public function getResults()
{
$sql = "SELECT subject_id AS 'id', shortform AS 'shortform', subject AS 'matching_text', description as 'additional_text', '' as 'tab_index', '' AS 'parent_id', 'Subject Guide' as 'content_type' FROM subject \nWHERE description LIKE" . $this->getSearch() . "\nOR subject LIKE " . $this->getSearch() . "\nOR keywords LIKE " . $this->getSearch() . "\nOR shortform LIKE " . $this->getSearch() . "\nOR type LIKE " . $this->getSearch() . "\nUNION \nSELECT p.pluslet_id AS 'id', su.shortform as 'shortform', p.title AS 'matching_text',p.body AS 'additional_text', t.tab_index AS 'additional_text', su.subject_id AS 'parent_id', 'Pluslet' AS 'content_type' FROM pluslet AS p \n\tINNER JOIN pluslet_section AS ps \n\tON ps.pluslet_id = p.pluslet_id\n\tINNER JOIN section AS s \n\tON ps.section_id = s.section_id\n\tINNER JOIN tab AS t\n\tON s.tab_id = t.tab_id\n\tINNER JOIN subject AS su \n\tON su.subject_id = t.subject_id\nWHERE p.body LIKE " . $this->getSearch() . "\nOR p.title LIKE " . $this->getSearch() . "\nUNION\nSELECT title_id AS 'id', '' as 'shortform', title AS 'matching_text' , description as 'additional_text','' as 'tab_index', '' AS 'parent_id', 'Record' as 'content_type' FROM title \nWHERE title LIKE " . $this->getSearch() . "\nOR description LIKE " . $this->getSearch() . "\nUNION\nSELECT faq_id AS 'id', '' as 'shortform' , question AS 'matching_text', answer as 'additional_text','' as 'tab_index', '' AS 'parent_id', 'FAQ' as 'content_type' FROM faq \nWHERE question LIKE " . $this->getSearch() . "\nOR answer LIKE " . $this->getSearch() . "\nOR keywords LIKE " . $this->getSearch() . "\nUNION\nSELECT talkback_id AS 'id', '' as 'shortform', question AS 'matching_text' , answer as 'additional_text','' as 'tab_index', '' AS 'parent_id', 'Talkback' as 'content_type' FROM talkback \nWHERE question LIKE " . $this->getSearch() . "\nOR answer LIKE " . $this->getSearch() . "\nUNION\nSELECT staff_id AS 'id', '' as 'shortform', email AS 'matching_text' , fname as 'additional_text','' as 'tab_index', '' AS 'parent_id', 'Staff' as 'content_type' FROM staff \nWHERE fname LIKE " . $this->getSearch() . "\nOR lname LIKE " . $this->getSearch() . "\nOR email LIKE " . $this->getSearch() . "\nOR tel LIKE " . $this->getSearch() . "\nUNION\nSELECT department_id AS 'id', '' as 'shortform', name AS 'matching_text' , telephone as 'additional_text','' as 'tab_index', '' AS 'parent_id', 'Department' as 'content_type' FROM department \nWHERE name LIKE " . $this->getSearch() . "\nOR telephone LIKE " . $this->getSearch() . "\nUNION\nSELECT video_id AS 'id', '' as 'shortform', title AS 'matching_text' , description as 'additional_text','' as 'tab_index', '' AS 'parent_id', 'Video' as 'content_type' FROM video \nWHERE title LIKE " . $this->getSearch() . "\nOR description LIKE " . $this->getSearch() . "\nOR vtags LIKE " . $this->getSearch();
$db = new Querier();
$results = $db->query($sql);
return $results;
}
public function __construct($lib_guides_xml_path, Logger $log, Querier $db, CatalogMigrator $cm)
{
$libguides_xml = new \SimpleXMLElement(file_get_contents($lib_guides_xml_path, 'r'));
$this->libguidesxml = $libguides_xml;
$this->log = $log;
$this->db = $db;
$this->connection = $db->getConnection();
$this->cm = $cm;
}
public function getFavoritePluslets($staff_id = null)
{
if ($staff_id == null) {
$staff_id = $this->_staff_id;
}
$querier = new Querier();
$sql = "SELECT p.pluslet_id as 'id', p.title AS 'title', p.type AS 'type', t.tab_index AS 'tab_index' FROM pluslet AS p\n INNER JOIN pluslet_section AS ps\n ON ps.pluslet_id = p.pluslet_id\n INNER JOIN section AS s\n ON ps.section_id = s.section_id\n INNER JOIN tab AS t\n ON s.tab_id = t.tab_id\n INNER JOIN subject AS subject\n ON t.subject_id = subject.subject_id\n INNER JOIN staff_subject AS staff_sub\n ON subject.subject_id = staff_sub.subject_id\n WHERE p.favorite_box = 1\n AND staff_sub.staff_id = {$staff_id}";
$favorites = $querier->query($sql);
return $favorites;
}
public function __construct(Querier $db)
{
$this->connection = $db->getConnection();
$statement = $this->connection->prepare("SELECT title_id FROM title");
$statement->execute();
$title_ids = $statement->fetchAll();
foreach ($title_ids as $title_id) {
$azrecord = new AzRecord($db);
$azrecord->getRecord($title_id['title_id']);
$this->records[] = $azrecord->toArray();
}
}
public function __construct(Querier $db)
{
$this->connection = $db->getConnection();
$statement = $this->connection->prepare("SELECT subject_id FROM subject WHERE active = :active AND `type` = :type");
$statement->bindParam(':active', $this->active);
$statement->bindParam(':type', $this->type);
$statement->execute();
$subject_ids = $statement->fetchAll();
foreach ($subject_ids as $subject_id) {
$record = new Record($db);
$record->getRecord($subject_id['subject_id']);
$this->records[] = $record;
}
}
/**
* sp_WebService::setData() - this method sets the data that will be outputted for
* the web service with a get method
*
* @return void
*/
public function setData()
{
$lobjParams = $this->mobjUrlParams;
$lobjParams = $this->sanitizeParams($lobjParams);
if ($lobjParams === false) {
die;
}
$lstrQuery = $this->generateQuery($lobjParams) or die;
$lobjQuerier = new Querier();
$lobjResults = $lobjQuerier->query($lstrQuery, \PDO::FETCH_ASSOC);
if (!$lobjResults) {
$lobjResults = array();
}
$this->mobjData[$this->mstrTag] = $lobjResults;
}
/**
* StaffWebService::setData() - this method overrides the parent method because
* the staff webservice requires an append to the tel field
*
* @return void
*/
public function setData()
{
$lobjParams = $this->mobjUrlParams;
$lobjParams = $this->sanitizeParams($lobjParams);
if ($lobjParams === false) {
die;
}
$lstrQuery = $this->generateQuery($lobjParams) or die;
$lobjQuerier = new Querier();
$lobjResults = $lobjQuerier->query($lstrQuery, \PDO::FETCH_ASSOC);
if (!$lobjResults) {
$lobjResults = array();
}
global $tel_prefix;
foreach ($lobjResults as &$lobjRow) {
if (isset($tel_prefix)) {
$lobjRow['tel'] = $tel_prefix . $lobjRow['tel'];
}
}
$this->mobjData[$this->mstrTag] = $lobjResults;
}
public function getRelatedTitles()
{
$db = new Querier();
//get title ids in pluslets' resource token connected to guide
$q = "SELECT p.body\n FROM subject AS s\n INNER JOIN tab AS tb ON s.subject_id = tb.subject_id\n LEFT JOIN section AS sc ON tb.tab_id = sc.tab_id\n LEFT JOIN pluslet_section AS ps ON sc.section_id = ps.section_id\n LEFT JOIN pluslet AS p ON ps.pluslet_id = p.pluslet_id\n WHERE p.body LIKE '%{{dab}%'\n AND s.subject_id = {$this->_subject_id}";
$lobjResults = $db->query($q);
$lobjMatches = array();
$lobjTitleIds = array();
foreach ($lobjResults as $lobjResult) {
preg_match_all('/\\{\\{dab\\},\\{([^}]*)\\}/', $lobjResult['body'], $lobjMatches);
$lobjTitleIds = array_merge($lobjTitleIds, $lobjMatches[1]);
}
return $lobjTitleIds;
}
*
* @author adarby
* @date jan 2012
*/
use SubjectsPlus\Control\Querier;
use SubjectsPlus\Control\CompleteMe;
use SubjectsPlus\Control\DbHandler;
include "../control/includes/config.php";
include "../control/includes/functions.php";
include "../control/includes/autoloader.php";
// If you have a theme set, but DON'T want to use it for this page, comment out the next line
if (isset($subjects_theme) && $subjects_theme != "") {
include "themes/{$subjects_theme}/databases.php";
exit;
}
$db = new Querier();
$use_jquery = array("ui");
$page_title = _("Database List");
$description = _("An alphabetical list of the electronic resources available.");
$keywords = _("library, research, electronic journals, databases, electronic resources, full text, online, magazine, articles, paper, assignment");
// set a default if the letter isn't set
if (!isset($_GET["letter"])) {
$_GET["letter"] = "A";
$page_title .= ": A";
} else {
$page_title .= ": " . ucfirst(scrubData($_GET["letter"]));
}
// Deal with databases by subject display
if (!isset($_GET["subject_id"])) {
$_GET["subject_id"] = "";
$clean_id = "";
$page_title = "FAQ Admin";
include "../includes/header.php";
try {
} catch (Exception $e) {
echo $e;
}
if (isset($_GET["limit"])) {
if ($_GET["limit"] == "all") {
$limit = "";
} else {
$limit = "LIMIT 0," . scrubData($_GET["limit"], "int");
}
} else {
$limit = "LIMIT 0,10";
}
$querierFAQ = new Querier();
$qFAQ = "SELECT faq_id, question, answer, keywords\n\tFROM faq\n\tORDER BY faq_id DESC\n\t{$limit}";
$faqArray = $querierFAQ->query($qFAQ);
$row_count1 = 0;
$row_count2 = 0;
$colour1 = "evenrow";
$colour2 = "oddrow";
$faq_list = "";
if ($faqArray) {
foreach ($faqArray as $value) {
$row_colour1 = $row_count1 % 2 ? $colour1 : $colour2;
$short_question = Truncate($value["question"], 200);
$short_answer = stripslashes(htmlspecialchars_decode(TruncByWord($value["answer"], 15)));
$last_revised_line = lastModded("faq", $value[0]);
// Answered FAQs
$faq_list .= "\n <div class=\"striper faq_wrapper {$row_colour1}\">\n <div class=\"faq_tools\">\n <a href=\"faq.php?faq_id={$value['0']}&wintype=pop\" class=\"showmedium-reloader\"><img src=\"{$IconPath}/pencil.png\" alt=\"edit\" width=\"16\" height=\"16\" /></a>\n <a href=\"" . $FAQPath . "?faq_id={$value['0']}\" target=\"_blank\"><img src=\"{$IconPath}/eye.png\" alt=\"edit\" width=\"16\" height=\"16\" /></a>\n </div>\n <div class=\"faq_question\">\n {$short_question} <span class=\"faq-short-question\">({$last_revised_line})</span>\n </div>\n </div>";
$page_title = "Video Admin";
include "../includes/header.php";
try {
} catch (Exception $e) {
echo $e;
}
if (isset($_GET["limit"])) {
if ($_GET["limit"] == "all") {
$limit = "";
} else {
$limit = "LIMIT 0," . scrubData($_GET["limit"], "int");
}
} else {
$limit = "";
}
$querierVid = new Querier();
$qVid = "SELECT video_id, title, description, source, foreign_id, duration, date, display, vtags\n\tFROM video\n\tORDER BY video_id DESC\n\t{$limit}";
$vidArray = $querierVid->query($qVid);
$row_count1 = 0;
$row_count2 = 0;
$colour1 = "evenrow";
$colour2 = "oddrow";
$vid_list = "";
if ($vidArray) {
foreach ($vidArray as $value) {
$row_colour1 = $row_count1 % 2 ? $colour1 : $colour2;
$short_title = Truncate($value["title"], 200);
$short_desc = stripslashes(htmlspecialchars_decode(TruncByWord($value["description"], 15)));
$last_revised_line = lastModded("video", $value[0]);
if ($value[7] != "1") {
$activity = " <span style=\"color: #666;\">* " . _("unpublished") . "</span>";
}
///////////////////
// Browse View
///////////////////
if (isset($_GET["browse"])) {
$q = "SELECT user_type_id, user_type FROM user_type ORDER BY user_type_id";
$querier = new Querier();
$typeArray = $querier->query($q);
print "<div class=\"pure-g\">\n <div class=\"pure-u-2-3\">";
// Loop through user types
foreach ($typeArray as $value) {
$staff_list = "";
$staffArray = "";
$our_title = $value[1];
$q2 = "SELECT staff_id, fname, lname, email, ptags FROM staff WHERE user_type_id = " . $value[0] . " ORDER BY lname, fname";
$querier2 = new Querier();
$staffArray = $querier2->query($q2);
$staff_list .= "";
// if there are no results
if (!$staffArray) {
$staff_list .= "<p>" . _("None registered. Just as well. They're going to rise up against us someday.") . "</p>";
} else {
$staff_list .= "<p>" . _("Click on a name to update details and privileges") . "</p>";
// set up striping
$row_count = 0;
$colour1 = "oddrow";
$colour2 = "evenrow";
foreach ($staffArray as $staff) {
// unpack the ptags
$these_tags = "";
$current_ptags = explode("|", $staff[4]);
* @date Nov, 2011; last mod dec 2014
*/
use SubjectsPlus\Control\Dropdown;
use SubjectsPlus\Control\Record;
use SubjectsPlus\Control\LinkChecker;
use SubjectsPlus\Control\Querier;
$subcat = "records";
$subsubcat = "index.php";
$page_title = "Browse Items";
// init some vars
$atoz = "";
$letter = "";
$ctag = "";
$full_query = "";
include "../includes/header.php";
$db = new Querier();
// Where to start?
// Choose initial letter to display
$alpha_query = "SELECT distinct left(title,1) as 'initial' FROM title, restrictions, location, location_title, source where title.title_id = location_title.title_id and location.location_id = location_title.location_id and restrictions_id = access_restrictions ORDER BY initial";
$alpha_result = $db->query($alpha_query);
$count = 0;
$firstletter = "A";
foreach ($alpha_result as $myletter) {
if ($count == 0) {
$firstletter = $myletter[0][0];
}
$atoz .= "<a href=\"" . "index.php?letter=" . $myletter[0][0] . "\">" . $myletter[0][0] . "</a> ";
$count++;
}
$atoz .= "<a href=\"index.php?letter=all\">[all]</a>";
// end A-Z header for now
// Show feedbck
$feedback = $record->getMessage();
} else {
$feedback = "There is no record by that ID.";
}
}
if (isset($_POST["submit_record"])) {
// 1. Make sure we have minimum non-dupe data
// 1a. Make sure there is a title, location, and subject
if ($_POST["title"] == "" || $_POST["location"][0] == "" || $_POST["subject"][0] == "") {
echo "<div class=\"feedback\">" . _("You must have a title, location, and subject. Please go back and fix these omissions. And turn on JavaScript, for goodness sakes!") . "</div><br /><br />";
exit;
}
// 1b. IF THIS IS AN INSERT make sure the title isn't an exact dupe
if ($_POST["title_id"] == "") {
$querierDupe = new Querier();
$qDupe = "SELECT title_id, title FROM title WHERE title LIKE " . $db->quote($_POST["title"]);
$dupetitleArray = $querierDupe->query($qDupe);
if ($dupetitleArray) {
echo _("There is already a record with this title: ") . "<a href=\"record.php?record_id=" . $dupetitleArray[0] . "\">" . $dupetitleArray[1] . "</a>. " . _("Maybe do a search and make sure it doesn't already exist?");
return FALSE;
}
}
// Submit form
$record = new Record($_POST["title_id"], "post");
//////////////////////////////////
// Is this an Insert or an update?
//////////////////////////////////
if ($_POST["title_id"] == "") {
$record->insertRecord();
$ok_record_id = $record->getRecordId();
public function search()
{
$db = new Querier();
$search_param = $db->quote("%" . $this->param . "%");
$subject_id = $db->quote($this->subject_id);
switch ($this->collection) {
case "home":
$q = "SELECT subject_id AS 'id', subject AS 'matching_text',subject AS 'label', description as 'additional_text', shortform AS 'short_form', 'Subject Guide' as 'content_type', '' as 'additional_id', '' as 'parent' FROM subject\n WHERE description LIKE " . $search_param . "\n OR subject LIKE " . $search_param . "\n OR keywords LIKE " . $search_param . "\n UNION\n SELECT p.pluslet_id, p.title,p.title AS 'label', su.subject_id AS 'parent_id', su.shortform, 'Pluslet' AS 'content_type', t.tab_index as 'additional_id',su.subject as 'parent' FROM pluslet AS p\n INNER JOIN pluslet_section AS ps\n ON ps.pluslet_id = p.pluslet_id\n INNER JOIN section AS s\n ON ps.section_id = s.section_id\n INNER JOIN tab AS t\n ON s.tab_id = t.tab_id\n INNER JOIN subject AS su\n ON su.subject_id = t.subject_id\n WHERE p.body LIKE " . $search_param . "\n OR p.title LIKE " . $search_param . "\n\n UNION\n SELECT faq_id AS 'id', question AS 'matching_text',question AS 'label', answer as 'additional_text','' AS 'short_form','FAQ' as 'content_type', '' as 'additional_id', '' as 'parent' FROM faq\n WHERE question LIKE " . $search_param . "\n OR answer LIKE " . $search_param . "\n OR keywords LIKE " . $search_param . "\n UNION\n SELECT talkback_id AS 'id', question AS 'matching_text' ,question AS 'label', answer as 'additional_text','' AS 'short_form', 'Talkback' as 'content_type', '' as 'additional_id', '' as 'parent' FROM talkback\n WHERE question LIKE " . $search_param . "\n OR answer LIKE " . $search_param . "\n UNION\n SELECT staff_id AS 'id', email AS 'matching_text' ,email AS 'label', fname as 'additional_text','' AS 'short_form', 'Staff' as 'content_type', '' as 'additional_id', '' as 'parent' FROM staff\n WHERE fname LIKE " . $search_param . "\n OR lname LIKE " . $search_param . "\n OR email LIKE " . $search_param . "\n OR tel LIKE " . $search_param . "\n UNION\n SELECT department_id AS 'id', name AS 'matching_text' , name AS 'label', telephone as 'additional_text','' AS 'short_form', 'Department' as 'content_type', '' as 'additional_id','' as 'parent' FROM department\n WHERE name LIKE " . $search_param . "\n OR telephone LIKE " . $search_param . "\n UNION\n SELECT video_id AS 'id', title AS 'matching_text' ,title AS 'label', description as 'additional_text','' AS 'short_form', 'Video' as 'content_type', '' as 'additional_id', '' as 'parent' FROM video\n WHERE title LIKE " . $search_param . "\n OR description LIKE " . $search_param . "\n OR vtags LIKE " . $search_param;
break;
case "guides":
$q = "SELECT subject_id as 'id', subject,'Subject Guide' as 'content_type', subject AS 'label',shortform AS 'short_form' FROM subject WHERE subject LIKE " . $search_param . "OR shortform LIKE " . $search_param . "OR description LIKE " . $search_param . "OR keywords LIKE " . $search_param . "OR type LIKE " . $search_param;
break;
case "guide":
$q = "SELECT p.pluslet_id as 'id',su.shortform as 'short_form','Pluslet' as 'content_type', p.title, p.title AS 'label', ps.section_id, t.tab_index AS 'additional_id', t.subject_id, su.subject FROM pluslet AS p\n INNER JOIN pluslet_section AS ps\n ON ps.pluslet_id = p.pluslet_id\n INNER JOIN section AS s\n ON ps.section_id = s.section_id\n INNER JOIN tab AS t\n ON s.tab_id = t.tab_id\n INNER JOIN subject AS su\n ON su.subject_id = t.subject_id\n WHERE p.body LIKE " . $search_param . " AND t.subject_id = " . $subject_id;
break;
case "records":
$q = "SELECT title_id AS 'id', 'Record' as 'content_type',title AS 'label', title FROM title WHERE title LIKE " . $search_param;
break;
case "faq":
$q = "SELECT faq_id AS 'id',question AS 'label', LEFT(question, 55), 'FAQ' as 'content_type' FROM faq WHERE question LIKE " . $search_param;
break;
case "talkback":
$q = "SELECT talkback_id AS 'id',question AS 'label','Talkback' as content_type, LEFT(question, 55) FROM talkback WHERE question LIKE " . $search_param;
break;
case "admin":
$q = "SELECT staff_id AS 'id',email AS 'label','Staff' as 'content_type', CONCAT(fname, ' ', lname, ' (', email, ')') as fullname FROM staff WHERE (fname LIKE " . $search_param . ") OR (lname LIKE " . $search_param . ")";
break;
}
//print_r ($q);
$result = $db->query($q);
$arr = array();
$i = 0;
// This takes the results and creates an array that will be turned into JSON
foreach ($result as $myrow) {
//add no title label if empty
$myrow['label'] = empty($myrow['label']) ? '[no title]' : $myrow['label'];
$arr[$i]['label'] = $myrow['label'];
if (isset($myrow['content_type'])) {
$arr[$i]['id'] = $myrow['id'];
if (isset($myrow['short_form'])) {
$arr[$i]['shortform'] = $myrow['short_form'];
}
if (isset($myrow['matching_text'])) {
$arr[$i]['value'] = $myrow['matching_text'];
}
if (isset($myrow['content_type'])) {
$arr[$i]['content_type'] = $myrow['content_type'];
}
if (isset($myrow['parent'])) {
$arr[$i]['parent'] = $myrow['parent'];
}
if (isset($myrow['additional_id'])) {
$arr[$i]['parent_id'] = $myrow['additional_id'];
}
switch ($myrow['content_type']) {
case "Record":
$arr[$i]['label'] = $myrow['label'];
if ($this->getSearchPage() == "control") {
$arr[$i]['url'] = 'record.php?record_id=' . $myrow['id'];
} else {
$db = new Querier();
$record_url_sql = "SELECT location, title\n\t\t\t\tFROM location l, title t, location_title lt \n\t\t\t\tWHERE t.title_id = lt.title_id\n\t\t\t\tAND l.location_id = lt.location_id AND t.title_id = " . $db->quote($myrow['id']) . " ";
$record_url_result = $db->query($record_url_sql);
if (isset($record_url_result[0]['location'])) {
$arr[$i]['url'] = $record_url_result[0]['location'];
} else {
$arr[$i]['url'] = '';
}
}
break;
case "Subject Guide":
if ($this->getSearchPage() == "control") {
$arr[$i]['url'] = getControlURL() . 'guides/guide.php?subject_id=' . $myrow['id'];
} else {
$arr[$i]['url'] = 'guide.php?subject=' . $myrow['short_form'];
}
break;
case "FAQ":
$arr[$i]['label'] = $myrow['label'];
$arr[$i]['url'] = 'faq.php?faq_id=' . $myrow['id'];
break;
case "Pluslet":
if ($this->getSearchPage() == "control") {
$arr[$i]['url'] = getControlURL() . 'guides/guide.php?subject_id=' . $myrow['short_form'] . '#box-' . $myrow['additional_id'] . '-' . $myrow['id'];
$arr[$i]['hash'] = '#box-' . $myrow['additional_id'] . '-' . $myrow['id'];
$arr[$i]['label'] = $myrow['label'];
} else {
$arr[$i]['url'] = 'guide.php?subject=' . $myrow['short_form'] . '#box-' . $myrow['additional_id'] . '-' . $myrow['id'];
$arr[$i]['hash'] = '#box-' . $myrow['additional_id'] . '-' . $myrow['id'];
$arr[$i]['tab_index'] = $myrow['additional_id'];
}
break;
case "Talkback":
$arr[$i]['label'] = $myrow['label'];
if ($this->getSearchPage() == "control") {
$arr[$i]['url'] = 'talkback.php?talkback_id=' . $myrow['id'];
} else {
$arr[$i]['url'] = 'talkback.php';
}
break;
case "Staff":
$arr[$i]['label'] = $myrow['fullname'];
if ($this->getSearchPage() == "control") {
$arr[$i]['url'] = 'user.php?staff_id=' . $myrow['id'];
} else {
$name = explode('@', $myrow['label']);
$arr[$i]['url'] = 'staff_details.php?name=' . $name[0];
}
break;
}
} else {
$arr[$i]['value'] = $myrow[0];
}
$i++;
}
$response = json_encode($arr);
return $response;
}
public function search()
{
$db = new Querier();
$connection = $db->getConnection();
$search_param = "%" . $this->param . "%";
$subject_id = $this->subject_id;
switch ($this->collection) {
case "home":
$statement = $connection->prepare("SELECT subject_id AS 'id', subject AS 'matching_text',subject AS 'label', description as 'additional_text', shortform AS 'short_form', 'Subject Guide' as 'content_type', '' as 'additional_id', '' as 'parent' FROM subject\n WHERE description LIKE :search_term\n OR subject LIKE :search_term\n OR keywords LIKE :search_term\n UNION\n SELECT p.pluslet_id, p.title,p.title AS 'label', su.subject_id AS 'parent_id', su.shortform, 'Pluslet' AS 'content_type', t.tab_index as 'additional_id',su.subject as 'parent' FROM pluslet AS p\n INNER JOIN pluslet_section AS ps\n ON ps.pluslet_id = p.pluslet_id\n INNER JOIN section AS s\n ON ps.section_id = s.section_id\n INNER JOIN tab AS t\n ON s.tab_id = t.tab_id\n INNER JOIN subject AS su\n ON su.subject_id = t.subject_id\n WHERE p.body LIKE :search_term\n OR p.title LIKE :search_term\n UNION\n SELECT faq_id AS 'id', question AS 'matching_text',question AS 'label', answer as 'additional_text','' AS 'short_form','FAQ' as 'content_type', '' as 'additional_id', '' as 'parent' FROM faq\n WHERE question LIKE :search_term\n OR answer LIKE :search_term\n OR keywords LIKE :search_term\n UNION\n SELECT talkback_id AS 'id', question AS 'matching_text' ,question AS 'label', answer as 'additional_text','' AS 'short_form', 'Talkback' as 'content_type', '' as 'additional_id', '' as 'parent' FROM talkback\n WHERE question LIKE :search_term\n OR answer LIKE :search_term\n UNION\n SELECT staff_id AS 'id', email AS 'matching_text' ,email AS 'label', fname as 'additional_text','' AS 'short_form', 'Staff' as 'content_type', '' as 'additional_id', '' as 'parent' FROM staff\n WHERE fname LIKE :search_term\n OR lname LIKE :search_term\n OR email LIKE :search_term\n OR tel LIKE :search_term\n UNION\n SELECT department_id AS 'id', name AS 'matching_text' , name AS 'label', telephone as 'additional_text','' AS 'short_form', 'Department' as 'content_type', '' as 'additional_id','' as 'parent' FROM department\n WHERE name LIKE :search_term\n OR telephone LIKE :search_term\n UNION\n SELECT video_id AS 'id', title AS 'matching_text' ,title AS 'label', description as 'additional_text','' AS 'short_form', 'Video' as 'content_type', '' as 'additional_id', '' as 'parent' FROM video\n WHERE title LIKE :search_term\n OR description LIKE :search_term\n OR vtags LIKE :search_term");
break;
case "guides":
$statement = $connection->prepare("SELECT subject_id as 'id', subject,'Subject Guide' as 'content_type', subject AS 'label',shortform AS 'short_form' \n FROM subject \n WHERE active = '1'\n AND (subject LIKE :search_term\n OR shortform LIKE :search_term\n OR description LIKE :search_term\n OR keywords LIKE :search_term\n OR type LIKE :search_term)\n ");
break;
case "all_guides":
$statement = $connection->prepare("SELECT subject_id as 'id', subject,'Subject Guide' as 'content_type', subject AS 'label',shortform AS 'short_form'\n FROM subject\n WHERE (subject LIKE :search_term\n OR shortform LIKE :search_term\n OR description LIKE :search_term\n OR keywords LIKE :search_term\n OR type LIKE :search_term)\n ORDER BY subject\n ");
break;
case "guide":
$statement = $connection->prepare("SELECT p.pluslet_id as 'id',su.shortform as 'short_form','Pluslet' as 'content_type',p.type as 'type', p.title, p.title AS 'label', ps.section_id, t.tab_index AS 'additional_id', t.subject_id, su.subject FROM pluslet AS p\n INNER JOIN pluslet_section AS ps\n ON ps.pluslet_id = p.pluslet_id\n INNER JOIN section AS s\n ON ps.section_id = s.section_id\n INNER JOIN tab AS t\n ON s.tab_id = t.tab_id\n INNER JOIN subject AS su\n ON su.subject_id = t.subject_id\n WHERE p.body LIKE :search_term\n \t\t\t AND t.subject_id = :subject_id");
$statement->bindParam(":subject_id", $subject_id);
break;
case "current_guide":
$statement = $connection->prepare("SELECT p.pluslet_id as 'id',su.shortform as 'short_form','Pluslet' as 'content_type',p.type as 'type', p.title, p.title AS 'label', ps.section_id, t.tab_index AS 'additional_id', t.subject_id, su.subject FROM pluslet AS p\n INNER JOIN pluslet_section AS ps\n ON ps.pluslet_id = p.pluslet_id\n INNER JOIN section AS s\n ON ps.section_id = s.section_id\n INNER JOIN tab AS t\n ON s.tab_id = t.tab_id\n INNER JOIN subject AS su\n ON su.subject_id = t.subject_id\n WHERE p.title LIKE :search_term\n \t\t\t AND t.subject_id = :subject_id");
$statement->bindParam(":subject_id", $subject_id);
break;
case "records":
$statement = $connection->prepare("SELECT DISTINCT title.title_id as 'id','Record' as 'content_type', title.title as 'label', location.location as 'location_url'\nFROM title\nINNER JOIN location_title\nON title.title_id = location_title.title_id\nINNER JOIN location\nON location.location_id = location_title.location_id\nAND title.title LIKE :search_term");
break;
case "azrecords":
$statement = $connection->prepare("SELECT DISTINCT title.title_id as 'id','Record' as 'content_type', title.title as 'label', location.location as 'location_url'\nFROM title\nINNER JOIN location_title \nON title.title_id = location_title.title_id\nINNER JOIN location\nON location.location_id = location_title.location_id\nAND eres_display = 'Y'\nAND title.title LIKE :search_term");
break;
case "faq":
$statement = $connection->prepare("SELECT faq_id AS 'id',question AS 'label', LEFT(question, 55), \n \t\t'FAQ' as 'content_type' FROM faq WHERE question LIKE :search_term");
break;
case "talkback":
$statement = $connection->prepare("SELECT talkback_id AS 'id',question AS 'label','Talkback' \n \t\tas content_type, LEFT(question, 55) FROM talkback WHERE question LIKE :search_term");
break;
case "admin":
$statement = $connection->prepare("SELECT staff_id AS 'id',email AS 'label','Staff' \n \t\tas 'content_type', CONCAT(fname, ' ', lname, ' (', email, ')') as fullname \n \t\tFROM staff WHERE (fname LIKE :search_term) OR (lname LIKE :search_term)");
break;
case "pluslet":
$statement = $connection->prepare("SELECT p.pluslet_id AS 'pluslet_id', p.title,p.title AS 'label',p.type as 'type', p.pluslet_id AS 'id', su.shortform as 'short_form', 'Pluslet' AS 'content_type', t.tab_index as 'additional_id',su.subject as 'parent' FROM pluslet AS p\n INNER JOIN pluslet_section AS ps\n ON ps.pluslet_id = p.pluslet_id\n INNER JOIN section AS s\n ON ps.section_id = s.section_id\n INNER JOIN tab AS t\n ON s.tab_id = t.tab_id\n INNER JOIN subject AS su\n ON su.subject_id = t.subject_id\n WHERE p.title LIKE :search_term\n \t\t\t\n \t\t\t\t");
break;
case "my_pluslets":
$statement = $connection->prepare("SELECT p.pluslet_id AS 'pluslet_id', p.title,p.title AS 'label',p.type as 'type', p.pluslet_id AS 'id', su.shortform as 'short_form', 'Pluslet' AS 'content_type', t.tab_index as 'additional_id',su.subject as 'parent' FROM pluslet AS p\n INNER JOIN pluslet_section AS ps\n ON ps.pluslet_id = p.pluslet_id\n INNER JOIN section AS s\n ON ps.section_id = s.section_id\n INNER JOIN tab AS t\n ON s.tab_id = t.tab_id\n INNER JOIN subject AS su\n ON su.subject_id = t.subject_id\n INNER JOIN staff_subject AS st_sub\n ON st_sub.subject_id = su.subject_id\n WHERE p.title LIKE :search_term\n AND st_sub.staff_id = :staff_id\n \t\t\t\n \t\t\t\t");
$statement->bindParam(":staff_id", $this->staff_id);
break;
}
$search_param = '%' . $search_param . '%';
$statement->bindParam(":search_term", $search_param);
$statement->execute();
$result = $statement->fetchAll();
$arr = array();
$i = 0;
// This takes the results and creates an array that will be turned into JSON
foreach ($result as $myrow) {
//add no title label if empty
$myrow['label'] = empty($myrow['label']) ? '[no title]' : $myrow['label'];
$arr[$i]['label'] = html_entity_decode($myrow['label']);
if (isset($myrow['content_type'])) {
if (isset($myrow['id'])) {
$arr[$i]['id'] = $myrow['id'];
}
$arr[$i]['content_type'] = $myrow['content_type'];
if (isset($myrow['location_url'])) {
$arr[$i]['location_url'] = $myrow['location_url'];
}
if (isset($myrow['short_form'])) {
$arr[$i]['shortform'] = $myrow['short_form'];
}
if (isset($myrow['matching_text'])) {
$arr[$i]['value'] = $myrow['matching_text'];
}
if (isset($myrow['parent'])) {
$arr[$i]['parent'] = $myrow['parent'];
}
if (isset($myrow['additional_id'])) {
$arr[$i]['parent_id'] = $myrow['additional_id'];
}
switch ($myrow['content_type']) {
case "Record":
$arr[$i]['label'] = html_entity_decode($myrow['label']);
if ($this->getSearchPage() == "control") {
$arr[$i]['url'] = 'record.php?record_id=' . $myrow['id'];
} else {
$db = new Querier();
$record_url_sql = "SELECT location, title\n FROM location l, title t, location_title lt \n WHERE t.title_id = lt.title_id\n AND l.location_id = lt.location_id AND t.title_id = " . $db->quote($myrow['id']) . " ";
$record_url_result = $db->query($record_url_sql);
if (isset($record_url_result[0]['location'])) {
$arr[$i]['url'] = $record_url_result[0]['location'];
} else {
$arr[$i]['url'] = '';
}
}
break;
case "Subject Guide":
if ($this->getSearchPage() == "control") {
$arr[$i]['url'] = getControlURL() . 'guides/guide.php?subject_id=' . $myrow['id'];
} else {
$arr[$i]['url'] = 'guide.php?subject=' . $myrow['short_form'];
}
break;
case "FAQ":
$arr[$i]['label'] = html_entity_decode($myrow['label']);
$arr[$i]['url'] = 'faq.php?faq_id=' . $myrow['id'];
break;
case "Pluslet":
if ($this->getSearchPage() == "control") {
$arr[$i]['url'] = getControlURL() . 'guides/guide.php?subject_id=' . $myrow['short_form'] . '#box-' . $myrow['additional_id'] . '-' . $myrow['id'];
$arr[$i]['hash'] = '#box-' . $myrow['additional_id'] . '-' . $myrow['id'];
$arr[$i]['label'] = html_entity_decode($myrow['label']);
if (isset($myrow['type'])) {
$arr[$i]['type'] = $myrow['type'];
}
if (isset($arr[$i]['pluslet_id'])) {
$arr[$i]['pluslet_id'] = $myrow['id'];
}
} else {
$arr[$i]['url'] = 'guide.php?subject=' . $myrow['short_form'] . '#box-' . $myrow['additional_id'] . '-' . $myrow['id'];
$arr[$i]['hash'] = '#box-' . $myrow['additional_id'] . '-' . $myrow['id'];
$arr[$i]['tab_index'] = $myrow['additional_id'];
$arr[$i]['pluslet_id'] = $myrow['id'];
}
break;
case "Talkback":
$arr[$i]['label'] = html_entity_decode($myrow['label']);
if ($this->getSearchPage() == "control") {
$arr[$i]['url'] = 'talkback.php?talkback_id=' . $myrow['id'];
} else {
$arr[$i]['url'] = 'talkback.php';
}
break;
case "Staff":
if ($myrow['fullname'] != null) {
$arr[$i]['label'] = $myrow['fullname'];
} else {
$arr[$i]['label'] = "";
}
if ($this->getSearchPage() == "control") {
$arr[$i]['url'] = 'user.php?staff_id=' . $myrow['id'];
} else {
$name = explode('@', $myrow['label']);
$arr[$i]['url'] = 'staff_details.php?name=' . $name[0];
}
break;
}
} else {
$arr[$i]['value'] = $myrow[0];
}
$i++;
}
$response = json_encode($arr);
return $response;
}
public function save()
{
$db = new Querier();
$lobjTabs = json_decode($this->_input['tabs'], true);
// Remove all existing entries for that guide from intervening table
$subject_id = $this->_input["this_subject_id"];
$qs = "SELECT tab_id FROM tab WHERE subject_id = '{$subject_id}'";
$drs = $db->query($qs);
// list all pluslets associated with guide before save that aren't special
$qp = "SELECT p.pluslet_id\nFROM pluslet p\nINNER JOIN pluslet_section ps\nON p.pluslet_id = ps.pluslet_id\nINNER JOIN section sec\nON ps.section_id = sec.section_id\nINNER JOIN tab t\nON sec.tab_id = t.tab_id\nINNER JOIN subject s\nON t.subject_id = s.subject_id\nWHERE s.subject_id = {$subject_id}\nAND p.type != 'Special'";
$lobjBeforePluslets = $db->query($qp);
$lobjAfterPluslets = array();
// initiate list currently saving pluslets
foreach ($drs as $row) {
$qd = "DELETE ps, sec FROM pluslet_section ps\n\tINNER JOIN section sec\n\tON ps.section_id = sec.section_id\n\tWHERE sec.tab_id = '{$row[0]}'";
$db->exec($qd);
$qd = "DELETE FROM tab WHERE tab_id = '{$row[0]}'";
$db->exec($qd);
}
$lintTabIndex = 0;
foreach ($lobjTabs as $lobjTab) {
if (isset($lobjTab['external'])) {
} else {
$lobjTab['external'] = NULL;
}
$qi = "INSERT INTO tab (subject_id, label, tab_index, external_url, visibility) VALUES ('{$subject_id}', '{$lobjTab['name']}', {$lintTabIndex}, '{$lobjTab['external']}', {$lobjTab['visibility']})";
// print $qi . "<br />";
$db->exec($qi);
$lintTabId = $db->last_id();
$lintSectionIndex = 0;
// insert sections
foreach ($lobjTab['sections'] as $lobjSection) {
// insert section, as of now only one per tab
$qi = "INSERT INTO section (section_index, layout, tab_id) VALUES ('{$lintSectionIndex}', '{$lobjSection['layout']}', '{$lintTabId}')";
// print $qi . "<br />";
$db->exec($qi);
$lintSecId = $db->last_id();
$left_col = $lobjSection["left_data"];
$center_col = $lobjSection["center_data"];
$sidebar = $lobjSection["sidebar_data"];
// added by dgonzalez in order to separate by '&pluslet[]=' even if dropspot-left doesn't exist
$left_col = "&" . $left_col;
$center_col = "&" . $center_col;
$sidebar = "&" . $sidebar;
// remove the "drop here" non-content & get all our "real" contents into array
$left_col = str_replace("dropspot-left[]=1", "", $left_col);
$leftconts = explode("&pluslet[]=", $left_col);
$center_col = str_replace("dropspot-center[]=1", "", $center_col);
$centerconts = explode("&pluslet[]=", $center_col);
$sidebar = str_replace("dropspot-sidebar[]=1", "", $sidebar);
$sidebarconts = explode("&pluslet[]=", $sidebar);
// CHECK IF THERE IS CONTENT
// Now insert the appropriate entries
foreach ($leftconts as $key => $value) {
if ($key != 0) {
$qi = "INSERT INTO pluslet_section (pluslet_id, section_id, pcolumn, prow) VALUES ('{$value}', '{$lintSecId}', 0, '{$key}')";
// print $qi . "<br />";
$db->exec($qi);
array_push($lobjAfterPluslets, $value);
}
}
foreach ($centerconts as $key => $value) {
if ($key != 0) {
$qi = "INSERT INTO pluslet_section (pluslet_id, section_id, pcolumn, prow) VALUES ('{$value}', '{$lintSecId}', 1, '{$key}')";
// print $qi . "<br />";
$db->exec($qi);
array_push($lobjAfterPluslets, $value);
}
}
foreach ($sidebarconts as $key => $value) {
if ($key != 0) {
$qi = "INSERT INTO pluslet_section (pluslet_id, section_id, pcolumn, prow) VALUES ('{$value}', '{$lintSecId}', 2, '{$key}')";
// print $qi . "<br />";
$db->exec($qi);
array_push($lobjAfterPluslets, $value);
}
}
$lintSectionIndex++;
}
$lintTabIndex++;
}
// delete all pluslets that are not being used anymore to avoid orphans
foreach ($lobjBeforePluslets as $lobjPluslet) {
if (!in_array($lobjPluslet['pluslet_id'], $lobjAfterPluslets)) {
$q = "DELETE FROM pluslet WHERE pluslet_id = {$lobjPluslet['pluslet_id']}";
if ($db->exec($q) === FALSE) {
print "Error could not remove pluslet orphans!";
exit;
}
}
}
// ///////////////////
// Alter chchchanges table
// table, flag, item_id, title, staff_id
// //////////////////
// $updateChangeTable = changeMe("guide", "update", $_COOKIE["our_guide_id"], $_COOKIE["our_guide"], $_SESSION['staff_id']);
print _("Thy Will Be Done: Guide Updated.");
}
use SubjectsPlus\Control\Querier;
include "../control/includes/config.php";
include "../control/includes/functions.php";
include "../control/includes/autoloader.php";
//include("libraryHeader.php");
// If you have a theme set, but DON'T want to use it for this page, comment out the next line
if (isset($subjects_theme) && $subjects_theme != "") {
include "themes/{$subjects_theme}/index.php";
exit;
}
$use_jquery = array("ui");
$page_title = $resource_name;
$description = "The best stuff for your research. No kidding.";
$keywords = "research, databases, subjects, search, find";
$noheadersearch = TRUE;
$db = new Querier();
// let's use our Pretty URLs if mod_rewrite = TRUE or 1
if ($mod_rewrite == 1) {
$guide_path = "";
} else {
$guide_path = "guide.php?subject=";
}
if (isset($_GET['type']) && in_array($_GET['type'], $guide_types)) {
// use the submitted value
$view_type = scrubData($_GET['type']);
} else {
$view_type = "all";
}
///////////////////////
// Have they done a search?
$search = "";
$a = $_POST["discipline_id"];
$b = $_POST["discipline"];
$result = array_combine($a, $b);
// Loop through array, update departments table
$row_count = 1;
foreach ($result as $key => $value) {
$qUpDept = "UPDATE discipline SET\n\t\tdiscipline = " . $db->quote(scrubData($value)) . ", \n\t\tsort = " . $row_count . " \n\t\tWHERE discipline_id = " . scrubData($key, "integer");
$rUpDept = $db->exec($qUpDept);
$row_count++;
}
$feedback = _("Thy Will Be Done. discipline list updated.");
}
///////////////
// disciplines
///////////////
$querierDept = new Querier();
$qdiscipline = "select discipline_id, discipline, sort from discipline order by sort, discipline";
$disciplineArray = $querierDept->query($qdiscipline);
foreach ($disciplineArray as $value) {
$ourlist .= "<li id=\"item-{$value['0']}\" class=\"sortable_item disc-sortable\"><a id=\"delete-{$value['0']}\"><img src=\"{$IconPath}/delete.png\" class=\"pointer\" /></a> <input type=\"text\" size=\"40\" name=\"discipline[]\" value=\"{$value['1']}\" /> <input type=\"hidden\" name=\"discipline_id[]\" value=\"{$value['0']}\" /></li>";
}
$discipline_box = "\n<form id=\"disciplines\" action=\"\" method=\"post\">\n<button class=\"button\" id=\"save_guide\" class=\"button pure-button pure-button-primary\" style=\"display: block;\" name=\"update_disciplines\" >" . _("SAVE CHANGES") . "</button>\n\n<p>" . _("NOTE: Disciplines were added to facilitate Serials Solution ingest of data. This original set was provided by SerSol in Nov 2012. \n If you are a SerSol customer, you might not want to change these. Sort may or may not be implemented in your version of SP.") . "</p>\n<p>" . _("Enter discipline type label.") . "</p>\n<br />\n\n<ul id=\"sortable-\" class=\"sortable_list\">\n{$ourlist}\n</ul>\n</form>\n";
$add_discipline_box = "\n<form id=\"new_discipline\" action=\"\" method=\"post\">\n<span class=\"record_label\">" . _("Source Name") . "</span><br />\n<input type=\"text\" name=\"source\" id=\"\" size=\"40\" class=\"\" value=\"\">\n<br /><br />\n<button class=\"button\" id=\"add_discipline\" name=\"add_discipline\">" . _("Add New Discipline") . "</button>\n</form>";
print feedBack($feedback);
print "\n\n<form id=\"disciplines\" action=\"\" method=\"post\">\n\n<div class=\"pure-g\">\n <div class=\"pure-u-2-3\">\n";
makePluslet(_("Disciplines"), $discipline_box, "no_overflow");
print "</div>\n<div class=\"pure-u-1-3\">";
makePluslet(_("Add Discipline"), $add_discipline_box, "no_overflow");
print "</div>";
// close pure-u-
print "</div>";
//print $address;
$output = json_decode($address);
//print $output->results[0]->geometry->location->lat;
$lat = $output->results[0]->geometry->location->lat;
$long = $output->results[0]->geometry->location->lng;
$coords = $lat . "," . $long;
print $coords;
//print $address;
return;
// return early so we don't show the stuff that follows
break;
}
// End Action loop
// Now generate results, $extra_q set in action loop above
$q = "SELECT s.subject_id, subject, fname, lname, st.staff_id, type, shortform, s.active\nFROM subject s\nLEFT JOIN staff_subject ss ON s.subject_id = ss.subject_id\nLEFT JOIN staff st ON ss.staff_id = st.staff_id\n{$extra_q}\nORDER BY subject";
$querier = new Querier();
$subsArray = $querier->query($q);
if (!empty($subsArray)) {
// set up striping
$row_count = 0;
$colour1 = "oddrow";
$colour2 = "evenrow";
$staff_list = "";
foreach ($subsArray as $value) {
if ($value[7] != "1") {
$active = " <span style=\"font-size:smaller; color: #666;\">" . _("inactive") . "</span>";
} else {
$active = "";
}
$row_colour = $row_count % 2 ? $colour1 : $colour2;
$staff_list .= "<div class=\"{$row_colour} striper\" style=\"clear: both; float: left; min-width: 500px;\"><input type=\"checkbox\" name=\"guide-{$value['0']}\" value=\"{$value['0']}\"><a class=\"showmedium-reloader\" href=\"../guides/metadata.php?subject_id={$value['0']}&wintype=pop\"><img src=\"{$IconPath}/emblem-system.png\" alt=\"" . _("delete") . "\" border=\"0\"></a> \n <a target=\"_blank\" href=\"../../subjects/guide.php?subject={$value['0']}\"><img src=\"{$IconPath}/eye.png\" alt=\"" . _("see live") . "\" border=\"0\"></a> \n <a href=\"../guides/guide.php?subject_id={$value['0']}\">{$value['1']}</a> {$active}</div> <div class=\"{$row_colour} striper\" style=\"float: left; min-width: 100px; font-size: smaller;\">{$value['2']} {$value['3']}</div> <div class=\"{$row_colour} striper\" style=\"float: left; min-width: 75px;font-size: smaller;\">{$value['5']}</div>";
//depending on step, display content
switch ($lintStep) {
case 0:
//first setup config with site configurations
$lobjConfig->displaySetupSiteConfigForm();
break;
case 1:
//on POST and second step, write configuration and install
if (isset($_POST['submit_setup_site_config'])) {
$lobjConfig->setNewConfigValues();
if (!$lobjConfig->writeConfigFile()) {
//error message
$lobjConfig->displayMessage(_("Something went wrong and could not save configurations."));
} else {
//include again if config variables have changed
include_once 'includes/config.php';
//new installer instance and install and on success show complete page
$lobjInstaller = new Installer();
if ($lobjInstaller->install()) {
$administrator_email = $_POST['administrator_email'];
$db = new Querier();
$db->exec("UPDATE staff SET staff.email=" . $db->quote($administrator_email) . " WHERE staff.staff_id = 1");
$lobjInstaller->displayInstallationCompletePage();
$_SESSION['firstInstall'] = 1;
}
}
}
break;
}
}
include_once "includes/footer.php";
// Show feedbck
$feedback = $record->getMessage();
} else {
$feedback = "There is no record by that ID.";
}
}
if (isset($_POST["submit_record"])) {
// 1. Make sure we have minimum non-dupe data
// 1a. Make sure there is a title, location, and subject
if ($_POST["title"] == "" || $_POST["location"][0] == "" || $_POST["subject"][0] == "") {
echo "<div class=\"feedback\">" . _("You must have a title, location, and subject. Please go back and fix these omissions. And turn on JavaScript, for goodness sakes!") . "</div><br /><br />";
exit;
}
// 1b. IF THIS IS AN INSERT make sure the title isn't an exact dupe
if ($_POST["title_id"] == "") {
$db = new Querier();
$qDupe = "SELECT title_id, title FROM title WHERE title LIKE " . $db->quote($_POST["title"]);
$dupetitleArray = $db->query($qDupe);
if ($dupetitleArray) {
echo _("There is already a record with this title: ") . "<a href=\"record.php?record_id=" . $dupetitleArray[0] . "\">" . $dupetitleArray[1] . "</a>. " . _("Maybe do a search and make sure it doesn't already exist?");
return FALSE;
}
}
// Submit form
$record = new Record($_POST["title_id"], "post");
//////////////////////////////////
// Is this an Insert or an update?
//////////////////////////////////
if ($_POST["title_id"] == "") {
$record->insertRecord();
$ok_record_id = $record->getRecordId();
include "../includes/header.php";
// Connect to database
//print_r($_POST);
switch ($_POST["type"]) {
case "location":
$record = new Record();
$record->buildLocation();
break;
case "add_subject":
$subject_name = Truncate($_POST["our_sub_text"], 25, '');
$source_name = Truncate($_POST["our_source_text"], 15, '');
echo "<div class=\"selected_item_wrapper\"><div class=\"selected_item\" id=\"root-" . $_POST["our_source_id"] . "\"><input type=\"hidden\" name=\"rank[]\" value=\"0\" /><input type=\"hidden\" name=\"subject[]\" value=\"" . $_POST["our_sub_id"] . "\" /><input type=\"hidden\" id=\"hidden_source-" . $_POST["our_sub_id"] . "-" . $_POST["our_source_id"] . "\" name=\"source[]\" value=\"" . $_POST["our_source_id"] . "\" />" . $subject_name . "<span class=\"small_extra\"> " . $source_name . " </span><br />\n <textarea class=\"desc_override desc-area\" name=\"description_override[]\" rows=\"4\" cols=\"35\"></textarea></div>\n <div class=\"selected_item_options\"><i class=\"fa fa-lg fa-trash delete_sub clickable\" alt=\"" . _("remove subject") . "\" title=\"" . _("remove subject") . "\"></i>\n <i class=\"fa fa-book fa-lg\"></i>\n <i class=\"fa fa-lg fa-file-text-o source_override clickable\" id=\"source_override-" . $_POST["our_sub_id"] . "-" . $_POST["our_source_id"] . "\"></i> </div></div>";
break;
case "source_override":
// load list of sources
$querierSource = new Querier();
$qSource = "select source_id, source from source order by source";
$defsourceArray = $querierSource->query($qSource);
$sourceMe = new Dropdown("source_override[]", $defsourceArray, $_POST["our_source_id"]);
$source_string = $sourceMe->display();
echo "<span class=\"record-source-override\">" . _("Source Override") . "<br />{$source_string} <img src=\"{$IconPath}/list-add.png\" class=\"add_source\" id=\"add_source_id-" . $_POST["our_subject_id"] . "-" . $_POST["our_source_id"] . "\" alt=\"" . _("add source override") . "\" title=\"" . _("add source override") . "\" border=\"0\">\n <i class=\"fa fa-times clickable cancel_add_source\" id=\"cancel_add_source_id-" . $_POST["our_subject_id"] . "-" . $_POST["our_source_id"] . "\" alt=\"" . _("never mind") . "\" title=\"" . _("never mind") . "\" border=\"0\"></i></span>";
break;
case "new_record_label":
switch ($_POST["format_type_id"]) {
case 1:
$label_text = _("Location (Enter URL)");
break;
case 2:
$label_text = _("Location (Enter Call Number)");
break;
case 3:
echo "<br /><br /><p class=\"box\">" . _("You are not authorized to view this.") . "</p>";
include "../includes/footer.php";
exit;
}
$querier = new Querier();
$q1 = 'SELECT staff_id, CONCAT( fname, " ", lname ) AS fullname, email, CONCAT( emergency_contact_name, " (", emergency_contact_relation, ")", ": ", emergency_contact_phone ) AS contact, CONCAT( street_address, "<br />", city, " ", state, " ", zip ) AS full_address, home_phone, cell_phone, lat_long
FROM staff
WHERE lat_long != ""
AND active = 1';
if (isset($_GET["fac_only"]) && $_GET["fac_only"] == 1) {
$q1 = 'SELECT staff_id, CONCAT( fname, " ", lname ) AS fullname, email, CONCAT( emergency_contact_name, " (", emergency_contact_relation, ")", ": ", emergency_contact_phone ) AS contact, CONCAT( street_address, "<br />", city, " ", state, " ", zip ) AS full_address, home_phone, cell_phone, lat_long
FROM staff
WHERE lat_long != ""
AND ptags LIKE "%librarian%"';
}
$db = new Querier();
$staffArray = $db->query($q1);
?>
<div id="map" style="width: 100%; height: 800px; border: 1px solid #333;"></div>
<?php
include "../includes/footer.php";
?>
<script type="text/javascript" src="https://maps.google.com/maps/api/js?sensor=false"></script>
<script type="text/javascript">
google.maps.event.addDomListener(window, 'load', function() {
var requested = "";
/////////////////////
function getAssocSubjects($staff_id, $ptags)
{
global $mod_rewrite;
$assoc_subjects = "";
// See if they're a librarian, and then check for subjects
$islib = preg_match('/librarian/', $ptags);
if ($islib == 1) {
// UM hack in query
$q2 = "SELECT subject, shortform \n FROM subject, staff_subject \n WHERE subject.subject_id = staff_subject.subject_id\n AND staff_subject.staff_id = {$staff_id}\n AND subject.active = 1\n AND shortform != 'NewDatabases'\n ORDER BY subject";
//print $q2;
$db = new Querier();
$r2 = $db->query($q2);
foreach ($r2 as $myrow2) {
if ($mod_rewrite == 1) {
$link_to_guide = $myrow2[1];
} else {
$link_to_guide = "guide.php?subject=" . $myrow2[1];
}
$assoc_subjects .= "<a href=\"{$link_to_guide}\">{$myrow2['0']}</a>, ";
}
}
if ($assoc_subjects != "") {
$assoc_subjects = rtrim($assoc_subjects, ", ");
$assoc_subjects = "<br /><span class=\"smaller\">{$assoc_subjects}</span>";
} else {
$assoc_subjects = "";
}
return $assoc_subjects;
}
function checkReports($staff_id, $super_chain = "", $recursion = 0)
{
global $all_supers;
$indent = "";
$data = "";
$q = "SELECT staff_id, CONCAT( fname, ' ', lname ) AS fullname, email, CONCAT( street_address, ' ', city, ' ', state, ' ', zip) as full_address\n , home_phone, cell_phone,\n emergency_contact_name, emergency_contact_relation,emergency_contact_phone, supervisor_id, lname, fname\n FROM staff\n WHERE supervisor_id = '" . $staff_id . "'\n AND active = 1\n ORDER BY lname, fname";
//print $q . "<br /><br />";
$db = new Querier();
$r = $db->query($q);
if (!$r) {
return $data;
}
$row_count = count($r);
foreach ($r as $myrow) {
if ($recursion == 1) {
$q2 = "select lname, staff_id from staff where staff_id = " . $myrow[9] . " ORDER BY lname, fname";
$supername = $db->query($q2);
$superbits = explode("-", $super_chain);
if (!in_array($supername[1], $superbits)) {
$super_chain = $super_chain . "-" . $supername[1];
array_push($all_supers, $supername[1]);
}
$superbits = explode("-", $super_chain);
// need to reset this after the alteration
$num_supervisors = count($superbits);
//$row_colour = ($row_count % 2) ? $colour1 : $colour2;
if ($num_supervisors > 2) {
$indent = "margin-left:" . 1 * ($num_supervisors * 1) . "em";
} else {
$indent = "font-weight: bold;";
}
}
//$data .= makeExcelData($myrow);
//$data = str_replace( "\r" , "" , $data );
$data .= makeTR($myrow, $indent);
if ($recursion == 1) {
$data .= checkReports($myrow[0], $super_chain, 1);
}
}
//print "<pre>";
// print_r($typeArray);
//return $typeArray;
return $data;
}
<?php
//include subjectsplus config and functions files
include_once '../../../../control/includes/config.php';
include_once '../../../../control/includes/functions.php';
include_once '../../../../control/includes/autoloader.php';
use SubjectsPlus\Control\Querier;
//only do something if the search_terms is activated
if (isset($_POST["search_terms"])) {
//initiate Querier
$db = new Querier();
$content = '<strong>Results</strong><br />';
if (get_magic_quotes_gpc()) {
$searcher = $_POST["search_terms"];
} else {
$searcher = addslashes($_POST["search_terms"]);
}
// Connect to database
try {
} catch (Exception $e) {
echo $e;
}
//create query to search terms
$q = "SELECT title_id, title FROM title WHERE title LIKE '%" . $searcher . "%' ORDER BY title";
//query results
$r = $db->query($q);
//total returned rows
$total_items = count($r);
//return message if no results
if ($total_items == 0) {
$content .= "<br /><div valign=\"top\" style=\"float: left; min-width: 230px;\"><p>" . _("There were no results matching your query.") . "</p></div>";
break;
default:
//depending on permissions user has, set credential as true or false
$check_credentials = isset($_SESSION["view_map"]) && $_SESSION["view_map"] == 1 ? TRUE : FALSE;
$and = "AND user_type_id = '1' ";
}
// Boot them out if they shouldn't be viewing this file
if ($check_credentials == FALSE) {
echo "<p style=\"background-color: red; color: white;\">You probably should not be here. Please use the back button. If you think you should be able to access this part of the site, please contact an administrator";
include "../includes/footer.php";
exit;
}
$header = "";
$data = "";
$select = "SELECT lname AS 'Last Name', fname AS 'First Name', tel AS 'Work Phone #', cell_phone AS 'Cell Phone #', home_phone as 'Home Phone', staff.email AS 'Email',\nemergency_contact_name AS 'Contact Name', emergency_contact_phone AS 'Contact Phone #', emergency_contact_relation AS 'Relationship', name AS 'Department',\n street_address AS 'Street Address', city as 'City', state AS 'State', zip as 'Zip Code', supervisor_id AS Super_ID, (SELECT lname from staff where staff.staff_id = Super_ID) AS 'Supervisor LName', (SELECT \n fname from staff where staff.staff_id = Super_ID) AS 'Supervisor FName'\n FROM staff, department\n WHERE active = '1'\n AND staff.department_id = department.department_id\n {$and}\n ORDER BY lname";
$db = new Querier();
$export = $db->query($select);
$fields = count($export);
// yes, i cheated. couldn't figure out how to get this with pdo from $select query
$header_fields = array("Last Name", "First Name", "Work Phone #", "Cell Phone #", "Home Phone", "Contact Name", "Contact Phone #", "Relationship", "Department", "Street Address", "City", "State", "Zip", "Super_ID", "Supervisor Lname", "Supervisor Fname");
foreach ($header_fields as $key => $value) {
$header .= $value . "\t";
}
foreach ($export as $row) {
$line = '';
foreach ($row as $value) {
if (!isset($value) || $value == "") {
$value = "\t";
} else {
$value = str_replace('"', '""', $value);
$value = '"' . $value . '"' . "\t";
/**
* @file index.php
* @brief Display the subject guides by collection splash page
*
* @author adarby
* @date sept 2015
*/
use SubjectsPlus\Control\CompleteMe;
use SubjectsPlus\Control\Querier;
$use_jquery = array("ui");
$page_title = _("Research Guide Collections");
$description = _("The best stuff for your research. No kidding.");
$keywords = _("research, databases, subjects, search, find");
$noheadersearch = TRUE;
$db = new Querier();
$connection = $db->getConnection();
// let's use our Pretty URLs if mod_rewrite = TRUE or 1
if ($mod_rewrite == 1) {
$guide_path = "";
} else {
$guide_path = "guide.php?subject=";
}
///////////////////////
// Have they done a search?
$search = "";
if (isset($_POST["search"])) {
$search = scrubData($_POST["search"]);
}
// Get the subjects for jquery autocomplete
$suggestibles = "";
s.subject_id = ps.subject_id AND
p.body LIKE '%" . $location_hint . "/" . $shortName . "%'";
//print $findGuidesQuery;
$findGuidesResult = $querier->query($findGuidesQuery);
$guides = array(); // for the list of guides in which the file appears
if ($findGuidesResult) {
foreach ($findGuidesResult as $row) {
$guideName = $row['subject'];
$guideId = $row['subject_id'];
$guides["$guideId"] = $guideName;
}
}
*/
$db = new Querier();
$findGuidesQuery = "\n\t\t\t\tSELECT st.fname, st.lname, s.subject, s.subject_id\n\t\t\t\tFROM pluslet p INNER JOIN pluslet_section ps\n\t\t\t\tON p.pluslet_id = ps.pluslet_id\n\t\t\t\tINNER JOIN section sec\n\t\t\t\tON ps.section_id = sec.section_id\n\t\t\t\tINNER JOIN tab t\n\t\t\t\tON sec.tab_id = t.tab_id\n\t\t\t\tINNER JOIN subject s\n\t\t\t\tON t.subject_id = s.subject_id\n\t\t\t\tINNER JOIN staff_subject ss\n\t\t\t\tON s.subject_id = ss.subject_id\n\t\t\t\tINNER JOIN staff st\n\t\t\t\tON ss.staff_id = st.staff_id\n\t\t\t\tWHERE p.body LIKE " . $db->quote('%' . $location_hint . "/" . $shortName . '%') . "\n OR p.body LIKE " . $db->quote('%' . $location_hint . trim(" \\ ") . $shortName . '%') . "\n OR p.body LIKE " . $db->quote('%' . $location_hint . trim(" \\ ") . "image" . trim(" \\ ") . $shortName . '%') . "\n OR p.body LIKE " . $db->quote('%' . $location_hint . "/image/" . $shortName . '%');
$findGuidesResult = $querier->query($findGuidesQuery);
$guides = array();
// for the list of guides in which the file appears
if ($findGuidesResult) {
foreach ($findGuidesResult as $row) {
$owner = $row['fname'] . " " . $row['lname'];
$guideName = $row['subject'];
$guideId = $row['subject_id'];
$guides["{$guideId}"] = $guideName;
}
} else {
$owner = '';
}
if (empty($guides)) {
