} if (isset($_POST["assignment_uploads"]) && ($tmp_uploads = clean_input($_POST["assignment_uploads"], array("trim", "notags")))) { $PROCESSED["assignment_uploads"] = $tmp_uploads == "allow" ? 0 : 1; } else { $PROCESSED["assignment_uploads"] = 1; } if (isset($_POST["allow_multiple_files"]) && $_POST["allow_multiple_files"] && isset($_POST["num_files_allowed"]) && ($max_file_uploads = (int) $_POST["num_files_allowed"]) > 0) { $PROCESSED["max_file_uploads"] = $max_file_uploads; } else { $PROCESSED["max_file_uploads"] = 1; } /** * Required field "event_start" / Event Date & Time Start (validated through validate_calendars function). */ $release_date = validate_calendars("viewable", false, false, true); $due_date = validate_calendars("due", false, false, true); if (isset($release_date["start"]) && (int) $release_date["start"]) { $PROCESSED["release_date"] = (int) $release_date["start"]; } else { $PROCESSED["release_date"] = 0; } if (isset($release_date["finish"]) && (int) $release_date["finish"]) { $PROCESSED["release_until"] = (int) $release_date["finish"]; } else { $PROCESSED["release_until"] = 0; } if (isset($due_date["finish"]) && (int) $due_date["finish"]) { $PROCESSED["due_date"] = (int) $due_date["finish"]; } else { $PROCESSED["due_date"] = 0; }
} elseif (!isset($_SESSION["isAuthorized"]) || !$_SESSION["isAuthorized"]) { header("Location: " . ENTRADA_URL); exit; } elseif (!$ENTRADA_ACL->amIAllowed("reportindex", "read", false)) { $ERROR++; $ERRORSTR[] = "Your account does not have the permissions required to use this module.<br /><br />If you believe you are receiving this message in error please contact <a href=\"mailto:" . html_encode($AGENT_CONTACTS["administrator"]["email"]) . "\">" . html_encode($AGENT_CONTACTS["administrator"]["name"]) . "</a> for assistance."; echo display_error(); application_log("error", "Group [" . $_SESSION["permissions"][$ENTRADA_USER->getAccessId()]["group"] . "] and role [" . $_SESSION["permissions"][$ENTRADA_USER->getAccessId()]["role"] . "] do not have access to this module [" . $MODULE . "]"); } else { define("IN_REPORTS", true); $BREADCRUMB[] = array("url" => ENTRADA_URL . "/admin/" . $MODULE, "title" => $MODULES[strtolower($MODULE)]["title"]); if ($router && $router->initRoute()) { $PREFERENCES = preferences_load($MODULE); $ORGANISATION_LIST = array(); if (isset($_POST["reporting_start"]) && (int) trim($_POST["reporting_start"]) && isset($_POST["reporting_finish"]) && (int) trim($_POST["reporting_finish"])) { $report_date = validate_calendars("reporting", true, true, true); if (isset($report_date["start"]) && (int) $report_date["start"]) { $_SESSION[APPLICATION_IDENTIFIER][$MODULE]["reporting_start"] = (int) $report_date["start"]; } if (isset($report_date["finish"]) && (int) $report_date["finish"]) { $_SESSION[APPLICATION_IDENTIFIER][$MODULE]["reporting_finish"] = (int) $report_date["finish"]; } } else { if (!isset($_SESSION[APPLICATION_IDENTIFIER][$MODULE]["reporting_start"])) { $_SESSION[APPLICATION_IDENTIFIER][$MODULE]["reporting_start"] = strtotime("July 1st, " . (date("Y", time()) - (date("m", time()) < 7 ? 1 : 2)) . " 0:00:00"); } if (!isset($_SESSION[APPLICATION_IDENTIFIER][$MODULE]["reporting_finish"])) { $_SESSION[APPLICATION_IDENTIFIER][$MODULE]["reporting_finish"] = strtotime("+1 year", $_SESSION[APPLICATION_IDENTIFIER][$MODULE]["reporting_start"] - 1); } } /**
} else { $PROCESSED["incident_severity"] = 1; } /* * Required field "incident_status" / Incident Status. */ if (isset($_POST["incident_status"]) && $_POST["incident_status"]) { $PROCESSED["incident_status"] = 1; } else { $PROCESSED["incident_status"] = 0; } /** * Required field "incident_date" / Incident Start (validated through validate_calendars function). * Non-required field "follow_up_date" / Incident Finish (validated through validate_calendars function). */ $incident_date = validate_calendars("incident", true, false); if (isset($incident_date["start"]) && (int) $incident_date["start"]) { $PROCESSED["incident_date"] = (int) $incident_date["start"]; } if (isset($incident_date["finish"]) && (int) $incident_date["finish"]) { $PROCESSED["follow_up_date"] = (int) $incident_date["finish"]; } else { $PROCESSED["follow_up_date"] = 0; } /** * Non-required field "incident_description" / Comments. */ if (isset($_POST["incident_description"]) && ($incident_description = clean_input($_POST["incident_description"], array("trim", "notags")))) { $PROCESSED["incident_description"] = $incident_description; } else { $PROCESSED["incident_description"] = "";
$PROCESSED["event_desc"] = ""; } if (isset($_POST["rotation_id"]) && ($rotation_id = (int) $_POST["rotation_id"])) { $query = "SELECT `rotation_id` FROM `" . CLERKSHIP_DATABASE . "`.`global_lu_rotations` WHERE `rotation_id` = " . $db->qstr($rotation_id); $result = $db->GetRow($query); if ($result) { $PROCESSED["rotation_id"] = (int) $result["rotation_id"]; } else { $ERROR++; $ERRORSTR[] = "We were unable to locate the rotation title you've selected."; } } else { $ERROR++; $ERRORSTR[] = "The <strong>Rotation ID</strong> field is required if this event is to be a part of a Core Rotation."; } $event_dates = validate_calendars("event", true, true); if (isset($event_dates["start"]) && (int) $event_dates["start"]) { $PROCESSED["event_start"] = (int) $event_dates["start"]; } else { $ERROR++; $ERRORSTR[] = "The <strong>Event Start</strong> field is required if this is to appear on the calendar."; } if (isset($event_dates["finish"]) && (int) $event_dates["finish"]) { $PROCESSED["event_finish"] = (int) $event_dates["finish"]; } else { $ERROR++; $ERRORSTR[] = "The <strong>Event Finish</strong> field is required if this is to appear on the calendar."; } if (strlen(trim($_POST["event_status"])) < 1) { $ERROR++; $ERRORSTR[] = "Please select the status of this category after you have saved it.";
*/ if (isset($_POST["max_submittable"]) && (($max_submittable = clean_input($_POST["max_submittable"], "int")) || $max_submittable === 0) && $max_submittable <= 999) { $PROCESSED["max_submittable"] = $max_submittable; } elseif ($evaluation_target_type == "peer") { $PROCESSED["max_submittable"] = 0; } else { add_error("The evaluation <strong>Max Submittable</strong> field is required and must be less than 999."); } if ($PROCESSED["min_submittable"] > $PROCESSED["max_submittable"] && $PROCESSED["max_submittable"] !== 0) { add_error("Your <strong>Min Submittable</strong> value may not be greater than your <strong>Max Submittable</strong> value."); } /** * Non-required field "release_date" / Viewable Start (validated through validate_calendars function). * Non-required field "release_until" / Viewable Finish (validated through validate_calendars function). */ $viewable_date = validate_calendars("viewable", false, false); if (isset($viewable_date["start"]) && (int) $viewable_date["start"]) { $PROCESSED["release_date"] = (int) $viewable_date["start"]; } else { $PROCESSED["release_date"] = 0; } if (isset($viewable_date["finish"]) && (int) $viewable_date["finish"]) { $PROCESSED["release_until"] = (int) $viewable_date["finish"]; } else { $PROCESSED["release_until"] = 0; } /** * Processing for evaluation_evaluators table. */ if (isset($_POST["target_group_type"]) && in_array($_POST["target_group_type"], array("cohort", "percentage", "proxy_id", "faculty", "cgroup_id"))) { switch ($_POST["target_group_type"]) {
* Serves as a detection method for conflicting events. * * @author Organisation: Queen's University * @author Unit: School of Medicine * @author Developer: Brandon Thorn <*****@*****.**> * @copyright Copyright 2010 Queen's University. All Rights Reserved. * */ @set_include_path(implode(PATH_SEPARATOR, array(dirname(__FILE__) . "/../core", dirname(__FILE__) . "/../core/includes", dirname(__FILE__) . "/../core/library", get_include_path()))); /** * Include the Entrada init code. */ require_once "init.inc.php"; if (isset($_SESSION["isAuthorized"]) && (bool) $_SESSION["isAuthorized"]) { if (isset($_POST) && isset($_POST["duration_segment"]) && is_array($_POST["duration_segment"]) && !empty($_POST["duration_segment"])) { $date = validate_calendars("event", true, false); $length = 0; foreach ($_POST["duration_segment"] as $segment) { $segment = clean_input($segment, array("trim", "int")); if ($segment) { $length += $segment; } } $start_time = $date["start"]; $finish_time = $start_time + $length * 60; $audience_type = clean_input($_POST["event_audience_type"], array("notags", "trim")); $event_id = (int) $_POST["event_id"]; $query = "\tSELECT * FROM `events` AS a JOIN `event_audience` AS b ON a.`event_id` = b.`event_id`\n\t\t\t\t\tWHERE (" . $start_time . " BETWEEN `event_start` AND `event_finish` \n\t\t\t\t\tOR " . $finish_time . " BETWEEN `event_start` AND `event_finish`)"; switch ($audience_type) { case "cohort": $cohort = isset($_POST["associated_cohort"]) ? clean_input($_POST["associated_cohort"], array("int")) : 0;
echo display_error(); application_log("error", "LTI Provider wizard was accessed without any LTI Provider id."); } break; case "add": default: switch ($STEP) { case 2: $PROCESSED["event_id"] = $EVENT_ID; /** * Step 2 Error Checking * Because this unsets the $ERRORSTR array, only do this if there is not already an error. * PITA, I know. */ if (isset($_POST["timedrelease"]) && $_POST["timedrelease"] == "yes") { $timed_release = validate_calendars("valid", false, false); if ($ERROR) { $modal_onload[] = "alert('" . addslashes($ERRORSTR[0]) . "')"; $ERROR = 0; $ERRORSTR = array(); $ERROR++; $ERRORSTR[] = "q3"; $JS_INITSTEP = 2; } if (isset($timed_release["start"]) && (int) $timed_release["start"]) { $PROCESSED["valid_from"] = (int) $timed_release["start"]; } if (isset($timed_release["finish"]) && (int) $timed_release["finish"]) { $PROCESSED["valid_until"] = (int) $timed_release["finish"]; } }
$PROCESSED["organisation_id"] = $ENTRADA_USER->getActiveOrganisation(); echo "<h1>Editing Notice</h1>\n"; // Error Checking switch ($STEP) { case 2: if (isset($_POST["target"]) && ($target_audience = clean_input($_POST["target"], array("trim", "dir")))) { $PROCESSED["target"] = $target_audience; } else { $PROCESSED["target"] = 'updated'; } if (isset($_POST["notice_summary"]) && ($notice_summary = strip_tags(clean_input($_POST["notice_summary"], "trim"), "<a><br><p>"))) { $PROCESSED["notice_summary"] = $notice_summary; } else { add_error("You must provide a notice summary."); } $display_date = validate_calendars("display", true, true); if (isset($display_date["start"]) && (int) $display_date["start"]) { $PROCESSED["display_from"] = (int) $display_date["start"]; } else { add_error("You must select a valid display start date."); } if (isset($display_date["finish"]) && (int) $display_date["finish"]) { $PROCESSED["display_until"] = (int) $display_date["finish"]; } else { add_error("You must select a valid display finish date."); } if (isset($_POST["target_audience"]) && ($target_audience = clean_input($_POST["target_audience"], "trim"))) { if (strpos($target_audience, "all:") !== false || $target_audience == "public") { $PROCESSED["associated_audience"][] = array("audience_type" => $target_audience, "audience_value" => 0); } }
} else { $PROCESSED["clinical"] = 1; } /* * Required field "account_active" / Account Status. */ if (isset($_POST["account_active"]) && $_POST["account_active"] == "true") { $PROCESSED_ACCESS["account_active"] = "true"; } else { $PROCESSED_ACCESS["account_active"] = "false"; } /** * Required field "access_starts" / Access Start (validated through validate_calendars function). * Non-required field "access_finish" / Access Finish (validated through validate_calendars function). */ $access_date = validate_calendars("access", true, false); if (isset($access_date["start"]) && (int) $access_date["start"]) { $PROCESSED_ACCESS["access_starts"] = (int) $access_date["start"]; } if (isset($access_date["finish"]) && (int) $access_date["finish"]) { $PROCESSED_ACCESS["access_expires"] = (int) $access_date["finish"]; } else { $PROCESSED_ACCESS["access_expires"] = 0; } /** * Non-required field "prefix" / Prefix. */ if (isset($_POST["prefix"]) && @in_array($prefix = clean_input($_POST["prefix"], "trim"), $PROFILE_NAME_PREFIX)) { $PROCESSED["prefix"] = $prefix; } else { $PROCESSED["prefix"] = "";
} } else { $ERROR++; $ERRORSTR[] = "The <strong>Marking Scheme</strong> field is a required field."; } //Show in learner gradebook check if (isset($_POST["show_learner_option"])) { switch ($show_learner_option = clean_input($_POST["show_learner_option"], array("trim", "int"))) { case 0: $PROCESSED["show_learner"] = $show_learner_option; $PROCESSED["release_date"] = 0; $PROCESSED["release_until"] = 0; break; case 1: $PROCESSED["show_learner"] = $show_learner_option; $release_dates = validate_calendars("show", false, false); if (isset($release_dates["start"]) && (int) $release_dates["start"]) { $PROCESSED["release_date"] = (int) $release_dates["start"]; } else { $PROCESSED["release_date"] = 0; } if (isset($release_dates["finish"]) && (int) $release_dates["finish"]) { $PROCESSED["release_until"] = (int) $release_dates["finish"]; } else { $PROCESSED["release_until"] = 0; } break; default: $PROCESSED["show_learner"] = 0; break; }
$ERRORSTR[] = "You must provide an occupant name or title in the <strong>Occupant Name / Title</strong> field."; } if (isset($_POST["cost_recovery"]) && $_POST["cost_recovery"] == "1") { $PROCESSED["cost_recovery"] = 1; } $PROCESSED["confirmed"] = 1; break; default: $ERROR++; $ERRORSTR[] = "You must provide a valid occupant type in order to continue."; break; } if (isset($_POST["notes"]) && ($tmp_input = clean_input($_POST["notes"], array("trim", "allowedtags")))) { $PROCESSED["notes"] = $tmp_input; } $inhabiting_date = validate_calendars("inhabiting", true, true, false); if (isset($inhabiting_date["start"]) && (int) $inhabiting_date["start"]) { $PROCESSED["inhabiting_start"] = (int) $inhabiting_date["start"]; } else { $ERROR++; $ERRORSTR[] = "You must select a date that the occupant will move into " . html_encode($APARTMENT_INFO["apartment_title"]); } if (isset($inhabiting_date["finish"]) && (int) $inhabiting_date["finish"]) { $PROCESSED["inhabiting_finish"] = (int) $inhabiting_date["finish"]; } else { $ERROR++; $ERRORSTR[] = "You must select a date that the occupant will vacate from " . html_encode($APARTMENT_INFO["apartment_title"]); } if (!$ERROR) { $PROCESSED["updated_last"] = time(); $PROCESSED["updated_by"] = $ENTRADA_USER->getID();
*/ $draft_date = validate_calendars("copy", true, true, false); if (isset($draft_date["start"]) && (int) $draft_date["start"]) { $PROCESSED["draft_start_date"] = (int) $draft_date["start"]; } else { $PROCESSED["draft_start_date"] = 0; } if (isset($draft_date["finish"]) && (int) $draft_date["finish"]) { $PROCESSED["draft_finish_date"] = (int) $draft_date["finish"]; } else { $PROCESSED["draft_finish_date"] = 0; } /** * Required field "new_start" / Event Date & Time Start (validated through validate_calendars function). */ $start_date = validate_calendars("new", true, false, false); if (isset($start_date["start"]) && (int) $start_date["start"]) { $PROCESSED["new_start_day"] = (int) $start_date["start"]; } if (has_error()) { $STEP = 1; } else { if ($db->AutoExecute("drafts", $PROCESSED, "INSERT") && ($draft_id = $db->Insert_ID())) { $creators = array("draft_id" => $draft_id, "proxy_id" => $ENTRADA_USER->getActiveId()); if (!$db->AutoExecute("draft_creators", $creators, "INSERT")) { application_log("error", "Error when creating draft [" . $draft_id . "]. Unable to insert to the draft_creators table. Database said: " . $db->ErrorMsg()); } if ($PROCESSED["options"]) { // This is just to be safe I am assuming. $query = "DELETE FROM `draft_options` WHERE `draft_id` = " . $db->qstr($draft_id); $db->Execute($query);
$url = ENTRADA_URL; $SUCCESS++; $SUCCESSSTR[] = "You have successfully updated this <strong>Deficiency Plan</strong> in the system.<br /><br />Please <a href=\"" . $url . "\">click here</a> to proceed to the Dashboard or you will be automatically forwarded in 5 seconds."; $ONLOAD[] = "setTimeout('window.location=\\'" . $url . "\\'', 5000)"; application_log("success", "Updated deficiency plan [" . $PLAN_ID . "] in the system."); } else { $ERROR++; $ERRORSTR[] = "There was a problem editing this deficiency plan in the system. The MEdTech Unit was informed of this error; please try again later."; application_log("error", "There was an error editing a deficiency plan for Proxy ID [" . $PROXY_ID . "]. Database said: " . $db->ErrorMsg()); } } } else { if (isset($_POST["plan_body"]) && ($plan_body = clean_input($_POST["plan_body"], array("notags", "trim")))) { $PROCESSED["plan_body"] = $plan_body; } $timeline_dates = validate_calendars("timeline", true, true); if (isset($timeline_dates["start"]) && (int) $timeline_dates["start"]) { $PROCESSED["timeline_start"] = (int) $timeline_dates["start"]; } else { $ERROR++; $ERRORSTR[] = "The <strong>Timeline Start</strong> field is required to detail when your plan to attain deficiencies will begin."; } if (isset($timeline_dates["finish"]) && (int) $timeline_dates["finish"]) { $PROCESSED["timeline_finish"] = (int) $timeline_dates["finish"]; } else { $ERROR++; $ERRORSTR[] = "The <strong>Timeline Finish</strong> field is required to detail when your plan to attain deficiencies will end."; } if (!isset($PROCESSED["clerk_accepted"]) || !$PROCESSED["clerk_accepted"]) { if (isset($_POST["clerk_accepted"]) && ($clerk_accepted = $_POST["clerk_accepted"] ? true : false)) { $PROCESSED["clerk_accepted"] = $clerk_accepted;
$PROCESSED["report_supporting_link"] = ""; } /** * Required field "report_date" / Event Date & Time Start. */ $report_date = validate_calendars("report", true, false, false); if (isset($report_date["start"]) && (int) $report_date["start"]) { $PROCESSED["report_date"] = (int) $report_date["start"]; } else { $PROCESSED["report_date"] = 0; add_error("You must provide a reporting date for this report."); } /** * Required field "event_start" / Event Date & Time Start. */ $period_date = validate_calendars("period", true, true, false); if (isset($period_date["start"]) && (int) $period_date["start"]) { $PROCESSED["report_start"] = (int) $period_date["start"]; } else { $PROCESSED["report_start"] = 0; add_error("You must provide a reporting start date."); } if (isset($period_date["finish"]) && (int) $period_date["finish"]) { $PROCESSED["report_finish"] = (int) $period_date["finish"]; } else { $PROCESSED["report_finish"] = 0; add_error("You must provide a reporting finish date."); } /** * Non-required field "event_location" / Event Location */
} else { $ERROR++; $ERRORSTR[] = "You must provide the telephone number of the key contact."; } if (isset($_POST["keys_email"]) && ($tmp_input = clean_input($_POST["keys_email"], array("trim", "notags"))) && valid_address($tmp_input)) { $PROCESSED["keys_email"] = $tmp_input; } else { $ERROR++; $ERRORSTR[] = "You must provide a valid e-mail address for the key contact."; } } /** * Required field "release_date" / Available Start (validated through validate_calendars function). * Non-required field "release_until" / Available Finish (validated through validate_calendars function). */ $available_date = validate_calendars("available", true, false, false); if (isset($available_date["start"]) && (int) $available_date["start"]) { $PROCESSED["available_start"] = (int) $available_date["start"]; } else { $PROCESSED["available_start"] = 0; } if (isset($available_date["finish"]) && (int) $available_date["finish"]) { $PROCESSED["available_finish"] = (int) $available_date["finish"]; } else { $PROCESSED["available_finish"] = 0; } $query = "\tSELECT `dep_id`\n\t\t\t\t\t\tFROM `" . AUTH_DATABASE . "`.`user_departments`\n\t\t\t\t\t\tWHERE `user_id` = " . $db->qstr($ENTRADA_USER->getId()); $department_id = $db->getOne($query); if ($department_id) { $PROCESSED["department_id"] = $department_id; } else {
*/ if (isset($_POST["category_name"]) && ($category_name = clean_input($_POST["category_name"], array("notags", "trim")))) { $PROCESSED["category_name"] = $category_name; } else { $ERROR++; $ERRORSTR[] = "The <strong>Category" . (isset($category_details["ctype_name"]) && $category_details["ctype_name"] ? " " . $category_details["ctype_name"] : "") . " Name</strong> is a required field."; } /** * Non-required field "category_code" / Category Code */ if (isset($_POST["category_code"]) && ($category_code = clean_input($_POST["category_code"], array("notags", "trim")))) { $PROCESSED["category_code"] = $category_code; } else { $PROCESSED["category_code"] = ""; } $category_dates = validate_calendars("category", true, false, false); if (isset($category_dates["start"]) && (int) $category_dates["start"]) { $PROCESSED["category_start"] = (int) $category_dates["start"]; } else { $ERROR++; $ERRORSTR[] = "The <strong>Category Start</strong> field is required."; } if (isset($category_dates["finish"]) && (int) $category_dates["finish"]) { $PROCESSED["category_finish"] = (int) $category_dates["finish"]; } else { $ERROR++; $ERRORSTR[] = "The <strong>Category Finish</strong> field is required."; } /** * Required field "category_type" / Category Type. */
$require_start = true; $require_finish = false; break; default: $require_start = false; $require_finish = false; break; } if ($STEP >= 4 && isset($PROCESSED["quiztype_id"]) && $PROCESSED["quiztype_id"]) { $query = "SELECT `quiztype_code` FROM `quizzes_lu_quiztypes` WHERE `quiztype_id` = " . $db->qstr($PROCESSED["quiztype_id"]); $quiztype = $db->GetOne($query); if ($quiztype == "delayed") { $require_finish = true; } } $viewable_date = validate_calendars("accessible", $require_start, $require_finish); if (isset($viewable_date["start"]) && (int) $viewable_date["start"]) { $PROCESSED["release_date"] = (int) $viewable_date["start"]; } else { $PROCESSED["release_date"] = 0; } if (isset($viewable_date["finish"]) && (int) $viewable_date["finish"]) { $PROCESSED["release_until"] = (int) $viewable_date["finish"]; } else { $PROCESSED["release_until"] = 0; } if (isset($_POST["accessible_start"]) && $_POST["accessible_start"] == 1) { $PROCESSED["accessible_start"] = 1; $PROCESSED["accessible_start_date"] = clean_input($_POST["accessible_start_date"], "credentials"); $PROCESSED["accessible_start_hour"] = clean_input($_POST["accessible_start_hour"], "int"); $PROCESSED["accessible_start_min"] = clean_input($_POST["accessible_start_min"], "int");
if (isset($_POST["poll_answer_2"]) && ($poll_answer_2 = clean_input($_POST["poll_answer_2"], array("trim")))) { $PROCESSED_ANSWERS[1] = $poll_answer_2; } else { $ERROR++; $ERRORSTR[] = "You must provide an answer for poll answer 2."; } if (isset($_POST["poll_answer_3"]) && ($poll_answer_3 = clean_input($_POST["poll_answer_3"], array("trim")))) { $PROCESSED_ANSWERS[2] = $poll_answer_3; } if (isset($_POST["poll_answer_4"]) && ($poll_answer_4 = clean_input($_POST["poll_answer_4"], array("trim")))) { $PROCESSED_ANSWERS[3] = $poll_answer_4; } if (isset($_POST["poll_answer_5"]) && ($poll_answer_5 = clean_input($_POST["poll_answer_5"], array("trim")))) { $PROCESSED_ANSWERS[4] = $poll_answer_5; } $display_date = validate_calendars("poll", true, false); if (isset($display_date["start"]) && (int) $display_date["start"]) { $PROCESSED["poll_from"] = (int) $display_date["start"]; } else { $ERROR++; $ERRORSTR[] = "You must select a valid display start date."; } if (isset($display_date["finish"]) && (int) $display_date["finish"]) { $PROCESSED["poll_until"] = (int) $display_date["finish"]; } else { $PROCESSED["poll_until"] = 0; } if (!$ERROR) { $PROCESSED["updated_date"] = time(); $PROCESSED["updated_by"] = $ENTRADA_USER->getID(); if ($db->AutoExecute("poll_questions", $PROCESSED, "INSERT")) {
application_log("error", print_r($ERRORSTR, true)); } if (isset($_POST["new"]) && $_POST["new"]) { $PROCESSED = array("event_start" => $PROCESSED["event_start"]); if (!$temp_event_id) { echo "<input type=\"hidden\" value=\"" . $event_id . "\" id=\"updated_session_id\" />"; } $event_id = 0; } } else { $PROCESSED = $event_info; if (isset($_POST["event_start"]) && $_POST["event_start"]) { /** * Required field "event_start" / Event Date & Time Start (validated through validate_calendars function). */ $start_date = validate_calendars("event", false, false); if (isset($start_date["start"]) && (int) $start_date["start"]) { $PROCESSED["event_start"] = (int) $start_date["start"]; } } } if ($parent_id) { $query = "SELECT COUNT(*) FROM `events` WHERE `parent_id` = " . $db->qstr($parent_id); $session_count = $db->GetOne($query); $session_count = $session_count ? $session_count + 1 : 1; } else { $session_count = 1; } /** * Compiles the full list of faculty members. */
$result = $db->GetRow($query); if ($result) { $evaluation_target_id = $result["target_id"]; $evaluation_target_type = $result["target_shortname"]; $PROCESSED["eform_id"] = $eform_id; } else { add_error("The <strong>Evaluation Form</strong> that you selected is not currently available for use."); } } else { add_error("You must select an <strong>Evaluation Form</strong> to use during this evaluation."); } /** * Non-required field "evaluation_start" / Evaluation Start (validated through validate_calendars function). * Non-required field "evaluation_finish" / Evaluation Finish (validated through validate_calendars function). */ $viewable_date = validate_calendars("evaluation", false, false); if (isset($viewable_date["start"]) && (int) $viewable_date["start"]) { $PROCESSED["evaluation_start"] = (int) $viewable_date["start"]; } else { $PROCESSED["evaluation_start"] = 0; } if (isset($viewable_date["finish"]) && (int) $viewable_date["finish"]) { $PROCESSED["evaluation_finish"] = (int) $viewable_date["finish"]; } else { $PROCESSED["evaluation_finish"] = 0; } /** * Non-required field "evaluation_mandatory" / Evaluation Mandatory */ if (isset($_POST["evaluation_mandatory"]) && $_POST["min_submittable"]) { $PROCESSED["evaluation_mandatory"] = true;
$ERRORSTR[] = "The <strong>Photo Title</strong> field is required."; } /** * Non-Required field "description" / Photo Description. * */ if (isset($_POST["photo_description"]) && ($description = clean_input($_POST["photo_description"], array("notags", "trim")))) { $PROCESSED["photo_description"] = $description; } else { $PROCESSED["photo_description"] = ""; } /** * Required field "release_from" / Release Start (validated through validate_calendars function). * Non-required field "release_until" / Release Finish (validated through validate_calendars function). */ $release_dates = validate_calendars("release", true, false); if (isset($release_dates["start"]) && (int) $release_dates["start"]) { $PROCESSED["release_date"] = (int) $release_dates["start"]; } else { $ERROR++; $ERRORSTR[] = "The <strong>Release Start</strong> field is required."; } if (isset($release_dates["finish"]) && (int) $release_dates["finish"]) { $PROCESSED["release_until"] = (int) $release_dates["finish"]; } else { $PROCESSED["release_until"] = 0; } /** * Email Notificaions. */ if (isset($_POST["enable_notifications"])) {
function profile_add_assistant() { global $db, $PROCESSED, $ERROR, $ERRORSTR, $SUCCESS, $SUCCESSSTR, $ENTRADA_ACL, $ENTRADA_USER; if ($ENTRADA_ACL->isLoggedInAllowed('assistant_support', 'create')) { $access_timeframe = validate_calendars("valid", true, true); if (!$ERROR) { if (isset($access_timeframe["start"]) && (int) $access_timeframe["start"]) { $PROCESSED["valid_from"] = (int) $access_timeframe["start"]; } if (isset($access_timeframe["finish"]) && (int) $access_timeframe["finish"]) { $PROCESSED["valid_until"] = (int) $access_timeframe["finish"]; } if (isset($_POST["assistant_id"]) && ($proxy_id = (int) trim($_POST["assistant_id"]))) { if ($proxy_id != $ENTRADA_USER->getID()) { $query = "\n\t\t\t\t\t\tSELECT a.`id` AS `proxy_id`, CONCAT_WS(' ', a.`firstname`, a.`lastname`) AS `fullname`\n\t\t\t\t\t\tFROM `" . AUTH_DATABASE . "`.`user_data` AS a\n\t\t\t\t\t\tLEFT JOIN `" . AUTH_DATABASE . "`.`user_access` AS b\n\t\t\t\t\t\tON b.`user_id` = a.`id` AND b.`app_id`='1' AND b.`account_active`='true' AND b.`group`<>'student'\n\t\t\t\t\t\tWHERE a.`id`=" . $db->qstr($proxy_id); $result = $db->GetRow($query); if ($result) { $PROCESSED["assigned_by"] = $ENTRADA_USER->getID(); $PROCESSED["assigned_to"] = $result["proxy_id"]; $fullname = $result["fullname"]; $query = "SELECT * FROM `permissions` WHERE `assigned_by`=" . $db->qstr($PROCESSED["assigned_by"]) . " AND `assigned_to`=" . $db->qstr($PROCESSED["assigned_to"]); $result = $db->GetRow($query); if ($result) { if ($db->AutoExecute("permissions", $PROCESSED, "UPDATE", "permission_id=" . $db->qstr($result["permission_id"]))) { $SUCCESS++; $SUCCESSSTR[] = "You have successfully updated <strong>" . html_encode($fullname) . "'s</strong> access permissions to your account."; application_log("success", "Updated permissions for proxy_id [" . $PROCESSED["assigned_by"] . "] who is allowing [" . $PROCESSED["assigned_by"] . "] accecss to their account from " . date(DEFAULT_DATE_FORMAT, $PROCESSED["valid_from"]) . " until " . date(DEFAULT_DATE_FORMAT, $PROCESSED["valid_until"])); } else { $ERROR++; $ERRORSTR[] = "We were unable to update <strong>" . html_encode($fullname) . "'s</strong> access permissions to your account at this time. The system administrator has been informed of this, please try again later."; application_log("error", "Unable to update permissions for proxy_id [" . $PROCESSED["assigned_by"] . "] who is allowing [" . $PROCESSED["assigned_by"] . "] accecss to their account. Database said: " . $db->ErrorMsg()); } } else { if ($db->AutoExecute("permissions", $PROCESSED, "INSERT")) { $SUCCESS++; $SUCCESSSTR[] = "You successfully gave <strong>" . html_encode($fullname) . "</strong> access permissions to your account."; application_log("success", "Added permissions for proxy_id [" . $PROCESSED["assigned_by"] . "] who is allowing [" . $PROCESSED["assigned_by"] . "] accecss to their account from " . date(DEFAULT_DATE_FORMAT, $PROCESSED["valid_from"]) . " until " . date(DEFAULT_DATE_FORMAT, $PROCESSED["valid_until"])); } else { $ERROR++; $ERRORSTR[] = "We were unable to give <strong>" . html_encode($fullname) . "</strong> access permissions to your account at this time. The system administrator has been informed of this, please try again later."; application_log("error", "Unable to insert permissions for proxy_id [" . $PROCESSED["assigned_by"] . "] who is allowing [" . $PROCESSED["assigned_by"] . "] accecss to their account. Database said: " . $db->ErrorMsg()); } } } else { $ERROR++; $ERRORSTR[] = "The person that have selected to add as an assistant either does not exist in this system, or their account is not currently active.<br /><br />Please contact Denise Jones in the Undergrad office (613-533-6000 x77804) to get an account for the requested individual."; } } else { $ERROR++; $ERRORSTR[] = "You cannot add yourself as your own assistant, there is no need to do so."; } } else { $ERROR++; $ERRORSTR[] = "You must enter, then select the name of the person you wish to give access to your account permissions."; } } } else { $ERROR++; $ERRORSTR[] = "Your account does not have the required access levels to add assistants to your profile."; application_log("error", "User tried to add assistants to profile without an acceptable group & role."); } }