$sql[] = "DELETE FROM course_periods WHERE COURSE_ID='{$course['COURSE_ID']}'"; $sql[] = "DELETE FROM schedule WHERE COURSE_ID='{$course['COURSE_ID']}'"; $sql[] = "DELETE FROM schedule_requests WHERE COURSE_ID='{$course['COURSE_ID']}'"; } } foreach ($sql as $query) { DBQuery($query); } unset($_REQUEST['modfunc']); unset($_REQUEST['subject_id']); } } } } if ($_REQUEST['course_period_id']) { if (DeletePromptCommon($table)) { if (BlockDelete($table)) { foreach ($sql as $query) { DBQuery($query); } unset($_REQUEST['modfunc']); unset($_REQUEST['course_period_id']); } } } } if ($_REQUEST['modfunc'] == 'enter_standards') { //***********insertion of standard for course****** if ($_REQUEST['process'] == 'update') { $stand_added = 0; foreach ($_REQUEST['stand_arr'] as $key => $st_value) {
// $Sql_modify_column.=" NOT NULL"; // }else{ // $Sql_modify_column.=" NULL"; // } // if($custom_update['DEFAULT_SELECTION'] && $not_default==false){ // $Sql_modify_column.=" DEFAULT '".$custom_update['DEFAULT_SELECTION']."' "; // } // // DBQuery($Sql_modify_column); // } } unset($_REQUEST['tables']); } if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'delete') { if (clean_param($_REQUEST['id'], PARAM_INT)) { if (DeletePromptCommon('school field')) { $id = clean_param($_REQUEST['id'], PARAM_INT); DBQuery('DELETE FROM school_custom_fields WHERE ID=\'' . $id . '\''); DBQuery('ALTER TABLE schools DROP COLUMN CUSTOM_' . $id . ''); $_REQUEST['modfunc'] = ''; unset($_REQUEST['id']); } } } if ($_REQUEST['id'] && $_REQUEST['id'] != 'new') { $sql = "SELECT CATEGORY_ID,TITLE,TYPE,SELECT_OPTIONS,DEFAULT_SELECTION,SORT_ORDER,REQUIRED,REQUIRED,HIDE FROM school_custom_fields WHERE ID='{$_REQUEST['id']}'"; $RET = DBGet(DBQuery($sql)); $RET = $RET[1]; $title = $RET['TITLE']; } elseif ($_REQUEST['id'] == 'new') { $title = 'New School Field';
DBQuery($Sql_modify_column); } } unset($_REQUEST['tables']); } if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'delete') { if (clean_param($_REQUEST['id'], PARAM_INT)) { if (DeletePromptCommon('user field')) { $id = clean_param($_REQUEST['id'], PARAM_INT); DBQuery('DELETE FROM staff_fields WHERE ID=\'' . $id . '\''); DBQuery('ALTER TABLE staff DROP COLUMN CUSTOM_' . $id . ''); $_REQUEST['modfunc'] = ''; unset($_REQUEST['id']); } } elseif (clean_param($_REQUEST['category_id'], PARAM_INT)) { if (DeletePromptCommon('' . _('user field category and all fields in the category') . '')) { $fields = DBGet(DBQuery('SELECT ID FROM staff_fields WHERE CATEGORY_ID=\'' . $_REQUEST[category_id] . '\'')); foreach ($fields as $field) { DBQuery('DELETE FROM staff_fields WHERE ID=\'' . $field[ID] . '\''); DBQuery('ALTER TABLE staff DROP COLUMN CUSTOM_' . $field[ID] . ''); } DBQuery('DELETE FROM staff_field_categories WHERE ID=\'' . $_REQUEST[category_id] . '\''); // remove from profiles and permissions DBQuery('DELETE FROM profile_exceptions WHERE MODNAME=\'Users/User/Student.php&category_id=' . $_REQUEST[category_id] . '\''); DBQuery('DELETE FROM staff_exceptions WHERE MODNAME=\'Users/User.php&category_id=' . $_REQUEST[category_id] . '\''); $_REQUEST['modfunc'] = ''; unset($_REQUEST['category_id']); } } } if (!$_REQUEST['modfunc']) {
$has_assigned_RET = DBGet(DBQuery('SELECT COUNT(*) AS TOTAL_ASSIGNED FROM attendance_period WHERE ATTENDANCE_CODE=\'' . optional_param('id', '', PARAM_INT) . '\'')); $has_assigned = $has_assigned_RET[1]['TOTAL_ASSIGNED']; } else { $has_assigned = 0; } if ($has_assigned > 0) { UnableDeletePrompt('' . _('Cannot delete because attendance codes are associated.') . ''); } else { if ($_REQUEST['id']) { if (DeletePromptCommon('attendance code')) { //DBQuery("DELETE FROM attendance_codes WHERE ID='$_REQUEST[id]'"); DBQuery('DELETE FROM attendance_codes WHERE ID=\'' . optional_param('id', '', PARAM_INT) . '\''); unset($_REQUEST['modfunc']); } } elseif ($_REQUEST['table']) { if (DeletePromptCommon('category')) { DBQuery('DELETE FROM attendance_code_categories WHERE ID=\'' . $_REQUEST[table] . '\''); unset($_REQUEST['modfunc']); $_REQUEST['table'] = '0'; } } } } if ($_REQUEST['modfunc'] != 'remove') { if ($_REQUEST['table'] !== 'new') { // $sql = "SELECT ID,TITLE,SHORT_NAME,TYPE,DEFAULT_CODE,STATE_CODE,SORT_ORDER FROM attendance_codes WHERE SYEAR='".UserSyear()."' AND SCHOOL_ID='".UserSchool()."' AND TABLE_NAME='".$_REQUEST['table']."' ORDER BY SORT_ORDER,TITLE"; //$tabl=optional_param('table','',PARAM_ALPHANUM); $sql = 'SELECT ID,TITLE,SHORT_NAME,TYPE,DEFAULT_CODE,STATE_CODE,SORT_ORDER,TABLE_NAME FROM attendance_codes WHERE SYEAR=\'' . UserSyear() . '\' AND SCHOOL_ID=\'' . UserSchool() . '\' AND TABLE_NAME=\'' . $_REQUEST['table'] . '\' ORDER BY SORT_ORDER,TITLE'; $QI = DBQuery($sql); $attendance_codes_RET = DBGet($QI, array('TITLE' => '_makeTextInput', 'SHORT_NAME' => '_makeTextInput', 'SORT_ORDER' => '_makeTextInput', 'TYPE' => '_makeSelectInput', 'STATE_CODE' => '_makeSelectInput', 'DEFAULT_CODE' => '_makeCheckBoxInput')); }
$staff_id = $_REQUEST['staff_id']; } else { $staff_id = UserStaffID(); } //if(UserStudentID()) // echo '<IMG SRC=assets/pixel_trans.gif height=2>'; $RET = DBGet(DBQuery('SELECT FIRST_NAME,LAST_NAME FROM staff WHERE STAFF_ID=\'' . $staff_id . '\'')); $count_staff_RET = DBGet(DBQuery('SELECT COUNT(*) AS NUM FROM staff')); if ($count_staff_RET[1]['NUM'] > 1) { DrawHeaderHome('Selected User: '******'FIRST_NAME'] . ' ' . $RET[1]['LAST_NAME'] . ' (<A HREF=Side.php?staff_id=new&modcat=' . $_REQUEST['modcat'] . '><font color=red>Search Again</font></A>) | <A HREF=Modules.php?modname=' . $_REQUEST['modname'] . '&search_modfunc=list&next_modname=users/User.php&ajax=true&bottom_back=true&return_session=true target=body>Back to User List</A>'); } else { DrawHeaderHome('Selected User: '******'FIRST_NAME'] . ' ' . $RET[1]['LAST_NAME'] . ' (<A HREF=Side.php?staff_id=new&modcat=' . $_REQUEST['modcat'] . '><font color=red>Search Again</font></A>)'); } } if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'delete' && AllowEdit()) { if (DeletePromptCommon('student from that user', 'remove access to')) { DBQuery('DELETE FROM students_join_users WHERE STUDENT_ID=\'' . $_REQUEST[student_id] . '\' AND STAFF_ID=\'' . UserStaffID() . '\''); unset($_REQUEST['modfunc']); } } if ($_REQUEST['modfunc'] != 'delete') { if (!UserStaffID()) { Search('staff_id', 'parent'); } else { $profile = DBGet(DBQuery('SELECT PROFILE FROM staff WHERE STAFF_ID=\'' . UserStaffID() . '\'')); if ($profile[1]['PROFILE'] != 'parent') { unset($_SESSION['staff_id']); echo '<script language=JavaScript>parent.side.location="' . $_SESSION['Side_PHP_SELF'] . '?modcat="+parent.side.document.forms[0].modcat.value;</script>'; Search('staff_id', 'parent'); } }
if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'delete_calendar') { $colmn = Calender_Id; $cal_title = paramlib_validation($colmn, $_REQUEST[calendar_id]); $has_assigned_RET = DBGet(DBQuery('SELECT COUNT(*) AS TOTAL_ASSIGNED FROM student_enrollment WHERE CALENDAR_ID=' . $cal_title . '')); $has_assigned = $has_assigned_RET[1]['TOTAL_ASSIGNED']; if ($has_assigned == 0) { $has_assigned_RET = DBGet(DBQuery('SELECT COUNT(*) AS TOTAL_ASSIGNED FROM course_periods WHERE CALENDAR_ID=' . $cal_title . '')); $has_assigned_cp = $has_assigned_RET[1]['TOTAL_ASSIGNED']; } //$calendar_id = DBGet(DBQuery("SELECT ".db_seq_nextval('CALENDARS_SEQ')." AS CALENDAR_ID ".FROM_DUAL)); if ($has_assigned > 0) { UnableDeletePrompt('Cannot delete because students are enrolled in this calendar.'); } elseif ($has_assigned_cp > 0) { UnableDeletePrompt('Cannot delete because course periods are created on this calendar.'); } else { if (DeletePromptCommon('calendar')) { DBQuery('DELETE FROM attendance_calendar WHERE CALENDAR_ID=' . $cal_title . ''); DBQuery('DELETE FROM school_calendars WHERE CALENDAR_ID=' . $cal_title . ''); $default_RET = DBGet(DBQuery('SELECT CALENDAR_ID FROM school_calendars WHERE SYEAR=\'' . UserSyear() . '\' AND SCHOOL_ID=\'' . UserSchool() . '\' AND DEFAULT_CALENDAR=\'Y\'')); if (count($default_RET)) { $_REQUEST['calendar_id'] = $default_RET[1]['CALENDAR_ID']; } else { $calendars_RET = DBGet(DBQuery('SELECT CALENDAR_ID FROM school_calendars WHERE SYEAR=\'' . UserSyear() . '\' AND SCHOOL_ID=\'' . UserSchool() . '\'')); if (count($calendars_RET)) { $_REQUEST['calendar_id'] = $calendars_RET[1]['CALENDAR_ID']; } else { $error = array('There are no calendars yet setup.'); } } unset($_REQUEST['modfunc']); unset($_SESSION['_REQUEST_vars']['modfunc']);
# but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. # #*************************************************************************************** //$_openSIS['allow_edit'] = true; include '../../../Redirect_includes.php'; include_once 'modules/Students/includes/functions.php'; if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'delete' && User('PROFILE') == 'admin') { if (!$_REQUEST['delete_ok'] && !$_REQUEST['delete_cancel']) { echo '</FORM>'; } if (DeletePromptCommon($_REQUEST['title'])) { DBQuery("DELETE FROM {$_REQUEST['table']} WHERE ID='{$_REQUEST['id']}'"); unset($_REQUEST['modfunc']); } } if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'update') { //$existing_RET = DBGet(DBQuery("SELECT STUDENT_ID FROM student_mp_comments WHERE STUDENT_ID='".UserStudentID()."' AND SYEAR='".UserSyear()."' AND MARKING_PERIOD_ID='".GetParentMP('SEM',UserMP())."'")); //if(!$existing_RET) // DBQuery("INSERT INTO student_mp_comments (SYEAR,STUDENT_ID,MARKING_PERIOD_ID) values('".UserSyear()."','".UserStudentID()."','".GetParentMP('SEM',UserMP())."')"); // SaveData(array('student_mp_comments'=>"STUDENT_ID='".UserStudentID()."' AND SYEAR='".UserSyear()."' AND MARKING_PERIOD_ID='".GetParentMP('SEM',UserMP())."'"),'',array('COMMENT'=>'Comment','STAFF_ID'=>UserStaffID())); unset($_SESSION['_REQUEST_vars']['modfunc']); unset($_SESSION['_REQUEST_vars']['values']); } if (!$_REQUEST['modfunc']) { //$comments_RET = DBGet(DBQuery("SELECT COMMENT FROM student_mp_comments WHERE STUDENT_ID='".UserStudentID()."' AND SYEAR='".UserSyear()."' AND MARKING_PERIOD_ID='".GetParentMP('SEM',UserMP())."'")); echo '<TABLE>';
UnableDeletePromptMod($msg, '', $queryString); } else { if ($_REQUEST['id']) { if (DeletePromptCommon('student field')) { $id = $_REQUEST['id']; DBQuery("DELETE FROM custom_fields WHERE ID='{$id}'"); DBQuery("ALTER TABLE students DROP COLUMN CUSTOM_{$id}"); $_REQUEST['modfunc'] = ''; unset($_REQUEST['id']); } } elseif ($_REQUEST['category_id']) { if ($deletable_category == FALSE) { $msg = 'Cannot delete because student fields are associated.'; $queryString = 'category_id=' . $_REQUEST['category_id']; UnableDeletePromptMod($msg, '', $queryString); } elseif (DeletePromptCommon('student field category and all fields in the category')) { $fields = DBGet(DBQuery("SELECT ID FROM custom_fields WHERE SYSTEM_FIELD='N' AND CATEGORY_ID='{$_REQUEST['category_id']}'")); foreach ($fields as $field) { DBQuery("DELETE FROM custom_fields WHERE ID='{$field['ID']}'"); DBQuery("ALTER TABLE students DROP COLUMN CUSTOM_{$field['ID']}"); } DBQuery("DELETE FROM student_field_categories WHERE ID='{$_REQUEST['category_id']}'"); // remove from profiles and permissions DBQuery("DELETE FROM profile_exceptions WHERE MODNAME='students/Student.php&category_id={$_REQUEST['category_id']}'"); $_REQUEST['modfunc'] = ''; unset($_REQUEST['category_id']); } } } } if (!$_REQUEST['modfunc']) {
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. # #*************************************************************************************** include '../../../RedirectIncludes.php'; include_once 'modules/students/includes/FunctionsInc.php'; if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'delete') { if (User('PROFILE') == 'admin' || User('PROFILE') == 'teacher') { if (!$_REQUEST['delete_ok'] && !$_REQUEST['delete_cancel']) { echo '</FORM>'; } if ($_REQUEST[staff_id] == User('STAFF_ID')) { if (DeletePromptCommon('comment')) { DBQuery("DELETE FROM {$_REQUEST['table']} WHERE ID='{$_REQUEST['id']}'"); unset($_REQUEST['modfunc']); } } else { echo '<BR>'; PopTable('header', 'Alert Message'); echo "<CENTER><h4>You can not delete comment of another user.</h4><br><FORM action={$PHP_tmp_SELF} METHOD=POST><INPUT type=button class=btn_medium name=delete_cancel value=Ok onclick='window.location=\"Modules.php?modname=" . $_REQUEST['modname'] . "&category_id=" . $_REQUEST['category_id'] . "&table=" . $_REQUEST['table'] . "&include=" . $_REQUEST['include'] . "&subject_id=" . $_REQUEST['subject_id'] . "&course_id=" . $_REQUEST['course_id'] . "&course_period_id=" . $_REQUEST['course_period_id'] . "\"'></FORM></CENTER>"; PopTable('footer'); unset($_REQUEST['modfunc']); return false; } } } if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'update') { unset($_SESSION['_REQUEST_vars']['modfunc']);