Shows admin page for a specific course to instructors. Shows admin page to add courses for admin. */ require_once "./database.php"; require_once "./session.php"; //if the user is not logged in, redirect them to the login page if (!Session::userLoggedIn()) { header("Location: login.php"); exit; } $token = Session::token(); if (isset($_GET['course'])) { //show the admin page for instructors //if the user does not have permission to see the admin page for the course then redirect them to the home page $course = $_GET['course']; $retrievedCourse = Database::getCoursebyID($course); if (!isset($retrievedCourse['id'])) { $message = urlencode("The course provided is not valid."); header("Location: error.php?error={$message}"); exit; } $user = Database::getUserId(Session::user()); $account = Database::getAccount($user, $course); if ($account === NULL || $account->canPromote() !== TRUE) { $message = urlencode("You do not have permission to add uploaders for this course."); header("Location: error.php?error={$message}"); exit; } $token = Session::token(); ?> <!doctype html>
require_once './database.php'; require_once "./session.php"; if (!isset($_GET['id'])) { $message = urlencode("Missing the course number."); header("Location: error.php?error={$message}"); exit; } //if the user is not logged in then redirect if (!Session::userLoggedIn()) { header("Location: login.php"); exit; } $token = Session::token(); $searchId = $_GET['id']; $retrievedCourse = Database::getCoursebyID($searchId); //if the id provided is not actually a valid course then redirect if (!isset($retrievedCourse['id'])) { $message = urlencode("The course provided does not exist"); header("Location: error.php?error={$message}"); exit; } $retrievedCourse['name']; $notes = Database::getNotesByCourse($searchId); ?> <!doctype html> <html> <head> <meta charset="utf-8"> <title>Arizona Notes</title>