<?php
$include_path = get_include_path();
include_once $include_path . '/includes/db_functions.php';
include_once $include_path . '/public_html/includes/mail_functions.php';
include_once $include_path . '/includes/session_functions.php';
include_once 'errorReporting.php';
include_once $include_path . '/public_html/classes/AllClasses.php';
sec_session_start();
if (isset($_SESSION['user'])) {
$user = $_SESSION['user'];
$userRole = $user->getRole();
if (!authoriseUserRoles($userRole, ["SUPER_USER"])) {
header("Location: ../unauthorisedAccess.php");
exit;
}
}
$pwd = filter_input(INPUT_POST, 'p', FILTER_SANITIZE_STRING);
$fname = filter_input(INPUT_POST, 'firstname', FILTER_SANITIZE_STRING);
$sname = filter_input(INPUT_POST, 'surname', FILTER_SANITIZE_STRING);
$prefname = filter_input(INPUT_POST, 'prefferedname', FILTER_SANITIZE_STRING);
$role = filter_input(INPUT_POST, 'role', FILTER_SANITIZE_STRING);
$email = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_STRING);
$title = filter_input(INPUT_POST, 'title', FILTER_SANITIZE_STRING);
$intials = filter_input(INPUT_POST, 'initials', FILTER_SANITIZE_STRING);
$classroom = filter_input(INPUT_POST, 'classroom', FILTER_SANITIZE_STRING);
$number = filter_input(INPUT_POST, 'number', FILTER_SANITIZE_STRING);
$dob = filter_input(INPUT_POST, 'date', FILTER_SANITIZE_STRING);
$message = "";
if (isset($role)) {
if (isset($pwd, $fname, $sname, $email)) {
failRequest("There was a problem validating your request");
}
switch ($requestType) {
case "FILTERED":
if (!authoriseUserRoles($role, ["SUPER_USER", "STAFF"])) {
failRequest("You are not authorised to complete that request");
}
getAllCompletedWorksheetsForGroup($groupid, $staffid, $orderby, $desc);
break;
case "ALLWORKSHEETS":
if (!authoriseUserRoles($role, ["SUPER_USER", "STAFF"])) {
failRequest("You are not authorised to complete that request");
}
getAllWorksheets($orderby, $desc);
default:
if (!authoriseUserRoles($role, ["SUPER_USER", "STAFF"])) {
failRequest("You are not authorised to complete that request");
}
getAllWorksheetNames($orderby, $desc);
break;
}
function getAllWorksheetNames($orderby, $desc)
{
$query = "SELECT WV.`Version ID` ID, WV.`WName` WName, WV.`VName` VName " . "FROM TWORKSHEETVERSION WV " . "WHERE WV.`Deleted` = 0";
if (isset($orderby)) {
$query .= " ORDER BY {$orderby}";
if (isset($desc) && $desc == "TRUE") {
$query .= " DESC";
}
}
try {
?>
<li onclick="restoreWorksheet()"><a>Restore Worksheet</a></li>
<?php
} else {
?>
<li><a href="editWorksheet.php?id=<?php
echo $vid;
?>
">Edit</a></li>
<li onclick="deleteWorksheet()"><a>Delete Worksheet</a></li>
<?php
}
}
?>
<?php
if (authoriseUserRoles($userRole, ["SUPER_USER", "STAFF"]) && isset($vid)) {
?>
<li><a href="resultsEntryHome.php?level=1&vid=<?php
echo $vid;
?>
">Enter New Results</a></li>
<?php
}
?>
<li><a href="viewAllWorksheets.php?v=<?php
echo $vid;
?>
">Back To Worksheets</a></li>
</ul>
</div>
</div>