function add($data) { $data['financialperiod'] = $data['financialyear'] . '-all'; $reason = ''; #check to make sure the user is not replacing another financial year $plan = $this->_query_reader->get_row_as_array('get_plan_by_financial_period', array('organization_id' => $data['pdeid'], 'financial_year_start' => get_quarter_date($data['financialperiod'], 'start'), 'financial_year_end' => get_quarter_date($data['financialperiod'], 'end'))); if (empty($plan['plan_id']) || $plan['plan_id'] == $this->native_session->get('plan_id')) { $parameters = array('organization_id' => $data['pdeid'], 'financial_year_start' => get_quarter_date($data['financialperiod'], 'start'), 'financial_year_end' => get_quarter_date($data['financialperiod'], 'end'), 'title' => htmlentities(restore_bad_chars($data['name']), ENT_QUOTES), 'details' => '', 'document_url' => '', 'status' => $data['status'], 'user_id' => $this->native_session->get('__user_id'), 'plan_id' => $this->native_session->get('plan_id')); if (!$this->native_session->get('plan_id')) { $planId = $this->_query_reader->run('add_procurement_plan', $parameters); if (!empty($planId)) { $result = TRUE; $this->native_session->set('plan_id', $planId); } else { $result = FALSE; } } else { $result = $this->_query_reader->run('edit_procurement_plan', $parameters); } if ($result) { $this->native_session->delete('plan_id'); } } else { $message = 'ERROR: The selected financial period does not match the plan details. Please edit the plan instead.'; } # log action $this->_logger->add_event(array('user_id' => $this->native_session->get('__user_id'), 'activity_code' => 'add_procurement_plan', 'result' => !empty($result) && $result ? 'SUCCESS' : 'FAIL', 'log_details' => "device=" . get_user_device() . "|browser=" . $this->agent->browser(), 'uri' => uri_string(), 'ip_address' => get_ip_address())); return array('boolean' => !empty($result) && $result, 'reason' => $reason); }
function restore_bad_chars_in_array($goodArray) { $badArray = array(); foreach ($goodArray as $key => $item) { $badArray[$key] = restore_bad_chars($item); } return $badArray; }
function save_grading_scale() { access_control($this); # Get the passed details into the url data array if any $urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 'a', 't')); # Pick all assigned data $data = assign_to_data($urldata); if ($data['save'] || $data['saveandnew']) { $data['formdata'] = $data; $required_fields = array('gradingname', 'classes'); foreach ($data as $key => $data_value) { $data[$key] = restore_bad_chars($data_value); } $_POST = clean_form_data($data); $validation_results = validate_form('', $_POST, $required_fields); $feename_error = ''; #Only proceed if the validation for required fields passes if ($validation_results['bool']) { #Convert classes into strings if (is_array($_POST['classes'])) { $_POST['classes'] = stringify_array($_POST['classes'], '|'); } else { $_POST['classes'] = '|' . $_POST['classes'] . '|'; } if (!empty($data['editid'])) { $result = $this->db->query($this->Query_reader->get_query_by_code('update_grading_scale', array_merge($_POST, array('id' => $data['editid'])))); } else { #Add the school id and author to the data array $_POST = array_merge($_POST, array('school' => $this->myschool['id'], 'author' => $this->session->userdata('userid'))); $result = $this->db->query($this->Query_reader->get_query_by_code('add_grading_scale', $_POST)); #Check if grades have been added if (!empty($_POST['gradingdetails'])) { $grades = explode('|', trim($_POST['gradingdetails'])); #Format the data for the query $query_data = ''; foreach ($grades as $grade) { $grade_details = explode('^', $grade); $query_data .= $query_data == '' ? '(' . $this->db->insert_id() . ', "' . $grade_details[0] . '", "' . $grade_details[1] . '"' . ', "' . $grade_details[2] . '", "' . $grade_details[3] . '")' : ',(' . $this->db->insert_id() . ', "' . $grade_details[0] . '", "' . $grade_details[1] . '"' . ', "' . $grade_details[2] . '", "' . $grade_details[3] . '")'; } $papers_result = $this->db->query($this->Query_reader->get_query_by_code('add_grading_details', array('rows' => $query_data))); } } #Format and send the errors if (!empty($result) && $result) { $data['msg'] = empty($data['editid']) ? $data['gradingname'] . ' has been added.' : 'Details for ' . $data['gradename'] . ' have been updated.'; $data['formdata'] = array(); } else { if (empty($data['msg'])) { $data['msg'] = "ERROR: The grading scale could not be saved or was not saved correctly."; } } } $data['requiredfields'] = $validation_results['requiredfields']; } $data['classes'] = $this->classobj->get_classes(); $data['terms'] = $this->terms->get_terms(); $this->load->view('incl/grading_form', $data); }
function save_incident() { access_control($this); # Get the passed details into the url data array if any $urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 's', 't')); # Pick all assigned data $data = assign_to_data($urldata); $data = restore_bad_chars($data); if ($_POST['save_incident']) { $data['formdata'] = $_POST; $required_fields = array('incidentdate', 'student', 'reportedby', 'response', 'incidentdetails', 'actiontaken'); $_POST = clean_form_data($_POST); $validation_results = validate_form('', $_POST, $required_fields); #set status as editing on destination if updating if ($this->input->post('editid')) { $data['editid'] = $_POST['editid']; } #Only proceed if the validation for required fields passes if ($validation_results['bool'] && !(empty($data['editid']) && !empty($user_details))) { if (!empty($_POST['editid'])) { #Add the school id and author to the data array $_POST = array_merge($_POST, array('author' => $this->session->userdata('userid'))); $result = $this->disciplineobj->update_incident(array_merge($_POST, array('id' => $data['editid']))); } else { #Add the school id and author to the data array $_POST = array_merge($_POST, array('author' => $this->session->userdata('userid'))); #decrypt student and reported by values $_POST['student'] = decryptValue($_POST['student']); $_POST['reportedby'] = decryptValue($_POST['reportedby']); $result = $this->disciplineobj->add_incident($_POST); } #Format and send the errors if (!empty($result) && $result) { $data['msg'] = "The incident data has been successfully saved."; $data['formdata'] = array(); } else { if (empty($data['msg'])) { $data['msg'] = "ERROR: The incident could not be saved or was not saved correctly." . $classname_error . $rank_error; } } } else { if (empty($data['editid']) && !empty($class_details)) { #$addn_msg = (!empty($user_details['isactive']) && $user_details['isactive'] == 'N')? "<a href='".base_url()."admin/load_user_form/i/".encryptValue($user_details['id'])."/a/".encryptValue("reactivate")."' style='text-decoration:underline;font-size:17px;'>Click here to activate and edit</a>": "<a href='".base_url()."admin/load_user_form/i/".encryptValue($user_details['id'])."' style='text-decoration:underline;font-size:17px;'>Click here to edit</a>"; $data['msg'] = "WARNING: A class with the same name already exists.<br />"; } } if ((empty($validation_results['bool']) || !empty($validation_results['bool']) && !$validation_results['bool']) && empty($data['msg'])) { $data['msg'] = "WARNING: The highlighted fields are required."; } $data['requiredfields'] = $validation_results['requiredfields']; } #get the student info if (!empty($data['s'])) { $data['student_details'] = $this->Query_reader->get_row_as_array('get_students_list', array('isactive' => 'Y', 'searchstring' => ' AND id=\'' . decryptValue($data['s']) . '\'', 'limittext' => '')); } $this->load->view('discipline/incident_form_view', $data); }
function save_sponsor() { access_control($this); # Get the passed details into the url data array if any $urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 'a', 't')); # Pick all assigned data $data = assign_to_data($urldata); if ($data['save']) { $data['formdata'] = $data; $required_fields = array('firstname', 'lastname'); foreach ($data as $key => $data_value) { $data[$key] = restore_bad_chars($data_value); } $_POST = clean_form_data($data); $validation_results = validate_form('', $_POST, $required_fields); $feename_error = ''; #Only proceed if the validation for required fields passes if ($validation_results['bool']) { #check if sponsor photo has changed if (!empty($_POST['photo'])) { #move photo to designated folder and add value to query string if (copy(UPLOAD_DIRECTORY . "temp/" . $_POST['photo'], UPLOAD_DIRECTORY . "sponsors/" . $_POST['photo'])) { #move the thumb nail as well $temp_photo_arr = explode('.', $_POST['photo']); if (copy(UPLOAD_DIRECTORY . "temp/" . $temp_photo_arr[0] . '_thumb.' . $temp_photo_arr[1], UPLOAD_DIRECTORY . "sponsors/" . $temp_photo_arr[0] . '_thumb.' . $temp_photo_arr[1])) { if (!empty($data['editid'])) { $_POST['UPDATESTRING'] = ',photo ="' . $_POST['photo'] . '"'; } } } } else { $_POST['UPDATESTRING'] = ''; } if (!empty($data['editid'])) { $result = $this->sponsorobj->update_sponsor(array_merge($_POST, array('editid' => decryptValue($data['editid'])))); } else { #Add the school id and author to the data array $_POST = array_merge($_POST, array('school' => $this->myschool['id'], 'author' => $this->session->userdata('userid'))); $result = $this->sponsorobj->add_sponsor($_POST); } #Format and send the errors if (!empty($result) && $result) { $data['msg'] = empty($data['editid']) ? $data['firstname'] . ' ' . $data['lastname'] . ' has been added to the sponsors list' : $data['firstname'] . '\'s details have been updated.'; $data['formdata'] = array(); } else { if (empty($data['msg'])) { $data['msg'] = "ERROR: The sponsor could not be saved or was not saved correctly."; } } } $data['requiredfields'] = $validation_results['requiredfields']; } $this->load->view('sponsors/sponsor_form_view', $data); }
function update_school_info() { access_control($this); # Get the passed details into the url data array if any $urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 'a', 't')); # Pick all assigned data $data = assign_to_data($urldata); $data = restore_bad_chars($data); if ($data['save']) { $data['schooldetails'] = $data; $required_fields = array('schoolname', 'emailaddress', 'telephone'); $_POST = clean_form_data($data); $validation_results = validate_form('', $_POST, $required_fields); $classname_error = ''; $rank_error = ''; #set status as editing on destination if updating if ($this->input->post('editid')) { $data['editid'] = $_POST['editid']; } #Only proceed if the validation for required fields passes if ($validation_results['bool'] && !(empty($data['editid']) && !empty($user_details))) { #Update school info $result = $this->db->query($this->Query_reader->get_query_by_code('user_update_school_data', array_merge($_POST, array('editid' => $this->myschool['id'])))); $data['schooldetails'] = $this->Query_reader->get_row_as_array('search_schools_list', array('limittext' => '', 'searchstring' => ' AND id = ' . $this->myschool['id'])); #Format and send the errors if (!empty($result) && $result) { $data['msg'] = "The school data has been successfully saved."; #Copy school badge to designated folder if (!empty($_POST['photo'])) { $copy_image_result = copy(UPLOAD_DIRECTORY . "temp/" . $_POST['photo'], UPLOAD_DIRECTORY . "schools/" . $_POST['photo']); #copy the thumb_nail as well $thumb_nail_ext = end(explode('.', $_POST['photo'])); $copy_image_thumb_result = copy(UPLOAD_DIRECTORY . "temp/" . str_replace('.' . $thumb_nail_ext, '_thumb.' . $thumb_nail_ext, $_POST['photo']), UPLOAD_DIRECTORY . "schools/" . str_replace('.' . $thumb_nail_ext, '_thumb.' . $thumb_nail_ext, $_POST['photo'])); if (!$copy_image_result && !$copy_image_thumb_result) { $data['msg'] = 'WARNING: ' & $data['msg'] . '<br />' . 'An error occured while saving the school badge'; } else { @unlink(UPLOAD_DIRECTORY . "temp/" . $_POST['photo']); @unlink(UPLOAD_DIRECTORY . "temp/" . str_replace('.' . $thumb_nail_ext, '_thumb.' . $thumb_nail_ext, $_POST['photo'])); } } } else { if (empty($data['msg'])) { $data['msg'] = "ERROR: The school data could not be saved or was not saved correctly." . $classname_error . $rank_error; } } } if ((empty($validation_results['bool']) || !empty($validation_results['bool']) && !$validation_results['bool']) && empty($data['msg'])) { $data['msg'] = "WARNING: The highlighted fields are required."; } $data['requiredfields'] = $validation_results['requiredfields']; } $this->load->view('schoolinfo/school_info_view', $data); }
function save_term() { access_control($this); # Get the passed details into the url data array if any $urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 'a', 't')); # Pick all assigned data $data = assign_to_data($urldata); $data = restore_bad_chars($data); if ($data['save']) { $data['termdetails'] = $data; $required_fields = array('term', 'year', 'startdate', 'enddate'); $_POST = clean_form_data($data); $validation_results = validate_form('', $_POST, $required_fields); #set status as editing on destination if updating //if($this->input->post('editid') || $data['editid']) $data['editid'] = $_POST['editid']; #Only proceed if the validation for required fields passes if ($validation_results['bool']) { if (!empty($data['editid'])) { #Check if another term other than the current one exists with the same name and year $term_details = $this->Query_reader->get_row_as_array('search_terms_list', array('limittext' => '', 'searchstring' => ' AND term = "' . $data['termdetails']['term'] . '" AND id != ' . $data['editid'] . ' AND school =' . $this->myschool->cur_school_details['id'] . ' AND year = "' . $data['termdetails']['year'] . '"')); if (!count($term_details)) { $result = $this->db->query($this->Query_reader->get_query_by_code('update_term', $_POST)); } else { $termname_error = "WARNING: A term with the same name and year already exists."; } } else { $term_details = $this->Query_reader->get_row_as_array('search_terms_list', array('limittext' => '', 'searchstring' => ' AND isactive ="Y" AND term = "' . $data['termdetails']['term'] . '" AND school =' . $this->myschool->cur_school_details['id'] . ' AND year = "' . $data['termdetails']['year'] . '"')); if (empty($term_details)) { #Add the school id $_POST = array_merge($_POST, array('school' => $this->myschool->cur_school_details['id'])); $result = $this->terms->add_term($_POST); } } #Format and send the errors if (!empty($result) && $result) { $data['msg'] = "The term data has been successfully saved"; $data['termdetails'] = array(); } elseif (empty($data['editid']) && !empty($term_details)) { $data['msg'] = "WARNING: A term with the same name and year already exists.<br />"; } else { if (empty($data['msg'])) { $data['msg'] = "ERROR: The term could not be saved or was not saved correctly."; } } } if ((empty($validation_results['bool']) || !empty($validation_results['bool']) && !$validation_results['bool']) && empty($data['msg'])) { $data['msg'] = "WARNING: The highlighted fields are required."; } $data['requiredfields'] = $validation_results['requiredfields']; } $this->load->view('incl/term_form', $data); }
function save_exam() { access_control($this); # Get the passed details into the url data array if any $urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 'a', 't')); # Pick all assigned data $data = assign_to_data($urldata); if ($data['save'] || $data['saveandnew']) { $data['formdata'] = $data; $required_fields = array('exam', 'term', 'contribution', 'classes'); foreach ($data as $key => $data_value) { $data[$key] = restore_bad_chars($data_value); } $_POST = clean_form_data($data); $validation_results = validate_form('', $_POST, $required_fields); $feename_error = ''; #Only proceed if the validation for required fields passes if ($validation_results['bool']) { #Convert classes into strings if (is_array($_POST['classes'])) { $_POST['classes'] = stringify_array($_POST['classes'], '|'); } else { $_POST['classes'] = '|' . $_POST['classes'] . '|'; } if (!empty($data['editid'])) { $result = $this->db->query($this->Query_reader->get_query_by_code('update_exam', array_merge($_POST, array('id' => $data['editid'])))); } else { #Add the school id and author to the data array $_POST = array_merge($_POST, array('school' => $this->myschool['id'], 'author' => $this->session->userdata('userid'))); $result = $this->db->query($this->Query_reader->get_query_by_code('add_exam', $_POST)); } #Format and send the errors if (!empty($result) && $result) { $data['msg'] = empty($data['editid']) ? $data['exam'] . ' has been added.' : 'Details for ' . $data['exam'] . ' have been updated.'; $data['formdata'] = array(); } else { if (empty($data['msg'])) { $data['msg'] = "ERROR: The exam could not be saved or was not saved correctly."; } } } $data['requiredfields'] = $validation_results['requiredfields']; } $data['classes'] = $this->classobj->get_classes(); $data['terms'] = $this->terms->get_terms(); $this->load->view('incl/exam_form', $data); }
function get_option_list($obj, $list_type, $return = 'div', $searchBy = "", $more = array()) { $optionString = ''; switch ($list_type) { case "district": $districts = $obj->_query_reader->get_list('get_list_of_districts'); foreach ($districts as $row) { $optionString .= "<div data-value='" . $row['value'] . "'>" . $row['display'] . "</div>"; } break; case "institutions": $searchString = !empty($searchBy) ? htmlentities(restore_bad_chars($searchBy), ENT_QUOTES) : ""; $searchQuery = !empty($searchString) ? " (MATCH(name) AGAINST('+" . implode(" +", explode(" ", $searchString)) . "') OR name LIKE '" . $searchString . "%' OR name LIKE '% " . $searchString . "%') " : " 1=1 "; $institutions = $obj->_query_reader->get_list('get_list_of_institutions', array('search_query' => $searchQuery)); foreach ($institutions as $row) { $optionString .= "<div data-value='" . $row['value'] . "'>" . $row['display'] . "</div>"; } break; case "country": $countries = $obj->_query_reader->get_list('get_list_of_countries'); foreach ($countries as $row) { $optionString .= "<div data-value='" . $row['value'] . "'>" . $row['display'] . "</div>"; } break; case "county": $searchString = !empty($searchBy) ? htmlentities(restore_bad_chars($searchBy), ENT_QUOTES) : ""; $searchQuery = !empty($searchString) ? " (C.name LIKE '" . $searchString . "%' OR C.name LIKE '% " . $searchString . "%') " : " 1=1 "; $orderBy = " C.name ASC"; # Get the district field if given $district = array_key_contains('-district-', $more); $counties = $obj->_query_reader->get_list('get_county_list_data', array('search_query' => $searchQuery, 'order_by' => $orderBy, 'limit_text' => '100')); foreach ($counties as $row) { $optionString .= "<div data-value='" . $row['value'] . "'"; $optionString .= $district['boolean'] ? " onclick=\"universalUpdate('" . $more[$district['key']] . "', '" . $row['district_name'] . "')\"" : ""; $optionString .= " >" . $row['display'] . "</div>"; } break; case "citizentype": $types = array('By Birth', 'By Naturalization', 'By Registration'); foreach ($types as $row) { $optionString .= "<div data-value='" . $row . "'>" . $row . "</div>"; } break; case "institutiontype": $types = array('University', 'College', 'Technical', 'Secondary', 'Primary'); foreach ($types as $row) { $optionString .= "<div data-value='" . $row . "'>" . $row . "</div>"; } break; case "month": $months = array('January', 'February', 'March', 'April', 'May', 'June', 'July', 'August', 'September', 'October', 'November', 'December'); foreach ($months as $row) { $optionString .= "<div data-value='" . $row . "'>" . $row . "</div>"; } break; case "pastyear": for ($i = date('Y'); $i > date('Y') - 80; $i--) { $optionString .= "<div data-value='" . $i . "'>" . $i . "</div>"; } break; case "subjecttype": $types = array('Major', 'Other', 'Minor'); foreach ($types as $row) { $optionString .= "<div data-value='" . $row . "'>" . $row . "</div>"; } break; case "jobroles": $roles = $obj->_query_reader->get_list('get_duties'); foreach ($roles as $row) { $optionString .= "<div data-value='" . $row['value'] . "'>" . $row['display'] . "</div>"; } break; case "roles": $roles = $obj->_query_reader->get_list('get_permission_groups', array('system_only' => "'N','Y'")); foreach ($roles as $row) { $optionString .= "<div data-value='" . $row['value'] . "'>" . $row['display'] . "</div>"; } break; case "schooljobs": $searchString = !empty($searchBy) ? htmlentities(restore_bad_chars($searchBy), ENT_QUOTES) : ""; $searchQuery = !empty($searchString) ? " (V.topic LIKE '" . $searchString . "%' OR V.topic LIKE '% " . $searchString . "%') " : " 1=1 "; $jobs = $obj->_query_reader->get_list('get_school_jobs', array('user_id' => $obj->native_session->get('__user_id'), 'search_query' => $searchQuery)); foreach ($jobs as $row) { $optionString .= "<div data-value='" . $row['value'] . "'onclick=\"universalUpdate('vacancyid', '" . $row['id'] . "')\">" . $row['display'] . "</div>"; } break; case "users": $searchString = !empty($searchBy) ? htmlentities(restore_bad_chars($searchBy), ENT_QUOTES) : ""; $searchQuery = !empty($searchString) ? " (P.first_name LIKE '" . $searchString . "%' OR P.first_name LIKE '% " . $searchString . "%' OR P.last_name LIKE '" . $searchString . "%') AND U.status='active' " : " U.status='active' "; $orderBy = " ORDER BY P.last_name ASC"; $users = $obj->_query_reader->get_list('get_user_list_data', array('search_query' => " U.id <> '" . $obj->native_session->get('__user_id') . "' AND " . $searchQuery, 'order_by' => $orderBy, 'limit_text' => '100')); foreach ($users as $row) { $optionString .= "<div data-value='" . $row['value'] . "' onclick=\"universalUpdate('userid', '" . $row['id'] . "')\">" . $row['display'] . "</div>"; } break; case "schooltypes": $types = array('Primary', 'Secondary', 'Tertiary', 'University', 'Other'); foreach ($types as $row) { $optionString .= "<div data-value='" . $row . "'>" . $row . "</div>"; } break; case "teachers": $searchString = !empty($searchBy) ? htmlentities(restore_bad_chars($searchBy), ENT_QUOTES) : ""; $searchQuery = !empty($searchString) ? " (P.first_name LIKE '" . $searchString . "%' OR P.first_name LIKE '% " . $searchString . "%' OR P.last_name LIKE '" . $searchString . "%') AND U.status='active' " : " U.status='active' "; $orderBy = " ORDER BY P.last_name ASC"; if ($obj->native_session->get('__permission_group') && $obj->native_session->get('__permission_group') == '3') { if ($obj->native_session->get('__posting')) { $users = $obj->_query_reader->get_list('get_user_list_data', array('search_query' => $searchQuery . " AND PS.institution_id='" . $obj->native_session->get('__posting') . "' AND U.permission_group_id='2' ", 'order_by' => $orderBy, 'limit_text' => '100')); } else { $users = array(); } } else { $users = $obj->_query_reader->get_list('get_user_list_data', array('search_query' => $searchQuery . " AND U.permission_group_id='2' ", 'order_by' => $orderBy, 'limit_text' => '100')); } foreach ($users as $row) { $optionString .= "<div data-value='" . $row['value'] . "' onclick=\"universalUpdate('teacherid', '" . $row['id'] . "')\">" . $row['display'] . "</div>"; } break; case "contactreason": $reasons = array('Account Access', 'Job Application', 'Information Security', 'General Inquiries'); foreach ($reasons as $row) { $optionString .= "<div data-value='" . $row . "'>" . $row . "</div>"; } break; case "grades": $grades = $obj->_query_reader->get_list('get_teacher_grades'); foreach ($grades as $row) { $optionString .= "<div data-value='" . $row['value'] . "'>" . $row['display'] . "</div>"; } break; case "interviewresults": $results = array('Failed', 'Inconclusive', 'Passed', 'Awarded'); foreach ($results as $row) { $optionString .= "<div data-value='" . $row . "'>" . $row . "</div>"; } break; case "shortlists": $searchString = !empty($searchBy) ? htmlentities(restore_bad_chars($searchBy), ENT_QUOTES) : ""; $searchQuery = !empty($searchString) ? " vacancy_id='" . $more['jobid'] . "' AND shortlist_name LIKE '" . $searchString . "%' " : " vacancy_id='" . $more['jobid'] . "' "; $orderBy = " ORDER BY shortlist_name ASC"; $shortlists = $obj->_query_reader->get_list('get_shortlist_data', array('search_query' => $searchQuery, 'order_by' => $orderBy, 'limit_text' => '100')); foreach ($shortlists as $row) { $optionString .= "<div data-value='" . $row['value'] . "'>" . $row['display'] . "</div>"; } break; case "schools": $searchString = !empty($searchBy) ? htmlentities(restore_bad_chars($searchBy), ENT_QUOTES) : ""; $searchQuery = !empty($searchString) ? " (INS.name LIKE '" . $searchString . "%' OR INS.name LIKE '% " . $searchString . "%') " : " 1=1 "; $orderBy = " ORDER BY I.name ASC"; $schools = $obj->_query_reader->get_list('get_institution_data', array('search_query' => $searchQuery, 'order_by' => $orderBy, 'limit_text' => '100')); foreach ($schools as $row) { $optionString .= "<div data-value='" . $row['value'] . "' onclick=\"universalUpdate('schoolid', '" . $row['id'] . "')\">" . $row['display'] . "</div>"; } break; case "leavetypes": $reasons = array('Study Leave', 'Normal Leave', 'Marternity Leave', 'Other Leave'); foreach ($reasons as $row) { $optionString .= "<div data-value='" . $row . "'>" . $row . "</div>"; } break; case "documenttypes": $reasons[0] = array('type' => 'confirmation_letter', 'display' => 'Job Confirmation Letter'); $reasons[1] = array('type' => 'transfer_letter', 'display' => 'Job Transfer Letter'); $reasons[2] = array('type' => 'transfer_pca', 'display' => 'Job Transfer PCA'); $reasons[3] = array('type' => 'verification_letter', 'display' => 'Leave Confirmation Letter'); $reasons[4] = array('type' => 'retirement_letter', 'display' => 'Retirement Confirmation Letter'); $reasons[5] = array('type' => 'registration_certificate', 'display' => 'Teacher Registration Certificate'); foreach ($reasons as $row) { $optionString .= "<div data-value='" . $row['display'] . "' onclick=\"universalUpdate('documenttype', '" . $row['type'] . "')\">" . $row['display'] . "</div>"; } break; case "boards": case "viewonlyboards": $boards = $obj->_query_reader->get_list('get_list_of_boards'); foreach ($boards as $row) { $optionString .= "<div data-value='" . $row['value'] . "' onclick=\"universalUpdate('boardid', '" . $row['id'] . "')"; if ($list_type == "boards") { $optionString .= ";updateFieldLayer('" . base_url() . "interview/view_board_members/boardid/" . $row['id'] . "','','','memberlist_div','');"; } $optionString .= "\">" . $row['display'] . "</div>"; } break; case "reporttypes": $types[0] = array('type' => 'registerednumbers', 'display' => 'Number of Registered Teachers'); $types[1] = array('type' => 'teacherappointments', 'display' => 'Teacher Appointments'); $types[2] = array('type' => 'teacherstatus', 'display' => 'Teacher Status'); foreach ($types as $row) { $optionString .= "<div data-value='" . $row['display'] . "' onclick=\"updateFieldLayer('" . base_url() . "teacher/report_specification/type/" . $row['type'] . "','','','reportspecs','')\">" . $row['display'] . "</div>"; } break; case "registerednumbers": $types[0] = array('type' => 'gender', 'display' => 'By Gender'); $types[1] = array('type' => 'grades', 'display' => 'By Grade'); $types[2] = array('type' => 'subjects', 'display' => 'By Subject'); $types[3] = array('type' => 'schools', 'display' => 'By School'); $types[4] = array('type' => 'districts', 'display' => 'By District'); $types[5] = array('type' => 'region', 'display' => 'By Region'); foreach ($types as $row) { $optionString .= "<div data-value='" . $row['display'] . "'>" . $row['display'] . "</div>"; } break; case "teacherappointments": $types[0] = array('type' => 'post', 'display' => 'By Post'); $types[1] = array('type' => 'school', 'display' => 'By School'); $types[2] = array('type' => 'district', 'display' => 'By District'); $types[3] = array('type' => 'region', 'display' => 'By Region'); foreach ($types as $row) { $optionString .= "<div data-value='" . $row['display'] . "'>" . $row['display'] . "</div>"; } break; case "teacherstatus": $types[0] = array('type' => 'applied', 'display' => 'Applied'); $types[1] = array('type' => 'probation', 'display' => 'On Probation'); $types[2] = array('type' => 'confirmed', 'display' => 'Confirmed'); $types[3] = array('type' => 'onleave', 'display' => 'On Leave'); $types[4] = array('type' => 'retired', 'display' => 'Retired'); foreach ($types as $row) { $optionString .= "<div data-value='" . $row['display'] . "'>" . $row['display'] . "</div>"; } break; } return !empty($optionString) ? $optionString : ($return == 'div' ? "<div data-value=''>No options available</div>" : "<option value=''>No options available</option>"); }
function select_region() { # Get the passed details into the url data array if any $urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 'd')); # Pick all assigned data $data = assign_to_data($urldata); #Check if a rule stamp is already set if (!empty($data['q'])) { $stamp = decryptValue($data['q']); } else { $stamp = strtotime('now'); #$this->session->set_userdata('rulestamp_'.decryptValue($data['i']), $stamp); } if (!$this->session->userdata('selected_regions_' . $stamp)) { $this->session->set_userdata('selected_regions_' . $stamp, array()); } $region_array = $this->session->userdata('selected_regions_' . $stamp); #All continents if (empty($data['continent'])) { array_push($region_array, "All<>All<>All"); } else { if (!empty($data['continent']) && empty($data['country'])) { array_push($region_array, restore_bad_chars($data['continent']) . "<>All<>All"); } else { if (!empty($data['continent']) && !empty($data['country']) && empty($data['state'])) { array_push($region_array, restore_bad_chars($data['continent']) . "<>" . restore_bad_chars($data['country']) . "<>All"); } else { if (!empty($data['continent']) && !empty($data['country']) && !empty($data['state'])) { array_push($region_array, restore_bad_chars($data['continent']) . "<>" . restore_bad_chars($data['country']) . "<>" . restore_bad_chars($data['state'])); } } } } $data['selectedstamp'] = $stamp; $data['page_list'] = array_unique($region_array); $this->session->set_userdata('selected_regions_' . $stamp, $data['page_list']); $data['area'] = "region_list"; $data = add_msg_if_any($this, $data); $this->load->view('incl/addons', $data); }
function edit_single_detail() { $data = filter_forwarded_data($this); if (!empty($data['value'])) { $response = $this->_procurement_plan->update_single_detail($data['d'], $data['k'], restore_bad_chars($data['value'])); echo format_notice($this, $response['boolean'] ? 'Updated' : 'ERROR: Not updated'); } }
function show_nav_details() { access_control($this); # Get the passed details into the url data array if any $urldata = $this->uri->uri_to_assoc(3, array('m', 'i')); # Pick all assigned data $data = assign_to_data($urldata); if (!empty($data['fundedamount']) && !empty($data['commitmentamount'])) { $fundedamount = removeCommas(restore_bad_chars($data['fundedamount'])); $commitmentamount = removeCommas(restore_bad_chars($data['commitmentamount'])); $fundedamt = !empty($fundedamount) ? $fundedamount : 0; $commitmentamt = !empty($commitmentamount) ? $commitmentamount : 0; } if (!empty($fundedamt) && !empty($commitmentamt)) { $data['unfunded'] = $commitmentamt - $fundedamt; } $data['area'] = "nav_amt_details"; $data = add_msg_if_any($this, $data); $this->load->view('incl/addons', $data); }
if (!empty($area) && $area == 'called_amt_details') { $table_HTML .= $combined_js_HTML . $combined_css_HTML; if ((!empty($uncalled) || $uncalled == 0) && !empty($dealamount) && $uncalled >= 0) { $perc = addCommas($uncalled / removeCommas($dealamount) * 100); $table_HTML .= "<b>Uncalled Amount:</b> \$" . addCommas($uncalled) . " (" . $perc . "%)"; } else { $table_HTML .= format_notice("<span class='error'>Invalid called or commitment amount.</span>"); } } else { if (!empty($area) && $area == 'new_section_details') { $table_HTML .= $combined_js_HTML . $combined_css_HTML; if (!empty($a) && decryptValue($a) == 'add') { $table_HTML .= format_notice("New section added") . "<select name='fileunder' id='fileunder' class='selectfield' onchange=\"showWithValue('fileunder', 'addbtn', 'addfields')\">"; $section_list = $this->db->query($this->Query_reader->get_query_by_code('search_file_under', array('searchstring' => ''))); $options = $section_list->result_array(); $selected = restore_bad_chars($sectionname); $options = array_merge(array(array('fileunder' => $selected)), $options); $table_HTML .= get_select_options($options, 'fileunder', 'fileunder', ''); $table_HTML .= "</select>"; } else { $table_HTML .= "<table class='lightgreybg'>\r\r\n\t\t<tr>\r\r\n\t\t<td class='label'>New Section:</td>\r\r\n\t\t<td><input name='sectionname' type='text' id='sectionname' size='18' class='textfield' value='' /></td>\r\r\n\t\t<td><input type='button' name='addsection' id='addsection' value='Add' class='bodybutton' onclick=\"updateFieldLayer('" . base_url() . "deal/add_section/a/" . encryptValue('add') . "', 'sectionname', 'newsectiondetails', 'fileunderdiv', 'Enter the new section name.')\" /></td>\r\r\n\t\t<td>\r\r\n\t\t<input type='button' name='canceladdn' id='canceladdn' value='Cancel' class='bodybutton' onclick=\"unhideShowLayer('newsec','');absHideDiv('newsectiondetails');\" />\r\r\n\t\t</td>\r\r\n\t\t</tr>\r\r\n\t\t</table>"; } } else { if (!empty($area) && $area == 'select_order_user') { $table_HTML .= $combined_js_HTML; if (!empty($page_list)) { $table_HTML .= "<table cellpadding='5' cellspacing='0' border='0'>\r\r\n\t\t<tr><td><b>Top " . NUM_OF_ROWS_PER_PAGE . " Search Results:</b></td><td align='right'><a href='javascript:void(0)' onClick=\"hideLayerSet('" . $layer . "')\"><img src='" . base_url() . "images/delete_icon.png' border='0' /></a></td></tr>"; $counter = 0; foreach ($page_list as $row) { #Show one row at a time $table_HTML .= "<tr style='" . get_row_color($counter, 2) . "'><td colspan='2'><a href='javascript:void(0)' onClick=\"updateFieldLayer('" . base_url() . "deal/add_single_order/d/" . $d . "/u/" . encryptValue($row['id']) . "', '', '', '', '');hideLayerSet('" . $layer . "')\" class='bluelinks'>" . $row['firstname'] . " " . $row['lastname'] . "</a> (" . $row['emailaddress'] . ")</td></tr>";
function save_class() { access_control($this); # Get the passed details into the url data array if any $urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 'a', 't')); # Pick all assigned data $data = assign_to_data($urldata); $data = restore_bad_chars($data); if ($data['save']) { $data['classdetails'] = $data; $required_fields = array('class', 'rank'); $_POST = clean_form_data($data); $validation_results = validate_form('', $_POST, $required_fields); $classname_error = ''; $rank_error = ''; #set status as editing on destination if updating if ($this->input->post('editid')) { $data['editid'] = $_POST['editid']; } #Only proceed if the validation for required fields passes if ($validation_results['bool'] && !(empty($data['editid']) && !empty($user_details))) { if (!empty($_POST['editid'])) { #Check if another class other than the current one exists with the same name $class_details = $this->Query_reader->get_row_as_array('search_classes_list', array('limittext' => '', 'searchstring' => ' AND class = "' . $data['classdetails']['class'] . '" AND id != ' . $data['editid'] . ' AND school =' . $this->myschool['id'])); #Also check for the same rank $rank_details = $this->Query_reader->get_row_as_array('search_classes_list', array('limittext' => '', 'searchstring' => ' AND id != ' . $data['editid'] . ' AND rank =' . $data['classdetails']['rank'] . ' AND school =' . $this->myschool['id'])); if (empty($term_details) && empty($rank_details)) { #Add the school id and author to the data array $_POST = array_merge($_POST, array('school' => $this->myschool['id'], 'author' => $this->session->userdata('userid'))); $result = $this->classobj->update_class(array_merge($_POST, array('id' => $data['editid']))); } else { if (!empty($class_details)) { $classname_error = "<br />WARNING: A class with the same name already exists."; } if (!empty($rank_details)) { $rank_error = "<br />WARNING: A class (" . $rank_details['class'] . ") with the same rank already exists."; } } } else { #Check if class name exists $class_details = $this->Query_reader->get_row_as_array('search_classes_list', array('limittext' => '', 'searchstring' => ' AND class = "' . $data['classdetails']['class'] . '" AND school =' . $this->myschool['id'])); #Also check for the same rank $rank_details = $this->Query_reader->get_row_as_array('search_classes_list', array('limittext' => '', 'searchstring' => ' AND rank =' . $data['classdetails']['rank'] . ' AND school =' . $this->myschool['id'])); if (empty($class_details) && empty($rank_details)) { #Add the school id and author to the data array $_POST = array_merge($_POST, array('school' => $this->myschool['id'], 'author' => $this->session->userdata('userid'))); $result = $this->classobj->add_class($_POST); } else { if (!empty($class_details)) { $classname_error = "<br />WARNING: A class with the same name already exists."; } if (!empty($rank_details)) { $rank_error = "<br />WARNING: A class (" . $rank_details['class'] . ") with the same rank already exists."; } } } #Format and send the errors if (!empty($result) && $result) { $data['msg'] = "The class data has been successfully saved."; $data['classdetails'] = array(); } else { if (empty($data['msg'])) { $data['msg'] = "ERROR: The class could not be saved or was not saved correctly." . $classname_error . $rank_error; } } } else { if (empty($data['editid']) && !empty($class_details)) { #$addn_msg = (!empty($user_details['isactive']) && $user_details['isactive'] == 'N')? "<a href='".base_url()."admin/load_user_form/i/".encryptValue($user_details['id'])."/a/".encryptValue("reactivate")."' style='text-decoration:underline;font-size:17px;'>Click here to activate and edit</a>": "<a href='".base_url()."admin/load_user_form/i/".encryptValue($user_details['id'])."' style='text-decoration:underline;font-size:17px;'>Click here to edit</a>"; $data['msg'] = "WARNING: A class with the same name already exists.<br />"; } } if ((empty($validation_results['bool']) || !empty($validation_results['bool']) && !$validation_results['bool']) && empty($data['msg'])) { $data['msg'] = "WARNING: The highlighted fields are required."; } $data['requiredfields'] = $validation_results['requiredfields']; } $this->load->view('incl/class_form', $data); }
function save_petty_cash_transaction() { access_control($this); # Get the passed details into the url data array if any $urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 'a', 'tt')); # Pick all assigned data $data = assign_to_data($urldata); $data = restore_bad_chars($data); if ($data['save']) { $data['transactiondetails'] = $data; $required_fields = array('reference', 'date', 'account', 'amount'); $_POST = clean_form_data($data); $validation_results = validate_form('', $_POST, $required_fields); #set status as editing on destination if updating if ($this->input->post('editid')) { $data['editid'] = $_POST['editid']; } #Only proceed if the validation for required fields passes if ($validation_results['bool']) { if (!empty($_POST['editid'])) { #Add the school id and author to the data array $_POST = array_merge($_POST, array('school' => $this->myschool['id'], 'author' => $this->session->userdata('userid'))); $result = $this->financeobj->update_petty_cash_transction(array_merge($_POST, array('id' => $data['editid']))); } else { #Add author, type and other info to the data array $_POST = array_merge($_POST, array('type' => decryptValue($_POST['tt']), 'author' => $this->session->userdata('userid'))); $result = $this->financeobj->save_petty_cash_transction($_POST); } #Format and send the errors if (!empty($result) && $result) { $data['msg'] = "The transaction data has been successfully saved."; $data['transactiondetails'] = array(); } else { if (empty($data['msg'])) { $data['msg'] = "ERROR: The transaction could not be saved or was not saved correctly." . $classname_error . $rank_error; } } } else { if (empty($data['editid']) && !empty($class_details)) { #$addn_msg = (!empty($user_details['isactive']) && $user_details['isactive'] == 'N')? "<a href='".base_url()."admin/load_user_form/i/".encryptValue($user_details['id'])."/a/".encryptValue("reactivate")."' style='text-decoration:underline;font-size:17px;'>Click here to activate and edit</a>": "<a href='".base_url()."admin/load_user_form/i/".encryptValue($user_details['id'])."' style='text-decoration:underline;font-size:17px;'>Click here to edit</a>"; #$data['msg'] = "WARNING: A class with the same name already exists.<br />"; } } if ((empty($validation_results['bool']) || !empty($validation_results['bool']) && !$validation_results['bool']) && empty($data['msg'])) { $data['msg'] = "WARNING: The highlighted fields are required."; } $data['requiredfields'] = $validation_results['requiredfields']; } $this->load->view('finances/petty_cash_transaction_form_view', $data); }
function add_user_to_group() { access_control($this); # Get the passed details into the url data array if any $urldata = $this->uri->uri_to_assoc(3, array('m', 'i')); # Pick all assigned data $data = assign_to_data($urldata); if (!empty($data['a']) && decryptValue($data['a']) == 'adduser') { $result = $this->db->query($this->Query_reader->get_query_by_code('add_user_to_group', array('groupname' => decryptValue($data['gn']), 'userid' => $data['adduserid'], 'isactive' => 'Y'))); $data['msg'] = $result ? "The user has been added to the email group." : "ERROR: The user could not be added to the email group."; $userlist = $this->session->userdata('usergrouplist'); array_push($userlist, $data['adduserid']); $this->session->set_userdata('usergrouplist', $userlist); $group = $this->db->query($this->Query_reader->get_query_by_code('get_group_by_name', array('groupname' => decryptValue($data['gn'])))); $data['page_list'] = $group->result_array(); $data['area'] = "user_email_group_list"; $this->load->view('incl/addons', $data); } else { $data['gn'] = !empty($data['groupname']) ? encryptValue(restore_bad_chars($data['groupname'])) : $data['gn']; $data['area'] = "add_user_to_group"; $this->load->view('incl/addons', $data); } }
function load_results() { # Get the passed details into the form data array if any $urldata = $this->uri->uri_to_assoc(3, array('searchfield', 'phrase', 'type')); # Pick all assigned data $data = assign_to_data($urldata); #print_r($data); #echo "<br/>"; # exit(); #Pick Student data $schooldetails = $this->session->userdata('schoolinfo'); # user has just clicked submit if (isset($_POST) && $this->input->post('searchbutton')) { $urldata['searchfield'] = $this->input->post('searchby'); $urldata['phrase'] = $this->input->post('search'); $data = assign_to_data($urldata); $data['userdetails'] = $this->session->userdata('alluserdata'); } $urldata['phrase'] = addslashes(restore_bad_chars($urldata['phrase'])); #print_r($urldata); #exit(); #Searching for students if (isset($data['type']) && in_array($data['type'], array('students', 'classes', 'register_student', 'student_leave', 'admission'))) { /* if(isset($_SESSION['searchstring'])){ unset($_SESSION['searchstring']); echo "like it"; exit(); } */ # unset( $_SESSION['student_search_str']['searchstring']); $search_string = ''; if (!empty($data['searchfield'])) { $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . trim($urldata['phrase']) . "%'"; $count++; } } $data['view_leave'] = $data['type'] == 'student_leave' ? TRUE : FALSE; #Determine which query to use to search #$query = $this->Query_reader->get_query_by_code('get_student_sponsor_list', array('isactive' => 'Y','searchstring'=>' AND students.school='.$this->schoolinfo['id']." AND (".$search_string.")", 'limittext'=>" LIMIT 0, 30")); #echo $query ."<br />"; #$data = paginate_list($this, $data, 'get_student_sponsor_list', array('isactive'=>'Y', 'searchstring'=>' AND students.school = '.$schooldetails['id']),30); switch ($data['type']) { case 'register_student': $data['area'] = 'register_student'; break; default: $data['area'] = 'student_list'; break; } if ($data['type'] == 'classes') { $search_string = $data['class'] != 'null' ? ' AND classes.id = "' . $data['class'] . '" ' : ''; $search_string .= $data['term'] != 'null' ? ' AND register.term = "' . $data['term'] . '" ' : ''; $data = paginate_list($this, $data, 'search_students_by_term_and_class', array('isactive' => 'Y', 'searchstring' => $search_string, 'school' => $this->schoolinfo['id'], 'lastname' => $urldata['phrase'] == 'null' ? '' : $urldata['phrase'], 'firstname' => $urldata['phrase'] == 'null' ? '' : $urldata['phrase'], 'studentno' => $urldata['phrase'] == 'null' ? '' : $urldata['phrase'], 'sponsorfirstname' => $urldata['phrase'] == 'null' ? '' : $urldata['phrase'], 'sponsorlastname' => $urldata['phrase'] == 'null' ? '' : $urldata['phrase']), 30); $_SESSION['student_search_str']['searchstring'] = $search_string; $_SESSION['student_search_str']['phrase'] = $urldata['phrase'] == 'null' ? '' : $urldata['phrase']; } else { if ($data['type'] == 'admission') { $search_string = $data['class'] != 'null' ? ' AND students.admissionclass = "' . $data['class'] . '" ' : ''; $search_string .= $data['term'] != 'null' ? ' AND register.term= "' . $data['term'] . '" ' : ''; $data = paginate_list($this, $data, 'search_students_by_term_and_class', array('isactive' => 'Y', 'searchstring' => $search_string, 'school' => $this->schoolinfo['id'], 'lastname' => $urldata['phrase'] == 'null' ? '' : $urldata['phrase'], 'firstname' => $urldata['phrase'] == 'null' ? '' : $urldata['phrase'], 'studentno' => $urldata['phrase'] == 'null' ? '' : $urldata['phrase'], 'sponsorfirstname' => $urldata['phrase'] == 'null' ? '' : $urldata['phrase'], 'sponsorlastname' => $urldata['phrase'] == 'null' ? '' : $urldata['phrase']), 30); $_SESSION['student_search_str']['searchstring'] = $search_string; $_SESSION['student_search_str']['phrase'] = $urldata['phrase'] == 'null' ? '' : $urldata['phrase']; } else { if ($this->session->userdata('student_search_str')) { $var = $this->session->userdata('student_search_str'); if (strpos($var['searchstring'], 'classes') !== false) { $data = paginate_list($this, $data, 'search_students_by_term_and_class', array('isactive' => 'Y', 'searchstring' => $var['searchstring'], 'school' => $this->schoolinfo['id'], 'school' => $this->schoolinfo['id'], 'lastname' => $urldata['phrase'] == 'null' ? '' : $urldata['phrase'], 'firstname' => $urldata['phrase'] == 'null' ? '' : $urldata['phrase'], 'studentno' => $urldata['phrase'] == 'null' ? '' : $urldata['phrase'], 'sponsorfirstname' => $urldata['phrase'] == 'null' ? '' : $urldata['phrase'], 'sponsorlastname' => $urldata['phrase'] == 'null' ? '' : $urldata['phrase']), 30); } else { if (strpos($var['searchstring'], 'admission') !== false) { # print_r($search_string); $sear = ''; # exit(); # $search_string = 'e'; $data = paginate_list($this, $data, 'search_students_by_term_and_class', array('isactive' => 'Y', 'searchstring' => $var['searchstring'], 'school' => $this->schoolinfo['id'], 'school' => $this->schoolinfo['id'], 'lastname' => $urldata['phrase'] == 'null' ? '' : $urldata['phrase'], 'firstname' => $urldata['phrase'] == 'null' ? '' : $urldata['phrase'], 'studentno' => $urldata['phrase'] == 'null' ? '' : $urldata['phrase'], 'sponsorfirstname' => $urldata['phrase'] == 'null' ? '' : $urldata['phrase'], 'sponsorlastname' => $urldata['phrase'] == 'null' ? '' : $urldata['phrase']), 30); # print_r($var); # exit; } } } else { // print_r($var['searcstring']); $data = paginate_list($this, $data, 'get_student_sponsor_list', array('isactive' => 'Y', 'searchstring' => ' AND students.school=' . $this->schoolinfo['id'] . " AND (" . $search_string . ")"), 30); } } } $this->paginate_result = 1; } else { if (isset($data['type']) && $data['type'] == 'borrowers') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; $query = $this->Query_reader->get_query_by_code('search_students_users', array('isactive' => 'Y', 'school' => $schooldetails['id'], 'firstname' => trim($urldata['phrase']), 'lastname' => trim($urldata['phrase']), 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = 'borrower_list'; } else { if (isset($data['type']) && $data['type'] == 'library_books') { $search_string = ''; $count = 0; #exclude already added books $selected_books = !empty($urldata['selectedBooks']) ? explode('_', $urldata['selectedBooks']) : ''; $selected_books_str = '()'; if (!empty($selected_books)) { $selected_books_str = ' AND `library`.`id` NOT IN ("' . str_replace('_', '","', $urldata['selectedBooks']) . '")'; } else { $selected_books_str = ''; } $query = $this->Query_reader->get_query_by_code('search_library_with_titles', array('isactive' => 'Y', 'school' => $schooldetails['id'], 'author' => trim($urldata['phrase']), 'searchstring' => $selected_books_str, 'stocktitle' => trim($urldata['phrase']), 'isbnnumber' => trim($urldata['phrase']), 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #print_r ($urldata); #echo $query."<BR><BR>"; #print $urldata['selectedBooks']; $data['area'] = 'library_books'; } else { if (isset($data['type']) && $data['type'] == 'inventory_status') { $data = paginate_list($this, $data, 'search_library_transactions_with_titles', array('isactive' => 'Y', 'school' => $schooldetails['id'], 'author' => trim($urldata['phrase']), 'stocktitle' => trim($urldata['phrase']), 'isbnnumber' => trim($urldata['phrase'])), 20); $this->paginate_result = 1; #print_r ($urldata); #echo $query."<BR><BR>"; #print $urldata['selectedBooks']; $data['area'] = 'inventory_status'; $this->paginate_result = 1; } else { if (isset($data['type']) && $data['type'] == 'in_inventory_list') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_item_list', array('isactive' => 'Y', 'searchstring' => "school = " . $schooldetails['id'] . " AND (" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = !empty($data['area']) ? $data['area'] : 'select_items'; } else { if (isset($data['type']) && $data['type'] == 'student_list') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_students_school_users', array('isactive' => 'Y', 'searchstring' => " AND school=" . $schooldetails['id'] . " AND (" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = !empty($data['area']) ? $data['area'] : 'select_student'; } else { if (isset($data['type']) && $data['type'] == 'stock_list') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_stock_list', array('isactive' => 'Y', 'searchstring' => "school = " . $schooldetails['id'] . " AND (" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = !empty($data['area']) ? $data['area'] : 'select_stock'; } else { if (isset($data['type']) && $data['type'] == 'inventory_list') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_inventory_list', array('isactive' => 'Y', 'searchstring' => " i.school = " . $schooldetails['id'] . " AND (" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = !empty($data['area']) ? $data['area'] : 'inventory_list'; } else { if (isset($data['type']) && $data['type'] == 'search_item_list') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_item_list', array('isactive' => 'Y', 'searchstring' => "school = " . $schooldetails['id'] . " AND (" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = !empty($data['area']) ? $data['area'] : 'item_list'; } else { if (isset($data['type']) && $data['type'] == 'search_stock_list') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_stock_list', array('isactive' => 'Y', 'searchstring' => "school = " . $schooldetails['id'] . " AND (" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = !empty($data['area']) ? $data['area'] : 'stock_list'; } else { if (isset($data['type']) && $data['type'] == 'search_stock_items_list') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_stock_items_list', array('isactive' => 'Y', 'searchstring' => "school = " . $schooldetails['id'] . " AND (" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = !empty($data['area']) ? $data['area'] : 'stock_items_list'; } else { if (isset($data['type']) && $data['type'] == 'search_borrowers_list') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_borrower_list', array('isactive' => 'Y', 'school' => $schooldetails['id'], 'searchstring' => "(" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"."dd"."layer[".$data['layer']."]"; if ($data['layer'] == "searchresults") { $data['area'] = !empty($data['area']) ? $data['area'] : 'borrower_list'; } elseif ($data['layer'] == "searchresults2") { $data['area'] = !empty($data['area']) ? $data['area'] : 'borrower_due_list'; } else { $data['area'] = !empty($data['area']) ? $data['area'] : 'borrower_defaulter_list'; } } else { if (isset($data['type']) && $data['type'] == 'search_returns_list') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_return_list', array('isactive' => 'Y', 'searchstring' => "(" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); echo $query . "<BR><BR>" . "dd"; $data['area'] = !empty($data['area']) ? $data['area'] : 'returns_list'; } else { if (isset($data['type']) && $data['type'] == 'search_transactions_list') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_transaction_list', array('isactive' => 'Y', 'searchstring' => " t.school = " . $schooldetails['id'] . " AND (" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"."dd"; $data['area'] = !empty($data['area']) ? $data['area'] : 'transactions_list'; } else { if (isset($data['type']) && $data['type'] == 'userlist') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } $exclusers = $this->session->userdata('exclusers') ? $this->session->userdata('exclusers') : array(); $extra_cond = !empty($data['msubarea']) && !empty($exclusers) ? " AND U.id NOT IN ('" . implode("','", $exclusers) . "') " : ""; #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_user_list', array('isactive' => 'Y', 'searchstring' => " AND (" . $search_string . ")" . $extra_cond, 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = !empty($data['msubarea']) ? $data['msubarea'] : 'search_user_details_list'; } else { if (isset($data['type']) && $data['type'] == 'newslist') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } $isactive = !empty($data['isarchive']) ? "N" : "Y"; #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_news_list', array('isactive' => $isactive, 'searchstring' => " AND (" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = 'search_news_list'; } else { if (isset($data['type']) && $data['type'] == 'permissions') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } $query = $this->Query_reader->get_query_by_code('get_group_permissions', array('groupid' => $urldata['phrase'])); $result = $this->db->query($query); $the_permissions_list = $result->result_array(); $data['groupdetails'] = $this->Query_reader->get_row_as_array('get_group_by_id', array('groupid' => $urldata['phrase'])); $usertype = $this->session->userdata('isadmin') == 'Y' ? "admin" : ""; $result = $this->db->query($this->Query_reader->get_query_by_code('get_all_permissions', array('accesslist' => "'" . $usertype . "'"))); $data['all_permissions'] = $result->result_array(); $data['permissions_list'] = array(); foreach ($the_permissions_list as $permission_row) { array_push($data['permissions_list'], $permission_row['permissionid']); } $data['all_permissions_list'] = array(); foreach ($data['all_permissions'] as $thepermission) { array_push($data['all_permissions_list'], $thepermission['id']); } #echo $query."<BR><BR>"; $data['area'] = 'get_group_permissions'; } else { if (isset($data['type']) && $data['type'] == 'invitation_user_list') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } #Determine which query to use to search if (!empty($data['subarea']) && $data['subarea'] == 'deals') { $deal_cond = "''"; } else { $deal_cond = "SELECT userid FROM invitations WHERE dealid='" . $data['dealid'] . "'"; } $query = $this->Query_reader->get_query_by_code('get_invitation_user_list', array('dealcond' => $deal_cond, 'searchstring' => " AND (" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); $groups = $this->db->query($this->Query_reader->get_query_by_code('get_email_groups', array('searchstring' => " AND G.groupname LIKE '%" . $urldata['phrase'] . "%' ", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " "))); $data['group_list'] = $groups->result_array(); #echo $query."<BR><BR>"; $data['area'] = 'invitation_user_list'; } else { if (isset($data['type']) && $data['type'] == 'report_user_list' || $data['type'] == 'outside_report_user_list') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } #Determine which query to use to search $report_cond = "SELECT userid FROM reportaccess WHERE reportid='" . $data['reportid'] . "'"; if ($data['type'] == 'outside_report_user_list') { $query = $this->Query_reader->get_query_by_code('search_outside_report_user_list', array('reportcond' => $report_cond, 'searchstring' => " AND (" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = 'outside_report_user_list'; } else { if ($data['type'] == 'selected_report_users') { $query = $this->Query_reader->get_query_by_code('get_report_user_list', array('reportcond' => $report_cond, 'searchstring' => " AND (" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = 'selected_report_users'; } } } else { if (isset($data['type']) && $data['type'] == 'file_under') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('search_file_under', array('searchstring' => " AND (" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = 'file_under_list'; } else { if (isset($data['type']) && $data['type'] == 'username') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " = '" . $urldata['phrase'] . "'"; $count++; } #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_existing_usernames', array('searchstring' => $search_string . " ", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['uname'] = $urldata['phrase']; $data['area'] = 'username_list'; } else { if (isset($data['type']) && $data['type'] == 'pwdstrength') { $data['passwordmsg'] = $this->user1->check_password_strength($urldata['phrase']); $data['area'] = 'show_password_strength'; } else { if (isset($data['type']) && $data['type'] == 'trading_holidays') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_trading_days', array('isactive' => "'Y'", 'searchstring' => " AND (" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = 'holiday_list'; } else { if (isset($data['type']) && $data['type'] == 'holiday_list') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_holiday_names', array('isactive' => "'Y'", 'searchstring' => " AND (" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = 'select_holiday'; } else { if (isset($data['type']) && $data['type'] == 'news_distribution') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_distribution_settings', array('searchstring' => " AND (" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = 'news_distribution'; } else { if (isset($data['type']) && $data['type'] == 'email_groups') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_email_groups', array('searchstring' => " AND (" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = 'email_groups'; } else { if (isset($data['type']) && $data['type'] == 'groupname') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('search_group_name', array('searchstring' => " AND (" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = 'group_name_select'; } else { if (isset($data['type']) && $data['type'] == 'user_search') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } #Determine which query to use to search $idlist = $this->session->userdata('usergrouplist') ? $this->session->userdata('usergrouplist') : array(); $idcond = !empty($data['layer']) && $data['layer'] == 'adduser_searchresults' ? " AND id NOT IN ('" . implode("','", $idlist) . "') " : ""; $query = $this->Query_reader->get_query_by_code('search_user_list', array('searchstring' => " AND (" . $search_string . ")", 'idcond' => $idcond, 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = 'general_user_list'; } else { if (isset($data['type']) && $data['type'] == 'organizations_list') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_organizations_list', array('isactive' => "'Y'", 'searchstring' => " AND (" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = 'organizations_list'; } else { if (isset($data['type']) && $data['type'] == 'user_news_list') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } if (!empty($data['t']) && decryptValue($data['t']) == 'archive') { $data['isarchive'] = "Y"; $isactive = "N"; } else { $isactive = "Y"; } #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_users_news_list', array('isactive' => $isactive, 'userid' => $this->session->userdata('userid'), 'searchstring' => " AND (" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = 'search_user_news_list'; } else { if (isset($data['type']) && $data['type'] == 'user_invitations_list') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } if (!empty($data['t']) && decryptValue($data['t']) == 'archive') { $data['isarchive'] = "Y"; $isactive = "N"; } else { $isactive = "Y"; } #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_user_invitations_list', array('isactive' => $isactive, 'userid' => $this->session->userdata('userid'), 'searchstring' => " AND (" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = 'search_user_invitations_list'; } else { if (isset($data['type']) && $data['type'] == 'order_accountnumber') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_order_account_number', array('orderedby' => $this->session->userdata('userid'), 'searchstring' => " AND (" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = 'order_accountnumber_list'; } else { if (isset($data['type']) && $data['type'] == 'order_list') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } #Determine which query to use to search if (!empty($data['t']) && decryptValue($data['t']) == 'indication_only') { $query = $this->Query_reader->get_query_by_code('get_order_list', array('isactive' => 'Y', 'ordertypes' => "'indication_only'", 'userid' => $this->session->userdata('userid'), 'searchstring' => " AND orderstatus IN ('open', 'processing', 'closed') AND (" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); } else { $query = $this->Query_reader->get_query_by_code('get_order_list', array('isactive' => 'Y', 'ordertypes' => "'firm'", 'userid' => $this->session->userdata('userid'), 'searchstring' => " AND orderstatus IN ('open', 'processing', 'closed') AND (" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); } #echo $query."<BR><BR>"; $data['area'] = 'order_list'; } else { if (isset($data['type']) && $data['type'] == 'fund_requests_list') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } $user_cond = $this->session->userdata('isadmin') == 'Y' ? "" : " AND requestedby='" . $this->session->userdata('userid') . "' "; #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_fund_request_list', array('isactive' => 'Y', 'searchstring' => $user_cond . " AND (" . $search_string . ") ", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = 'fund_requests_list'; } else { if (isset($data['type']) && $data['type'] == 'portfolio_list') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_portfolio_list', array('isactive' => 'Y', 'userid' => $this->session->userdata('userid'), 'searchstring' => " AND (" . $search_string . ")", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = 'portfolio_list'; } else { if (isset($data['type']) && $data['type'] == 'user_report_list') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } $isactive = !empty($data['t']) && decryptValue($data['t']) == 'archive' ? 'N' : 'Y'; #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_user_report_list', array('userid' => $this->session->userdata('userid'), 'searchstring' => " AND (" . $search_string . ") ", 'isactive' => $isactive, 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = 'user_report_list'; } else { if (isset($data['type']) && $data['type'] == 'invitations_response_list') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } $isactive = !empty($data['t']) && decryptValue($data['t']) == 'archive' ? 'N' : 'Y'; #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_inv_response_list', array('searchstring' => " AND (" . $search_string . ") ", 'isactive' => $isactive, 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = 'invitations_response_list'; } else { if (isset($data['type']) && $data['type'] == 'help_topic') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . str_replace(' ', '_', strtolower($urldata['phrase'])) . "%'"; $count++; } #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_help_topic', array('searchstring' => " AND (" . $search_string . ") ", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = 'help_list'; } else { if (isset($data['type']) && $data['type'] == 'manage_help_list') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_help_list', array('searchstring' => " AND (" . $search_string . ") ", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = 'manage_help_list'; } else { if (isset($data['type']) && $data['type'] == 'message_list') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_message_list', array('isactive' => 'Y', 'userid' => $this->session->userdata('userid'), 'searchstring' => " AND (" . $search_string . ") ", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = 'message_list'; } else { if (isset($data['type']) && $data['type'] == 'fund_sector') { $search_string = ''; $search_field_array = explode('__', $data['searchfield']); $count = 0; foreach ($search_field_array as $field) { if ($count != 0) { $search_string .= " OR "; } $search_string .= $field . " LIKE '%" . $urldata['phrase'] . "%'"; $count++; } #Determine which query to use to search $query = $this->Query_reader->get_query_by_code('get_fund_sector_list', array('searchstring' => " AND (" . $search_string . ") ", 'limittext' => " LIMIT 0," . NUM_OF_ROWS_PER_PAGE . " ")); #echo $query."<BR><BR>"; $data['area'] = 'fund_sector'; } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } #************************************************************************************************* #Process for all #************************************************************************************************* if (isset($query)) { if (!$this->paginate_result) { $result = $this->db->query($query); $data['page_list'] = $result->result_array(); } } # Send results to addon if no view to load is specified (in the case on instant search) if (empty($view_to_load)) { $view_to_load = 'incl/addons'; } #Set the query for download if (isset($query) && isset($data['area'])) { $this->session->set_userdata($data['area'] . '_query', $query); } $this->load->view($view_to_load, $data); }
function save_student_sponsor() { access_control($this); # Get the passed details into the url data array if any $urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 'a', 't')); # Pick all assigned data $data = assign_to_data($urldata); if ($data['save']) { $data['formdata'] = $data; $required_fields = array('student', 'sponsor'); foreach ($data as $key => $data_value) { $data[$key] = restore_bad_chars($data_value); } $_POST = clean_form_data($data); $validation_results = validate_form('', $_POST, $required_fields); #get the student info $data['student_info'] = get_db_object_details($this, 'students', decryptValue($data['m'])); #Only proceed if the validation for required fields passes if ($validation_results['bool']) { if (!empty($data['editid'])) { $result = $this->sponsorobj->update_student_sponsor(array_merge($_POST, array('id' => $data['editid']))); } else { #check if the sponsorship details already exist $sponsorship_count = count($this->db->query($this->Query_reader->get_query_by_code('student_sponsors', array('orderby' => 'sponsorlastname', 'limittext' => '', 'searchstring' => ' AND sponsor=' . $_POST['sponsor'] . ' AND sponsors.isactive="Y" AND student =' . decryptValue($_POST['student']))))->result_array()); if (!$sponsorship_count) { #Add the school id and author to the data array $_POST['student'] = decryptValue($_POST['student']); $_POST = array_merge($_POST, array('author' => $this->session->userdata('userid'))); $result = $this->sponsorobj->add_student_sponsor($_POST); } } #Format and send the errors if (!empty($result) && $result) { $data['msg'] = empty($data['editid']) ? 'The sponsorship details have been saved ' : 'The sponsorship details have been updated.'; $data['formdata'] = array(); } else { if (empty($data['msg'])) { $formdata = $data; $data['msg'] = "ERROR: The sponsorship details could not be saved or was not saved correctly." . ($sponsorship_count ? "<br />The sponsor has already been added to " . $data['student_info']['firstname'] . '\'s sponsors.' : ''); } } } $data['requiredfields'] = $validation_results['requiredfields']; } #get the sponsors $data['sponsors'] = $this->sponsorobj->get_sponsors(); $this->load->view('students/add_sponsor_form_view', $data); }
function update_stock() { access_control($this); $schooldetails = $this->session->userdata('schoolinfo'); # Get the passed details into the url data array if any # Get the passed details into the url data array if any $urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 'a', 't')); // $urldata = $this->uri->uri_to_assoc(3, array('m', 'i')); # Pick all assigned data $data = assign_to_data($urldata); $data = restore_bad_chars($data); #Get the Item details if (!empty($data['i'])) { $editid = decryptValue($data['i']); $data['formdata'] = $this->Query_reader->get_row_as_array('get_stock_item_by_id', array('id' => $editid)); // $data['formdata']['search'] = $data['formdata']['isbnnumber']; } // if($data['save']) if (!empty($data['s'])) { $stockid = decryptValue($data['s']); #$stockid = $data['s']; $data['stockdata'] = $this->Query_reader->get_row_as_array('get_stock_by_id', array('id' => $stockid)); } #Get the Item details if (isset($data['save'])) { $data['formdata'] = $data; //$required_fields = array('stockid', 'createdon', 'serialnumber', 'isbnnumber'); $required_fields = array('stockid', 'dateadded', 'serialnumber', 'isbnnumber'); foreach ($data as $key => $data_value) { $data[$key] = restore_bad_chars($data_value); } $_POST = clean_form_data($data); // print_r($_POST); $validation_results = validate_form('', $_POST, $required_fields); $feename_error = ''; #set status as editing on destination if updating if ($this->input->post('editid')) { $data['editid'] = $_POST['editid']; } #Only proceed if the validation for required fields passes // if($validation_results['bool']) if ($validation_results['bool'] && !(empty($data['editid']) && !empty($user_details))) { if (!empty($data['editid'])) { #check if a value with the isbnnumber already exists $isbnnumber_details = $this->Query_reader->get_row_as_array('search_isbn_list', array('limittext' => '', 'searchstring' => ' AND isbnnumber = "' . $data['bookdetails']['isbnnumber'] . '" AND id != ' . $data['editid'] . ' AND school =' . $this->myschool['id'])); $result = $this->db->query($this->Query_reader->get_query_by_code('update_stock_item', array_merge($_POST, array('id' => $data['editid'])))); } else { $_POST['stockid'] = decryptValue($data['s']); #echo ($this->Query_reader->get_query_by_code('insert_stock',$_POST)); #exit(); #Add the school id and author to the data array $_POST = array_merge($_POST, array('school' => $this->myschool['id'], 'createdby' => $this->session->userdata('userid'))); $result = $this->db->query($this->Query_reader->get_query_by_code('insert_stock', $_POST)); } #Format and send the errors if (!empty($result) && $result) { $data['msg'] = empty($data['editid']) ? 'Book number <i>' . $data['isbnnumber'] . '</i> has been added to the library.' : 'Details for ' . $data['stocktitle'] . ' have been updated.'; $data['formdata'] = array(); } else { if (empty($data['msg'])) { $data['msg'] = "ERROR: The stock could not be saved or was not saved correctly."; } } } $data['requiredfields'] = $validation_results['requiredfields']; } $data['stock'] = $this->librarymodel->get_books(); $this->load->view('incl/new_stock_item_view', $data); }
function check_password_strength($newpassword) { $error_msg = ""; $bool = TRUE; $chars = '@#$%&!_'; $uppercase = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'; $lowercase = 'abcdefghijklmnopqrstuvwxyz'; $strike = 0; $newpassword = restore_bad_chars($newpassword); #password below length if (strlen($newpassword) < 6) { $error_msg = "Password is below minimum length."; $bool = FALSE; $strike++; } #contains number if (strcspn($newpassword, '0123456789') == strlen($newpassword)) { $error_msg = "Password should to contain a number."; $bool = FALSE; $strike++; } #contains character if (strcspn($newpassword, $chars) == strlen($newpassword)) { $error_msg = "Password should contain a character from " . $chars . "."; $bool = FALSE; $strike++; } #contains lower case character if (strcspn($newpassword, $lowercase) == strlen($newpassword)) { $error_msg = "Password should contain a lower case character."; $bool = FALSE; $strike++; } #contains upper case character if (strcspn($newpassword, $uppercase) == strlen($newpassword)) { $error_msg = "Password should contain an upper case character."; $bool = FALSE; $strike++; } return array('bool' => $bool, 'msg' => $error_msg, 'strikecount' => $strike); }
function save_school_user() { access_control($this, array('admin')); # Get the passed details into the url data array if any $urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 'a', 's')); # Pick all assigned data $data = assign_to_data($urldata); #print_r($data); $data = restore_bad_chars($data); if ($this->input->post('save') || $data['save']) { $data['userdetails'] = $_POST = $data; $required_fields = array('firstname', 'lastname', 'school', 'address', 'emailaddress*EMAILFORMAT', 'telephone', 'username', 'isschooladmin'); $_POST = clean_form_data($_POST); $validation_results = validate_form('', $_POST, $required_fields); #set status as editing on destination if updating if ($this->input->post('editid')) { $data['editid'] = $_POST['editid']; } #Check if adding a new user and the email added has already been used if (!empty($data['userdetails']['emailaddress']) && empty($data['editid'])) { $user_details = $this->Query_reader->get_row_as_array('get_any_user_by_email', array('emailaddress' => $data['userdetails']['emailaddress'])); } #Only proceed if the validation for required fields passes if ($validation_results['bool']) { #user is editing if (!empty($data['i'])) { #Check if password has been changed and also meets minimum criteria if (!empty($_POST['password']) || !empty($_POST['repeatpassword'])) { $passwordmsg = $this->user1->check_password_strength($_POST['password']); if (!$passwordmsg['bool']) { $data['msg'] = $passwordmsg['msg']; } elseif ($_POST['password'] == $_POST['repeatpassword']) { $update_string = ", password = '******'password']) . "'"; } else { $data['msg'] = "WARNING: The passwords provided do not match."; } } else { $update_string = ""; } if (empty($_POST['password']) && empty($_POST['repeatpassword']) || !empty($update_string)) { $resulta = ''; if (!empty($_POST['username1']) && $_POST['username1'] != $_POST['username'] || !empty($_POST['emailaddress'])) { $resulta = $this->db->query($this->Query_reader->get_query_by_code('check_schoolusername', array_merge(array('username' => $_POST['username'], 'email' => $_POST['emailaddress'], 'editid' => decryptValue($data['i'])))))->result_array(); if (count($resulta) > 0) { $data['msg'] = "WARNING:Username " . $_POST['username'] . " or Email " . $_POST['emailaddress'] . " Exists "; } else { $result = $this->db->query($this->Query_reader->get_query_by_code('update_school_user_data', array_merge($_POST, array('updatecond' => $update_string, 'username' => $_POST['username'], 'editid' => decryptValue($data['i']))))); } } else { $result = $this->db->query($this->Query_reader->get_query_by_code('update_school_user_data', array_merge($_POST, array('updatecond' => $update_string, 'username' => $_POST['username1'], 'editid' => decryptValue($data['i']))))); } } } else { #check if a similar username already exists in both users and school users tables $username_error = ""; $usernames = $this->db->query($this->Query_reader->get_query_by_code('get_existing_usernames', array('searchstring' => ' username = "******"'))); #school users $school_usernames = $this->db->query($this->Query_reader->get_query_by_code('search_schoolusers', array('searchstring' => ' username = "******"'))); #determine password strength $passwordmsg = $this->user1->check_password_strength($_POST['password']); if (strlen($_POST['username']) < 5) { $data['msg'] = "WARNING: The username must be at least 5 characters long."; } elseif (count($usernames->result_array()) || count($school_usernames->result_array())) { $data['msg'] = "WARNING: The username is already being used by another user."; } elseif (!$passwordmsg['bool']) { $data['msg'] = "WARNING: " . $passwordmsg['msg']; } elseif ($_POST['password'] == $_POST['repeatpassword'] && !empty($_POST['password'])) { $_POST['newpass'] = $_POST['password']; $_POST['usertype'] = 'SCHOOL'; $result = $this->db->query($this->Query_reader->get_query_by_code('add_school_user', array_merge($_POST, array('password' => sha1($_POST['newpass']))))); } else { $data['msg'] = "WARNING: The passwords provided do not match."; } } #Format and send the errors if (!empty($result) && $result) { #Notify user by email on creation of an account if (empty($data['editid'])) { /*$send_result = $this->sysemail->email_form_data(array('fromemail'=>NOREPLY_EMAIL), get_confirmation_messages($this, array('emailaddress'=>$_POST['emailaddress'], 'username'=>$_POST['username'], 'password'=>$_POST['newpass']), 'registration_confirm')); */ } $data['msg'] = "The user data has been successfully saved"; $data['userdetails'] = array(); #redirect("admin/school_users/m/usave/s/".encryptValue($_POST['school'])); } else { if (empty($data['msg'])) { #Get access groups $usergroupsResult = $this->db->query($this->Query_reader->get_query_by_code('get_user_groups', array('searchstr' => ' AND school = ' . $_POST['school']))); $data['usergroups'] = get_select_options($usergroupsResult->result_array(), 'id', 'groupname', '', 'Select'); $data['msg'] = "ERROR: The user could not be saved or was not saved correctly."; } } } else { if (empty($data['editid']) && !empty($user_details)) { $addn_msg = !empty($user_details['isactive']) && $user_details['isactive'] == 'N' ? "<a href='" . base_url() . "admin/load_user_form/i/" . encryptValue($user_details['id']) . "/a/" . encryptValue("reactivate") . "' style='text-decoration:underline;font-size:17px;'>Click here to activate and edit</a>" : "<a href='" . base_url() . "admin/load_user_form/i/" . encryptValue($user_details['id']) . "' style='text-decoration:underline;font-size:17px;'>Click here to edit</a>"; $data['msg'] = "WARNING: The emailaddress has already been used by another user.<br />" . $addn_msg . " this user instead."; } } if ((empty($validation_results['bool']) || !empty($validation_results['bool']) && !$validation_results['bool']) && empty($data['msg'])) { $data['msg'] = "WARNING: The highlighted fields are required."; } $data['requiredfields'] = $validation_results['requiredfields']; } #get the school details $schoolid = $_POST['school']; $data['schooldetails'] = $this->Query_reader->get_row_as_array('get_school_by_id', array('id' => $schoolid)); $this->load->view('admin/new_school_user', $data); }