function DBGet($QI, $functions = array(), $index = array()) { global $THIS_RET; $index_count = count($index); $tmp_THIS_RET = $THIS_RET; $results = array(); while ($RET = db_fetch_row($QI)) { $THIS_RET = $RET; if ($index_count) { $ind = ''; foreach ($index as $col) { $ind .= "['" . singleQuoteReplace("'", "\\'", $THIS_RET[$col]) . "']"; } eval('$s' . $ind . '++;$this_ind=$s' . $ind . ';'); } else { $s++; } // 1-based if no index specified foreach ($RET as $key => $value) { if (strlen($value) == strlen(strip_tags($value))) { $value = htmlentities($value); } if ($functions[$key] && function_exists($functions[$key])) { if ($index_count) { eval('$results' . $ind . '[$this_ind][$key] = $functions[$key]($value,$key);'); } else { $results[$s][$key] = $functions[$key]($value, $key); } } else { if ($index_count) { eval('$results' . $ind . '[$this_ind][$key] = $value;'); } else { $results[$s][$key] = $value; } } } } $THIS_RET = $tmp_THIS_RET; return $results; }
} if (isset($student_RET) && count($student_RET) > 0) { if ($ad_f_cnt && $ad_f_cnt != 0 && $student_RET[1]['FAILED_LOGIN'] < $ad_f_cnt) { $error[] = "Either your account is inactive or your access permission has been revoked. Please contact the school administration."; } else { $error[] = "Due to excessive incorrect login attempts your account has been disabled. Contact the school administration to enable your account."; } } } elseif ($student_RET) { if ($_SERVER['HTTP_X_FORWARDED_FOR']) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } else { $ip = $_SERVER['REMOTE_ADDR']; } $date = date("Y-m-d H:i:s"); DBQuery("INSERT INTO login_records (SYEAR,STAFF_ID,FIRST_NAME,LAST_NAME,PROFILE,USER_NAME,LOGIN_TIME,FAILLOG_COUNT,IP_ADDRESS,STATUS,SCHOOL_ID) values('" . $_SESSION['UserSyear'] . "','" . $student_RET[1][STUDENT_ID] . "','" . singleQuoteReplace("'", "''", $student_RET[1][FIRST_NAME]) . "','" . singleQuoteReplace("'", "''", $student_RET[1][LAST_NAME]) . "','Student','" . $student_RET[1][USERNAME] . "','{$date}','" . $student_RET[1][FAILED_LOGIN] . "','{$ip}','Success','" . $student_RET[1][SCHOOL_ID] . "')"); $failed_login = $student_RET[1]['FAILED_LOGIN']; $admin_failed_count = DBGet(DBQuery("SELECT FAIL_COUNT FROM system_preference_misc")); $ad_f_cnt = $admin_failed_count[1]['FAIL_COUNT']; if ($ad_f_cnt && $ad_f_cnt != 0 && $failed_login > $ad_f_cnt) { DBQuery("UPDATE students SET IS_DISABLE='Y' WHERE STUDENT_ID='" . $student_RET[1]['STUDENT_ID'] . "' "); session_destroy(); header("location:index.php?modfunc=logout&dis=fl_count"); } $_SESSION['STUDENT_ID'] = $student_RET[1]['STUDENT_ID']; $_SESSION['LAST_LOGIN'] = $student_RET[1]['LAST_LOGIN']; $_SESSION['UserSyear'] = $student_RET[1]['SYEAR']; $activity = DBGet(DBQuery("SELECT ACTIVITY_DAYS FROM system_preference_misc")); $activity = $activity[1]['ACTIVITY_DAYS']; $last_login = $_SESSION['LAST_LOGIN']; $date1 = date("Y-m-d H:m:s");
function GetStaffListNoAccess() { switch (User('PROFILE')) { case 'admin': $sql = 'SELECT DISTINCT CONCAT(s.LAST_NAME, \' \' ,s.FIRST_NAME) AS FULL_NAME,CONCAT(UPPER(MID(s.PROFILE,1,1)),MID(s.PROFILE,2,LENGTH(s.PROFILE)-1)) AS PROFILE,s.PROFILE_ID,s.IS_DISABLE, s.STAFF_ID FROM people s ,students st,student_enrollment ssm WHERE st.STUDENT_ID=ssm.STUDENT_ID AND ssm.SYEAR=' . UserSyear() . ' AND s.PROFILE IS NOT NULL AND s.PROFILE_ID=4 AND ' . ($_REQUEST['_search_all_schools'] == 'Y' ? 'ssm.SCHOOL_ID IN (SELECT SCHOOL_ID FROM school_years WHERE SYEAR=' . UserSyear() . ')' : 'ssm.SCHOOL_ID=' . UserSchool()) . ' AND s.STAFF_ID IN (SELECT PERSON_ID FROM students_join_people sjp WHERE ssm.STUDENT_ID = sjp.STUDENT_ID AND ssm.SCHOOL_ID=' . ($_REQUEST['_search_all_schools'] == 'Y' ? 'ssm.SCHOOL_ID IN (SELECT SCHOOL_ID FROM school_years WHERE SYEAR=' . UserSyear() . ')' : 'ssm.SCHOOL_ID=' . UserSchool()) . ' AND ssm.SYEAR=' . UserSyear() . ') AND s.IS_DISABLE IS NULL AND s.PROFILE=\'parent\' AND s.PROFILE_ID=4'; if ($_REQUEST['last']) { $sql .= ' AND UPPER(s.LAST_NAME) LIKE \'' . singleQuoteReplace("'", "\\'", strtoupper($_REQUEST['last'])) . '%\' '; } if ($_REQUEST['first']) { $sql .= ' AND UPPER(s.FIRST_NAME) LIKE \'' . singleQuoteReplace("'", "\\'", strtoupper($_REQUEST['first'])) . '%\' '; } $sql .= ' AND s.STAFF_ID NOT IN (SELECT USER_ID FROM login_authentication WHERE PROFILE_ID=4) ORDER BY FULL_NAME'; return DBGet(DBQuery($sql)); break; } }
function UpdateAttendanceDaily($student_id, $date = '', $comment = false) { if (!$date) { $date = DBDate(); } $current_mp = GetCurrentMP('QTR', $date); $MP_TYPE = 'QTR'; if (!$current_mp) { $current_mp = GetCurrentMP('SEM', $date); $MP_TYPE = 'SEM'; } if (!$current_mp) { $current_mp = GetCurrentMP('FY', $date); $MP_TYPE = 'FY'; } $sql = 'SELECT SUM(IF(cp.HALF_DAY LIKE \'Y\',(SELECT half_day_minute FROM system_preference WHERE school_id=' . UserSchool() . '),sp.LENGTH)) AS TOTAL FROM schedule s,course_periods cp,course_period_var cpv,school_periods sp,attendance_calendar ac WHERE s.COURSE_PERIOD_ID = cp.COURSE_PERIOD_ID AND cpv.DOES_ATTENDANCE=\'Y\' AND ac.SCHOOL_DATE=\'' . $date . '\' AND (ac.BLOCK=sp.BLOCK OR sp.BLOCK IS NULL) AND cp.COURSE_PERIOD_ID=cpv.COURSE_PERIOD_ID AND ac.CALENDAR_ID=cp.CALENDAR_ID AND ac.SCHOOL_ID=s.SCHOOL_ID AND ac.SYEAR=s.SYEAR AND s.SYEAR = cp.SYEAR AND sp.PERIOD_ID = cpv.PERIOD_ID AND position(substring(\'UMTWHFS\' FROM DAYOFWEEK(\'' . $date . '\') FOR 1) IN cpv.DAYS)>0 AND s.STUDENT_ID=\'' . $student_id . '\' AND s.SYEAR=\'' . UserSyear() . '\' AND (\'' . $date . '\' BETWEEN s.START_DATE AND s.END_DATE OR (s.END_DATE IS NULL AND \'' . $date . '\'>=s.START_DATE)) AND s.MARKING_PERIOD_ID IN (' . GetAllMP($MP_TYPE, $current_mp) . ') '; $RET = DBGet(DBQuery($sql)); $total = $RET[1]['TOTAL']; if ($total == 0) { return; } $current_RET = DBGet(DBQuery('SELECT MINUTES_PRESENT,STATE_VALUE,COMMENT FROM attendance_day WHERE STUDENT_ID=' . $student_id . ' AND SCHOOL_DATE=\'' . $date . '\'')); $total = $current_RET['MINUTES_PRESENT']; $sql = 'SELECT SUM(IF(cp.HALF_DAY LIKE \'Y\',(SELECT half_day_minute FROM system_preference WHERE school_id=' . UserSchool() . '),sp.LENGTH)) AS TOTAL FROM attendance_period ap,school_periods sp,attendance_codes ac,course_periods cp WHERE ap.STUDENT_ID=\'' . $student_id . '\' AND ap.SCHOOL_DATE=\'' . $date . '\' AND ap.PERIOD_ID=sp.PERIOD_ID AND ac.ID = ap.ATTENDANCE_CODE AND ac.STATE_CODE=\'P\' AND sp.SYEAR=\'' . UserSyear() . '\' AND cp.COURSE_PERIOD_ID=ap.COURSE_PERIOD_ID'; $RET = DBGet(DBQuery($sql)); $total += $RET[1]['TOTAL']; $sql = 'SELECT SUM(sp.LENGTH) AS TOTAL FROM attendance_period ap,school_periods sp,attendance_codes ac WHERE ap.STUDENT_ID=\'' . $student_id . '\' AND ap.SCHOOL_DATE=\'' . $date . '\' AND ap.PERIOD_ID=sp.PERIOD_ID AND ac.ID = ap.ATTENDANCE_CODE AND ac.STATE_CODE=\'H\' AND sp.SYEAR=\'' . UserSyear() . '\''; $RET = DBGet(DBQuery($sql)); $total += $RET[1]['TOTAL'] * 0.5; if (stripos($_SERVER['SERVER_SOFTWARE'], 'linux')) { $comment = singleQuoteReplace("'", "\\'", $comment); } $sys_pref = DBGet(DBQuery('SELECT * FROM system_preference WHERE SCHOOL_ID=' . UserSchool())); $fdm = $sys_pref[1]['FULL_DAY_MINUTE']; $hdm = $sys_pref[1]['HALF_DAY_MINUTE']; if ($total >= $fdm) { $length = '1.0'; } elseif ($total >= $hdm) { $length = '.5'; } else { $length = '0.0'; } $current_RET = DBGet(DBQuery('SELECT MINUTES_PRESENT,STATE_VALUE,COMMENT FROM attendance_day WHERE STUDENT_ID=\'' . $student_id . '\' AND SCHOOL_DATE=\'' . $date . '\'')); if (count($current_RET) && $current_RET[1]['MINUTES_PRESENT'] == $total && $length != $current_RET[1]['STATE_VALUE']) { DBQuery('UPDATE attendance_day SET STATE_VALUE=\'' . $length . '\' WHERE STUDENT_ID=\'' . $student_id . '\' AND SCHOOL_DATE=\'' . $date . '\''); } if (count($current_RET) && $current_RET[1]['MINUTES_PRESENT'] != $total) { DBQuery('UPDATE attendance_day SET MINUTES_PRESENT=\'' . $total . '\',STATE_VALUE=\'' . $length . '\'' . ($comment != false ? ',COMMENT=\'' . str_replace("", "", $comment) . '\'' : '') . ' WHERE STUDENT_ID=\'' . $student_id . '\' AND SCHOOL_DATE=\'' . $date . '\''); } elseif (count($current_RET) && $comment != false && $current_RET[1]['COMMENT'] != $comment) { DBQuery('UPDATE attendance_day SET COMMENT=\'' . str_replace("", "", $comment) . '\' WHERE STUDENT_ID=\'' . $student_id . '\' AND SCHOOL_DATE=\'' . $date . '\''); } elseif (count($current_RET) == 0) { $check_assoc = DBGet(DBQuery('SELECT COUNT(*) as REC_EX FROM attendance_period ap,course_periods cp WHERE ap.STUDENT_ID=' . $student_id . ' AND ap.SCHOOL_DATE=\'' . $date . '\' AND cp.COURSE_PERIOD_ID=ap.COURSE_PERIOD_ID AND cp.SCHOOL_ID=' . UserSchool() . ' AND cp.SYEAR=' . UserSyear())); if ($check_assoc[1]['REC_EX'] > 0) { DBQuery('INSERT INTO attendance_day (SYEAR,STUDENT_ID,SCHOOL_DATE,MINUTES_PRESENT,STATE_VALUE,MARKING_PERIOD_ID,COMMENT) values(\'' . UserSyear() . '\',\'' . $student_id . '\',\'' . $date . '\',\'' . $total . '\',\'' . $length . '\',\'' . $current_mp . '\',\'' . str_replace("", "", $comment) . '\')'); } } }
break; } else { if (in_array($columns['SORT_ORDER'], $sort_order) && ($columns['SORT_ORDER'] != '' || $columns['SORT_ORDER'] != NULL)) { $err_msg = "Sort order already exists"; break; } else { if (clean_param(trim($_REQUEST['values']['new']['TITLE']), PARAM_NOTAGS) != '') { $sql = 'INSERT INTO school_gradelevels '; $fields = 'SCHOOL_ID,'; $values = '\'' . UserSchool() . '\','; $go = 0; foreach ($columns as $column => $value) { if (trim($value)) { $value = trim(paramlib_validation($column, $value)); $fields .= $column . ','; $values .= '\'' . singleQuoteReplace("'", "''", $value) . '\','; $go = true; } } $sql .= '(' . substr($fields, 0, -1) . ') values(' . substr($values, 0, -1) . ')'; if ($go) { DBQuery($sql); } } } } } } } } DrawBC("School Setup > " . ProgramTitle());
} else { $_REQUEST['values']['new']['PUBLISHED_PROFILES'] = ''; } $sql = 'INSERT INTO portal_notes '; $fields = 'SCHOOL_ID,SYEAR,last_updated,PUBLISHED_USER,'; if ($allschool == 'Y') { $values = 'NULL,\'' . UserSyear() . '\',CURRENT_TIMESTAMP,\'' . User('STAFF_ID') . '\','; } else { $values = UserSchool() . ',\'' . UserSyear() . '\',CURRENT_TIMESTAMP,\'' . User('STAFF_ID') . '\','; } $go = 0; foreach ($columns as $column => $value) { if (trim($value)) { $value = paramlib_validation($column, $value); $fields .= $column . ','; $value = singleQuoteReplace("", "", $value); // for linux machine $values .= "'" . trim($value) . "',"; // for windows machine $go = true; } } $sql .= '(' . substr($fields, 0, -1) . ') values(' . substr($values, 0, -1) . ')'; if ($go) { $sql = str_replace('&', "", $sql); $sql = str_replace('"', "", $sql); $sql = str_replace(''', "", $sql); $sql = str_replace('<', "", $sql); $sql = str_replace('>', "", $sql); DBQuery($sql); }
$up_sql .= " WHERE STAFF_ID=" . $_REQUEST['staff_id']; DBQuery($up_sql); } unset($up_sql); unset($pi); unset($pd); unset($up_go); } $up_go = 'n'; if ($_REQUEST['login_authentication']['PASSWORD'] != '') { $up_sql = 'UPDATE login_authentication SET PASSWORD=\'' . md5($_REQUEST['login_authentication']['PASSWORD']) . '\' WHERE USER_ID=' . $_REQUEST['staff_id'] . ' AND PROFILE_ID = ' . $staff_prof_id; DBQuery($up_sql); unset($up_sql); } if ($_REQUEST['profile'] == 'none' && $_REQUEST['FRESH_USERNAME'] != '' && $_REQUEST['FRESH_PASSWORD'] != '') { DBQuery('INSERT INTO login_authentication (USER_ID,PROFILE_ID,USERNAME,PASSWORD) VALUES (' . $_REQUEST['staff_id'] . ',4,\'' . singleQuoteReplace("", "", $_REQUEST['FRESH_USERNAME']) . '\',\'' . md5($_REQUEST['FRESH_PASSWORD']) . '\')'); echo "<script>window.location.href='Modules.php?modname=users/User.php&staff_id={$_REQUEST['staff_id']}';</script>"; } } else { if ($_REQUEST['category_id'] == 2) { if (count($_REQUEST['student_addres']) > 0) { $up_sql = 'UPDATE student_address SET '; foreach ($_REQUEST['student_addres'] as $pi => $pd) { $up_sql .= $pi . "='" . str_replace("'", "''", $pd) . "',"; $up_go = 'y'; } if ($up_go == 'y') { $up_sql = substr($up_sql, 0, -1); $up_sql .= " WHERE PEOPLE_ID=" . $_REQUEST['staff_id']; DBQuery($up_sql); }
} else { $cal_id = $_REQUEST['calendar_id']; } $fields = 'SYEAR,SCHOOL_ID,CALENDAR_ID,'; $values = '\'' . UserSyear() . '\',\'' . UserSchool() . '\',\'' . $cal_id . '\','; foreach ($_REQUEST['values'] as $column => $value) { if (trim($value)) { $value = paramlib_validation($column, $value); $fields .= $column . ','; if ($column == "SCHOOL_DATE") { $values .= '\'' . date('Y-m-d', strtotime($value)) . '\','; } else { if (stripos($_SERVER['SERVER_SOFTWARE'], 'linux')) { $value = mysql_real_escape_string($value); } $values .= '\'' . singleQuoteReplace("'", "''", trim($value)) . '\','; } $go = true; } } $sql .= '(' . substr($fields, 0, -1) . ') values(' . substr($values, 0, -1) . ')'; if ($go) { DBQuery($sql); } } echo '<SCRIPT language=javascript>opener.document.location = "Modules.php?modname=' . $_REQUEST['modname'] . '&calendar_id=' . $_REQUEST['calendar_id'] . '&year=' . $_REQUEST['year'] . '&month=' . MonthNWSwitch($_REQUEST['month'], 'tochar') . '"; window.close();</script>'; unset($_REQUEST['values']); unset($_SESSION['_REQUEST_vars']['values']); } echo '<SCRIPT language=javascript> window.close();</script>'; } elseif (clean_param($_REQUEST['button'], PARAM_ALPHAMOD) == 'Delete') {
function appendSQL_Absence_Summary($sql, &$extra) { global $_openSIS; if ($_REQUEST['stuid']) { $sql .= ' AND ssm.STUDENT_ID = \'' . singleQuoteReplace("'", "\\'", $_REQUEST[stuid]) . '\' '; $_SESSION['newsql1'] .= ' AND ssm.STUDENT_ID = \'' . singleQuoteReplace("'", "\\'", $_REQUEST[stuid]) . '\' '; if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>Student ID: </b></font>' . $_REQUEST['stuid'] . '<BR>'; } } if ($_REQUEST['altid']) { $sql .= ' AND LOWER(s.ALT_ID) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower(trim($_REQUEST['altid']))) . '%\' '; $_SESSION['newsql1'] .= ' AND LOWER(s.ALT_ID) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower(trim($_REQUEST['altid']))) . '%\' '; if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>Student ID: </b></font>' . $_REQUEST['stuid'] . '<BR>'; } } if ($_REQUEST['last']) { $sql .= ' AND LOWER(s.LAST_NAME) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower(trim($_REQUEST['last']))) . '%\' '; $_SESSION['newsql1'] .= ' AND LOWER(s.LAST_NAME) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower(trim($_REQUEST['last']))) . '%\' '; if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>Last Name starts with: </b></font>' . trim($_REQUEST['last']) . '<BR>'; } } if ($_REQUEST['first']) { $sql .= ' AND LOWER(s.FIRST_NAME) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower(trim($_REQUEST['first']))) . '%\' '; $_SESSION['newsql1'] .= ' AND LOWER(s.FIRST_NAME) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower(trim($_REQUEST['first']))) . '%\' '; if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>First Name starts with: </b></font>' . trim($_REQUEST['first']) . '<BR>'; } } if ($_REQUEST['grade']) { $sql .= ' AND ssm.GRADE_ID = \'' . singleQuoteReplace("'", "\\'", $_REQUEST[grade]) . '\' '; $_SESSION['newsql1'] .= ' AND ssm.GRADE_ID = \'' . singleQuoteReplace("'", "\\'", $_REQUEST[grade]) . '\' '; if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>Grade: </b></font>' . GetGrade($_REQUEST['grade']) . '<BR>'; } } if ($_REQUEST['addr']) { $sql .= ' AND (LOWER(a.STREET_ADDRESS_1) LIKE \'%' . singleQuoteReplace("'", "\\'", strtolower(trim($_REQUEST['addr']))) . '%\' OR LOWER(a.CITY) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower(trim($_REQUEST['addr']))) . '%\' OR LOWER(a.STATE)=\'' . singleQuoteReplace("'", "\\'", strtolower(trim($_REQUEST['addr']))) . '\' OR ZIPCODE LIKE \'' . trim(singleQuoteReplace("'", "\\'", $_REQUEST['addr'])) . '%\')'; $_SESSION['newsql1'] .= ' AND (LOWER(a.STREET_ADDRESS_1) LIKE \'%' . singleQuoteReplace("'", "\\'", strtolower(trim($_REQUEST['addr']))) . '%\' OR LOWER(a.CITY) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower(trim($_REQUEST['addr']))) . '%\' OR LOWER(a.STATE)=\'' . singleQuoteReplace("'", "\\'", strtolower(trim($_REQUEST['addr']))) . '\' OR ZIPCODE LIKE \'' . trim(singleQuoteReplace("'", "\\'", $_REQUEST['addr'])) . '%\')'; if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>Address contains: </b></font>' . trim($_REQUEST['addr']) . '<BR>'; } } if ($_REQUEST['preferred_hospital']) { $sql .= ' AND LOWER(s.PREFERRED_HOSPITAL) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower($_REQUEST['preferred_hospital'])) . '%\' '; $_SESSION['newsql1'] .= ' AND LOWER(s.PREFERRED_HOSPITAL) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower($_REQUEST['preferred_hospital'])) . '%\' '; if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>Preferred Medical Facility starts with: </b></font>' . $_REQUEST['preferred_hospital'] . '<BR>'; } } if ($_REQUEST['mp_comment']) { $sql .= ' AND LOWER(smc.COMMENT) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower($_REQUEST['mp_comment'])) . '%\' AND s.STUDENT_ID=smc.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND LOWER(smc.COMMENT) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower($_REQUEST['mp_comment'])) . '%\' AND s.STUDENT_ID=smc.STUDENT_ID '; if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>Comments starts with: </b></font>' . $_REQUEST['mp_comment'] . '<BR>'; } } if ($_REQUEST['goal_title']) { $sql .= ' AND LOWER(g.GOAL_TITLE) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower($_REQUEST['goal_title'])) . '%\' AND s.STUDENT_ID=g.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND LOWER(g.GOAL_TITLE) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower($_REQUEST['goal_title'])) . '%\' AND s.STUDENT_ID=g.STUDENT_ID '; if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>GoalInc Title starts with: </b></font>' . $_REQUEST['goal_title'] . '<BR>'; } } if ($_REQUEST['goal_description']) { $sql .= ' AND LOWER(g.GOAL_DESCRIPTION) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower($_REQUEST['goal_description'])) . '%\' AND s.STUDENT_ID=g.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND LOWER(g.GOAL_DESCRIPTION) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower($_REQUEST['goal_description'])) . '%\' AND s.STUDENT_ID=g.STUDENT_ID '; if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>GoalInc Description starts with: </b></font>' . $_REQUEST['goal_description'] . '<BR>'; } } if ($_REQUEST['progress_name']) { $sql .= ' AND LOWER(p.PROGRESS_NAME) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower($_REQUEST['progress_name'])) . '%\' AND s.STUDENT_ID=p.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND LOWER(p.PROGRESS_NAME) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower($_REQUEST['progress_name'])) . '%\' AND s.STUDENT_ID=p.STUDENT_ID '; if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>Progress Period Name starts with: </b></font>' . $_REQUEST['progress_name'] . '<BR>'; } } if ($_REQUEST['progress_description']) { $sql .= ' AND LOWER(p.PROGRESS_DESCRIPTION) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower($_REQUEST['progress_description'])) . '%\' AND s.STUDENT_ID=p.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND LOWER(p.PROGRESS_DESCRIPTION) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower($_REQUEST['progress_description'])) . '%\' AND s.STUDENT_ID=p.STUDENT_ID '; if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>Progress Assessment starts with: </b></font>' . $_REQUEST['progress_description'] . '<BR>'; } } if ($_REQUEST['doctors_note_comments']) { $sql .= ' AND LOWER(smn.DOCTORS_NOTE_COMMENTS) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower($_REQUEST['doctors_note_comments'])) . '%\' AND s.STUDENT_ID=smn.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND LOWER(smn.DOCTORS_NOTE_COMMENTS) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower($_REQUEST['doctors_note_comments'])) . '%\' AND s.STUDENT_ID=smn.STUDENT_ID '; if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>Doctor\'s Note starts with: </b></font>' . $_REQUEST['doctors_note_comments'] . '<BR>'; } } if ($_REQUEST['type']) { $sql .= ' AND LOWER(sm.TYPE) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower($_REQUEST['type'])) . '%\' AND s.STUDENT_ID=sm.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND LOWER(sm.TYPE) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower($_REQUEST['type'])) . '%\' AND s.STUDENT_ID=sm.STUDENT_ID '; if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>Type starts with: </b></font>' . $_REQUEST['type'] . '<BR>'; } } if ($_REQUEST['imm_comments']) { $sql .= ' AND LOWER(sm.COMMENTS) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower($_REQUEST['imm_comments'])) . '%\' AND s.STUDENT_ID=sm.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND LOWER(sm.COMMENTS) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower($_REQUEST['imm_comments'])) . '%\' AND s.STUDENT_ID=sm.STUDENT_ID '; if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>Comments starts with: </b></font>' . $_REQUEST['imm_comments'] . '<BR>'; } } if ($_REQUEST['imm_day'] && $_REQUEST['imm_month'] && $_REQUEST['imm_year']) { $imm_date = $_REQUEST['imm_year'] . '-' . $_REQUEST['imm_month'] . '-' . $_REQUEST['imm_day']; $sql .= ' AND sm.MEDICAL_DATE =\'' . date('Y-m-d', strtotime($imm_date)) . '\' AND s.STUDENT_ID=sm.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND sm.MEDICAL_DATE =\'' . date('Y-m-d', strtotime($imm_date)) . '\' AND s.STUDENT_ID=sm.STUDENT_ID '; if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>Immunization Date: </b></font>' . $imm_date . '<BR>'; } } elseif ($_REQUEST['imm_day'] || $_REQUEST['imm_month'] || $_REQUEST['imm_year']) { if ($_REQUEST['imm_day']) { $sql .= ' AND SUBSTR(sm.MEDICAL_DATE,9,2) =\'' . $_REQUEST['imm_day'] . '\' AND s.STUDENT_ID=sm.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND SUBSTR(sm.MEDICAL_DATE,9,2) =\'' . $_REQUEST['imm_day'] . '\' AND s.STUDENT_ID=sm.STUDENT_ID '; $imm_date .= " Day :" . $_REQUEST['imm_day']; } if ($_REQUEST['imm_month']) { $sql .= ' AND SUBSTR(sm.MEDICAL_DATE,6,2) =\'' . $_REQUEST['imm_month'] . '\' AND s.STUDENT_ID=sm.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND SUBSTR(sm.MEDICAL_DATE,6,2) =\'' . $_REQUEST['imm_month'] . '\' AND s.STUDENT_ID=sm.STUDENT_ID '; $imm_date .= " Month :" . $_REQUEST['imm_month']; } if ($_REQUEST['imm_year']) { $sql .= ' AND SUBSTR(sm.MEDICAL_DATE,1,4) =\'' . $_REQUEST['imm_year'] . '\' AND s.STUDENT_ID=sm.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND SUBSTR(sm.MEDICAL_DATE,1,4) =\'' . $_REQUEST['imm_year'] . '\' AND s.STUDENT_ID=sm.STUDENT_ID '; $imm_date .= " Year :" . $_REQUEST['imm_year']; } if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>Immunization Date: </b></font>' . $imm_date . '<BR>'; } } if ($_REQUEST['med_day'] && $_REQUEST['med_month'] && $_REQUEST['med_year']) { $med_date = $_REQUEST['med_year'] . '-' . $_REQUEST['med_month'] . '-' . $_REQUEST['med_day']; $sql .= ' AND smn.DOCTORS_NOTE_DATE =\'' . date('Y-m-d', strtotime($med_date)) . '\' AND s.STUDENT_ID=smn.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND smn.DOCTORS_NOTE_DATE =\'' . date('Y-m-d', strtotime($med_date)) . '\' AND s.STUDENT_ID=smn.STUDENT_ID '; if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>Medical Date: </b></font>' . $med_date . '<BR>'; } } elseif ($_REQUEST['med_day'] || $_REQUEST['med_month'] || $_REQUEST['med_year']) { if ($_REQUEST['med_day']) { $sql .= ' AND SUBSTR(smn.DOCTORS_NOTE_DATE,9,2) =\'' . $_REQUEST['med_day'] . '\' AND s.STUDENT_ID=smn.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND SUBSTR(smn.DOCTORS_NOTE_DATE,9,2) =\'' . $_REQUEST['med_day'] . '\' AND s.STUDENT_ID=smn.STUDENT_ID '; $med_date .= " Day :" . $_REQUEST['med_day']; } if ($_REQUEST['med_month']) { $sql .= ' AND SUBSTR(smn.DOCTORS_NOTE_DATE,6,2) =\'' . $_REQUEST['med_month'] . '\' AND s.STUDENT_ID=smn.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND SUBSTR(smn.DOCTORS_NOTE_DATE,6,2) =\'' . $_REQUEST['med_month'] . '\' AND s.STUDENT_ID=smn.STUDENT_ID '; $med_date .= " Month :" . $_REQUEST['med_month']; } if ($_REQUEST['med_year']) { $sql .= ' AND SUBSTR(smn.DOCTORS_NOTE_DATE,1,4) =\'' . $_REQUEST['med_year'] . '\' AND s.STUDENT_ID=smn.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND SUBSTR(smn.DOCTORS_NOTE_DATE,1,4) =\'' . $_REQUEST['med_year'] . '\' AND s.STUDENT_ID=smn.STUDENT_ID '; $med_date .= " Year :" . $_REQUEST['med_year']; } if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>Medical Date: </b></font>' . $med_date . '<BR>'; } } if ($_REQUEST['ma_day'] && $_REQUEST['ma_month'] && $_REQUEST['ma_year']) { $ma_date = $_REQUEST['ma_year'] . '-' . $_REQUEST['ma_month'] . '-' . $_REQUEST['ma_day']; $sql .= ' AND sma.ALERT_DATE =\'' . date('Y-m-d', strtotime($ma_date)) . '\' AND s.STUDENT_ID=sma.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND sma.ALERT_DATE =\'' . date('Y-m-d', strtotime($ma_date)) . '\' AND s.STUDENT_ID=sma.STUDENT_ID '; if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>Medical Alert Date: </b></font>' . $ma_date . '<BR>'; } } elseif ($_REQUEST['ma_day'] || $_REQUEST['ma_month'] || $_REQUEST['ma_year']) { if ($_REQUEST['ma_day']) { $sql .= ' AND SUBSTR(sma.ALERT_DATE,9,2) =\'' . $_REQUEST['ma_day'] . '\' AND s.STUDENT_ID=sma.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND SUBSTR(sma.ALERT_DATE,9,2) =\'' . $_REQUEST['ma_day'] . '\' AND s.STUDENT_ID=sma.STUDENT_ID '; $ma_date .= " Day :" . $_REQUEST['ma_day']; } if ($_REQUEST['ma_month']) { $sql .= ' AND SUBSTR(sma.ALERT_DATE,6,2) =\'' . $_REQUEST['ma_month'] . '\' AND s.STUDENT_ID=sma.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND SUBSTR(sma.ALERT_DATE,6,2) =\'' . $_REQUEST['ma_month'] . '\' AND s.STUDENT_ID=sma.STUDENT_ID '; $ma_date .= " Month :" . $_REQUEST['ma_month']; } if ($_REQUEST['ma_year']) { $sql .= ' AND SUBSTR(sma.ALERT_DATE,1,4) =\'' . $_REQUEST['ma_year'] . '\' AND s.STUDENT_ID=sma.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND SUBSTR(sma.ALERT_DATE,1,4) =\'' . $_REQUEST['ma_year'] . '\' AND s.STUDENT_ID=sma.STUDENT_ID '; $ma_date .= " Year :" . $_REQUEST['ma_year']; } if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>Medical Alert Date: </b></font>' . $ma_date . '<BR>'; } } if ($_REQUEST['nv_day'] && $_REQUEST['nv_month'] && $_REQUEST['nv_year']) { $nv_date = $_REQUEST['nv_year'] . '-' . $_REQUEST['nv_month'] . '-' . $_REQUEST['nv_day']; $sql .= ' AND smv.SCHOOL_DATE =\'' . date('Y-m-d', strtotime($nv_date)) . '\' AND s.STUDENT_ID=smv.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND smv.SCHOOL_DATE =\'' . date('Y-m-d', strtotime($nv_date)) . '\' AND s.STUDENT_ID=smv.STUDENT_ID '; if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>Nurse Visit Date: </b></font>' . $nv_date . '<BR>'; } } elseif ($_REQUEST['nv_day'] || $_REQUEST['nv_month'] || $_REQUEST['nv_year']) { if ($_REQUEST['nv_day']) { $sql .= ' AND SUBSTR(smv.SCHOOL_DATE,9,2) =\'' . $_REQUEST['nv_day'] . '\' AND s.STUDENT_ID=smv.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND SUBSTR(smv.SCHOOL_DATE,9,2) =\'' . $_REQUEST['nv_day'] . '\' AND s.STUDENT_ID=smv.STUDENT_ID '; $nv_date .= " Day :" . $_REQUEST['nv_day']; } if ($_REQUEST['nv_month']) { $sql .= ' AND SUBSTR(smv.SCHOOL_DATE,6,2) =\'' . $_REQUEST['nv_month'] . '\' AND s.STUDENT_ID=smv.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND SUBSTR(smv.SCHOOL_DATE,6,2) =\'' . $_REQUEST['nv_month'] . '\' AND s.STUDENT_ID=smv.STUDENT_ID '; $nv_date .= " Month :" . $_REQUEST['nv_month']; } if ($_REQUEST['nv_year']) { $sql .= ' AND SUBSTR(smv.SCHOOL_DATE,1,4) =\'' . $_REQUEST['nv_year'] . '\' AND s.STUDENT_ID=smv.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND SUBSTR(smv.SCHOOL_DATE,1,4) =\'' . $_REQUEST['nv_year'] . '\' AND s.STUDENT_ID=smv.STUDENT_ID '; $nv_date .= " Year :" . $_REQUEST['nv_year']; } if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>Nurse Visit Date: </b></font>' . $nv_date . '<BR>'; } } if ($_REQUEST['med_alrt_title']) { $sql .= ' AND LOWER(sma.TITLE) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower($_REQUEST['med_alrt_title'])) . '%\' AND s.STUDENT_ID=sma.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND LOWER(sma.TITLE) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower($_REQUEST['med_alrt_title'])) . '%\' AND s.STUDENT_ID=sma.STUDENT_ID '; if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>Alert starts with: </b></font>' . $_REQUEST['med_alrt_title'] . '<BR>'; } } if ($_REQUEST['reason']) { $sql .= ' AND LOWER(smv.REASON) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower($_REQUEST['reason'])) . '%\' AND s.STUDENT_ID=smv.STUDENT_ID '; if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>Reason starts with: </b></font>' . $_REQUEST['reason'] . '<BR>'; } } if ($_REQUEST['result']) { $sql .= ' AND LOWER(smv.RESULT) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower($_REQUEST['result'])) . '%\' AND s.STUDENT_ID=smv.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND LOWER(smv.RESULT) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower($_REQUEST['result'])) . '%\' AND s.STUDENT_ID=smv.STUDENT_ID '; if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>Result starts with: </b></font>' . $_REQUEST['result'] . '<BR>'; } } if ($_REQUEST['med_vist_comments']) { $sql .= ' AND LOWER(smv.COMMENTS) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower($_REQUEST['med_vist_comments'])) . '%\' AND s.STUDENT_ID=smv.STUDENT_ID '; $_SESSION['newsql1'] .= ' AND LOWER(smv.COMMENTS) LIKE \'' . singleQuoteReplace("'", "\\'", strtolower($_REQUEST['med_vist_comments'])) . '%\' AND s.STUDENT_ID=smv.STUDENT_ID '; if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>Nurse Visit Comments starts with: </b></font>' . $_REQUEST['med_vist_comments'] . '<BR>'; } } if ($_REQUEST['day_to_birthdate'] && $_REQUEST['month_to_birthdate'] && $_REQUEST['day_from_birthdate'] && $_REQUEST['month_from_birthdate']) { $date_to = $_REQUEST['month_to_birthdate'] . '-' . $_REQUEST['day_to_birthdate']; $date_from = $_REQUEST['month_from_birthdate'] . '-' . $_REQUEST['day_from_birthdate']; $sql .= ' AND (SUBSTR(s.BIRTHDATE,6,2) BETWEEN ' . $_REQUEST['month_from_birthdate'] . ' AND ' . $_REQUEST['month_to_birthdate'] . ') '; $sql .= ' AND (SUBSTR(s.BIRTHDATE,9,2) BETWEEN ' . $_REQUEST['day_from_birthdate'] . ' AND ' . $_REQUEST['day_to_birthdate'] . ') '; $_SESSION['newsql1'] .= ' AND (SUBSTR(s.BIRTHDATE,6,2) BETWEEN ' . $_REQUEST['month_from_birthdate'] . ' AND ' . $_REQUEST['month_to_birthdate'] . ') '; $_SESSION['newsql1'] .= ' AND (SUBSTR(s.BIRTHDATE,9,2) BETWEEN ' . $_REQUEST['day_from_birthdate'] . ' AND ' . $_REQUEST['day_to_birthdate'] . ') '; if (!$extra['NoSearchTerms']) { $_openSIS['SearchTerms'] .= '<font color=gray><b>Birthday Starts from ' . $date_from . ' to ' . $date_to . '</b></font>'; } } // test cases start // test cases end if ($_SESSION['stu_search']['sql'] && $_REQUEST['return_session']) { if (($_REQUEST['absence_go'] || $_REQUEST['chk']) && (User('PROFILE') == 'teacher' || User('PROFILE') == 'admin') && $_REQUEST['return_session']) { $new_sql = $_SESSION['new_sql'] . $_SESSION['newsql1']; unset($_SESSION['inactive_stu_filter']); return $new_sql; } else { unset($_SESSION['inactive_stu_filter']); return $_SESSION['stu_search']['sql']; } } else { if ($_REQUEST['sql_save_session'] && !$_SESSION['stu_search']['search_from_grade']) { $_SESSION['stu_search']['sql'] = $sql; } else { if ($_SESSION['stu_search']['search_from_grade']) { unset($_SESSION['stu_search']['search_from_grade']); } } return $sql; } }
foreach ($arr_dt as $a_i => $a_d) { $datas[] = "'" . singleQuoteReplace("'", "''", $a_d) . "'"; } $datas = implode(',', $datas); DBQuery('INSERT INTO course_periods (SYEAR,SCHOOL_ID,COURSE_ID,COURSE_WEIGHT,TITLE,SHORT_NAME,MP,MARKING_PERIOD_ID,TEACHER_ID,SECONDARY_TEACHER_ID,TOTAL_SEATS,FILLED_SEATS,GRADE_SCALE_ID,DOES_HONOR_ROLL,DOES_CLASS_RANK,DOES_BREAKOFF,GENDER_RESTRICTION,HOUSE_RESTRICTION,CREDITS,AVAILABILITY,HALF_DAY,PARENT_ID,CALENDAR_ID,ROLLOVER_ID,SCHEDULE_TYPE,last_updated,MODIFIED_BY) VALUES (' . $datas . ')'); $get_max_id = DBGet(DBQuery("SELECT MAX(COURSE_PERIOD_ID) as COURSE_PERIOD_ID FROM course_periods")); unset($datas); unset($a_i); unset($a_d); $get_cpv = DBGet(DBQuery("SELECT " . $get_max_id[1]['COURSE_PERIOD_ID'] . " as COURSE_PERIOD_ID,DAYS,COURSE_PERIOD_DATE + INTERVAL '1' YEAR AS COURSE_PERIOD_DATE,PERIOD_ID,START_TIME,END_TIME,ROOM_ID,DOES_ATTENDANCE FROM course_period_var WHERE COURSE_PERIOD_ID='" . $arr_dt['COURSE_PERIOD_ID'] . "' ")); foreach ($get_cpv as $cpv_ind => $cpv_dt) { $spid = DBGet(DBQuery('SELECT PERIOD_ID FROM school_periods WHERE SYEAR=\'' . $arr_dt['SYEAR'] . '\' AND ROLLOVER_ID=\'' . $cpv_dt['PERIOD_ID'] . '\' ')); $cpv_dt['PERIOD_ID'] = $spid[1]['PERIOD_ID']; foreach ($cpv_dt as $c_i => $c_dt) { $col[] = $c_i; $dt[] = "'" . singleQuoteReplace("'", "''", $c_dt) . "'"; } $col = implode(',', $col); $dt = implode(',', $dt); DBQuery('INSERT INTO course_period_var (' . $col . ') VALUES (' . $dt . ')'); unset($col); unset($dt); unset($c_i); unset($c_dt); } } DBQuery('UPDATE course_periods SET PARENT_ID=COURSE_PERIOD_ID WHERE SYEAR=\'' . $next_syear . '\' AND SCHOOL_ID=\'' . UserSchool() . '\''); $exists_RET[$table] = DBGet(DBQuery('SELECT count(*) AS COUNT from ' . $table . ' WHERE SYEAR=\'' . $next_syear . '\'' . (!$no_school_tables[$table] ? ' AND SCHOOL_ID=\'' . UserSchool() . '\'' : ''))); $total_rolled_data = $exists_RET[$table][1]['COUNT']; echo $tables['course_periods'] . '|' . '(|' . $total_rolled_data . '|)'; break;
function Widgets($item, $allow_widget = false) { global $extra, $_openSIS; if (!is_array($extra['functions'])) { $extra['functions'] = array(); } if (User('PROFILE') == 'admin' || User('PROFILE') == 'teacher' || $allow_widget) { switch ($item) { case 'course': if (User('PROFILE') == 'admin' || $allow_widget) { if ($_REQUEST['w_course_period_id']) { if ($_REQUEST['w_course_period_id_which'] == 'course') { $course = DBGet(DBQuery('SELECT c.TITLE AS COURSE_TITLE,cp.TITLE,cp.COURSE_ID FROM course_periods cp,courses c WHERE c.COURSE_ID=cp.COURSE_ID AND cp.COURSE_PERIOD_ID=\'' . $_REQUEST['w_course_period_id'] . '\'')); $extra['FROM'] .= ',schedule w_ss'; $extra['WHERE'] .= ' AND w_ss.STUDENT_ID=s.STUDENT_ID AND w_ss.SYEAR=ssm.SYEAR AND w_ss.SCHOOL_ID=ssm.SCHOOL_ID AND w_ss.COURSE_ID=\'' . $course[1]['COURSE_ID'] . '\' AND (\'' . DBDate() . '\' BETWEEN w_ss.START_DATE AND w_ss.END_DATE OR w_ss.END_DATE IS NULL)'; $_openSIS['SearchTerms'] .= '<font color=gray><b>Course: </b></font>' . $course[1]['COURSE_TITLE'] . '<BR>'; } else { $extra['FROM'] .= ',schedule w_ss'; $extra['WHERE'] .= ' AND w_ss.STUDENT_ID=s.STUDENT_ID AND w_ss.SYEAR=ssm.SYEAR AND w_ss.SCHOOL_ID=ssm.SCHOOL_ID AND w_ss.COURSE_PERIOD_ID=\'' . $_REQUEST['w_course_period_id'] . '\' AND (\'' . DBDate() . '\' BETWEEN w_ss.START_DATE AND w_ss.END_DATE OR w_ss.END_DATE IS NULL)'; $course = DBGet(DBQuery('SELECT c.TITLE AS COURSE_TITLE,cp.TITLE,cp.COURSE_ID FROM course_periods cp,courses c WHERE c.COURSE_ID=cp.COURSE_ID AND cp.COURSE_PERIOD_ID=\'' . $_REQUEST['w_course_period_id'] . '\'')); $_openSIS['SearchTerms'] .= '<font color=gray><b>Course Period: </b></font>' . $course[1]['COURSE_TITLE'] . ': ' . $course[1]['TITLE'] . '<BR>'; } } $extra['search'] .= "<TR><TD align=right width=120>Course</TD><TD><DIV id=course_div></DIV> <A HREF=# onclick='window.open(\"ForWindow.php?modname=miscellaneous/ChooseCourse.php\",\"\",\"scrollbars=yes,resizable=yes,width=800,height=400\");'><SMALL>Choose</SMALL></A></TD></TR>"; } break; case 'request': if (User('PROFILE') == 'admin' || $allow_widget) { // PART OF THIS IS DUPLICATED IN PrintRequests.php if ($_REQUEST['request_course_id']) { $course = DBGet(DBQuery('SELECT c.TITLE FROM courses c WHERE c.COURSE_ID=\'' . $_REQUEST['request_course_id'] . '\'')); if (!$_REQUEST['not_request_course']) { $extra['FROM'] .= ',schedule_requests sr'; $extra['WHERE'] .= ' AND sr.STUDENT_ID=s.STUDENT_ID AND sr.SYEAR=ssm.SYEAR AND sr.SCHOOL_ID=ssm.SCHOOL_ID AND sr.COURSE_ID=\'' . $_REQUEST['request_course_id'] . '\''; $_openSIS['SearchTerms'] .= '<font color=gray><b>Request: </b></font>' . $course[1]['TITLE'] . '<BR>'; } else { $extra['WHERE'] .= ' AND NOT EXISTS (SELECT \'\' FROM schedule_requests sr WHERE sr.STUDENT_ID=ssm.STUDENT_ID AND sr.SYEAR=ssm.SYEAR AND sr.COURSE_ID=\'' . $_REQUEST['request_course_id'] . '\') '; $_openSIS['SearchTerms'] .= '<font color=gray><b>Missing Request: </b></font>' . $course[1]['TITLE'] . '<BR>'; } } $extra['search'] .= "<TR><TD align=right width=120>Request</TD><TD><DIV id=request_div></DIV> <A HREF=# onclick='window.open(\"ForWindow.php?modname=miscellaneous/ChooseRequest.php\",\"\",\"scrollbars=yes,resizable=yes,width=800,height=400\");'><SMALL>Choose</SMALL></A></TD></TR>"; } break; case 'absences': if (is_numeric($_REQUEST['absences_low']) && is_numeric($_REQUEST['absences_high'])) { if ($_REQUEST['absences_low'] > $_REQUEST['absences_high']) { $temp = $_REQUEST['absences_high']; $_REQUEST['absences_high'] = $_REQUEST['absences_low']; $_REQUEST['absences_low'] = $temp; } if ($_REQUEST['absences_low'] == $_REQUEST['absences_high']) { $extra['WHERE'] .= ' AND (SELECT sum(1-STATE_VALUE) AS STATE_VALUE FROM attendance_day ad WHERE ssm.STUDENT_ID=ad.STUDENT_ID AND ad.SYEAR=ssm.SYEAR AND ad.MARKING_PERIOD_ID IN (' . GetChildrenMP($_REQUEST['absences_term'], UserMP()) . ')) = \'' . $_REQUEST[absences_low] . '\''; } else { $extra['WHERE'] .= ' AND (SELECT sum(1-STATE_VALUE) AS STATE_VALUE FROM attendance_day ad WHERE ssm.STUDENT_ID=ad.STUDENT_ID AND ad.SYEAR=ssm.SYEAR AND ad.MARKING_PERIOD_ID IN (' . GetChildrenMP($_REQUEST['absences_term'], UserMP()) . ')) BETWEEN \'' . $_REQUEST[absences_low] . '\' AND \'' . $_REQUEST[absences_high] . '\''; } switch ($_REQUEST['absences_term']) { case 'FY': $term = 'this school year to date'; break; case 'SEM': $term = 'this semester to date'; break; case 'QTR': $term = 'this marking period to date'; break; } $_openSIS['SearchTerms'] .= '<font color=gray><b>Days Absent ' . $term . ' between: </b></font>' . $_REQUEST['absences_low'] . ' & ' . $_REQUEST['absences_high'] . '<BR>'; } $extra['search'] .= "<TR><TD align=right width=120>Days Absent<BR><INPUT type=radio name=absences_term value=FY checked>YTD<INPUT type=radio name=absences_term value=SEM>" . GetMP(GetParentMP('SEM', UserMP()), 'SHORT_NAME') . "<INPUT type=radio name=absences_term value=QTR>" . GetMP(UserMP(), 'SHORT_NAME') . "</TD><TD>Between <INPUT type=text name=absences_low size=3 class=cell_small maxlength=5> & <INPUT type=text name=absences_high size=3 maxlength=5 class=cell_small></TD></TR>"; break; case 'gpa': if (is_numeric($_REQUEST['gpa_low']) && is_numeric($_REQUEST['gpa_high'])) { if ($_REQUEST['gpa_low'] > $_REQUEST['gpa_high']) { $temp = $_REQUEST['gpa_high']; $_REQUEST['gpa_high'] = $_REQUEST['gpa_low']; $_REQUEST['gpa_low'] = $temp; } if ($_REQUEST['list_gpa']) { $extra['SELECT'] .= ',sgc.GPA,sgc.weighted_gpa, sgc.unweighted_gpa'; $extra['columns_after']['GPA'] = 'GPA'; } if (strpos($extra['FROM'], 'student_gpa_calculated sgc') === false) { $extra['FROM'] .= ',student_gpa_calculated sgc'; $extra['WHERE'] .= ' AND sgc.STUDENT_ID=s.STUDENT_ID AND sgc.MARKING_PERIOD_ID=\'' . $_REQUEST['gpa_term'] . '\''; } $extra['WHERE'] .= ' AND sgc.GPA BETWEEN \'' . $_REQUEST[gpa_low] . '\' AND \'' . $_REQUEST[gpa_high] . '\' AND sgc.MARKING_PERIOD_ID=\'' . $_REQUEST['gpa_term'] . '\''; $_openSIS['SearchTerms'] .= '<font color=gray><b>' . ($_REQUEST['gpa_weighted'] == 'Y' ? 'Weighted ' : '') . 'GPA between: </b></font>' . $_REQUEST['gpa_low'] . ' & ' . $_REQUEST['gpa_high'] . '<BR>'; } if (is_numeric($_REQUEST['cgpa_low']) && is_numeric($_REQUEST['cgpa_high'])) { if ($_REQUEST['cgpa_low'] > $_REQUEST['cgpa_high']) { $temp = $_REQUEST['cgpa_high']; $_REQUEST['cgpa_high'] = $_REQUEST['cgpa_low']; $_REQUEST['cgpa_low'] = $temp; } if ($_REQUEST['cgpa']) { $extra['SELECT'] .= ',sgr.CGPA'; $extra['columns_after']['CGPA'] = 'CGPA'; } if (strpos($extra['FROM'], 'student_gpa_runnings sgr') === false) { $extra['FROM'] .= ',student_gpa_calculated sgr'; $extra['WHERE'] .= ' AND sgr.STUDENT_ID=s.STUDENT_ID '; } $extra['WHERE'] .= ' AND sgr.CGPA BETWEEN ' . $_REQUEST[cgpa_low] . ' AND ' . $_REQUEST[cgpa_high] . ' '; $_openSIS['SearchTerms'] .= '<font color=gray><b>CGPA between: </b></font>' . $_REQUEST['cgpa_low'] . ' & ' . $_REQUEST['cgpa_high'] . '<BR>'; } $qrtrs_query = DBGet(DBQuery('SELECT COUNT(*) as QUARTER FROM school_quarters where SCHOOL_ID=\'' . UserSchool() . '\' and SYEAR=\'' . UserSyear() . '\'')); if ($qrtrs_query[1]['QUARTER'] > 1) { $extra['search'] .= "<TR><TD align=right width=120><INPUT type=checkbox name=list_gpa value=Y>Marking Period GPA</TD></TR>\r\n <TR><TD align=right width=120><INPUT type=radio name=gpa_term value=" . GetParentMP('SEM', UserMP()) . ">" . GetMP(GetParentMP('SEM', UserMP()), 'SHORT_NAME') . "\r\n <INPUT type=radio name=gpa_term value=" . UserMP() . ">" . GetMP(UserMP(), 'SHORT_NAME') . "</TD>\r\n <TD>Between<INPUT type=text name=gpa_low class=cell_small size=3 maxlength=5> & <INPUT type=text name=gpa_high size=3 maxlength=5 class=cell_small></TD></TR>"; } if ($qrtrs_query[1]['QUARTER'] <= 1) { $extra['search'] .= "<TR><TD align=right width=120><INPUT type=checkbox name=list_gpa value=Y>Marking Period GPA</TD></TR>\r\n <TR><TD align=right width=120>" . "<INPUT type=radio name=gpa_term value=" . UserMP() . ">" . GetMP(UserMP(), 'SHORT_NAME') . "</TD>\r\n <TD>Between<INPUT type=text name=gpa_low class=cell_small size=3 maxlength=5> & <INPUT type=text name=gpa_high size=3 maxlength=5 class=cell_small></TD></TR>"; } $extra['search'] .= "<TR><TD align=right width=120><INPUT type=checkbox name=cgpa value=Y>CGPA</TD></TR>\r\n <TR><TD align=right width=120></td><td>Between<INPUT type=text name=cgpa_low class=cell_small size=3 maxlength=5> & <INPUT type=text name=cgpa_high size=3 maxlength=5 class=cell_small></TD></TR>"; break; case 'class_rank': if (is_numeric($_REQUEST['class_rank_low']) && is_numeric($_REQUEST['class_rank_high'])) { if ($_REQUEST['class_rank_low'] > $_REQUEST['class_rank_high']) { $temp = $_REQUEST['class_rank_high']; $_REQUEST['class_rank_high'] = $_REQUEST['class_rank_low']; $_REQUEST['class_rank_low'] = $temp; } if (strpos($extra['FROM'], 'student_gpa_calculated sgc') === false) { $extra['FROM'] .= ',student_gpa_calculated sgc'; $extra['WHERE'] .= ' AND sgc.STUDENT_ID=s.STUDENT_ID AND sgc.MARKING_PERIOD_ID=\'' . $_REQUEST['class_rank_term'] . '\''; } $extra['WHERE'] .= ' AND sgc.CLASS_RANK BETWEEN \'' . $_REQUEST[class_rank_low] . '\' AND \'' . $_REQUEST[class_rank_high] . '\''; $_openSIS['SearchTerms'] .= '<font color=gray><b>Class Rank between: </b></font>' . $_REQUEST['class_rank_low'] . ' & ' . $_REQUEST['class_rank_high'] . '<BR>'; } $qrtrs_query = DBGet(DBQuery('SELECT COUNT(*) as QUARTER FROM school_quarters where SCHOOL_ID=\'' . UserSchool() . '\' and SYEAR=\'' . UserSyear() . '\'')); if ($qrtrs_query[1]['QUARTER'] > 1) { $extra['search'] .= "<TR><TD align=right width=120>Class Rank<BR><INPUT type=radio name=class_rank_term value=CUM checked>Cumulative<INPUT type=radio name=class_rank_term value=" . GetParentMP('SEM', UserMP()) . ">" . GetMP(GetParentMP('SEM', UserMP()), 'SHORT_NAME') . "<INPUT type=radio name=class_rank_term value=" . UserMP() . ">" . GetMP(UserMP(), 'SHORT_NAME') . ""; } if ($qrtrs_query[1]['QUARTER'] <= 1) { $extra['search'] .= "<TR><TD align=right width=120>Class Rank<BR><INPUT type=radio name=class_rank_term value=CUM checked>Cumulative" . "<INPUT type=radio name=class_rank_term value=" . UserMP() . ">" . GetMP(UserMP(), 'SHORT_NAME') . ""; } if (strlen($pros = GetChildrenMP('PRO', UserMP()))) { $pros = explode(',', singleQuoteReplace("'", '', $pros)); foreach ($pros as $pro) { $extra['search'] .= "<INPUT type=radio name=class_rank_term value=" . $pro . ">" . GetMP($pro, 'SHORT_NAME') . ""; } } $extra['search'] .= "</TD><TD>Between<INPUT type=text name=class_rank_low size=3 maxlength=5 class=cell_small> & <INPUT type=text name=class_rank_high size=3 maxlength=5 class=cell_small></TD></TR>"; break; case 'letter_grade': if (count($_REQUEST['letter_grade'])) { $_openSIS['SearchTerms'] .= '<font color=gray><b>With' . ($_REQUEST['letter_grade_exclude'] == 'Y' ? 'out' : '') . ' Report Card Grade: </b></font>'; $letter_grades_RET = DBGet(DBQuery('SELECT ID,TITLE FROM report_card_grades WHERE SCHOOL_ID=\'' . UserSchool() . '\' AND SYEAR=\'' . UserSyear() . '\''), array(), array('ID')); foreach ($_REQUEST['letter_grade'] as $grade => $Y) { $letter_grades .= ",'{$grade}'"; $_openSIS['SearchTerms'] .= $letter_grades_RET[$grade][1]['TITLE'] . ', '; } $_openSIS['SearchTerms'] = substr($_openSIS['SearchTerms'], 0, -2); $extra['WHERE'] .= " AND " . ($_REQUEST['letter_grade_exclude'] == 'Y' ? 'NOT ' : '') . "EXISTS (SELECT '' FROM student_report_card_grades sg3 WHERE sg3.STUDENT_ID=ssm.STUDENT_ID AND sg3.SYEAR=ssm.SYEAR AND sg3.REPORT_CARD_GRADE_ID IN (" . substr($letter_grades, 1) . ")" . ($_REQUEST['letter_grade_term'] != '' ? "AND sg3.MARKING_PERIOD_ID='" . $_REQUEST['letter_grade_term'] . "' " : '') . ")"; $_openSIS['SearchTerms'] .= '<BR>'; } $qrtrs_query = DBGet(DBQuery('SELECT COUNT(*) as QUARTER FROM school_quarters where SCHOOL_ID=\'' . UserSchool() . '\' and SYEAR=\'' . UserSyear() . '\'')); if ($qrtrs_query[1]['QUARTER'] > 1) { $extra['search'] .= "<TR><TD align=right width=120>Letter Grade<BR><INPUT type=checkbox name=letter_grade_exclude value=Y>Did not receive<BR><INPUT type=radio name=letter_grade_term value=" . GetParentMP('SEM', UserMP()) . ">" . GetMP(GetParentMP('SEM', UserMP()), 'SHORT_NAME') . "<INPUT type=radio name=letter_grade_term value=" . UserMP() . ">" . GetMP(UserMP(), 'SHORT_NAME') . ""; } if ($qrtrs_query[1]['QUARTER'] <= 1) { $extra['search'] .= "<TR><TD align=right width=120>Letter Grade<BR><INPUT type=checkbox name=letter_grade_exclude value=Y>Did not receive<BR>" . "<INPUT type=radio name=letter_grade_term value=" . UserMP() . ">" . GetMP(UserMP(), 'SHORT_NAME') . ""; } if (strlen($pros = GetChildrenMP('PRO', UserMP()))) { $pros = explode(',', singleQuoteReplace("'", '', $pros)); foreach ($pros as $pro) { $extra['search'] .= "<INPUT type=radio name=letter_grade_term value=" . $pro . ">" . GetMP($pro, 'SHORT_NAME') . ""; } } $extra['search'] .= "</TD><TD>"; if ($_REQUEST['search_modfunc'] == 'search_fnc' || !$_REQUEST['search_modfunc']) { $letter_grades_RET = DBGet(DBQuery('SELECT rg.ID,rg.TITLE,rg.GRADE_SCALE_ID FROM report_card_grades rg,report_card_grade_scales rs WHERE rg.SCHOOL_ID=\'' . UserSchool() . '\' AND rg.SYEAR=\'' . UserSyear() . '\' AND rs.ID=rg.GRADE_SCALE_ID' . (User('PROFILE') == 'teacher' ? ' AND rg.GRADE_SCALE_ID=(SELECT GRADE_SCALE_ID FROM course_periods WHERE COURSE_PERIOD_ID=\'' . UserCoursePeriod() . '\')' : '') . ' ORDER BY rs.SORT_ORDER,rs.ID,rg.BREAK_OFF IS NOT NULL DESC,rg.BREAK_OFF DESC,rg.SORT_ORDER'), array(), array('GRADE_SCALE_ID')); } foreach ($letter_grades_RET as $grades) { $i = 0; if (count($grades)) { foreach ($grades as $grade) { if ($i % 9 == 0) { $extra['search'] .= '<BR>'; } $extra['search'] .= '<INPUT type=checkbox value=Y name=letter_grade[' . $grade['ID'] . ']>' . $grade['TITLE']; $i++; } } } $extra['search'] .= '</TD></TR>'; break; case 'eligibility': if ($_REQUEST['ineligible'] == 'Y') { $start_end_RET = DBGet(DBQuery('SELECT TITLE,VALUE FROM program_config WHERE SYEAR=\'' . UserSyear() . '\' AND SCHOOL_ID=\'' . UserSchool() . '\' AND PROGRAM=\'eligibility\' AND TITLE IN (\'START_DAY\',\'END_DAY\')')); if (count($start_end_RET)) { foreach ($start_end_RET as $value) { ${$value}['TITLE'] = $value['VALUE']; } } switch (date('D')) { case 'Mon': $today = 1; break; case 'Tue': $today = 2; break; case 'Wed': $today = 3; break; case 'Thu': $today = 4; break; case 'Fri': $today = 5; break; case 'Sat': $today = 6; break; case 'Sun': $today = 7; break; } $start_date = strtoupper(date('d-M-y', time() - ($today - $START_DAY) * 60 * 60 * 24)); $end_date = strtoupper(date('d-M-y', time())); $extra['WHERE'] .= ' AND (SELECT count(*) FROM eligibility e WHERE ssm.STUDENT_ID=e.STUDENT_ID AND e.SYEAR=ssm.SYEAR AND e.SCHOOL_DATE BETWEEN \'' . $start_date . '\' AND \'' . $end_date . '\' AND e.ELIGIBILITY_CODE=\'FAILING\') > \'0\''; $_openSIS['SearchTerms'] .= '<font color=gray><b>Extracurricular: </b></font>Ineligible<BR>'; } $extra['search'] .= "<TR><TD align=right width=120>Ineligible</TD><TD><INPUT type=checkbox name=ineligible value='Y'></TD></TR>"; break; case 'activity': if ($_REQUEST['activity_id']) { $extra['FROM'] .= ',student_eligibility_activities sea'; $extra['WHERE'] .= ' AND sea.STUDENT_ID=s.STUDENT_ID AND sea.SYEAR=ssm.SYEAR AND sea.ACTIVITY_ID=\'' . $_REQUEST['activity_id'] . '\''; $activity = DBGet(DBQuery('SELECT TITLE FROM eligibility_activities WHERE ID=\'' . $_REQUEST['activity_id'] . '\'')); $_openSIS['SearchTerms'] .= '<font color=gray><b>Activity: </b></font>' . $activity[1]['TITLE'] . '<BR>'; } if ($_REQUEST['search_modfunc'] == 'search_fnc' || !$_REQUEST['search_modfunc']) { $activities_RET = DBGet(DBQuery('SELECT ID,TITLE FROM eligibility_activities WHERE SCHOOL_ID=\'' . UserSchool() . '\' AND SYEAR=\'' . UserSyear() . '\'')); } $select = "<SELECT name=activity_id><OPTION value=''>Not Specified</OPTION>"; if (count($activities_RET)) { foreach ($activities_RET as $activity) { $select .= "<OPTION value={$activity['ID']}>{$activity['TITLE']}</OPTION>"; } } $select .= '</SELECT>'; $extra['search'] .= "<TR><TD align=right width=120>Activity</TD><TD>" . $select . "</TD></TR>"; break; case 'mailing_labels': if ($_REQUEST['mailing_labels'] == 'Y') { $extra['SELECT'] .= ',sam.ID AS MAILING_LABEL'; $extra['FROM'] = ' LEFT OUTER JOIN student_address sam ON (sam.STUDENT_ID=ssm.STUDENT_ID AND sam.TYPE=\'Home Address\' )' . $extra['FROM']; $extra['functions'] += array('MAILING_LABEL' => 'MailingLabel'); } $extra['search'] .= '<TR><TD align=right width=120>Mailing Labels</TD><TD><INPUT type=checkbox name=mailing_labels value=Y></TD>'; break; case 'balance': if (is_numeric($_REQUEST['balance_low']) && is_numeric($_REQUEST['balance_high'])) { if ($_REQUEST['balance_low'] > $_REQUEST['balance_high']) { $temp = $_REQUEST['balance_high']; $_REQUEST['balance_high'] = $_REQUEST['balance_low']; $_REQUEST['balance_low'] = $temp; } $extra['WHERE'] .= ' AND (COALESCE((SELECT SUM(f.AMOUNT) FROM BILLING_FEES f,STUDENTS_JOIN_FEES sjf WHERE sjf.FEE_ID=f.ID AND sjf.STUDENT_ID=ssm.STUDENT_ID AND f.SYEAR=ssm.SYEAR),0)+(SELECT COALESCE(SUM(f.AMOUNT),0)-COALESCE(SUM(f.CASH),0) FROM LUNCH_TRANSACTIONS f WHERE f.STUDENT_ID=ssm.STUDENT_ID AND f.SYEAR=ssm.SYEAR)-COALESCE((SELECT SUM(p.AMOUNT) FROM BILLING_PAYMENTS p WHERE p.STUDENT_ID=ssm.STUDENT_ID AND p.SYEAR=ssm.SYEAR),0)) BETWEEN \'' . $_REQUEST[balance_low] . '\' AND \'' . $_REQUEST[balance_high] . '\' '; } $extra['search'] .= "<TR><TD align=right width=120>Student Billing Balance<BR></TD><TD>Between<INPUT type=text name=balance_low size=5 maxlength=10 class=cell_small> & <INPUT type=text name=balance_high size=5 maxlength=10 class=cell_small></TD></TR>"; break; ############################ ########################################################## ############################ ########################################################## case 'parents': $extra['search'] .= "<TR><TD align=right width=120>Show Parents & Contacts<BR></TD><TD><INPUT type=radio name=show value=P></TD></TR>"; break; ############################ ########################################################## ############################ ########################################################## case 'staff': $extra['search'] .= "<TR><TD align=right width=120>Show Staff<BR></TD><TD><INPUT type=radio name=show value=S></TD></TR>"; break; #################################################################################################################### break; } } }
function SaveData($iu_extra, $fields_done = false, $field_names = false) { if (!$fields_done) { $fields_done = array(); } if (!$field_names) { $field_names = array(); } if ($_REQUEST['month_values']) { foreach ($_REQUEST['month_values'] as $table => $values) { foreach ($values as $id => $columns) { foreach ($columns as $column => $value) { if ($value == 'JAN') { $value = '01'; } if ($value == 'FEB') { $value = '02'; } if ($value == 'MAR') { $value = '03'; } if ($value == 'APR') { $value = '04'; } if ($value == 'MAY') { $value = '05'; } if ($value == 'JUN') { $value = '06'; } if ($value == 'JUL') { $value = '07'; } if ($value == 'AUG') { $value = '08'; } if ($value == 'SEP') { $value = '09'; } if ($value == 'OCT') { $value = '10'; } if ($value == 'NOV') { $value = '11'; } if ($value == 'DEC') { $value = '12'; } $_REQUEST['values'][$table][$id][$column] = $_REQUEST['year_values'][$table][$id][$column] . '-' . $value . '-' . $_REQUEST['day_values'][$table][$id][$column]; if ($_REQUEST['values'][$table][$id][$column] == '--') { $_REQUEST['values'][$table][$id][$column] = ''; } } } } } foreach ($_REQUEST['values'] as $table => $values) { $table_properties = db_properties($table); foreach ($values as $id => $columns) { foreach ($columns as $column => $value) { if ($table == 'student_enrollment') { if ($column == 'START_DATE') { $s_date = '1-' . $_REQUEST['month_values'][$table][$id][$column] . '-' . $_REQUEST['year_values'][$table][$id][$column]; $num_days = date('t', strtotime($s_date)); if ($num_days < $_REQUEST['day_values'][$table][$id][$column]) { $error[] = '<font color=red>' . date('F', strtotime($s_date)) . ' has ' . $num_days . ' days</font>'; continue; } } } if ($field_names[$table][$column]) { $name = 'The value for ' . $field_names[$table][$column]; } else { $name = 'The value for ' . ucwords(strtolower(str_replace('_', ' ', $column))); } // COLUMN DOESN'T EXIST if (!$table_properties[$column]) { $error[] = 'There is no column for ' . $name . '. This value was not saved.'; continue; } // VALUE IS TOO LONG if ($table_properties[$column]['TYPE'] == 'VARCHAR' && strlen($value) > $table_properties[$column]['SIZE']) { $value = substr($value, 0, $table_properties[$column]['SIZE']); $error[] = $name . ' was too long. It was truncated to fit in the field.'; } // FIELD IS NUMERIC, VALUE CONTAINS NON-NUMERICAL CHARACTERS if ($table_properties[$column]['TYPE'] == 'NUMERIC' && ereg('[^0-9-]', $value)) { $value = ereg_replace('[^0-9]', '', $value); $error[] = $name . ', a numerical field, contained non-numerical characters. These characaters were removed.'; } // FIELD IS DATE, DATE IS WRONG if ($table_properties[$column]['TYPE'] == 'DATE' && $value && !VerifyDate($value)) { $error[] = $name . ', a date field, was not a valid date. This value could not be saved.'; continue; } if ($table_properties[$column]['TYPE'] == 'DATE' && $value) { $value = date('Y-m-d', strtotime($value)); } if ($id == 'new') { if (trim($value)) { $value = paramlib_validation($column, $value); $ins_fields[$table] .= $column . ','; if (stripos($_SERVER['SERVER_SOFTWARE'], 'linux')) { $ins_values[$table] .= '\'' . singleQuoteReplace("'", "''", $value) . ' \','; } else { $ins_values[$table] .= '\'' . singleQuoteReplace("'", "''", $value) . ' \','; } $go = true; } } else { if (strlen($value) > 0) { $value = paramlib_validation($column, $value); if (stripos($_SERVER['SERVER_SOFTWARE'], 'linux')) { $values = $column . '=\'' . singleQuoteReplace("'", "''", $value) . ' \','; } else { $values = $column . '=\'' . singleQuoteReplace("'", "''", $value) . ' \','; } $sql[$table] .= str_replace('%u201D', "\"", $values); if ($column == 'END_DATE' && $table == 'student_enrollment') { $sc_qr = DBGet(DBQuery('SELECT course_period_id from schedule WHERE STUDENT_ID=\'' . $_REQUEST['student_id'] . '\' AND SCHOOL_ID=\'' . UserSchool() . '\' AND SYEAR=\'' . UserSyear() . '\'')); foreach ($sc_qr as $v) { $sch_en = DBGet(DBQuery('select end_date from course_periods where course_period_id=' . $v['COURSE_PERIOD_ID'])); $sc_end_date = $sch_en[1]['END_DATE']; if (strtotime($value) < strtotime($sc_end_date)) { $final_end_date = date('Y-m-d', strtotime($value)); } else { $final_end_date = date('Y-m-d', strtotime($sc_end_date)); } DBQuery('UPDATE schedule SET END_DATE=\'' . $final_end_date . '\' WHERE STUDENT_ID=\'' . $_REQUEST['student_id'] . '\' AND SCHOOL_ID=\'' . UserSchool() . '\' AND SYEAR=\'' . UserSyear() . '\' and course_period_id=\'' . $v['COURSE_PERIOD_ID'] . '\''); } } } else { $sql[$table] .= "{$column}=NULL,"; } } } if ($id == 'new') { $sql[$table] = 'INSERT INTO ' . $table . ' (' . $iu_extra['fields'][$table] . substr($ins_fields[$table], 0, -1) . ') values(' . $iu_extra['values'][$table] . substr($ins_values[$table], 0, -1) . ')'; } else { $sql[$table] = 'UPDATE ' . $table . ' SET ' . substr($sql[$table], 0, -1) . ' WHERE ' . str_replace('__ID__', $id, $iu_extra[$table]); if ($table == 'student_enrollment') { $enrollment_record = DBGet(DBQuery("SELECT * FROM student_enrollment WHERE STUDENT_ID='{$_REQUEST['student_id']}' AND SYEAR='" . UserSyear() . "' AND SCHOOL_ID='" . UserSchool() . "'")); $enrollment_record = $enrollment_record[1]; } } echo ErrorMessage($error); if ($id != 'new' || $go == true) { DBQuery($sql[$table]); } $error = $ins_fields = $ins_values = $sql = $go = ''; } } }