public function getOwnerPaperList($username, $types) { global $configObject; $allowaccess = false; $userObject = UserObject::get_instance(); $tmp_userID = $this->getUserID($username, true); if ($userObject->has_role('SysAdmin') or $userObject->has_role('Admin')) { $allowaccess = true; } else { if ($userObject->has_role('Staff') and $tmp_userID == $userObject->get_user_ID()) { $allowaccess = true; } else { if ($userObject->has_role('Student')) { // Students can not access this function $allowaccess = false; } } } if ($allowaccess == false) { return ''; } if ($tmp_userID == '') { return ''; } $staff_modules = UserUtils::list_staff_modules_by_userID($tmp_userID, $this->db); if (count($staff_modules) == 0) { // User is not on any teams. stop!! return array(); } $staff_modules_ids_str = ' OR idMod IN (' . implode(',', array_keys($staff_modules)) . ') '; switch ($types) { case 'formative': $typeSQL = " AND paper_type='0'"; break; case 'progresstest': $typeSQL = " AND paper_type='1'"; break; case 'summative': $typeSQL = " AND paper_type='2'"; break; case 'survey': $typeSQL = " AND paper_type='3'"; break; case 'osce': $typeSQL = " AND paper_type='4'"; break; case 'offline': $typeSQL = " AND paper_type='5'"; break; case 'notsummative': $typeSQL = " AND paper_type!='2'"; break; default: // return all paper types $typeSQL = ''; break; } $papers = array(); $paper_no = 0; $res = $this->db->prepare("SELECT \n properties.property_id, paper_title, paper_type, start_date, end_date, created, MAX(screen), title, surname, crypt_name \n FROM properties, papers, users, properties_modules \n WHERE \n properties.property_id = properties_modules.property_id AND\n properties.paper_ownerID=users.id AND \n properties.property_id=papers.paper AND \n (paper_ownerID=? {$staff_modules_ids_str}) {$typeSQL} AND \n deleted IS NULL \n GROUP BY property_id ORDER BY paper_title"); $res->bind_param('i', $tmp_userID); $res->execute(); $res->store_result(); $res->bind_result($property_id, $paper_title, $paper_type, $start_date, $end_date, $created, $screens, $title, $surname, $crypt_name); if ($res->num_rows == 0) { return json_encode($this->db->error); } else { while ($res->fetch()) { $papers[$paper_no]['id'] = $crypt_name; $papers[$paper_no]['title'] = $paper_title; $papers[$paper_no]['type'] = $this->qtypes[$paper_type]; $papers[$paper_no]['staff_url'] = NetworkUtils::get_protocol() . $_SERVER['HTTP_HOST'] . $configObject->get('cfg_root_path') . '/paper/details.php?paperID=' . $property_id; $papers[$paper_no]['student_url'] = NetworkUtils::get_protocol() . $_SERVER['HTTP_HOST'] . $configObject->get('cfg_root_path') . '/paper/user_index.php?id=' . $crypt_name; $papers[$paper_no]['start_date'] = $start_date; $papers[$paper_no]['end_date'] = $end_date; $papers[$paper_no]['created'] = $created; $papers[$paper_no]['screens'] = $screens; $papers[$paper_no]['owner'] = $title . ' ' . $surname; $paper_no++; } } $res->close(); return $papers; }