}
}
}
echo constructAdminSearchTablesRow($data['name'], $data['id'], $data['leaders'], $data['advisor'], $data['status'], $linkContents);
}
} else {
echo "<tr><td>Could Not Find Any Data for the Selected Category</td></tr>";
}
} else {
if ($action == 'namesearch') {
if (isset($_GET['v'])) {
$username = "";
if (isset($_SESSION['user'])) {
$username = sanatizeInput($_SESSION['user']);
}
$value = sanatizeInput($_GET['v']);
$query = "SELECT c.id as id, c.name as name, c.mission_statement as mission, CONCAT_WS(', ', GROUP_CONCAT(DISTINCT leader.preferred_name, ' ', leader.last_name SEPARATOR ', ')) as leader_name, advisor.preferred_name as advisor_first, advisor.last_name as advisor_last\n FROM taftclubs.club as c\n INNER JOIN sgstudents.seniors_data as advisor\n ON c.advisor = advisor.id\n INNER JOIN taftclubs.clubjoiners as j\n ON c.id = j.clubId\n INNER JOIN sgstudents.seniors_data as leader\n ON leader.id = j.userId\n INNER JOIN taftclubs.clubcategories as category\n ON c.category = category.id\n WHERE j.hasLeft = 0 AND j.isLeader = 1 AND c.approved = 1 AND c.status = 5";
$result = "";
if ($value == 'All') {
$result = $conn->query($query . $endOfQuery);
} else {
$result = $conn->query($query . " AND c.name LIKE '%{$value}%'" . $endOfQuery);
}
if ($result->num_rows > 0) {
while ($item = $result->fetch_assoc()) {
echo constructCatSearchWidgetString($item['name'], $item['id'], $item['leader_name'], $item['advisor_first'], $item['advisor_last'], $item['mission'], isPartOfClub($username, $item['id'], $conn));
}
} else {
echo "Oops, There doesn't seem to be anything here yet! Try creating a club with this name!";
}
} else {
<?php
/*
Method: GET
Parameters:
[field] = field authenticating for
[value1] = input value 1
[value2] = input value 2
*/
require 'SQLUtils.php';
$field = $value1 = $value2 = "";
if (isset($_GET['field'])) {
$field = sanatizeInput($_GET['field']);
$conn = getSQLConnectionFromConfig();
if ($field == 'add_leader') {
if (isset($_GET['value1']) && isset($_GET['value2'])) {
$ret = array('answer' => 0);
$value1 = sanatizeInput($_GET['value1']);
$value2 = sanatizeInput($_GET['value2']);
$result = $conn->query("SELECT EXISTS(SELECT preferred_name, last_name\n\t\t\t FROM sgstudents.seniors_data\n WHERE (preferred_name = '{$value1}' OR first_name = '{$value1}') AND last_name = '{$value2}') as answer");
$data = $result->fetch_assoc();
$ret['answer'] = $data['answer'];
echo json_encode($ret);
}
}
$conn->close();
}
<?php
if (!isset($_GET['clubId'])) {
exit;
}
require 'scripts/SQLUtils.php';
require 'scripts/club_utils.php';
$clubId = sanatizeInput($_GET['clubId']);
$conn = getSQLConnectionFromConfig();
$posts = getClubFeedPosts($clubId, $conn);
?>
<h2>Posts: </h2>
<ul class="posts">
<?php
foreach ($posts as $post) {
$poster = $post['poster'];
$datePosted = $post['dateCreated'];
$content = $post['content'];
?>
<li>
<div>Posted By: <?php
echo $poster;
?>
</div>
<div>On: <?php
echo $datePosted;
?>
</div>
<div><?php
echo $content;
?>
<?php
session_start();
require 'scripts/SQLUtils.php';
require 'scripts/index_utils.php';
$action = "";
if (isset($_REQUEST['action'])) {
$action = sanatizeInput($_REQUEST['action']);
}
$conn = getSQLConnectionFromConfig();
?>
<!DOCTYPE>
<html>
<head>
<title>Taft Clubs</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" type="text/css" href="style/common.css">
<link rel="stylesheet" type="text/css" href="index.css">
<script src="js/jquery-2.1.4.min.js"></script>
<script type="text/javascript">
var loadMyClubs = false;
<?php
if ($action == "myclubs") {
echo "loadMyClubs = true;";
}
?>
</script>
</head>
<body>
<div class="popOut">
$SCHOOL_YEAR = 2016;
session_start();
//Must be authenticated to get to this page
if (!isset($_SESSION['user'])) {
echo "NO USER";
exit;
}
require 'SQLUtils.php';
require 'category_utils.php';
require 'club_utils.php';
require 'index_utils.php';
$json = file_get_contents("php://input");
$_POST = json_decode($json, true);
$request_type = "";
if (isset($_POST['request_type'])) {
$request_type = sanatizeInput($_POST['request_type']);
$conn = getSQLConnectionFromConfig();
if ($request_type == "savedraft") {
$name = $_POST['title'];
$advisor = explode(" ", $_POST['faculty_advisor']);
$mission_statement = $_POST['mission_statement'];
$status = $_POST['club_status'];
$category = $_POST['category'];
$catId = categoryToId($category, $conn);
$query = "INSERT INTO taftclubs.club (name, advisor, mission_statement, sticky, status, approved, startDate, category, isJoinable, schoolYear)\n VALUES('{$name}', (SELECT id FROM sgstudents.seniors_data WHERE last_name = '{$advisor[1]}' AND (preferred_name = '{$advisor[0]}' OR first_name = '{$advisor[0]}')),\n '{$mission_statement}', 0, 1, 0, NOW(), {$catId}, 1, {$SCHOOL_YEAR})";
$conn->query($query);
$clubid = $conn->insert_id;
insertLeaders($_POST['leaders'], $clubid, $conn);
foreach ($_POST['events'] as $event) {
$eventStuff = explode(", ", $event);
insertNewEvent($eventStuff[0], $eventStuff[1], $eventStuff[2], $eventStuff[3], $clubid, 1, $conn);
