<?php require_once "header.php"; if ($session->is_logged_in()) { $loggeduser = User::get_by_id($session->user_id); } $pathinfo = pathinfo($_SERVER["PHP_SELF"]); $basename = $pathinfo["basename"]; $currentFile = str_replace(".php", "", $basename); $pageURL = "http://{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}"; echo "<input id='batchid' type='hidden' value='" . $_GET['id'] . "'>"; if (isset($_GET['id'])) { $batch = Batch::get_by_id($_GET['id']); $school = School::get_by_id($batch->schoolid); $batchUsers = BatchUser::getUsersInBatch($batch->id); if ($session->is_logged_in()) { if (!User::get_by_id($session->user_id)->is_super_admin()) { if ($batch->pending == 1 || $batch->enabled == 0) { header("location: index.php?negative"); } } } else { if ($batch->pending == 1 || $batch->enabled == 0) { header("location: index.php?negative"); } } } else { header("location: index.php?negative"); } ?>
if ($_POST['oper'] == 'edit') { $batch = Batch::get_by_id($_POST['id']); $batch->comments = $_POST['comments']; $batch->about = $_POST['about']; $batch->pending = $_POST['pending']; $batch->enabled = $_POST['enabled']; $batch->fromyear = $_POST['fromyear']; $batch->schoolid = $_POST['schoolid']; $batch->update(); $log = new Log($session->user_id, $clientip, "WEB", "UPDATED BATCH: " . $_POST['id']); $log->create(); } else { if ($_POST['oper'] == 'del') { $log = new Log($session->user_id, $clientip, "WEB", "DELETED BATCH: " . $_POST['id']); $log->create(); $batch = Batch::get_by_id($_POST['id']); SectionUser::delete_all_by_schoolid($batch->schoolid); Section::delete_all_by_schoolid($batch->schoolid); BatchUser::delete_all_by_batchid($batch->id); $folder_path = "../../public/schools/" . $batch->schoolid . "/yearbooks/" . $batch->id; rrmdir($folder_path); $batch->delete(); } } } function rrmdir($dir) { foreach (glob($dir . '/*') as $file) { if (is_dir($file)) { rrmdir($file); } else {
<?php require_once "header.php"; if (isset($_GET['id'])) { $object = Batch::get_by_id($_GET['id']); if ($batch == false || $batch == null || $batch == "") { header("location: index.php"); } else { $school = School::get_by_id($object->schoolid); //$batchname = $school->name." ".$object->get_batchyear(); $batchname = $object->get_batchyear(); } } else { header("location: index.php?negative"); } if (!$session->is_logged_in()) { header("location: index.php?negative"); } else { $user = User::get_by_id($session->user_id); if ($user->enabled == DISABLED) { header("location: index.php?disabled"); } if (!BatchUser::amIAdmin($session->user_id, $object->id) && !SchoolUser::amIAdmin($session->user_id, $object->schoolid) && !$user->is_super_admin()) { header("location: index.php?negative"); } } $pathinfo = pathinfo($_SERVER["PHP_SELF"]); $basename = $pathinfo["basename"]; $currentFile = str_replace(".php", "", $basename); ?> <div class="container-fluid">
$sections = Section::get_by_sql("SELECT * FROM " . T_SECTIONS . " WHERE " . $where . " AND " . $where2 . " ORDER BY {$sidx} {$sord} LIMIT {$start} , {$limit}"); } else { $sections = Section::get_by_sql("SELECT * FROM " . T_SECTIONS . " WHERE " . $where2 . " ORDER BY {$sidx} {$sord} LIMIT {$start} , {$limit}"); } header("Content-type: text/xml;charset=utf-8"); $s = "<?xml version='1.0' encoding='utf-8'?>"; $s .= "<rows>"; $s .= "<page>" . $page . "</page>"; $s .= "<total>" . $total_pages . "</total>"; $s .= "<records>" . $count . "</records>"; foreach ($sections as $section) { $school = School::get_by_id($section->schoolid); if (!$school) { $school = new School(); } $batch = Batch::get_by_id($section->batchid); if (!$batch) { $batch = new Batch(); } $s .= "<row id='" . $section->id . "'>"; $s .= "<cell></cell>"; $s .= "<cell>" . $section->id . "</cell>"; $s .= "<cell>" . $school->id . "</cell>"; $s .= "<cell>" . $school->name . "</cell>"; $s .= "<cell>" . $batch->id . "</cell>"; $s .= "<cell>" . $batch->get_batchyear() . "</cell>"; $s .= "<cell>" . $section->name . "</cell>"; $s .= "<cell>" . $section->about . "</cell>"; $s .= "<cell>" . $section->picture . "</cell>"; $s .= "<cell>" . $section->date . "</cell>"; $s .= "<cell>" . $section->comments . "</cell>";
echo "<option value='" . $schooladmin->schoolid . "'>" . School::get_by_id($schooladmin->schoolid)->name . "</option>"; } } else { echo "<option value='0'>NO SCHOOLS YET</option>"; } ?> </select> <select name="batchselect" id="batchselect"> <?php if (count($schooladmins) > 0) { $onlyschool = School::get_by_id($schooladmins[0]->schoolid); $batchadmins = BatchUser::getAdminBatchs($session->user_id, $onlyschool->id); if (count($batchadmins) > 0) { foreach ($batchadmins as $batchadmin) { $batchselect = Batch::get_by_id($batchadmin->batchid); echo "<option value='" . $batchadmin->batchid . "'>" . $batchselect->fromyear . "-" . ($batchselect->fromyear + 1) . "</option>"; } } else { echo "<option value='0'>NO BATCHS YET</option>"; } } ?> </select> <br/> <div class="accordion" id="accordion2"> <div class="accordion-group" id="pagescontent"> </div>
<tr><td class="myheader">Address</td></tr> <tr><td><?php echo $user->address; ?> </td></tr> </table> </div> <div class="span4 boxcontent"> <span class="myheader2">Graduated At</span> <table> <tr><td class="myheader">Batchs</td></tr> <?php if (count($batchusers) > 0) { foreach ($batchusers as $batchuser) { $batch = Batch::get_by_id($batchuser->batchid); $school = School::get_by_id($batch->schoolid); if ($batch->pending == 0 && $batch->enabled == 1 && $school->pending == 0 && $school->enabled == 1) { echo "<tr><td><a href='batch.php?id=" . $batch->id . "'>" . $school->name . " " . $batch->get_batchyear() . "</a></td></tr>"; } } } ?> </table> </div> <div class="span4 boxcontent"> <span class="myheader2">Other</span> <table data-provides="rowlink"> <tr><td class="myheader">Jobs</td></tr> <?php
<?php require_once "../initialize.php"; $message = ""; if (isset($_POST['sectionid']) && $_POST['sectionid'] != "" && isset($_POST['batchselect']) && $_POST['batchselect'] != "" && isset($_POST['name']) && $_POST['name'] != "") { $object = Section::get_by_id($_POST['sectionid']); $batch = Batch::get_by_id($_POST['batchselect']); $file = new File($_FILES['cover']); if ($file->valid) { $object->picture = $file->data; } else { $object->picture = base64_decode($object->picture); } if ($object->name == $_POST['name'] && $object->batchid == $batch->id) { $object->comments = $_POST['comments']; $object->about = $_POST['about']; $object->advisermessage = $_POST['advisermessage']; $object->comments = $_POST['comments']; $object->fbcomments = $_POST['fbcomments']; $object->enabled = $_POST['enabled']; $object->update(); $log = new Log($session->user_id, $clientip, "WEB", "UPDATED SECTION: " . $object->id); $log->create(); $message = "success"; } else { if ($batch != false && $batch != null && $batch != "") { if (!Section::section_exists($_POST['name'], $batch->id)) { $object->batchid = $batch->id; $object->name = $_POST['name']; $object->about = $_POST['about']; $object->advisermessage = $_POST['advisermessage'];
} else { if ($notification->itemtype == "schooluser") { $object = SchoolUser::get_by_id($notification->itemid); $school = School::get_by_id($object->schoolid); $html .= "Now a member in School <a href='school.php?id=" . $school->id . "'>" . $school->name . "</a>"; } else { if ($notification->itemtype == "batchuser") { $object = BatchUser::get_by_id($notification->itemid); $batch = Batch::get_by_id($object->batchid); $school = School::get_by_id($object->schoolid); $html .= "Now a member in Batch <a href='batch.php?id=" . $batch->id . "'>" . $batch->get_batchyear() . "</a> of School <a href='school.php?id=" . $school->id . "'>" . $school->name . "</a>"; } else { if ($notification->itemtype == "sectionuser") { $object = SectionUser::get_by_id($notification->itemid); $section = Section::get_by_id($object->sectionid); $batch = Batch::get_by_id($object->batchid); $school = School::get_by_id($object->schoolid); $html .= "Now a member in Section <a href='section.php?id=" . $section->id . "'>" . $section->name . "</a> of Batch <a href='batch.php?id=" . $batch->id . "'>" . $batch->get_batchyear() . "</a> of School <a href='school.php?id=" . $school->id . "'>" . $school->name . "</a>"; } else { if ($notification->itemtype == "clubuser") { $object = ClubUser::get_by_id($notification->itemid); $club = Club::get_by_id($object->clubid); $school = School::get_by_id($object->schoolid); $html .= "Now a member in Club <a href='club.php?id=" . $club->id . "'>" . $club->name . "</a> of School <a href='school.php?id=" . $school->id . "'>" . $school->name . "</a>"; } else { if ($notification->itemtype == "groupuser") { $object = GroupUser::get_by_id($notification->itemid); $group = Group::get_by_id($object->groupid); $school = School::get_by_id($object->schoolid); $html .= "Now a member in Group <a href='group.php?id=" . $group->id . "'>" . $group->name . "</a> of School <a href='school.php?id=" . $school->id . "'>" . $school->name . "</a>"; }
} $log = new Log($session->userid, $clientip, "WEB", "DELETED MULTIPLE SCHOOLS"); $log->create(); $response = "success"; } else { if ($what == "schooluser") { foreach ($ids as $id) { SchoolUser::get_by_id($id)->delete(); } $log = new Log($session->userid, $clientip, "WEB", "DELETED MULTIPLE SCHOOLUSERS"); $log->create(); $response = "success"; } else { if ($what == "batch") { foreach ($ids as $id) { $batch = Batch::get_by_id($id); SectionUser::delete_all_by_schoolid($batch->schoolid); Section::delete_all_by_schoolid($batch->schoolid); BatchUser::delete_all_by_batchid($batch->id); $folder_path = "../../public/schools/" . $batch->schoolid . "/yearbooks/" . $batch->get_batchyear(); rrmdir($folder_path); $batch->delete(); } $log = new Log($session->userid, $clientip, "WEB", "DELETED MULTIPLE BATCHS"); $log->create(); $response = "success"; } else { if ($what == "batchuser") { foreach ($ids as $id) { BatchUser::get_by_id($id)->delete(); }
<?php require_once "../initialize.php"; $sectionsselect = null; if (isset($_GET["batchid"])) { if (is_numeric($_GET["batchid"])) { $batch = Batch::get_by_id($_GET["batchid"]); if (SchoolUser::amIAdmin($session->user_id, $batch->schoolid) || BatchUser::amIAdmin($session->user_id, $batch->id)) { $sections = Section::get_all_by_batchid($batch->id); if (count($sections) > 0) { foreach ($sections as $section) { $sectionsselect .= "<option value='" . $section->id . "'>" . $section->name . "</option>"; } if (User::get_by_id($session->user_id)->is_super_admin()) { $sectionsselect .= "<option value='NOTHING'>NOTHING</option>"; } } else { $sectionsselect .= "<option value='0'>NO SECTIONS YET</option>"; } } else { $sectionadmins = SectionUser::getSectionsIAdminInBatch($session->user_id, $_GET["batchid"]); if (count($sectionadmins) > 0) { foreach ($sectionadmins as $sectionadmin) { $section = Section::get_by_id($sectionadmin->sectionid); $sectionsselect .= "<option value='" . $section->id . "'>" . $section->name . "</option>"; } if (User::get_by_id($session->user_id)->is_super_admin()) { $sectionsselect .= "<option value='NOTHING'>NOTHING</option>"; } } else { $sectionsselect .= "<option value='0'>NO SECTIONS YET</option>";
<?php require_once "../initialize.php"; $message = ""; if (isset($_POST['batchid']) && $_POST['batchid'] != "" && isset($_POST['fromyear']) && $_POST['fromyear'] != "" && isset($_POST['about']) && $_POST['about'] != "") { if (strtotime(date("Y-m-d")) < strtotime($_POST['pubdate'])) { //$school = School::get_by_id($_POST['schoolselect']); $object = Batch::get_by_id($_POST['batchid']); $school = School::get_by_id(CSNTRID); if ($school != false && $school != null && $school != "") { if (!Batch::batch_exists($_POST['fromyear'], $school->id) || $object->fromyear == $_POST['fromyear']) { $file = new File($_FILES['cover']); if ($file->valid) { $object->picture = $file->data; } else { $object->picture = base64_decode($object->picture); } $object->fromyear = $_POST['fromyear']; $object->about = $_POST['about']; $object->comments = $_POST['comments']; $object->fbcomments = $_POST['fbcomments']; $object->enabled = $_POST['enabled']; if (isset($_POST['pubdate'])) { $object->pubdate = $_POST['pubdate']; } //$object->schoolid = $school->id; $object->update(); $log = new Log($session->user_id, $clientip, "WEB", "UPDATED BATCH: " . $object->id); $log->create(); $message = "success"; } else {
<?php require_once "../initialize.php"; $batchsselect = null; if (isset($_GET["schoolid"])) { if (SchoolUser::amIAdmin($session->user_id, $_GET["schoolid"])) { $batchadmins = BatchUser::getBatchsImIn($session->user_id); } else { $batchadmins = BatchUser::getBatchsIAdminInSchool($session->user_id, $_GET["schoolid"]); } if (count($batchadmins) > 0) { foreach ($batchadmins as $batchadmin) { $batch = Batch::get_by_id($batchadmin->batchid); $batchsselect .= "<option value='" . $batch->id . "'>" . $batch->fromyear . "-" . ($batch->fromyear + 1) . "</option>"; } if (User::get_by_id($session->user_id)->is_super_admin()) { $batchsselect .= "<option value='NOTHING'>NOTHING</option>"; } } else { $batchsselect .= "<option value='0'>NO BATCHS YET</option>"; } if (User::get_by_id($session->user_id)->is_super_admin()) { $batchsselect = ""; $batchs = Batch::get_all(); if (count($batchs) > 0) { foreach ($batchs as $batch) { $batchsselect .= "<option value='" . $batch->id . "'>" . $batch->fromyear . "-" . ($batch->fromyear + 1) . "</option>"; } $batchsselect .= "<option value='NOTHING'>NOTHING</option>"; } else { $batchsselect .= "<option value='0'>NO BATCHS YET</option>";