{
$comments = portal_get_activity_comments($diy_id, $member_id);
if (count($comments) > 0) {
return $comments[0];
} else {
return $comments;
}
}
if ($_SESSION['is_logged_in'] != 'yes' || !$_SESSION['portal']['taking_course']) {
mystery_redirect('/');
}
switch ($_PORTAL['activity']) {
case 'details':
$diy_id = @$_PORTAL['action'];
if ($diy_id == '') {
mystery_redirect('/course/');
}
if (isset($_PORTAL['params']['process'])) {
$query = 'DELETE FROM portal_comments_ratings WHERE comment_diy_identifier = ? AND comment_author = ?';
$params = array($diy_id, $_SESSION['portal']['member_id']);
$status = mystery_delete_query($query, $params, 'portal_dbh');
if (!isset($_REQUEST['comment_delete'])) {
$data = array();
$data['comment_author'] = $_SESSION['portal']['member_id'];
$data['comment_diy_identifier'] = $diy_id;
$data['comment_title'] = $_REQUEST['comment_title'];
$data['comment_body'] = $_REQUEST['comment_body'];
//$data['comment_rating'] = $_REQUEST['comment_rating'];
$data['creation_date'] = date('Y-m-d H:i:s');
$comment_id = mystery_insert_query('portal_comments_ratings', $data, 'comment_id', 'portal_dbh');
echo '<p style="color: #009900;"><em>Comment saved!</em></p>';
$id_param = $_PORTAL['action'];
$page_title = 'Copy a class';
$class_info = portal_get_class_info($id_param);
$class_info['class_name'] = $class_info['class_name'] . ' Copy';
@($class_info['class_word'] = '');
break;
case 'add':
$id_param = 'new';
$page_title = 'Add a class';
$class_info = array();
$class_info['activities'] = array();
$class_info['diy_activities'] = array();
break;
}
if ($_SESSION['portal']['member_type'] != 'superuser' && $_SESSION['portal']['member_type'] != 'admin' && $_SESSION['portal']['member_type'] != 'teacher') {
mystery_redirect('/');
exit;
}
// FIXME - Add a check here to see if this is the class teacher if the role is a teacher
if (isset($_PORTAL['params']['process'])) {
$data = array();
$data['class_name'] = $_REQUEST['class_name'];
$data['class_teacher'] = $_SESSION['portal']['member_id'];
//mystery_print_r($_REQUEST, $_PORTAL, $data); exit;
// check the class word
$class_word_in_use = 'no';
$class_using_word = portal_check_class_word($_REQUEST['class_word']);
if ($class_using_word != $id_param && $class_using_word != false) {
$class_word_in_use = 'yes';
}
if ($_REQUEST['class_word'] != '' && $class_word_in_use == 'no') {
if ($_PORTAL['action'] == 'process') {
$data = array();
$data['school_name'] = $_REQUEST['school_name'];
$data['school_address_1'] = $_REQUEST['school_address_1'];
$data['school_address_2'] = $_REQUEST['school_address_2'];
$data['school_city'] = $_REQUEST['school_city'];
$data['school_state'] = $_REQUEST['school_state'];
$data['school_zip'] = $_REQUEST['school_zip'];
$data['school_country'] = $_REQUEST['school_country'];
$status = mystery_update_query('portal_schools', $data, 'school_id', $_SESSION['portal']['member_school'], 'portal_dbh');
if ($status == 0) {
$errors = array('Could not update school information');
echo portal_generate_error_page($errors);
} else {
// redirect back to the admin page
mystery_redirect('/admin/');
exit;
}
} else {
$school_info = portal_get_school_info($_SESSION['portal']['member_school']);
$state_list = portal_generate_db_form_list('school_state', @$school_info['school_state'], 'mystery4.mystery_states', 'state_abbr', 'state_name', 'list', '', '', array(), array('<option value=""></option>'), 35);
$country_list = portal_generate_db_form_list('school_country', $school_info['district_school'], 'mystery4.mystery_countries', 'country_name', 'country_name', 'list', '', '', array(), array('<option value=""></option>'), 50);
$school_info = portal_web_output_filter($school_info);
echo '
<form action="/school/edit/process/" method="post">
<h1>Edit School</h1>
<p><label for="school-name">School Name</label> <input type="text" name="school_name" id="school-name" value="' . @$school_info['school_name'] . '" size="35"></p>
<p><label for="school-address-1">Address 1</label> <input type="text" name="school_address_1" id="school-address-1" value="' . @$school_info['school_address_1'] . '" size="35"></p>
// check to see if the selected member is in the member's class
$taught_classes = portal_get_teacher_classes($_SESSION['portal']['member_id']);
if (array_intersect($taught_classes, $member_info['classes']['student'])) {
$selected_member_is_members_student = 'yes';
}
}
if ($_SESSION['portal']['member_type'] != 'superuser' && $_SESSION['portal']['member_type'] != 'admin' && $selected_member_is_members_student != 'yes') {
mystery_redirect('/');
exit;
}
if (isset($_PORTAL['params']['process'])) {
if ($member_id == $_SESSION['portal']['member_id']) {
$errors = array('Sorry you cannot delete your own account.');
echo portal_generate_error_page($errors);
} else {
portal_delete_member($_PORTAL['action']);
mystery_redirect($return_page);
exit;
}
} else {
// FIXME - Maybe add in details on the class to be deleted here
echo '
<form action="/member/delete/' . $member_id . '/process/" method="post">
<h1>Delete a member?</h1>
<p>Are you <strong>absolutely sure</strong> that you want to delete the member <strong>' . $member_info['member_first_name'] . ' ' . $member_info['member_last_name'] . '</strong>? There is no undo available.</p>
<p><input type="button" value="No" onclick="history.back();"> <input type="submit" value="Yes"></p>
</form>
';
}
$lastloc = preg_replace('~/process/$~', '/', $lastloc);
}
if (@$_SESSION['is_logged_in'] == 'yes') {
mystery_redirect('/');
exit;
}
// attempt a login and redirect
if (isset($_REQUEST['username']) && isset($_REQUEST['password'])) {
if (mystery_auth($_REQUEST['username'], $_REQUEST['password'])) {
if (!isset($_COOKIE['cookietest'])) {
// they know their username and password but since they do not
// have cookies enabled, they won't be able to use the site
$login_failed = 'yes';
$login_failure_reason = 'cookie';
} else {
mystery_redirect($lastloc);
}
} else {
$login_failed = 'yes';
}
}
// destroy any existing sessions
mystery_setup_default_session();
// display alert messages if necessary
if ($login_failed == 'yes') {
if ($login_failure_reason == 'cookie') {
$alert = '<p class="error-message"><strong>There was a problem signing in.</strong><br>
It appears that you do not have cookies enabled. You must enable cookies
in order to use this site.</p>';
} else {
$alert = '<p class="error-message"><strong>There was a problem signing in.</strong><br>
mystery_display_user_feedback('You have successfully logged out.');
}
// Process the authentication for the user. If not logged in, it will display the login box
mystery_process_authentication();
// Load the configuration for this table, if applicable
if ($_REQUEST['table'] != 'none') {
mystery_get_table_configuration($_REQUEST['table']);
}
// FIX
if (isset($_REQUEST['ss'])) {
mystery_print_r($_SESSION);
}
// Determine which action the user is looking for
switch ($_REQUEST['action']) {
case 'redirect':
mystery_redirect($_REQUEST['location']);
break;
case 'help':
mystery_header();
mystery_display_help();
mystery_footer();
break;
case 'documentation':
mystery_header();
mystery_display_documentation();
mystery_footer();
break;
case 'user_info':
mystery_header();
mystery_display_user_info_form();
mystery_footer();
<?php
// now get rid of the session
session_destroy();
mystery_setup_default_session();
session_regenerate_id();
// get rid of any diy session
mystery_cookie($portal_config['diy_session_name'], '');
mystery_redirect('/signin/?signout');
case 'report':
$teacher_name = urlencode(base64_decode(rawurldecode($_PORTAL['params']['teacher'])));
$class_name = urlencode(base64_decode(rawurldecode($_PORTAL['params']['class'])));
$activity_name = urlencode(base64_decode(rawurldecode($_PORTAL['params']['activity'])));
$member_list = urlencode(base64_decode(rawurldecode($_PORTAL['params']['members'])));
$class_identifier = urlencode(base64_decode(rawurldecode($_PORTAL['params']['uuid'])));
$url = 'http://' . $portal_config['diy_server'] . $portal_config['diy_server_path'] . '/reports/' . $diy_id . '/sail_jnlp?users=' . $member_list . '&system.report.class.name=' . $class_name . '&system.report.teacher.name=' . $teacher_name . '&system.report.activity.name=' . $activity_name . '&group_id=' . $class_identifier . '&group_list=' . urlencode($class_members);
// . '&group_list_url=' . $class_list_url;
break;
case 'run':
$url = 'http://' . $portal_config['diy_server'] . $portal_config['diy_server_path'] . '/' . $portal_config['diy_activities_name'] . '/' . $diy_id . '/sail_jnlp/' . $member_interface_path . '?group_id=' . $class_identifier . '&system.report.class.name=' . urlencode($class_name) . '&group_list=' . urlencode($class_members);
// . '&group_list_url=' . $class_list_url ;
break;
case 'show':
$url = 'http://' . $portal_config['diy_server'] . $portal_config['diy_server_path'] . '/' . $portal_config['diy_activities_name'] . '/' . $diy_id;
break;
case 'usage':
$url = 'http://' . $portal_config['diy_server'] . $portal_config['diy_server_path'] . '/' . $portal_config['diy_activities_name'] . '/' . $diy_id . '/usage';
break;
case 'work':
$class_info = portal_get_class_info_by_student($student_id);
$class_members = implode(',', portal_get_class_students_diy_ids($class_info['class_id']));
$class_identifier = $class_info['class_uuid'];
$class_name = $class_info['class_name'];
$class_id_prefix = strlen($reporting_param) == 0 ? '?group_id=' : '&group_id=';
$url = 'http://' . $portal_config['diy_server'] . $portal_config['diy_server_path'] . '/' . $portal_config['diy_activities_name'] . '/' . $diy_id . '/sail_jnlp/' . $student_interface_path . '/view' . $reporting_param . $class_id_prefix . $class_identifier . '&system.report.class.name=' . urlencode($class_name) . '&group_list=' . urlencode($class_members);
// . '&group_list_url=' . $class_list_url;
break;
}
mystery_redirect($url);
exit;
