function prereq_check($username, $seqid)
{
$sql = "select distinct p.reqcoursenumber from sections s, prereq p where s.coursenumber = p.basecoursenumber and s.seqid = '{$seqid}'";
$result_array = execute_sql_in_mysql($sql);
$result = $result_array["flag"];
$cursor = $result_array["cursor"];
if ($cursor == false) {
die("SQL Execution problem.");
}
$prereqs = array();
while ($values = mysqli_fetch_array($cursor)) {
$prereqs[] = $values[0];
}
//oci_free_statement($cursor);
if (count($prereqs) == 0) {
return false;
}
$n = count($prereqs);
$prereq_result = array();
for ($i = 0; $i < $n; $i++) {
$sql = "select * from users u, sections s, taken t, students d where u.username = d.username\n and d.id = t.id and t.seqid = s.seqid and u.username = '******' and s.coursenumber = '{$prereqs[$i]}'\n and not exists (select * from taken n where d.id = n.id and n.grade is null)";
$result_array = execute_sql_in_mysql($sql);
$result = $result_array["flag"];
$cursor = $result_array["cursor"];
if ($cursor == false) {
die("SQL Execution problem.");
}
if (!($values = mysqli_fetch_array($cursor))) {
// echo($values[0]);
$prereq_result[] = $prereqs[$i];
}
//oci_free_statement($cursor);
}
$n = count($prereq_result);
if ($n > 0) {
return $prereq_result;
} else {
return false;
}
}
<?php
include "utility_functions.php";
//Access level
$access = "a";
$sessionid = $_GET["sessionid"];
verify_session($sessionid, $access);
// Verify where we are from, manage.php or user_update_action.php.
if (!isset($_POST["update_fail"])) {
// from manage.php
// Fetch the record to be updated.
$username = $_GET["username"];
// the sql string
$sql = "select username, passw, isstudent, isadmin from users where username = '******'";
$result_array = execute_sql_in_mysql($sql);
$result = $result_array["flag"];
$cursor = $result_array["cursor"];
if ($cursor == false) {
die("Query Failed.");
}
$values = mysqli_fetch_array($cursor);
$username = $values[0];
$password = $values[1];
$isstudent = $values[2];
$isadmin = $values[3];
} else {
// from user_update_action.php
// Obtain values of the record to be updated directly.
$username = $_POST["username"];
$password = $_POST["password"];
$isstudent = $_POST["isstudent"];
function student_admin_nav_check($sessionid)
{
// lookup the sessionid in the session table to ascertain the clientid, then use client id to verify student-administrator access level
$sql = "select u.username, isstudent, isadmin " . "from users u, usersession s " . "where u.username=s.username and sessionid='{$sessionid}' and (isstudent='y' or isstudent='Y') and (isadmin='y' or isadmin='Y')";
$result_array = execute_sql_in_mysql($sql);
$result = $result_array["flag"];
$cursor = $result_array["cursor"];
//$result = oci_execute($cursor);
/*
if ($result == false){
//display_oracle_error_message($cursor);
die("SQL Execution problem.");
}
*
*/
$return_variable = "";
if (!($values = mysqli_fetch_array($cursor))) {
// no record found with student-administrator usertype
$return_variable = FALSE;
} else {
$return_variable = TRUE;
}
//oci_free_statement($cursor);
return $return_variable;
}