}
if (isset($_POST["assignment_uploads"]) && ($tmp_uploads = clean_input($_POST["assignment_uploads"], array("trim", "notags")))) {
$PROCESSED["assignment_uploads"] = $tmp_uploads == "allow" ? 0 : 1;
} else {
$PROCESSED["assignment_uploads"] = 1;
}
if (isset($_POST["allow_multiple_files"]) && $_POST["allow_multiple_files"] && isset($_POST["num_files_allowed"]) && ($max_file_uploads = (int) $_POST["num_files_allowed"]) > 0) {
$PROCESSED["max_file_uploads"] = $max_file_uploads;
} else {
$PROCESSED["max_file_uploads"] = 1;
}
/**
* Required field "event_start" / Event Date & Time Start (validated through validate_calendars function).
*/
$release_date = validate_calendars("viewable", false, false, true);
$due_date = validate_calendars("due", false, false, true);
if (isset($release_date["start"]) && (int) $release_date["start"]) {
$PROCESSED["release_date"] = (int) $release_date["start"];
} else {
$PROCESSED["release_date"] = 0;
}
if (isset($release_date["finish"]) && (int) $release_date["finish"]) {
$PROCESSED["release_until"] = (int) $release_date["finish"];
} else {
$PROCESSED["release_until"] = 0;
}
if (isset($due_date["finish"]) && (int) $due_date["finish"]) {
$PROCESSED["due_date"] = (int) $due_date["finish"];
} else {
$PROCESSED["due_date"] = 0;
}
} elseif (!isset($_SESSION["isAuthorized"]) || !$_SESSION["isAuthorized"]) {
header("Location: " . ENTRADA_URL);
exit;
} elseif (!$ENTRADA_ACL->amIAllowed("reportindex", "read", false)) {
$ERROR++;
$ERRORSTR[] = "Your account does not have the permissions required to use this module.<br /><br />If you believe you are receiving this message in error please contact <a href=\"mailto:" . html_encode($AGENT_CONTACTS["administrator"]["email"]) . "\">" . html_encode($AGENT_CONTACTS["administrator"]["name"]) . "</a> for assistance.";
echo display_error();
application_log("error", "Group [" . $_SESSION["permissions"][$ENTRADA_USER->getAccessId()]["group"] . "] and role [" . $_SESSION["permissions"][$ENTRADA_USER->getAccessId()]["role"] . "] do not have access to this module [" . $MODULE . "]");
} else {
define("IN_REPORTS", true);
$BREADCRUMB[] = array("url" => ENTRADA_URL . "/admin/" . $MODULE, "title" => $MODULES[strtolower($MODULE)]["title"]);
if ($router && $router->initRoute()) {
$PREFERENCES = preferences_load($MODULE);
$ORGANISATION_LIST = array();
if (isset($_POST["reporting_start"]) && (int) trim($_POST["reporting_start"]) && isset($_POST["reporting_finish"]) && (int) trim($_POST["reporting_finish"])) {
$report_date = validate_calendars("reporting", true, true, true);
if (isset($report_date["start"]) && (int) $report_date["start"]) {
$_SESSION[APPLICATION_IDENTIFIER][$MODULE]["reporting_start"] = (int) $report_date["start"];
}
if (isset($report_date["finish"]) && (int) $report_date["finish"]) {
$_SESSION[APPLICATION_IDENTIFIER][$MODULE]["reporting_finish"] = (int) $report_date["finish"];
}
} else {
if (!isset($_SESSION[APPLICATION_IDENTIFIER][$MODULE]["reporting_start"])) {
$_SESSION[APPLICATION_IDENTIFIER][$MODULE]["reporting_start"] = strtotime("July 1st, " . (date("Y", time()) - (date("m", time()) < 7 ? 1 : 2)) . " 0:00:00");
}
if (!isset($_SESSION[APPLICATION_IDENTIFIER][$MODULE]["reporting_finish"])) {
$_SESSION[APPLICATION_IDENTIFIER][$MODULE]["reporting_finish"] = strtotime("+1 year", $_SESSION[APPLICATION_IDENTIFIER][$MODULE]["reporting_start"] - 1);
}
}
/**
} else {
$PROCESSED["incident_severity"] = 1;
}
/*
* Required field "incident_status" / Incident Status.
*/
if (isset($_POST["incident_status"]) && $_POST["incident_status"]) {
$PROCESSED["incident_status"] = 1;
} else {
$PROCESSED["incident_status"] = 0;
}
/**
* Required field "incident_date" / Incident Start (validated through validate_calendars function).
* Non-required field "follow_up_date" / Incident Finish (validated through validate_calendars function).
*/
$incident_date = validate_calendars("incident", true, false);
if (isset($incident_date["start"]) && (int) $incident_date["start"]) {
$PROCESSED["incident_date"] = (int) $incident_date["start"];
}
if (isset($incident_date["finish"]) && (int) $incident_date["finish"]) {
$PROCESSED["follow_up_date"] = (int) $incident_date["finish"];
} else {
$PROCESSED["follow_up_date"] = 0;
}
/**
* Non-required field "incident_description" / Comments.
*/
if (isset($_POST["incident_description"]) && ($incident_description = clean_input($_POST["incident_description"], array("trim", "notags")))) {
$PROCESSED["incident_description"] = $incident_description;
} else {
$PROCESSED["incident_description"] = "";
$PROCESSED["event_desc"] = "";
}
if (isset($_POST["rotation_id"]) && ($rotation_id = (int) $_POST["rotation_id"])) {
$query = "SELECT `rotation_id` FROM `" . CLERKSHIP_DATABASE . "`.`global_lu_rotations` WHERE `rotation_id` = " . $db->qstr($rotation_id);
$result = $db->GetRow($query);
if ($result) {
$PROCESSED["rotation_id"] = (int) $result["rotation_id"];
} else {
$ERROR++;
$ERRORSTR[] = "We were unable to locate the rotation title you've selected.";
}
} else {
$ERROR++;
$ERRORSTR[] = "The <strong>Rotation ID</strong> field is required if this event is to be a part of a Core Rotation.";
}
$event_dates = validate_calendars("event", true, true);
if (isset($event_dates["start"]) && (int) $event_dates["start"]) {
$PROCESSED["event_start"] = (int) $event_dates["start"];
} else {
$ERROR++;
$ERRORSTR[] = "The <strong>Event Start</strong> field is required if this is to appear on the calendar.";
}
if (isset($event_dates["finish"]) && (int) $event_dates["finish"]) {
$PROCESSED["event_finish"] = (int) $event_dates["finish"];
} else {
$ERROR++;
$ERRORSTR[] = "The <strong>Event Finish</strong> field is required if this is to appear on the calendar.";
}
if (strlen(trim($_POST["event_status"])) < 1) {
$ERROR++;
$ERRORSTR[] = "Please select the status of this category after you have saved it.";
*/
if (isset($_POST["max_submittable"]) && (($max_submittable = clean_input($_POST["max_submittable"], "int")) || $max_submittable === 0) && $max_submittable <= 999) {
$PROCESSED["max_submittable"] = $max_submittable;
} elseif ($evaluation_target_type == "peer") {
$PROCESSED["max_submittable"] = 0;
} else {
add_error("The evaluation <strong>Max Submittable</strong> field is required and must be less than 999.");
}
if ($PROCESSED["min_submittable"] > $PROCESSED["max_submittable"] && $PROCESSED["max_submittable"] !== 0) {
add_error("Your <strong>Min Submittable</strong> value may not be greater than your <strong>Max Submittable</strong> value.");
}
/**
* Non-required field "release_date" / Viewable Start (validated through validate_calendars function).
* Non-required field "release_until" / Viewable Finish (validated through validate_calendars function).
*/
$viewable_date = validate_calendars("viewable", false, false);
if (isset($viewable_date["start"]) && (int) $viewable_date["start"]) {
$PROCESSED["release_date"] = (int) $viewable_date["start"];
} else {
$PROCESSED["release_date"] = 0;
}
if (isset($viewable_date["finish"]) && (int) $viewable_date["finish"]) {
$PROCESSED["release_until"] = (int) $viewable_date["finish"];
} else {
$PROCESSED["release_until"] = 0;
}
/**
* Processing for evaluation_evaluators table.
*/
if (isset($_POST["target_group_type"]) && in_array($_POST["target_group_type"], array("cohort", "percentage", "proxy_id", "faculty", "cgroup_id"))) {
switch ($_POST["target_group_type"]) {
* Serves as a detection method for conflicting events.
*
* @author Organisation: Queen's University
* @author Unit: School of Medicine
* @author Developer: Brandon Thorn <*****@*****.**>
* @copyright Copyright 2010 Queen's University. All Rights Reserved.
*
*/
@set_include_path(implode(PATH_SEPARATOR, array(dirname(__FILE__) . "/../core", dirname(__FILE__) . "/../core/includes", dirname(__FILE__) . "/../core/library", get_include_path())));
/**
* Include the Entrada init code.
*/
require_once "init.inc.php";
if (isset($_SESSION["isAuthorized"]) && (bool) $_SESSION["isAuthorized"]) {
if (isset($_POST) && isset($_POST["duration_segment"]) && is_array($_POST["duration_segment"]) && !empty($_POST["duration_segment"])) {
$date = validate_calendars("event", true, false);
$length = 0;
foreach ($_POST["duration_segment"] as $segment) {
$segment = clean_input($segment, array("trim", "int"));
if ($segment) {
$length += $segment;
}
}
$start_time = $date["start"];
$finish_time = $start_time + $length * 60;
$audience_type = clean_input($_POST["event_audience_type"], array("notags", "trim"));
$event_id = (int) $_POST["event_id"];
$query = "\tSELECT * FROM `events` AS a JOIN `event_audience` AS b ON a.`event_id` = b.`event_id`\n\t\t\t\t\tWHERE (" . $start_time . " BETWEEN `event_start` AND `event_finish` \n\t\t\t\t\tOR " . $finish_time . " BETWEEN `event_start` AND `event_finish`)";
switch ($audience_type) {
case "cohort":
$cohort = isset($_POST["associated_cohort"]) ? clean_input($_POST["associated_cohort"], array("int")) : 0;
echo display_error();
application_log("error", "LTI Provider wizard was accessed without any LTI Provider id.");
}
break;
case "add":
default:
switch ($STEP) {
case 2:
$PROCESSED["event_id"] = $EVENT_ID;
/**
* Step 2 Error Checking
* Because this unsets the $ERRORSTR array, only do this if there is not already an error.
* PITA, I know.
*/
if (isset($_POST["timedrelease"]) && $_POST["timedrelease"] == "yes") {
$timed_release = validate_calendars("valid", false, false);
if ($ERROR) {
$modal_onload[] = "alert('" . addslashes($ERRORSTR[0]) . "')";
$ERROR = 0;
$ERRORSTR = array();
$ERROR++;
$ERRORSTR[] = "q3";
$JS_INITSTEP = 2;
}
if (isset($timed_release["start"]) && (int) $timed_release["start"]) {
$PROCESSED["valid_from"] = (int) $timed_release["start"];
}
if (isset($timed_release["finish"]) && (int) $timed_release["finish"]) {
$PROCESSED["valid_until"] = (int) $timed_release["finish"];
}
}
$PROCESSED["organisation_id"] = $ENTRADA_USER->getActiveOrganisation();
echo "<h1>Editing Notice</h1>\n";
// Error Checking
switch ($STEP) {
case 2:
if (isset($_POST["target"]) && ($target_audience = clean_input($_POST["target"], array("trim", "dir")))) {
$PROCESSED["target"] = $target_audience;
} else {
$PROCESSED["target"] = 'updated';
}
if (isset($_POST["notice_summary"]) && ($notice_summary = strip_tags(clean_input($_POST["notice_summary"], "trim"), "<a><br><p>"))) {
$PROCESSED["notice_summary"] = $notice_summary;
} else {
add_error("You must provide a notice summary.");
}
$display_date = validate_calendars("display", true, true);
if (isset($display_date["start"]) && (int) $display_date["start"]) {
$PROCESSED["display_from"] = (int) $display_date["start"];
} else {
add_error("You must select a valid display start date.");
}
if (isset($display_date["finish"]) && (int) $display_date["finish"]) {
$PROCESSED["display_until"] = (int) $display_date["finish"];
} else {
add_error("You must select a valid display finish date.");
}
if (isset($_POST["target_audience"]) && ($target_audience = clean_input($_POST["target_audience"], "trim"))) {
if (strpos($target_audience, "all:") !== false || $target_audience == "public") {
$PROCESSED["associated_audience"][] = array("audience_type" => $target_audience, "audience_value" => 0);
}
}
} else {
$PROCESSED["clinical"] = 1;
}
/*
* Required field "account_active" / Account Status.
*/
if (isset($_POST["account_active"]) && $_POST["account_active"] == "true") {
$PROCESSED_ACCESS["account_active"] = "true";
} else {
$PROCESSED_ACCESS["account_active"] = "false";
}
/**
* Required field "access_starts" / Access Start (validated through validate_calendars function).
* Non-required field "access_finish" / Access Finish (validated through validate_calendars function).
*/
$access_date = validate_calendars("access", true, false);
if (isset($access_date["start"]) && (int) $access_date["start"]) {
$PROCESSED_ACCESS["access_starts"] = (int) $access_date["start"];
}
if (isset($access_date["finish"]) && (int) $access_date["finish"]) {
$PROCESSED_ACCESS["access_expires"] = (int) $access_date["finish"];
} else {
$PROCESSED_ACCESS["access_expires"] = 0;
}
/**
* Non-required field "prefix" / Prefix.
*/
if (isset($_POST["prefix"]) && @in_array($prefix = clean_input($_POST["prefix"], "trim"), $PROFILE_NAME_PREFIX)) {
$PROCESSED["prefix"] = $prefix;
} else {
$PROCESSED["prefix"] = "";
}
} else {
$ERROR++;
$ERRORSTR[] = "The <strong>Marking Scheme</strong> field is a required field.";
}
//Show in learner gradebook check
if (isset($_POST["show_learner_option"])) {
switch ($show_learner_option = clean_input($_POST["show_learner_option"], array("trim", "int"))) {
case 0:
$PROCESSED["show_learner"] = $show_learner_option;
$PROCESSED["release_date"] = 0;
$PROCESSED["release_until"] = 0;
break;
case 1:
$PROCESSED["show_learner"] = $show_learner_option;
$release_dates = validate_calendars("show", false, false);
if (isset($release_dates["start"]) && (int) $release_dates["start"]) {
$PROCESSED["release_date"] = (int) $release_dates["start"];
} else {
$PROCESSED["release_date"] = 0;
}
if (isset($release_dates["finish"]) && (int) $release_dates["finish"]) {
$PROCESSED["release_until"] = (int) $release_dates["finish"];
} else {
$PROCESSED["release_until"] = 0;
}
break;
default:
$PROCESSED["show_learner"] = 0;
break;
}
$ERRORSTR[] = "You must provide an occupant name or title in the <strong>Occupant Name / Title</strong> field.";
}
if (isset($_POST["cost_recovery"]) && $_POST["cost_recovery"] == "1") {
$PROCESSED["cost_recovery"] = 1;
}
$PROCESSED["confirmed"] = 1;
break;
default:
$ERROR++;
$ERRORSTR[] = "You must provide a valid occupant type in order to continue.";
break;
}
if (isset($_POST["notes"]) && ($tmp_input = clean_input($_POST["notes"], array("trim", "allowedtags")))) {
$PROCESSED["notes"] = $tmp_input;
}
$inhabiting_date = validate_calendars("inhabiting", true, true, false);
if (isset($inhabiting_date["start"]) && (int) $inhabiting_date["start"]) {
$PROCESSED["inhabiting_start"] = (int) $inhabiting_date["start"];
} else {
$ERROR++;
$ERRORSTR[] = "You must select a date that the occupant will move into " . html_encode($APARTMENT_INFO["apartment_title"]);
}
if (isset($inhabiting_date["finish"]) && (int) $inhabiting_date["finish"]) {
$PROCESSED["inhabiting_finish"] = (int) $inhabiting_date["finish"];
} else {
$ERROR++;
$ERRORSTR[] = "You must select a date that the occupant will vacate from " . html_encode($APARTMENT_INFO["apartment_title"]);
}
if (!$ERROR) {
$PROCESSED["updated_last"] = time();
$PROCESSED["updated_by"] = $ENTRADA_USER->getID();
*/
$draft_date = validate_calendars("copy", true, true, false);
if (isset($draft_date["start"]) && (int) $draft_date["start"]) {
$PROCESSED["draft_start_date"] = (int) $draft_date["start"];
} else {
$PROCESSED["draft_start_date"] = 0;
}
if (isset($draft_date["finish"]) && (int) $draft_date["finish"]) {
$PROCESSED["draft_finish_date"] = (int) $draft_date["finish"];
} else {
$PROCESSED["draft_finish_date"] = 0;
}
/**
* Required field "new_start" / Event Date & Time Start (validated through validate_calendars function).
*/
$start_date = validate_calendars("new", true, false, false);
if (isset($start_date["start"]) && (int) $start_date["start"]) {
$PROCESSED["new_start_day"] = (int) $start_date["start"];
}
if (has_error()) {
$STEP = 1;
} else {
if ($db->AutoExecute("drafts", $PROCESSED, "INSERT") && ($draft_id = $db->Insert_ID())) {
$creators = array("draft_id" => $draft_id, "proxy_id" => $ENTRADA_USER->getActiveId());
if (!$db->AutoExecute("draft_creators", $creators, "INSERT")) {
application_log("error", "Error when creating draft [" . $draft_id . "]. Unable to insert to the draft_creators table. Database said: " . $db->ErrorMsg());
}
if ($PROCESSED["options"]) {
// This is just to be safe I am assuming.
$query = "DELETE FROM `draft_options` WHERE `draft_id` = " . $db->qstr($draft_id);
$db->Execute($query);
$url = ENTRADA_URL;
$SUCCESS++;
$SUCCESSSTR[] = "You have successfully updated this <strong>Deficiency Plan</strong> in the system.<br /><br />Please <a href=\"" . $url . "\">click here</a> to proceed to the Dashboard or you will be automatically forwarded in 5 seconds.";
$ONLOAD[] = "setTimeout('window.location=\\'" . $url . "\\'', 5000)";
application_log("success", "Updated deficiency plan [" . $PLAN_ID . "] in the system.");
} else {
$ERROR++;
$ERRORSTR[] = "There was a problem editing this deficiency plan in the system. The MEdTech Unit was informed of this error; please try again later.";
application_log("error", "There was an error editing a deficiency plan for Proxy ID [" . $PROXY_ID . "]. Database said: " . $db->ErrorMsg());
}
}
} else {
if (isset($_POST["plan_body"]) && ($plan_body = clean_input($_POST["plan_body"], array("notags", "trim")))) {
$PROCESSED["plan_body"] = $plan_body;
}
$timeline_dates = validate_calendars("timeline", true, true);
if (isset($timeline_dates["start"]) && (int) $timeline_dates["start"]) {
$PROCESSED["timeline_start"] = (int) $timeline_dates["start"];
} else {
$ERROR++;
$ERRORSTR[] = "The <strong>Timeline Start</strong> field is required to detail when your plan to attain deficiencies will begin.";
}
if (isset($timeline_dates["finish"]) && (int) $timeline_dates["finish"]) {
$PROCESSED["timeline_finish"] = (int) $timeline_dates["finish"];
} else {
$ERROR++;
$ERRORSTR[] = "The <strong>Timeline Finish</strong> field is required to detail when your plan to attain deficiencies will end.";
}
if (!isset($PROCESSED["clerk_accepted"]) || !$PROCESSED["clerk_accepted"]) {
if (isset($_POST["clerk_accepted"]) && ($clerk_accepted = $_POST["clerk_accepted"] ? true : false)) {
$PROCESSED["clerk_accepted"] = $clerk_accepted;
$PROCESSED["report_supporting_link"] = "";
}
/**
* Required field "report_date" / Event Date & Time Start.
*/
$report_date = validate_calendars("report", true, false, false);
if (isset($report_date["start"]) && (int) $report_date["start"]) {
$PROCESSED["report_date"] = (int) $report_date["start"];
} else {
$PROCESSED["report_date"] = 0;
add_error("You must provide a reporting date for this report.");
}
/**
* Required field "event_start" / Event Date & Time Start.
*/
$period_date = validate_calendars("period", true, true, false);
if (isset($period_date["start"]) && (int) $period_date["start"]) {
$PROCESSED["report_start"] = (int) $period_date["start"];
} else {
$PROCESSED["report_start"] = 0;
add_error("You must provide a reporting start date.");
}
if (isset($period_date["finish"]) && (int) $period_date["finish"]) {
$PROCESSED["report_finish"] = (int) $period_date["finish"];
} else {
$PROCESSED["report_finish"] = 0;
add_error("You must provide a reporting finish date.");
}
/**
* Non-required field "event_location" / Event Location
*/
} else {
$ERROR++;
$ERRORSTR[] = "You must provide the telephone number of the key contact.";
}
if (isset($_POST["keys_email"]) && ($tmp_input = clean_input($_POST["keys_email"], array("trim", "notags"))) && valid_address($tmp_input)) {
$PROCESSED["keys_email"] = $tmp_input;
} else {
$ERROR++;
$ERRORSTR[] = "You must provide a valid e-mail address for the key contact.";
}
}
/**
* Required field "release_date" / Available Start (validated through validate_calendars function).
* Non-required field "release_until" / Available Finish (validated through validate_calendars function).
*/
$available_date = validate_calendars("available", true, false, false);
if (isset($available_date["start"]) && (int) $available_date["start"]) {
$PROCESSED["available_start"] = (int) $available_date["start"];
} else {
$PROCESSED["available_start"] = 0;
}
if (isset($available_date["finish"]) && (int) $available_date["finish"]) {
$PROCESSED["available_finish"] = (int) $available_date["finish"];
} else {
$PROCESSED["available_finish"] = 0;
}
$query = "\tSELECT `dep_id`\n\t\t\t\t\t\tFROM `" . AUTH_DATABASE . "`.`user_departments`\n\t\t\t\t\t\tWHERE `user_id` = " . $db->qstr($ENTRADA_USER->getId());
$department_id = $db->getOne($query);
if ($department_id) {
$PROCESSED["department_id"] = $department_id;
} else {
*/
if (isset($_POST["category_name"]) && ($category_name = clean_input($_POST["category_name"], array("notags", "trim")))) {
$PROCESSED["category_name"] = $category_name;
} else {
$ERROR++;
$ERRORSTR[] = "The <strong>Category" . (isset($category_details["ctype_name"]) && $category_details["ctype_name"] ? " " . $category_details["ctype_name"] : "") . " Name</strong> is a required field.";
}
/**
* Non-required field "category_code" / Category Code
*/
if (isset($_POST["category_code"]) && ($category_code = clean_input($_POST["category_code"], array("notags", "trim")))) {
$PROCESSED["category_code"] = $category_code;
} else {
$PROCESSED["category_code"] = "";
}
$category_dates = validate_calendars("category", true, false, false);
if (isset($category_dates["start"]) && (int) $category_dates["start"]) {
$PROCESSED["category_start"] = (int) $category_dates["start"];
} else {
$ERROR++;
$ERRORSTR[] = "The <strong>Category Start</strong> field is required.";
}
if (isset($category_dates["finish"]) && (int) $category_dates["finish"]) {
$PROCESSED["category_finish"] = (int) $category_dates["finish"];
} else {
$ERROR++;
$ERRORSTR[] = "The <strong>Category Finish</strong> field is required.";
}
/**
* Required field "category_type" / Category Type.
*/
$require_start = true;
$require_finish = false;
break;
default:
$require_start = false;
$require_finish = false;
break;
}
if ($STEP >= 4 && isset($PROCESSED["quiztype_id"]) && $PROCESSED["quiztype_id"]) {
$query = "SELECT `quiztype_code` FROM `quizzes_lu_quiztypes` WHERE `quiztype_id` = " . $db->qstr($PROCESSED["quiztype_id"]);
$quiztype = $db->GetOne($query);
if ($quiztype == "delayed") {
$require_finish = true;
}
}
$viewable_date = validate_calendars("accessible", $require_start, $require_finish);
if (isset($viewable_date["start"]) && (int) $viewable_date["start"]) {
$PROCESSED["release_date"] = (int) $viewable_date["start"];
} else {
$PROCESSED["release_date"] = 0;
}
if (isset($viewable_date["finish"]) && (int) $viewable_date["finish"]) {
$PROCESSED["release_until"] = (int) $viewable_date["finish"];
} else {
$PROCESSED["release_until"] = 0;
}
if (isset($_POST["accessible_start"]) && $_POST["accessible_start"] == 1) {
$PROCESSED["accessible_start"] = 1;
$PROCESSED["accessible_start_date"] = clean_input($_POST["accessible_start_date"], "credentials");
$PROCESSED["accessible_start_hour"] = clean_input($_POST["accessible_start_hour"], "int");
$PROCESSED["accessible_start_min"] = clean_input($_POST["accessible_start_min"], "int");
if (isset($_POST["poll_answer_2"]) && ($poll_answer_2 = clean_input($_POST["poll_answer_2"], array("trim")))) {
$PROCESSED_ANSWERS[1] = $poll_answer_2;
} else {
$ERROR++;
$ERRORSTR[] = "You must provide an answer for poll answer 2.";
}
if (isset($_POST["poll_answer_3"]) && ($poll_answer_3 = clean_input($_POST["poll_answer_3"], array("trim")))) {
$PROCESSED_ANSWERS[2] = $poll_answer_3;
}
if (isset($_POST["poll_answer_4"]) && ($poll_answer_4 = clean_input($_POST["poll_answer_4"], array("trim")))) {
$PROCESSED_ANSWERS[3] = $poll_answer_4;
}
if (isset($_POST["poll_answer_5"]) && ($poll_answer_5 = clean_input($_POST["poll_answer_5"], array("trim")))) {
$PROCESSED_ANSWERS[4] = $poll_answer_5;
}
$display_date = validate_calendars("poll", true, false);
if (isset($display_date["start"]) && (int) $display_date["start"]) {
$PROCESSED["poll_from"] = (int) $display_date["start"];
} else {
$ERROR++;
$ERRORSTR[] = "You must select a valid display start date.";
}
if (isset($display_date["finish"]) && (int) $display_date["finish"]) {
$PROCESSED["poll_until"] = (int) $display_date["finish"];
} else {
$PROCESSED["poll_until"] = 0;
}
if (!$ERROR) {
$PROCESSED["updated_date"] = time();
$PROCESSED["updated_by"] = $ENTRADA_USER->getID();
if ($db->AutoExecute("poll_questions", $PROCESSED, "INSERT")) {
application_log("error", print_r($ERRORSTR, true));
}
if (isset($_POST["new"]) && $_POST["new"]) {
$PROCESSED = array("event_start" => $PROCESSED["event_start"]);
if (!$temp_event_id) {
echo "<input type=\"hidden\" value=\"" . $event_id . "\" id=\"updated_session_id\" />";
}
$event_id = 0;
}
} else {
$PROCESSED = $event_info;
if (isset($_POST["event_start"]) && $_POST["event_start"]) {
/**
* Required field "event_start" / Event Date & Time Start (validated through validate_calendars function).
*/
$start_date = validate_calendars("event", false, false);
if (isset($start_date["start"]) && (int) $start_date["start"]) {
$PROCESSED["event_start"] = (int) $start_date["start"];
}
}
}
if ($parent_id) {
$query = "SELECT COUNT(*) FROM `events` WHERE `parent_id` = " . $db->qstr($parent_id);
$session_count = $db->GetOne($query);
$session_count = $session_count ? $session_count + 1 : 1;
} else {
$session_count = 1;
}
/**
* Compiles the full list of faculty members.
*/
$result = $db->GetRow($query);
if ($result) {
$evaluation_target_id = $result["target_id"];
$evaluation_target_type = $result["target_shortname"];
$PROCESSED["eform_id"] = $eform_id;
} else {
add_error("The <strong>Evaluation Form</strong> that you selected is not currently available for use.");
}
} else {
add_error("You must select an <strong>Evaluation Form</strong> to use during this evaluation.");
}
/**
* Non-required field "evaluation_start" / Evaluation Start (validated through validate_calendars function).
* Non-required field "evaluation_finish" / Evaluation Finish (validated through validate_calendars function).
*/
$viewable_date = validate_calendars("evaluation", false, false);
if (isset($viewable_date["start"]) && (int) $viewable_date["start"]) {
$PROCESSED["evaluation_start"] = (int) $viewable_date["start"];
} else {
$PROCESSED["evaluation_start"] = 0;
}
if (isset($viewable_date["finish"]) && (int) $viewable_date["finish"]) {
$PROCESSED["evaluation_finish"] = (int) $viewable_date["finish"];
} else {
$PROCESSED["evaluation_finish"] = 0;
}
/**
* Non-required field "evaluation_mandatory" / Evaluation Mandatory
*/
if (isset($_POST["evaluation_mandatory"]) && $_POST["min_submittable"]) {
$PROCESSED["evaluation_mandatory"] = true;
$ERRORSTR[] = "The <strong>Photo Title</strong> field is required.";
}
/**
* Non-Required field "description" / Photo Description.
*
*/
if (isset($_POST["photo_description"]) && ($description = clean_input($_POST["photo_description"], array("notags", "trim")))) {
$PROCESSED["photo_description"] = $description;
} else {
$PROCESSED["photo_description"] = "";
}
/**
* Required field "release_from" / Release Start (validated through validate_calendars function).
* Non-required field "release_until" / Release Finish (validated through validate_calendars function).
*/
$release_dates = validate_calendars("release", true, false);
if (isset($release_dates["start"]) && (int) $release_dates["start"]) {
$PROCESSED["release_date"] = (int) $release_dates["start"];
} else {
$ERROR++;
$ERRORSTR[] = "The <strong>Release Start</strong> field is required.";
}
if (isset($release_dates["finish"]) && (int) $release_dates["finish"]) {
$PROCESSED["release_until"] = (int) $release_dates["finish"];
} else {
$PROCESSED["release_until"] = 0;
}
/**
* Email Notificaions.
*/
if (isset($_POST["enable_notifications"])) {
function profile_add_assistant()
{
global $db, $PROCESSED, $ERROR, $ERRORSTR, $SUCCESS, $SUCCESSSTR, $ENTRADA_ACL, $ENTRADA_USER;
if ($ENTRADA_ACL->isLoggedInAllowed('assistant_support', 'create')) {
$access_timeframe = validate_calendars("valid", true, true);
if (!$ERROR) {
if (isset($access_timeframe["start"]) && (int) $access_timeframe["start"]) {
$PROCESSED["valid_from"] = (int) $access_timeframe["start"];
}
if (isset($access_timeframe["finish"]) && (int) $access_timeframe["finish"]) {
$PROCESSED["valid_until"] = (int) $access_timeframe["finish"];
}
if (isset($_POST["assistant_id"]) && ($proxy_id = (int) trim($_POST["assistant_id"]))) {
if ($proxy_id != $ENTRADA_USER->getID()) {
$query = "\n\t\t\t\t\t\tSELECT a.`id` AS `proxy_id`, CONCAT_WS(' ', a.`firstname`, a.`lastname`) AS `fullname`\n\t\t\t\t\t\tFROM `" . AUTH_DATABASE . "`.`user_data` AS a\n\t\t\t\t\t\tLEFT JOIN `" . AUTH_DATABASE . "`.`user_access` AS b\n\t\t\t\t\t\tON b.`user_id` = a.`id` AND b.`app_id`='1' AND b.`account_active`='true' AND b.`group`<>'student'\n\t\t\t\t\t\tWHERE a.`id`=" . $db->qstr($proxy_id);
$result = $db->GetRow($query);
if ($result) {
$PROCESSED["assigned_by"] = $ENTRADA_USER->getID();
$PROCESSED["assigned_to"] = $result["proxy_id"];
$fullname = $result["fullname"];
$query = "SELECT * FROM `permissions` WHERE `assigned_by`=" . $db->qstr($PROCESSED["assigned_by"]) . " AND `assigned_to`=" . $db->qstr($PROCESSED["assigned_to"]);
$result = $db->GetRow($query);
if ($result) {
if ($db->AutoExecute("permissions", $PROCESSED, "UPDATE", "permission_id=" . $db->qstr($result["permission_id"]))) {
$SUCCESS++;
$SUCCESSSTR[] = "You have successfully updated <strong>" . html_encode($fullname) . "'s</strong> access permissions to your account.";
application_log("success", "Updated permissions for proxy_id [" . $PROCESSED["assigned_by"] . "] who is allowing [" . $PROCESSED["assigned_by"] . "] accecss to their account from " . date(DEFAULT_DATE_FORMAT, $PROCESSED["valid_from"]) . " until " . date(DEFAULT_DATE_FORMAT, $PROCESSED["valid_until"]));
} else {
$ERROR++;
$ERRORSTR[] = "We were unable to update <strong>" . html_encode($fullname) . "'s</strong> access permissions to your account at this time. The system administrator has been informed of this, please try again later.";
application_log("error", "Unable to update permissions for proxy_id [" . $PROCESSED["assigned_by"] . "] who is allowing [" . $PROCESSED["assigned_by"] . "] accecss to their account. Database said: " . $db->ErrorMsg());
}
} else {
if ($db->AutoExecute("permissions", $PROCESSED, "INSERT")) {
$SUCCESS++;
$SUCCESSSTR[] = "You successfully gave <strong>" . html_encode($fullname) . "</strong> access permissions to your account.";
application_log("success", "Added permissions for proxy_id [" . $PROCESSED["assigned_by"] . "] who is allowing [" . $PROCESSED["assigned_by"] . "] accecss to their account from " . date(DEFAULT_DATE_FORMAT, $PROCESSED["valid_from"]) . " until " . date(DEFAULT_DATE_FORMAT, $PROCESSED["valid_until"]));
} else {
$ERROR++;
$ERRORSTR[] = "We were unable to give <strong>" . html_encode($fullname) . "</strong> access permissions to your account at this time. The system administrator has been informed of this, please try again later.";
application_log("error", "Unable to insert permissions for proxy_id [" . $PROCESSED["assigned_by"] . "] who is allowing [" . $PROCESSED["assigned_by"] . "] accecss to their account. Database said: " . $db->ErrorMsg());
}
}
} else {
$ERROR++;
$ERRORSTR[] = "The person that have selected to add as an assistant either does not exist in this system, or their account is not currently active.<br /><br />Please contact Denise Jones in the Undergrad office (613-533-6000 x77804) to get an account for the requested individual.";
}
} else {
$ERROR++;
$ERRORSTR[] = "You cannot add yourself as your own assistant, there is no need to do so.";
}
} else {
$ERROR++;
$ERRORSTR[] = "You must enter, then select the name of the person you wish to give access to your account permissions.";
}
}
} else {
$ERROR++;
$ERRORSTR[] = "Your account does not have the required access levels to add assistants to your profile.";
application_log("error", "User tried to add assistants to profile without an acceptable group & role.");
}
}
