public function actionFaculty() { if (isset($_POST["updateDetail"]) && isset($_POST["facultyId"]) && $_POST["updateDetail"] != "" && $_POST["facultyId"] != "") { $facultyId = intval($_POST["facultyId"]); if (!is_int($facultyId)) { return; } $facultyDetail = addslashes($_POST["updateDetail"]); $facultyId = addslashes($facultyId); $updateFacultyDataQuery = "UPDATE `faculty_data` SET `faculty_data`='{$facultyDetail}' WHERE `faculty_dataId`={$facultyId} AND "; $upDateFacultyDataQuery .= "`page_moduleComponentId`={$this->moduleComponentId}"; $updateFacultyDataData = mysql_query($updateFacultyDataQuery); } if (isset($_POST["updateSectionDetail"]) && isset($_POST["SectionDetail"])) { if ($_POST["updateSectionDetail"] != "" && $_POST["SectionDetail"] != "") { $facultyId = intval($_POST["SectionDetail"]); if (!is_int($facultyId)) { return; } $facultyDetail = addslashes($_POST["SectionDetail"]); $facultyId = addslashes($facultyId); $updateFacultyDataQuery = "UPDATE `faculty_template` SET `template_sectionName`='{$facultyDetail}' WHERE "; $updateFacultyDataQuery .= "`template_sectionId`={$facultyId} AND `page_moduleComponentId`={$this->moduleComponentId}"; $updateFacultyDataData = mysql_query($updateFacultyDataQuery); } } if (isset($_POST["addFacultyData"]) && $_POST["addFacultyData"] != "" && isset($_POST["sectionId"]) && $_POST["sectionId"] != "") { $sectionId = intval($_POST["sectionId"]); if (!is_int($sectionId)) { return; } $addDetail = addslashes($_POST["addFacultyData"]); $sectionId = addslashes($sectionId); $checkMaxValReached = "SELECT * FROM `faculty_template` WHERE `template_sectionId`={$sectionId}"; $checkMaxValReachedQuery = mysql_query($checkMaxValReached); $maxSectionLimit = mysql_fetch_assoc($checkMaxValReachedQuery); $maxSection = "SELECT * FROM `faculty_data` WHERE `faculty_sectionId`={$sectionId} AND "; $maxSection .= "`page_moduleComponentId`={$this->moduleComponentId}"; $maxSectionQuery = mysql_query($maxSection); if (mysql_num_rows($maxSectionQuery) < intval($maxSectionLimit['template_sectionLimit'])) { $addFacultyDetail = "INSERT INTO `faculty_data` (`faculty_sectionId`,`faculty_data`,`page_moduleComponentId`) VALUES "; $addFacultyDetail .= "({$sectionId},'{$addDetail}',{$this->moduleComponentId})"; $addFacultyDetailQuery = mysql_query($addFacultyDetail); } else { echo "Limit Exceeded"; exit; } } if (isset($_POST["DeleteFacultyId"]) && $_POST["DeleteFacultyId"] != "") { $facultyId = intval($_POST["DeleteFacultyId"]); $facultyId = addslashes($facultyId); $deleteData = "DELETE FROM `faculty_data` WHERE `page_moduleComponentId`={$this->moduleComponentId} AND `faculty_dataId`={$facultyId}"; $deleteQuery = mysql_query($deleteData); } if (isset($_POST["facultyName"]) && isset($_POST["facultyEmail"])) { if ($_POST["facultyName"] != "") { $facultyName = addslashes($_POST["facultyName"]); $updateFacultyNameQuery = "UPDATE `" . MYSQL_DATABASE_PREFIX . "pages` SET `page_title`='{$facultyName}' WHERE "; $updateFacultyNameQuery .= "`page_modulecomponentid`={$this->moduleComponentId} AND `page_module`='faculty'"; $updateFacultyNameData = mysql_query($updateFacultyNameQuery); } if ($_POST["facultyEmail"] != "") { $facultyEmail = addslashes($_POST["facultyEmail"]); $updateFacultyEmailQuery = "UPDATE `faculty_module` SET `email`='{$facultyEmail}' WHERE "; $updateFacultyEmailQuery .= "`page_moduleComponentId`={$this->moduleComponentId}"; $updateFacultyEmailData = mysql_query($updateFacultyEmailQuery) or displayerror(mysql_error()); } } global $urlRequestRoot, $sourceFolder, $cmsFolder, $templateFolder, $moduleFolder, $urlRequestRoot; require_once "{$sourceFolder}/{$moduleFolder}/faculty/template_edit.php"; require_once $sourceFolder . "/upload.lib.php"; $facultyDetail = ""; $getImage = "SELECT * FROM `faculty_module` WHERE `page_moduleComponentId`={$this->moduleComponentId}"; $getImageQuery = mysql_query($getImage); $isExistPh = mysql_fetch_assoc($getImageQuery); $facultyDetail .= <<<IMG \t\t<img src="{$isExistPh['photo']}" /> IMG; $facultyDetail .= '<br />Upload files : <br />'; $facultyDetail .= getFileUploadForm($this->moduleComponentId, "faculty", './+faculty', UPLOAD_SIZE_LIMIT, 1, "facultyProfilePic") . '</fieldset>'; if (isset($_FILES["facultyProfilePic"])) { $checkImageExist = "SELECT * FROM `faculty_module` WHERE `page_moduleComponentId`={$this->moduleComponentId}"; $checkImageExistQuery = mysql_query($checkImageExist); $isExistPh = mysql_fetch_assoc($checkImageExistQuery); if ($isExistPh["photo"] != NULL) { if (!deleteFile($this->moduleComponentId, 'faculty', $isExistPh["photo"])) { displayerror("Unable to Update"); return false; } } $allowableTypes = array('jpeg', 'jpg', 'png', 'gif'); $fileUpload = submitFileUploadForm($this->moduleComponentId, "faculty", $this->userId, UPLOAD_SIZE_LIMIT, $allowableTypes, 'facultyProfilePic'); $updatePhoto = "UPDATE `faculty_module` SET `photo`='{$fileUpload[0]}' WHERE `page_moduleComponentId`={$this->moduleComponentId}"; $updatePhotoQuery = mysql_query($updatePhoto) or displayerror(mysql_error()); } $pageName = getPageTitle(getPageIdFromModuleComponentId("faculty", $this->moduleComponentId)); $emailId = getEmailForFaculty($this->moduleComponentId); $facultyDetail .= <<<ChangeName \t <form action="./+faculty" method="POST"> \t <table border="1"> \t <tr> \t <td>Faculty Name:</td><td><input type="text" name="facultyName" value="{$pageName}"/></td> \t </tr> \t <tr> \t <td>Email:</td><td> <input type="text" name="facultyEmail" value="{$emailId}"/></td> \t </tr> \t <tr> \t <td colspan="2"><input type="submit"/></td> \t </tr> </table> \t </form> ChangeName; $folder = "{$urlRequestRoot}/{$cmsFolder}/{$moduleFolder}/faculty/main.js"; $facultyDetail .= "<script type='text/javascript' src='{$folder}'></script>"; $templateId = getTemplateId($this->moduleComponentId); $sectionDetail = getTemplateDataFromModuleComponentId($this->moduleComponentId); while ($sectionDetailArray = mysql_fetch_assoc($sectionDetail)) { $sectionId = $sectionDetailArray['template_sectionId']; $facultyDetail .= <<<facultyName \t <h2>{$sectionDetailArray['template_sectionName']} facultyName; $facultyDetail .= "</h2><hr/>"; $facultyDetail .= printFacultyDataWithLiFaculty($sectionId, $this->moduleComponentId, 0); $sectionChildNode1DetailQuery = "SELECT * FROM `faculty_template` WHERE `template_id`={$templateId} AND "; $sectionChildNode1DetailQuery .= "`template_sectionParentId`={$sectionDetailArray['template_sectionId']}"; $sectionChildNode1DetailResult = mysql_query($sectionChildNode1DetailQuery); while ($sectionChildNode1DetailArray = mysql_fetch_assoc($sectionChildNode1DetailResult)) { $facultyDetail .= printFacultyDataWithLiFaculty($sectionChildNode1DetailArray['template_sectionId'], $this->moduleComponentId, 1); $sectionChildNode2DetailQuery = "SELECT * FROM `faculty_template` WHERE `template_id`={$templateId} AND "; $sectionChildNode2DetailQuery .= "`template_sectionParentId`={$sectionChildNode1DetailArray['template_sectionId']}"; $sectionChildNode2DetailResult = mysql_query($sectionChildNode2DetailQuery); while ($sectionChildNode2DetailArray = mysql_fetch_assoc($sectionChildNode2DetailResult)) { $facultyDataChild = printFacultyDataWithLi($sectionChildNode2DetailArray['template_sectionId'], $this->moduleComponentId, 1); $facultyDetail .= <<<facultyName \t <h4>{$facultyDataChild}</h4> facultyName; } } } return $facultyDetail; }
public function actionHead() { global $urlRequestRoot, $moduleFolder, $cmsFolder, $templateFolder, $sourceFolder, $STARTSCRIPTS; require_once $sourceFolder . "/" . $moduleFolder . "/qaos1/qaos_common.php"; require_once $sourceFolder . "/upload.lib.php"; require_once $sourceFolder . "/" . $moduleFolder . "/qaos1/excel.php"; $mcid = $this->moduleComponentId; if (isset($_POST['downloadFormatExcel'])) { displayEventFormatExcel(); } if (isset($_FILES['fileUploadField']['name'])) { $date = date_create(); $timeStamp = date_timestamp_get($date); $tempVar = $sourceFolder . "/uploads/temp/" . $timeStamp . $_FILES['fileUploadField']['name'][0]; move_uploaded_file($_FILES["fileUploadField"]["tmp_name"][0], $tempVar); $excelData = readExcelSheet($tempVar); $success = 1; for ($i = 2; $i <= count($excelData); $i++) { if ($excelData[$i][1] == NULL) { continue; } $checkIfExistQuery = "SELECT * FROM `qaos1_events` WHERE `events_name`='{$excelData[$i][1]}' AND `page_modulecomponentid`={$mcid}"; $checkIfExistRes = mysql_query($checkIfExistQuery) or displayerror(mysql_error()); if (mysql_num_rows($checkIfExistRes)) { continue; } $insertIntoEventTableQuery = "INSERT IGNORE INTO `qaos1_events` (events_name,page_modulecomponentid) VALUES ('{$excelData[$i][1]}',{$mcid})"; $res = mysql_query($insertIntoEventTableQuery) or displayerror(mysql_error()); if ($res == "") { $success = 0; } } if (!$success) { displayerror("Datas are not inserted"); } } if (isset($_POST['uploadEventName'])) { } if (isset($_POST['hid'])) { $_POST["hid2"] = addslashes($_POST["hid2"]); $_POST["hid1"] = addslashes($_POST["hid1"]); $_POST["hid"] = addslashes($_POST["hid"]); if ($_POST["hid"] < 3 && $_POST["hid"] >= 0) { if ($_POST["hid"] != 2 || $_POST["hid1"] != "") { $query = "update qaos1_evtproc set evtproc_Status = '{$_POST["hid"]}',evtproc_Desc ='{$_POST["hid1"]}' where evtproc_Id ='{$_POST["hid2"]}' AND modulecomponentid={$this->moduleComponentId}"; $res = mysql_query($query); } } } if (isset($_GET['subaction']) && $_GET['subaction'] == "apFundReq" && isset($_POST['qhid'])) { $_POST["qhid2"] = addslashes($_POST["qhid2"]); $_POST["qhid1"] = addslashes($_POST["qhid1"]); $_POST["qhid"] = addslashes($_POST["qhid"]); if ($_POST["qhid"] < 3 && $_POST["qhid"] >= 0) { if ($_POST["qhid"] != 2 || $_POST["qhid1"] != "") { $query = "update qaos1_fundreq set fundreq_Status = '{$_POST["qhid"]}',fundreq_Desc ='{$_POST["qhid1"]}' where fundreq_Id ='{$_POST["qhid2"]}' AND modulecomponentid={$this->moduleComponentId}"; $res = mysql_query($query); } } } $query = "SELECT * FROM qaos1_evtproc WHERE modulecomponentid={$this->moduleComponentId}"; $res = mysql_query($query); $query1 = "SELECT * FROM qaos1_fundreq WHERE modulecomponentid={$this->moduleComponentId}"; $res1 = mysql_query($query1); $css1 = $urlRequestRoot . "/" . $cmsFolder . "/" . $moduleFolder . "/qaos1/styles/main.css"; $smarttablestuff = smarttable::render(array('table_evtprocrequest', 'table_fundreqform', 'table_eventproc_head', 'table_funreq_head'), null); $STARTSCRIPTS .= "initSmartTable();"; $headaction = <<<AB \t\t {$smarttablestuff} \t\t\t\t<link href="{$css1}" rel="stylesheet"> \t \t \t <script type="text/javascript"> \t \t \t function qaosproc(a) \t\t{ \t\t\t\t\tvar k=document.getElementById("status"+a+"1"); \t\t \t\t\tvar k1=document.getElementById("status"+a+"2"); \t\t \t\t\tif(k.checked) document.getElementById("hid"+a).value=1; \t\t \t\t\telse if(k1.checked) document.getElementById("hid"+a).value=2; \t\t \t\t\telse {alert("select any one of button");return false;} \t\t \t\t\tdocument.getElementById("hi1d"+a).value=document.getElementById("description"+a).value; \t\t\t\t \t\t\t\t\t\$.ajax({ \t\t\t\t\ttype: "POST", \t\t\t\t \turl: "./+head&subaction=apEventProc", \t\t\t\t \tdata: "hid="+\$("#hid"+a).val()+"&hid1="+\$("#hi1d"+a).val()+"&hid2="+\$("#hi2d"+a).val() \t\t\t \t\t}); \t\t\t\t \t\t\t\t\t\$("#tr"+a).css({'display':'none'}); \t \t\t\t\treturn false; \t\t\t\t} \t\t\t function qaosfund(a) \t\t \t\t{ \t\t\t\t\tvar k=document.getElementById("qstatus"+a+"1"); \t\t\t\t\tvar k1=document.getElementById("qstatus"+a+"2"); \t\t\t\t\tif(k.checked) document.getElementById("qhid"+a).value=1; \t\t\t\t\telse if(k1.checked) document.getElementById("qhid"+a).value=2; \t\t\t\t\telse {alert("select any one of button");return false;} \t\t \t\t\tdocument.getElementById("qhi1d"+a).value=document.getElementById("qdescription"+a).value; \t\t\t\t\t \t\t\t\t\t\$.ajax({ \t\t\t\t\ttype: "POST", \t\t\t\t \turl: "./+head&subaction=apFundReq", \t\t\t \t\tdata: "qhid="+\$("#qhid"+a).val()+"&qhid1="+\$("#qhi1d"+a).val()+"&qhid2="+\$("#qhi2d"+a).val() \t\t\t \t\t}); \t\t\t\t\t \t\t\t\t\t\$("#trf"+a).css({'display':'none'}); \t \t\t\t\treturn false; \t\t\t } \t \t </script> \t\t\t <script type="text/javascript"> \t\t \t \t \$(document).ready(function() \t \t\t \t{ \t\t\t\t\t\$(".forms").css({'display':'none'}); \t\t\t\t\t\$(".buttons").css({'display':'block'}); \t\t\t\t\t\$("#dheadfundreq").css({'display':'block'}); \t\t\t\t\t\$("#bhead_evtproc").click(function() \t\t\t\t\t\t{ \t\t\t\t\t\t\tdispevtproc(); \t\t\t\t\t\t}); \t\t\t\t\t\$("#bhead_fundreq").click(function() \t\t\t\t\t\t{ \t\t\t\t\t\t\tdispfundreq(); \t\t\t\t\t\t}); \t\t\t\t\t\t\t\t \t\t\t\t\t\$("#bformevt").click(function(){ \t\t\t\t\t\tdispevtform(); \t\t\t\t\t}); \t \t\t \$("#bformfund").click(function(){ \t\t\t\t\t\tdispfundform(); \t\t\t\t \t\t}); \t \t\t \$("#bhead_evtUpload").click(function(){ \t\t\t\t\t dispEventUploadForm(); \t\t\t\t\t }); \t\t\t\t\tfunction dispevtproc() \t\t \t\t \t { \t\t\t\t\t\t\$(".forms").css({'display':'none'}); \t\t\t\t\t\t\$("#dheadeventproc").css({'display':'block'}); \t\t\t\t\t } \t\t\t\t\tfunction dispfundreq() \t\t \t\t \t { \t\t\t\t\t\t\$(".forms").css({'display':'none'}); \t\t\t\t\t\t\$("#dheadfundreq").css({'display':'block'}); \t\t\t \t\t } \t\t\t\t\tfunction dispevtform() \t\t\t\t \t { \t\t\t\t\t\t\$(".forms").css({'display':'none'}); \t\t\t\t\t\t\$("#formevt").css({'display':'block'}); \t\t\t\t\t } \t\t\t \t function dispfundform() \t\t\t\t \t { \t\t\t\t\t\t\$(".forms").css({'display':'none'}); \t\t\t\t\t\t\$("#formfund").css({'display':'block'}); \t\t\t\t\t } \t\t\t\t\t function dispEventUploadForm() \t\t\t\t\t { \t\t\t\t\t \$(".forms").css({'display':'none'}); \t\t\t\t\t \$("#formEvtName").css({'display':'block'}); \t\t\t\t\t } \t\t\t\t\t\$("#dheadeventproc").css({'width':'100%'}); \t\t\t\t\t\$("#dheadfundreq").css({'width':'100%'}); \t\t\t\t\$(".viewbuttons").css({'height':'25px'}); \t\t\t\t\t});\t \t\t\t</script> \t\t\t<div id="buttonsDiv" class="viewButtonsDiv"> \t \t\t<input type="button" id="bformevt" class="viewbuttons" value="Event procurement "/> \t \t\t<input type="button" id="bformfund" value="Fund" class="viewbuttons" /> \t\t\t<input type="button" id="bhead_evtproc" value="Event procurement details" class="viewbuttons" /> \t\t\t<input type="button" id="bhead_fundreq" value="Fund details" class="viewbuttons" /> \t\t\t<input type="button" id="bhead_evtUpload" value="Upload Event Name" class="viewbuttons" /> \t\t</div> \t\t\t<div id="formevt" class="forms"> \t\t\t\t<h2>Event Procurement Request</h2> \t\t\t<table class="qaostables display" id="table_evtprocrequest" width="100%" border="1"> \t\t\t\t<thead><tr> \t\t\t\t\t<th>EVENT NAME</th> \t\t\t\t\t<th>ITEM</th> \t\t\t\t\t<th>QUANTITY</th> \t\t\t\t\t<th>REASON</th> \t\t\t\t\t<th>STATUS</th> \t\t\t\t\t<th>DEADLINE</th> \t\t\t\t\t<th>ADDED BY</th> \t\t\t\t\t<th>DESCRIPTION</th> \t\t\t\t\t<th>SUBMIT</th> \t\t\t\t</tr></thead> AB; while ($result = mysql_fetch_array($res)) { $event = $result['evtproc_Id']; $userName = getUserName($result['userid']); if ($result['evtproc_Status'] == 0) { $status = 0; } else { $status = 1; } if ($status == 0) { $headaction .= <<<AB \t \t\t\t <tr id="tr{$event}" > \t \t\t\t \t <td>{$result["evtproc_name"]}</td> \t \t\t\t\t\t <td>{$result['evtproc_Request']}</td> \t \t\t\t\t\t <td>{$result['evtproc_Quantity']}</td> \t\t\t\t\t\t <td>{$result['evtproc_reason']}</td> \t\t\t\t\t\t <td> \t\t\t\t\t\t\t<input type="radio" name="status{$event}" id="status{$event}1" value="1">ACCEPT<br/ > \t \t\t\t\t\t \t<input type="radio" name="status{$event}" id="status{$event}2" value="2">Decline<br/> \t\t\t\t\t\t </td> \t\t\t\t\t\t <td>{$result['evtproc_date']}</td> \t\t\t\t\t\t <td>{$userName}</td>\t\t\t\t \t\t\t\t\t\t <td><textarea id="description{$event}"></textarea></td> \t\t\t\t\t\t <td> \t\t\t\t\t\t\t<form action="./+head&subaction=apEventProc" method="post" onsubmit="return qaosproc({$event})"> \t\t\t\t\t\t\t <input type="hidden" value="" id="hid{$event}" name="hid"> \t\t\t\t\t\t\t <input type="hidden" value="{$event}" id="hi2d{$event}" name="hid2"> \t\t\t\t\t\t\t <input type="hidden" value="" id="hi1d{$event}" name="hid1"> \t\t\t\t\t\t\t <input type="submit" value="submit"> \t\t\t\t\t\t\t</form> \t\t\t\t\t\t </td> \t\t\t\t\t </tr> AB; } } $headaction .= <<<AB \t\t \t </table> \t\t\t\t </div> \t\t\t\t <div id="formfund" class="forms"> \t\t \t\t<h2>Fund request</h2> \t\t\t\t \t<table class="qaostables display" id="table_fundreqform" border="1" width="100%"> \t\t\t\t\t <thead> <tr> \t\t\t\t\t\t<th>EVENT NAME</th> \t\t\t\t\t\t<th>ITEM</th> \t\t\t\t\t\t<th>QUANTITY</th> \t\t\t\t\t\t<th>AMOUNT</th> \t\t\t\t\t\t<th>REASON</th> \t\t\t\t\t\t<th>STATUS</th> \t\t\t\t\t\t<th>DEADLINE</th> \t\t <th>ADDED BY</th> \t\t\t\t\t\t<th>DESCRIPTION</th> \t\t <th>SUBMIT</th> \t\t\t\t\t </tr></thead> AB; while ($result1 = mysql_fetch_array($res1)) { $event1 = $result1['fundreq_Id']; $userName = getUserName($result1['userid']); if ($result1['fundreq_Status'] == 0) { $status1 = 0; } else { $status1 = 1; } if ($status1 == 0) { $headaction .= <<<AB \t \t\t\t\t\t <tr id="trf{$event1}"> \t \t\t\t\t\t <td>{$result1["fundreq_name"]}</td> \t \t\t\t\t\t\t <td>{$result1['fundreq_Request']}</td> \t \t\t\t\t\t\t <td>{$result1['fundreq_Quantity']}</td> \t \t\t\t\t\t\t <td>{$result1["fundreq_Amount"]}</td> \t \t\t\t\t\t\t <td>{$result1["fundreq_reason"]}</td> \t \t\t\t\t\t\t <td> \t\t\t\t\t\t\t\t<input type="radio" name="qstatus{$event1}" id="qstatus{$event1}1" value="1">ACCEPT<br/ > \t \t\t\t\t\t\t\t<input type="radio" name="qstatus{$event1}" id="qstatus{$event1}2" value="2">Decline<br/> \t\t\t\t\t\t\t </td> \t\t\t\t\t\t\t\t <td>{$result1["fundreq_date"]}</td> \t\t\t\t\t\t\t <td>{$userName}</td>\t\t \t \t\t\t\t\t\t <td><textarea id="qdescription{$event1}"></textarea></td> \t \t\t\t\t\t\t <td> \t\t\t\t\t\t\t\t<form action="./+head&&subaction=apFundReq" method="post" onsubmit="return qaosfund({$event1})"> \t\t\t\t\t\t\t \t <input type="hidden" value="" id="qhid{$event1}" name="qhid"> \t \t\t\t\t\t\t\t <input type="hidden" value="{$event1}" id="qhi2d{$event1}" name="qhid2"> \t \t\t\t\t\t\t\t <input type="hidden" value="" id="qhi1d{$event1}" name="qhid1"> \t \t\t\t\t\t\t\t <input type="submit" value="submit"> \t\t\t\t\t\t\t \t</form> \t\t\t\t\t\t\t </td> \t\t\t\t\t\t </tr> AB; } } $headaction .= <<<AB \t\t\t\t\t\t</table> \t\t\t\t\t \t</div> \t\t\t\t\t\t<div class="headdisplay" id="headdisplayevt"> AB; $hist1 = "SELECT *FROM qaos1_evtproc WHERE modulecomponentid={$this->moduleComponentId}"; $res = mysql_query($hist1); $headaction .= <<<AB \t \t <div id="dheadeventproc" class="forms"> \t\t\t\t\t<h2>Event Procurement Status</h2>\t \t \t \t \t <table id="table_eventproc_head" class="display"border="1" width="100%" class="qaostables"> \t \t\t <thead><tr> \t\t\t\t\t\t<th>ITEM</th> \t\t\t\t\t\t<th>QUANTITY</th> \t\t\t\t\t\t<th>EVENT NAME</th> \t\t\t\t\t\t<th>REASON</th>\t\t\t\t \t\t \t\t\t\t \t\t<th>STATUS</th> \t\t <th>ADDED BY</th> \t\t\t\t \t\t<th>DEADLINE</th> \t\t\t\t \t\t<th>DESCRIPTION</th> \t\t\t\t\t </tr></thead> AB; while ($result = mysql_fetch_array($res)) { $userName = getUserName($result['userid']); if ($result['evtproc_Status'] == 0) { $status = "Pending"; } else { if ($result['evtproc_Status'] == 1) { $status = "Accepted By QA"; } else { if ($result['evtproc_Status'] == 2) { $status = "Decline"; } else { if ($result['evtproc_Status'] == 3) { $status = "Accepted By OC"; } } } } $headaction .= <<<AB \t\t\t\t <tr class="tr{$result['evtproc_Status']}"> \t\t\t\t <td>{$result['evtproc_Request']}</td> \t\t\t\t <td>{$result['evtproc_Quantity']}</td> \t\t\t\t <td>{$result['evtproc_name']}</td> \t\t\t\t <td>{$result['evtproc_reason']}</td>\t\t\t\t \t\t\t\t <td>{$status}</td> \t\t\t\t\t<td>{$userName}</td>\t\t \t\t\t\t <td>{$result['evtproc_date']}</td> \t\t\t\t <td>{$result['evtproc_Desc']}</td> \t\t\t \t </tr> AB; } $headaction .= <<<AB </table></div> \t\t\t<div class="forms" id="dheadfundreq"> \t\t\t<h2>Fund Request Status</h2> \t\t <table id="table_funreq_head" class="display"border="1" width="100%" class="qaostables"> \t\t\t <thead> \t\t\t <tr> \t\t\t\t <th>ITEM</th> \t\t\t\t <th>QUANTITY</th> \t\t\t\t <th>EVENT NAME</th> \t\t\t\t <th>Reason</th> \t\t\t\t <th>STATUS</th> <th>ADDED BY</th> \t\t\t\t <th>DEADLINE</th> \t\t\t\t <th>DESCRIPTION</th> \t\t\t </tr></thead> AB; $hist2 = "SELECT * FROM qaos1_fundreq WHERE modulecomponentid={$this->moduleComponentId}"; $res1 = mysql_query($hist2); while ($result1 = mysql_fetch_array($res1)) { $userName = getUserName($result1['userid']); if ($result1['fundreq_Status'] == 0) { $status1 = "Pending"; } else { if ($result1['fundreq_Status'] == 1) { $status1 = "Accepted by QA"; } else { if ($result1['fundreq_Status'] == 2) { $status1 = "Decline"; } else { if ($result1['fundreq_Status'] == 3) { $status1 = "collect the amt from treasurer"; } } } } $headaction .= <<<AB \t\t\t\t<tr class="tr{$result1['fundreq_Status']}"> \t\t\t\t<td>{$result1['fundreq_Request']}</td> \t\t\t\t\t<td>{$result1['fundreq_Quantity']}</td> \t\t\t\t\t<td>{$result1['fundreq_name']}</td> \t\t\t\t\t<td>{$result1['fundreq_reason']}</td> \t\t\t\t\t<td>{$status1}</td> \t\t\t\t\t<td>{$userName}</td>\t\t \t\t\t\t\t<td>{$result1['fundreq_date']}</td> \t\t\t\t\t<td>{$result1['fundreq_Desc']}</td> \t\t\t\t</tr> AB; } $uploadEventName = getFileUploadForm($this->moduleComponentId, "qaos1", './+head', UPLOAD_SIZE_LIMIT, 1); $headaction .= <<<AB \t </table></div> \t <div class="forms" id="formEvtName"> \t <h2>Upload Event Details</h2> \t <form action="./+head" method="post"> \t <input type="submit" name="downloadFormatExcel" value="Download Event Sample Format"/> \t </form> \t {$uploadEventName} \t </div> AB; return $headaction; }
public function actionEdit($moduleComponentId) { global $sourceFolder; global $templateFolder; global $urlRequestRoot; global $uploadFolder; require_once "{$sourceFolder}/upload.lib.php"; $arr = getUploadedFiles($moduleComponentId, 'gallery'); if (isset($_POST['btnDeleteImage']) && isset($_POST['imagename']) && $_POST['imagename'] != '') { deleteFile($moduleComponentId, 'gallery', $_POST['imagename']); $gallQuery = "DELETE FROM `gallery_pics` WHERE `upload_filename`='" . escape($_POST['imagename']) . "'"; $gallResult = mysql_query($gallQuery); } else { if (isset($_POST['btnEditComment']) && isset($_POST['imagename']) && $_POST['imagename'] != '') { $imageName = escape($_POST['imagename']); $comment = escape($_POST['desc']); $gallQuery = "UPDATE `gallery_pics` SET `gallery_filecomment`=\"{$comment}\" WHERE `upload_filename`=\"{$imageName}\""; $gallResult = mysql_query($gallQuery); } } if (isset($_POST['btnEditGallname']) && isset($_POST['gallName']) && isset($_POST['gallDesc']) && $_POST['gallName'] != '' && $_POST['gallDesc'] != '') { if (is_numeric($_POST['imagesPerPage'])) { $perPage = (int) escape($_POST['imagesPerPage']); } $viewCount = $_POST['allowViews'] ? 1 : 0; $ratingCount = $_POST['allowRatings'] ? 1 : 0; $gallQuery = "UPDATE `gallery_name` SET `gallery_name`='" . escape($_POST['gallName']) . "',`gallery_desc`='" . escape($_POST['gallDesc']) . "', `imagesPerPage`='" . $perPage . "',`allowViews`='" . $viewCount . "',`allowRatings`='" . $ratingCount . "' WHERE `page_modulecomponentid`='{$moduleComponentId}'"; $gallResult = mysql_query($gallQuery); } $content2 = getFileUploadForm($this->moduleComponentId, "gallery", './+edit', 10000000, 5); $allowableTypes = array('jpeg', 'jpg', 'png', 'gif'); $uploadSuccess = submitFileUploadForm($this->moduleComponentId, "gallery", $this->userId, false, $allowableTypes); if (is_array($uploadSuccess) && isset($uploadSuccess[0])) { for ($i = 0; $i < count($uploadSuccess); $i++) { $gallQuery3 = "INSERT INTO `gallery_pics` (`upload_filename`, `page_modulecomponentid`, `gallery_filecomment`) VALUES('{$uploadSuccess[$i]}', '{$this->moduleComponentId}', 'No Comment')"; $gallResult3 = mysql_query($gallQuery3); } } $arr = getUploadedFiles($this->moduleComponentId, 'gallery'); global $ICONS; $content2 = "<fieldset><legend>{$ICONS['Gallery Edit']['small']}Edit Gallery</legend>" . $content2; $result = mysql_fetch_array(mysql_query("SELECT * FROM `gallery_name` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}'")); if ($result) { $checkViews = $result['allowViews'] == 1 ? 'checked="checked" ' : ''; $checkRatings = $result['allowRatings'] == 1 ? 'checked="checked" ' : ''; } $content2 .= <<<GALFORM \t\t\t\t\t<br /><br /> \t\t\t\t\t<script type="text/javascript"> \t\t\t\t\t\t<!-- \t\t\t\t\t\tfunction validate() { \t\t\t\t\t\t\tvar strValidChars = "0123456789.-"; \t\t\t\t\t\t\tvar strString = document.getElementById('perPage').value; \t\t\t\t\t\t\tif (strString.length == 0) \t\t\t\t\t\t\t\talert("Empty Images Per Page will be taken as default value(10)."); \t\t\t\t\t\t\tfor (i = 0; i < strString.length; i++) { \t\t\t\t\t\t\t\tif (strValidChars.indexOf(strString.charAt(i)) == -1) { \t\t\t\t\t\t\t\t\talert("The value in the Images Per Page field doesn't seems to be valid number. An invalid number will be replaced by default value(10)."); \t\t\t\t\t\t\t\t\tbreak;\t\t\t\t\t\t\t \t \t\t\t\t\t\t\t\t} \t\t\t\t\t\t\t} \t\t\t\t\t\t} \t\t\t\t\t\t--> \t\t\t\t\t</script> \t\t\t\t\t<form name="edit" method="POST" action="./+edit"> \t\t\t\t\t<table> \t\t\t\t\t\t<tr><th colspan=2>Edit gallery name and description</th></tr> \t\t\t\t\t\t<tr> \t\t\t\t\t\t\t<td>New Gallery Name</td> \t\t\t\t\t\t\t<td><input type='text' name="gallName" value='{$result['gallery_name']}'></td> \t\t\t\t\t\t</tr> \t\t\t\t\t\t<tr> \t\t\t\t\t\t\t<td>New Gallery Description</td> \t\t\t\t\t\t\t<td><input type='text' name="gallDesc" value='{$result['gallery_desc']}'></td> \t\t\t\t\t\t</tr> \t\t\t\t\t\t<tr> \t\t\t\t\t\t\t<td>Show Gallery views ?</td> \t\t\t\t\t\t\t<td><input type="checkbox" name="allowViews" {$checkViews}></td> \t\t\t\t\t\t</tr> \t\t\t\t\t\t<tr> \t\t\t\t\t\t\t<td>Show Gallery rating ?</td> \t\t\t\t\t\t\t<td><input type="checkbox" name="allowRatings" {$checkRatings}></td> \t\t\t\t\t\t</tr> \t\t\t\t\t\t<tr> \t\t\t\t\t\t\t<td>Images Per Page</td> \t\t\t\t\t\t\t<td><input type="text" id=perPage name="imagesPerPage" value='{$result['imagesPerPage']}'></td> \t\t\t\t\t\t</tr> \t\t\t\t\t\t<tr> \t\t\t\t\t\t\t<td><input type="submit" name="btnEditGallname" value="Save Settings"></td> \t\t\t\t\t\t</tr> \t\t\t\t\t</table> \t\t\t\t\t</form> \t\t\t\t\t<br /><br /> GALFORM; $gallQuery2 = "SELECT * FROM `gallery_pics` where `page_modulecomponentid`= '{$this->moduleComponentId}'"; $gallResult2 = mysql_query($gallQuery2); $fileArray = array(); while ($row2 = mysql_fetch_assoc($gallResult2)) { $fileArray[] = $row2; } if ($fileArray) { for ($i = 0; $i < count($fileArray); $i++) { $galleryFilename = $fileArray[$i]['upload_filename']; $galleryComment = $fileArray[$i]['gallery_filecomment']; $galleryComment = $galleryComment != "" ? $galleryComment : "< No Comments >"; $content2 .= "<div class='galleryimagebox'><form name=\"edit\" method=\"POST\" action=\"./+edit\">"; $content2 .= <<<IMGFORM \t\t\t\t<span style="float:left"> \t\t\t\t\t<center> \t\t\t\t\t\t<img src="thumb_{$galleryFilename}" alt="{$galleryFilename}" title="Click on the image to delete it"/> \t\t\t\t\t</center> \t\t\t\t\t<div class="highslide-caption" id="caption{$i}">{$galleryComment}</div> \t\t\t\t\t<input type="hidden" name="imagename" value="{$galleryFilename}" /> \t\t\t\t\t<input type="text" name="desc"> \t\t\t\t\t<br/><input type="submit" name="btnEditComment" value="Update comment"> \t\t\t\t\t<input type="submit" name="btnDeleteImage" value="Delete" /> \t\t\t\t</span> IMGFORM; $content2 .= "</form></div>"; } } return $content2 . "</fieldset>"; }
public function getCkBody($content = "") { global $sourceFolder; global $cmsFolder; global $moduleFolder; global $urlRequestRoot; global $ICONS; require_once "{$sourceFolder}/{$moduleFolder}/article/ckeditor3.5/ckeditor.php"; $query = "SELECT * FROM `article_content` WHERE `page_modulecomponentid`= '{$this->moduleComponentId}'"; $result = mysql_query($query); $temp = mysql_fetch_assoc($result); if ($content == "") { $content = $temp['article_content']; } $editor = $temp['default_editor']; $CkForm = <<<Ck \t\t\t\t\t\t<form action="./+edit" method="post"> \t\t\t\t\t\t<a name="editor"></a> <input type="button" id="show_plain" value="Plain Source" onclick="\$('#show_plain').hide();\$('#show_ckeditor').show();CKEDITOR.instances.CKEditor1.updateElement();CKEDITOR.instances.CKEditor1.destroy();document.getElementById('editor').value='plain';"> <input type="button" id="show_ckeditor" value="CKEditor" style="display:none" onclick="\$('#show_plain').show();\$('#show_ckeditor').hide();CKEDITOR.add(CKEDITOR.editor.replace(document.getElementsByName('CKEditor1')[0]));document.getElementById('editor').value='ckeditor';"> \t\t\t\t\t\t<input type="button" value="Cancel" onclick="submitarticleformCancel(this);"><input type="submit" value="Save"><input type="button" value="Preview" onclick="submitarticleformPreview(this)"><input type="button" value="Draft" onclick="submitarticleformDraft(this);"> To upload files and images, go to the <a href="#files">files section</a>.<br/> Ck; $top = "<a href='#topquicklinks'>Top</a>"; $oCKEditor = new CKeditor(); $oCKEditor->basePath = "{$urlRequestRoot}/{$cmsFolder}/{$moduleFolder}/article/ckeditor3.5/"; $oCKEditor->config['width'] = '100%'; $oCKEditor->config['height'] = '300'; $oCKEditor->returnOutput = true; if ($editor == 'ckeditor') { $Ckbody = $oCKEditor->editor('CKEditor1', $content); } else { $Ckbody = $oCKEditor->editor('ne', ""); //make a auxilary Ckeditor ///following destroys the the ckeditor instance as soon as it is initialized. Also hides the Plain Source button $Ckbody .= "<script>CKEDITOR.instances.ne.on('instanceReady',function(){ CKEDITOR.instances.ne.destroy()});\$('#show_plain').hide();\$('#show_ckeditor').show();</script>"; $Ckbody .= '<textarea rows="20" cols="60" style="width:100%" name="CKEditor1" style="display: inline;">' . $content . '</textarea>'; } $CkFooter = <<<Ck1 <br/> <input type='hidden' name='editor' id='editor' value='{$editor}'/> \t\t\t\t\t <input type="button" value="Cancel" onclick="submitarticleformCancel(this);"><input type="submit" value="Save"><input type="button" value="Preview" onclick="submitarticleformPreview(this)"><input type="button" value="Draft" onclick="submitarticleformDraft(this);"> \t\t\t\t\t \t\t </form> \t\t\t\t\t \t <script language="javascript"> \t\t\t\t\t \tfunction submitarticleformPreview(butt) { \t\t\t\t\t \t\tbutt.form.action = "./+edit&preview=yes#preview"; \t\t\t\t\t \t\tbutt.form.submit(); \t\t\t\t\t \t} \t\t\t\t\t \tfunction submitarticleformCancel(butt) { \t\t\t\t\t \t\tbutt.form.action="./+view"; \t\t\t\t\t \t\tbutt.form.submit(); \t\t\t\t\t \t} \t\t\t\t\t \tfunction submitarticleformDraft(butt) { \t\t\t\t\t \t\tbutt.form.action="./+view&draft=yes"; \t\t\t\t\t \t\tbutt.form.submit(); \t\t\t\t\t \t} \t\t\t\t\t </script><br /> \t\t\t\t\t {$top} \t\t\t\t\t <fieldset> \t\t\t\t\t <legend><a name="files">{$ICONS['Uploaded Files']['small']}Uploaded Files</a></legend> \t\t\t\t\t\t\t Ck1; $CkFooter .= getUploadedFilePreviewDeleteForm($this->moduleComponentId, "article", './+edit'); $CkFooter .= '<br />Upload files : <br />' . getFileUploadForm($this->moduleComponentId, "article", './+edit', UPLOAD_SIZE_LIMIT, 5) . '</fieldset>'; /* Revisions available */ $revisionquery = "SELECT MAX(article_revision) AS MAX FROM `article_contentbak` where page_modulecomponentid = '{$this->moduleComponentId}'"; $revisionresult = mysql_query($revisionquery); $revisionrow = mysql_fetch_assoc($revisionresult); $start = $revisionrow['MAX'] - 10; if (isset($_GET['revisionno'])) { $start = escape($_GET['revisionno']); } if ($start > $revisionrow['MAX'] - 9) { $start = $revisionrow['MAX'] - 10; } if ($start < 0) { $start = 0; } $count = 10; if (isset($_GET['count'])) { $count = escape($_GET['count']); } if ($count > $revisionrow['MAX'] - $start + 1) { $count = $revisionrow['MAX'] - $start + 1; } $query = "SELECT article_revision,article_updatetime,user_id FROM `article_contentbak` where page_modulecomponentid = '{$this->moduleComponentId}' ORDER BY article_revision LIMIT {$start},{$count}"; $result = mysql_query($query); $revisionTable = "<fieldset>\n\t\t\t\t\t <legend><a name='revisions'>{$ICONS['Page Revisions']['small']}Page Revisions : </a></legend>" . "<table border='1'><tr><td>Revision Number</td><td>Date Updated</td><td>User Fullname</td><td>User Email</td></tr>"; while ($row = mysql_fetch_assoc($result)) { $revisionTable .= "<tr><td><a href=\"./+edit&version=" . $row['article_revision'] . "#preview\">" . $row['article_revision'] . "</a></td><td>" . $row['article_updatetime'] . "</td><td>" . getUserFullName($row['user_id']) . "</td><td>" . getUserEmail($row['user_id']) . "</td></tr>"; } $revisionTable .= "</table>" . "<input type=\"button\" value=\"<<\" onclick=\"window.location='./+edit&revisionno=0'\" /> " . "<input type=\"button\" value=\"<\" onclick=\"window.location='./+edit&revisionno=" . ($start - 10) . "'\" /> " . "<input type=\"button\" value=\">\" onclick=\"window.location='./+edit&revisionno=" . ($start + 10) . "'\" /> " . "<input type=\"button\" value=\">>\" onclick=\"window.location='./+edit&revisionno=" . ($revisionrow['MAX'] - 10) . "'\" /> " . "</fieldset>"; /* Drafts available */ $draftquery = "SELECT MAX(draft_number) AS MAX FROM `article_draft` where page_modulecomponentid = '{$this->moduleComponentId}'"; $draftresult = mysql_query($draftquery); $draftrow = mysql_fetch_assoc($draftresult); $dstart = $draftrow['MAX'] - 10; if (isset($_GET['draftno'])) { $dstart = escape($_GET['draftno']); } if ($dstart > $draftrow['MAX'] - 9) { $dstart = $draftrow['MAX'] - 10; } if ($dstart < 0) { $dstart = 0; } $dcount = 10; if (isset($_GET['dcount'])) { $dcount = escape($_GET['dcount']); } if ($dcount > $draftrow['MAX'] - $dstart + 1) { $dcount = $draftrow['MAX'] - $dstart + 1; } $query = "SELECT `draft_lastsaved`,`draft_number`,`user_id` FROM `article_draft` where `page_modulecomponentid` = '{$this->moduleComponentId}' ORDER BY `draft_lastsaved` LIMIT {$dstart},{$dcount}"; $result = mysql_query($query); $draftTable = "<fieldset>\n\t\t\t\t\t <legend><a name='drafts'>{$ICONS['Page Revisions']['small']}Drafts Saved : </a></legend>" . "<table border='1'><tr><td>Draft Number</td><td>Date Drafted</td><td>User Fullname</td><td>User Email</td><td>Delete</td></tr>"; while ($row = mysql_fetch_assoc($result)) { $draftTable .= "<tr><td><a href=\"./+edit&dversion=" . $row['draft_number'] . "#preview\">" . $row['draft_number'] . "</a></td><td>" . $row['draft_lastsaved'] . "</td><td>" . getUserFullName($row['user_id']) . "</td><td>" . getUserEmail($row['user_id']) . "</td><td><form action='./+edit&deldraft=yes&dno=" . $row['draft_number'] . "' method='post'><input type='button' value='Delete' onclick='submitarticleformDeldraft(this);'></form>\n\t\t<script language='javascript'>\n\t\t\t\t\t \tfunction submitarticleformDeldraft(butt) {\n\t\t\t\t\t \t\tif(confirm('Are you sure you want to delete this draft ? '))\n\t\t\t\t\t \t\tbutt.form.submit();\n\t\t\t\t\t \t}\n\t\t</script></td></tr>"; } $draftTable .= "</table>" . "<input type=\"button\" value=\"<<\" onclick=\"window.location='./+edit&draftnno=0'\" /> " . "<input type=\"button\" value=\"<\" onclick=\"window.location='./+edit&draftno=" . ($dstart - 10) . "'\" /> " . "<input type=\"button\" value=\">\" onclick=\"window.location='./+edit&draftno=" . ($dstart + 10) . "'\" /> " . "<input type=\"button\" value=\">>\" onclick=\"window.location='./+edit&draftno=" . ($draftrow['MAX'] - 10) . "'\" /> " . "</fieldset>"; /* Drafts end*/ return $CkForm . $Ckbody . $CkFooter . $draftTable . $top . $revisionTable . $top; }
/** * function actionEdit: * Edit interface for all safedit module instances * will be called from $this->getHtml function */ public function actionEdit() { $ret = <<<RET <style type="text/css"> textarea { \tfont-size: 130%; \tbackground: white; } </style> RET; global $sourceFolder, $ICONS; require_once $sourceFolder . "/upload.lib.php"; submitFileUploadForm($this->moduleComponentId, "safedit", $this->userId, UPLOAD_SIZE_LIMIT); $end = "<fieldset id='uploadFile'><legend>{$ICONS['Uploaded Files']['small']}File Upload</legend>Upload files : <br />" . getFileUploadForm($this->moduleComponentId, "safedit", './+edit', UPLOAD_SIZE_LIMIT, 5) . getUploadedFilePreviewDeleteForm($this->moduleComponentId, "safedit", './+edit') . '</fieldset>'; $val = mysql_fetch_assoc(mysql_query("SELECT `page_title` FROM `" . MYSQL_DATABASE_PREFIX . "pages` WHERE `page_module` = 'safedit' AND `page_modulecomponentid` = '{$this->moduleComponentId}'")); $ret .= "<h1>Editing '" . $val['page_title'] . "' page</h1>"; if (isset($_GET['subaction'])) { if ($_GET['subaction'] == "addSection") { $show = isset($_POST['sectionShow']); $heading = escape($_POST['heading']); $result = mysql_query("SELECT MAX(`section_id`)+1 as `section_id` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}'") or die(mysql_error()); $row = mysql_fetch_row($result); $sectionId = $row[0]; $result = mysql_query("SELECT MAX(`section_priority`)+1 as `section_priority` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}'"); $row = mysql_fetch_row($result); $priority = $row[0]; $query = "INSERT INTO `safedit_sections`(`page_modulecomponentid`,`section_id`,`section_heading`,`section_type`,`section_show`,`section_priority`) VALUES ('{$this->moduleComponentId}','{$sectionId}','{$heading}','" . escape($_POST['type']) . "','{$show}','{$priority}')"; mysql_query($query) or die($query . "<br>" . mysql_error()); if (mysql_affected_rows() > 0) { displayinfo("Section: {$heading}, created"); } else { displayerror("Couldn't create section"); } } else { if ($_GET['subaction'] == 'deleteSection') { $sectionId = escape($_GET['sectionId']); $query = "DELETE FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sectionId}'"; mysql_query($query) or die($query . "<br>" . mysql_error()); if (mysql_affected_rows() > 0) { displayinfo("Section deleted succesfully"); } else { displayerror("Couldn't delete section"); } } else { if ($_GET['subaction'] == 'saveSection') { $sectionId = escape($_POST['sectionId']); $heading = escape($_POST['heading']); $typeUpdate = isset($_POST['type']) ? ", `section_type` = '{$_POST['type']}'" : ''; $show = ", `section_show` = '" . isset($_POST['sectionShow']) . "'"; $result = mysql_query("SELECT `section_type` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sectionId}'"); $row = mysql_fetch_row($result); $type = $row[0]; if ($type == "para" || $type == "ulist" || $type == "olist") { $sectionContent = escape($this->processSave($_POST['content'])); } else { if ($type == "picture") { $sectionContent = escape($_POST['selectFile']); } } $query = "UPDATE `safedit_sections` SET `section_heading` = '{$heading}', `section_content` = '{$sectionContent}'{$typeUpdate}{$show} WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sectionId}'"; mysql_query($query) or die($query . "<br>" . mysql_error()); if (mysql_affected_rows() > 0) { displayinfo("Section saved successfully"); } } else { if ($_GET['subaction'] == 'moveUp' || $_GET['subaction'] == 'moveDown') { $compare = $_GET['subaction'] == 'moveUp' ? '<=' : '>='; $arrange = $_GET['subaction'] == 'moveUp' ? 'DESC' : 'ASC'; $sectionId = escape($_GET['sectionId']); $query = "SELECT `section_id`,`section_priority` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_priority` '{$compare}' (SELECT `section_priority` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sectionId}') ORDER BY `section_priority` '{$arrange}' LIMIT 2"; $result = mysql_query($query); $row = mysql_fetch_row($result); $sid = $row[0]; $spr = $row[1]; if ($row = mysql_fetch_row($result)) { mysql_query("UPDATE `safedit_sections` SET `section_priority` = '{$spr}' WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$row[0]}'"); mysql_query("UPDATE `safedit_sections` SET `section_priority` = '{$row[1]}' WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sid}'"); } } else { if ($_GET['subaction'] == 'moveTop' || $_GET['subaction'] == 'moveBottom') { $sectionId = escape($_GET['sectionId']); $cpri = mysql_fetch_row(mysql_query("SELECT `section_priority` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sectionId}'")) or die(mysql_error()); if ($_GET['subaction'] == 'moveTop') { $sign = '+'; $cmpr = '<'; $set = '0'; } else { $sign = '-'; $cmpr = '>'; $set = mysql_fetch_row(mysql_query("SELECT MAX(`section_priority`) FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}'")) or die(mysql_error()); $set = isset($set[0]) ? $set[0] : ''; } $cmpr = $_GET['subaction'] == 'moveTop' ? '<' : '>'; $query = "UPDATE `safedit_sections` SET `section_priority` = `section_priority`{$sign}1 WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_priority` {$cmpr} '{$cpri[0]}'"; mysql_query($query) or die(mysql_error()); mysql_query("UPDATE `safedit_sections` SET `section_priority` = '{$set}' WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sectionId}'") or die(mysql_error()); } } } } } } $result = mysql_query("SELECT `section_id`,`section_heading`,`section_type`,`section_content`,`section_show` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' ORDER BY `section_priority`"); while ($row = mysql_fetch_assoc($result)) { $show = $row['section_show'] ? 'checked ' : ''; $type = $row['section_type']; $help = $type != "picture" ? " <a href='#help' title='Only Plain text allowed, Click to know more'>{$ICONS['Help']['small']}</a>" : ''; $ret .= <<<RET <form action='./+edit&subaction=saveSection' method=POST><input type=hidden value='{$row['section_id']}' name='sectionId' /><fieldset><legend><input type=checkbox name='sectionShow' {$show}/><input type=text name=heading value='{$row['section_heading']}' style='border:0;background:none;' /> <a href='./+edit&subaction=moveUp§ionId={$row['section_id']}' title='Move one level Up'>{$ICONS['Up']['small']}</a> <a href='./+edit&subaction=moveDown§ionId={$row['section_id']}' title='Move one level Down'>{$ICONS['Down']['small']}</a> <a href='./+edit&subaction=moveTop§ionId={$row['section_id']}' title='Move to Top'>{$ICONS['Top']['small']}</a> <a href='./+edit&subaction=moveBottom§ionId={$row['section_id']}' title='Move to Bottom'>{$ICONS['Bottom']['small']}</a> <a href='./+edit&subaction=deleteSection§ionId={$row['section_id']}' title='Delete Section'>{$ICONS['Delete Section']['small']}</a>{$help}</legend><div class='safedit_section'> RET; $safeContent = safe_html($row['section_content']); if ($type == "ulist" || $type == "olist" || $type == "para") { $usel = $type == "ulist" ? ' selected' : ''; $osel = $type == "olist" ? ' selected' : ''; $psel = $type == "para" ? ' selected' : ''; $ret .= <<<PARA <textarea name=content rows=7 style="width:100%">{$safeContent}</textarea> <select name=type> <option value="para"{$psel}>Paragraph</option> <option value="ulist"{$usel}>List</option> <option value="olist"{$osel}>Numbered List</option> </select> PARA; } else { if ($type == "picture") { $files = getUploadedFiles($this->moduleComponentId, "safedit"); $ret .= "<a href='#uploadFile'>Upload File</a><br /><select name=selectFile><option value=''>No picture</option>"; foreach ($files as $currFile) { $select = $row['section_content'] == $currFile['upload_filename'] ? ' selected' : ''; $ret .= "<option value='{$currFile['upload_filename']}'{$select}>{$currFile['upload_filename']}</option>"; } $ret .= "</select>"; } } $ret .= <<<SUBMIT <input type=submit value='Save section' /></div></fieldset></form> SUBMIT; } $ret .= <<<RET <fieldset> <legend>{$ICONS['Add']['small']}Create New Section</legend> <form action="./+edit&subaction=addSection" method=POST> <select name='type'> <option value="para">Paragraph</option> <option value="ulist">List</option> <option value="olist">Numbered List</option> <option value="picture">Picture</option> </select> <input type=text name="heading" /> <input type=checkbox name="sectionShow" checked /> <input type=submit value="Add section" name="btnAddSection" /> </form> </fieldset> RET; $ret .= $end; $ret .= <<<RET <small id="help"><ul><li>You can display only Plain text, any custom formatting will be prevented.<br />To make a link, enclose the text with '{' and '}' and add the target to the end of the line after '|'<br />For eg:<br />{This is a link}, and this is not a link|http://www.google.com<br />The above line will make a link to google.com</li><li>Leave section heading text box blank(without even spaces) to avoid displaying Heading</li></ul></small> RET; return $ret; }
public function actionHospihead() { global $urlRequestRoot, $sourceFolder, $templateFolder, $cmsFolder, $moduleFolder; $moduleComponentId = $this->moduleComponentId; $scriptsFolder = "{$urlRequestRoot}/{$cmsFolder}/{$templateFolder}/common/scripts"; $imagesFolder = "{$urlRequestRoot}/{$cmsFolder}/{$templateFolder}/common/images"; require_once "{$sourceFolder}/{$moduleFolder}/prhospi/prhospi_common.php"; require_once "{$sourceFolder}/{$moduleFolder}/prhospi/accommodation.php"; require_once $sourceFolder . "/" . $moduleFolder . "/qaos1/excel.php"; require_once $sourceFolder . "/upload.lib.php"; if (isset($_GET['subaction']) && $_GET['subaction'] == 'getsuggestions' && isset($_GET['forwhat'])) { echo getSuggestionsForIdOrEmail(escape($_GET['forwhat'])); exit; } if (isset($_POST['txtFormUserId']) && $_POST['txtFormUserId'] != '') { $detailsGiven = explode("- ", escape($_POST['txtFormUserId'])); deleteAccomodatedUser($detailsGiven[1], $moduleComponentId); } displayinfo(print_r(assignVars($this->userId, $moduleComponentId), true)); if (isset($_POST['amountDetail'])) { $amt = mysql_real_escape_string($_POST['amountDetail']); $insertQuery = "UPDATE `prhospi_disclaimer` SET `team_cost`={$amt} WHERE `page_modulecomponentid`={$this->moduleComponentId} AND "; $insertQuery .= "`disclaimer_team`='hospihead'"; $updateRes = mysql_query($insertQuery) or displayerror(mysql_error()); if ($updateRes != '') { displayinfo("Amount Updated to Rs. {$amt}"); } } if (isset($_POST['amountDetail1'])) { $amt = mysql_real_escape_string($_POST['amountDetail1']); $insertQuery = "UPDATE `prhospi_disclaimer` SET `team_cost`={$amt} WHERE `page_modulecomponentid`={$this->moduleComponentId} AND "; $insertQuery .= "`disclaimer_team`='hospihead1'"; $updateRes = mysql_query($insertQuery) or displayerror(mysql_error()); if ($updateRes != '') { displayinfo("Amount Updated to Rs. {$amt}"); } } if (isset($_POST['CKEditor1'])) { $editorData = escape($_POST['CKEditor1']); $insertQuery = "UPDATE `prhospi_disclaimer` SET `disclaimer_desc`='{$editorData}' WHERE `page_modulecomponentid`={$this->moduleComponentId} "; $insertQuery .= "AND `disclaimer_team`='hospihead'"; $updateRes = mysql_query($insertQuery) or displayerror(mysql_error()); if ($updateRes != '') { displayinfo("Details Successfully updated !!!"); } } if (isset($_POST['downloadSampleFormat'])) { downloadSampleFormatForRoomUpload(); } if (isset($_FILES['fileUploadField']['name'])) { $excelData = readExcelSheet($_FILES['fileUploadField']['tmp_name'][0]); $success = 1; for ($i = 2; $i <= count($excelData); $i++) { for ($j = $excelData[$i][2]; $j <= $excelData[$i][3]; $j++) { if ($excelData[$i][1] == NULL) { continue; } $checkIfExistQuery = "SELECT * FROM `prhospi_hostel` \n WHERE `hospi_hostel_name`='{$excelData[$i][1]}' AND \n `hospi_room_no`={$j} AND `page_modulecomponentid`={$moduleComponentId}"; $checkIfExistRes = mysql_query($checkIfExistQuery) or displayerror(mysql_error()); if (mysql_num_rows($checkIfExistRes)) { $updateFieldQuery = "UPDATE `prhospi_hostel` \n SET `hospi_room_capacity`={$excelData[$i][4]} , `hospi_floor` = {$excelData[$i][5]}\n WHERE `page_modulecomponentid`={$moduleComponentId} AND \n `hospi_hostel_name`='{$excelData[$i][1]}' AND `hospi_room_no`={$j}"; $updateResult = mysql_query($updateFieldQuery) or displayerror(mysql_error()); continue; } $insertIntoHospiQuery = "INSERT INTO `prhospi_hostel` (page_modulecomponentid,hospi_hostel_name,hospi_room_capacity,\n hospi_room_no,hospi_floor) VALUES ({$moduleComponentId},'{$excelData[$i][1]}',{$excelData[$i][4]},{$j},{$excelData[$i][5]})"; $res = mysql_query($insertIntoHospiQuery) or displayerror(mysql_error()); if ($res == "") { $success = 0; } } } if (!$success) { displayerror("Datas are not inserted"); } } $hospiview = ""; $hospiview .= <<<VIEW \t<table> <a onClick="history.go(-1)">BACK</a><br/> <tr> <td><a href="./+hospihead&subaction=addRoom"> <div>Add Rooms</div></a></td> <td><a href="./+hospihead&subaction=viewStatus"><div>View All Rooms</div></a></td> <td><a href="./+hospihead&subaction=ckEditor"><div>Update Disclaimer</div></a></td> <td><a href="./+hospihead&subaction=deleteUsers"><div>Delete User in Accomodation</div></a></td> <td><a href="./+hospihead&subaction=blockRooms"><div>Block Rooms</div></a></td> </tr> </table> VIEW; if (isset($_GET['subaction'])) { if ($_GET['subaction'] == 'blockRooms') { $hospiview .= blockRoom($this->moduleComponentId); } if ($_GET['subaction'] == 'ckEditor') { $hospiview .= $this->getCkBody("", "hospihead"); } else { if ($_GET['subaction'] == 'addRoom') { $fileUploadableForm = getFileUploadForm($this->moduleComponentId, "prhospi", './+hospihead', UPLOAD_SIZE_LIMIT, 1); $hospiview .= <<<ADDROOMFORM <br/><br/> <form action="./+hospihead" method="post"> <input type="submit" name="downloadSampleFormat" value="Download Sample Form"><br/> </form> {$fileUploadableForm} ADDROOMFORM; } else { if ($_GET['subaction'] == 'viewStatus') { $hospiview .= displayRooms($moduleComponentId); } else { if ($_GET['subaction'] == 'deleteUsers') { $deleteUserForm = displayUsersRegisteredToAccoWithDelete($moduleComponentId); $hospiview .= <<<HOSPI \t {$deleteUserForm} <form method="POST" action="./+hospihead"> \t Enter UserId or Email:<input type="text" name="txtFormUserId" id="txtFormUserId" autocomplete="off" style="width: 256px" /> \t <div id="suggestionsBox" style="background-color: white; width: 260px; border: 1px solid black; position: absolute; overflow-y: scroll; max-height: 180px; display: none"></div> \t <input type="submit" Value="Find User"/> \t <script type="text/javascript" language="javascript" src="{$scriptsFolder}/ajaxsuggestionbox.js"> \t </script> \t <script language="javascript"> \t var userBox = new SuggestionBox(document.getElementById('txtFormUserId'), document.getElementById('suggestionsBox'), "./+hospihead&subaction=getsuggestions&forwhat=%pattern%"); \tuserBox.loadingImageUrl = '{$imagesFolder}/ajaxloading.gif'; \t</script> \t</form> HOSPI; } } } } } return $hospiview; }
public function actionOchead() { global $urlRequestRoot, $moduleFolder, $cmsFolder, $templateFolder, $sourceFolder, $STARTSCRIPTS; require_once $sourceFolder . "/upload.lib.php"; require_once $sourceFolder . "/" . $moduleFolder . "/qaos1/excel.php"; require_once $sourceFolder . "/" . $moduleFolder . "/oc/oc_common.php"; $mcId = $this->moduleComponentId; $userId = $this->userId; if (isset($_POST['downloadFormatExcel'])) { displayOCDownload(); } if (isset($_FILES['fileUploadField']['name'])) { $date = date_create(); $timeStamp = date_timestamp_get($date); $tempVar = $sourceFolder . "/uploads/temp/" . $timeStamp . $_FILES['fileUploadField']['name'][0]; move_uploaded_file($_FILES["fileUploadField"]["tmp_name"][0], $tempVar); $excelData = readExcelSheet($tempVar); $success = 1; for ($i = 2; $i <= count($excelData); $i++) { $email = $excelData[$i][2] . '@nitt.edu'; $query = "INSERT IGNORE INTO `oc_valid_emails` (`page_moduleComponentId`,`oc_name`,`oc_valid_email`) \n VALUES ({$mcId},'{$excelData[$i][1]}','{$email}')"; mysql_query($query) or displayerror($email); } //echo $c." ".$d; } $retOcHead = ""; $uploadValidEmail = getFileUploadForm($mcId, "oc", './+ochead', UPLOAD_SIZE_LIMIT, 1); $retOcHead .= <<<FORM <form action="./+ochead" method="post"> <input type="submit" name="downloadFormatExcel" value="Download Event Sample Format"/> </form> FORM; $retOcHead .= $uploadValidEmail; $displayTags = <<<TAG <table> <tr> <td><a href="./+ochead&subaction=view_whitelist_users"> <div>View Whitelist Registrants</div></a></td> <td><a href="./+ochead&subaction=view_registered_users"><div>Registred Users</div></a></td> <td><a href="./+ochead&subaction=add_whitelist_email"><div>Add Whitelist Email</div></a></td> <td><a href="./+ochead&subaction=availability"><div>Check Availability</div></a></td> <td><a href="./+ochead&subaction=reg_status"><div>Current Registration Status</div></a></td> <td><a href="./+ochead&subaction=reg_status"><div>Current Registration Status</div></a></td> <td><a href="./+ochead&subaction=upload_tshirt_list"><div>Upload TShirt List</div></a></td> <td><a href="./+ochead&subaction=download_black_list"><div>Download Black List</div></a></td> </tr> </table> TAG; if (isset($_GET['subaction']) && $_GET['subaction'] == 'view_registered_users') { return $retOcHead . $displayTags . view_registered_users($mcId); } if (isset($_GET['subaction']) && $_GET['subaction'] == 'view_whitelist_users') { return $retOcHead . $displayTags . view_whitelist_emails($mcId); } if (isset($_GET['subaction']) && $_GET['subaction'] == 'add_whitelist_email') { return $retOcHead . $displayTags . add_whitelist_email($mcId); } if (isset($_GET['subaction']) && $_GET['subaction'] == 'availability') { return $retOcHead . $displayTags . availability($mcId); } if (isset($_GET['subaction']) && $_GET['subaction'] == 'reg_status') { return $retOcHead . $displayTags . reg_status($mcId); } if (isset($_GET['subaction']) && $_GET['subaction'] == 'upload_tshirt_list') { return $retOcHead . $displayTags . upload_tshirt_list($mcId); } if (isset($_GET['subaction']) && $_GET['subaction'] == 'download_black_list') { return $retOcHead . $displayTags . download_black_list($mcId); } return $retOcHead . $displayTags . view_registered_users($mcId); }
function upload_tshirt_list($mcId) { global $sourceFolder, $moduleFolder; require_once $sourceFolder . "/" . $moduleFolder . "/qaos1/excel.php"; if (isset($_FILES['uploadTShirtDetail']['name'][0])) { $date = date_create(); $timeStamp = date_timestamp_get($date); $tempVar = $sourceFolder . "/uploads/temp/" . $timeStamp . $_FILES['uploadTShirtDetail']['name'][0]; move_uploaded_file($_FILES["uploadTShirtDetail"]["tmp_name"][0], $tempVar); $excelData = readExcelSheet($tempVar); $success = 1; for ($i = 2; $i <= count($excelData); $i++) { $name = $excelData[$i][1]; $rollNumber = $excelData[$i][2]; $tsize = $excelData[$i][3]; if ($tsize == '') { $tsize = 'N'; } $query = "INSERT IGNORE INTO `oc_form_reg` (`page_modulecomponentid`,`name`,`amount`,`user_id`,`Tshirt_size`,`updated_time`,`oc_roll_no`) \n VALUES ('{$mcId}','{$name}','700','0','{$tsize}',NOW(),'{$rollNumber}')"; mysql_query($query) or displayerror(mysql_error()); // $query = "UPDATE `oc_form_reg` SET Tshirt_size='{$tsize}' WHERE page_modulecomponentid='{$mcId}' AND oc_roll_no='{$rollNumber}'"; // mysql_query($query) or displayerror(mysql_error()); } } $uploadValidEmail = getFileUploadForm($mcId, "oc", './+ochead&subaction=upload_tshirt_list', false, 1, 'uploadTShirtDetail'); return $uploadValidEmail; }