$sql[] = "DELETE FROM course_periods WHERE COURSE_ID='{$course['COURSE_ID']}'";
$sql[] = "DELETE FROM schedule WHERE COURSE_ID='{$course['COURSE_ID']}'";
$sql[] = "DELETE FROM schedule_requests WHERE COURSE_ID='{$course['COURSE_ID']}'";
}
}
foreach ($sql as $query) {
DBQuery($query);
}
unset($_REQUEST['modfunc']);
unset($_REQUEST['subject_id']);
}
}
}
}
if ($_REQUEST['course_period_id']) {
if (DeletePromptCommon($table)) {
if (BlockDelete($table)) {
foreach ($sql as $query) {
DBQuery($query);
}
unset($_REQUEST['modfunc']);
unset($_REQUEST['course_period_id']);
}
}
}
}
if ($_REQUEST['modfunc'] == 'enter_standards') {
//***********insertion of standard for course******
if ($_REQUEST['process'] == 'update') {
$stand_added = 0;
foreach ($_REQUEST['stand_arr'] as $key => $st_value) {
// $Sql_modify_column.=" NOT NULL";
// }else{
// $Sql_modify_column.=" NULL";
// }
// if($custom_update['DEFAULT_SELECTION'] && $not_default==false){
// $Sql_modify_column.=" DEFAULT '".$custom_update['DEFAULT_SELECTION']."' ";
// }
//
// DBQuery($Sql_modify_column);
// }
}
unset($_REQUEST['tables']);
}
if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'delete') {
if (clean_param($_REQUEST['id'], PARAM_INT)) {
if (DeletePromptCommon('school field')) {
$id = clean_param($_REQUEST['id'], PARAM_INT);
DBQuery('DELETE FROM school_custom_fields WHERE ID=\'' . $id . '\'');
DBQuery('ALTER TABLE schools DROP COLUMN CUSTOM_' . $id . '');
$_REQUEST['modfunc'] = '';
unset($_REQUEST['id']);
}
}
}
if ($_REQUEST['id'] && $_REQUEST['id'] != 'new') {
$sql = "SELECT CATEGORY_ID,TITLE,TYPE,SELECT_OPTIONS,DEFAULT_SELECTION,SORT_ORDER,REQUIRED,REQUIRED,HIDE FROM school_custom_fields WHERE ID='{$_REQUEST['id']}'";
$RET = DBGet(DBQuery($sql));
$RET = $RET[1];
$title = $RET['TITLE'];
} elseif ($_REQUEST['id'] == 'new') {
$title = 'New School Field';
DBQuery($Sql_modify_column);
}
}
unset($_REQUEST['tables']);
}
if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'delete') {
if (clean_param($_REQUEST['id'], PARAM_INT)) {
if (DeletePromptCommon('user field')) {
$id = clean_param($_REQUEST['id'], PARAM_INT);
DBQuery('DELETE FROM staff_fields WHERE ID=\'' . $id . '\'');
DBQuery('ALTER TABLE staff DROP COLUMN CUSTOM_' . $id . '');
$_REQUEST['modfunc'] = '';
unset($_REQUEST['id']);
}
} elseif (clean_param($_REQUEST['category_id'], PARAM_INT)) {
if (DeletePromptCommon('' . _('user field category and all fields in the category') . '')) {
$fields = DBGet(DBQuery('SELECT ID FROM staff_fields WHERE CATEGORY_ID=\'' . $_REQUEST[category_id] . '\''));
foreach ($fields as $field) {
DBQuery('DELETE FROM staff_fields WHERE ID=\'' . $field[ID] . '\'');
DBQuery('ALTER TABLE staff DROP COLUMN CUSTOM_' . $field[ID] . '');
}
DBQuery('DELETE FROM staff_field_categories WHERE ID=\'' . $_REQUEST[category_id] . '\'');
// remove from profiles and permissions
DBQuery('DELETE FROM profile_exceptions WHERE MODNAME=\'Users/User/Student.php&category_id=' . $_REQUEST[category_id] . '\'');
DBQuery('DELETE FROM staff_exceptions WHERE MODNAME=\'Users/User.php&category_id=' . $_REQUEST[category_id] . '\'');
$_REQUEST['modfunc'] = '';
unset($_REQUEST['category_id']);
}
}
}
if (!$_REQUEST['modfunc']) {
$has_assigned_RET = DBGet(DBQuery('SELECT COUNT(*) AS TOTAL_ASSIGNED FROM attendance_period WHERE ATTENDANCE_CODE=\'' . optional_param('id', '', PARAM_INT) . '\''));
$has_assigned = $has_assigned_RET[1]['TOTAL_ASSIGNED'];
} else {
$has_assigned = 0;
}
if ($has_assigned > 0) {
UnableDeletePrompt('' . _('Cannot delete because attendance codes are associated.') . '');
} else {
if ($_REQUEST['id']) {
if (DeletePromptCommon('attendance code')) {
//DBQuery("DELETE FROM attendance_codes WHERE ID='$_REQUEST[id]'");
DBQuery('DELETE FROM attendance_codes WHERE ID=\'' . optional_param('id', '', PARAM_INT) . '\'');
unset($_REQUEST['modfunc']);
}
} elseif ($_REQUEST['table']) {
if (DeletePromptCommon('category')) {
DBQuery('DELETE FROM attendance_code_categories WHERE ID=\'' . $_REQUEST[table] . '\'');
unset($_REQUEST['modfunc']);
$_REQUEST['table'] = '0';
}
}
}
}
if ($_REQUEST['modfunc'] != 'remove') {
if ($_REQUEST['table'] !== 'new') {
// $sql = "SELECT ID,TITLE,SHORT_NAME,TYPE,DEFAULT_CODE,STATE_CODE,SORT_ORDER FROM attendance_codes WHERE SYEAR='".UserSyear()."' AND SCHOOL_ID='".UserSchool()."' AND TABLE_NAME='".$_REQUEST['table']."' ORDER BY SORT_ORDER,TITLE";
//$tabl=optional_param('table','',PARAM_ALPHANUM);
$sql = 'SELECT ID,TITLE,SHORT_NAME,TYPE,DEFAULT_CODE,STATE_CODE,SORT_ORDER,TABLE_NAME FROM attendance_codes WHERE SYEAR=\'' . UserSyear() . '\' AND SCHOOL_ID=\'' . UserSchool() . '\' AND TABLE_NAME=\'' . $_REQUEST['table'] . '\' ORDER BY SORT_ORDER,TITLE';
$QI = DBQuery($sql);
$attendance_codes_RET = DBGet($QI, array('TITLE' => '_makeTextInput', 'SHORT_NAME' => '_makeTextInput', 'SORT_ORDER' => '_makeTextInput', 'TYPE' => '_makeSelectInput', 'STATE_CODE' => '_makeSelectInput', 'DEFAULT_CODE' => '_makeCheckBoxInput'));
}
$staff_id = $_REQUEST['staff_id'];
} else {
$staff_id = UserStaffID();
}
//if(UserStudentID())
// echo '<IMG SRC=assets/pixel_trans.gif height=2>';
$RET = DBGet(DBQuery('SELECT FIRST_NAME,LAST_NAME FROM staff WHERE STAFF_ID=\'' . $staff_id . '\''));
$count_staff_RET = DBGet(DBQuery('SELECT COUNT(*) AS NUM FROM staff'));
if ($count_staff_RET[1]['NUM'] > 1) {
DrawHeaderHome('Selected User: '******'FIRST_NAME'] . ' ' . $RET[1]['LAST_NAME'] . ' (<A HREF=Side.php?staff_id=new&modcat=' . $_REQUEST['modcat'] . '><font color=red>Search Again</font></A>) | <A HREF=Modules.php?modname=' . $_REQUEST['modname'] . '&search_modfunc=list&next_modname=users/User.php&ajax=true&bottom_back=true&return_session=true target=body>Back to User List</A>');
} else {
DrawHeaderHome('Selected User: '******'FIRST_NAME'] . ' ' . $RET[1]['LAST_NAME'] . ' (<A HREF=Side.php?staff_id=new&modcat=' . $_REQUEST['modcat'] . '><font color=red>Search Again</font></A>)');
}
}
if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'delete' && AllowEdit()) {
if (DeletePromptCommon('student from that user', 'remove access to')) {
DBQuery('DELETE FROM students_join_users WHERE STUDENT_ID=\'' . $_REQUEST[student_id] . '\' AND STAFF_ID=\'' . UserStaffID() . '\'');
unset($_REQUEST['modfunc']);
}
}
if ($_REQUEST['modfunc'] != 'delete') {
if (!UserStaffID()) {
Search('staff_id', 'parent');
} else {
$profile = DBGet(DBQuery('SELECT PROFILE FROM staff WHERE STAFF_ID=\'' . UserStaffID() . '\''));
if ($profile[1]['PROFILE'] != 'parent') {
unset($_SESSION['staff_id']);
echo '<script language=JavaScript>parent.side.location="' . $_SESSION['Side_PHP_SELF'] . '?modcat="+parent.side.document.forms[0].modcat.value;</script>';
Search('staff_id', 'parent');
}
}
if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'delete_calendar') {
$colmn = Calender_Id;
$cal_title = paramlib_validation($colmn, $_REQUEST[calendar_id]);
$has_assigned_RET = DBGet(DBQuery('SELECT COUNT(*) AS TOTAL_ASSIGNED FROM student_enrollment WHERE CALENDAR_ID=' . $cal_title . ''));
$has_assigned = $has_assigned_RET[1]['TOTAL_ASSIGNED'];
if ($has_assigned == 0) {
$has_assigned_RET = DBGet(DBQuery('SELECT COUNT(*) AS TOTAL_ASSIGNED FROM course_periods WHERE CALENDAR_ID=' . $cal_title . ''));
$has_assigned_cp = $has_assigned_RET[1]['TOTAL_ASSIGNED'];
}
//$calendar_id = DBGet(DBQuery("SELECT ".db_seq_nextval('CALENDARS_SEQ')." AS CALENDAR_ID ".FROM_DUAL));
if ($has_assigned > 0) {
UnableDeletePrompt('Cannot delete because students are enrolled in this calendar.');
} elseif ($has_assigned_cp > 0) {
UnableDeletePrompt('Cannot delete because course periods are created on this calendar.');
} else {
if (DeletePromptCommon('calendar')) {
DBQuery('DELETE FROM attendance_calendar WHERE CALENDAR_ID=' . $cal_title . '');
DBQuery('DELETE FROM school_calendars WHERE CALENDAR_ID=' . $cal_title . '');
$default_RET = DBGet(DBQuery('SELECT CALENDAR_ID FROM school_calendars WHERE SYEAR=\'' . UserSyear() . '\' AND SCHOOL_ID=\'' . UserSchool() . '\' AND DEFAULT_CALENDAR=\'Y\''));
if (count($default_RET)) {
$_REQUEST['calendar_id'] = $default_RET[1]['CALENDAR_ID'];
} else {
$calendars_RET = DBGet(DBQuery('SELECT CALENDAR_ID FROM school_calendars WHERE SYEAR=\'' . UserSyear() . '\' AND SCHOOL_ID=\'' . UserSchool() . '\''));
if (count($calendars_RET)) {
$_REQUEST['calendar_id'] = $calendars_RET[1]['CALENDAR_ID'];
} else {
$error = array('There are no calendars yet setup.');
}
}
unset($_REQUEST['modfunc']);
unset($_SESSION['_REQUEST_vars']['modfunc']);
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
#***************************************************************************************
//$_openSIS['allow_edit'] = true;
include '../../../Redirect_includes.php';
include_once 'modules/Students/includes/functions.php';
if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'delete' && User('PROFILE') == 'admin') {
if (!$_REQUEST['delete_ok'] && !$_REQUEST['delete_cancel']) {
echo '</FORM>';
}
if (DeletePromptCommon($_REQUEST['title'])) {
DBQuery("DELETE FROM {$_REQUEST['table']} WHERE ID='{$_REQUEST['id']}'");
unset($_REQUEST['modfunc']);
}
}
if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'update') {
//$existing_RET = DBGet(DBQuery("SELECT STUDENT_ID FROM student_mp_comments WHERE STUDENT_ID='".UserStudentID()."' AND SYEAR='".UserSyear()."' AND MARKING_PERIOD_ID='".GetParentMP('SEM',UserMP())."'"));
//if(!$existing_RET)
// DBQuery("INSERT INTO student_mp_comments (SYEAR,STUDENT_ID,MARKING_PERIOD_ID) values('".UserSyear()."','".UserStudentID()."','".GetParentMP('SEM',UserMP())."')");
// SaveData(array('student_mp_comments'=>"STUDENT_ID='".UserStudentID()."' AND SYEAR='".UserSyear()."' AND MARKING_PERIOD_ID='".GetParentMP('SEM',UserMP())."'"),'',array('COMMENT'=>'Comment','STAFF_ID'=>UserStaffID()));
unset($_SESSION['_REQUEST_vars']['modfunc']);
unset($_SESSION['_REQUEST_vars']['values']);
}
if (!$_REQUEST['modfunc']) {
//$comments_RET = DBGet(DBQuery("SELECT COMMENT FROM student_mp_comments WHERE STUDENT_ID='".UserStudentID()."' AND SYEAR='".UserSyear()."' AND MARKING_PERIOD_ID='".GetParentMP('SEM',UserMP())."'"));
echo '<TABLE>';
UnableDeletePromptMod($msg, '', $queryString);
} else {
if ($_REQUEST['id']) {
if (DeletePromptCommon('student field')) {
$id = $_REQUEST['id'];
DBQuery("DELETE FROM custom_fields WHERE ID='{$id}'");
DBQuery("ALTER TABLE students DROP COLUMN CUSTOM_{$id}");
$_REQUEST['modfunc'] = '';
unset($_REQUEST['id']);
}
} elseif ($_REQUEST['category_id']) {
if ($deletable_category == FALSE) {
$msg = 'Cannot delete because student fields are associated.';
$queryString = 'category_id=' . $_REQUEST['category_id'];
UnableDeletePromptMod($msg, '', $queryString);
} elseif (DeletePromptCommon('student field category and all fields in the category')) {
$fields = DBGet(DBQuery("SELECT ID FROM custom_fields WHERE SYSTEM_FIELD='N' AND CATEGORY_ID='{$_REQUEST['category_id']}'"));
foreach ($fields as $field) {
DBQuery("DELETE FROM custom_fields WHERE ID='{$field['ID']}'");
DBQuery("ALTER TABLE students DROP COLUMN CUSTOM_{$field['ID']}");
}
DBQuery("DELETE FROM student_field_categories WHERE ID='{$_REQUEST['category_id']}'");
// remove from profiles and permissions
DBQuery("DELETE FROM profile_exceptions WHERE MODNAME='students/Student.php&category_id={$_REQUEST['category_id']}'");
$_REQUEST['modfunc'] = '';
unset($_REQUEST['category_id']);
}
}
}
}
if (!$_REQUEST['modfunc']) {
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
#***************************************************************************************
include '../../../RedirectIncludes.php';
include_once 'modules/students/includes/FunctionsInc.php';
if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'delete') {
if (User('PROFILE') == 'admin' || User('PROFILE') == 'teacher') {
if (!$_REQUEST['delete_ok'] && !$_REQUEST['delete_cancel']) {
echo '</FORM>';
}
if ($_REQUEST[staff_id] == User('STAFF_ID')) {
if (DeletePromptCommon('comment')) {
DBQuery("DELETE FROM {$_REQUEST['table']} WHERE ID='{$_REQUEST['id']}'");
unset($_REQUEST['modfunc']);
}
} else {
echo '<BR>';
PopTable('header', 'Alert Message');
echo "<CENTER><h4>You can not delete comment of another user.</h4><br><FORM action={$PHP_tmp_SELF} METHOD=POST><INPUT type=button class=btn_medium name=delete_cancel value=Ok onclick='window.location=\"Modules.php?modname=" . $_REQUEST['modname'] . "&category_id=" . $_REQUEST['category_id'] . "&table=" . $_REQUEST['table'] . "&include=" . $_REQUEST['include'] . "&subject_id=" . $_REQUEST['subject_id'] . "&course_id=" . $_REQUEST['course_id'] . "&course_period_id=" . $_REQUEST['course_period_id'] . "\"'></FORM></CENTER>";
PopTable('footer');
unset($_REQUEST['modfunc']);
return false;
}
}
}
if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'update') {
unset($_SESSION['_REQUEST_vars']['modfunc']);
