$fp = fopen($_FILES["incident_report_attachment"]["tmp_name"][$i], "rb"); $content = fread($fp, $_FILES["incident_report_attachment"]["size"][$i]); fclose($fp); } $file = array("name" => $_FILES["incident_report_attachment"]["name"][$i], "size" => $_FILES["incident_report_attachment"]["size"][$i], "type" => $_FILES["incident_report_attachment"]["type"][$i], "incident_report_id" => $_POST['incident_report_id']); $ir->createIncidentReportFile($file, $content); $loggers['audit']->info("File added to incident report {$_POST['incident_report_id']} updated"); } if (ctype_digit($_GET['student_num'])) { header('Location: point-of-contact.php?student_num=' . $_GET['student_num']); exit; } header('Location: point-of-contact.php'); exit; } elseif ($_GET['page'] === "lock") { $poc->lockPointOfContact($_GET['id']); $loggers['audit']->info("Incident report {$_POST['incident_report_id']} locked"); if (ctype_digit($_GET['student_num'])) { header('Location: point-of-contact.php?student_num=' . $_GET['student_num']); exit; } header('Location: point-of-contact.php'); exit; } elseif ($_GET['page'] === "update-and-lock") { $poc->updatePointOfContact($_POST); $loggers['audit']->info("Specialist point of contact {$_POST['point_of_contact_id']} updated"); for ($i = 0, $numFiles = sizeof($_FILES["point_of_contact_attachment"]["name"]) - 1; $i < $numFiles; $i++) { if (in_array($_FILES["point_of_contact_attachment"]["type"][$i], $allowedFileTypes, true)) { $fp = fopen($_FILES["point_of_contact_attachment"]["tmp_name"][$i], "rb"); $content = fread($fp, $_FILES["point_of_contact_attachment"]["size"][$i]); fclose($fp);
$fp = fopen($_FILES["point_of_contact_attachment"]["tmp_name"][$i], "rb"); $content = fread($fp, $_FILES["point_of_contact_attachment"]["size"][$i]); fclose($fp); } $file = array("name" => $_FILES["point_of_contact_attachment"]["name"][$i], "size" => $_FILES["point_of_contact_attachment"]["size"][$i], "type" => $_FILES["point_of_contact_attachment"]["type"][$i], "point_of_contact_id" => $_POST['point_of_contact_id']); $poc->createPointOfContactFile($file, $content); $loggers['audit']->info("File added to counselling point of contact {$_POST['point_of_contact_id']}"); } if (ctype_digit($_GET['student_num'])) { header('Location: point-of-contact.php?student_num=' . $_GET['student_num']); } else { header('Location: point-of-contact.php'); } die; } elseif ($_GET['page'] === "lock") { $poc->lockPointOfContact($_GET['id']); $loggers['audit']->info("Counselling point of contact {$_GET['id']} locked"); if (ctype_digit($_GET['student_num'])) { header('Location: point-of-contact.php?student_num=' . $_GET['student_num']); } else { header('Location: point-of-contact.php'); } die; } elseif ($_GET['page'] === "fetch") { $point_of_contact = $poc->fetchPointOfContact($_GET['id']); $point_of_contact["files"] = $poc->fetchAllPointOfContactFiles($_GET["id"]); header('Content-Type: application/json; charset=utf-8'); echo json_encode($point_of_contact); exit; } elseif ($_GET['page'] === "get-attachment") { $file = $poc->fetchPointOfContactFile($_GET['file_id']);