if (preg_match('/^\\d+$/', $_POST['institution_id'])) { $query = sprintf('SELECT institution_id, visible_priv FROM institution_auth WHERE moodle_id=%d AND institution_id=%d', $moodle_id, $_POST['institution_id']); $result = mysql_query($query); if (!$result) { $message = 'Invalid query: ' . mysql_error() . "\n"; $message .= 'Whole query: ' . $query; die($message); } if ($row = mysql_fetch_assoc($result)) { $institution_id = $row['institution_id']; } else { die('Invalid institution'); } } else { die('Invalid institution: No institution_id'); } if ($_POST['scope'] == '') { die("Scope cannot be empty"); } $request_error = 'Request sent'; $query = sprintf('insert into collection (scope,start_date,end_date,module_id,institution_id) ' . ' values ("%s","%s","%s",%d,%d)', mysql_real_escape_string($_POST['scope']), parse_date3($_POST['start_dateYYYY'], $_POST['start_dateMM'], $_POST['start_dateDD']), parse_date3($_POST['end_dateYYYY'], $_POST['end_dateMM'], $_POST['end_dateDD']), $module_id, $institution_id); $result = mysql_query($query); if (!$result) { $message = 'Invalid query: ' . mysql_error() . "\n"; $message .= 'Whole query: ' . $query; die($message); } header("Location: " . $sqa_www_root . "/admin_audits.php"); ?>
return $year . '-' . $month . '-' . $day; } if (preg_match('/^\\d+$/', $_POST['module_id'])) { $query = 'SELECT module_id FROM module WHERE module_id=' . $_POST['module_id'] . ''; $result = mysql_query($query); if (!$result) { $message = 'Invalid query: ' . mysql_error() . "\n"; $message .= 'Whole query: ' . $query; die($message); } if ($row = mysql_fetch_assoc($result)) { $module_id = $row['module_id']; } else { die('Invalid module'); } } else { die('Invalid module: No module_id'); } $request_error = 'Request sent'; $query = sprintf('insert into request (institution_title, department, contact_name, phone_number, email_address, scope, start_date, end_date, module_id, moodle_id, lodged) values ("%s","%s","%s","%s","%s","%s","%s","%s",%d,"%s", NOW())', mysql_real_escape_string($_POST['institution_title']), mysql_real_escape_string($_POST['department']), mysql_real_escape_string($_POST['contact_name']), mysql_real_escape_string($_POST['phone_number']), mysql_real_escape_string($_POST['email_address']), mysql_real_escape_string($_POST['scope']), parse_date3($_POST['start_dateYYYY'], $_POST['start_dateMM'], $_POST['start_dateDD']), parse_date3($_POST['end_dateYYYY'], $_POST['end_dateMM'], $_POST['end_dateDD']), $module_id, $moodle_id); $result = mysql_query($query); if (!$result) { $message = 'Invalid query: ' . mysql_error() . "\n"; $message .= 'Whole query: ' . $query; die($message); } require 'admin_audits.php'; return; ?>