Пример #1
0
                            $sql[] = "DELETE FROM course_periods WHERE COURSE_ID='{$course['COURSE_ID']}'";
                            $sql[] = "DELETE FROM schedule WHERE COURSE_ID='{$course['COURSE_ID']}'";
                            $sql[] = "DELETE FROM schedule_requests WHERE COURSE_ID='{$course['COURSE_ID']}'";
                        }
                    }
                    foreach ($sql as $query) {
                        DBQuery($query);
                    }
                    unset($_REQUEST['modfunc']);
                    unset($_REQUEST['subject_id']);
                }
            }
        }
    }
    if ($_REQUEST['course_period_id']) {
        if (DeletePromptCommon($table)) {
            if (BlockDelete($table)) {
                foreach ($sql as $query) {
                    DBQuery($query);
                }
                unset($_REQUEST['modfunc']);
                unset($_REQUEST['course_period_id']);
            }
        }
    }
}
if ($_REQUEST['modfunc'] == 'enter_standards') {
    //***********insertion of standard for course******
    if ($_REQUEST['process'] == 'update') {
        $stand_added = 0;
        foreach ($_REQUEST['stand_arr'] as $key => $st_value) {
Пример #2
0
        //                        $Sql_modify_column.=" NOT NULL";
        //                    }else{
        //                        $Sql_modify_column.=" NULL";
        //                    }
        //                    if($custom_update['DEFAULT_SELECTION'] && $not_default==false){
        //                        $Sql_modify_column.=" DEFAULT  '".$custom_update['DEFAULT_SELECTION']."' ";
        //                    }
        //
        //                    DBQuery($Sql_modify_column);
        //              }
    }
    unset($_REQUEST['tables']);
}
if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'delete') {
    if (clean_param($_REQUEST['id'], PARAM_INT)) {
        if (DeletePromptCommon('school field')) {
            $id = clean_param($_REQUEST['id'], PARAM_INT);
            DBQuery('DELETE FROM school_custom_fields WHERE ID=\'' . $id . '\'');
            DBQuery('ALTER TABLE schools DROP COLUMN CUSTOM_' . $id . '');
            $_REQUEST['modfunc'] = '';
            unset($_REQUEST['id']);
        }
    }
}
if ($_REQUEST['id'] && $_REQUEST['id'] != 'new') {
    $sql = "SELECT CATEGORY_ID,TITLE,TYPE,SELECT_OPTIONS,DEFAULT_SELECTION,SORT_ORDER,REQUIRED,REQUIRED,HIDE FROM school_custom_fields WHERE ID='{$_REQUEST['id']}'";
    $RET = DBGet(DBQuery($sql));
    $RET = $RET[1];
    $title = $RET['TITLE'];
} elseif ($_REQUEST['id'] == 'new') {
    $title = 'New School Field';
Пример #3
0
            DBQuery($Sql_modify_column);
        }
    }
    unset($_REQUEST['tables']);
}
if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'delete') {
    if (clean_param($_REQUEST['id'], PARAM_INT)) {
        if (DeletePromptCommon('user field')) {
            $id = clean_param($_REQUEST['id'], PARAM_INT);
            DBQuery('DELETE FROM staff_fields WHERE ID=\'' . $id . '\'');
            DBQuery('ALTER TABLE staff DROP COLUMN CUSTOM_' . $id . '');
            $_REQUEST['modfunc'] = '';
            unset($_REQUEST['id']);
        }
    } elseif (clean_param($_REQUEST['category_id'], PARAM_INT)) {
        if (DeletePromptCommon('' . _('user field category and all fields in the category') . '')) {
            $fields = DBGet(DBQuery('SELECT ID FROM staff_fields WHERE CATEGORY_ID=\'' . $_REQUEST[category_id] . '\''));
            foreach ($fields as $field) {
                DBQuery('DELETE FROM staff_fields WHERE ID=\'' . $field[ID] . '\'');
                DBQuery('ALTER TABLE staff DROP COLUMN CUSTOM_' . $field[ID] . '');
            }
            DBQuery('DELETE FROM staff_field_categories WHERE ID=\'' . $_REQUEST[category_id] . '\'');
            // remove from profiles and permissions
            DBQuery('DELETE FROM profile_exceptions WHERE MODNAME=\'Users/User/Student.php&category_id=' . $_REQUEST[category_id] . '\'');
            DBQuery('DELETE FROM staff_exceptions WHERE MODNAME=\'Users/User.php&category_id=' . $_REQUEST[category_id] . '\'');
            $_REQUEST['modfunc'] = '';
            unset($_REQUEST['category_id']);
        }
    }
}
if (!$_REQUEST['modfunc']) {
Пример #4
0
        $has_assigned_RET = DBGet(DBQuery('SELECT COUNT(*) AS TOTAL_ASSIGNED FROM attendance_period WHERE ATTENDANCE_CODE=\'' . optional_param('id', '', PARAM_INT) . '\''));
        $has_assigned = $has_assigned_RET[1]['TOTAL_ASSIGNED'];
    } else {
        $has_assigned = 0;
    }
    if ($has_assigned > 0) {
        UnableDeletePrompt('' . _('Cannot delete because attendance codes are associated.') . '');
    } else {
        if ($_REQUEST['id']) {
            if (DeletePromptCommon('attendance code')) {
                //DBQuery("DELETE FROM attendance_codes WHERE ID='$_REQUEST[id]'");
                DBQuery('DELETE FROM attendance_codes WHERE ID=\'' . optional_param('id', '', PARAM_INT) . '\'');
                unset($_REQUEST['modfunc']);
            }
        } elseif ($_REQUEST['table']) {
            if (DeletePromptCommon('category')) {
                DBQuery('DELETE FROM attendance_code_categories WHERE ID=\'' . $_REQUEST[table] . '\'');
                unset($_REQUEST['modfunc']);
                $_REQUEST['table'] = '0';
            }
        }
    }
}
if ($_REQUEST['modfunc'] != 'remove') {
    if ($_REQUEST['table'] !== 'new') {
        // $sql = "SELECT ID,TITLE,SHORT_NAME,TYPE,DEFAULT_CODE,STATE_CODE,SORT_ORDER FROM attendance_codes WHERE SYEAR='".UserSyear()."' AND SCHOOL_ID='".UserSchool()."' AND TABLE_NAME='".$_REQUEST['table']."' ORDER BY SORT_ORDER,TITLE";
        //$tabl=optional_param('table','',PARAM_ALPHANUM);
        $sql = 'SELECT ID,TITLE,SHORT_NAME,TYPE,DEFAULT_CODE,STATE_CODE,SORT_ORDER,TABLE_NAME FROM attendance_codes WHERE SYEAR=\'' . UserSyear() . '\' AND SCHOOL_ID=\'' . UserSchool() . '\' AND TABLE_NAME=\'' . $_REQUEST['table'] . '\' ORDER BY SORT_ORDER,TITLE';
        $QI = DBQuery($sql);
        $attendance_codes_RET = DBGet($QI, array('TITLE' => '_makeTextInput', 'SHORT_NAME' => '_makeTextInput', 'SORT_ORDER' => '_makeTextInput', 'TYPE' => '_makeSelectInput', 'STATE_CODE' => '_makeSelectInput', 'DEFAULT_CODE' => '_makeCheckBoxInput'));
    }
Пример #5
0
        $staff_id = $_REQUEST['staff_id'];
    } else {
        $staff_id = UserStaffID();
    }
    //if(UserStudentID())
    //	echo '<IMG SRC=assets/pixel_trans.gif height=2>';
    $RET = DBGet(DBQuery('SELECT FIRST_NAME,LAST_NAME FROM staff WHERE STAFF_ID=\'' . $staff_id . '\''));
    $count_staff_RET = DBGet(DBQuery('SELECT COUNT(*) AS NUM FROM staff'));
    if ($count_staff_RET[1]['NUM'] > 1) {
        DrawHeaderHome('Selected User: '******'FIRST_NAME'] . '&nbsp;' . $RET[1]['LAST_NAME'] . ' (<A HREF=Side.php?staff_id=new&modcat=' . $_REQUEST['modcat'] . '><font color=red>Search Again</font></A>) | <A HREF=Modules.php?modname=' . $_REQUEST['modname'] . '&search_modfunc=list&next_modname=users/User.php&ajax=true&bottom_back=true&return_session=true target=body>Back to User List</A>');
    } else {
        DrawHeaderHome('Selected User: '******'FIRST_NAME'] . '&nbsp;' . $RET[1]['LAST_NAME'] . ' (<A HREF=Side.php?staff_id=new&modcat=' . $_REQUEST['modcat'] . '><font color=red>Search Again</font></A>)');
    }
}
if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'delete' && AllowEdit()) {
    if (DeletePromptCommon('student from that user', 'remove access to')) {
        DBQuery('DELETE FROM students_join_users WHERE STUDENT_ID=\'' . $_REQUEST[student_id] . '\' AND STAFF_ID=\'' . UserStaffID() . '\'');
        unset($_REQUEST['modfunc']);
    }
}
if ($_REQUEST['modfunc'] != 'delete') {
    if (!UserStaffID()) {
        Search('staff_id', 'parent');
    } else {
        $profile = DBGet(DBQuery('SELECT PROFILE FROM staff WHERE STAFF_ID=\'' . UserStaffID() . '\''));
        if ($profile[1]['PROFILE'] != 'parent') {
            unset($_SESSION['staff_id']);
            echo '<script language=JavaScript>parent.side.location="' . $_SESSION['Side_PHP_SELF'] . '?modcat="+parent.side.document.forms[0].modcat.value;</script>';
            Search('staff_id', 'parent');
        }
    }
Пример #6
0
if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'delete_calendar') {
    $colmn = Calender_Id;
    $cal_title = paramlib_validation($colmn, $_REQUEST[calendar_id]);
    $has_assigned_RET = DBGet(DBQuery('SELECT COUNT(*) AS TOTAL_ASSIGNED FROM student_enrollment WHERE CALENDAR_ID=' . $cal_title . ''));
    $has_assigned = $has_assigned_RET[1]['TOTAL_ASSIGNED'];
    if ($has_assigned == 0) {
        $has_assigned_RET = DBGet(DBQuery('SELECT COUNT(*) AS TOTAL_ASSIGNED FROM course_periods WHERE CALENDAR_ID=' . $cal_title . ''));
        $has_assigned_cp = $has_assigned_RET[1]['TOTAL_ASSIGNED'];
    }
    //$calendar_id = DBGet(DBQuery("SELECT ".db_seq_nextval('CALENDARS_SEQ')." AS CALENDAR_ID ".FROM_DUAL));
    if ($has_assigned > 0) {
        UnableDeletePrompt('Cannot delete because students are enrolled in this calendar.');
    } elseif ($has_assigned_cp > 0) {
        UnableDeletePrompt('Cannot delete because course periods are created on this calendar.');
    } else {
        if (DeletePromptCommon('calendar')) {
            DBQuery('DELETE FROM attendance_calendar WHERE CALENDAR_ID=' . $cal_title . '');
            DBQuery('DELETE FROM school_calendars WHERE CALENDAR_ID=' . $cal_title . '');
            $default_RET = DBGet(DBQuery('SELECT CALENDAR_ID FROM school_calendars WHERE SYEAR=\'' . UserSyear() . '\' AND SCHOOL_ID=\'' . UserSchool() . '\' AND DEFAULT_CALENDAR=\'Y\''));
            if (count($default_RET)) {
                $_REQUEST['calendar_id'] = $default_RET[1]['CALENDAR_ID'];
            } else {
                $calendars_RET = DBGet(DBQuery('SELECT CALENDAR_ID FROM school_calendars WHERE SYEAR=\'' . UserSyear() . '\' AND SCHOOL_ID=\'' . UserSchool() . '\''));
                if (count($calendars_RET)) {
                    $_REQUEST['calendar_id'] = $calendars_RET[1]['CALENDAR_ID'];
                } else {
                    $error = array('There are no calendars yet setup.');
                }
            }
            unset($_REQUEST['modfunc']);
            unset($_SESSION['_REQUEST_vars']['modfunc']);
Пример #7
0
#  but WITHOUT ANY WARRANTY; without even the implied warranty of
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#  GNU General Public License for more details.
#
#  You should have received a copy of the GNU General Public License
#  along with this program.  If not, see <http://www.gnu.org/licenses/>.
#
#***************************************************************************************
//$_openSIS['allow_edit'] = true;
include '../../../Redirect_includes.php';
include_once 'modules/Students/includes/functions.php';
if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'delete' && User('PROFILE') == 'admin') {
    if (!$_REQUEST['delete_ok'] && !$_REQUEST['delete_cancel']) {
        echo '</FORM>';
    }
    if (DeletePromptCommon($_REQUEST['title'])) {
        DBQuery("DELETE FROM {$_REQUEST['table']} WHERE ID='{$_REQUEST['id']}'");
        unset($_REQUEST['modfunc']);
    }
}
if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'update') {
    //$existing_RET = DBGet(DBQuery("SELECT STUDENT_ID FROM student_mp_comments WHERE STUDENT_ID='".UserStudentID()."' AND SYEAR='".UserSyear()."' AND MARKING_PERIOD_ID='".GetParentMP('SEM',UserMP())."'"));
    //if(!$existing_RET)
    //	DBQuery("INSERT INTO student_mp_comments (SYEAR,STUDENT_ID,MARKING_PERIOD_ID) values('".UserSyear()."','".UserStudentID()."','".GetParentMP('SEM',UserMP())."')");
    //   SaveData(array('student_mp_comments'=>"STUDENT_ID='".UserStudentID()."' AND SYEAR='".UserSyear()."' AND MARKING_PERIOD_ID='".GetParentMP('SEM',UserMP())."'"),'',array('COMMENT'=>'Comment','STAFF_ID'=>UserStaffID()));
    unset($_SESSION['_REQUEST_vars']['modfunc']);
    unset($_SESSION['_REQUEST_vars']['values']);
}
if (!$_REQUEST['modfunc']) {
    //$comments_RET = DBGet(DBQuery("SELECT COMMENT FROM student_mp_comments WHERE STUDENT_ID='".UserStudentID()."' AND SYEAR='".UserSyear()."' AND MARKING_PERIOD_ID='".GetParentMP('SEM',UserMP())."'"));
    echo '<TABLE>';
Пример #8
0
        UnableDeletePromptMod($msg, '', $queryString);
    } else {
        if ($_REQUEST['id']) {
            if (DeletePromptCommon('student field')) {
                $id = $_REQUEST['id'];
                DBQuery("DELETE FROM custom_fields WHERE ID='{$id}'");
                DBQuery("ALTER TABLE students DROP COLUMN CUSTOM_{$id}");
                $_REQUEST['modfunc'] = '';
                unset($_REQUEST['id']);
            }
        } elseif ($_REQUEST['category_id']) {
            if ($deletable_category == FALSE) {
                $msg = 'Cannot delete because student fields are associated.';
                $queryString = 'category_id=' . $_REQUEST['category_id'];
                UnableDeletePromptMod($msg, '', $queryString);
            } elseif (DeletePromptCommon('student field category and all fields in the category')) {
                $fields = DBGet(DBQuery("SELECT ID FROM custom_fields WHERE SYSTEM_FIELD='N' AND CATEGORY_ID='{$_REQUEST['category_id']}'"));
                foreach ($fields as $field) {
                    DBQuery("DELETE FROM custom_fields WHERE ID='{$field['ID']}'");
                    DBQuery("ALTER TABLE students DROP COLUMN CUSTOM_{$field['ID']}");
                }
                DBQuery("DELETE FROM student_field_categories WHERE ID='{$_REQUEST['category_id']}'");
                // remove from profiles and permissions
                DBQuery("DELETE FROM profile_exceptions WHERE MODNAME='students/Student.php&category_id={$_REQUEST['category_id']}'");
                $_REQUEST['modfunc'] = '';
                unset($_REQUEST['category_id']);
            }
        }
    }
}
if (!$_REQUEST['modfunc']) {
Пример #9
0
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#  GNU General Public License for more details.
#
#  You should have received a copy of the GNU General Public License
#  along with this program.  If not, see <http://www.gnu.org/licenses/>.
#
#***************************************************************************************
include '../../../RedirectIncludes.php';
include_once 'modules/students/includes/FunctionsInc.php';
if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'delete') {
    if (User('PROFILE') == 'admin' || User('PROFILE') == 'teacher') {
        if (!$_REQUEST['delete_ok'] && !$_REQUEST['delete_cancel']) {
            echo '</FORM>';
        }
        if ($_REQUEST[staff_id] == User('STAFF_ID')) {
            if (DeletePromptCommon('comment')) {
                DBQuery("DELETE FROM {$_REQUEST['table']} WHERE ID='{$_REQUEST['id']}'");
                unset($_REQUEST['modfunc']);
            }
        } else {
            echo '<BR>';
            PopTable('header', 'Alert Message');
            echo "<CENTER><h4>You can not delete comment of another user.</h4><br><FORM action={$PHP_tmp_SELF} METHOD=POST><INPUT type=button class=btn_medium name=delete_cancel value=Ok onclick='window.location=\"Modules.php?modname=" . $_REQUEST['modname'] . "&category_id=" . $_REQUEST['category_id'] . "&table=" . $_REQUEST['table'] . "&include=" . $_REQUEST['include'] . "&subject_id=" . $_REQUEST['subject_id'] . "&course_id=" . $_REQUEST['course_id'] . "&course_period_id=" . $_REQUEST['course_period_id'] . "\"'></FORM></CENTER>";
            PopTable('footer');
            unset($_REQUEST['modfunc']);
            return false;
        }
    }
}
if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'update') {
    unset($_SESSION['_REQUEST_vars']['modfunc']);