} unset($_POST); $form = drupal_get_form("vals_soc_project_form", $obj, $target); if ($originalPath) { $form['#action'] = url($originalPath); } // Process the submit button which uses ajax //$form['submit'] = ajax_pre_render_element($form['submit']); // Build renderable array // $build = array( // 'form' => $form, // '#attached' => $form['submit']['#attached'], // This will attach all needed JS behaviors onto the page // ); renderForm($form, $target); break; case 'delete': $type = altSubValue($_POST, 'type', ''); $id = altSubValue($_POST, 'id', ''); if (!isValidOrganisationType($type)) { echo jsonBadResult(t('There is no such type we can delete')); } elseif (count(Proposal::getProposalsPerProject($id))) { echo jsonBadResult(t('You cannot delte the project; there are already students working on a proposal for this project. You can still edit it though.')); } else { $result = Groups::removeGroup($type, $id); ThreadedComments::getInstance()->removethreadsForEntity($id, $type); echo $result ? jsonGoodResult(true, '', array('extra' => $mine ? array('mine' => 1) : '')) : jsonBadResult(); } break; default: echo "No such action: " . $_GET['action']; }
function pretendUser() { //the session_status function is only available from php 5.4 on. We just suppress the possible warning on //double started sessions. In fact this is harmless and php will just start the session it already had (if this is //the case, but still fires a warning. This function will and should nver be called in production, so it is not //an issue there. //if (session_status() == PHP_SESSION_NONE) { @session_start(); //} $user_id = getRequestVar('pretend', altSubValue($_SESSION, 'pretend_user', 0)); if ($user_id) { if (!(isset($_SESSION['pretend_user']) && ($_SESSION['pretend_user'] && $_SESSION['pretend_user'] == $user_id) || verifyUser($user_id))) { return array(0, 0); } $same_pretend = $_SESSION['pretend_user'] == $user_id; $_SESSION['pretend_user'] = $user_id; $original_user = $GLOBALS['user']; $old_state = drupal_save_session(); //drupal_save_session(FALSE); if (isset($_SESSION['pretend_user_obj']) && $_SESSION['pretend_user_obj'] && $same_pretend) { $GLOBALS['user'] = $_SESSION['pretend_user_obj']; } else { $GLOBALS['user'] = user_load($user_id); $GLOBALS['user']->roles = repairRoles($GLOBALS['user']->roles); $_SESSION['pretend_user_obj'] = $GLOBALS['user']; } return array($original_user, $old_state); } else { $_SESSION['pretend_user_obj'] = $_SESSION['pretend_user'] = 0; return array(0, 0); } }
} if (isset($is_final) && $is_final) { $properties['state'] = 'published'; } if (!$id) { $new = TRUE; $id = $result = Proposal::insertProposal($properties, $project_id); } else { $new = FALSE; if (!Groups::isOwner(_PROPOSAL_OBJ, $id)) { drupal_set_message(t('You are not the owner of this proposal'), 'error'); $result = null; } else { //If there was no supervisor chosen, at least maintain the orginal one, rather than leave it orphaned if ($properties['supervisor_id'] == 0) { if ($original_supervisor = altSubValue($_POST, 'original_supervisor_id', '')) { $properties['supervisor_id'] = $original_supervisor; } } $result = Proposal::updateProposal($properties, $id); } } if ($result) { // Send out emails to mentor/supervisor once new proposal published // get either the existing proposal key // or the newly inserted proposal key if (is_bool($result)) { //already existed $existed = true; $key = $id; } else {
static function insertProposal($props, $project_id) { if (!$props) { drupal_set_message(t('Insert requested with empty (filtered) data set'), 'error'); return false; } global $user; $txn = db_transaction(); try { $uid = $user->uid; if (!Users::isOfType(_STUDENT_TYPE, $uid)) { drupal_set_message(t('You must be a student to submit a proposal'), 'error'); return false; } $project = Project::getProjectById($project_id); $student_details = Users::getStudentDetails($uid); $props['owner_id'] = $uid; $props['org_id'] = $project['org_id']; $props['inst_id'] = $student_details->inst_id; $props['supervisor_id'] = altSubValue($props, 'supervisor_id', 0) ?: $student_details->supervisor_id; $props['pid'] = $project['pid']; if (!isset($props['state'])) { $props['state'] = 'draft'; } if (!testInput($props, array('owner_id', 'org_id', 'inst_id', 'supervisor_id', 'pid', 'title'))) { return FALSE; } try { // inserts where the field length is exceeded fails silently here // i.e. the date strinf is too long for the mysql field type $id = db_insert(tableName(_PROPOSAL_OBJ))->fields($props)->execute(); } catch (Exception $e) { drupal_set_message($e->getMessage(), 'error'); } if ($id) { //TODO: notify mentor??? drupal_set_message(t('Note that you have only saved your proposal: you can continue editing it later.')); return $id; } else { drupal_set_message(t('We could not add your proposal. ') . (_DEBUG ? '<br/>' . getDrupalMessages() : ""), 'error'); } return $result; } catch (Exception $ex) { $txn->rollback(); drupal_set_message(t('We could not add your proposal.') . (_DEBUG ? $ex->__toString() : ''), 'error'); } return FALSE; }
$form['#action'] = url($originalPath); } // Process the submit button which uses ajax //$form['submit'] = ajax_pre_render_element($form['submit']); // Build renderable array // $build = array( // 'form' => $form, // '#attached' => $form['submit']['#attached'], // This will attach all needed JS behaviors onto the page // ); renderForm($form, $target); } break; case 'save': $type = altSubValue($_POST, 'type', ''); $id = altSubValue($_POST, 'id', ''); $show_action = altSubValue($_POST, 'show_action', ''); //TODO do some checks here if (!isValidOrganisationType($type)) { //&& ($type !== _PROJECT_OBJ) $result = NULL; drupal_set_message(tt('This is not a valid type: %s', $type), 'error'); echo jsonBadResult(); return; } $properties = Groups::filterPostByType($type, $_POST); if (!$id) { $new = true; $result = $type == _STUDENT_GROUP ? Groups::addStudentGroup($properties) : ($type == _PROJECT_OBJ ? Project::getInstance()->addProject($properties) : Groups::addGroup($properties, $type)); } else { $new = false; $result = Groups::changeGroup($type, $properties, $id);
} break; case 'view': $type = altSubValue($_POST, 'type', 'comment'); $id = altSubValue($_POST, 'id'); $target = altSubValue($_POST, 'target', ''); if (!($id && $type && $target)) { die(t('There are missing arguments. Please inform the administrator of this mistake.')); } $post = ThreadedComments::getInstance()->getPostById($id); if (!$post) { echo tt('The post for this %1$s cannot be found', t_type($type)); } else { $entity_id = $post['entity_id']; $entity_type = $post['entity_type']; $threaded_comments = new ThreadUIBuilder($entity_id, $entity_type); echo $threaded_comments->renderSingleComment($post); } break; case 'viewall': if (getRole() != _ANONYMOUS_TYPE) { $type = altSubValue($_GET, 'type'); $id = altSubValue($_GET, 'id'); module_load_include('inc', 'vals_soc', 'includes/ui/comments/threaded_comments'); $content = initComments($id, $type); echo $content; } break; default: echo "No such action: " . $_GET['action']; }
break; case 'list_search': if (Users::isSuperVisor()) { //Return result to jTable $recs = Agreement::getInstance()->getAgreementsForSupervisorBySearchCriteria(true, $_GET["jtSorting"], $_GET["jtStartIndex"], $_GET["jtPageSize"]); $cnt = Agreement::getInstance()->getProjectAgreementsRowCount($GLOBALS['user']->uid, ''); } else { if (Users::isMentor()) { $recs = Agreement::getInstance()->getAgreementsForMentorBySearchCriteria(true, $_GET["jtSorting"], $_GET["jtStartIndex"], $_GET["jtPageSize"]); $cnt = Agreement::getInstance()->getProjectAgreementsRowCount('', $GLOBALS['user']->uid); } } jsonGoodResultJT($recs, $cnt); break; case 'render_project_for_id': $id = altSubValue($_POST, 'id'); $target = altSubValue($_POST, 'target', ''); $agreement = Agreement::getInstance()->getSingleAgreementById($id, true); echo getSingleAcceptedProjectView($agreement); break; case 'render_agreement_for_id': $id = altSubValue($_POST, 'id'); $target = altSubValue($_POST, 'target', ''); $agreement = Agreement::getInstance()->getSingleAgreementById($id, true); echo "<div id='admin_container' class='tabs_container'>"; echo showAgreement($agreement); echo "</div>"; break; default: echo "No such action: " . $_GET['action']; }