<?php
require_once "header.php";
if ($session->is_logged_in()) {
$loggeduser = User::get_by_id($session->user_id);
}
$pathinfo = pathinfo($_SERVER["PHP_SELF"]);
$basename = $pathinfo["basename"];
$currentFile = str_replace(".php", "", $basename);
$pageURL = "http://{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}";
echo "<input id='batchid' type='hidden' value='" . $_GET['id'] . "'>";
if (isset($_GET['id'])) {
$batch = Batch::get_by_id($_GET['id']);
$school = School::get_by_id($batch->schoolid);
$batchUsers = BatchUser::getUsersInBatch($batch->id);
if ($session->is_logged_in()) {
if (!User::get_by_id($session->user_id)->is_super_admin()) {
if ($batch->pending == 1 || $batch->enabled == 0) {
header("location: index.php?negative");
}
}
} else {
if ($batch->pending == 1 || $batch->enabled == 0) {
header("location: index.php?negative");
}
}
} else {
header("location: index.php?negative");
}
?>
if ($_POST['oper'] == 'edit') {
$batch = Batch::get_by_id($_POST['id']);
$batch->comments = $_POST['comments'];
$batch->about = $_POST['about'];
$batch->pending = $_POST['pending'];
$batch->enabled = $_POST['enabled'];
$batch->fromyear = $_POST['fromyear'];
$batch->schoolid = $_POST['schoolid'];
$batch->update();
$log = new Log($session->user_id, $clientip, "WEB", "UPDATED BATCH: " . $_POST['id']);
$log->create();
} else {
if ($_POST['oper'] == 'del') {
$log = new Log($session->user_id, $clientip, "WEB", "DELETED BATCH: " . $_POST['id']);
$log->create();
$batch = Batch::get_by_id($_POST['id']);
SectionUser::delete_all_by_schoolid($batch->schoolid);
Section::delete_all_by_schoolid($batch->schoolid);
BatchUser::delete_all_by_batchid($batch->id);
$folder_path = "../../public/schools/" . $batch->schoolid . "/yearbooks/" . $batch->id;
rrmdir($folder_path);
$batch->delete();
}
}
}
function rrmdir($dir)
{
foreach (glob($dir . '/*') as $file) {
if (is_dir($file)) {
rrmdir($file);
} else {
<?php
require_once "header.php";
if (isset($_GET['id'])) {
$object = Batch::get_by_id($_GET['id']);
if ($batch == false || $batch == null || $batch == "") {
header("location: index.php");
} else {
$school = School::get_by_id($object->schoolid);
//$batchname = $school->name." ".$object->get_batchyear();
$batchname = $object->get_batchyear();
}
} else {
header("location: index.php?negative");
}
if (!$session->is_logged_in()) {
header("location: index.php?negative");
} else {
$user = User::get_by_id($session->user_id);
if ($user->enabled == DISABLED) {
header("location: index.php?disabled");
}
if (!BatchUser::amIAdmin($session->user_id, $object->id) && !SchoolUser::amIAdmin($session->user_id, $object->schoolid) && !$user->is_super_admin()) {
header("location: index.php?negative");
}
}
$pathinfo = pathinfo($_SERVER["PHP_SELF"]);
$basename = $pathinfo["basename"];
$currentFile = str_replace(".php", "", $basename);
?>
<div class="container-fluid">
$sections = Section::get_by_sql("SELECT * FROM " . T_SECTIONS . " WHERE " . $where . " AND " . $where2 . " ORDER BY {$sidx} {$sord} LIMIT {$start} , {$limit}");
} else {
$sections = Section::get_by_sql("SELECT * FROM " . T_SECTIONS . " WHERE " . $where2 . " ORDER BY {$sidx} {$sord} LIMIT {$start} , {$limit}");
}
header("Content-type: text/xml;charset=utf-8");
$s = "<?xml version='1.0' encoding='utf-8'?>";
$s .= "<rows>";
$s .= "<page>" . $page . "</page>";
$s .= "<total>" . $total_pages . "</total>";
$s .= "<records>" . $count . "</records>";
foreach ($sections as $section) {
$school = School::get_by_id($section->schoolid);
if (!$school) {
$school = new School();
}
$batch = Batch::get_by_id($section->batchid);
if (!$batch) {
$batch = new Batch();
}
$s .= "<row id='" . $section->id . "'>";
$s .= "<cell></cell>";
$s .= "<cell>" . $section->id . "</cell>";
$s .= "<cell>" . $school->id . "</cell>";
$s .= "<cell>" . $school->name . "</cell>";
$s .= "<cell>" . $batch->id . "</cell>";
$s .= "<cell>" . $batch->get_batchyear() . "</cell>";
$s .= "<cell>" . $section->name . "</cell>";
$s .= "<cell>" . $section->about . "</cell>";
$s .= "<cell>" . $section->picture . "</cell>";
$s .= "<cell>" . $section->date . "</cell>";
$s .= "<cell>" . $section->comments . "</cell>";
echo "<option value='" . $schooladmin->schoolid . "'>" . School::get_by_id($schooladmin->schoolid)->name . "</option>";
}
} else {
echo "<option value='0'>NO SCHOOLS YET</option>";
}
?>
</select>
<select name="batchselect" id="batchselect">
<?php
if (count($schooladmins) > 0) {
$onlyschool = School::get_by_id($schooladmins[0]->schoolid);
$batchadmins = BatchUser::getAdminBatchs($session->user_id, $onlyschool->id);
if (count($batchadmins) > 0) {
foreach ($batchadmins as $batchadmin) {
$batchselect = Batch::get_by_id($batchadmin->batchid);
echo "<option value='" . $batchadmin->batchid . "'>" . $batchselect->fromyear . "-" . ($batchselect->fromyear + 1) . "</option>";
}
} else {
echo "<option value='0'>NO BATCHS YET</option>";
}
}
?>
</select>
<br/>
<div class="accordion" id="accordion2">
<div class="accordion-group" id="pagescontent">
</div>
<tr><td class="myheader">Address</td></tr>
<tr><td><?php
echo $user->address;
?>
</td></tr>
</table>
</div>
<div class="span4 boxcontent">
<span class="myheader2">Graduated At</span>
<table>
<tr><td class="myheader">Batchs</td></tr>
<?php
if (count($batchusers) > 0) {
foreach ($batchusers as $batchuser) {
$batch = Batch::get_by_id($batchuser->batchid);
$school = School::get_by_id($batch->schoolid);
if ($batch->pending == 0 && $batch->enabled == 1 && $school->pending == 0 && $school->enabled == 1) {
echo "<tr><td><a href='batch.php?id=" . $batch->id . "'>" . $school->name . " " . $batch->get_batchyear() . "</a></td></tr>";
}
}
}
?>
</table>
</div>
<div class="span4 boxcontent">
<span class="myheader2">Other</span>
<table data-provides="rowlink">
<tr><td class="myheader">Jobs</td></tr>
<?php
<?php
require_once "../initialize.php";
$message = "";
if (isset($_POST['sectionid']) && $_POST['sectionid'] != "" && isset($_POST['batchselect']) && $_POST['batchselect'] != "" && isset($_POST['name']) && $_POST['name'] != "") {
$object = Section::get_by_id($_POST['sectionid']);
$batch = Batch::get_by_id($_POST['batchselect']);
$file = new File($_FILES['cover']);
if ($file->valid) {
$object->picture = $file->data;
} else {
$object->picture = base64_decode($object->picture);
}
if ($object->name == $_POST['name'] && $object->batchid == $batch->id) {
$object->comments = $_POST['comments'];
$object->about = $_POST['about'];
$object->advisermessage = $_POST['advisermessage'];
$object->comments = $_POST['comments'];
$object->fbcomments = $_POST['fbcomments'];
$object->enabled = $_POST['enabled'];
$object->update();
$log = new Log($session->user_id, $clientip, "WEB", "UPDATED SECTION: " . $object->id);
$log->create();
$message = "success";
} else {
if ($batch != false && $batch != null && $batch != "") {
if (!Section::section_exists($_POST['name'], $batch->id)) {
$object->batchid = $batch->id;
$object->name = $_POST['name'];
$object->about = $_POST['about'];
$object->advisermessage = $_POST['advisermessage'];
} else {
if ($notification->itemtype == "schooluser") {
$object = SchoolUser::get_by_id($notification->itemid);
$school = School::get_by_id($object->schoolid);
$html .= "Now a member in School <a href='school.php?id=" . $school->id . "'>" . $school->name . "</a>";
} else {
if ($notification->itemtype == "batchuser") {
$object = BatchUser::get_by_id($notification->itemid);
$batch = Batch::get_by_id($object->batchid);
$school = School::get_by_id($object->schoolid);
$html .= "Now a member in Batch <a href='batch.php?id=" . $batch->id . "'>" . $batch->get_batchyear() . "</a> of School <a href='school.php?id=" . $school->id . "'>" . $school->name . "</a>";
} else {
if ($notification->itemtype == "sectionuser") {
$object = SectionUser::get_by_id($notification->itemid);
$section = Section::get_by_id($object->sectionid);
$batch = Batch::get_by_id($object->batchid);
$school = School::get_by_id($object->schoolid);
$html .= "Now a member in Section <a href='section.php?id=" . $section->id . "'>" . $section->name . "</a> of Batch <a href='batch.php?id=" . $batch->id . "'>" . $batch->get_batchyear() . "</a> of School <a href='school.php?id=" . $school->id . "'>" . $school->name . "</a>";
} else {
if ($notification->itemtype == "clubuser") {
$object = ClubUser::get_by_id($notification->itemid);
$club = Club::get_by_id($object->clubid);
$school = School::get_by_id($object->schoolid);
$html .= "Now a member in Club <a href='club.php?id=" . $club->id . "'>" . $club->name . "</a> of School <a href='school.php?id=" . $school->id . "'>" . $school->name . "</a>";
} else {
if ($notification->itemtype == "groupuser") {
$object = GroupUser::get_by_id($notification->itemid);
$group = Group::get_by_id($object->groupid);
$school = School::get_by_id($object->schoolid);
$html .= "Now a member in Group <a href='group.php?id=" . $group->id . "'>" . $group->name . "</a> of School <a href='school.php?id=" . $school->id . "'>" . $school->name . "</a>";
}
}
$log = new Log($session->userid, $clientip, "WEB", "DELETED MULTIPLE SCHOOLS");
$log->create();
$response = "success";
} else {
if ($what == "schooluser") {
foreach ($ids as $id) {
SchoolUser::get_by_id($id)->delete();
}
$log = new Log($session->userid, $clientip, "WEB", "DELETED MULTIPLE SCHOOLUSERS");
$log->create();
$response = "success";
} else {
if ($what == "batch") {
foreach ($ids as $id) {
$batch = Batch::get_by_id($id);
SectionUser::delete_all_by_schoolid($batch->schoolid);
Section::delete_all_by_schoolid($batch->schoolid);
BatchUser::delete_all_by_batchid($batch->id);
$folder_path = "../../public/schools/" . $batch->schoolid . "/yearbooks/" . $batch->get_batchyear();
rrmdir($folder_path);
$batch->delete();
}
$log = new Log($session->userid, $clientip, "WEB", "DELETED MULTIPLE BATCHS");
$log->create();
$response = "success";
} else {
if ($what == "batchuser") {
foreach ($ids as $id) {
BatchUser::get_by_id($id)->delete();
}
<?php
require_once "../initialize.php";
$sectionsselect = null;
if (isset($_GET["batchid"])) {
if (is_numeric($_GET["batchid"])) {
$batch = Batch::get_by_id($_GET["batchid"]);
if (SchoolUser::amIAdmin($session->user_id, $batch->schoolid) || BatchUser::amIAdmin($session->user_id, $batch->id)) {
$sections = Section::get_all_by_batchid($batch->id);
if (count($sections) > 0) {
foreach ($sections as $section) {
$sectionsselect .= "<option value='" . $section->id . "'>" . $section->name . "</option>";
}
if (User::get_by_id($session->user_id)->is_super_admin()) {
$sectionsselect .= "<option value='NOTHING'>NOTHING</option>";
}
} else {
$sectionsselect .= "<option value='0'>NO SECTIONS YET</option>";
}
} else {
$sectionadmins = SectionUser::getSectionsIAdminInBatch($session->user_id, $_GET["batchid"]);
if (count($sectionadmins) > 0) {
foreach ($sectionadmins as $sectionadmin) {
$section = Section::get_by_id($sectionadmin->sectionid);
$sectionsselect .= "<option value='" . $section->id . "'>" . $section->name . "</option>";
}
if (User::get_by_id($session->user_id)->is_super_admin()) {
$sectionsselect .= "<option value='NOTHING'>NOTHING</option>";
}
} else {
$sectionsselect .= "<option value='0'>NO SECTIONS YET</option>";
<?php
require_once "../initialize.php";
$message = "";
if (isset($_POST['batchid']) && $_POST['batchid'] != "" && isset($_POST['fromyear']) && $_POST['fromyear'] != "" && isset($_POST['about']) && $_POST['about'] != "") {
if (strtotime(date("Y-m-d")) < strtotime($_POST['pubdate'])) {
//$school = School::get_by_id($_POST['schoolselect']);
$object = Batch::get_by_id($_POST['batchid']);
$school = School::get_by_id(CSNTRID);
if ($school != false && $school != null && $school != "") {
if (!Batch::batch_exists($_POST['fromyear'], $school->id) || $object->fromyear == $_POST['fromyear']) {
$file = new File($_FILES['cover']);
if ($file->valid) {
$object->picture = $file->data;
} else {
$object->picture = base64_decode($object->picture);
}
$object->fromyear = $_POST['fromyear'];
$object->about = $_POST['about'];
$object->comments = $_POST['comments'];
$object->fbcomments = $_POST['fbcomments'];
$object->enabled = $_POST['enabled'];
if (isset($_POST['pubdate'])) {
$object->pubdate = $_POST['pubdate'];
}
//$object->schoolid = $school->id;
$object->update();
$log = new Log($session->user_id, $clientip, "WEB", "UPDATED BATCH: " . $object->id);
$log->create();
$message = "success";
} else {
<?php
require_once "../initialize.php";
$batchsselect = null;
if (isset($_GET["schoolid"])) {
if (SchoolUser::amIAdmin($session->user_id, $_GET["schoolid"])) {
$batchadmins = BatchUser::getBatchsImIn($session->user_id);
} else {
$batchadmins = BatchUser::getBatchsIAdminInSchool($session->user_id, $_GET["schoolid"]);
}
if (count($batchadmins) > 0) {
foreach ($batchadmins as $batchadmin) {
$batch = Batch::get_by_id($batchadmin->batchid);
$batchsselect .= "<option value='" . $batch->id . "'>" . $batch->fromyear . "-" . ($batch->fromyear + 1) . "</option>";
}
if (User::get_by_id($session->user_id)->is_super_admin()) {
$batchsselect .= "<option value='NOTHING'>NOTHING</option>";
}
} else {
$batchsselect .= "<option value='0'>NO BATCHS YET</option>";
}
if (User::get_by_id($session->user_id)->is_super_admin()) {
$batchsselect = "";
$batchs = Batch::get_all();
if (count($batchs) > 0) {
foreach ($batchs as $batch) {
$batchsselect .= "<option value='" . $batch->id . "'>" . $batch->fromyear . "-" . ($batch->fromyear + 1) . "</option>";
}
$batchsselect .= "<option value='NOTHING'>NOTHING</option>";
} else {
$batchsselect .= "<option value='0'>NO BATCHS YET</option>";
