$search = $_GET['search']; } $filter2 = null; if (isset($_GET['filter2'])) { $filter2 = $_GET['filter2']; } $visualAssessmentGuideID = $_POST['visualAssessmentGuideID']; $URL = $_SESSION[$guid]['absoluteURL'] . '/index.php?q=/modules/' . getModuleName($_POST['address']) . "/guides_manage_delete.php&visualAssessmentGuideID={$visualAssessmentGuideID}&search={$search}&filter2={$filter2}"; $URLDelete = $_SESSION[$guid]['absoluteURL'] . '/index.php?q=/modules/' . getModuleName($_POST['address']) . "/guides_manage.php&search={$search}&filter2={$filter2}"; if (isActionAccessible($guid, $connection2, '/modules/Visual Assessment/guides_manage_delete.php') == false) { //Fail 0 $URL .= '&return=error0'; header("Location: {$URL}"); } else { //Get action with highest precendence $highestAction = getHighestGroupedAction($guid, $_POST['address'], $connection2); if ($highestAction == false) { //Fail2 $URL .= '&return=error2'; header("Location: {$URL}"); } else { if ($highestAction != 'Manage Assessment Guides_all' and $highestAction != 'Manage Assessment Guides_myDepartments') { //Fail 0 $URL .= '&return=error0'; header("Location: {$URL}"); } else { //Proceed! if ($visualAssessmentGuideID == '') { //Fail1 $URL .= '&return=error1'; header("Location: {$URL}");
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ @session_start(); if (isActionAccessible($guid, $connection2, "/modules/Planner/outcomes_import.php") == FALSE) { //Acess denied print "<div class='error'>"; print _("You do not have access to this action."); print "</div>"; } else { //Check access based on privileges in Manage Outcomes $permission = FALSE; $highestAction = getHighestGroupedAction($guid, "/modules/Planner/outcomes.php", $connection2); if ($highestAction == "Manage Outcomes_viewAllEditLearningArea") { $permission = "Learning Area"; } else { if ($highestAction == "Manage Outcomes_viewEditAll") { $permission = "School"; } } if ($permission != "Learning Area" and $permission != "School") { //Acess denied due to privileges in Manage Outcomes print "<div class='error'>"; print _("You do not have access to this action."); print "</div>"; } else { //Proceed! print "<div class='trail'>";
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ @session_start(); //Module includes include "./modules/" . $_SESSION[$guid]["module"] . "/moduleFunctions.php"; if (isActionAccessible($guid, $connection2, "/modules/Markbook/markbook_edit_targets.php") == FALSE) { //Acess denied print "<div class='error'>"; print _("You do not have access to this action."); print "</div>"; } else { $highestAction = getHighestGroupedAction($guid, $_GET["q"], $connection2); if ($highestAction == FALSE) { print "<div class='error'>"; print _("The highest grouped action cannot be determined."); print "</div>"; } else { //Check if school year specified $gibbonCourseClassID = $_GET["gibbonCourseClassID"]; if ($gibbonCourseClassID == "") { print "<div class='error'>"; print _("You have not specified one or more required parameters."); print "</div>"; } else { try { if ($highestAction == "Edit Markbook_everything") { $data = array("gibbonCourseClassID" => $gibbonCourseClassID);
$gibbonYearGroupID = NULL; if (isset($_GET["gibbonYearGroupID"])) { $gibbonYearGroupID = $_GET["gibbonYearGroupID"]; } $allowUpload = $_GET["allowUpload"]; $alpha = NULL; if (isset($_GET["alpha"])) { $alpha = $_GET["alpha"]; } if (isActionAccessible($guid, $connection2, "/modules/Resources/resources_manage_add.php") == FALSE) { //Acess denied $output .= "<div class='error'>"; $output .= _("Your request failed because you do not have access to this action."); $output .= "</div>"; } else { $highestAction = getHighestGroupedAction($guid, "/modules/Resources/resources_manage.php", $connection2); if ($highestAction == FALSE) { $output .= "<div class='error'>"; $output .= _("The highest grouped action cannot be determined."); $output .= "</div>"; } else { $output .= "<script type='text/javascript'>"; $output .= "\$(document).ready(function() {"; $output .= "var options={"; $output .= "success: function(response) {"; $output .= "tinymce.execCommand(\"mceFocus\",false,\"{$id}\"); tinyMCE.execCommand(\"mceInsertContent\", 0, response); formReset(); \$(\"." . $id . "resourceAddSlider\").slideUp();"; $output .= "}, "; $output .= "url: '" . $_SESSION[$guid]["absoluteURL"] . "/modules/Resources/resources_add_ajaxProcess.php',"; $output .= "type: 'POST'"; $output .= "};"; $output .= "\$('#" . $id . "ajaxForm').submit(function() {";
} if ($entryCount < 1) { print "<div class='error'>"; print _("There are no records to display."); print "</div>"; } } } } else { if ($subpage == "Internal Assessment") { if (isActionAccessible($guid, $connection2, "/modules/Formal Assessment/internalAssessment_view.php") == FALSE) { print "<div class='error'>"; print _("Your request failed because you do not have access to this action."); print "</div>"; } else { $highestAction = getHighestGroupedAction($guid, "/modules/Formal Assessment/internalAssessment_view.php", $connection2); if ($highestAction == FALSE) { print "<div class='error'>"; print _("The highest grouped action cannot be determined."); print "</div>"; } else { //Module includes include "./modules/Formal Assessment/moduleFunctions.php"; if ($highestAction == "View Internal Assessments_all") { print getInternalAssessmentRecord($guid, $connection2, $gibbonPersonID); } else { if ($highestAction == "View Internal Assessments_myChildrens") { print getInternalAssessmentRecord($guid, $connection2, $gibbonPersonID, "parent"); } } }
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ @session_start(); //Module includes include "./modules/" . $_SESSION[$guid]["module"] . "/moduleFunctions.php"; if (isActionAccessible($guid, $connection2, "/modules/Finance/expenses_manage_print.php") == FALSE) { //Acess denied print "<div class='error'>"; print _("You do not have access to this action."); print "</div>"; } else { $highestAction = getHighestGroupedAction($guid, "/modules/Finance/expenses_manage_print.php", $connection2); if ($highestAction == FALSE) { print "<div class='error'>"; print _("The highest grouped action cannot be determined."); print "</div>"; } else { //Proceed! if (isset($_GET["approveReturn"])) { $approveReturn = $_GET["approveReturn"]; } else { $approveReturn = ""; } $approveReturnMessage = ""; $class = "error"; if (!($approveReturn == "")) { if ($approveReturn == "fail0") {
//Set timezone from session variable date_default_timezone_set($_SESSION[$guid]["timezone"]); $gibbonSchoolYearID = $_GET["gibbonSchoolYearID"]; $gibbonCourseID = $_GET["gibbonCourseID"]; $gibbonCourseClassID = $_GET["gibbonCourseClassID"]; $gibbonUnitID = $_GET["gibbonUnitID"]; $gibbonUnitBlockID = $_GET["gibbonUnitBlockID"]; $gibbonUnitClassBlockID = $_GET["gibbonUnitClassBlockID"]; $gibbonUnitClassID = $_GET["gibbonUnitClassID"]; $URL = $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/Planner/units_edit_working_copyback.php&gibbonSchoolYearID={$gibbonSchoolYearID}&gibbonCourseID={$gibbonCourseID}&gibbonCourseClassID={$gibbonCourseClassID}&gibbonUnitID={$gibbonUnitID}&gibbonUnitBlockID={$gibbonUnitBlockID}&gibbonUnitClassBlockID={$gibbonUnitClassBlockID}&gibbonUnitClassID={$gibbonUnitClassID}"; if (isActionAccessible($guid, $connection2, "/modules/Planner/units_edit_working_copyback.php") == FALSE) { //Fail 0 $URL .= "©Return=fail0"; header("Location: {$URL}"); } else { $highestAction = getHighestGroupedAction($guid, "/modules/Planner/units_edit_working_copyback.php", $connection2); if ($highestAction == FALSE) { //Fail 0 $URL .= "©Return=fail0"; header("Location: {$URL}"); } else { //Proceed! //Validate Inputs if ($gibbonSchoolYearID == "" or $gibbonCourseID == "" or $gibbonUnitID == "" or $gibbonCourseClassID == "" or $gibbonUnitClassID == "") { //Fail 3 $URL .= "©Return=fail3"; header("Location: {$URL}"); } else { //Check access to specified course try { if ($highestAction == "Unit Planner_all") {
@session_start(); //Module includes include $_SESSION[$guid]["absolutePath"] . "/modules/Activities/moduleFunctions.php"; //Set timezone from session variable date_default_timezone_set($_SESSION[$guid]["timezone"]); $mode = $_POST["mode"]; $gibbonActivityID = $_POST["gibbonActivityID"]; $gibbonPersonID = $_POST["gibbonPersonID"]; $URL = $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_POST["address"]) . "/activities_view_register.php&gibbonActivityID={$gibbonActivityID}&gibbonPersonID={$gibbonPersonID}&mode={$mode}&search=" . $_GET["search"]; $URLSuccess = $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_POST["address"]) . "/activities_view.php&gibbonPersonID={$gibbonPersonID}&search=" . $_GET["search"]; if (isActionAccessible($guid, $connection2, "/modules/Activities/activities_view_register.php") == FALSE) { //Fail 0 $URL .= "&updateReturn=fail0"; header("Location: {$URL}"); } else { $highestAction = getHighestGroupedAction($guid, "/modules/Activities/activities_view_register.php", $connection2); if ($highestAction == FALSE) { //Fail 0 $URL .= "&updateReturn=fail0"; header("Location: {$URL}"); } else { //Get current role category $roleCategory = getRoleCategory($_SESSION[$guid]["gibbonRoleIDCurrent"], $connection2); //Check access controls $access = getSettingByScope($connection2, "Activities", "access"); if ($access != "Register") { //Fail0 $URL .= "&updateReturn=fail0"; header("Location: {$URL}"); } else { //Proceed!
function getAlertBar($guid, $connection2, $gibbonPersonID, $privacy = "", $divExtras = "", $div = TRUE, $large = FALSE) { $output = ""; $width = "14"; $height = "13"; $fontSize = "12"; $totalHeight = "16"; if ($large) { $width = "42"; $height = "35"; $fontSize = "39"; $totalHeight = "45"; } $highestAction = getHighestGroupedAction($guid, "/modules/Students/student_view_details.php", $connection2); if ($highestAction == "View Student Profile_full") { if ($div == TRUE) { $output .= "<div {$divExtras} style='width: 83px; text-align: right; height: " . $totalHeight . "px; padding: 3px 0px; margin: auto'><b>"; } //Individual Needs try { $dataAlert = array("gibbonPersonID" => $gibbonPersonID); $sqlAlert = "SELECT * FROM gibbonINPersonDescriptor JOIN gibbonAlertLevel ON (gibbonINPersonDescriptor.gibbonAlertLevelID=gibbonAlertLevel.gibbonAlertLevelID) WHERE gibbonPersonID=:gibbonPersonID ORDER BY sequenceNumber DESC"; $resultAlert = $connection2->prepare($sqlAlert); $resultAlert->execute($dataAlert); } catch (PDOException $e) { } if ($resultAlert->rowCount() > 0) { $rowAlert = $resultAlert->fetch(); $highestLevel = _($rowAlert["name"]); $highestColour = $rowAlert["color"]; $highestColourBG = $rowAlert["colorBG"]; if ($resultAlert->rowCount() == 1) { $title = $resultAlert->rowCount() . " " . sprintf(_('Individual Needs alert is set, with an alert level of %1$s.'), $rowAlert["name"]); } else { $title = $resultAlert->rowCount() . " " . sprintf(_('Individual Needs alerts are set, up to a maximum alert level of %1$s.'), $rowAlert["name"]); } $output .= "<a style='font-size: " . $fontSize . "px; color: #" . $highestColour . "; text-decoration: none' href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/Students/student_view_details.php&gibbonPersonID=" . $gibbonPersonID . "&subpage=Individual Needs'><div title='{$title}' style='float: right; text-align: center; vertical-align: middle; max-height: " . $height . "px; height: " . $height . "px; width: " . $width . "px; border-top: 2px solid #" . $highestColour . "; margin-right: 2px; background-color: #" . $highestColourBG . "'>" . _('IN') . "</div></a>"; } //Academic $gibbonAlertLevelID = ""; try { $dataAlert = array("gibbonPersonIDStudent" => $gibbonPersonID, "gibbonSchoolYearID" => $_SESSION[$guid]["gibbonSchoolYearID"]); $sqlAlert = "SELECT * FROM gibbonMarkbookEntry JOIN gibbonMarkbookColumn ON (gibbonMarkbookEntry.gibbonMarkbookColumnID=gibbonMarkbookColumn.gibbonMarkbookColumnID) JOIN gibbonCourseClass ON (gibbonMarkbookColumn.gibbonCourseClassID=gibbonCourseClass.gibbonCourseClassID) JOIN gibbonCourse ON (gibbonCourseClass.gibbonCourseID=gibbonCourse.gibbonCourseID) WHERE gibbonPersonIDStudent=:gibbonPersonIDStudent AND (attainmentConcern='Y' OR effortConcern='Y') AND complete='Y' AND gibbonSchoolYearID=:gibbonSchoolYearID"; $resultAlert = $connection2->prepare($sqlAlert); $resultAlert->execute($dataAlert); } catch (PDOException $e) { $_SESSION[$guid]["sidebarExtra"] .= "<div class='error'>" . $e->getMessage() . "</div>"; } if ($resultAlert->rowCount() > 1 and $resultAlert->rowCount() <= 4) { $gibbonAlertLevelID = 03; } else { if ($resultAlert->rowCount() > 4 and $resultAlert->rowCount() <= 8) { $gibbonAlertLevelID = 02; } else { if ($resultAlert->rowCount() > 8) { $gibbonAlertLevelID = 01; } } } if ($gibbonAlertLevelID != "") { $alert = getAlert($connection2, $gibbonAlertLevelID); if ($alert != FALSE) { $title = sprintf(_('Student has a %1$s alert for academic concern in the current academic year.'), _($alert["name"])); $output .= "<a style='font-size: " . $fontSize . "px; color: #" . $alert["color"] . "; text-decoration: none' href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/Students/student_view_details.php&gibbonPersonID=" . $gibbonPersonID . "&subpage=Markbook&filter=" . $_SESSION[$guid]["gibbonSchoolYearID"] . "'><div title='{$title}' style='float: right; text-align: center; vertical-align: middle; max-height: " . $height . "px; height: " . $height . "px; width: " . $width . "px; border-top: 2px solid #" . $alert["color"] . "; margin-right: 2px; background-color: #" . $alert["colorBG"] . "'>" . _('A') . "</div></a>"; } } //Behaviour $gibbonAlertLevelID = ""; try { $dataAlert = array("gibbonPersonID" => $gibbonPersonID); $sqlAlert = "SELECT * FROM gibbonBehaviour WHERE gibbonPersonID=:gibbonPersonID AND type='Negative' AND date>'" . date("Y-m-d", time() - 24 * 60 * 60 * 60) . "'"; $resultAlert = $connection2->prepare($sqlAlert); $resultAlert->execute($dataAlert); } catch (PDOException $e) { $_SESSION[$guid]["sidebarExtra"] .= "<div class='error'>" . $e->getMessage() . "</div>"; } if ($resultAlert->rowCount() > 1 and $resultAlert->rowCount() <= 4) { $gibbonAlertLevelID = 03; } else { if ($resultAlert->rowCount() > 4 and $resultAlert->rowCount() <= 8) { $gibbonAlertLevelID = 02; } else { if ($resultAlert->rowCount() > 8) { $gibbonAlertLevelID = 01; } } } if ($gibbonAlertLevelID != "") { $alert = getAlert($connection2, $gibbonAlertLevelID); if ($alert != FALSE) { $title = sprintf(_('Student has a %1$s alert for behaviour over the past 60 days.'), _($alert["name"])); $output .= "<a style='font-size: " . $fontSize . "px; color: #" . $alert["color"] . "; text-decoration: none' href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/Students/student_view_details.php&gibbonPersonID=" . $gibbonPersonID . "&subpage=Behaviour'><div title='{$title}' style='float: right; text-align: center; vertical-align: middle; max-height: " . $height . "px; height: " . $height . "px; width: " . $width . "px; border-top: 2px solid #" . $alert["color"] . "; margin-right: 2px; background-color: #" . $alert["colorBG"] . "'>" . _('B') . "</div></a>"; } } //Medical $alert = getHighestMedicalRisk($gibbonPersonID, $connection2); if ($alert != FALSE) { $highestLevel = $alert[1]; $highestColour = $alert[3]; $highestColourBG = $alert[4]; $title = sprintf(_('Medical alerts are set, up to a maximum of %1$s'), $highestLevel); $output .= "<a style='font-size: " . $fontSize . "px; color: #" . $highestColour . "; text-decoration: none' href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/Students/student_view_details.php&gibbonPersonID=" . $gibbonPersonID . "&subpage=Medical'><div title='{$title}' style='float: right; text-align: center; vertical-align: middle; max-height: " . $height . "px; height: " . $height . "px; width: " . $width . "px; border-top: 2px solid #" . $highestColour . "; margin-right: 2px; background-color: #" . $highestColourBG . "'><b>" . _('M') . "</b></div></a>"; } //Privacy $privacySetting = getSettingByScope($connection2, "User Admin", "privacy"); if ($privacySetting == "Y" and $privacy != "") { $alert = getAlert($connection2, 01); $title = sprintf(_('Privacy is required: %1$s'), $privacy); $output .= "<div title='{$title}' style='font-size: " . $fontSize . "px; float: right; text-align: center; vertical-align: middle; max-height: " . $height . "px; height: " . $height . "px; width: " . $width . "px; border-top: 2px solid #" . $alert["color"] . "; margin-right: 2px; color: #" . $alert["color"] . "; background-color: #" . $alert["colorBG"] . "'>" . _('P') . "</div>"; } if ($div == TRUE) { $output .= "</div>"; } } return $output; }
} $count++; } if ($count % $columns != 0) { for ($i = 0; $i < $columns - $count % $columns; $i++) { print "<td></td>"; } print "</tr>"; } print "</table>"; } } else { if ($subpage == "Participants") { print "<div class='linkTop'>"; print "<a href='index.php?q=/modules/Departments/department_course_class.php&gibbonDepartmentID={$gibbonDepartmentID}&gibbonCourseID={$gibbonCourseID}&gibbonCourseClassID={$gibbonCourseClassID}&subpage=Home'>" . $row["course"] . "." . $row["class"] . " " . _('Home') . "</b></a>"; if (getHighestGroupedAction($guid, "/modules/Students/student_view_details.php", $connection2) == "View Student Profile_full") { print " | "; print "<a href='" . $_SESSION[$guid]["absoluteURL"] . "/modules/" . $_SESSION[$guid]["module"] . "/department_course_classExport.php?gibbonCourseClassID={$gibbonCourseClassID}&address=" . $_GET["q"] . "'>" . _("Export") . " <img title='" . _('Export to Excel') . "' src='./themes/" . $_SESSION[$guid]["gibbonThemeName"] . "/img/download.png'/></a>"; } print "</div>"; try { $data = array("gibbonCourseClassID" => $gibbonCourseClassID); $sql = "SELECT gibbonCourseClassID, gibbonCourse.nameShort AS courseName, gibbonCourseClass.nameShort AS className FROM gibbonCourse JOIN gibbonCourseClass ON (gibbonCourse.gibbonCourseID=gibbonCourseClass.gibbonCourseID) WHERE gibbonCourseClassID=:gibbonCourseClassID ORDER BY gibbonCourse.name, gibbonCourseClass.name"; $result = $connection2->prepare($sql); $result->execute($data); } catch (PDOException $e) { print "<div class='error'>" . $e->getMessage() . "</div>"; } if ($result->rowCount() < 1) { print "<div class='error'>"; print _("The specified record does not exist.");
function getCARole($guid, $connection2, $gibbonCourseClassID) { $role = ""; //Determine roll $highestAction = getHighestGroupedAction($guid, "/modules/Students/student_view.php", $connection2); if ($highestAction == "View Student Profile_myChildren") { $role = "Parent"; $childInClass = FALSE; //Is child of this perosn in this class? $count = 0; $children = array(); try { $dataParent = array("gibbonPersonID" => $_SESSION[$guid]["gibbonPersonID"]); $sqlParent = "SELECT * FROM gibbonFamilyAdult WHERE gibbonPersonID=:gibbonPersonID AND childDataAccess='Y'"; $resultParent = $connection2->prepare($sqlParent); $resultParent->execute($dataParent); } catch (PDOException $e) { } if ($resultParent->rowCount() > 0) { //Get child list for family while ($rowParent = $resultParent->fetch()) { try { $dataChild = array("gibbonFamilyID" => $rowParent["gibbonFamilyID"]); $sqlChild = "SELECT gibbonPerson.gibbonPersonID, image_75, surname, preferredName, gibbonYearGroup.nameShort AS yearGroup, gibbonRollGroup.nameShort AS rollGroup FROM gibbonFamilyChild JOIN gibbonPerson ON (gibbonFamilyChild.gibbonPersonID=gibbonPerson.gibbonPersonID) JOIN gibbonStudentEnrolment ON (gibbonPerson.gibbonPersonID=gibbonStudentEnrolment.gibbonPersonID) JOIN gibbonYearGroup ON (gibbonStudentEnrolment.gibbonYearGroupID=gibbonYearGroup.gibbonYearGroupID) JOIN gibbonRollGroup ON (gibbonStudentEnrolment.gibbonRollGroupID=gibbonRollGroup.gibbonRollGroupID) WHERE gibbonFamilyID=:gibbonFamilyID AND gibbonPerson.status='Full' AND (dateStart IS NULL OR dateStart<='" . date("Y-m-d") . "') AND (dateEnd IS NULL OR dateEnd>='" . date("Y-m-d") . "') ORDER BY surname, preferredName "; $resultChild = $connection2->prepare($sqlChild); $resultChild->execute($dataChild); } catch (PDOException $e) { } while ($rowChild = $resultChild->fetch()) { try { $dataInClass = array("gibbonCourseClassID" => $gibbonCourseClassID, "gibbonPersonID" => $rowChild["gibbonPersonID"]); $sqlInClass = "SELECT * FROM gibbonCourseClassPerson WHERE gibbonCourseClassID=:gibbonCourseClassID AND gibbonPersonID=:gibbonPersonID AND role='Student'"; $resultInClass = $connection2->prepare($sqlInClass); $resultInClass->execute($dataInClass); } catch (PDOException $e) { } if ($resultInClass->rowCount() == 1) { $childInClass = TRUE; $rowInClass = $resultInClass->fetch(); $children[$count] = $rowInClass["gibbonPersonID"]; $count++; } } } } if ($childInClass == TRUE) { $role = "Parent - Child In Class"; } } else { //Check if in staff table as teacher try { $dataTeacher = array("gibbonPersonID" => $_SESSION[$guid]["gibbonPersonID"]); $sqlTeacher = "SELECT * FROM gibbonStaff WHERE gibbonPersonID=:gibbonPersonID AND type='Teaching'"; $resultTeacher = $connection2->prepare($sqlTeacher); $resultTeacher->execute($dataTeacher); } catch (PDOException $e) { } if ($resultTeacher->rowCount() == 1) { $role = "Teacher"; try { $dataRole = array("gibbonCourseClassID" => $gibbonCourseClassID, "gibbonPersonID" => $_SESSION[$guid]["gibbonPersonID"]); $sqlRole = "SELECT * FROM gibbonCourseClassPerson WHERE gibbonCourseClassID=:gibbonCourseClassID AND gibbonPersonID=:gibbonPersonID AND role='Teacher'"; $resultRole = $connection2->prepare($sqlRole); $resultRole->execute($dataRole); } catch (PDOException $e) { } if ($resultRole->rowCount() == 1) { $role = "Teacher - In Class"; } } //Check if student try { $dataStudent = array("gibbonPersonID" => $_SESSION[$guid]["gibbonPersonID"], "gibbonSchoolYearID" => $_SESSION[$guid]["gibbonSchoolYearID"]); $sqlStudent = "SELECT * FROM gibbonStudentEnrolment WHERE gibbonPersonID=:gibbonPersonID AND gibbonSchoolYearID=:gibbonSchoolYearID"; $resultStudent = $connection2->prepare($sqlStudent); $resultStudent->execute($dataStudent); } catch (PDOException $e) { } if ($resultStudent->rowCount() == 1) { $role = "Student"; try { $dataRole = array("gibbonCourseClassID" => $gibbonCourseClassID, "gibbonPersonID" => $_SESSION[$guid]["gibbonPersonID"]); $sqlRole = "SELECT * FROM gibbonCourseClassPerson WHERE gibbonCourseClassID=:gibbonCourseClassID AND gibbonPersonID=:gibbonPersonID AND role='Student'"; $resultRole = $connection2->prepare($sqlRole); $resultRole->execute($dataRole); } catch (PDOException $e) { } if ($resultRole->rowCount() == 1) { $role = "Student - In Class"; } } } return $role; }
function sidebarExtraUnits($guid, $connection2, $gibbonCourseID, $gibbonSchoolYearID) { $output = ""; $highestAction = getHighestGroupedAction($guid, $_GET["q"], $connection2); if ($highestAction == FALSE) { $output = "<div class='error'>"; $output .= _("The highest grouped action cannot be determined."); $output .= "</div>"; } else { //Show class picker in sidebar $output .= "<h2>"; $output .= _("Choose A Course"); $output .= "</h2>"; $selectCount = 0; $output .= "<form method='get' action='" . $_SESSION[$guid]["absoluteURL"] . "/index.php'>"; $output .= "<table class='mini' cellspacing='0' style='width: 100%; margin: 0px 0px'>"; $output .= "<tr>"; $output .= "<td style='width: 190px'>"; $output .= "<input name='q' id='q' type='hidden' value='/modules/Planner/units.php'>"; $output .= "<input name='gibbonSchoolYearID' id='gibbonSchoolYearID' type='hidden' value='{$gibbonSchoolYearID}'>"; $output .= "<select name='gibbonCourseID' id='gibbonCourseID' style='width:161px'>"; $output .= "<option value=''></option>"; try { if ($highestAction == "Unit Planner_all") { $dataSelect = array("gibbonSchoolYearID" => $gibbonSchoolYearID); $sqlSelect = "SELECT gibbonCourse.nameShort AS course, gibbonSchoolYear.name AS year, gibbonCourseID FROM gibbonCourse JOIN gibbonSchoolYear ON (gibbonCourse.gibbonSchoolYearID=gibbonSchoolYear.gibbonSchoolYearID) WHERE gibbonCourse.gibbonSchoolYearID=:gibbonSchoolYearID ORDER BY nameShort"; } else { if ($highestAction == "Unit Planner_learningAreas") { $dataSelect = array("gibbonSchoolYearID" => $gibbonSchoolYearID, "gibbonPersonID" => $_SESSION[$guid]["gibbonPersonID"]); $sqlSelect = "SELECT gibbonCourse.nameShort AS course, gibbonSchoolYear.name AS year, gibbonCourseID FROM gibbonCourse JOIN gibbonSchoolYear ON (gibbonCourse.gibbonSchoolYearID=gibbonSchoolYear.gibbonSchoolYearID) JOIN gibbonDepartment ON (gibbonCourse.gibbonDepartmentID=gibbonDepartment.gibbonDepartmentID) JOIN gibbonDepartmentStaff ON (gibbonDepartmentStaff.gibbonDepartmentID=gibbonDepartment.gibbonDepartmentID) WHERE gibbonDepartmentStaff.gibbonPersonID=:gibbonPersonID AND (role='Coordinator' OR role='Assistant Coordinator' OR role='Teacher (Curriculum)') AND gibbonCourse.gibbonSchoolYearID=:gibbonSchoolYearID ORDER BY gibbonCourse.nameShort"; } } $resultSelect = $connection2->prepare($sqlSelect); $resultSelect->execute($dataSelect); } catch (PDOException $e) { } while ($rowSelect = $resultSelect->fetch()) { $selected = ""; if ($rowSelect["gibbonCourseID"] == $gibbonCourseID) { $selected = "selected"; $selectCount++; } $output .= "<option {$selected} value='" . $rowSelect["gibbonCourseID"] . "'>" . htmlPrep($rowSelect["course"]) . " (" . htmlPrep($rowSelect["year"]) . ")</option>"; } $output .= "</select>"; $output .= "</td>"; $output .= "<td class='right'>"; $output .= "<input type='submit' value='" . _('Go') . "'>"; $output .= "</td>"; $output .= "</tr>"; $output .= "</table>"; $output .= "</form>"; } $_SESSION[$guid]["sidebarExtraPosition"] = "bottom"; return $output; }
} if ($result->rowCount() != 1) { print "<h1>"; print _("Edit Markbook"); print "</h1>"; print "<div class='error'>"; print _("The selected record does not exist, or you do not have access to it."); print "</div>"; } else { $row = $result->fetch(); print "<div class='trail'>"; print "<div class='trailHead'><a href='" . $_SESSION[$guid]["absoluteURL"] . "'>" . _("Home") . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/" . getModuleEntry($_GET["q"], $connection2, $guid) . "'>" . _(getModuleName($_GET["q"])) . "</a> > </div><div class='trailEnd'>" . _('Edit') . " " . $row["course"] . "." . $row["class"] . " " . _('Markbook') . "</div>"; print "</div>"; //Add multiple columns if (isActionAccessible($guid, $connection2, "/modules/Markbook/markbook_edit.php")) { $highestAction2 = getHighestGroupedAction($guid, "/modules/Markbook/markbook_edit.php", $connection2); if ($highestAction2 == "Edit Markbook_multipleClassesAcrossSchool" or $highestAction2 == "Edit Markbook_multipleClassesInDepartment" or $highestAction2 == "Edit Markbook_everything") { //Check highest role in any department try { $dataRole = array("gibbonPersonID" => $_SESSION[$guid]["gibbonPersonID"]); $sqlRole = "SELECT role FROM gibbonDepartmentStaff WHERE gibbonPersonID=:gibbonPersonID AND (role='Coordinator' OR role='Assistant Coordinator' OR role='Teacher (Curriculum)')"; $resultRole = $connection2->prepare($sqlRole); $resultRole->execute($dataRole); } catch (PDOException $e) { } if ($resultRole->rowCount() >= 1 or $highestAction2 == "Edit Markbook_multipleClassesAcrossSchool" or $highestAction2 == "Edit Markbook_everything") { print "<div class='linkTop'>"; print "<a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . $_SESSION[$guid]["module"] . "/markbook_edit_addMulti.php&gibbonCourseClassID={$gibbonCourseClassID}'>" . _('Add Multiple Columns') . "<img style='margin-left: 5px' title='" . _('Add Multiple Columns') . "' src='./themes/" . $_SESSION[$guid]["gibbonThemeName"] . "/img/page_new_multi.png'/></a>"; print "</div>"; } }
//New PDO DB connection try { $connection2 = new PDO("mysql:host={$databaseServer};dbname={$databaseName};charset=utf8", $databaseUsername, $databasePassword); $connection2->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $connection2->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); } catch (PDOException $e) { echo $e->getMessage(); } @session_start(); //Module includes include "./moduleFunctions.php"; //Set timezone from session variable date_default_timezone_set($_SESSION[$guid]["timezone"]); $gibbonCourseClassID = $_GET["gibbonCourseClassID"]; $URL = $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["address"]) . "/department_course_class.php&gibbonCourseClassID={$gibbonCourseClassID}"; if (isActionAccessible($guid, $connection2, "/modules/Departments/department_course_class.php") == FALSE or getHighestGroupedAction($guid, "/modules/Students/student_view_details.php", $connection2) != "View Student Profile_full") { //Fail 0 $URL .= "&exportReturn=fail0"; header("Location: {$URL}"); } else { if ($gibbonCourseClassID == "") { //Fail 1 $URL .= "&exportReturn=fail1"; header("Location: {$URL}"); } else { try { $data = array("gibbonCourseClassID" => $gibbonCourseClassID); $sql = "SELECT gibbonCourseClassID, gibbonCourse.nameShort AS courseName, gibbonCourseClass.nameShort AS className FROM gibbonCourse JOIN gibbonCourseClass ON (gibbonCourse.gibbonCourseID=gibbonCourseClass.gibbonCourseID) WHERE gibbonCourseClassID=:gibbonCourseClassID ORDER BY gibbonCourse.name, gibbonCourseClass.name"; $result = $connection2->prepare($sql); $result->execute($data); } catch (PDOException $e) {