} $count_student_RET = DBGet(DBQuery('SELECT COUNT(*) AS NUM FROM students')); if ($count_student_RET[1]['NUM'] > 1) { DrawHeaderHome('Selected Student: ' . $RET[1]['FIRST_NAME'] . ' ' . ($RET[1]['MIDDLE_NAME'] ? $RET[1]['MIDDLE_NAME'] . ' ' : '') . $RET[1]['LAST_NAME'] . ' ' . ' (<A HREF=Side.php?student_id=new&modcat=' . clean_param($_REQUEST['modcat'], PARAM_NOTAGS) . '><font color=red>Search Again</font></A>) | <A HREF=Modules.php?modname=' . clean_param($_REQUEST['modname'], PARAM_NOTAGS) . '&search_modfunc=list&next_modname=Students/Student.php&ajax=true&bottom_back=true&return_session=true target=body>Back to Student List</A>'); } else { if ($count_student_RET[1]['NUM'] == 1) { DrawHeaderHome('Selected Student: ' . $RET[1]['FIRST_NAME'] . ' ' . ($RET[1]['MIDDLE_NAME'] ? $RET[1]['MIDDLE_NAME'] . ' ' : '') . $RET[1]['LAST_NAME'] . ' ' . ' (<A HREF=Side.php?student_id=new&modcat=' . clean_param($_REQUEST['modcat'], PARAM_NOTAGS) . '><font color=red>Search Again</font></A>) '); } } } if ($_REQUEST['modfunc'] == 'add' && AllowEdit()) { DBQuery('INSERT INTO student_eligibility_activities (STUDENT_ID,ACTIVITY_ID,SYEAR) values(\'' . UserStudentID() . '\',\'' . $_REQUEST['new_activity'] . '\',\'' . UserSyear() . '\')'); unset($_REQUEST['modfunc']); } if ($_REQUEST['modfunc'] == 'remove' && AllowEdit()) { if (DeletePromptMod('activity')) { DBQuery('DELETE FROM student_eligibility_activities WHERE STUDENT_ID=\'' . UserStudentID() . '\' AND ACTIVITY_ID=\'' . $_REQUEST['activity_id'] . '\' AND SYEAR=\'' . UserSyear() . '\''); unset($_REQUEST['modfunc']); } } if (UserStudentID() && !$_REQUEST['modfunc']) { $start_end_RET = DBGet(DBQuery('SELECT TITLE,VALUE FROM program_config WHERE SYEAR=\'' . UserSyear() . '\' AND SCHOOL_ID=\'' . UserSchool() . '\' AND PROGRAM=\'eligibility\' AND TITLE IN (\'' . 'START_DAY' . '\',\'' . 'END_DAY' . '\')')); if (count($start_end_RET)) { foreach ($start_end_RET as $value) { ${$value}['TITLE'] = $value['VALUE']; } } switch (date('D')) { case 'Mon': $today = 1; break;
} } } } } DrawBC("School Setup > " . ProgramTitle()); if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'remove' && AllowEdit()) { $room_id = paramlib_validation($colmn = PERIOD_ID, $_REQUEST[id]); $has_assigned_RET = DBGet(DBQuery("SELECT COUNT(*) AS TOTAL_ASSIGNED FROM course_period_var WHERE room_id='{$room_id}'")); $has_assigned = $has_assigned_RET[1]['TOTAL_ASSIGNED']; if ($has_assigned > 0) { $qs = 'Modules.php?modname=schoolsetup/Rooms.php'; UnableDeletePromptMod('Cannot delete because room are associated.', 'delete', $qs); } else { $qs = 'Modules.php?modname=schoolsetup/Rooms.php'; if (DeletePromptMod('room', $qs)) { DBQuery("DELETE FROM rooms WHERE room_id='{$room_id}'"); unset($_REQUEST['modfunc']); } } } if ($_REQUEST['modfunc'] != 'remove') { $sql = "SELECT ROOM_ID,TITLE,TITLE as NAME,CAPACITY,DESCRIPTION,SORT_ORDER FROM rooms WHERE school_id='" . UserSchool() . "' ORDER BY sort_order"; $QI = DBQuery($sql); $LO = DBGet(DBQuery($sql)); $room_id_arr = array(); foreach ($LO as $ti => $td) { array_push($room_id_arr, $td[ROOM_ID]); } $room_id = implode(',', $room_id_arr); $room_ids = '';
$assoc_t = 'progress period'; } } else { $get_assoc_rltns = DBGet(DBQuery('SELECT distinct MP_TYPE,COUNT(1) as TYPE_COUNT FROM marking_periods WHERE PARENT_ID=' . $_REQUEST['marking_period_id'])); foreach ($get_assoc_rltns as $gai => $gad) { if ($gad['TYPE_COUNT'] > 1) { $assoc_t[] = $gad['MP_TYPE'] . 's'; } else { $assoc_t[] = $gad['MP_TYPE']; } } $assoc_t = implode(',', $assoc_t); } UnableDeletePromptMod('Marking period cannot be deleted because it has associtation with ' . $assoc_t . '.'); } else { if (DeletePromptMod($name, $queryString)) { foreach ($extra as $sql) { DBQuery($sql); } DBQuery('DELETE FROM ' . $table . ' WHERE MARKING_PERIOD_ID=\'' . paramlib_validation($column = MARKING_PERIOD_ID, $_REQUEST[marking_period_id]) . '\''); unset($_REQUEST['modfunc']); $_REQUEST['mp_term'] = $parent_term; $_REQUEST['marking_period_id'] = $parent_id; $table = $parent_table; } } } unset($_SESSION['_REQUEST_vars']['modfunc']); } if (!$_REQUEST['modfunc']) { if ($_REQUEST['marking_period_id'] != 'new') {
$association_query_attendance = DBQuery('Select * from attendance_period where student_id=\'' . UserStudentId() . '\' and course_period_id=\'' . $_REQUEST['cp_id'] . '\' '); $schedule_data = DBGet(DBQuery('Select * from schedule where student_id=\'' . UserStudentId() . '\' and course_period_id=\'' . $_REQUEST['cp_id'] . '\' and syear =' . UserSyear() . ' ')); if (mysql_num_rows($association_query_grade) > 0 || mysql_num_rows($association_query_attendance) > 0 || mysql_num_rows($association_query_reportcard) > 0) { UnableDeletePrompt('Cannot delete because students attendance are already taken.'); unset($_REQUEST['del']); unset($_REQUEST['c_id']); } elseif (mysql_num_rows($association_query_grade) > 0) { UnableDeletePrompt('Cannot delete because assignments grading are already given.'); unset($_REQUEST['del']); unset($_REQUEST['c_id']); } elseif (mysql_num_rows($association_query_reportcard) > 0) { UnableDeletePrompt('Cannot delete because final grade is already given .'); unset($_REQUEST['del']); unset($_REQUEST['c_id']); } else { if (DeletePromptMod('schedule')) { $schedule_fetch = DBGet(DBQuery('SELECT DROPPED FROM schedule WHERE ID=\'' . $_REQUEST['schedule_id'] . '\'')); $schedule_status = $schedule_fetch[1]['DROPPED']; $seat_query = DBQuery('SELECT FILLED_SEATS FROM course_periods WHERE COURSE_ID=\'' . $_REQUEST['c_id'] . '\' AND COURSE_PERIOD_ID=\'' . $_REQUEST['cp_id'] . '\' '); $seat_fetch = DBGet($seat_query); if ($schedule_status == 'Y') { $seat_fill = $seat_fetch[1]['FILLED_SEATS']; } if ($schedule_status == 'N') { $seat_fill = $seat_fetch[1]['FILLED_SEATS'] - 1; } DBQuery('Delete from schedule where student_id=\'' . UserStudentId() . '\' and course_period_id=\'' . $_REQUEST['cp_id'] . '\' and course_id=\'' . $_REQUEST['c_id'] . '\' and id=\'' . $_REQUEST['schedule_id'] . '\''); DBQuery('Update course_periods set filled_seats=\'' . $seat_fill . '\' where course_id=\'' . $_REQUEST['c_id'] . '\' and course_period_id=\'' . $_REQUEST['cp_id'] . '\' '); unset($_REQUEST['del']); unset($_REQUEST['c_id']); unset($_REQUEST['cp_id']);
# This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. # #*************************************************************************************** include '../../../RedirectIncludes.php'; $dir = 'assets/studentfiles'; if ($_REQUEST['modfunc'] == 'delete' && (User('PROFILE') == 'admin' || User('PROFILE') == 'student')) { if (!$_REQUEST['delete_ok'] && !$_REQUEST['delete_cancel']) { echo '</FORM>'; } if (DeletePromptMod($_REQUEST['title'], '&include=FilesInc&category_id=7')) { unlink($_REQUEST['file']); unset($_REQUEST['modfunc']); } } if (isset($_REQUEST['delete_msg']) && $_REQUEST['delete_msg'] == 'yes') { unlink($_REQUEST['target_path']); unset($_SESSION['grid_msg']); unset($_SESSION['dup_file_name']); } if (!$_REQUEST['modfunc']) { unset($_SESSION['grid_msg']); unset($_SESSION['dup_file_name']); ###########################File Upload #################################################### if (!file_exists($dir)) { mkdir($dir, 0777);
} else { if (DeletePromptMod('staff field')) { $id = clean_param($_REQUEST['id'], PARAM_INT); DBQuery('DELETE FROM people_fields WHERE ID=\'' . $id . '\''); DBQuery('ALTER TABLE people DROP COLUMN CUSTOM_' . $id . ''); $_REQUEST['modfunc'] = ''; unset($_REQUEST['id']); } } } elseif (clean_param($_REQUEST['category_id'], PARAM_INT)) { $has_assigned_RET = DBGet(DBQuery('SELECT COUNT(*) AS TOTAL_ASSIGNED FROM people_fields WHERE CATEGORY_ID=\'' . $_REQUEST['category_id'] . '\'')); $has_assigned = $has_assigned_RET[1]['TOTAL_ASSIGNED']; if ($has_assigned > 0) { UnableDeletePromptMod('Cannot delete becauses this people field category is associated.'); } else { if (DeletePromptMod('staff field category and all fields in the category')) { $fields = DBGet(DBQuery('SELECT ID FROM people_fields WHERE CATEGORY_ID=\'' . $_REQUEST[category_id] . '\'')); foreach ($fields as $field) { DBQuery('DELETE FROM people_fields WHERE ID=\'' . $field[ID] . '\''); DBQuery('ALTER TABLE people DROP COLUMN CUSTOM_' . $field[ID] . ''); } DBQuery('DELETE FROM people_field_categories WHERE ID=\'' . $_REQUEST[category_id] . '\''); // remove from profiles and permissions DBQuery('DELETE FROM profile_exceptions WHERE MODNAME=\'users/User/Student.php&category_id=' . $_REQUEST[category_id] . '\''); $_REQUEST['modfunc'] = ''; unset($_REQUEST['category_id']); } } } } if (!$_REQUEST['modfunc']) {
} else { DrawHeaderHome('Selected User: '******'FIRST_NAME'] . ' ' . $RET[1]['LAST_NAME'] . ' (<A HREF=Side.php?staff_id=new&modcat=' . $_REQUEST['modcat'] . '><font color=red>Search Again</font></A>)'); } } } ############################################# if (User('PROFILE') != 'admin' && User('PROFILE') != 'teacher' && $_REQUEST['staff_id'] && $_REQUEST['staff_id'] != 'new') { if (!AllowUse()) { if (User('USERNAME')) { HackingLog(); } exit; } } if ($_REQUEST['modfunc'] == 'remove_stu') { $delete = DeletePromptMod('student', "include=GeneralInfoInc&category_id=1&staff_id={$_REQUEST['staff_id']}"); if ($delete == 1) { DBGet(DBQuery('DELETE FROM students_join_people WHERE STUDENT_ID=' . $_REQUEST['id'] . ' AND PERSON_ID=' . $_REQUEST['staff_id'])); echo "<script>window.location.href='Modules.php?modname=" . strip_tags(trim($_REQUEST[modname])) . "&include=GeneralInfoInc&category_id=1&staff_id={$_REQUEST['staff_id']}'</script>"; } } else { if (!$_REQUEST['include']) { $_REQUEST['include'] = 'GeneralInfoInc'; $_REQUEST['category_id'] = '1'; } elseif (!$_REQUEST['category_id']) { if ($_REQUEST['include'] == 'GeneralInfoInc') { $_REQUEST['category_id'] = '1'; } elseif ($_REQUEST['include'] == 'AddressInfoInc') { $_REQUEST['category_id'] = '2'; } elseif ($_REQUEST['include'] != 'OtherInfoUserInc') { $include = DBGet(DBQuery('SELECT ID FROM people_field_categories WHERE INCLUDE=\'' . $_REQUEST['include'] . '\''));
} else { ShowErrPhp('You can\'t add any enrollment code in this type'); } } } } DrawBC("Students > " . ProgramTitle()); if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'remove') { $select_enroll = DBGet(DBQuery('SELECT TYPE FROM student_enrollment_codes WHERE ID=\'' . $_REQUEST[id] . '\'')); if ($select_enroll[1][TYPE] != 'Roll' && $select_enroll[1][TYPE] != 'TrnD' && $select_enroll[1][TYPE] != 'TrnE') { $has_assigned_RET = DBGet(DBQuery('SELECT COUNT(*) AS TOTAL_ASSIGNED FROM student_enrollment WHERE ENROLLMENT_CODE=\'' . $_REQUEST[id] . '\'')); $has_assigned = $has_assigned_RET[1]['TOTAL_ASSIGNED']; if ($has_assigned > 0) { UnableDeletePrompt('Cannot delete because enrollment codes are associated.'); } else { if (DeletePromptMod('enrollment code', $_REQUEST['modname'])) { DBQuery('DELETE FROM student_enrollment_codes WHERE ID=\'' . $_REQUEST[id] . '\''); unset($_REQUEST['modfunc']); } } } else { UnableDeletePrompt('Cannot delete because it is not deletable.'); } } if ($_REQUEST['modfunc'] != 'remove') { $sql = 'SELECT ID,TITLE,SHORT_NAME,TYPE FROM student_enrollment_codes WHERE SYEAR=\'' . UserSyear() . '\' ORDER BY TITLE'; $QI = DBQuery($sql); $codes_RET = DBGet($QI, array('TITLE' => 'makeTextInput', 'SHORT_NAME' => 'makeTextInput', 'TYPE' => 'makeSelectInput')); $columns = array('TITLE' => 'Title', 'SHORT_NAME' => 'Short Name', 'TYPE' => 'Type'); $link['add']['html'] = array('TITLE' => makeTextInput('', 'TITLE'), 'SHORT_NAME' => makeTextInput('', 'SHORT_NAME'), 'TYPE' => makeSelectInput('', 'TYPE')); $link['remove']['link'] = "Modules.php?modname={$_REQUEST['modname']}&modfunc=remove";
# This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. # #*************************************************************************************** include '../../../RedirectIncludes.php'; include_once 'modules/students/includes/FunctionsInc.php'; if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'delete' && User('PROFILE') == 'admin') { if (!$_REQUEST['delete_ok'] && !$_REQUEST['delete_cancel']) { echo '</FORM>'; } if (DeletePromptMod($_REQUEST['title'], '&include=Medical&category_id=' . $_REQUEST[category_id])) { DBQuery("DELETE FROM {$_REQUEST['table']} WHERE ID='{$_REQUEST['id']}'"); unset($_REQUEST['modfunc']); } } if (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'update') { unset($_REQUEST['modfunc']); } if (!$_REQUEST['modfunc']) { echo '<div style="position: absolute; z-index:1000; width: 495px; height: 300px; visibility:hidden; background-image:url(\'assets/comment_background.gif\');" id="dc"></div>'; echo '<TABLE width=100% border=0 cellpadding=0 cellspacing=0>'; echo '<TR><TD valign=top>'; $_REQUEST['category_id'] = 2; echo '<div class=hseparator><b>Medical Information</b></div><div class=clear></div>'; echo '<TABLE cellpadding=5>'; echo '<TR>';
} else { DrawHeaderHome('Selected User: '******'FIRST_NAME'] . ' ' . $RET[1]['LAST_NAME'] . ' (<A HREF=Side.php?staff_id=new&modcat=' . $_REQUEST['modcat'] . '><font color=red>Deselect</font></A>)'); } } } ############################################# if (User('PROFILE') != 'admin' && User('PROFILE') != 'teacher' && $_REQUEST['staff_id'] && $_REQUEST['staff_id'] != 'new') { if (!AllowUse()) { if (User('USERNAME')) { HackingLog(); } exit; } } if ($_REQUEST['modfunc'] == 'remove_stu') { $delete = DeletePromptMod('student', "include=GeneralInfoInc&category_id=1&staff_id={$_REQUEST['staff_id']}" . ($_REQUEST['profile'] == 'none' ? '&profile=none' : '')); if ($delete == 1) { DBGet(DBQuery('DELETE FROM students_join_people WHERE STUDENT_ID=' . $_REQUEST['id'] . ' AND PERSON_ID=' . $_REQUEST['staff_id'])); echo "<script>window.location.href='Modules.php?modname={$_REQUEST['modname']}&search_modfunc=list&next_modname=users/User.php&ajax=true&bottom_back=true&return_session=true" . ($_REQUEST['profile'] == 'none' ? '&profile=none' : '') . "'</script>"; } } else { if (!$_REQUEST['include']) { $_REQUEST['include'] = 'GeneralInfoInc'; $_REQUEST['category_id'] = '1'; } elseif (!$_REQUEST['category_id']) { if ($_REQUEST['include'] == 'GeneralInfoInc') { $_REQUEST['category_id'] = '1'; } elseif ($_REQUEST['include'] == 'AddressInfoInc') { $_REQUEST['category_id'] = '2'; } elseif ($_REQUEST['include'] != 'OtherInfoUserInc') { $include = DBGet(DBQuery('SELECT ID FROM people_field_categories WHERE INCLUDE=\'' . $_REQUEST['include'] . '\''));
$cat_sql = 'UPDATE effort_grade_categories SET '; if (isset($_REQUEST['TITLE'])) { $cat_sql .= ' TITLE="' . $_REQUEST['TITLE'] . '",'; } if (isset($_REQUEST['SORT_ORDER'])) { $cat_sql .= ' SORT_ORDER="' . $_REQUEST['SORT_ORDER'] . '" ,'; } $cat_sql = rtrim($cat_sql, ',') . ' WHERE ID="' . $_REQUEST['cat_id'] . '" '; DBQuery($cat_sql); } else { DBQuery('INSERT INTO effort_grade_categories (SYEAR,SCHOOL_ID,TITLE,SORT_ORDER) VALUES(\'' . UserSyear() . '\',\'' . UserSchool() . '\',\'' . $_REQUEST['TITLE'] . '\',\'' . $_REQUEST['SORT_ORDER'] . '\' ) '); } } } elseif (clean_param($_REQUEST['modfunc'], PARAM_ALPHAMOD) == 'delete_cat') { //if(DeletePrompt_CommonCore('Effort Category',$_REQUEST[modname] )) if (DeletePromptMod('Effort Category')) { $ceck_cat = DBGet(DBQuery('SELECT COUNT(*) AS TOTAL_USED_CAT FROM student_efforts se,effort_grades eg WHERE se.EFFORT_VALUE=eg.ID AND eg.EFFORT_CAT="' . $_REQUEST['cat_id'] . '" ')); if ($ceck_cat[1]['TOTAL_USED_CAT'] > 0) { $cant_del_cat = true; } else { DBQuery('DELETE FROM effort_grade_categories WHERE ID="' . $_REQUEST['cat_id'] . '" '); DBQuery('DELETE FROM effort_grades WHERE EFFORT_CAT="' . $_REQUEST['cat_id'] . '" '); unset($_REQUEST['cat_id']); } unset($_REQUEST['modfunc']); } } if (isset($cant_del_cat)) { echo '<font color=red>You can not delete it.This effort category is associated with effort garde.</font>'; unset($cant_del_cat); }
} $update_sql = substr($update_sql, 0, -1) . " WHERE STANDARD_ID='" . $s_key . "'"; $update_sql = str_replace('&', "", $update_sql); $update_sql = str_replace('"', "", $update_sql); $update_sql = str_replace(''', "", $update_sql); $update_sql = str_replace('<', "", $update_sql); $update_sql = str_replace('>', "", $update_sql); DBQuery($update_sql); //DBQuery('UPDATE us_common_core_standards SET SUBJECT="'.$s_value['SUBJECT'].'",GRADE="'.$s_value['GRADE'].'",COURSE="'.$s_value['COURSE'].'",DOMAIN="'.$s_value['DOMAIN'].'",TOPIC="'.$s_value['TOPIC'].'",STANDARD_REF_NO="'.$s_value['STANDARD_REF_NO'].'",STANDARD_DETAILS="'.$s_value['STANDARD_DETAILS'].'" WHERE STANDARD_ID="'.$s_key.'" '); } } unset($_REQUEST['modfunc']); } else { if ($_REQUEST['modfunc'] == 'remove') { //if(DeletePrompt_CommonCore('common core standard',$_REQUEST[modname])) if (DeletePromptMod('common core standard')) { DBQuery('DELETE FROM us_common_core_standards WHERE STANDARD_ID="' . $_REQUEST['standard_id'] . '" '); unset($_REQUEST['modfunc']); } } } } if (!$_REQUEST['modfunc']) { $sql_standard = 'SELECT *FROM us_common_core_standards '; $QI_standard = DBQuery($sql_standard); $standards_RET = DBGet($QI_standard, array('SUBJECT' => 'makeStandardInput', 'GRADE' => 'makeStandardInput', 'COURSE' => 'makeStandardInput', 'DOMAIN' => 'makeStandardInput', 'TOPIC' => 'makeStandardInput', 'STANDARD_REF_NO' => 'makeStandardInput', 'STANDARD_DETAILS' => 'makeStandardInput')); $standards_columns = array('SUBJECT' => 'Subject', 'GRADE' => 'Grade', 'COURSE' => 'Course', 'DOMAIN' => 'Domain', 'TOPIC' => 'Topic', 'STANDARD_REF_NO' => 'Standard Ref No', 'STANDARD_DETAILS' => 'Standard Details'); $link['add']['html'] = array('SUBJECT' => makeStandardInput('', 'SUBJECT'), 'GRADE' => makeStandardInput('', 'GRADE'), 'COURSE' => makeStandardInput('', 'COURSE'), 'DOMAIN' => makeStandardInput('', 'DOMAIN'), 'TOPIC' => makeStandardInput('', 'TOPIC'), 'STANDARD_REF_NO' => makeStandardInput('', 'STANDARD_REF_NO'), 'STANDARD_DETAILS' => makeStandardInput('', 'STANDARD_DETAILS')); $link['remove']['link'] = "Modules.php?modname={$_REQUEST['modname']}&modfunc=remove"; $link['remove']['variables'] = array('standard_id' => 'STANDARD_ID'); echo "<FORM name=standard id=standard action=Modules.php?modname={$_REQUEST['modname']}&modfunc=update method=POST>";