print "</p>"; print "</div>"; ?> </div> <div id="header-logo-report" style="text-align: right"> <img height='75px' width='300px' alt="Logo" src="<?php print $_SESSION[$guid]["absoluteURL"] . "/" . $_SESSION[$guid]["organisationLogo"]; ?> "/> </div> </div> <div id="content-wrap-report" style="min-height: 500px"> <?php $_SESSION[$guid]["address"] = $_GET["q"]; $_SESSION[$guid]["module"] = getModuleName($_SESSION[$guid]["address"]); $_SESSION[$guid]["action"] = getActionName($_SESSION[$guid]["address"]); if (strstr($_SESSION[$guid]["address"], "..") != FALSE) { print "<div class='error'>"; print _("Illegal address detected: access denied."); print "</div>"; } else { if (is_file("./" . $_SESSION[$guid]["address"])) { include "./" . $_SESSION[$guid]["address"]; } else { include "./error.php"; } } ?> </div> <div id="footer-report">
*/ include '../../functions.php'; include '../../config.php'; //New PDO DB connection try { $connection2 = new PDO("mysql:host={$databaseServer};dbname={$databaseName};charset=utf8", $databaseUsername, $databasePassword); $connection2->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $connection2->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); } catch (PDOException $e) { echo $e->getMessage(); } @session_start(); //Set timezone from session variable date_default_timezone_set($_SESSION[$guid]['timezone']); $gibbonSchoolYearID = $_POST['gibbonSchoolYearID']; $URL = $_SESSION[$guid]['absoluteURL'] . '/index.php?q=/modules/' . getModuleName($_POST['address']) . '/badges_grant_add.php&gibbonPersonID2=' . $_GET['gibbonPersonID2'] . '&badgesBadgeID2=' . $_GET['badgesBadgeID2'] . "&gibbonSchoolYearID={$gibbonSchoolYearID}"; if (isActionAccessible($guid, $connection2, '/modules/Badges/badges_grant_add.php') == false) { //Fail 0 $URL .= '&return=error0'; header("Location: {$URL}"); } else { //Proceed! if (isset($_POST['gibbonPersonIDMulti'])) { $gibbonPersonIDMulti = $_POST['gibbonPersonIDMulti']; } else { $gibbonPersonIDMulti = null; } $badgesBadgeID = $_POST['badgesBadgeID']; $date = $_POST['date']; $comment = $_POST['comment']; if ($gibbonPersonIDMulti == null or $date == '' or $badgesBadgeID == '' or $gibbonSchoolYearID == '') {
You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ @session_start(); $_SESSION[$guid]["report_student_emergencySummary.php_choices"] = ""; //Module includes include "./modules/" . $_SESSION[$guid]["module"] . "/moduleFunctions.php"; if (isActionAccessible($guid, $connection2, "/modules/Library/report_catalogSummary.php") == FALSE) { //Acess denied print "<div class='error'>"; print _("You do not have access to this action."); print "</div>"; } else { //Proceed! print "<div class='trail'>"; print "<div class='trailHead'><a href='" . $_SESSION[$guid]["absoluteURL"] . "'>" . _("Home") . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/" . getModuleEntry($_GET["q"], $connection2, $guid) . "'>" . _(getModuleName($_GET["q"])) . "</a> > </div><div class='trailEnd'>" . _('Catalog Summary') . "</div>"; print "</div>"; print "<h3>"; print _("Search & Filter"); print "</h3>"; //Get current filter values $ownershipType = NULL; if (isset($_POST["ownershipType"])) { $ownershipType = trim($_POST["ownershipType"]); } if ($ownershipType == "") { if (isset($_GET["ownershipType"])) { $ownershipType = trim($_GET["ownershipType"]); } } $gibbonLibraryTypeID = NULL;
} @session_start(); //Set timezone from session variable date_default_timezone_set($_SESSION[$guid]['timezone']); //Search & Filters $search = null; if (isset($_GET['search'])) { $search = $_GET['search']; } $filter2 = null; if (isset($_GET['filter2'])) { $filter2 = $_GET['filter2']; } $visualAssessmentGuideID = $_POST['visualAssessmentGuideID']; $URL = $_SESSION[$guid]['absoluteURL'] . '/index.php?q=/modules/' . getModuleName($_POST['address']) . "/guides_manage_delete.php&visualAssessmentGuideID={$visualAssessmentGuideID}&search={$search}&filter2={$filter2}"; $URLDelete = $_SESSION[$guid]['absoluteURL'] . '/index.php?q=/modules/' . getModuleName($_POST['address']) . "/guides_manage.php&search={$search}&filter2={$filter2}"; if (isActionAccessible($guid, $connection2, '/modules/Visual Assessment/guides_manage_delete.php') == false) { //Fail 0 $URL .= '&return=error0'; header("Location: {$URL}"); } else { //Get action with highest precendence $highestAction = getHighestGroupedAction($guid, $_POST['address'], $connection2); if ($highestAction == false) { //Fail2 $URL .= '&return=error2'; header("Location: {$URL}"); } else { if ($highestAction != 'Manage Assessment Guides_all' and $highestAction != 'Manage Assessment Guides_myDepartments') { //Fail 0 $URL .= '&return=error0';
You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ @session_start(); //Module includes include "./modules/" . $_SESSION[$guid]["module"] . "/moduleFunctions.php"; if (isActionAccessible($guid, $connection2, "/modules/School Admin/externalAssessments_manage_edit.php") == FALSE) { //Acess denied print "<div class='error'>"; print _("You do not have access to this action."); print "</div>"; } else { //Proceed! print "<div class='trail'>"; print "<div class='trailHead'><a href='" . $_SESSION[$guid]["absoluteURL"] . "'>" . _("Home") . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/" . getModuleEntry($_GET["q"], $connection2, $guid) . "'>" . _(getModuleName($_GET["q"])) . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/externalAssessments_manage.php'>" . _('Manage External Assessments') . "</a> > </div><div class='trailEnd'>" . _('Edit External Assessment') . "</div>"; print "</div>"; if (isset($_GET["updateReturn"])) { $updateReturn = $_GET["updateReturn"]; } else { $updateReturn = ""; } $updateReturnMessage = ""; $class = "error"; if (!($updateReturn == "")) { if ($updateReturn == "fail0") { $updateReturnMessage = _("Your request failed because you do not have access to this action."); } else { if ($updateReturn == "fail1") { $updateReturnMessage = _("Your request failed because your inputs were invalid."); } else {
along with this program. If not, see <http://www.gnu.org/licenses/>. */ include "../../functions.php"; include "../../config.php"; //New PDO DB connection try { $connection2 = new PDO("mysql:host={$databaseServer};dbname={$databaseName};charset=utf8", $databaseUsername, $databasePassword); $connection2->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $connection2->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); } catch (PDOException $e) { echo $e->getMessage(); } @session_start(); //Set timezone from session variable date_default_timezone_set($_SESSION[$guid]["timezone"]); $URL = $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_POST["address"]) . "/resources_manage_add.php&search=" . $_GET["search"]; $time = time(); if (isActionAccessible($guid, $connection2, "/modules/Resources/resources_manage_add.php") == FALSE) { //Fail 0 $URL .= "&addReturn=fail0"; header("Location: {$URL}"); } else { if (empty($_POST)) { //Fail 5 $URL .= "&addReturn=fail5"; header("Location: {$URL}"); } else { $highestAction = getHighestGroupedAction($guid, $_POST["address"], $connection2); if ($highestAction == FALSE) { //Fail 0 $URL .= "&updateReturn=fail0";
$connection2 = new PDO("mysql:host={$databaseServer};dbname={$databaseName};charset=utf8", $databaseUsername, $databasePassword); $connection2->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $connection2->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); } catch (PDOException $e) { echo $e->getMessage(); } @session_start(); //Set timezone from session variable date_default_timezone_set($_SESSION[$guid]["timezone"]); $name = $_POST["name"]; $nameShort = $_POST["nameShort"]; $timeStart = $_POST["timeStart"]; $timeEnd = $_POST["timeEnd"]; $type = $_POST["type"]; $gibbonTTColumnID = $_POST["gibbonTTColumnID"]; $URL = $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_POST["address"]) . "/ttColumn_edit_row_add.php&gibbonTTColumnID={$gibbonTTColumnID}"; if (isActionAccessible($guid, $connection2, "/modules/Timetable Admin/ttColumn_edit_row_add.php") == FALSE) { //Fail 0 $URL .= "&addReturn=fail0"; header("Location: {$URL}"); } else { //Proceed! //Validate Inputs if ($gibbonTTColumnID == "" or $name == "" or $nameShort == "" or $timeStart == "" or $timeEnd == "" or $type == "") { //Fail 3 $URL .= "&addReturn=fail3"; header("Location: {$URL}"); } else { //Check unique inputs for uniquness try { $data = array("name" => $name, "nameShort" => $nameShort, "gibbonTTColumnID" => $gibbonTTColumnID);
} else { $extra = dateConvertBack($guid, $date); } $params = ""; if ($_GET["date"] != "") { $params = $params . "&date=" . $_GET["date"]; } if ($_GET["viewBy"] != "") { $params = $params . "&viewBy=" . $_GET["viewBy"]; } if ($_GET["gibbonCourseClassID"] != "") { $params = $params . "&gibbonCourseClassID=" . $_GET["gibbonCourseClassID"]; } $params = $params . "&subView={$subView}"; print "<div class='trail'>"; print "<div class='trailHead'><a href='" . $_SESSION[$guid]["absoluteURL"] . "'>" . _("Home") . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/" . getModuleEntry($_GET["q"], $connection2, $guid) . "'>" . _(getModuleName($_GET["q"])) . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/planner.php{$params}'>" . _('Planner') . " {$extra}</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/planner_view_full.php{$params}&gibbonPlannerEntryID={$gibbonPlannerEntryID}'>" . _('View Lesson Plan') . "</a> > </div><div class='trailEnd'>" . _('Add Comment') . "</div>"; print "</div>"; if (isset($_GET["updateReturn"])) { $updateReturn = $_GET["updateReturn"]; } else { $updateReturn = ""; } $updateReturnMessage = ""; $class = "error"; if (!($updateReturn == "")) { if ($updateReturn == "fail0") { $updateReturnMessage = _("Your request failed because you do not have access to this action."); } else { if ($updateReturn == "fail1") { $updateReturnMessage = _("Your request failed because your inputs were invalid."); } else {
along with this program. If not, see <http://www.gnu.org/licenses/>. */ include "../../functions.php"; include "../../config.php"; //New PDO DB connection try { $connection2 = new PDO("mysql:host={$databaseServer};dbname={$databaseName};charset=utf8", $databaseUsername, $databasePassword); $connection2->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $connection2->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); } catch (PDOException $e) { echo $e->getMessage(); } @session_start(); //Set timezone from session variable date_default_timezone_set($_SESSION[$guid]["timezone"]); $URL = $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_POST["address"]) . "/externalAssessmentSettings.php"; if (isActionAccessible($guid, $connection2, "/modules/School Admin/alertLevelSettings.php") == FALSE) { //Fail 0 $URL .= "&updateReturn=fail0"; header("Location: {$URL}"); } else { $gibbonYearGroupID = $_POST["gibbonYearGroupID"]; $gibbonExternalAssessmentID = $_POST["gibbonExternalAssessmentID"]; if (isset($_POST["category"])) { $category = $_POST["category"]; } $count = 0; $primaryExternalAssessmentByYearGroup = array(); foreach ($gibbonYearGroupID as $year) { if (isset($gibbonExternalAssessmentID[$count]) and isset($category[$count]) and $category[$count] != "") { $primaryExternalAssessmentByYearGroup[$year] = $gibbonExternalAssessmentID[$count] . "-" . $category[$count];
You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ @session_start(); //Module includes include "./modules/" . $_SESSION[$guid]["module"] . "/moduleFunctions.php"; if (isActionAccessible($guid, $connection2, "/modules/User Admin/data_finance_edit.php") == FALSE) { //Acess denied print "<div class='error'>"; print _("You do not have access to this action."); print "</div>"; } else { //Proceed! print "<div class='trail'>"; print "<div class='trailHead'><a href='" . $_SESSION[$guid]["absoluteURL"] . "'>" . _("Home") . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/" . getModuleEntry($_GET["q"], $connection2, $guid) . "'>" . _(getModuleName($_GET["q"])) . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/User Admin/data_finance.php'>" . _('Finance Data Updates') . "</a> > </div><div class='trailEnd'>" . _('Edit Request') . "</div>"; print "</div>"; //Check if school year specified $gibbonFinanceInvoiceeUpdateID = $_GET["gibbonFinanceInvoiceeUpdateID"]; if ($gibbonFinanceInvoiceeUpdateID == "Y") { print "<div class='error'>"; print _("You have not specified one or more required parameters."); print "</div>"; } else { try { $data = array("gibbonFinanceInvoiceeUpdateID" => $gibbonFinanceInvoiceeUpdateID); $sql = "SELECT gibbonFinanceInvoiceeUpdate.gibbonFinanceInvoiceeID, gibbonFinanceInvoicee.invoiceTo AS invoiceTo, gibbonFinanceInvoicee.companyName AS companyName, gibbonFinanceInvoicee.companyContact AS companyContact, gibbonFinanceInvoicee.companyAddress AS companyAddress, gibbonFinanceInvoicee.companyEmail AS companyEmail, gibbonFinanceInvoicee.companyCCFamily AS companyCCFamily, gibbonFinanceInvoicee.companyPhone AS companyPhone, gibbonFinanceInvoicee.companyAll AS companyAll, gibbonFinanceInvoicee.gibbonFinanceFeeCategoryIDList AS gibbonFinanceFeeCategoryIDList, gibbonFinanceInvoiceeUpdate.invoiceTo AS newinvoiceTo, gibbonFinanceInvoiceeUpdate.companyName AS newcompanyName, gibbonFinanceInvoiceeUpdate.companyContact AS newcompanyContact, gibbonFinanceInvoiceeUpdate.companyAddress AS newcompanyAddress, gibbonFinanceInvoiceeUpdate.companyEmail AS newcompanyEmail, gibbonFinanceInvoiceeUpdate.companyCCFamily AS newcompanyCCFamily, gibbonFinanceInvoiceeUpdate.companyPhone AS newcompanyPhone, gibbonFinanceInvoiceeUpdate.companyAll AS newcompanyAll, gibbonFinanceInvoiceeUpdate.gibbonFinanceFeeCategoryIDList AS newgibbonFinanceFeeCategoryIDList FROM gibbonFinanceInvoiceeUpdate JOIN gibbonFinanceInvoicee ON (gibbonFinanceInvoiceeUpdate.gibbonFinanceInvoiceeID=gibbonFinanceInvoicee.gibbonFinanceInvoiceeID) WHERE gibbonFinanceInvoiceeUpdateID=:gibbonFinanceInvoiceeUpdateID"; $result = $connection2->prepare($sql); $result->execute($data); } catch (PDOException $e) { print "<div class='error'>" . $e->getMessage() . "</div>";
*/ include "../../functions.php"; include "../../config.php"; //New PDO DB connection try { $connection2 = new PDO("mysql:host={$databaseServer};dbname={$databaseName};charset=utf8", $databaseUsername, $databasePassword); $connection2->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $connection2->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); } catch (PDOException $e) { echo $e->getMessage(); } @session_start(); //Set timezone from session variable date_default_timezone_set($_SESSION[$guid]["timezone"]); $gibbonStudentNoteCategoryID = $_GET["gibbonStudentNoteCategoryID"]; $URL = $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_POST["address"]) . "/studentsSettings_noteCategory_edit.php&gibbonStudentNoteCategoryID={$gibbonStudentNoteCategoryID}"; if (isActionAccessible($guid, $connection2, "/modules/School Admin/studentsSettings_noteCategory_edit.php") == FALSE) { //Fail 0 $URL .= "&updateReturn=fail0"; header("Location: {$URL}"); } else { //Proceed! //Check if school year specified if ($gibbonStudentNoteCategoryID == "") { //Fail1 $URL .= "&updateReturn=fail1"; header("Location: {$URL}"); } else { try { $data = array("gibbonStudentNoteCategoryID" => $gibbonStudentNoteCategoryID); $sql = "SELECT * FROM gibbonStudentNoteCategory WHERE gibbonStudentNoteCategoryID=:gibbonStudentNoteCategoryID";
You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ @session_start(); //Module includes include "./modules/" . $_SESSION[$guid]["module"] . "/moduleFunctions.php"; if (isActionAccessible($guid, $connection2, "/modules/School Admin/gradeScales_manage_add.php") == FALSE) { //Acess denied print "<div class='error'>"; print _("You do not have access to this action."); print "</div>"; } else { //Proceed! print "<div class='trail'>"; print "<div class='trailHead'><a href='" . $_SESSION[$guid]["absoluteURL"] . "'>" . _("Home") . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/" . getModuleEntry($_GET["q"], $connection2, $guid) . "'>" . _(getModuleName($_GET["q"])) . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/gradeScales_manage.php'>" . _('Manage Grade Scales') . "</a> > </div><div class='trailEnd'>" . _('Add Grade Scale') . "</div>"; print "</div>"; if (isset($_GET["addReturn"])) { $addReturn = $_GET["addReturn"]; } else { $addReturn = ""; } $addReturnMessage = ""; $class = "error"; if (!($addReturn == "")) { if ($addReturn == "fail0") { $addReturnMessage = _("Your request failed because you do not have access to this action."); } else { if ($addReturn == "fail2") { $addReturnMessage = _("Your request failed due to a database error."); } else {
$connection2->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); } catch (PDOException $e) { echo $e->getMessage(); } @session_start(); //Set timezone from session variable date_default_timezone_set($_SESSION[$guid]["timezone"]); $allStaff = ""; if (isset($_GET["allStaff"])) { $allStaff = $_GET["allStaff"]; } $search = ""; if (isset($_GET["search"])) { $search = $_GET["search"]; } $URL = $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_POST["address"]) . "/staff_manage_add.php&search={$search}&allStaff={$allStaff}"; if (isActionAccessible($guid, $connection2, "/modules/User Admin/staff_manage_add.php") == FALSE) { //Fail 0 $URL .= "&addReturn=fail0"; header("Location: {$URL}"); } else { //Proceed! $gibbonPersonID = $_POST["gibbonPersonID"]; $initials = $_POST["initials"]; if ($initials == "") { $initials = NULL; } $type = $_POST["type"]; $jobTitle = $_POST["jobTitle"]; $firstAidQualified = $_POST["firstAidQualified"]; $firstAidExpiry = NULL;
along with this program. If not, see <http://www.gnu.org/licenses/>. */ include "../../functions.php"; include "../../config.php"; //New PDO DB connection try { $connection2 = new PDO("mysql:host={$databaseServer};dbname={$databaseName};charset=utf8", $databaseUsername, $databasePassword); $connection2->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $connection2->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); } catch (PDOException $e) { echo $e->getMessage(); } @session_start(); //Set timezone from session variable date_default_timezone_set($_SESSION[$guid]["timezone"]); $URL = $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_POST["address"]) . "/space_manage_add.php"; if (isActionAccessible($guid, $connection2, "/modules/School Admin/space_manage_add.php") == FALSE) { //Fail 0 $URL .= "&addReturn=fail0"; header("Location: {$URL}"); } else { //Proceed! $name = $_POST["name"]; $type = $_POST["type"]; $gibbonPersonID1 = $_POST["gibbonPersonID1"]; if ($gibbonPersonID1 == "") { $gibbonPersonID1 = "NULL"; } $gibbonPersonID2 = $_POST["gibbonPersonID2"]; if ($gibbonPersonID2 == "") { $gibbonPersonID2 = "NULL";
echo $e->getMessage(); } @session_start(); //Set timezone from session variable date_default_timezone_set($_SESSION[$guid]["timezone"]); //Search & Filters $search = NULL; if (isset($_GET["search"])) { $search = $_GET["search"]; } $filter2 = NULL; if (isset($_GET["filter2"])) { $filter2 = $_GET["filter2"]; } $gibbonRubricID = $_GET["gibbonRubricID"]; $URL = $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_POST["address"]) . "/rubrics_duplicate.php&gibbonRubricID={$gibbonRubricID}&search={$search}&filter2={$filter2}"; if (isActionAccessible($guid, $connection2, "/modules/Rubrics/rubrics_duplicate.php") == FALSE) { //Fail 0 $URL .= "&updateReturn=fail0"; header("Location: {$URL}"); } else { $highestAction = getHighestGroupedAction($guid, $_POST["address"], $connection2); if ($highestAction == FALSE) { //Fail2 $URL .= "&updateReturn=fail2"; header("Location: {$URL}"); } else { if ($highestAction != "Manage Rubrics_viewEditAll" and $highestAction != "Manage Rubrics_viewAllEditLearningArea") { //Fail 0 $URL .= "&updateReturn=fail0"; header("Location: {$URL}");
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ @session_start(); if (isActionAccessible($guid, $connection2, "/modules/Timetable Admin/course_manage_class_add.php") == FALSE) { //Acess denied print "<div class='error'>"; print _("You do not have access to this action."); print "</div>"; } else { //Proceed! print "<div class='trail'>"; print "<div class='trailHead'><a href='" . $_SESSION[$guid]["absoluteURL"] . "'>" . _("Home") . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/" . getModuleEntry($_GET["q"], $connection2, $guid) . "'>" . _(getModuleName($_GET["q"])) . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/course_manage.php&gibbonSchoolYearID=" . $_GET["gibbonSchoolYearID"] . "'>" . _('Manage Courses & Classes') . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/course_manage_edit.php&gibbonCourseID=" . $_GET["gibbonCourseID"] . "&gibbonSchoolYearID=" . $_GET["gibbonSchoolYearID"] . "'>" . _('Edit Course & Classes') . "</a> > </div><div class='trailEnd'>" . _('Add Class') . "</div>"; print "</div>"; if (isset($_GET["addReturn"])) { $addReturn = $_GET["addReturn"]; } else { $addReturn = ""; } $addReturnMessage = ""; $class = "error"; if (!($addReturn == "")) { if ($addReturn == "fail0") { $addReturnMessage = _("Your request failed because you do not have access to this action."); } else { if ($addReturn == "fail2") { $addReturnMessage = _("Your request failed due to a database error."); } else {
$connection2->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); } catch (PDOException $e) { echo $e->getMessage(); } @session_start(); //Set timezone from session variable date_default_timezone_set($_SESSION[$guid]["timezone"]); $orphaned = ""; if (isset($_GET["orphaned"])) { if ($_GET["orphaned"] == "true") { $orphaned = "true"; } } $gibbonModuleID = $_GET["gibbonModuleID"]; $URL = $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_POST["address"]) . "/module_manage_uninstall.php&gibbonModuleID=" . $gibbonModuleID; $URLDelete = $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_POST["address"]) . "/module_manage.php"; if (isActionAccessible($guid, $connection2, "/modules/System Admin/module_manage_uninstall.php") == FALSE) { //Fail 0 $URL .= "&deleteReturn=fail0"; header("Location: {$URL}"); } else { //Proceed! //Check if role specified if ($gibbonModuleID == "") { //Fail1 $URL .= "&deleteReturn=fail1"; header("Location: {$URL}"); } else { try { $data = array("gibbonModuleID" => $gibbonModuleID); $sql = "SELECT * FROM gibbonModule WHERE gibbonModuleID=:gibbonModuleID";
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ @session_start(); if (isActionAccessible($guid, $connection2, "/modules/User Admin/family_manage_edit_editChild.php") == FALSE) { //Acess denied print "<div class='error'>"; print _("You do not have access to this action."); print "</div>"; } else { //Proceed! print "<div class='trail'>"; print "<div class='trailHead'><a href='" . $_SESSION[$guid]["absoluteURL"] . "'>" . _("Home") . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/" . getModuleEntry($_GET["q"], $connection2, $guid) . "'>" . _(getModuleName($_GET["q"])) . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/User Admin/family_manage.php'>" . _('Manage Families') . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/User Admin/family_manage_edit.php&gibbonFamilyID=" . $_GET["gibbonFamilyID"] . "'>" . _('Edit Family') . "</a> > </div><div class='trailEnd'>" . _('Edit Child') . "</div>"; print "</div>"; if (isset($_GET["updateReturn"])) { $updateReturn = $_GET["updateReturn"]; } else { $updateReturn = ""; } $updateReturnMessage = ""; $class = "error"; if (!($updateReturn == "")) { if ($updateReturn == "fail0") { $updateReturnMessage = _("Your request failed because you do not have access to this action."); } else { if ($updateReturn == "fail1") { $updateReturnMessage = _("Your request failed because your inputs were invalid."); } else {
You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ @session_start(); //Module includes include "./modules/" . $_SESSION[$guid]["module"] . "/moduleFunctions.php"; if (isActionAccessible($guid, $connection2, "/modules/Finance/invoices_manage_add.php") == FALSE) { //Acess denied print "<div class='error'>"; print _("You do not have access to this action."); print "</div>"; } else { //Proceed! print "<div class='trail'>"; print "<div class='trailHead'><a href='" . $_SESSION[$guid]["absoluteURL"] . "'>" . _("Home") . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/" . getModuleEntry($_GET["q"], $connection2, $guid) . "'>" . _(getModuleName($_GET["q"])) . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/Finance/invoices_manage.php&gibbonSchoolYearID=" . $_GET["gibbonSchoolYearID"] . "'>" . _('Manage Invoices') . "</a> > </div><div class='trailEnd'>" . _('Add Fees & Invoices') . "</div>"; print "</div>"; if (isset($_GET["addReturn"])) { $addReturn = $_GET["addReturn"]; } else { $addReturn = ""; } $addReturnMessage = ""; $class = "error"; if (!($addReturn == "")) { if ($addReturn == "fail0") { $addReturnMessage = _("Your request failed because you do not have access to this action."); } else { if ($addReturn == "fail2") { $addReturnMessage = _("Your request failed due to a database error."); } else {
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ @session_start(); if (isActionAccessible($guid, $connection2, "/modules/User Admin/userFields_delete.php") == FALSE) { //Acess denied print "<div class='error'>"; print _("You do not have access to this action."); print "</div>"; } else { //Proceed! print "<div class='trail'>"; print "<div class='trailHead'><a href='" . $_SESSION[$guid]["absoluteURL"] . "'>" . _("Home") . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/" . getModuleEntry($_GET["q"], $connection2, $guid) . "'>" . _(getModuleName($_GET["q"])) . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/User Admin/userFields.php'>" . _('Manage Custom Fields') . "</a> > </div><div class='trailEnd'>" . _('Delete Custom Field') . "</div>"; print "</div>"; if (isset($_GET["deleteReturn"])) { $deleteReturn = $_GET["deleteReturn"]; } else { $deleteReturn = ""; } $deleteReturnMessage = ""; $class = "error"; if (!($deleteReturn == "")) { if ($deleteReturn == "fail0") { $deleteReturnMessage = _("Your request failed because you do not have access to this action."); } else { if ($deleteReturn == "fail1") { $deleteReturnMessage = _("Your request failed because your inputs were invalid."); } else {
//New PDO DB connection try { $connection2 = new PDO("mysql:host={$databaseServer};dbname={$databaseName};charset=utf8", $databaseUsername, $databasePassword); $connection2->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $connection2->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); } catch (PDOException $e) { echo $e->getMessage(); } @session_start(); //Set timezone from session variable date_default_timezone_set($_SESSION[$guid]["timezone"]); $value = $_POST["value"]; $descriptor = $_POST["descriptor"]; $sequenceNumber = $_POST["sequenceNumber"]; $gibbonScaleID = $_POST["gibbonScaleID"]; $URL = $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_POST["address"]) . "/gradeScales_manage_edit_grade_add.php&gibbonScaleID={$gibbonScaleID}"; if (isActionAccessible($guid, $connection2, "/modules/School Admin/gradeScales_manage_edit_grade_add.php") == FALSE) { //Fail 0 $URL .= "&addReturn=fail0"; header("Location: {$URL}"); } else { //Proceed! //Validate Inputs if ($gibbonScaleID == "" or $value == "" or $descriptor == "" or $sequenceNumber == "") { //Fail 3 $URL .= "&addReturn=fail3"; header("Location: {$URL}"); } else { //Check unique inputs for uniquness try { $data = array("value" => $value, "sequenceNumber" => $sequenceNumber, "gibbonScaleID" => $gibbonScaleID);
$sql = "SELECT gibbonCourse.nameShort AS course, gibbonCourseClass.nameShort AS class, gibbonCourseClass.gibbonCourseClassID, gibbonCourse.gibbonDepartmentID, gibbonYearGroupIDList FROM gibbonCourse, gibbonCourseClass, gibbonCourseClassPerson WHERE gibbonCourse.gibbonCourseID=gibbonCourseClass.gibbonCourseID AND gibbonCourseClass.gibbonCourseClassID=gibbonCourseClassPerson.gibbonCourseClassID AND gibbonCourseClassPerson.gibbonPersonID=:gibbonPersonID AND role='Teacher' AND gibbonCourseClass.gibbonCourseClassID=:gibbonCourseClassID ORDER BY course, class"; } $result = $connection2->prepare($sql); $result->execute($data); } catch (PDOException $e) { print "<div class='error'>" . $e->getMessage() . "</div>"; } if ($result->rowCount() != 1) { print "<div class='error'>"; print _("The selected record does not exist, or you do not have access to it."); print "</div>"; } else { //Let's go! $row = $result->fetch(); print "<div class='trail'>"; print "<div class='trailHead'><a href='" . $_SESSION[$guid]["absoluteURL"] . "'>" . _("Home") . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/" . getModuleEntry($_GET["q"], $connection2, $guid) . "'>" . _(getModuleName($_GET["q"])) . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/markbook_view.php&gibbonCourseClassID=" . $_GET["gibbonCourseClassID"] . "'>" . _('View') . " " . $row["course"] . "." . $row["class"] . " " . _('Markbook') . "</a> > </div><div class='trailEnd'>" . _('Set Personalised Attainment Targets') . "</div>"; print "</div>"; if (isset($_GET["updateReturn"])) { $updateReturn = $_GET["updateReturn"]; } else { $updateReturn = ""; } $updateReturnMessage = ""; $class = "error"; if (!($updateReturn == "")) { if ($updateReturn == "fail0") { $updateReturnMessage = _("Your request failed because you do not have access to this action."); } else { if ($updateReturn == "fail1") { $updateReturnMessage = _("Your request failed because your inputs were invalid."); } else {
along with this program. If not, see <http://www.gnu.org/licenses/>. */ include "../../functions.php"; include "../../config.php"; //New PDO DB connection try { $connection2 = new PDO("mysql:host={$databaseServer};dbname={$databaseName};charset=utf8", $databaseUsername, $databasePassword); $connection2->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $connection2->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); } catch (PDOException $e) { echo $e->getMessage(); } @session_start(); //Set timezone from session variable date_default_timezone_set($_SESSION[$guid]["timezone"]); $URL = $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_POST["address"]) . "/alarm.php"; if (isActionAccessible($guid, $connection2, "/modules/System Admin/alarm.php") == FALSE) { //Fail 0 $URL .= "&updateReturn=fail0"; header("Location: {$URL}"); } else { //Proceed! $alarm = $_POST["alarm"]; $attachmentCurrent = $_POST["attachmentCurrent"]; $alarmCurrent = $_POST["alarmCurrent"]; //Validate Inputs if ($alarm != "None" and $alarm != "General" and $alarm != "Lockdown" and $alarm != "Custom" and $alarmCurrent != "") { //Fail 3 $URL .= "&updateReturn=fail3"; header("Location: {$URL}"); } else {
} } $result = $connection2->prepare($sql); $result->execute($data); } catch (PDOException $e) { print "<div class='error'>" . $e->getMessage() . "</div>"; } if ($result->rowCount() != 1) { print "<div class='error'>"; print _("The specified record cannot be found."); print "</div>"; } else { //Let's go! $row = $result->fetch(); print "<div class='trail'>"; print "<div class='trailHead'><a href='" . $_SESSION[$guid]["absoluteURL"] . "'>" . _("Home") . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/" . getModuleEntry($_GET["q"], $connection2, $guid) . "'>" . _(getModuleName($_GET["q"])) . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/courseEnrolment_manage_byPerson.php&gibbonSchoolYearID=" . $_GET["gibbonSchoolYearID"] . "&allUsers={$allUsers}'>" . _('Enrolment by Person') . "</a> > </div><div class='trailEnd'>" . $row["preferredName"] . " " . $row["surname"] . "</div>"; print "</div>"; if (isset($_GET["updateReturn"])) { $updateReturn = $_GET["updateReturn"]; } else { $updateReturn = ""; } $updateReturnMessage = ""; $class = "error"; if (!($updateReturn == "")) { if ($updateReturn == "fail0") { $updateReturnMessage = _("Your request failed because you do not have access to this action."); } else { if ($updateReturn == "fail1") { $updateReturnMessage = _("Your request failed because your inputs were invalid."); } else {
include "../../functions.php"; include "../../config.php"; //New PDO DB connection try { $connection2 = new PDO("mysql:host={$databaseServer};dbname={$databaseName};charset=utf8", $databaseUsername, $databasePassword); $connection2->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $connection2->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); } catch (PDOException $e) { echo $e->getMessage(); } @session_start(); $enableDescriptors = getSettingByScope($connection2, "Behaviour", "enableDescriptors"); $enableLevels = getSettingByScope($connection2, "Behaviour", "enableLevels"); //Set timezone from session variable date_default_timezone_set($_SESSION[$guid]["timezone"]); $URL = $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_POST["address"]) . "/behaviour_manage_addMulti.php&gibbonPersonID=" . $_GET["gibbonPersonID"] . "&gibbonRollGroupID=" . $_GET["gibbonRollGroupID"] . "&gibbonYearGroupID=" . $_GET["gibbonYearGroupID"] . "&type=" . $_GET["type"]; if (isActionAccessible($guid, $connection2, "/modules/Behaviour/behaviour_manage_add.php") == FALSE) { //Fail 0 $URL .= "&addReturn=fail0"; header("Location: {$URL}"); } else { //Proceed! if (isset($_POST["gibbonPersonIDMulti"])) { $gibbonPersonIDMulti = $_POST["gibbonPersonIDMulti"]; } else { $gibbonPersonIDMulti = NULL; } $date = $_POST["date"]; $type = $_POST["type"]; $descriptor = NULL; if (isset($_POST["descriptor"])) {
*/ include "../../functions.php"; include "../../config.php"; //New PDO DB connection try { $connection2 = new PDO("mysql:host={$databaseServer};dbname={$databaseName};charset=utf8", $databaseUsername, $databasePassword); $connection2->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $connection2->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); } catch (PDOException $e) { echo $e->getMessage(); } @session_start(); //Set timezone from session variable date_default_timezone_set($_SESSION[$guid]["timezone"]); $gibbonFinanceExpenseApproverID = $_GET["gibbonFinanceExpenseApproverID"]; $URL = $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_POST["address"]) . "/expenseApprovers_manage_edit.php&gibbonFinanceExpenseApproverID=" . $gibbonFinanceExpenseApproverID; if (isActionAccessible($guid, $connection2, "/modules/Finance/expenseApprovers_manage_edit.php") == FALSE) { //Fail 0 $URL .= "&updateReturn=fail0"; header("Location: {$URL}"); } else { //Proceed! //Check if school year specified if ($gibbonFinanceExpenseApproverID == "") { //Fail1 $URL .= "&updateReturn=fail1"; header("Location: {$URL}"); } else { try { $data = array("gibbonFinanceExpenseApproverID" => $gibbonFinanceExpenseApproverID); $sql = "SELECT * FROM gibbonFinanceExpenseApprover WHERE gibbonFinanceExpenseApproverID=:gibbonFinanceExpenseApproverID";
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ @session_start(); if (isActionAccessible($guid, $connection2, "/modules/User Admin/medicalForm_manage_add.php") == FALSE) { //Acess denied print "<div class='error'>"; print _("You do not have access to this action."); print "</div>"; } else { //Proceed! print "<div class='trail'>"; print "<div class='trailHead'><a href='" . $_SESSION[$guid]["absoluteURL"] . "'>" . _("Home") . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["q"]) . "/" . getModuleEntry($_GET["q"], $connection2, $guid) . "'>" . _(getModuleName($_GET["q"])) . "</a> > <a href='" . $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/User Admin/medicalForm_manage.php'>" . _('Manage Medical Forms') . "</a> > </div><div class='trailEnd'>" . _('Add Medical Form') . "</div>"; print "</div>"; if (isset($_GET["addReturn"])) { $addReturn = $_GET["addReturn"]; } else { $addReturn = ""; } $addReturnMessage = ""; $class = "error"; if (!($addReturn == "")) { if ($addReturn == "fail0") { $addReturnMessage = _("Your request failed because you do not have access to this action."); } else { if ($addReturn == "fail2") { $addReturnMessage = _("Your request failed due to a database error."); } else {
*/ include "../../functions.php"; include "../../config.php"; //New PDO DB connection try { $connection2 = new PDO("mysql:host={$databaseServer};dbname={$databaseName};charset=utf8", $databaseUsername, $databasePassword); $connection2->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $connection2->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); } catch (PDOException $e) { echo $e->getMessage(); } @session_start(); //Set timezone from session variable date_default_timezone_set($_SESSION[$guid]["timezone"]); $gibbonPersonID = $_GET["gibbonPersonID"]; $URL = $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_POST["address"]) . "/data_medical.php&gibbonPersonID={$gibbonPersonID}"; if (isActionAccessible($guid, $connection2, "/modules/Data Updater/data_medical.php") == FALSE) { //Fail 0 $URL .= "&updateReturn=fail0"; header("Location: {$URL}"); } else { $highestAction = getHighestGroupedAction($guid, $_POST["address"], $connection2); if ($highestAction == FALSE) { //Fail 0 $URL .= "&updateReturn=fail0{$params}"; header("Location: {$URL}"); } else { //Proceed! //Check if school year specified if ($gibbonPersonID == "") { //Fail1
*/ include "../../functions.php"; include "../../config.php"; //New PDO DB connection try { $connection2 = new PDO("mysql:host={$databaseServer};dbname={$databaseName};charset=utf8", $databaseUsername, $databasePassword); $connection2->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $connection2->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); } catch (PDOException $e) { echo $e->getMessage(); } @session_start(); //Set timezone from session variable date_default_timezone_set($_SESSION[$guid]["timezone"]); $gibbonModuleID = $_GET["gibbonModuleID"]; $URL = $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_POST["address"]) . "/module_manage_edit.php&gibbonModuleID=" . $gibbonModuleID; if (isActionAccessible($guid, $connection2, "/modules/System Admin/module_manage_edit.php") == FALSE) { //Fail 0 $URL .= "&updateReturn=fail0"; header("Location: {$URL}"); } else { //Proceed! //Check if role specified if ($gibbonModuleID == "") { //Fail1 $URL .= "&updateReturn=fail1"; header("Location: {$URL}"); } else { try { $data = array("gibbonModuleID" => $gibbonModuleID); $sql = "SELECT * FROM gibbonModule WHERE gibbonModuleID=:gibbonModuleID";
} @session_start(); //Set timezone from session variable date_default_timezone_set($_SESSION[$guid]["timezone"]); //Search & Filters $search = NULL; if (isset($_GET["search"])) { $search = $_GET["search"]; } $filter2 = NULL; if (isset($_GET["filter2"])) { $filter2 = $_GET["filter2"]; } $gibbonRubricID = $_GET["gibbonRubricID"]; $gibbonRubricRowID = $_GET["gibbonRubricRowID"]; $URL = $_SESSION[$guid]["absoluteURL"] . "/index.php?q=/modules/" . getModuleName($_GET["address"]) . "/rubrics_edit.php&gibbonRubricID={$gibbonRubricID}&sidebar=false&search={$search}&filter2={$filter2}"; if (isActionAccessible($guid, $connection2, "/modules/Rubrics/rubrics_edit.php") == FALSE) { //Fail 0 $URL .= "&rowDeleteReturn=fail0"; header("Location: {$URL}"); } else { $highestAction = getHighestGroupedAction($guid, $_GET["address"], $connection2); if ($highestAction == FALSE) { //Fail2 $URL .= "&rowDeleteReturn=fail2"; header("Location: {$URL}"); } else { if ($highestAction != "Manage Rubrics_viewEditAll" and $highestAction != "Manage Rubrics_viewAllEditLearningArea") { //Fail 0 $URL .= "&rowDeleteReturn=fail0"; header("Location: {$URL}");