DrawBC("Users >> " . ProgramTitle());
include 'Menu.php';
if (is_numeric(clean_param($_REQUEST['profile_id'], PARAM_INT))) {
$exceptions_RET = DBGet(DBQuery('SELECT PROFILE_ID,MODNAME,CAN_USE,CAN_EDIT FROM profile_exceptions WHERE PROFILE_ID=\'' . $_REQUEST[profile_id] . '\''), array(), array('MODNAME'));
$profile_RET = DBGet(DBQuery('SELECT PROFILE FROM user_profiles WHERE ID=\'' . $_REQUEST[profile_id] . '\''));
$xprofile = $profile_RET[1]['PROFILE'];
if ($xprofile == 'student') {
$xprofile = 'parent';
unset($menu['Users']);
}
}
if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'delete' && AllowEdit()) {
$profile_RET = DBGet(DBQuery('SELECT TITLE FROM user_profiles WHERE ID=\'' . $_REQUEST[profile_id] . '\''));
// if(Prompt('Confirm Delete','Are you sure you want to delete the user profile <i>'.$profile_RET[1]['TITLE'].'</i>?','Users of that profile will retain their permissions as a custom set which can be modified on a per-user basis through the User Permissions program.'))
$profile = $profile_RET[1]['TITLE'];
if (DeletePromptBigString("<b>Are you sure you want to delete the user profile <i>{$profile}</i>?,</b><br/>Users of that profile will retain their permissions as a custom set which can be modified on a per-user basis through the User Permissions program.")) {
$existStaff = DBGet(DBQuery("select * from staff where profile_id={$_REQUEST['profile_id']}"));
if (count($existStaff) == 0) {
DBQuery('DELETE FROM user_profiles WHERE ID=\'' . $_REQUEST['profile_id'] . '\'');
DBQuery('DELETE FROM staff_exceptions WHERE USER_ID IN (SELECT STAFF_ID FROM staff WHERE PROFILE_ID=\'' . $_REQUEST['profile_id'] . '\')');
DBQuery('INSERT INTO staff_exceptions (USER_ID,MODNAME,CAN_USE,CAN_EDIT) SELECT s.STAFF_ID,e.MODNAME,e.CAN_USE,e.CAN_EDIT FROM staff s,profile_exceptions e WHERE s.PROFILE_ID=\'' . $_REQUEST[profile_id] . '\' AND s.PROFILE_ID=e.PROFILE_ID');
DBQuery('DELETE FROM profile_exceptions WHERE PROFILE_ID=\'' . $_REQUEST['profile_id'] . '\'');
unset($_REQUEST['modfunc']);
unset($_REQUEST['profile_id']);
} else {
echo '<BR>';
PopTable('header', 'Alert Message');
echo "<CENTER><h4>Cannot delete because profile is associated with staff.</h4><br><FORM action={$PHP_tmp_SELF} METHOD=POST><INPUT type=button class=btn_medium name=delete_cancel value=OK onclick='window.location=\"Modules.php?modname={$_REQUEST['modname']} \"'></FORM></CENTER>";
PopTable('footer');
return false;
}
include '../../RedirectModulesInc.php';
DrawBC("users >> " . ProgramTitle());
include 'Menu.php';
if (is_numeric(clean_param($_REQUEST['profile_id'], PARAM_INT))) {
$exceptions_RET = DBGet(DBQuery('SELECT PROFILE_ID,MODNAME,CAN_USE,CAN_EDIT FROM profile_exceptions WHERE PROFILE_ID=\'' . $_REQUEST[profile_id] . '\''), array(), array('MODNAME'));
$profile_RET = DBGet(DBQuery('SELECT PROFILE FROM user_profiles WHERE ID=\'' . $_REQUEST[profile_id] . '\''));
$xprofile = $profile_RET[1]['PROFILE'];
if ($xprofile == 'student') {
$xprofile = 'parent';
unset($menu['users']);
}
}
if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'delete' && AllowEdit()) {
$profile_RET = DBGet(DBQuery('SELECT TITLE FROM user_profiles WHERE ID=\'' . $_REQUEST[profile_id] . '\''));
$profile = $profile_RET[1]['TITLE'];
if (DeletePromptBigString("delete <i>{$profile}</i>?,<br/>users of that profile will retain their permissions as a custom set which can be modified on a per-user basis through the User Permissions program.")) {
$existStaff = DBGet(DBQuery("select * from staff where profile_id={$_REQUEST['profile_id']}"));
if (count($existStaff) == 0) {
DBQuery('DELETE FROM user_profiles WHERE ID=\'' . $_REQUEST['profile_id'] . '\'');
DBQuery('DELETE FROM profile_exceptions WHERE PROFILE_ID=\'' . $_REQUEST['profile_id'] . '\'');
unset($_REQUEST['modfunc']);
unset($_REQUEST['profile_id']);
} else {
echo '<BR>';
PopTable('header', 'Alert Message');
echo "<CENTER><h4>Cannot delete because profile is associated with staff.</h4><br><FORM action={$PHP_tmp_SELF} METHOD=POST><INPUT type=button class=btn_medium name=delete_cancel value=OK onclick='window.location=\"Modules.php?modname={$_REQUEST['modname']} \"'></FORM></CENTER>";
PopTable('footer');
return false;
}
}
}
