DrawBC("Users >> " . ProgramTitle()); include 'Menu.php'; if (is_numeric(clean_param($_REQUEST['profile_id'], PARAM_INT))) { $exceptions_RET = DBGet(DBQuery('SELECT PROFILE_ID,MODNAME,CAN_USE,CAN_EDIT FROM profile_exceptions WHERE PROFILE_ID=\'' . $_REQUEST[profile_id] . '\''), array(), array('MODNAME')); $profile_RET = DBGet(DBQuery('SELECT PROFILE FROM user_profiles WHERE ID=\'' . $_REQUEST[profile_id] . '\'')); $xprofile = $profile_RET[1]['PROFILE']; if ($xprofile == 'student') { $xprofile = 'parent'; unset($menu['Users']); } } if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'delete' && AllowEdit()) { $profile_RET = DBGet(DBQuery('SELECT TITLE FROM user_profiles WHERE ID=\'' . $_REQUEST[profile_id] . '\'')); // if(Prompt('Confirm Delete','Are you sure you want to delete the user profile <i>'.$profile_RET[1]['TITLE'].'</i>?','Users of that profile will retain their permissions as a custom set which can be modified on a per-user basis through the User Permissions program.')) $profile = $profile_RET[1]['TITLE']; if (DeletePromptBigString("<b>Are you sure you want to delete the user profile <i>{$profile}</i>?,</b><br/>Users of that profile will retain their permissions as a custom set which can be modified on a per-user basis through the User Permissions program.")) { $existStaff = DBGet(DBQuery("select * from staff where profile_id={$_REQUEST['profile_id']}")); if (count($existStaff) == 0) { DBQuery('DELETE FROM user_profiles WHERE ID=\'' . $_REQUEST['profile_id'] . '\''); DBQuery('DELETE FROM staff_exceptions WHERE USER_ID IN (SELECT STAFF_ID FROM staff WHERE PROFILE_ID=\'' . $_REQUEST['profile_id'] . '\')'); DBQuery('INSERT INTO staff_exceptions (USER_ID,MODNAME,CAN_USE,CAN_EDIT) SELECT s.STAFF_ID,e.MODNAME,e.CAN_USE,e.CAN_EDIT FROM staff s,profile_exceptions e WHERE s.PROFILE_ID=\'' . $_REQUEST[profile_id] . '\' AND s.PROFILE_ID=e.PROFILE_ID'); DBQuery('DELETE FROM profile_exceptions WHERE PROFILE_ID=\'' . $_REQUEST['profile_id'] . '\''); unset($_REQUEST['modfunc']); unset($_REQUEST['profile_id']); } else { echo '<BR>'; PopTable('header', 'Alert Message'); echo "<CENTER><h4>Cannot delete because profile is associated with staff.</h4><br><FORM action={$PHP_tmp_SELF} METHOD=POST><INPUT type=button class=btn_medium name=delete_cancel value=OK onclick='window.location=\"Modules.php?modname={$_REQUEST['modname']} \"'></FORM></CENTER>"; PopTable('footer'); return false; }
include '../../RedirectModulesInc.php'; DrawBC("users >> " . ProgramTitle()); include 'Menu.php'; if (is_numeric(clean_param($_REQUEST['profile_id'], PARAM_INT))) { $exceptions_RET = DBGet(DBQuery('SELECT PROFILE_ID,MODNAME,CAN_USE,CAN_EDIT FROM profile_exceptions WHERE PROFILE_ID=\'' . $_REQUEST[profile_id] . '\''), array(), array('MODNAME')); $profile_RET = DBGet(DBQuery('SELECT PROFILE FROM user_profiles WHERE ID=\'' . $_REQUEST[profile_id] . '\'')); $xprofile = $profile_RET[1]['PROFILE']; if ($xprofile == 'student') { $xprofile = 'parent'; unset($menu['users']); } } if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'delete' && AllowEdit()) { $profile_RET = DBGet(DBQuery('SELECT TITLE FROM user_profiles WHERE ID=\'' . $_REQUEST[profile_id] . '\'')); $profile = $profile_RET[1]['TITLE']; if (DeletePromptBigString("delete <i>{$profile}</i>?,<br/>users of that profile will retain their permissions as a custom set which can be modified on a per-user basis through the User Permissions program.")) { $existStaff = DBGet(DBQuery("select * from staff where profile_id={$_REQUEST['profile_id']}")); if (count($existStaff) == 0) { DBQuery('DELETE FROM user_profiles WHERE ID=\'' . $_REQUEST['profile_id'] . '\''); DBQuery('DELETE FROM profile_exceptions WHERE PROFILE_ID=\'' . $_REQUEST['profile_id'] . '\''); unset($_REQUEST['modfunc']); unset($_REQUEST['profile_id']); } else { echo '<BR>'; PopTable('header', 'Alert Message'); echo "<CENTER><h4>Cannot delete because profile is associated with staff.</h4><br><FORM action={$PHP_tmp_SELF} METHOD=POST><INPUT type=button class=btn_medium name=delete_cancel value=OK onclick='window.location=\"Modules.php?modname={$_REQUEST['modname']} \"'></FORM></CENTER>"; PopTable('footer'); return false; } } }