public function actionFaculty()
{
if (isset($_POST["updateDetail"]) && isset($_POST["facultyId"]) && $_POST["updateDetail"] != "" && $_POST["facultyId"] != "") {
$facultyId = intval($_POST["facultyId"]);
if (!is_int($facultyId)) {
return;
}
$facultyDetail = addslashes($_POST["updateDetail"]);
$facultyId = addslashes($facultyId);
$updateFacultyDataQuery = "UPDATE `faculty_data` SET `faculty_data`='{$facultyDetail}' WHERE `faculty_dataId`={$facultyId} AND ";
$upDateFacultyDataQuery .= "`page_moduleComponentId`={$this->moduleComponentId}";
$updateFacultyDataData = mysql_query($updateFacultyDataQuery);
}
if (isset($_POST["updateSectionDetail"]) && isset($_POST["SectionDetail"])) {
if ($_POST["updateSectionDetail"] != "" && $_POST["SectionDetail"] != "") {
$facultyId = intval($_POST["SectionDetail"]);
if (!is_int($facultyId)) {
return;
}
$facultyDetail = addslashes($_POST["SectionDetail"]);
$facultyId = addslashes($facultyId);
$updateFacultyDataQuery = "UPDATE `faculty_template` SET `template_sectionName`='{$facultyDetail}' WHERE ";
$updateFacultyDataQuery .= "`template_sectionId`={$facultyId} AND `page_moduleComponentId`={$this->moduleComponentId}";
$updateFacultyDataData = mysql_query($updateFacultyDataQuery);
}
}
if (isset($_POST["addFacultyData"]) && $_POST["addFacultyData"] != "" && isset($_POST["sectionId"]) && $_POST["sectionId"] != "") {
$sectionId = intval($_POST["sectionId"]);
if (!is_int($sectionId)) {
return;
}
$addDetail = addslashes($_POST["addFacultyData"]);
$sectionId = addslashes($sectionId);
$checkMaxValReached = "SELECT * FROM `faculty_template` WHERE `template_sectionId`={$sectionId}";
$checkMaxValReachedQuery = mysql_query($checkMaxValReached);
$maxSectionLimit = mysql_fetch_assoc($checkMaxValReachedQuery);
$maxSection = "SELECT * FROM `faculty_data` WHERE `faculty_sectionId`={$sectionId} AND ";
$maxSection .= "`page_moduleComponentId`={$this->moduleComponentId}";
$maxSectionQuery = mysql_query($maxSection);
if (mysql_num_rows($maxSectionQuery) < intval($maxSectionLimit['template_sectionLimit'])) {
$addFacultyDetail = "INSERT INTO `faculty_data` (`faculty_sectionId`,`faculty_data`,`page_moduleComponentId`) VALUES ";
$addFacultyDetail .= "({$sectionId},'{$addDetail}',{$this->moduleComponentId})";
$addFacultyDetailQuery = mysql_query($addFacultyDetail);
} else {
echo "Limit Exceeded";
exit;
}
}
if (isset($_POST["DeleteFacultyId"]) && $_POST["DeleteFacultyId"] != "") {
$facultyId = intval($_POST["DeleteFacultyId"]);
$facultyId = addslashes($facultyId);
$deleteData = "DELETE FROM `faculty_data` WHERE `page_moduleComponentId`={$this->moduleComponentId} AND `faculty_dataId`={$facultyId}";
$deleteQuery = mysql_query($deleteData);
}
if (isset($_POST["facultyName"]) && isset($_POST["facultyEmail"])) {
if ($_POST["facultyName"] != "") {
$facultyName = addslashes($_POST["facultyName"]);
$updateFacultyNameQuery = "UPDATE `" . MYSQL_DATABASE_PREFIX . "pages` SET `page_title`='{$facultyName}' WHERE ";
$updateFacultyNameQuery .= "`page_modulecomponentid`={$this->moduleComponentId} AND `page_module`='faculty'";
$updateFacultyNameData = mysql_query($updateFacultyNameQuery);
}
if ($_POST["facultyEmail"] != "") {
$facultyEmail = addslashes($_POST["facultyEmail"]);
$updateFacultyEmailQuery = "UPDATE `faculty_module` SET `email`='{$facultyEmail}' WHERE ";
$updateFacultyEmailQuery .= "`page_moduleComponentId`={$this->moduleComponentId}";
$updateFacultyEmailData = mysql_query($updateFacultyEmailQuery) or displayerror(mysql_error());
}
}
global $urlRequestRoot, $sourceFolder, $cmsFolder, $templateFolder, $moduleFolder, $urlRequestRoot;
require_once "{$sourceFolder}/{$moduleFolder}/faculty/template_edit.php";
require_once $sourceFolder . "/upload.lib.php";
$facultyDetail = "";
$getImage = "SELECT * FROM `faculty_module` WHERE `page_moduleComponentId`={$this->moduleComponentId}";
$getImageQuery = mysql_query($getImage);
$isExistPh = mysql_fetch_assoc($getImageQuery);
$facultyDetail .= <<<IMG
\t\t<img src="{$isExistPh['photo']}" />
IMG;
$facultyDetail .= '<br />Upload files : <br />';
$facultyDetail .= getFileUploadForm($this->moduleComponentId, "faculty", './+faculty', UPLOAD_SIZE_LIMIT, 1, "facultyProfilePic") . '</fieldset>';
if (isset($_FILES["facultyProfilePic"])) {
$checkImageExist = "SELECT * FROM `faculty_module` WHERE `page_moduleComponentId`={$this->moduleComponentId}";
$checkImageExistQuery = mysql_query($checkImageExist);
$isExistPh = mysql_fetch_assoc($checkImageExistQuery);
if ($isExistPh["photo"] != NULL) {
if (!deleteFile($this->moduleComponentId, 'faculty', $isExistPh["photo"])) {
displayerror("Unable to Update");
return false;
}
}
$allowableTypes = array('jpeg', 'jpg', 'png', 'gif');
$fileUpload = submitFileUploadForm($this->moduleComponentId, "faculty", $this->userId, UPLOAD_SIZE_LIMIT, $allowableTypes, 'facultyProfilePic');
$updatePhoto = "UPDATE `faculty_module` SET `photo`='{$fileUpload[0]}' WHERE `page_moduleComponentId`={$this->moduleComponentId}";
$updatePhotoQuery = mysql_query($updatePhoto) or displayerror(mysql_error());
}
$pageName = getPageTitle(getPageIdFromModuleComponentId("faculty", $this->moduleComponentId));
$emailId = getEmailForFaculty($this->moduleComponentId);
$facultyDetail .= <<<ChangeName
\t <form action="./+faculty" method="POST">
\t <table border="1">
\t <tr>
\t <td>Faculty Name:</td><td><input type="text" name="facultyName" value="{$pageName}"/></td>
\t </tr>
\t <tr>
\t <td>Email:</td><td> <input type="text" name="facultyEmail" value="{$emailId}"/></td>
\t </tr>
\t <tr>
\t <td colspan="2"><input type="submit"/></td>
\t </tr>
</table>
\t </form>
ChangeName;
$folder = "{$urlRequestRoot}/{$cmsFolder}/{$moduleFolder}/faculty/main.js";
$facultyDetail .= "<script type='text/javascript' src='{$folder}'></script>";
$templateId = getTemplateId($this->moduleComponentId);
$sectionDetail = getTemplateDataFromModuleComponentId($this->moduleComponentId);
while ($sectionDetailArray = mysql_fetch_assoc($sectionDetail)) {
$sectionId = $sectionDetailArray['template_sectionId'];
$facultyDetail .= <<<facultyName
\t <h2>{$sectionDetailArray['template_sectionName']}
facultyName;
$facultyDetail .= "</h2><hr/>";
$facultyDetail .= printFacultyDataWithLiFaculty($sectionId, $this->moduleComponentId, 0);
$sectionChildNode1DetailQuery = "SELECT * FROM `faculty_template` WHERE `template_id`={$templateId} AND ";
$sectionChildNode1DetailQuery .= "`template_sectionParentId`={$sectionDetailArray['template_sectionId']}";
$sectionChildNode1DetailResult = mysql_query($sectionChildNode1DetailQuery);
while ($sectionChildNode1DetailArray = mysql_fetch_assoc($sectionChildNode1DetailResult)) {
$facultyDetail .= printFacultyDataWithLiFaculty($sectionChildNode1DetailArray['template_sectionId'], $this->moduleComponentId, 1);
$sectionChildNode2DetailQuery = "SELECT * FROM `faculty_template` WHERE `template_id`={$templateId} AND ";
$sectionChildNode2DetailQuery .= "`template_sectionParentId`={$sectionChildNode1DetailArray['template_sectionId']}";
$sectionChildNode2DetailResult = mysql_query($sectionChildNode2DetailQuery);
while ($sectionChildNode2DetailArray = mysql_fetch_assoc($sectionChildNode2DetailResult)) {
$facultyDataChild = printFacultyDataWithLi($sectionChildNode2DetailArray['template_sectionId'], $this->moduleComponentId, 1);
$facultyDetail .= <<<facultyName
\t <h4>{$facultyDataChild}</h4>
facultyName;
}
}
}
return $facultyDetail;
}
public function actionHead()
{
global $urlRequestRoot, $moduleFolder, $cmsFolder, $templateFolder, $sourceFolder, $STARTSCRIPTS;
require_once $sourceFolder . "/" . $moduleFolder . "/qaos1/qaos_common.php";
require_once $sourceFolder . "/upload.lib.php";
require_once $sourceFolder . "/" . $moduleFolder . "/qaos1/excel.php";
$mcid = $this->moduleComponentId;
if (isset($_POST['downloadFormatExcel'])) {
displayEventFormatExcel();
}
if (isset($_FILES['fileUploadField']['name'])) {
$date = date_create();
$timeStamp = date_timestamp_get($date);
$tempVar = $sourceFolder . "/uploads/temp/" . $timeStamp . $_FILES['fileUploadField']['name'][0];
move_uploaded_file($_FILES["fileUploadField"]["tmp_name"][0], $tempVar);
$excelData = readExcelSheet($tempVar);
$success = 1;
for ($i = 2; $i <= count($excelData); $i++) {
if ($excelData[$i][1] == NULL) {
continue;
}
$checkIfExistQuery = "SELECT * FROM `qaos1_events` WHERE `events_name`='{$excelData[$i][1]}' AND `page_modulecomponentid`={$mcid}";
$checkIfExistRes = mysql_query($checkIfExistQuery) or displayerror(mysql_error());
if (mysql_num_rows($checkIfExistRes)) {
continue;
}
$insertIntoEventTableQuery = "INSERT IGNORE INTO `qaos1_events` (events_name,page_modulecomponentid) VALUES ('{$excelData[$i][1]}',{$mcid})";
$res = mysql_query($insertIntoEventTableQuery) or displayerror(mysql_error());
if ($res == "") {
$success = 0;
}
}
if (!$success) {
displayerror("Datas are not inserted");
}
}
if (isset($_POST['uploadEventName'])) {
}
if (isset($_POST['hid'])) {
$_POST["hid2"] = addslashes($_POST["hid2"]);
$_POST["hid1"] = addslashes($_POST["hid1"]);
$_POST["hid"] = addslashes($_POST["hid"]);
if ($_POST["hid"] < 3 && $_POST["hid"] >= 0) {
if ($_POST["hid"] != 2 || $_POST["hid1"] != "") {
$query = "update qaos1_evtproc set evtproc_Status = '{$_POST["hid"]}',evtproc_Desc ='{$_POST["hid1"]}' where evtproc_Id ='{$_POST["hid2"]}' AND modulecomponentid={$this->moduleComponentId}";
$res = mysql_query($query);
}
}
}
if (isset($_GET['subaction']) && $_GET['subaction'] == "apFundReq" && isset($_POST['qhid'])) {
$_POST["qhid2"] = addslashes($_POST["qhid2"]);
$_POST["qhid1"] = addslashes($_POST["qhid1"]);
$_POST["qhid"] = addslashes($_POST["qhid"]);
if ($_POST["qhid"] < 3 && $_POST["qhid"] >= 0) {
if ($_POST["qhid"] != 2 || $_POST["qhid1"] != "") {
$query = "update qaos1_fundreq set fundreq_Status = '{$_POST["qhid"]}',fundreq_Desc ='{$_POST["qhid1"]}' where fundreq_Id ='{$_POST["qhid2"]}' AND modulecomponentid={$this->moduleComponentId}";
$res = mysql_query($query);
}
}
}
$query = "SELECT * FROM qaos1_evtproc WHERE modulecomponentid={$this->moduleComponentId}";
$res = mysql_query($query);
$query1 = "SELECT * FROM qaos1_fundreq WHERE modulecomponentid={$this->moduleComponentId}";
$res1 = mysql_query($query1);
$css1 = $urlRequestRoot . "/" . $cmsFolder . "/" . $moduleFolder . "/qaos1/styles/main.css";
$smarttablestuff = smarttable::render(array('table_evtprocrequest', 'table_fundreqform', 'table_eventproc_head', 'table_funreq_head'), null);
$STARTSCRIPTS .= "initSmartTable();";
$headaction = <<<AB
\t\t {$smarttablestuff}
\t\t\t\t<link href="{$css1}" rel="stylesheet">
\t \t \t <script type="text/javascript">
\t \t \t function qaosproc(a)
\t\t{
\t\t\t\t\tvar k=document.getElementById("status"+a+"1");
\t\t \t\t\tvar k1=document.getElementById("status"+a+"2");
\t\t \t\t\tif(k.checked) document.getElementById("hid"+a).value=1;
\t\t \t\t\telse if(k1.checked) document.getElementById("hid"+a).value=2;
\t\t \t\t\telse {alert("select any one of button");return false;}
\t\t \t\t\tdocument.getElementById("hi1d"+a).value=document.getElementById("description"+a).value;
\t\t\t\t
\t\t\t\t\t\$.ajax({
\t\t\t\t\ttype: "POST",
\t\t\t\t \turl: "./+head&subaction=apEventProc",
\t\t\t\t \tdata: "hid="+\$("#hid"+a).val()+"&hid1="+\$("#hi1d"+a).val()+"&hid2="+\$("#hi2d"+a).val()
\t\t\t \t\t});
\t\t\t\t
\t\t\t\t\t\$("#tr"+a).css({'display':'none'});
\t \t\t\t\treturn false;
\t\t\t\t}
\t\t\t function qaosfund(a)
\t\t \t\t{
\t\t\t\t\tvar k=document.getElementById("qstatus"+a+"1");
\t\t\t\t\tvar k1=document.getElementById("qstatus"+a+"2");
\t\t\t\t\tif(k.checked) document.getElementById("qhid"+a).value=1;
\t\t\t\t\telse if(k1.checked) document.getElementById("qhid"+a).value=2;
\t\t\t\t\telse {alert("select any one of button");return false;}
\t\t \t\t\tdocument.getElementById("qhi1d"+a).value=document.getElementById("qdescription"+a).value;
\t\t\t\t\t
\t\t\t\t\t\$.ajax({
\t\t\t\t\ttype: "POST",
\t\t\t\t \turl: "./+head&subaction=apFundReq",
\t\t\t \t\tdata: "qhid="+\$("#qhid"+a).val()+"&qhid1="+\$("#qhi1d"+a).val()+"&qhid2="+\$("#qhi2d"+a).val()
\t\t\t \t\t});
\t\t\t\t\t
\t\t\t\t\t\$("#trf"+a).css({'display':'none'});
\t \t\t\t\treturn false;
\t\t\t }
\t \t </script>
\t\t\t <script type="text/javascript">
\t\t \t \t \$(document).ready(function()
\t \t\t \t{
\t\t\t\t\t\$(".forms").css({'display':'none'});
\t\t\t\t\t\$(".buttons").css({'display':'block'});
\t\t\t\t\t\$("#dheadfundreq").css({'display':'block'});
\t\t\t\t\t\$("#bhead_evtproc").click(function()
\t\t\t\t\t\t{
\t\t\t\t\t\t\tdispevtproc();
\t\t\t\t\t\t});
\t\t\t\t\t\$("#bhead_fundreq").click(function()
\t\t\t\t\t\t{
\t\t\t\t\t\t\tdispfundreq();
\t\t\t\t\t\t});
\t\t\t\t\t\t\t\t
\t\t\t\t\t\$("#bformevt").click(function(){
\t\t\t\t\t\tdispevtform();
\t\t\t\t\t});
\t \t\t \$("#bformfund").click(function(){
\t\t\t\t\t\tdispfundform();
\t\t\t\t \t\t});
\t \t\t \$("#bhead_evtUpload").click(function(){
\t\t\t\t\t dispEventUploadForm();
\t\t\t\t\t });
\t\t\t\t\tfunction dispevtproc()
\t\t \t\t \t {
\t\t\t\t\t\t\$(".forms").css({'display':'none'});
\t\t\t\t\t\t\$("#dheadeventproc").css({'display':'block'});
\t\t\t\t\t }
\t\t\t\t\tfunction dispfundreq()
\t\t \t\t \t {
\t\t\t\t\t\t\$(".forms").css({'display':'none'});
\t\t\t\t\t\t\$("#dheadfundreq").css({'display':'block'});
\t\t\t \t\t }
\t\t\t\t\tfunction dispevtform()
\t\t\t\t \t {
\t\t\t\t\t\t\$(".forms").css({'display':'none'});
\t\t\t\t\t\t\$("#formevt").css({'display':'block'});
\t\t\t\t\t }
\t\t\t \t function dispfundform()
\t\t\t\t \t {
\t\t\t\t\t\t\$(".forms").css({'display':'none'});
\t\t\t\t\t\t\$("#formfund").css({'display':'block'});
\t\t\t\t\t }
\t\t\t\t\t function dispEventUploadForm()
\t\t\t\t\t {
\t\t\t\t\t \$(".forms").css({'display':'none'});
\t\t\t\t\t \$("#formEvtName").css({'display':'block'});
\t\t\t\t\t }
\t\t\t\t\t\$("#dheadeventproc").css({'width':'100%'});
\t\t\t\t\t\$("#dheadfundreq").css({'width':'100%'});
\t\t\t\t\$(".viewbuttons").css({'height':'25px'});
\t\t\t\t\t});\t
\t\t\t</script>
\t\t\t<div id="buttonsDiv" class="viewButtonsDiv">
\t \t\t<input type="button" id="bformevt" class="viewbuttons" value="Event procurement "/>
\t \t\t<input type="button" id="bformfund" value="Fund" class="viewbuttons" />
\t\t\t<input type="button" id="bhead_evtproc" value="Event procurement details" class="viewbuttons" />
\t\t\t<input type="button" id="bhead_fundreq" value="Fund details" class="viewbuttons" />
\t\t\t<input type="button" id="bhead_evtUpload" value="Upload Event Name" class="viewbuttons" />
\t\t</div>
\t\t\t<div id="formevt" class="forms">
\t\t\t\t<h2>Event Procurement Request</h2>
\t\t\t<table class="qaostables display" id="table_evtprocrequest" width="100%" border="1">
\t\t\t\t<thead><tr>
\t\t\t\t\t<th>EVENT NAME</th>
\t\t\t\t\t<th>ITEM</th>
\t\t\t\t\t<th>QUANTITY</th>
\t\t\t\t\t<th>REASON</th>
\t\t\t\t\t<th>STATUS</th>
\t\t\t\t\t<th>DEADLINE</th>
\t\t\t\t\t<th>ADDED BY</th>
\t\t\t\t\t<th>DESCRIPTION</th>
\t\t\t\t\t<th>SUBMIT</th>
\t\t\t\t</tr></thead>
AB;
while ($result = mysql_fetch_array($res)) {
$event = $result['evtproc_Id'];
$userName = getUserName($result['userid']);
if ($result['evtproc_Status'] == 0) {
$status = 0;
} else {
$status = 1;
}
if ($status == 0) {
$headaction .= <<<AB
\t \t\t\t <tr id="tr{$event}" >
\t \t\t\t \t <td>{$result["evtproc_name"]}</td>
\t \t\t\t\t\t <td>{$result['evtproc_Request']}</td>
\t \t\t\t\t\t <td>{$result['evtproc_Quantity']}</td>
\t\t\t\t\t\t <td>{$result['evtproc_reason']}</td>
\t\t\t\t\t\t <td>
\t\t\t\t\t\t\t<input type="radio" name="status{$event}" id="status{$event}1" value="1">ACCEPT<br/ >
\t \t\t\t\t\t \t<input type="radio" name="status{$event}" id="status{$event}2" value="2">Decline<br/>
\t\t\t\t\t\t </td>
\t\t\t\t\t\t <td>{$result['evtproc_date']}</td>
\t\t\t\t\t\t <td>{$userName}</td>\t\t\t\t
\t\t\t\t\t\t <td><textarea id="description{$event}"></textarea></td>
\t\t\t\t\t\t <td>
\t\t\t\t\t\t\t<form action="./+head&subaction=apEventProc" method="post" onsubmit="return qaosproc({$event})">
\t\t\t\t\t\t\t <input type="hidden" value="" id="hid{$event}" name="hid">
\t\t\t\t\t\t\t <input type="hidden" value="{$event}" id="hi2d{$event}" name="hid2">
\t\t\t\t\t\t\t <input type="hidden" value="" id="hi1d{$event}" name="hid1">
\t\t\t\t\t\t\t <input type="submit" value="submit">
\t\t\t\t\t\t\t</form>
\t\t\t\t\t\t </td>
\t\t\t\t\t </tr>
AB;
}
}
$headaction .= <<<AB
\t\t \t </table>
\t\t\t\t </div>
\t\t\t\t <div id="formfund" class="forms">
\t\t \t\t<h2>Fund request</h2>
\t\t\t\t \t<table class="qaostables display" id="table_fundreqform" border="1" width="100%">
\t\t\t\t\t <thead> <tr>
\t\t\t\t\t\t<th>EVENT NAME</th>
\t\t\t\t\t\t<th>ITEM</th>
\t\t\t\t\t\t<th>QUANTITY</th>
\t\t\t\t\t\t<th>AMOUNT</th>
\t\t\t\t\t\t<th>REASON</th>
\t\t\t\t\t\t<th>STATUS</th>
\t\t\t\t\t\t<th>DEADLINE</th>
\t\t <th>ADDED BY</th>
\t\t\t\t\t\t<th>DESCRIPTION</th>
\t\t <th>SUBMIT</th>
\t\t\t\t\t </tr></thead>
AB;
while ($result1 = mysql_fetch_array($res1)) {
$event1 = $result1['fundreq_Id'];
$userName = getUserName($result1['userid']);
if ($result1['fundreq_Status'] == 0) {
$status1 = 0;
} else {
$status1 = 1;
}
if ($status1 == 0) {
$headaction .= <<<AB
\t \t\t\t\t\t <tr id="trf{$event1}">
\t \t\t\t\t\t <td>{$result1["fundreq_name"]}</td>
\t \t\t\t\t\t\t <td>{$result1['fundreq_Request']}</td>
\t \t\t\t\t\t\t <td>{$result1['fundreq_Quantity']}</td>
\t \t\t\t\t\t\t <td>{$result1["fundreq_Amount"]}</td>
\t \t\t\t\t\t\t <td>{$result1["fundreq_reason"]}</td>
\t \t\t\t\t\t\t <td>
\t\t\t\t\t\t\t\t<input type="radio" name="qstatus{$event1}" id="qstatus{$event1}1" value="1">ACCEPT<br/ >
\t \t\t\t\t\t\t\t<input type="radio" name="qstatus{$event1}" id="qstatus{$event1}2" value="2">Decline<br/>
\t\t\t\t\t\t\t </td>
\t\t\t\t\t\t\t\t <td>{$result1["fundreq_date"]}</td>
\t\t\t\t\t\t\t <td>{$userName}</td>\t\t
\t \t\t\t\t\t\t <td><textarea id="qdescription{$event1}"></textarea></td>
\t \t\t\t\t\t\t <td>
\t\t\t\t\t\t\t\t<form action="./+head&&subaction=apFundReq" method="post" onsubmit="return qaosfund({$event1})">
\t\t\t\t\t\t\t \t <input type="hidden" value="" id="qhid{$event1}" name="qhid">
\t \t\t\t\t\t\t\t <input type="hidden" value="{$event1}" id="qhi2d{$event1}" name="qhid2">
\t \t\t\t\t\t\t\t <input type="hidden" value="" id="qhi1d{$event1}" name="qhid1">
\t \t\t\t\t\t\t\t <input type="submit" value="submit">
\t\t\t\t\t\t\t \t</form>
\t\t\t\t\t\t\t </td>
\t\t\t\t\t\t </tr>
AB;
}
}
$headaction .= <<<AB
\t\t\t\t\t\t</table>
\t\t\t\t\t \t</div>
\t\t\t\t\t\t<div class="headdisplay" id="headdisplayevt">
AB;
$hist1 = "SELECT *FROM qaos1_evtproc WHERE modulecomponentid={$this->moduleComponentId}";
$res = mysql_query($hist1);
$headaction .= <<<AB
\t \t <div id="dheadeventproc" class="forms">
\t\t\t\t\t<h2>Event Procurement Status</h2>\t \t \t
\t \t <table id="table_eventproc_head" class="display"border="1" width="100%" class="qaostables">
\t \t\t <thead><tr>
\t\t\t\t\t\t<th>ITEM</th>
\t\t\t\t\t\t<th>QUANTITY</th>
\t\t\t\t\t\t<th>EVENT NAME</th>
\t\t\t\t\t\t<th>REASON</th>\t\t\t\t \t\t
\t\t\t\t \t\t<th>STATUS</th>
\t\t <th>ADDED BY</th>
\t\t\t\t \t\t<th>DEADLINE</th>
\t\t\t\t \t\t<th>DESCRIPTION</th>
\t\t\t\t\t </tr></thead>
AB;
while ($result = mysql_fetch_array($res)) {
$userName = getUserName($result['userid']);
if ($result['evtproc_Status'] == 0) {
$status = "Pending";
} else {
if ($result['evtproc_Status'] == 1) {
$status = "Accepted By QA";
} else {
if ($result['evtproc_Status'] == 2) {
$status = "Decline";
} else {
if ($result['evtproc_Status'] == 3) {
$status = "Accepted By OC";
}
}
}
}
$headaction .= <<<AB
\t\t\t\t <tr class="tr{$result['evtproc_Status']}">
\t\t\t\t <td>{$result['evtproc_Request']}</td>
\t\t\t\t <td>{$result['evtproc_Quantity']}</td>
\t\t\t\t <td>{$result['evtproc_name']}</td>
\t\t\t\t <td>{$result['evtproc_reason']}</td>\t\t\t\t
\t\t\t\t <td>{$status}</td>
\t\t\t\t\t<td>{$userName}</td>\t\t
\t\t\t\t <td>{$result['evtproc_date']}</td>
\t\t\t\t <td>{$result['evtproc_Desc']}</td>
\t\t\t \t </tr>
AB;
}
$headaction .= <<<AB
</table></div>
\t\t\t<div class="forms" id="dheadfundreq">
\t\t\t<h2>Fund Request Status</h2>
\t\t <table id="table_funreq_head" class="display"border="1" width="100%" class="qaostables">
\t\t\t <thead>
\t\t\t <tr>
\t\t\t\t <th>ITEM</th>
\t\t\t\t <th>QUANTITY</th>
\t\t\t\t <th>EVENT NAME</th>
\t\t\t\t <th>Reason</th>
\t\t\t\t <th>STATUS</th>
<th>ADDED BY</th>
\t\t\t\t <th>DEADLINE</th>
\t\t\t\t <th>DESCRIPTION</th>
\t\t\t </tr></thead>
AB;
$hist2 = "SELECT * FROM qaos1_fundreq WHERE modulecomponentid={$this->moduleComponentId}";
$res1 = mysql_query($hist2);
while ($result1 = mysql_fetch_array($res1)) {
$userName = getUserName($result1['userid']);
if ($result1['fundreq_Status'] == 0) {
$status1 = "Pending";
} else {
if ($result1['fundreq_Status'] == 1) {
$status1 = "Accepted by QA";
} else {
if ($result1['fundreq_Status'] == 2) {
$status1 = "Decline";
} else {
if ($result1['fundreq_Status'] == 3) {
$status1 = "collect the amt from treasurer";
}
}
}
}
$headaction .= <<<AB
\t\t\t\t<tr class="tr{$result1['fundreq_Status']}">
\t\t\t\t<td>{$result1['fundreq_Request']}</td>
\t\t\t\t\t<td>{$result1['fundreq_Quantity']}</td>
\t\t\t\t\t<td>{$result1['fundreq_name']}</td>
\t\t\t\t\t<td>{$result1['fundreq_reason']}</td>
\t\t\t\t\t<td>{$status1}</td>
\t\t\t\t\t<td>{$userName}</td>\t\t
\t\t\t\t\t<td>{$result1['fundreq_date']}</td>
\t\t\t\t\t<td>{$result1['fundreq_Desc']}</td>
\t\t\t\t</tr>
AB;
}
$uploadEventName = getFileUploadForm($this->moduleComponentId, "qaos1", './+head', UPLOAD_SIZE_LIMIT, 1);
$headaction .= <<<AB
\t </table></div>
\t <div class="forms" id="formEvtName">
\t <h2>Upload Event Details</h2>
\t <form action="./+head" method="post">
\t <input type="submit" name="downloadFormatExcel" value="Download Event Sample Format"/>
\t </form>
\t {$uploadEventName}
\t </div>
AB;
return $headaction;
}
public function actionEdit($moduleComponentId)
{
global $sourceFolder;
global $templateFolder;
global $urlRequestRoot;
global $uploadFolder;
require_once "{$sourceFolder}/upload.lib.php";
$arr = getUploadedFiles($moduleComponentId, 'gallery');
if (isset($_POST['btnDeleteImage']) && isset($_POST['imagename']) && $_POST['imagename'] != '') {
deleteFile($moduleComponentId, 'gallery', $_POST['imagename']);
$gallQuery = "DELETE FROM `gallery_pics` WHERE `upload_filename`='" . escape($_POST['imagename']) . "'";
$gallResult = mysql_query($gallQuery);
} else {
if (isset($_POST['btnEditComment']) && isset($_POST['imagename']) && $_POST['imagename'] != '') {
$imageName = escape($_POST['imagename']);
$comment = escape($_POST['desc']);
$gallQuery = "UPDATE `gallery_pics` SET `gallery_filecomment`=\"{$comment}\" WHERE `upload_filename`=\"{$imageName}\"";
$gallResult = mysql_query($gallQuery);
}
}
if (isset($_POST['btnEditGallname']) && isset($_POST['gallName']) && isset($_POST['gallDesc']) && $_POST['gallName'] != '' && $_POST['gallDesc'] != '') {
if (is_numeric($_POST['imagesPerPage'])) {
$perPage = (int) escape($_POST['imagesPerPage']);
}
$viewCount = $_POST['allowViews'] ? 1 : 0;
$ratingCount = $_POST['allowRatings'] ? 1 : 0;
$gallQuery = "UPDATE `gallery_name` SET `gallery_name`='" . escape($_POST['gallName']) . "',`gallery_desc`='" . escape($_POST['gallDesc']) . "', `imagesPerPage`='" . $perPage . "',`allowViews`='" . $viewCount . "',`allowRatings`='" . $ratingCount . "' WHERE `page_modulecomponentid`='{$moduleComponentId}'";
$gallResult = mysql_query($gallQuery);
}
$content2 = getFileUploadForm($this->moduleComponentId, "gallery", './+edit', 10000000, 5);
$allowableTypes = array('jpeg', 'jpg', 'png', 'gif');
$uploadSuccess = submitFileUploadForm($this->moduleComponentId, "gallery", $this->userId, false, $allowableTypes);
if (is_array($uploadSuccess) && isset($uploadSuccess[0])) {
for ($i = 0; $i < count($uploadSuccess); $i++) {
$gallQuery3 = "INSERT INTO `gallery_pics` (`upload_filename`, `page_modulecomponentid`, `gallery_filecomment`) VALUES('{$uploadSuccess[$i]}', '{$this->moduleComponentId}', 'No Comment')";
$gallResult3 = mysql_query($gallQuery3);
}
}
$arr = getUploadedFiles($this->moduleComponentId, 'gallery');
global $ICONS;
$content2 = "<fieldset><legend>{$ICONS['Gallery Edit']['small']}Edit Gallery</legend>" . $content2;
$result = mysql_fetch_array(mysql_query("SELECT * FROM `gallery_name` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}'"));
if ($result) {
$checkViews = $result['allowViews'] == 1 ? 'checked="checked" ' : '';
$checkRatings = $result['allowRatings'] == 1 ? 'checked="checked" ' : '';
}
$content2 .= <<<GALFORM
\t\t\t\t\t<br /><br />
\t\t\t\t\t<script type="text/javascript">
\t\t\t\t\t\t<!--
\t\t\t\t\t\tfunction validate() {
\t\t\t\t\t\t\tvar strValidChars = "0123456789.-";
\t\t\t\t\t\t\tvar strString = document.getElementById('perPage').value;
\t\t\t\t\t\t\tif (strString.length == 0)
\t\t\t\t\t\t\t\talert("Empty Images Per Page will be taken as default value(10).");
\t\t\t\t\t\t\tfor (i = 0; i < strString.length; i++) {
\t\t\t\t\t\t\t\tif (strValidChars.indexOf(strString.charAt(i)) == -1) {
\t\t\t\t\t\t\t\t\talert("The value in the Images Per Page field doesn't seems to be valid number. An invalid number will be replaced by default value(10).");
\t\t\t\t\t\t\t\t\tbreak;\t\t\t\t\t\t\t \t
\t\t\t\t\t\t\t\t}
\t\t\t\t\t\t\t}
\t\t\t\t\t\t}
\t\t\t\t\t\t-->
\t\t\t\t\t</script>
\t\t\t\t\t<form name="edit" method="POST" action="./+edit">
\t\t\t\t\t<table>
\t\t\t\t\t\t<tr><th colspan=2>Edit gallery name and description</th></tr>
\t\t\t\t\t\t<tr>
\t\t\t\t\t\t\t<td>New Gallery Name</td>
\t\t\t\t\t\t\t<td><input type='text' name="gallName" value='{$result['gallery_name']}'></td>
\t\t\t\t\t\t</tr>
\t\t\t\t\t\t<tr>
\t\t\t\t\t\t\t<td>New Gallery Description</td>
\t\t\t\t\t\t\t<td><input type='text' name="gallDesc" value='{$result['gallery_desc']}'></td>
\t\t\t\t\t\t</tr>
\t\t\t\t\t\t<tr>
\t\t\t\t\t\t\t<td>Show Gallery views ?</td>
\t\t\t\t\t\t\t<td><input type="checkbox" name="allowViews" {$checkViews}></td>
\t\t\t\t\t\t</tr>
\t\t\t\t\t\t<tr>
\t\t\t\t\t\t\t<td>Show Gallery rating ?</td>
\t\t\t\t\t\t\t<td><input type="checkbox" name="allowRatings" {$checkRatings}></td>
\t\t\t\t\t\t</tr>
\t\t\t\t\t\t<tr>
\t\t\t\t\t\t\t<td>Images Per Page</td>
\t\t\t\t\t\t\t<td><input type="text" id=perPage name="imagesPerPage" value='{$result['imagesPerPage']}'></td>
\t\t\t\t\t\t</tr>
\t\t\t\t\t\t<tr>
\t\t\t\t\t\t\t<td><input type="submit" name="btnEditGallname" value="Save Settings"></td>
\t\t\t\t\t\t</tr>
\t\t\t\t\t</table>
\t\t\t\t\t</form>
\t\t\t\t\t<br /><br />
GALFORM;
$gallQuery2 = "SELECT * FROM `gallery_pics` where `page_modulecomponentid`= '{$this->moduleComponentId}'";
$gallResult2 = mysql_query($gallQuery2);
$fileArray = array();
while ($row2 = mysql_fetch_assoc($gallResult2)) {
$fileArray[] = $row2;
}
if ($fileArray) {
for ($i = 0; $i < count($fileArray); $i++) {
$galleryFilename = $fileArray[$i]['upload_filename'];
$galleryComment = $fileArray[$i]['gallery_filecomment'];
$galleryComment = $galleryComment != "" ? $galleryComment : "< No Comments >";
$content2 .= "<div class='galleryimagebox'><form name=\"edit\" method=\"POST\" action=\"./+edit\">";
$content2 .= <<<IMGFORM
\t\t\t\t<span style="float:left">
\t\t\t\t\t<center>
\t\t\t\t\t\t<img src="thumb_{$galleryFilename}" alt="{$galleryFilename}" title="Click on the image to delete it"/>
\t\t\t\t\t</center>
\t\t\t\t\t<div class="highslide-caption" id="caption{$i}">{$galleryComment}</div>
\t\t\t\t\t<input type="hidden" name="imagename" value="{$galleryFilename}" />
\t\t\t\t\t<input type="text" name="desc">
\t\t\t\t\t<br/><input type="submit" name="btnEditComment" value="Update comment">
\t\t\t\t\t<input type="submit" name="btnDeleteImage" value="Delete" />
\t\t\t\t</span>
IMGFORM;
$content2 .= "</form></div>";
}
}
return $content2 . "</fieldset>";
}
public function getCkBody($content = "")
{
global $sourceFolder;
global $cmsFolder;
global $moduleFolder;
global $urlRequestRoot;
global $ICONS;
require_once "{$sourceFolder}/{$moduleFolder}/article/ckeditor3.5/ckeditor.php";
$query = "SELECT * FROM `article_content` WHERE `page_modulecomponentid`= '{$this->moduleComponentId}'";
$result = mysql_query($query);
$temp = mysql_fetch_assoc($result);
if ($content == "") {
$content = $temp['article_content'];
}
$editor = $temp['default_editor'];
$CkForm = <<<Ck
\t\t\t\t\t\t<form action="./+edit" method="post">
\t\t\t\t\t\t<a name="editor"></a>
<input type="button" id="show_plain" value="Plain Source" onclick="\$('#show_plain').hide();\$('#show_ckeditor').show();CKEDITOR.instances.CKEditor1.updateElement();CKEDITOR.instances.CKEditor1.destroy();document.getElementById('editor').value='plain';">
<input type="button" id="show_ckeditor" value="CKEditor" style="display:none" onclick="\$('#show_plain').show();\$('#show_ckeditor').hide();CKEDITOR.add(CKEDITOR.editor.replace(document.getElementsByName('CKEditor1')[0]));document.getElementById('editor').value='ckeditor';">
\t\t\t\t\t\t<input type="button" value="Cancel" onclick="submitarticleformCancel(this);"><input type="submit" value="Save"><input type="button" value="Preview" onclick="submitarticleformPreview(this)"><input type="button" value="Draft" onclick="submitarticleformDraft(this);">
To upload files and images, go to the <a href="#files">files section</a>.<br/>
Ck;
$top = "<a href='#topquicklinks'>Top</a>";
$oCKEditor = new CKeditor();
$oCKEditor->basePath = "{$urlRequestRoot}/{$cmsFolder}/{$moduleFolder}/article/ckeditor3.5/";
$oCKEditor->config['width'] = '100%';
$oCKEditor->config['height'] = '300';
$oCKEditor->returnOutput = true;
if ($editor == 'ckeditor') {
$Ckbody = $oCKEditor->editor('CKEditor1', $content);
} else {
$Ckbody = $oCKEditor->editor('ne', "");
//make a auxilary Ckeditor
///following destroys the the ckeditor instance as soon as it is initialized. Also hides the Plain Source button
$Ckbody .= "<script>CKEDITOR.instances.ne.on('instanceReady',function(){ CKEDITOR.instances.ne.destroy()});\$('#show_plain').hide();\$('#show_ckeditor').show();</script>";
$Ckbody .= '<textarea rows="20" cols="60" style="width:100%" name="CKEditor1" style="display: inline;">' . $content . '</textarea>';
}
$CkFooter = <<<Ck1
<br/>
<input type='hidden' name='editor' id='editor' value='{$editor}'/>
\t\t\t\t\t <input type="button" value="Cancel" onclick="submitarticleformCancel(this);"><input type="submit" value="Save"><input type="button" value="Preview" onclick="submitarticleformPreview(this)"><input type="button" value="Draft" onclick="submitarticleformDraft(this);">
\t\t\t\t\t \t\t </form>
\t\t\t\t\t \t <script language="javascript">
\t\t\t\t\t \tfunction submitarticleformPreview(butt) {
\t\t\t\t\t \t\tbutt.form.action = "./+edit&preview=yes#preview";
\t\t\t\t\t \t\tbutt.form.submit();
\t\t\t\t\t \t}
\t\t\t\t\t \tfunction submitarticleformCancel(butt) {
\t\t\t\t\t \t\tbutt.form.action="./+view";
\t\t\t\t\t \t\tbutt.form.submit();
\t\t\t\t\t \t}
\t\t\t\t\t \tfunction submitarticleformDraft(butt) {
\t\t\t\t\t \t\tbutt.form.action="./+view&draft=yes";
\t\t\t\t\t \t\tbutt.form.submit();
\t\t\t\t\t \t}
\t\t\t\t\t </script><br />
\t\t\t\t\t {$top}
\t\t\t\t\t <fieldset>
\t\t\t\t\t <legend><a name="files">{$ICONS['Uploaded Files']['small']}Uploaded Files</a></legend>
\t\t\t\t\t\t\t
Ck1;
$CkFooter .= getUploadedFilePreviewDeleteForm($this->moduleComponentId, "article", './+edit');
$CkFooter .= '<br />Upload files : <br />' . getFileUploadForm($this->moduleComponentId, "article", './+edit', UPLOAD_SIZE_LIMIT, 5) . '</fieldset>';
/* Revisions available */
$revisionquery = "SELECT MAX(article_revision) AS MAX FROM `article_contentbak` where page_modulecomponentid = '{$this->moduleComponentId}'";
$revisionresult = mysql_query($revisionquery);
$revisionrow = mysql_fetch_assoc($revisionresult);
$start = $revisionrow['MAX'] - 10;
if (isset($_GET['revisionno'])) {
$start = escape($_GET['revisionno']);
}
if ($start > $revisionrow['MAX'] - 9) {
$start = $revisionrow['MAX'] - 10;
}
if ($start < 0) {
$start = 0;
}
$count = 10;
if (isset($_GET['count'])) {
$count = escape($_GET['count']);
}
if ($count > $revisionrow['MAX'] - $start + 1) {
$count = $revisionrow['MAX'] - $start + 1;
}
$query = "SELECT article_revision,article_updatetime,user_id FROM `article_contentbak` where page_modulecomponentid = '{$this->moduleComponentId}' ORDER BY article_revision LIMIT {$start},{$count}";
$result = mysql_query($query);
$revisionTable = "<fieldset>\n\t\t\t\t\t <legend><a name='revisions'>{$ICONS['Page Revisions']['small']}Page Revisions : </a></legend>" . "<table border='1'><tr><td>Revision Number</td><td>Date Updated</td><td>User Fullname</td><td>User Email</td></tr>";
while ($row = mysql_fetch_assoc($result)) {
$revisionTable .= "<tr><td><a href=\"./+edit&version=" . $row['article_revision'] . "#preview\">" . $row['article_revision'] . "</a></td><td>" . $row['article_updatetime'] . "</td><td>" . getUserFullName($row['user_id']) . "</td><td>" . getUserEmail($row['user_id']) . "</td></tr>";
}
$revisionTable .= "</table>" . "<input type=\"button\" value=\"<<\" onclick=\"window.location='./+edit&revisionno=0'\" /> " . "<input type=\"button\" value=\"<\" onclick=\"window.location='./+edit&revisionno=" . ($start - 10) . "'\" /> " . "<input type=\"button\" value=\">\" onclick=\"window.location='./+edit&revisionno=" . ($start + 10) . "'\" /> " . "<input type=\"button\" value=\">>\" onclick=\"window.location='./+edit&revisionno=" . ($revisionrow['MAX'] - 10) . "'\" /> " . "</fieldset>";
/* Drafts available */
$draftquery = "SELECT MAX(draft_number) AS MAX FROM `article_draft` where page_modulecomponentid = '{$this->moduleComponentId}'";
$draftresult = mysql_query($draftquery);
$draftrow = mysql_fetch_assoc($draftresult);
$dstart = $draftrow['MAX'] - 10;
if (isset($_GET['draftno'])) {
$dstart = escape($_GET['draftno']);
}
if ($dstart > $draftrow['MAX'] - 9) {
$dstart = $draftrow['MAX'] - 10;
}
if ($dstart < 0) {
$dstart = 0;
}
$dcount = 10;
if (isset($_GET['dcount'])) {
$dcount = escape($_GET['dcount']);
}
if ($dcount > $draftrow['MAX'] - $dstart + 1) {
$dcount = $draftrow['MAX'] - $dstart + 1;
}
$query = "SELECT `draft_lastsaved`,`draft_number`,`user_id` FROM `article_draft` where `page_modulecomponentid` = '{$this->moduleComponentId}' ORDER BY `draft_lastsaved` LIMIT {$dstart},{$dcount}";
$result = mysql_query($query);
$draftTable = "<fieldset>\n\t\t\t\t\t <legend><a name='drafts'>{$ICONS['Page Revisions']['small']}Drafts Saved : </a></legend>" . "<table border='1'><tr><td>Draft Number</td><td>Date Drafted</td><td>User Fullname</td><td>User Email</td><td>Delete</td></tr>";
while ($row = mysql_fetch_assoc($result)) {
$draftTable .= "<tr><td><a href=\"./+edit&dversion=" . $row['draft_number'] . "#preview\">" . $row['draft_number'] . "</a></td><td>" . $row['draft_lastsaved'] . "</td><td>" . getUserFullName($row['user_id']) . "</td><td>" . getUserEmail($row['user_id']) . "</td><td><form action='./+edit&deldraft=yes&dno=" . $row['draft_number'] . "' method='post'><input type='button' value='Delete' onclick='submitarticleformDeldraft(this);'></form>\n\t\t<script language='javascript'>\n\t\t\t\t\t \tfunction submitarticleformDeldraft(butt) {\n\t\t\t\t\t \t\tif(confirm('Are you sure you want to delete this draft ? '))\n\t\t\t\t\t \t\tbutt.form.submit();\n\t\t\t\t\t \t}\n\t\t</script></td></tr>";
}
$draftTable .= "</table>" . "<input type=\"button\" value=\"<<\" onclick=\"window.location='./+edit&draftnno=0'\" /> " . "<input type=\"button\" value=\"<\" onclick=\"window.location='./+edit&draftno=" . ($dstart - 10) . "'\" /> " . "<input type=\"button\" value=\">\" onclick=\"window.location='./+edit&draftno=" . ($dstart + 10) . "'\" /> " . "<input type=\"button\" value=\">>\" onclick=\"window.location='./+edit&draftno=" . ($draftrow['MAX'] - 10) . "'\" /> " . "</fieldset>";
/* Drafts end*/
return $CkForm . $Ckbody . $CkFooter . $draftTable . $top . $revisionTable . $top;
}
/**
* function actionEdit:
* Edit interface for all safedit module instances
* will be called from $this->getHtml function
*/
public function actionEdit()
{
$ret = <<<RET
<style type="text/css">
textarea {
\tfont-size: 130%;
\tbackground: white;
}
</style>
RET;
global $sourceFolder, $ICONS;
require_once $sourceFolder . "/upload.lib.php";
submitFileUploadForm($this->moduleComponentId, "safedit", $this->userId, UPLOAD_SIZE_LIMIT);
$end = "<fieldset id='uploadFile'><legend>{$ICONS['Uploaded Files']['small']}File Upload</legend>Upload files : <br />" . getFileUploadForm($this->moduleComponentId, "safedit", './+edit', UPLOAD_SIZE_LIMIT, 5) . getUploadedFilePreviewDeleteForm($this->moduleComponentId, "safedit", './+edit') . '</fieldset>';
$val = mysql_fetch_assoc(mysql_query("SELECT `page_title` FROM `" . MYSQL_DATABASE_PREFIX . "pages` WHERE `page_module` = 'safedit' AND `page_modulecomponentid` = '{$this->moduleComponentId}'"));
$ret .= "<h1>Editing '" . $val['page_title'] . "' page</h1>";
if (isset($_GET['subaction'])) {
if ($_GET['subaction'] == "addSection") {
$show = isset($_POST['sectionShow']);
$heading = escape($_POST['heading']);
$result = mysql_query("SELECT MAX(`section_id`)+1 as `section_id` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}'") or die(mysql_error());
$row = mysql_fetch_row($result);
$sectionId = $row[0];
$result = mysql_query("SELECT MAX(`section_priority`)+1 as `section_priority` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}'");
$row = mysql_fetch_row($result);
$priority = $row[0];
$query = "INSERT INTO `safedit_sections`(`page_modulecomponentid`,`section_id`,`section_heading`,`section_type`,`section_show`,`section_priority`) VALUES ('{$this->moduleComponentId}','{$sectionId}','{$heading}','" . escape($_POST['type']) . "','{$show}','{$priority}')";
mysql_query($query) or die($query . "<br>" . mysql_error());
if (mysql_affected_rows() > 0) {
displayinfo("Section: {$heading}, created");
} else {
displayerror("Couldn't create section");
}
} else {
if ($_GET['subaction'] == 'deleteSection') {
$sectionId = escape($_GET['sectionId']);
$query = "DELETE FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sectionId}'";
mysql_query($query) or die($query . "<br>" . mysql_error());
if (mysql_affected_rows() > 0) {
displayinfo("Section deleted succesfully");
} else {
displayerror("Couldn't delete section");
}
} else {
if ($_GET['subaction'] == 'saveSection') {
$sectionId = escape($_POST['sectionId']);
$heading = escape($_POST['heading']);
$typeUpdate = isset($_POST['type']) ? ", `section_type` = '{$_POST['type']}'" : '';
$show = ", `section_show` = '" . isset($_POST['sectionShow']) . "'";
$result = mysql_query("SELECT `section_type` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sectionId}'");
$row = mysql_fetch_row($result);
$type = $row[0];
if ($type == "para" || $type == "ulist" || $type == "olist") {
$sectionContent = escape($this->processSave($_POST['content']));
} else {
if ($type == "picture") {
$sectionContent = escape($_POST['selectFile']);
}
}
$query = "UPDATE `safedit_sections` SET `section_heading` = '{$heading}', `section_content` = '{$sectionContent}'{$typeUpdate}{$show} WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sectionId}'";
mysql_query($query) or die($query . "<br>" . mysql_error());
if (mysql_affected_rows() > 0) {
displayinfo("Section saved successfully");
}
} else {
if ($_GET['subaction'] == 'moveUp' || $_GET['subaction'] == 'moveDown') {
$compare = $_GET['subaction'] == 'moveUp' ? '<=' : '>=';
$arrange = $_GET['subaction'] == 'moveUp' ? 'DESC' : 'ASC';
$sectionId = escape($_GET['sectionId']);
$query = "SELECT `section_id`,`section_priority` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_priority` '{$compare}' (SELECT `section_priority` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sectionId}') ORDER BY `section_priority` '{$arrange}' LIMIT 2";
$result = mysql_query($query);
$row = mysql_fetch_row($result);
$sid = $row[0];
$spr = $row[1];
if ($row = mysql_fetch_row($result)) {
mysql_query("UPDATE `safedit_sections` SET `section_priority` = '{$spr}' WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$row[0]}'");
mysql_query("UPDATE `safedit_sections` SET `section_priority` = '{$row[1]}' WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sid}'");
}
} else {
if ($_GET['subaction'] == 'moveTop' || $_GET['subaction'] == 'moveBottom') {
$sectionId = escape($_GET['sectionId']);
$cpri = mysql_fetch_row(mysql_query("SELECT `section_priority` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sectionId}'")) or die(mysql_error());
if ($_GET['subaction'] == 'moveTop') {
$sign = '+';
$cmpr = '<';
$set = '0';
} else {
$sign = '-';
$cmpr = '>';
$set = mysql_fetch_row(mysql_query("SELECT MAX(`section_priority`) FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}'")) or die(mysql_error());
$set = isset($set[0]) ? $set[0] : '';
}
$cmpr = $_GET['subaction'] == 'moveTop' ? '<' : '>';
$query = "UPDATE `safedit_sections` SET `section_priority` = `section_priority`{$sign}1 WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_priority` {$cmpr} '{$cpri[0]}'";
mysql_query($query) or die(mysql_error());
mysql_query("UPDATE `safedit_sections` SET `section_priority` = '{$set}' WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sectionId}'") or die(mysql_error());
}
}
}
}
}
}
$result = mysql_query("SELECT `section_id`,`section_heading`,`section_type`,`section_content`,`section_show` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' ORDER BY `section_priority`");
while ($row = mysql_fetch_assoc($result)) {
$show = $row['section_show'] ? 'checked ' : '';
$type = $row['section_type'];
$help = $type != "picture" ? " <a href='#help' title='Only Plain text allowed, Click to know more'>{$ICONS['Help']['small']}</a>" : '';
$ret .= <<<RET
<form action='./+edit&subaction=saveSection' method=POST><input type=hidden value='{$row['section_id']}' name='sectionId' /><fieldset><legend><input type=checkbox name='sectionShow' {$show}/><input type=text name=heading value='{$row['section_heading']}' style='border:0;background:none;' /> <a href='./+edit&subaction=moveUp§ionId={$row['section_id']}' title='Move one level Up'>{$ICONS['Up']['small']}</a> <a href='./+edit&subaction=moveDown§ionId={$row['section_id']}' title='Move one level Down'>{$ICONS['Down']['small']}</a> <a href='./+edit&subaction=moveTop§ionId={$row['section_id']}' title='Move to Top'>{$ICONS['Top']['small']}</a> <a href='./+edit&subaction=moveBottom§ionId={$row['section_id']}' title='Move to Bottom'>{$ICONS['Bottom']['small']}</a> <a href='./+edit&subaction=deleteSection§ionId={$row['section_id']}' title='Delete Section'>{$ICONS['Delete Section']['small']}</a>{$help}</legend><div class='safedit_section'>
RET;
$safeContent = safe_html($row['section_content']);
if ($type == "ulist" || $type == "olist" || $type == "para") {
$usel = $type == "ulist" ? ' selected' : '';
$osel = $type == "olist" ? ' selected' : '';
$psel = $type == "para" ? ' selected' : '';
$ret .= <<<PARA
<textarea name=content rows=7 style="width:100%">{$safeContent}</textarea>
<select name=type>
<option value="para"{$psel}>Paragraph</option>
<option value="ulist"{$usel}>List</option>
<option value="olist"{$osel}>Numbered List</option>
</select>
PARA;
} else {
if ($type == "picture") {
$files = getUploadedFiles($this->moduleComponentId, "safedit");
$ret .= "<a href='#uploadFile'>Upload File</a><br /><select name=selectFile><option value=''>No picture</option>";
foreach ($files as $currFile) {
$select = $row['section_content'] == $currFile['upload_filename'] ? ' selected' : '';
$ret .= "<option value='{$currFile['upload_filename']}'{$select}>{$currFile['upload_filename']}</option>";
}
$ret .= "</select>";
}
}
$ret .= <<<SUBMIT
<input type=submit value='Save section' /></div></fieldset></form>
SUBMIT;
}
$ret .= <<<RET
<fieldset>
<legend>{$ICONS['Add']['small']}Create New Section</legend>
<form action="./+edit&subaction=addSection" method=POST>
<select name='type'>
<option value="para">Paragraph</option>
<option value="ulist">List</option>
<option value="olist">Numbered List</option>
<option value="picture">Picture</option>
</select>
<input type=text name="heading" />
<input type=checkbox name="sectionShow" checked />
<input type=submit value="Add section" name="btnAddSection" />
</form>
</fieldset>
RET;
$ret .= $end;
$ret .= <<<RET
<small id="help"><ul><li>You can display only Plain text, any custom formatting will be prevented.<br />To make a link, enclose the text with '{' and '}' and add the target to the end of the line after '|'<br />For eg:<br />{This is a link}, and this is not a link|http://www.google.com<br />The above line will make a link to google.com</li><li>Leave section heading text box blank(without even spaces) to avoid displaying Heading</li></ul></small>
RET;
return $ret;
}
public function actionHospihead()
{
global $urlRequestRoot, $sourceFolder, $templateFolder, $cmsFolder, $moduleFolder;
$moduleComponentId = $this->moduleComponentId;
$scriptsFolder = "{$urlRequestRoot}/{$cmsFolder}/{$templateFolder}/common/scripts";
$imagesFolder = "{$urlRequestRoot}/{$cmsFolder}/{$templateFolder}/common/images";
require_once "{$sourceFolder}/{$moduleFolder}/prhospi/prhospi_common.php";
require_once "{$sourceFolder}/{$moduleFolder}/prhospi/accommodation.php";
require_once $sourceFolder . "/" . $moduleFolder . "/qaos1/excel.php";
require_once $sourceFolder . "/upload.lib.php";
if (isset($_GET['subaction']) && $_GET['subaction'] == 'getsuggestions' && isset($_GET['forwhat'])) {
echo getSuggestionsForIdOrEmail(escape($_GET['forwhat']));
exit;
}
if (isset($_POST['txtFormUserId']) && $_POST['txtFormUserId'] != '') {
$detailsGiven = explode("- ", escape($_POST['txtFormUserId']));
deleteAccomodatedUser($detailsGiven[1], $moduleComponentId);
}
displayinfo(print_r(assignVars($this->userId, $moduleComponentId), true));
if (isset($_POST['amountDetail'])) {
$amt = mysql_real_escape_string($_POST['amountDetail']);
$insertQuery = "UPDATE `prhospi_disclaimer` SET `team_cost`={$amt} WHERE `page_modulecomponentid`={$this->moduleComponentId} AND ";
$insertQuery .= "`disclaimer_team`='hospihead'";
$updateRes = mysql_query($insertQuery) or displayerror(mysql_error());
if ($updateRes != '') {
displayinfo("Amount Updated to Rs. {$amt}");
}
}
if (isset($_POST['amountDetail1'])) {
$amt = mysql_real_escape_string($_POST['amountDetail1']);
$insertQuery = "UPDATE `prhospi_disclaimer` SET `team_cost`={$amt} WHERE `page_modulecomponentid`={$this->moduleComponentId} AND ";
$insertQuery .= "`disclaimer_team`='hospihead1'";
$updateRes = mysql_query($insertQuery) or displayerror(mysql_error());
if ($updateRes != '') {
displayinfo("Amount Updated to Rs. {$amt}");
}
}
if (isset($_POST['CKEditor1'])) {
$editorData = escape($_POST['CKEditor1']);
$insertQuery = "UPDATE `prhospi_disclaimer` SET `disclaimer_desc`='{$editorData}' WHERE `page_modulecomponentid`={$this->moduleComponentId} ";
$insertQuery .= "AND `disclaimer_team`='hospihead'";
$updateRes = mysql_query($insertQuery) or displayerror(mysql_error());
if ($updateRes != '') {
displayinfo("Details Successfully updated !!!");
}
}
if (isset($_POST['downloadSampleFormat'])) {
downloadSampleFormatForRoomUpload();
}
if (isset($_FILES['fileUploadField']['name'])) {
$excelData = readExcelSheet($_FILES['fileUploadField']['tmp_name'][0]);
$success = 1;
for ($i = 2; $i <= count($excelData); $i++) {
for ($j = $excelData[$i][2]; $j <= $excelData[$i][3]; $j++) {
if ($excelData[$i][1] == NULL) {
continue;
}
$checkIfExistQuery = "SELECT * FROM `prhospi_hostel` \n WHERE `hospi_hostel_name`='{$excelData[$i][1]}' AND \n `hospi_room_no`={$j} AND `page_modulecomponentid`={$moduleComponentId}";
$checkIfExistRes = mysql_query($checkIfExistQuery) or displayerror(mysql_error());
if (mysql_num_rows($checkIfExistRes)) {
$updateFieldQuery = "UPDATE `prhospi_hostel` \n SET `hospi_room_capacity`={$excelData[$i][4]} , `hospi_floor` = {$excelData[$i][5]}\n WHERE `page_modulecomponentid`={$moduleComponentId} AND \n `hospi_hostel_name`='{$excelData[$i][1]}' AND `hospi_room_no`={$j}";
$updateResult = mysql_query($updateFieldQuery) or displayerror(mysql_error());
continue;
}
$insertIntoHospiQuery = "INSERT INTO `prhospi_hostel` (page_modulecomponentid,hospi_hostel_name,hospi_room_capacity,\n hospi_room_no,hospi_floor) VALUES ({$moduleComponentId},'{$excelData[$i][1]}',{$excelData[$i][4]},{$j},{$excelData[$i][5]})";
$res = mysql_query($insertIntoHospiQuery) or displayerror(mysql_error());
if ($res == "") {
$success = 0;
}
}
}
if (!$success) {
displayerror("Datas are not inserted");
}
}
$hospiview = "";
$hospiview .= <<<VIEW
\t<table>
<a onClick="history.go(-1)">BACK</a><br/>
<tr>
<td><a href="./+hospihead&subaction=addRoom"> <div>Add Rooms</div></a></td>
<td><a href="./+hospihead&subaction=viewStatus"><div>View All Rooms</div></a></td>
<td><a href="./+hospihead&subaction=ckEditor"><div>Update Disclaimer</div></a></td>
<td><a href="./+hospihead&subaction=deleteUsers"><div>Delete User in Accomodation</div></a></td>
<td><a href="./+hospihead&subaction=blockRooms"><div>Block Rooms</div></a></td>
</tr>
</table>
VIEW;
if (isset($_GET['subaction'])) {
if ($_GET['subaction'] == 'blockRooms') {
$hospiview .= blockRoom($this->moduleComponentId);
}
if ($_GET['subaction'] == 'ckEditor') {
$hospiview .= $this->getCkBody("", "hospihead");
} else {
if ($_GET['subaction'] == 'addRoom') {
$fileUploadableForm = getFileUploadForm($this->moduleComponentId, "prhospi", './+hospihead', UPLOAD_SIZE_LIMIT, 1);
$hospiview .= <<<ADDROOMFORM
<br/><br/>
<form action="./+hospihead" method="post">
<input type="submit" name="downloadSampleFormat" value="Download Sample Form"><br/>
</form>
{$fileUploadableForm}
ADDROOMFORM;
} else {
if ($_GET['subaction'] == 'viewStatus') {
$hospiview .= displayRooms($moduleComponentId);
} else {
if ($_GET['subaction'] == 'deleteUsers') {
$deleteUserForm = displayUsersRegisteredToAccoWithDelete($moduleComponentId);
$hospiview .= <<<HOSPI
\t {$deleteUserForm}
<form method="POST" action="./+hospihead">
\t Enter UserId or Email:<input type="text" name="txtFormUserId" id="txtFormUserId" autocomplete="off" style="width: 256px" />
\t <div id="suggestionsBox" style="background-color: white; width: 260px; border: 1px solid black; position: absolute; overflow-y: scroll; max-height: 180px; display: none"></div>
\t <input type="submit" Value="Find User"/>
\t <script type="text/javascript" language="javascript" src="{$scriptsFolder}/ajaxsuggestionbox.js">
\t </script>
\t <script language="javascript">
\t var userBox = new SuggestionBox(document.getElementById('txtFormUserId'), document.getElementById('suggestionsBox'), "./+hospihead&subaction=getsuggestions&forwhat=%pattern%");
\tuserBox.loadingImageUrl = '{$imagesFolder}/ajaxloading.gif';
\t</script>
\t</form>
HOSPI;
}
}
}
}
}
return $hospiview;
}
public function actionOchead()
{
global $urlRequestRoot, $moduleFolder, $cmsFolder, $templateFolder, $sourceFolder, $STARTSCRIPTS;
require_once $sourceFolder . "/upload.lib.php";
require_once $sourceFolder . "/" . $moduleFolder . "/qaos1/excel.php";
require_once $sourceFolder . "/" . $moduleFolder . "/oc/oc_common.php";
$mcId = $this->moduleComponentId;
$userId = $this->userId;
if (isset($_POST['downloadFormatExcel'])) {
displayOCDownload();
}
if (isset($_FILES['fileUploadField']['name'])) {
$date = date_create();
$timeStamp = date_timestamp_get($date);
$tempVar = $sourceFolder . "/uploads/temp/" . $timeStamp . $_FILES['fileUploadField']['name'][0];
move_uploaded_file($_FILES["fileUploadField"]["tmp_name"][0], $tempVar);
$excelData = readExcelSheet($tempVar);
$success = 1;
for ($i = 2; $i <= count($excelData); $i++) {
$email = $excelData[$i][2] . '@nitt.edu';
$query = "INSERT IGNORE INTO `oc_valid_emails` (`page_moduleComponentId`,`oc_name`,`oc_valid_email`) \n VALUES ({$mcId},'{$excelData[$i][1]}','{$email}')";
mysql_query($query) or displayerror($email);
}
//echo $c." ".$d;
}
$retOcHead = "";
$uploadValidEmail = getFileUploadForm($mcId, "oc", './+ochead', UPLOAD_SIZE_LIMIT, 1);
$retOcHead .= <<<FORM
<form action="./+ochead" method="post">
<input type="submit" name="downloadFormatExcel" value="Download Event Sample Format"/>
</form>
FORM;
$retOcHead .= $uploadValidEmail;
$displayTags = <<<TAG
<table>
<tr>
<td><a href="./+ochead&subaction=view_whitelist_users"> <div>View Whitelist Registrants</div></a></td>
<td><a href="./+ochead&subaction=view_registered_users"><div>Registred Users</div></a></td>
<td><a href="./+ochead&subaction=add_whitelist_email"><div>Add Whitelist Email</div></a></td>
<td><a href="./+ochead&subaction=availability"><div>Check Availability</div></a></td>
<td><a href="./+ochead&subaction=reg_status"><div>Current Registration Status</div></a></td>
<td><a href="./+ochead&subaction=reg_status"><div>Current Registration Status</div></a></td>
<td><a href="./+ochead&subaction=upload_tshirt_list"><div>Upload TShirt List</div></a></td>
<td><a href="./+ochead&subaction=download_black_list"><div>Download Black List</div></a></td>
</tr>
</table>
TAG;
if (isset($_GET['subaction']) && $_GET['subaction'] == 'view_registered_users') {
return $retOcHead . $displayTags . view_registered_users($mcId);
}
if (isset($_GET['subaction']) && $_GET['subaction'] == 'view_whitelist_users') {
return $retOcHead . $displayTags . view_whitelist_emails($mcId);
}
if (isset($_GET['subaction']) && $_GET['subaction'] == 'add_whitelist_email') {
return $retOcHead . $displayTags . add_whitelist_email($mcId);
}
if (isset($_GET['subaction']) && $_GET['subaction'] == 'availability') {
return $retOcHead . $displayTags . availability($mcId);
}
if (isset($_GET['subaction']) && $_GET['subaction'] == 'reg_status') {
return $retOcHead . $displayTags . reg_status($mcId);
}
if (isset($_GET['subaction']) && $_GET['subaction'] == 'upload_tshirt_list') {
return $retOcHead . $displayTags . upload_tshirt_list($mcId);
}
if (isset($_GET['subaction']) && $_GET['subaction'] == 'download_black_list') {
return $retOcHead . $displayTags . download_black_list($mcId);
}
return $retOcHead . $displayTags . view_registered_users($mcId);
}
function upload_tshirt_list($mcId)
{
global $sourceFolder, $moduleFolder;
require_once $sourceFolder . "/" . $moduleFolder . "/qaos1/excel.php";
if (isset($_FILES['uploadTShirtDetail']['name'][0])) {
$date = date_create();
$timeStamp = date_timestamp_get($date);
$tempVar = $sourceFolder . "/uploads/temp/" . $timeStamp . $_FILES['uploadTShirtDetail']['name'][0];
move_uploaded_file($_FILES["uploadTShirtDetail"]["tmp_name"][0], $tempVar);
$excelData = readExcelSheet($tempVar);
$success = 1;
for ($i = 2; $i <= count($excelData); $i++) {
$name = $excelData[$i][1];
$rollNumber = $excelData[$i][2];
$tsize = $excelData[$i][3];
if ($tsize == '') {
$tsize = 'N';
}
$query = "INSERT IGNORE INTO `oc_form_reg` (`page_modulecomponentid`,`name`,`amount`,`user_id`,`Tshirt_size`,`updated_time`,`oc_roll_no`) \n VALUES ('{$mcId}','{$name}','700','0','{$tsize}',NOW(),'{$rollNumber}')";
mysql_query($query) or displayerror(mysql_error());
// $query = "UPDATE `oc_form_reg` SET Tshirt_size='{$tsize}' WHERE page_modulecomponentid='{$mcId}' AND oc_roll_no='{$rollNumber}'";
// mysql_query($query) or displayerror(mysql_error());
}
}
$uploadValidEmail = getFileUploadForm($mcId, "oc", './+ochead&subaction=upload_tshirt_list', false, 1, 'uploadTShirtDetail');
return $uploadValidEmail;
}
