function updateWorksheet($vid, $type) { global $userid; if ($type === "DELETE") { $query = "UPDATE TWORKSHEETVERSION Set `Deleted` = TRUE WHERE `Version ID` = {$vid}"; $errorMsg = "There was an error deleted the worksheet."; $successMsg = "Worksheet {$vid} succesfully deleted by {$userid}"; $delete = TRUE; } else { if ($type === "RESTORE") { $query = "UPDATE TWORKSHEETVERSION Set `Deleted` = FALSE WHERE `Version ID` = {$vid}"; $errorMsg = "There was an error restoring the worksheet."; $successMsg = "Worksheet {$vid} succesfully restored by {$userid}"; $delete = FALSE; } else { failRequest("There was an error completing your request;"); } } try { db_begin_transaction(); db_query_exception($query); updateRelatedCompletedQuestions($vid, $delete); db_commit_transaction(); } catch (Exception $ex) { db_rollback_transaction(); returnToPageError($ex, $errorMsg); } $response = array("success" => TRUE); echo json_encode($response); infoLog($successMsg); exit; }
function getNotesForStaff($staffId) { try { $query = "SELECT R.ID, S.`Preferred Name`, U.`First Name`, U.`Surname`, G.`Name`, R.`Note`, R.`Date`, DATE_FORMAT(R.`Date`, '%b %D %Y %k:%i') date_format FROM `TREPORTNOTES` R\n LEFT JOIN TUSERS U ON U.`User ID` = R.`StudentID`\n LEFT JOIN TSTUDENTS S ON S.`User ID` = R.`StudentID`\n LEFT JOIN TGROUPS G ON G.`Group ID` = R.GroupID\n WHERE StaffID = {$staffId} "; $query .= "ORDER BY G.Name, U.Surname, R.Date DESC;"; succeedRequest(db_select_exception($query)); } catch (Exception $ex) { failRequest($ex->getMessage()); } }
function modifyTag($tagid, $name) { $ucname = ucwords($name); $query = "UPDATE TTAGS SET `Name` = '{$ucname}' WHERE `Tag ID` = {$tagid};"; try { db_query_exception($query); succeedRequest("Tag succesfully updated", []); } catch (Exception $ex) { failRequest("There was a problem modifying the tag." . $ex->getMessage()); } }
function removeFromGroup($studentid, $groupid) { $query = "UPDATE `TUSERGROUPS` SET `Archived`= 1 WHERE `User ID` = {$studentid} AND `Group ID` = {$groupid};"; try { db_begin_transaction(); db_query_exception($query); db_commit_transaction(); } catch (Exception $ex) { db_rollback_transaction(); failRequest($ex->getMessage()); } succeedRequest(); }
} switch ($requestType) { case "FILTERED": if (!authoriseUserRoles($role, ["SUPER_USER", "STAFF"])) { failRequest("You are not authorised to complete that request"); } getAllCompletedWorksheetsForGroup($groupid, $staffid, $orderby, $desc); break; case "ALLWORKSHEETS": if (!authoriseUserRoles($role, ["SUPER_USER", "STAFF"])) { failRequest("You are not authorised to complete that request"); } getAllWorksheets($orderby, $desc); default: if (!authoriseUserRoles($role, ["SUPER_USER", "STAFF"])) { failRequest("You are not authorised to complete that request"); } getAllWorksheetNames($orderby, $desc); break; } function getAllWorksheetNames($orderby, $desc) { $query = "SELECT WV.`Version ID` ID, WV.`WName` WName, WV.`VName` VName " . "FROM TWORKSHEETVERSION WV " . "WHERE WV.`Deleted` = 0"; if (isset($orderby)) { $query .= " ORDER BY {$orderby}"; if (isset($desc) && $desc == "TRUE") { $query .= " DESC"; } } try { $worksheets = db_select_exception($query);
function failRequestWithException($message, $ex) { errorLog("There was an error requesting the report: " . $ex->getMessage()); failRequest($message . ": " . $ex->getMessage()); }
$userid = filter_input(INPUT_POST, 'userid', FILTER_SANITIZE_NUMBER_INT); $userval = base64_decode(filter_input(INPUT_POST, 'userval', FILTER_SANITIZE_STRING)); $external = filter_input(INPUT_POST, 'external', FILTER_SANITIZE_STRING); $role = validateRequest($userid, $userval, $external); if (!$role) { failRequest("There was a problem validating your request"); } switch ($requestType) { case "SETSBYSTAFF": if (!authoriseUserRoles($role, ["SUPER_USER", "STAFF"])) { failRequest("You are not authorised to complete that request"); } getSetsForStaffMember($staffid, $orderby, $desc); break; default: failRequest("There was a problem with your request, please try again."); break; } function getSetsForStaffMember($staffid, $orderby, $desc) { $query = "select G.`Group ID` ID, G.`Name` Name from TGROUPS G\n join TUSERGROUPS UG on G.`Group ID` = UG.`Group ID`"; $query .= filterBy(["UG.`User ID`", "G.`Type ID`", "UG.`Archived`"], [$staffid, 3, 0]); $query .= orderBy([$orderby], [$desc]); try { $sets = db_select_exception($query); } catch (Exception $ex) { errorLog("Error loading the worksheets: " . $ex->getMessage()); $response = array("success" => TRUE); echo json_encode($response); } $response = array("success" => TRUE, "sets" => $sets);
function deleteGroupWorksheet($gwid) { $query = "UPDATE TGROUPWORKSHEETS SET `Deleted` = 1 WHERE `Group Worksheet ID` = {$gwid}"; try { db_query_exception($query); } catch (Exception $ex) { failRequest($ex->getMessage()); } $result = array("success" => TRUE); echo json_encode($result); }