/config.php"; echo "\n<!doctype html>\n<META HTTP-EQUIV=\"CACHE-CONTROL\" CONTENT=\"NO-CACHE\">\n<meta http-equiv=\"expires\" content=\"0\" />\n<html lang=\"en\">\n<head>\n <title> </title>\n <link rel=\"stylesheet\" href=\"/css/auth.css\">\n</head>\n<body>"; // NOTE: DO NOT AT THIS POINT USE ANY CLASS REFERENCES // configuration echo form_title("Fighter Authorization Card"); echo "<div><p><a href=\"combat.php\">Return to the Combat Page</a></p></div>"; // First: confirm that we reached this page through a POST submission if ($_SERVER['REQUEST_METHOD'] == 'POST') { if (isset($_POST["mem_num"]) && is_numeric($_POST["mem_num"])) { $mem_num = $_POST["mem_num"]; } else { echo form_subtitle('Must include fighter membership number to print fighter authorization card'); exit_with_footer(); } if (isset($_POST["id_combat"]) && is_numeric($_POST["id_combat"])) { $id_combat = $_POST["id_combat"]; } } else { echo form_subtitle("Page accessed in error."); exit_with_footer(); } if (DEBUG) { echo form_subsubtitle("Now using values mem_num={$mem_num} and id_combat={$id_combat}"); } // Open database $cxn = open_db_browse(); // Confirm that there is a fighter authorization card on file for this person and combat type $query = "SELECT Persons.id_person, id_person_combat_card, Combat.id_combat, name_combat " . "FROM Persons, Persons_CombatCards, Combat " . "WHERE Persons.id_person=Persons_CombatCards.id_person " . "AND membership_person={$mem_num} " . "AND Combat.id_combat = Persons_CombatCards.id_combat " . "AND Combat.id_combat={$id_combat};"; if (DEBUG) {
$q_head = "PCC.card_marshal as 'card number', " . "PCC.expire_marshal as 'expiry date' "; $q_body = "FROM \n (SELECT Persons.id_person, id_person_combat_card, name_person, name_group, \n card_marshal, expire_marshal \n FROM Persons_CombatCards, Persons, Groups \n WHERE Persons_CombatCards.id_person=Persons.id_person \n AND Persons.id_group = Groups.id_group \n AND Persons_CombatCards.expire_marshal >= curdate() \n AND id_combat={$ic}) AS PCC\n LEFT JOIN\n (SELECT COUNT(*) as num_count, id_person \n FROM Persons_Marshals, Marshals\n WHERE Persons_Marshals.id_marshal=Marshals.id_marshal\n AND Marshals.id_combat={$ic}\n GROUP BY id_person) AS PCount\n ON PCount.id_person = PCC.id_person "; // Now we have to add the individual warrants while ($warr = mysqli_fetch_assoc($warrs)) { extract($warr); $q_head = $q_head . ", if (PA{$id_marshal}.id_person IS NULL,'No', 'Yes') as '{$name_marshal}' "; $q_body = $q_body . "LEFT JOIN \n (SELECT id_person\n FROM Persons_Marshals\n WHERE Persons_Marshals.id_marshal={$id_marshal}) AS PA{$id_marshal}\n ON PA{$id_marshal}.id_person=PCC.id_person "; } $query = $qlink . $q_head . $q_body . "WHERE num_count is not NULL ORDER BY name_person"; if (DEBUG) { echo "Warrants Query is<p> {$query}"; } // This part borrowed from report_showtable, minus ability to download file $data = mysqli_query($cxn, $query) or die("Couldn't execute query to build table."); // Displays a table with sortable columns based on the data stored in $data. echo form_title("Active Marshals for {$name_combat}"); $fields = mysqli_fetch_fields($data); // echo "<table class='table table-condensed table-bordered'>"; echo '<table class="sortable table table-condensed table-bordered">'; echo '<thead>'; foreach ($fields as $field) { echo '<th>' . $field->name . '</th>'; } echo '</thead>'; while ($row = mysqli_fetch_assoc($data)) { echo '<tr>'; foreach ($row as $field) { echo '<td>' . $field . '</td>'; } echo '</tr>'; }
} $query = "SELECT id_event, name_event, date_event_start, date_event_stop " . "FROM Events " . "ORDER BY date_event_start DESC;"; $events = mysqli_query($cxn, $query) or die("Couldn't find events."); if (isset($_POST["date_award"]) && is_string($_POST["date_award"])) { $date_award = $_POST["date_award"]; } else { $date_award = $award["date_award"]; } if (isset($_POST["id_event"]) && is_numeric($_POST["id_event"])) { $id_event = $_POST["id_event"]; } else { $id_event = $award["id_event"]; } $award_info = $award["name_award"] . " awarded to " . $award["name_person"] . ""; echo "\n<div class='row'>\n <div class='col-md-8 col-md-offset-2'>"; echo form_title("Now editing the date and event of the award.") . "\n"; echo button_link("edit_person.php?id=" . $id_person, "Return To Personal Editing Page") . "<br><br>"; echo '<form action="edit_person_award.php" method="post">'; echo '<input type="hidden" name="idpa" value="' . $id_person_award . '">'; echo '<input type="hidden" name="id" value="' . $id_person . '">'; echo "<table>"; echo "<tr><td width='50%'>{$award_info}</td><td>"; echo '<input type="date" class="date" name="date_award" value="' . $date_award . '">'; echo "<br>(format if no datepicker: yyyy-mm-dd)</td></tr>"; echo '<tr><td class="text-right">Event:</td><td> <select name="id_event" >'; while ($row = mysqli_fetch_array($events)) { echo '<option value="' . $row["id_event"] . '"'; if ($row["id_event"] == $id_event) { echo ' selected'; } echo ">" . $row["name_event"] . " (" . $row["date_event_start"] . " - " . $row["date_event_stop"] . ") </option>";
$query = "SELECT id_person from Persons where name_person='{$sca_name}';"; $result = mysqli_query($cxn, $query) or die("Couldn't execute query"); $person = mysqli_fetch_array($result); $id_person = $person["id_person"]; echo button_link("edit_person.php?id={$id_person}", "Go To Edit Awards for {$sca_name}"); echo '<p>or continue adding new persons below:'; } } $query = "SELECT id_group, " . "CONCAT(name_group,' (',name_kingdom,')') as Name_Group, " . "Groups.id_kingdom!=" . HOST_KINGDOM_ID . " as In_Kingdom " . "FROM Groups, Kingdoms " . "WHERE Groups.id_kingdom = Kingdoms.id_kingdom " . "Order By In_Kingdom, Name_Group;"; $groups = mysqli_query($cxn, $query) or die("Couldn't execute query"); ?> <div class='row'><div class='col-md-8 col-md-offset-2'> <form action="add_person.php" method="post"> <?php echo form_title("Adding a New Person") . "\n"; echo button_link("search.php?name=" . $part_name, "Return to Search Page"); echo '<input type="hidden" name="part_name" value="' . $part_name . '">'; ?> <table class='table table-condensed table-bordered'> <tr> <td class="text-right">SCA Name:<br>(required)</td> <td><input type="text" name="SCA_name" size="50" maxlength="128" required></td> </tr> <tr> <td class="text-right">Legal Name:</td> <td><input type="text" name="mundane_name" size="50" maxlength="128"></td> </tr> <td class="text-right">SCA Membership #:<br>(required)</td> <td><input type="number" name="mem_num" min="1" step="1"></td> </tr>
<div class="container"> <?php /* Note: This page displays a list of events. If permissions are correct, then * the page will also include an "Add Event" button, and the links will go to * edit_event.php rather than event.php. */ $cxn = open_db_browse(); $query = "SELECT id_event, name_event, name_group, date_event_start, date_event_stop " . "FROM Events, Groups " . "WHERE Events.id_group = Groups.id_group " . "ORDER BY date_event_start DESC;"; if (DEBUG) { echo "Event Information Query is:<p>{$query}<p>"; } $result = mysqli_query($cxn, $query) or die("Couldn't execute event_info query"); echo "<div class='row'><div class='col-md-8 col-md-offset-2'>"; echo form_title("A List of All Known Events"); if (permissions("Herald") >= 3) { echo button_link("add_event.php", "Add A New Event"); } echo "</p>"; echo "<table class='table table-condensed table-bordered'>\n<thead>\n<td ><strong>Event</strong></td>\n<td class='text-left'><strong>Hosts</strong></td>\n<td class='text-left'><strong>Dates</strong></td>\n</thead>"; while ($row = mysqli_fetch_assoc($result)) { extract($row); echo "<tr>"; echo "<td ><a href='event.php?id={$id_event}'>{$name_event}"; echo "</a></td>"; echo "<td >{$name_group}</td>"; echo "<td >" . date("d-M-Y", strtotime($date_event_start)); if ($date_event_start != $date_event_stop) { echo " -- " . date("d-M-Y", strtotime($date_event_stop)); } echo "</td>"; if (permissions("Herald") >= 3) {
*/ // This is the marshal's warrant form which is handled by edit_person_marshal.php // Since this file is included from edit_person.php, the database connection $cxn is alread live. // This query will return a list of all known marshal's warrants, // with the person's data filled in if known and NULL otherwise $query_comb = "SELECT id_combat, name_combat, cn, ea, ipcc, note, active " . "FROM Combat LEFT JOIN" . "(SELECT id_person_combat_card as ipcc, card_marshal as cn, " . "expire_marshal as ea, id_combat as ic, active_marshal as active, " . "note_marshal as note " . "FROM Persons_CombatCards " . "WHERE id_person={$id_person}) AS PA " . "ON Combat.id_combat = PA.ic ORDER BY name_combat"; $query_marshals = "SELECT * FROM " . "(SELECT id_marshal, name_marshal, Combat.id_combat, name_combat " . "FROM Marshals, Combat " . "WHERE Marshals.id_combat = Combat.id_combat " . "ORDER BY name_combat, name_marshal) AS AC " . "LEFT JOIN " . "(SELECT id_marshal as ia, id_person_marshal " . "FROM Persons_Marshals where id_person={$id_person}) AS PA " . "on AC.id_marshal = PA.ia"; if (DEBUG) { echo "Per Category known facts:<br>{$query_comb}<p>"; echo "Known Marshal's Warrants: <br>{$query_marshals}<p>"; } $marshals = mysqli_query($cxn, $query_marshals) or die("Couldn't execute query to find known/current marshal's warrants."); $mcombats = mysqli_query($cxn, $query_comb) or die("Couldn't execute query to find known/current date/card numbers."); echo "<div class='row'><div class='col-md-8 col-md-offset-2'>"; echo '<form action="edit_person_marshal.php" method="post">'; echo form_title("Editing Marshal's Warrants"); echo '<input type="hidden" name="id" value="' . $person["id_person"] . '">'; echo '<input type="hidden" name="name_person" value="' . $person["name_person"] . '">'; echo "<table class='table table-condensed table-bordered'>"; //echo "<tr><th></th><th>Expiry Date</th><th>Card Number</th></tr>"; $curr_id_combat = 0; $i = 0; while ($row = mysqli_fetch_assoc($marshals)) { extract($row); $i++; if ($curr_id_combat != $id_combat) { // Build for the next item in combats if ($curr_id_combat > 0) { echo "</tr>"; } $curr_id_combat = $id_combat;
} // Set up the data base queries to populate the form $query = "SELECT id_group, " . "CONCAT(name_group,' (',name_kingdom,')') as name_group, " . "Groups.id_kingdom!=" . HOST_KINGDOM_ID . " as In_Kingdom " . "FROM Groups, Kingdoms " . "WHERE Groups.id_kingdom = Kingdoms.id_kingdom " . "AND id_group >= 0 " . "Order By In_Kingdom, name_group;"; //echo $query; $groups = mysqli_query($cxn, $query) or die("Couldn't execute query"); $query = "SELECT id_kingdom, name_kingdom FROM Kingdoms;"; $kingdoms = mysqli_query($cxn, $query) or die("Couldn't execute query"); $query = "SELECT id_rank, name_rank FROM Ranks;"; $ranks = mysqli_query($cxn, $query) or die("Couldn't execute query"); mysqli_close($cxn); ?> <div class='row'><div class='col-md-8 col-md-offset-2'> <form action="add_award.php" method="post"> <?php echo form_title("Adding a New Award"); ?> <table class='table table-condensed table-bordered'> <tr> <td class="text-right">Award Name<br>(Required)</td> <td><input type="text" name="name_award" size="50" maxlength="128" required> </td> </tr> <tr> <td class="text-right">Group of Award (if any)</td> <td><select name="id_group" ><option value="-1"></option> <?php while ($row = mysqli_fetch_array($groups)) { echo '<option value="' . $row["id_group"] . '">' . $row["name_group"] . '</option>'; } ?>
$query = "SELECT id_combat, name_combat from Combat"; if (DEBUG) { echo "Combat query: {$query}<p>"; } $result = mysqli_query($cxn, $query) or die("Couldn't execute query to find types of combat"); echo "<div class='list-group'><ul type='none'>"; while ($row = mysqli_fetch_assoc($result)) { extract($row); echo "<li><a href='list_marshals.php?id={$id_combat}'>{$name_combat}: Active Marshals</a></li>"; } echo "</ul>"; echo "<p>"; /////////////////////////////////////////////////////////////////////////////// // Form allowing fighter to print his/her authorization card /////////////////////////////////////////////////////////////////////////////// echo form_title("Show Combat Authorization Card"); echo '<form action="/public/combat_auth.php" method="post">'; //echo '<form action="/public/combat_auth_styled.php" method="post">'; echo "<table class='table table-condensed table-bordered'>"; echo '<tr><td class="text-right">Combat Type:</td><td> <select name="id_combat" >'; $query = "SELECT id_combat, name_combat FROM Combat ORDER BY name_combat"; // Build up the drop down list if (DEBUG) { echo "Combat query: {$query}<p>"; } $result = mysqli_query($cxn, $query) or die("Couldn't execute query to find types of combat"); while ($row = mysqli_fetch_assoc($result)) { extract($row); echo '<option value="' . $row["id_combat"] . '"'; echo '>' . $row["name_combat"] . '</option>'; }
} if ($_SERVER['REQUEST_METHOD'] != 'POST') { echo '<p class="error"> This page has been accessed in error.</p>'; exit_with_footer(); } // Since we have the right permissions and arrived here via post, // we will now update the database $id_person = $_POST["id"]; $name_person = $_POST["name_person"]; $cxn = open_db_browse(); $query_comb = "SELECT id_combat, name_combat, cn, ea, ipcc, note, active " . "FROM Combat LEFT JOIN " . "(SELECT id_person_combat_card as ipcc, card_authorize as cn, " . "expire_authorize as ea, id_combat as ic, note_authorize as note, " . "active_authorize as active " . "FROM Persons_CombatCards " . "WHERE id_person={$id_person}) AS PA " . "ON Combat.id_combat = PA.ic ORDER BY name_combat "; if (DEBUG) { echo "Per Category known facts:<br>{$query_comb}<p>"; } $combats = mysqli_query($cxn, $query_comb) or die("Couldn't execute query to find known/current date/card numbers."); echo form_title("Now updated Authorizations as follows:"); if (isset($_POST['dynact'])) { $dynact = $_POST['dynact']; } $dyncombat = $_POST['dyncombat']; $dyndate = $_POST['dyndate']; $dyncard = $_POST['dyncard']; $dynnote = $_POST['dynnote']; if (isset($_POST['dynidauth'])) { // Need to account for case where no checkmarks at all. $dynidauth = $_POST['dynidauth']; } else { $dynidauth = NULL; } if (DEBUG) { if (isset($_POST['dynact'])) {
mysqli_close($cxn); /* close the db connection */ } } else { // We don't have sufficient permissions for this page. echo '<p class = "error"> This page has been accessed in error.</p>'; echo 'Please use your back arrow to return to the previous page.'; exit_with_footer(); } // Since the form does not require PHP, we will create it below ?> <div class='row'><div class='col-md-8 col-md-offset-2'> <form action="add_site.php" method="post"> <?php echo form_title("Adding a New Event Site"); ?> <table class='table table-condensed table-bordered'> <tr> <td class="text-right">Name of Site<br>(Required)</td> <td><input type="text" name="name_site" size="50" maxlength="256" required> </td> </tr> <tr> <td class="text-right">URL of Site</td> <td><input type="url" name="url_site" size="50" maxlength="256" ></td> </tr> <tr> <td class="text-right">Facilities</td> <td><textarea name="facilities_site" rows="3" cols="50"></textarea></td> </tr>
$event_info = mysqli_fetch_assoc($result); extract($event_info); if ($id_site < 0) { if (DEBUG) { echo "No Known Site<p>"; } $name_site = "Unknown"; } else { $query = "SELECT name_site FROM Sites where id_site={$id_site}"; $result = mysqli_query($cxn, $query) or die("Couldn't execute site name query"); $tmp = mysqli_fetch_assoc($result); $name_site = $tmp["name_site"]; } /* Display the known information of the event */ echo "<div class='row'><div class='col-md-8 col-md-offset-2'>"; echo form_title("{$name_event}"); echo form_subtitle("Hosted by <a href='list.php?group={$id_group}'>{$name_group}</a> from {$date_event_start} to {$date_event_stop}"); if (!is_null($id_site)) { echo form_subtitle("Held at <a href='site.php?id={$id_site}'>{$name_site}</a>"); } if (permissions("Herald") >= 3) { echo button_link("edit_event.php?id={$id_event}", "Edit Event Information"); } /* Display Known Award Recipients at this event */ $query = "SELECT Persons.id_person, Awards.id_award, name_person, name_award " . "FROM Persons, Awards, Persons_Awards " . "WHERE Persons.id_person = Persons_Awards.id_person " . "AND Awards.id_award = Persons_Awards.id_award " . "AND Persons_Awards.id_event = {$id_event};"; if (DEBUG) { echo "<p>The Recipients Query is:<p>{$query}"; } $result = mysqli_query($cxn, $query) or die("Couldn't execute recipients query"); echo form_subtitle("Award Recipients At {$name_event}"); $matches = $result->num_rows;
<?php // Assumption: this is only loaded from reports.php so don't need to access check again // Note: cxn is live. $query = "SELECT id_combat, name_combat FROM Combat"; $combats = mysqli_query($cxn, $query) or die("Couldn't execute query to get list of combats."); $query = "SELECT id_auth, id_combat, name_auth FROM Authorizations"; $auths = mysqli_query($cxn, $query) or die("Couldn't execute query to get list of Authorizations."); $query = "SELECT id_marshal, id_combat, name_marshal FROM Marshals"; $marshals = mysqli_query($cxn, $query) or die("Couldn't execute query to get list of Marshal''s Warrants."); echo "<div class='row'><div class='col-md-8 col-md-offset-2'>"; echo '<form action="report_marshal.php" method="post">'; echo "<table class='table table-condensed table-bordered'>"; echo form_title("Please select a Marshal's report"); echo '<tr><td class="text-right">Report:</td>'; echo '<td><select name="id_report" >'; echo "<option value='7'>List of all Active Fighters with at least one Authorization for Choice of Combat</option>"; echo '<option value="1">List of all Active Fighters for Choice of Combat</option>'; echo '<option value="3">List of all Active Fighters for Choice of Authorization</option>'; echo "<option value='5'>List of all Inactive Fighters for Choice of Combat</option>"; echo "<option value='8'>List of all Active Marshals with at least one Marshal's Warrant for Choice of Combat</option>"; echo '<option value="2">List of all Active Marshals for Choice of Combat</option>'; echo "<option value='4'>List of all Active Marshals for Choice of Marshal's Warrant</option>"; echo "<option value='6'>List of all Inactive Marshals for Choice of Combat</option>"; echo '</td></tr>'; echo '<tr><td class="text-right">Type of Combat:</td>'; echo '<td><select name="id_combat" >'; while ($combat = mysqli_fetch_assoc($combats)) { extract($combat); echo "<option value='{$id_combat}|{$name_combat}'>" . "{$name_combat}</option>"; // Remember you will need to use explode function to separate combat
} $sites = mysqli_query($cxn, $query) or die("Couldn't execute sites query"); mysqli_close($cxn); /* close the db connection */ } else { // We don't have sufficient permissions for this page. echo '<p class = "error"> This page has been accessed in error.</p>'; echo 'Please use your back arrow to return to the previous page.'; exit_with_footer(); } ?> <div class='row'><div class='col-md-8 col-md-offset-2'> <form action="add_event.php" method="post"> <?php echo form_title("Adding a New Event"); echo button_link("list_events.php", "List of Events") . "</p>"; ?> <table class='table table-condensed table-bordered'> <tr> <td class="text-right">Name of Event<br>(Required)</td> <td><input type="text" name="name_event" size="50" maxlength="128" required> </td> </tr> <tr> <td class="text-right">Date Event Starts</td> <td><input type="date" class="date" name="date_event_start"> <br>(format if no datepicker: yyyy-mm-dd)</td> </tr> <tr> <td class="text-right">Date Event Ends</td>
</td> </tr> </table> <?php echo form_start_ajax('test', array('fs' => $app_param['fs'])); echo form_hidden('user_action_new', '1'); echo form_title('To create new user, fill data below', ''); echo form_input('user_new_login', 'Login', 'tip', 'input', ''); echo form_input('user_new_pass', 'Password1', '', 'input', ''); echo form_input('user_new_pass2', 'Password2', '', 'input', ''); echo form_input('user_new_type', 'Typ', '', 'input', ''); echo form_button('submit', 'Dodaj usera'); //echo form_end('id', 'action_params'); ?> </form> </div> <script>
} if ($_SERVER['REQUEST_METHOD'] != 'POST') { echo '<p class="error"> This page has been accessed in error.</p>'; exit_with_footer(); } // Since we have the right permissions and arrived here via post, // we will now update the database $id_person = $_POST["id"]; $name_person = $_POST["name_person"]; $cxn = open_db_browse(); $query_comb = "SELECT id_combat, name_combat, cn, ea, ipcc, note, active " . "FROM Combat LEFT JOIN" . "(SELECT id_person_combat_card as ipcc, card_marshal as cn, " . "expire_marshal as ea, id_combat as ic," . "note_marshal as note, active_marshal as active " . "FROM Persons_CombatCards " . "WHERE id_person={$id_person}) AS PA " . "ON Combat.id_combat = PA.ic ORDER BY name_combat"; if (DEBUG) { echo "Per Category known facts:<br>{$query_comb}<p>"; } $combats = mysqli_query($cxn, $query_comb) or die("Couldn't execute query to find known/current date/card numbers."); echo form_title("Now updated Marshal's Warrants as follows."); if (isset($_POST['dynmact'])) { $dynmact = $_POST['dynmact']; } $dynmcombat = $_POST['dynmcombat']; $dynmdate = $_POST['dynmdate']; $dynmcard = $_POST['dynmcard']; $dynmnote = $_POST['dynmnote']; if (isset($_POST['dynmidauth'])) { // Need to account for case where no checkmarks at all. $dynmidauth = $_POST['dynmidauth']; } else { $dynmidauth = NULL; } if (DEBUG) { if (isset($_POST['dynmact'])) {
$emailresult = '<div class="alert alert-success">Thank you! We appreciate your feedback.</div>'; } else { $emailresult = '<div class="alert alert-danger">I was unable to send your message. Please try again.</div>'; } } else { echo "Error with setting up email."; } } #######################################################################################*/ mysqli_close($cxn); /* close the db connection */ ?> <!-- end of php --> <div class="row"> <?php echo form_title("Report a problem with this record"); ?> <form class="form-horizontal" role="form" method="post" action="site.php"> <div class="form-group"> <label for="name" class="col-sm-2 col-md-3 control-label">Name:</label> <div class="input-group col-sm-10 col-md-6"> <span style="display: block; width: 100%"><input size="60" type="text" width="100%" class="form-control" id="name" name="name" placeholder="Your Name" value="<?php if (isset($_POST['msgSubmit'])) { echo htmlspecialchars($_POST['name']); } ?> "></span> </div> </div> <div class="form-group"> <label for="email" class="col-sm-2 col-md-3 control-label">Email:</label>
if (mysqli_num_rows($result) == 1) { $person = mysqli_fetch_array($result); } else { echo "Unable to find person in the database"; exit_with_footer(); } $query = "SELECT id_award, name_kingdom," . "CONCAT(name_award,' (',name_kingdom,')') as Name_Award, " . "Awards.id_kingdom !=" . HOST_KINGDOM_ID . " as In_Kingdom " . "FROM Awards, Kingdoms " . "WHERE Awards.id_kingdom = Kingdoms.id_kingdom " . "ORDER BY In_Kingdom, name_kingdom, Name_Award;"; //echo $query; $awards = mysqli_query($cxn, $query) or die("Couldn't execute awards query"); $query = "SELECT id_event, name_event, date_event_start, date_event_stop " . "FROM Events ORDER BY date_event_start DESC"; $events = mysqli_query($cxn, $query) or die("Couldn't execute list of events query"); $query = "SELECT id_kingdom, name_kingdom from Kingdoms;"; $kingdoms = mysqli_query($cxn, $query) or die("Couldn't execute list of kingdoms query"); echo "<div class='row'>\n <div class='col-md-8 col-md-offset-2'>"; echo '<form action="add_person_award.php" method="post">'; echo form_title('Adding a New Award for ' . '<a href="edit_person.php?id=' . $id_person . '">' . $person["name_person"] . '</a>'); echo '<input type="hidden" name="id" value="' . $id_person . '">'; echo "<table class='table table-condensed table-bordered'>"; // Date the award was handed out if (isset($_POST["date_award"]) && is_string($_POST["date_award"])) { $date_award = $_POST["date_award"]; } else { $date_award = date("Y-m-d"); // defaults to today's date } echo '<tr><td class="text-right">Date awarded:</td><td> ' . '<input type="date" class="date" name="date_award" value="' . $date_award . '"> (format if no datepicker: yyyy-mm-dd)</td></tr>'; // Date the award expires for awards like champion if (isset($_POST["date_exp"]) && is_string($_POST["date_exp"])) { $date_exp = $_POST["date_exp"]; } else { $date_exp = '';
// Query the database $queryreport = $qshow . $query; if (DEBUG) { echo "Report query is: {$queryreport}<p>"; } // Query the database $data = mysqli_query($cxn, $queryreport) or die("Couldn't execute query to build report."); echo "<div class='row'><div class='col-md-8 col-md-offset-2'>"; echo '<form action="/public/report_download.php" method="post">'; //echo form_title("Download Report"); echo '<input type="hidden" name="query" value="' . $qfile . $query . '">'; echo '<input type="submit" value="Download Report as CSV file">'; echo "</form>"; echo "</div></div>"; // Displays a table with sortable columns based on the data stored in $data. echo form_title($report_name); $fields = mysqli_fetch_fields($data); // echo "<table class='table table-condensed table-bordered'>"; echo '<table class="sortable table table-condensed table-bordered">'; echo '<thead>'; foreach ($fields as $field) { echo '<th>' . $field->name . '</th>'; } echo '</thead>'; while ($row = mysqli_fetch_assoc($data)) { echo '<tr>'; foreach ($row as $field) { echo '<td>' . $field . '</td>'; } echo '</tr>'; }
<?php // Part of the edit_person.php file echo form_title("Editing awards"); echo button_link("./add_person_award.php?id=" . $id_person, "Add a new Award for " . $sca_name); echo "<table class='table table-condensed table-bordered'>\n\n<thead><td class='text-left'><strong>Award</strong></td>\n\n<td class='text-left'><strong>Date</strong></td>\n<td class='text-left'><strong>Event</strong></td>\n<td>Edit</td><td>Delete</td></thead>\n"; // Display person's awards with edit & delete link for each award $query = "SELECT id_person_award, name_award, date_award,name_kingdom, \n Awards.id_award, name_event, Events.id_event \n FROM Persons, Persons_Awards, Awards, Kingdoms, Events\n WHERE Persons.id_person = Persons_Awards.id_person\n and Persons_Awards.id_award = Awards.id_award\n and Awards.id_kingdom = Kingdoms.id_kingdom\n and Persons_Awards.id_event = Events.id_event \n and Persons.id_person = {$id_person} order by date_award"; if (DEBUG) { echo "Query to list awards is: " . $query . "<br>"; } $awards = mysqli_query($cxn, $query) or die("Couldn't execute query"); while ($row = mysqli_fetch_assoc($awards)) { extract($row); // echo "<tr><td class='text-left'>$name_award - $name_kingdom</td><td class='text-left'>$date_award</tr></td>"; echo "<tr><td class='text-left'><a href='list.php?award={$id_award}'>{$name_award}</a></td>"; echo "<td class='text-left'>{$date_award}</td>\n"; if ($id_event > 0) { echo "<td class='text-left'>{$name_event}</td>"; } else { echo "<td></td>"; } echo "<td>" . button_link("./edit_person_award.php?idpa=" . $id_person_award . "&id=" . $id_person, "Edit Date/Event") . "</td>\n"; echo "<td>" . button_link("./delete_person_award.php?id=" . $id_person . "&idpa=" . $id_person_award, "Delete Award") . "</td>\n"; echo "</tr>"; } echo "</table>";
$matches = $result->num_rows; echo "{$matches} group matches"; while ($row = mysqli_fetch_assoc($result)) { // extract($row); $Name = $row['name_group']; $ID = $row['id_group']; $KName = $row['name_kingdom']; $link = "<li class='list-group-item text-left'><a href='./list.php?group={$ID}'>{$Name} - {$KName}</a></li>"; // $link = "<li> $Name </li>"; echo "{$link}"; } echo "</ul></div> <!-- ./col-md-8 --></div><!-- ./row -->"; //close out list and open divs /*#######################################################################################*/ echo "<div class='container'><div class='row'><div class='col-md-8 col-md-offset-2'>"; echo form_title("<a name='events'>Events matching <i>{$part_name}</i></a><small><a href='#top'> (Return to Top)</a></small>"); if (permissions("Herald") >= 3) { echo button_link("./add_event.php", "Add A New Event"); } echo "<div class='list-group'><ul type='none'>"; // make the list pretty with formatting if ($k_id == -1) { $query = "SELECT id_event, name_event, date_event_start, date_event_stop, name_group, name_kingdom\n FROM Events, Groups, Kingdoms\n WHERE name_event like '%{$part_name}%'\n AND Events.id_group = Groups.id_group\n AND Groups.id_kingdom = Kingdoms.id_kingdom " . "ORDER BY name_event"; } else { $query = "SELECT id_event, name_event, date_event_start, date_event_stop, name_group, name_kingdom\n FROM Events, Groups, Kingdoms\n WHERE name_event like '%{$part_name}%'\n AND Events.id_group = Groups.id_group\n AND Groups.id_kingdom = Kingdoms.id_kingdom " . "AND Groups.id_kingdom = {$k_id} " . "ORDER BY name_group"; } $result = mysqli_query($cxn, $query) or die("Couldn't execute events query"); $matches = $result->num_rows; echo "{$matches} events matches"; while ($row = mysqli_fetch_assoc($result)) { extract($row);
} elseif (isset($_POST['id']) && is_numeric($_POST['id'])) { // We got here from form submission after person reported correction // echo "Arrived as form submission"; $id_person = $_POST['id']; } else { echo '<p class="error"> This page has been accessed in error.</p>'; exit_with_footer(); } $query = "SELECT name_person, name_group, Groups.id_group " . "FROM Persons, Groups " . "WHERE Persons.id_person = {$id_person} " . "AND Persons.id_group=Groups.id_group"; if (DEBUG) { echo "Query to database is: {$query}<p>"; } $result = mysqli_query($cxn, $query) or die("Couldn't execute query"); while ($row = mysqli_fetch_assoc($result)) { extract($row); echo "<div class='page-header'>" . form_title($name_person); echo form_subtitle("Member of " . live_link("list.php?group={$id_group}", "{$name_group}")); include "../templates/warning.php"; // includes the warning text about paper precedence echo "</small>"; if (permissions("Herald") >= 3 or permissions("Marshal") >= 3) { // TODO: Make this link more visible? echo "<br>" . button_link("./edit_person.php?id={$id_person}", "Edit {$name_person}'s record"); } echo "</div>"; } echo "\n<div class='row'>\n\n <div class='col-md-8 col-md-offset-2'>"; $query = "SELECT waiver_person, youth_person, birthdate_person\n FROM Persons\n WHERE id_person={$id_person}"; if (DEBUG) { echo "Waiver query is:{$query}<p>"; }
//top navigation buttons: previous, next, return to list echo "<div class=\"btn-group\" role=\"group\" aria-label=\"navigation\">\n"; //previous page if ($previous_item >= 1) { echo button_link("./edit_site.php?id=" . $previous_item, "Previous Site") . "\n"; } //next page if ($next_item < $max_item) { echo button_link("./edit_site.php?id=" . $next_item, "Next Site") . "\n"; } echo button_link("./site.php?id=" . $id_site, "Return to Site Page") . "\n"; echo button_link("./list_site.php", "Return to List of Sites") . "\n"; echo "</div><!-- class btn-group -->\n"; // NOTE: By building the site first, we've populated all the variables. // Display form with all person's info. echo form_title("Editing Event Site Information") . "\n"; echo "<div class='alert alert-danger'><p>Caution: Do not enter P.O. Box addresses into the\nStreet Address field. Place them in the Area field, and type 'None' into the\nStreet Address field. </p><p>You will also need to manually enter latitude and\nlongitude coordinates for sites without street addresses.</p></div>"; //open the form echo "<form class='form-horizontal' action=\"./edit_site.php?id=" . $id_site . "\" method=\"post\">\n"; echo '<input type="hidden" name="id" value="' . $id_site . '"' . ">\n"; /*****************************************************************************/ $varname = "name_site"; if (isset($_POST[$varname]) && is_string($_POST[$varname])) { $name_site = $_POST[$varname]; } else { $name_site = $site[$varname]; } echo '<div class="form-group"><label for=' . $varname . '>Name of Site:</label><input type="text" ' . 'name="' . $varname . '" maxlength="256" value="' . $name_site . '" required>' . '<br/>This field is required</div>' . "\n"; /*****************************************************************************/ $varname = "url_site"; if (isset($_POST[$varname]) && is_string($_POST[$varname])) {
*/ // This is the authorization form which is handled by edit_person_authorization.php // Since this file is included from edit_person.php, the database connection $cxn is alread live. // This query will return a list of all known authorizations, // with the person's data filled in if known and NULL otherwise $query_comb = "SELECT id_combat, name_combat, cn, ea, ipcc, note, active " . "FROM Combat LEFT JOIN " . "(SELECT id_person_combat_card as ipcc, card_authorize as cn, " . "expire_authorize as ea, id_combat as ic, note_authorize as note, " . "active_authorize as active " . "FROM Persons_CombatCards " . "WHERE id_person={$id_person}) AS PA " . "ON Combat.id_combat = PA.ic ORDER BY name_combat "; $query_auths = "SELECT * FROM " . "(SELECT id_auth, name_auth, Combat.id_combat, name_combat " . "FROM Authorizations, Combat " . "WHERE Authorizations.id_combat = Combat.id_combat " . "ORDER BY name_combat, name_auth) AS AC " . "LEFT JOIN " . "(SELECT id_auth as ia, id_person_auth " . "FROM Persons_Authorizations where id_person={$id_person}) AS PA " . "on AC.id_auth = PA.ia"; if (DEBUG) { echo "Per Category known facts:<br>{$query_comb}<p>"; echo "Known authorizations: <br>{$query_auths}<p>"; } $auths = mysqli_query($cxn, $query_auths) or die("Couldn't execute query to find known/current authorizations."); $combats = mysqli_query($cxn, $query_comb) or die("Couldn't execute query to find known/current date/card numbers."); echo "<div class='row'><div class='col-md-8 col-md-offset-2'>"; echo '<form action="edit_person_authorization.php" method="post">'; echo form_title("Editing Authorizations"); echo '<input type="hidden" name="id" value="' . $person["id_person"] . '">'; echo '<input type="hidden" name="name_person" value="' . $person["name_person"] . '">'; echo "<table class='table table-condensed table-bordered'>"; //echo "<tr><th></th><th>Expiry Date</th><th>Card Number</th></tr>"; $curr_id_combat = 0; $i = 0; while ($row = mysqli_fetch_assoc($auths)) { extract($row); $i++; if ($curr_id_combat != $id_combat) { // Build for the next item in combats if ($curr_id_combat > 0) { echo "</tr>"; } $curr_id_combat = $id_combat;