$html .= "\t\t<button class='btn btn-primary btnaccept'>Accept<span hidden class='itemid'>" . $notification->itemid . "</span><span hidden class='itemtype'>" . $notification->itemtype . "</span><span hidden class='fromuserid'>" . $notification->fromuserid . "</span><span hidden class='notificationid'>" . $notification->id . "</span></button> ";
$html .= "\t\t<button class='btn btn-danger btndecline'>Decline<span hidden class='itemid'>" . $notification->itemid . "</span><span hidden class='itemtype'>" . $notification->itemtype . "</span><span hidden class='fromuserid'>" . $notification->fromuserid . "</span><span hidden class='notificationid'>" . $notification->id . "</span></button>";
} else {
if ($notification->itemtype == "friend") {
$object = Friend::get_by_id($notification->itemid);
if ($object->userid != $session->user_id) {
$touser = User::get_by_id($object->userid);
} else {
if ($object->touserid != $session->user_id) {
$touser = User::get_by_id($object->touserid);
}
}
$html .= "Now friends";
} else {
if ($notification->itemtype == "schooluser") {
$object = SchoolUser::get_by_id($notification->itemid);
$school = School::get_by_id($object->schoolid);
$html .= "Now a member in School <a href='school.php?id=" . $school->id . "'>" . $school->name . "</a>";
} else {
if ($notification->itemtype == "batchuser") {
$object = BatchUser::get_by_id($notification->itemid);
$batch = Batch::get_by_id($object->batchid);
$school = School::get_by_id($object->schoolid);
$html .= "Now a member in Batch <a href='batch.php?id=" . $batch->id . "'>" . $batch->get_batchyear() . "</a> of School <a href='school.php?id=" . $school->id . "'>" . $school->name . "</a>";
} else {
if ($notification->itemtype == "sectionuser") {
$object = SectionUser::get_by_id($notification->itemid);
$section = Section::get_by_id($object->sectionid);
$batch = Batch::get_by_id($object->batchid);
$school = School::get_by_id($object->schoolid);
$html .= "Now a member in Section <a href='section.php?id=" . $section->id . "'>" . $section->name . "</a> of Batch <a href='batch.php?id=" . $batch->id . "'>" . $batch->get_batchyear() . "</a> of School <a href='school.php?id=" . $school->id . "'>" . $school->name . "</a>";
if ($searchOper == 'eq') {
$searchString = $searchString;
}
if ($searchOper == 'bw' || $searchOper == 'bn') {
$searchString .= '%';
}
if ($searchOper == 'ew' || $searchOper == 'en') {
$searchString = '%' . $searchString;
}
if ($searchOper == 'cn' || $searchOper == 'nc' || $searchOper == 'in' || $searchOper == 'ni') {
$searchString = '%' . $searchString . '%';
}
$where = "{$searchField} {$ops} '{$searchString}'";
$schoolusers = SchoolUser::get_by_sql("SELECT * FROM " . T_SCHOOLUSERS . " WHERE " . $where . " AND " . $where2 . " ORDER BY {$sidx} {$sord} LIMIT {$start} , {$limit}");
} else {
$schoolusers = SchoolUser::get_by_sql("SELECT * FROM " . T_SCHOOLUSERS . " WHERE " . $where2 . " ORDER BY {$sidx} {$sord} LIMIT {$start} , {$limit}");
}
header("Content-type: text/xml;charset=utf-8");
$s = "<?xml version='1.0' encoding='utf-8'?>";
$s .= "<rows>";
$s .= "<page>" . $page . "</page>";
$s .= "<total>" . $total_pages . "</total>";
$s .= "<records>" . $count . "</records>";
foreach ($schoolusers as $schooluser) {
$user = User::get_by_id($schooluser->userid);
if (!$user) {
$user = new User();
}
$school = School::get_by_id($schooluser->schoolid);
if (!$school) {
$school = new School();
$enableEditing = false;
}
}
echo "<input id='batchid' type='hidden' value='" . $batch->id . "'>";
?>
<script> var lastClickedPage = ""; </script>
<div id="pageExplorer" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true" style="width: 1000px; margin-left: -500px;">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
<h3 id="myModalLabel">Open a Page</h3>
</div>
<div class="modal-body">
<select name="schoolselect" id="schoolselect">
<?php
$schooladmins = SchoolUser::getAdminSchools($session->user_id);
if (count($schooladmins) > 0) {
foreach ($schooladmins as $schooladmin) {
echo "<option value='" . $schooladmin->schoolid . "'>" . School::get_by_id($schooladmin->schoolid)->name . "</option>";
}
} else {
echo "<option value='0'>NO SCHOOLS YET</option>";
}
?>
</select>
<select name="batchselect" id="batchselect">
<?php
if (count($schooladmins) > 0) {
$onlyschool = School::get_by_id($schooladmins[0]->schoolid);
$batchadmins = BatchUser::getAdminBatchs($session->user_id, $onlyschool->id);
require_once "../initialize.php";
$response = "";
$loggeduser = User::get_by_id($session->user_id);
if (isset($_GET['schoolid']) || isset($_GET['batchid']) || isset($_GET['sectionid'])) {
if (isset($_GET['schoolid'])) {
$school = School::get_by_id($_GET['schoolid']);
if (SchoolUser::userExists($loggeduser->id, $school->id)) {
$object = SchoolUser::getUser($loggeduser->id, $school->id);
$object->delete();
$response = "success";
$notification = new Notification();
$notification->fromuserid = $loggeduser->id;
$notification->itemid = $object->id;
$notification->itemtype = "message";
$notification->title = "Opted Out";
$admins = SchoolUser::getAdmins($school->id);
foreach ($admins as $admin) {
$notification->touserid = $admin->userid;
$notification->create();
}
} else {
$response = "Error";
}
} else {
if (isset($_GET['batchid'])) {
$batch = Batch::get_by_id($_GET['batchid']);
if (BatchUser::userExists($loggeduser->id, $_GET['batchid'])) {
$object = BatchUser::getUser($loggeduser->id, $_GET['batchid']);
$object->delete();
$response = "success";
$notification = new Notification();
<?php
require_once "../initialize.php";
$input = $_GET['input'];
$html = "";
$filterby = $_GET['filterby'];
$thestudent = User::get_by_id($_GET['studentid']);
if ($filterby == "schoolmates") {
$orgbyuser = SchoolUser::getSchoolsImIn($thestudent->id);
$ids = array();
foreach ($orgbyuser as $item) {
array_push($ids, $item->schoolid);
}
$mates = SchoolUser::getUsersInMultipleSchoolsSearch($ids, $_GET['input']);
} else {
if ($filterby == "batchmates") {
$orgbyuser = BatchUser::getBatchsImIn($thestudent->id);
$ids = array();
foreach ($orgbyuser as $item) {
array_push($ids, $item->batchid);
}
$mates = BatchUser::getUsersInMultipleBatchsSearch($ids, $_GET['input']);
} else {
if ($filterby == "sectionmates") {
$orgbyuser = SectionUser::getSectionsImIn($thestudent->id);
$ids = array();
foreach ($orgbyuser as $item) {
array_push($ids, $item->sectionid);
}
$mates = SectionUser::getUsersInMultipleSectionsSearch($ids, $_GET['input']);
} else {
redirect_to("../../index.php");
}
if ($_POST['oper'] == 'add') {
$user = new SchoolUser();
$user->pending = $_POST['pending'];
$user->enabled = $_POST['enabled'];
$user->schoolid = $_POST['schoolid'];
$user->userid = $_POST['userid'];
$user->level = $_POST['level'];
$user->create();
$log = new Log($session->user_id, $clientip, "WEB", "CREATED SCHOOLUSER: "******"WEB", "UPDATED SCHOOLUSER: "******"WEB", "DELETED SCHOOLUSER: " . $_POST['id']);
$log->create();
SchoolUser::get_by_id($_POST['id'])->delete();
}
}
}
<div class="span1"></div>
<div class="span9">
<form id="theform" class="form-horizontal" method="post" action="#" enctype="multipart/form-data">
<fieldset>
<legend>
Update Section: <?php
echo $object->name;
?>
</legend>
<div class="control-group">
<label class="control-label" for="name">Batch</label>
<div class="controls">
<select name="batchselect" id="batchselect">
<?php
if (SchoolUser::amIAdmin($session->user_id, $object->schoolid) || $user->is_super_admin()) {
$batchs = Batch::get_all_by_schoolid($school->id);
if (count($batchs) > 0) {
foreach ($batchs as $batch) {
if ($batch->pending == 0 && $batch->enabled == 1) {
echo "<option value='" . $batch->id . "'>" . $batch->get_batchyear() . "</option>";
}
}
} else {
echo "<option value='0'>NO BATCHS YET</option>";
}
} else {
$batchusers = BatchUser::getBatchsIAdminInSchool($session->user_id, $school->id);
if (count($batchusers) > 0) {
foreach ($batchusers as $batchuser) {
$batch = Batch::get_by_id($batchuser->batchid);
$object->fbcomments = $_POST["fbcomments"];
$object->enabled = 1;
$object->pending = 0;
$file = new File($_FILES['cover']);
if ($file->valid) {
$object->cover = $file->data;
}
$file = new File($_FILES['picture']);
if ($file->valid) {
$object->picture = $file->data;
}
$object->create();
if (isset($_POST['schoolselect']) && $_POST['schoolselect'] != "NOTHING") {
$school = School::get_by_id($_POST['schoolselect']);
}
$schooluser = new SchoolUser();
$schooluser->schoolid = $school->id;
$schooluser->userid = $object->id;
$schooluser->level = 0;
$schooluser->enabled = 1;
$schooluser->pending = 0;
$schooluser->create();
if (isset($_POST['batchselect']) && $_POST['batchselect'] != "NOTHING") {
$batch = Batch::get_by_id($_POST['batchselect']);
$batchuser = new BatchUser();
$batchuser->schoolid = $school->id;
$batchuser->batchid = $batch->id;
$batchuser->userid = $object->id;
$batchuser->level = 0;
$batchuser->enabled = 1;
$batchuser->pending = 0;
$user->comments = $_POST['comments'];
$user->pending = $_POST['pending'];
$user->enabled = $_POST['enabled'];
$user->username = $_POST['username'];
$user->password = $_POST['password'];
$user->email = $_POST['email'];
$user->firstname = $_POST['firstname'];
$user->middlename = $_POST['middlename'];
$user->lastname = $_POST['lastname'];
$user->address = $_POST['address'];
$user->moto = $_POST['moto'];
$user->birthdate = $_POST['birthdate'];
$user->number = $_POST['number'];
$user->update();
$log = new Log($session->user_id, $clientip, "WEB", "UPDATED USER: "******"WEB", "DELETED USER: " . $_POST['id']);
$log->create();
SchoolUser::delete_all_by_userid($_POST['id']);
BatchUser::delete_all_by_userid($_POST['id']);
SectionUser::delete_all_by_userid($_POST['id']);
ClubUser::delete_all_by_userid($_POST['id']);
GroupUser::delete_all_by_userid($_POST['id']);
User::get_by_id($_POST['id'])->delete();
}
}
}
}
<?php
require_once "header.php";
if (!$session->is_logged_in()) {
header("location: index.php?negative");
} else {
$user = User::get_by_id($session->user_id);
if ($user->enabled == DISABLED) {
header("location: index.php?disabled");
}
}
$pathinfo = pathinfo($_SERVER["PHP_SELF"]);
$basename = $pathinfo["basename"];
$currentFile = str_replace(".php", "", $basename);
$batchusers = BatchUser::getBatchsIAdminInSchool($session->user_id, CSNTRID);
$schoolusersX = SchoolUser::getAdminSchools($session->user_id);
$batchusersX = BatchUser::getAdminBatchs($session->user_id);
if (count($schoolusersX) == 0 && count($batchusersX) == 0) {
header("location: index.php?negative");
}
?>
<div class="container-fluid">
<div class="row-fluid">
<div class="span1"></div>
<div class="span9">
<form id="theform" class="form-horizontal" method="post" action="#" enctype="multipart/form-data">
<fieldset>
<legend>
Create a Section
</legend>
<?php
require_once "../initialize.php";
$response = "";
if (isset($_GET['schoolid']) || isset($_GET['batchid']) || isset($_GET['sectionid'])) {
if (isset($_GET['schoolid'])) {
if (SchoolUser::userExists($session->user_id, $_GET['schoolid'])) {
$object = SchoolUser::getUser($session->user_id, $_GET['schoolid']);
$object->pending == 0;
$object->update();
$response = "success";
} else {
$response = "Error";
}
} else {
if (isset($_GET['batchid'])) {
if (BatchUser::userExists($session->user_id, $_GET['batchid'])) {
$object = BatchUser::getUser($session->user_id, $_GET['batchid']);
$object->update();
$response = "success";
} else {
$response = "Error";
}
} else {
if (isset($_GET['sectionid'])) {
if (SectionUser::userExists($session->user_id, $_GET['sectionid'])) {
$object = SectionUser::getUser($session->user_id, $_GET['sectionid']);
$object->update();
$response = "success";
} else {
$response = "Error";
$batchsIds = array();
if (count($batchsInSchool) > 0) {
foreach ($batchsInSchool as $batchuser) {
array_push($batchsIds, $batchuser->batchid);
}
}
if (isset($_GET['sectionid'])) {
$theusers = SectionUser::getUsersInSection($_GET['sectionid']);
} else {
if (isset($_GET['batchid'])) {
$theusers = BatchUser::getUsersInBatch($_GET['batchid']);
} else {
if (isset($_GET['schoolid'])) {
$theusers = SchoolUser::getUsersInSchool($_GET['schoolid']);
} else {
$theusers = SchoolUser::getUsersInSchool(CSNTRID);
}
}
}
?>
<div class="container-fixed" >
<div class="span12 offset1">
<div class="btn-group" style="margin-bottom: 20px">
<div class="btn-group">
<button type="button" class="btn btn-default dropdown-toggle" data-toggle="dropdown">
<?php
if (count($batchsInSchool) == 0) {
echo "Nothing Yet";
} else {
echo "View By";
if (BatchUser::amIAdmin($session->user_id, $batch->id) || SchoolUser::amIAdmin($session->user_id, $batch->schoolid) || $user->is_super_admin()) {
echo '
<li class="divider"></li>
<li><a href="updatebatch.php?id=' . $batch->id . '"><i class="icon-large icon-pencil"></i> Edit Batch</a></li>
<li><a href="editor.php?id=' . $batch->id . '"><i class="icon-large icon-pencil"></i> Edit Yearbook</a></li>
<li class="divider"></li>';
}
$sectionsInBatch = Section::get_all_by_batchid($batch->id);
if (count($sectionsInBatch) > 0) {
foreach ($sectionsInBatch as $section) {
echo '
<li class="dropdown-submenu">
<a tabindex="-1" href="section.php?id=' . $section->id . '"> ' . $section->name . ' </a>
<ul class="dropdown-menu">
<li><a href="section.php?id=' . $section->id . '"><i class="icon-large icon-play"></i> View</a></li>';
if (SectionUser::amIAdmin($session->user_id, $section->id) || BatchUser::amIAdmin($session->user_id, $section->batchid) || SchoolUser::amIAdmin($session->user_id, $section->schoolid) || $user->is_super_admin()) {
echo '<li><a href="updatesection.php?id=' . $section->id . '"><i class="icon-large icon-pencil"></i> Edit</a></li>';
}
echo '
</ul>
</li>
';
}
}
echo '
</ul>
</li>
';
}
}
} else {
<?php
require_once "../initialize.php";
$response = "";
if ((isset($_GET['schoolid']) || isset($_GET['batchid']) || isset($_GET['sectionid'])) && isset($_GET['userid'])) {
$user = User::get_by_id($_GET['userid']);
if (isset($_GET['schoolid'])) {
if (!SchoolUser::userExists($user->id, $_GET['schoolid'])) {
$school = School::get_by_id($_GET['schoolid']);
$object = new SchoolUser();
$object->schoolid = $school->id;
$object->userid = $user->id;
$object->level = 0;
$object->role = "student";
$object->enabled = 1;
$object->pending = 1;
$object->create();
$notification = new Notification();
$notification->fromuserid = $session->user_id;
$notification->touserid = $user->id;
$notification->itemid = $object->id;
$notification->itemtype = "schooluser";
$notification->title = "Invites you";
$notification->create();
$response = "success";
} else {
$theuser = SchoolUser::getUser($user->id, $_GET['schoolid']);
if ($theuser->pending == 0) {
$response = "This user is already a member.";
} else {
$response = "This user is already pending.";
<?php
require_once "../initialize.php";
$sectionsselect = null;
if (isset($_GET["batchid"])) {
if (is_numeric($_GET["batchid"])) {
$batch = Batch::get_by_id($_GET["batchid"]);
if (SchoolUser::amIAdmin($session->user_id, $batch->schoolid) || BatchUser::amIAdmin($session->user_id, $batch->id)) {
$sections = Section::get_all_by_batchid($batch->id);
if (count($sections) > 0) {
foreach ($sections as $section) {
$sectionsselect .= "<option value='" . $section->id . "'>" . $section->name . "</option>";
}
if (User::get_by_id($session->user_id)->is_super_admin()) {
$sectionsselect .= "<option value='NOTHING'>NOTHING</option>";
}
} else {
$sectionsselect .= "<option value='0'>NO SECTIONS YET</option>";
}
} else {
$sectionadmins = SectionUser::getSectionsIAdminInBatch($session->user_id, $_GET["batchid"]);
if (count($sectionadmins) > 0) {
foreach ($sectionadmins as $sectionadmin) {
$section = Section::get_by_id($sectionadmin->sectionid);
$sectionsselect .= "<option value='" . $section->id . "'>" . $section->name . "</option>";
}
if (User::get_by_id($session->user_id)->is_super_admin()) {
$sectionsselect .= "<option value='NOTHING'>NOTHING</option>";
}
} else {
$sectionsselect .= "<option value='0'>NO SECTIONS YET</option>";
<button class="btn-mini btn-link pull-right btnaddfriend">
Add Friend<span hidden>' . $user->id . '</span>
</button>
';
}
}
}
echo '
<div class="btn-group pull-right">
<a id="btninvite" class="btn-mini dropdown-toggle" data-toggle="dropdown" href="#">
<i class="icon-large icon-circle-arrow-down"></i> Invite <i class="icon-caret-down"></i>
<span class="caret"></span>
</a>
<ul class="dropdown-menu">
';
$schoolsImIn = SchoolUser::getSchoolsImIn($session->user_id);
$bathsImIn = BatchUser::getBatchsImIn($session->user_id);
$sectionsImIn = SectionUser::getSectionsImIn($session->user_id);
if ($loggeduser->is_super_admin()) {
if (count($schoolsImIn) > 0) {
echo '<li class="divider"> schools</li>';
foreach ($schoolsImIn as $theuser) {
$school = School::get_by_id($theuser->schoolid);
if (!$school) {
$theuser->delete();
}
echo '<li><a href="#" onclick="invite(\'schoolid\', ' . $school->id . '); return false;">' . $school->name . '</a></li>';
}
}
}
if (count($bathsImIn) > 0) {
<?php
require_once "../initialize.php";
$input = $_GET['input'];
$html = "";
$filteredstudents = User::search($input);
if (count($filteredstudents) > 0) {
foreach ($filteredstudents as $object) {
$html .= '<tr>';
$html .= ' <td><img style="height:40px;" src="data:image/jpeg;base64, ' . $object->picture . ' " /></td>';
$html .= ' <td><a href="student.php?id=' . $object->id . '">' . $object->get_full_name() . '</a></td>';
if (isset($_GET['schoolid'])) {
$school = School::get_by_id($_GET['schoolid']);
$theuser = SchoolUser::getUser($object->id, $school->id);
if ($theuser) {
if ($theuser->pending == 1) {
$html .= ' <td><button class="btn-small button-flat-primary disabled">Already Pending</button></td>';
} else {
$html .= '<td><button class="btn-small button-flat-action disabled">Member</button></td>';
}
} else {
$html .= '<td><button class="btn-small button-flat-primary btninvite">Invite<span hidden>' . $object->id . '</span></button></td>';
}
} else {
if (isset($_GET['batchid'])) {
$batch = Batch::get_by_id($_GET['batchid']);
$theuser = BatchUser::getUser($object->id, $batch->id);
if ($theuser) {
if ($theuser->pending == 1) {
$html .= '<td><button class="btn-small button-flat-primary disabled">Already Pending</button></td>';
} else {
<?php
if ($session->is_logged_in()) {
echo '
<a href="#invitationBox" role="button" class="btn-mini pull-right" data-toggle="modal">
<i class="icon-large icon-comment"></i> Invite Students
</a>
';
if ($loggeduser->is_super_admin() || SchoolUser::amIAdmin($loggeduser->id, $school->id)) {
echo '
<a href="updateschool.php?id=' . $school->id . '" class="btn-mini pull-right">
<i class="icon-large icon-pencil"></i> Edit
</a>
';
}
$loggedschooluser = SchoolUser::getUser($session->user_id, $school->id);
if ($loggedschooluser == null) {
echo '
<button role="button" class="btn-mini btn-link pull-right" onclick="join(); return false;">
<i class="icon-large icon-envelope"></i> Join
</button>
';
} else {
if ($loggedschooluser != null) {
if ($loggedschooluser->pending == 1) {
echo '
<button role="button" class="btn-mini btn-link pull-right" onclick="cancelpending(); return false;">
<i class="icon-large icon-envelope"></i> Cancel Pending
</button>
';
} else {
SectionUser::delete_all_by_schoolid($school->id);
Section::delete_all_by_schoolid($school->id);
//===================BATCH=============================//
BatchUser::delete_all_by_schoolid($school->id);
Batch::delete_all_by_schoolid($school->id);
//===================SCHOOL=============================//
SchoolUser::delete_all_by_schoolid($school->id);
$school->delete();
}
$log = new Log($session->userid, $clientip, "WEB", "DELETED MULTIPLE SCHOOLS");
$log->create();
$response = "success";
} else {
if ($what == "schooluser") {
foreach ($ids as $id) {
SchoolUser::get_by_id($id)->delete();
}
$log = new Log($session->userid, $clientip, "WEB", "DELETED MULTIPLE SCHOOLUSERS");
$log->create();
$response = "success";
} else {
if ($what == "batch") {
foreach ($ids as $id) {
$batch = Batch::get_by_id($id);
SectionUser::delete_all_by_schoolid($batch->schoolid);
Section::delete_all_by_schoolid($batch->schoolid);
BatchUser::delete_all_by_batchid($batch->id);
$folder_path = "../../public/schools/" . $batch->schoolid . "/yearbooks/" . $batch->get_batchyear();
rrmdir($folder_path);
$batch->delete();
}
<?php
require_once "header.php";
$pathinfo = pathinfo($_SERVER["PHP_SELF"]);
$basename = $pathinfo["basename"];
$currentFile = str_replace(".php", "", $basename);
$sound = isset($_GET['success']) ? "positive" : "";
if ($session->is_logged_in()) {
$user = User::get_by_id($session->user_id);
if ($user->enabled == DISABLED) {
header("location: index.php?disabled");
} else {
$schoolsIAdminCount = count(SchoolUser::getAdminSchools($session->user_id));
$batchsIAdminCount = count(BatchUser::getAdminBatchs($session->user_id));
$sectionsIAdminCount = count(SectionUser::getAdminSections($session->user_id));
$iAdminSomething = false;
if ($schoolsIAdminCount + $batchsIAdminCount + $sectionsIAdminCount > 0 || $user->is_super_admin()) {
$iAdminSomething = true;
}
}
} else {
header("location: index.php?negative");
}
?>
<div class="container-fluid">
<div class="row-fluid">
<ul class="nav nav-tabs">
<?php
if ($user->is_super_admin()) {
echo '<li><a id="userstab" href="#users" data-toggle="tab">Students</a></li>';
<?php
require_once "../initialize.php";
$school = School::get_by_id($_GET['id']);
$folder_path = "../../public/schools/" . $school->id;
if (file_exists($folder_path)) {
rrmdir($folder_path);
}
//===================SECTION=============================//
SectionUser::delete_all_by_schoolid($school->id);
Section::delete_all_by_schoolid($school->id);
//===================BATCH=============================//
BatchUser::delete_all_by_schoolid($school->id);
Batch::delete_all_by_schoolid($school->id);
//===================SCHOOL=============================//
SchoolUser::delete_all_by_schoolid($school->id);
$school->delete();
$log = new Log($session->user_id, $clientip, "WEB", "DELETED SCHOOL: " . $school->id);
$log->create();
echo "success";
function rrmdir($dir)
{
foreach (glob($dir . '/*') as $file) {
if (is_dir($file)) {
rrmdir($file);
} else {
unlink($file);
}
}
rmdir($dir);
}
<?php
require_once "../../includes/initialize.php";
global $session;
if (!$session->is_logged_in()) {
redirect_to("../../index.php");
}
$page = $_GET['page'];
$limit = $_GET['rows'];
$sidx = $_GET['sidx'];
$sord = $_GET['sord'];
$user = User::get_by_id($session->user_id);
$schoolusers = SchoolUser::getAdminSchools($user->id);
$batchusers = BatchUser::getAdminBatchs($user->id);
$criteria = "" . C_SECTION_ID . " IN (SELECT " . C_SECTIONUSER_SECTIONID . " FROM " . T_SECTIONUSERS . " \r\nWHERE " . C_SECTIONUSER_USERID . "=" . $session->user_id . " AND " . C_SECTIONUSER_LEVEL . "=1)";
if (count($batchusers) > 0) {
$criteria = "" . C_SECTION_BATCHID . " IN (SELECT " . C_BATCHUSER_BATCHID . " FROM " . T_BATCHUSERS . " \r\n WHERE " . C_BATCHUSER_USERID . "=" . $session->user_id . " AND " . C_BATCHUSER_LEVEL . "=1)";
}
if (count($schoolusers) > 0) {
$criteria = "" . C_SECTION_SCHOOLID . " IN (SELECT " . C_SCHOOLUSER_SCHOOLID . " FROM " . T_SCHOOLUSERS . " \r\n WHERE " . C_SCHOOLUSER_USERID . "=" . $session->user_id . " AND " . C_SCHOOLUSER_LEVEL . "=1)";
}
if ($user->is_super_admin()) {
$sections_count = Section::get_by_sql("SELECT * FROM " . T_SECTIONS);
} else {
$sections_count = Section::get_by_sql("SELECT * FROM " . T_SECTIONS . " WHERE " . $criteria);
}
$count = count($sections_count);
if ($count > 0 && $limit > 0) {
$total_pages = ceil($count / $limit);
} else {
$total_pages = 0;
if (isset($_GET['itemid']) && $_GET['itemid'] != '' && isset($_GET['itemtype']) && $_GET['itemtype'] != '' && isset($_GET['touserid']) && $_GET['touserid'] != '' && isset($_GET['notificationid']) && $_GET['notificationid'] != '') {
$itemtype = $_GET['itemtype'];
$itemid = $_GET['itemid'];
$touserid = $_GET['touserid'];
$notificationid = $_GET['notificationid'];
$notification = new Notification();
if ($itemtype == "friend") {
$object = Friend::get_by_id($itemid);
$object->pending = 0;
$object->update();
$notification->title = "message";
$notification->itemid = $itemid;
$notification->itemtype = "friend";
} else {
if ($itemtype == "schooluser") {
$object = SchoolUser::get_by_id($itemid);
$object->pending = 0;
$object->update();
$notification->title = "message";
$notification->itemid = $itemid;
$notification->itemtype = "schooluser";
} else {
if ($itemtype == "batchuser") {
$object = BatchUser::get_by_id($itemid);
$object->pending = 0;
$object->update();
$notification->title = "message";
$notification->itemid = $itemid;
$notification->itemtype = "batchuser";
} else {
if ($itemtype == "sectionuser") {
} else {
$school = School::get_by_id($object->schoolid);
//$batchname = $school->name." ".$object->get_batchyear();
$batchname = $object->get_batchyear();
}
} else {
header("location: index.php?negative");
}
if (!$session->is_logged_in()) {
header("location: index.php?negative");
} else {
$user = User::get_by_id($session->user_id);
if ($user->enabled == DISABLED) {
header("location: index.php?disabled");
}
if (!BatchUser::amIAdmin($session->user_id, $object->id) && !SchoolUser::amIAdmin($session->user_id, $object->schoolid) && !$user->is_super_admin()) {
header("location: index.php?negative");
}
}
$pathinfo = pathinfo($_SERVER["PHP_SELF"]);
$basename = $pathinfo["basename"];
$currentFile = str_replace(".php", "", $basename);
?>
<div class="container-fluid">
<div class="row-fluid">
<div class="span1"></div>
<div class="span9">
<form id="theform" class="form-horizontal" method="post" action="#" enctype="multipart/form-data">
<fieldset>
<legend>
Update Batch: <?php
<?php
require_once "../initialize.php";
$batchsselect = null;
if (isset($_GET["schoolid"])) {
if (SchoolUser::amIAdmin($session->user_id, $_GET["schoolid"])) {
$batchadmins = BatchUser::getBatchsImIn($session->user_id);
} else {
$batchadmins = BatchUser::getBatchsIAdminInSchool($session->user_id, $_GET["schoolid"]);
}
if (count($batchadmins) > 0) {
foreach ($batchadmins as $batchadmin) {
$batch = Batch::get_by_id($batchadmin->batchid);
$batchsselect .= "<option value='" . $batch->id . "'>" . $batch->fromyear . "-" . ($batch->fromyear + 1) . "</option>";
}
if (User::get_by_id($session->user_id)->is_super_admin()) {
$batchsselect .= "<option value='NOTHING'>NOTHING</option>";
}
} else {
$batchsselect .= "<option value='0'>NO BATCHS YET</option>";
}
if (User::get_by_id($session->user_id)->is_super_admin()) {
$batchsselect = "";
$batchs = Batch::get_all();
if (count($batchs) > 0) {
foreach ($batchs as $batch) {
$batchsselect .= "<option value='" . $batch->id . "'>" . $batch->fromyear . "-" . ($batch->fromyear + 1) . "</option>";
}
$batchsselect .= "<option value='NOTHING'>NOTHING</option>";
} else {
$batchsselect .= "<option value='0'>NO BATCHS YET</option>";
