$_REQUEST['newsnummer'] = $newsnummer = validate($_POST['newsnummer'], 'integer', '0'); // $dbConn->log('POST '.$newsnummer); } else { unset($_POST['newsnummer']); unset($_REQUEST['newsnummer']); unset($_GET['newsnummer']); } } $searchname = ''; $studentPicker = new StudentPicker($dbConn, $newsnummer, 'Search and select participant to add.'); if (isset($_REQUEST['searchname'])) { if (!preg_match('/;/', $_REQUEST['searchname'])) { $searchname = $_REQUEST['searchname']; $studentPicker->setSearchString($searchname); if (!isset($_REQUEST['newsnummer'])) { $newsnummer = $studentPicker->findStudentNumber(); } } else { $searchname = ''; } $_SESSION['searchname'] = $searchname; } else { $_SESSION['searchname'] = $searchname; $studentPicker->setSearchString($_SESSION['searchname']); } $_SESSION['searchname'] = $searchname; if (!(isset($prj_id) && isset($milestone))) { $sql = "select max(prjm_id) as prjm_id,milestone from prj_milestone where milestone=1 group by milestone limit 1"; $resultSet = $dbConn->execute($sql); if ($resultSet === false) { die("<br>Cannot get prj_id milestone " . $sql . " reason " . $dbConn->ErrorMsg() . "<br>");
// $dbConn->log('POST '.$newauditor); } else { unset($_POST['newauditor']); unset($_REQUEST['newauditor']); unset($_GET['newauditor']); } } $searchname = ''; $studentPicker = new StudentPicker($dbConn, $newauditor, 'Search and select auditor.'); $studentPicker->setInputName('newauditor'); if (isset($_REQUEST['searchname'])) { if (!preg_match('/;/', $_REQUEST['searchname'])) { $searchname = $_REQUEST['searchname']; $studentPicker->setSearchString($searchname); if (!isset($_REQUEST['newauditor'])) { $newauditor = $studentPicker->findStudentNumber(); } } else { $searchname = ''; } $_SESSION['searchname'] = $searchname; } else { $studentPicker->setSearchString($_SESSION['searchname']); } $_SESSION['searchname'] = $searchname; // test if this owner can update this project $isTutorOwner = checkTutorOwner($dbConn, $prj_id, $tutor_code); if (($isTutorOwner || $isGroupTutor) && isset($_REQUEST['bsetgid']) && $newauditor != 0) { $gids = join(',', $_REQUEST['gid']); $sql = "begin work;" . " insert into project_auditor (snummer,prjm_id,gid) \n" . " select {$newauditor},prjm_id,grp_num as gid from \n" . "(select {$newauditor} as snummer ,prjm_id,0 as grp_num from prj_tutor where prjm_id={$prjm_id} \n" . " union select {$newauditor} as snummer,prjm_id,grp_num from prj_tutor where prjm_id={$prjm_id}) pt \n" . " where grp_num in ({$gids}) " . " and ({$newauditor},prjm_id,grp_num) not in (select snummer,prjm_id,gid from project_auditor);\n" . "commit"; $dbConn->Execute($sql);