function updateWorksheet($vid, $type)
{
global $userid;
if ($type === "DELETE") {
$query = "UPDATE TWORKSHEETVERSION Set `Deleted` = TRUE WHERE `Version ID` = {$vid}";
$errorMsg = "There was an error deleted the worksheet.";
$successMsg = "Worksheet {$vid} succesfully deleted by {$userid}";
$delete = TRUE;
} else {
if ($type === "RESTORE") {
$query = "UPDATE TWORKSHEETVERSION Set `Deleted` = FALSE WHERE `Version ID` = {$vid}";
$errorMsg = "There was an error restoring the worksheet.";
$successMsg = "Worksheet {$vid} succesfully restored by {$userid}";
$delete = FALSE;
} else {
failRequest("There was an error completing your request;");
}
}
try {
db_begin_transaction();
db_query_exception($query);
updateRelatedCompletedQuestions($vid, $delete);
db_commit_transaction();
} catch (Exception $ex) {
db_rollback_transaction();
returnToPageError($ex, $errorMsg);
}
$response = array("success" => TRUE);
echo json_encode($response);
infoLog($successMsg);
exit;
}
function getNotesForStaff($staffId)
{
try {
$query = "SELECT R.ID, S.`Preferred Name`, U.`First Name`, U.`Surname`, G.`Name`, R.`Note`, R.`Date`, DATE_FORMAT(R.`Date`, '%b %D %Y %k:%i') date_format FROM `TREPORTNOTES` R\n LEFT JOIN TUSERS U ON U.`User ID` = R.`StudentID`\n LEFT JOIN TSTUDENTS S ON S.`User ID` = R.`StudentID`\n LEFT JOIN TGROUPS G ON G.`Group ID` = R.GroupID\n WHERE StaffID = {$staffId} ";
$query .= "ORDER BY G.Name, U.Surname, R.Date DESC;";
succeedRequest(db_select_exception($query));
} catch (Exception $ex) {
failRequest($ex->getMessage());
}
}
function modifyTag($tagid, $name)
{
$ucname = ucwords($name);
$query = "UPDATE TTAGS SET `Name` = '{$ucname}' WHERE `Tag ID` = {$tagid};";
try {
db_query_exception($query);
succeedRequest("Tag succesfully updated", []);
} catch (Exception $ex) {
failRequest("There was a problem modifying the tag." . $ex->getMessage());
}
}
function removeFromGroup($studentid, $groupid)
{
$query = "UPDATE `TUSERGROUPS` SET `Archived`= 1 WHERE `User ID` = {$studentid} AND `Group ID` = {$groupid};";
try {
db_begin_transaction();
db_query_exception($query);
db_commit_transaction();
} catch (Exception $ex) {
db_rollback_transaction();
failRequest($ex->getMessage());
}
succeedRequest();
}
}
switch ($requestType) {
case "FILTERED":
if (!authoriseUserRoles($role, ["SUPER_USER", "STAFF"])) {
failRequest("You are not authorised to complete that request");
}
getAllCompletedWorksheetsForGroup($groupid, $staffid, $orderby, $desc);
break;
case "ALLWORKSHEETS":
if (!authoriseUserRoles($role, ["SUPER_USER", "STAFF"])) {
failRequest("You are not authorised to complete that request");
}
getAllWorksheets($orderby, $desc);
default:
if (!authoriseUserRoles($role, ["SUPER_USER", "STAFF"])) {
failRequest("You are not authorised to complete that request");
}
getAllWorksheetNames($orderby, $desc);
break;
}
function getAllWorksheetNames($orderby, $desc)
{
$query = "SELECT WV.`Version ID` ID, WV.`WName` WName, WV.`VName` VName " . "FROM TWORKSHEETVERSION WV " . "WHERE WV.`Deleted` = 0";
if (isset($orderby)) {
$query .= " ORDER BY {$orderby}";
if (isset($desc) && $desc == "TRUE") {
$query .= " DESC";
}
}
try {
$worksheets = db_select_exception($query);
function failRequestWithException($message, $ex)
{
errorLog("There was an error requesting the report: " . $ex->getMessage());
failRequest($message . ": " . $ex->getMessage());
}
$userid = filter_input(INPUT_POST, 'userid', FILTER_SANITIZE_NUMBER_INT);
$userval = base64_decode(filter_input(INPUT_POST, 'userval', FILTER_SANITIZE_STRING));
$external = filter_input(INPUT_POST, 'external', FILTER_SANITIZE_STRING);
$role = validateRequest($userid, $userval, $external);
if (!$role) {
failRequest("There was a problem validating your request");
}
switch ($requestType) {
case "SETSBYSTAFF":
if (!authoriseUserRoles($role, ["SUPER_USER", "STAFF"])) {
failRequest("You are not authorised to complete that request");
}
getSetsForStaffMember($staffid, $orderby, $desc);
break;
default:
failRequest("There was a problem with your request, please try again.");
break;
}
function getSetsForStaffMember($staffid, $orderby, $desc)
{
$query = "select G.`Group ID` ID, G.`Name` Name from TGROUPS G\n join TUSERGROUPS UG on G.`Group ID` = UG.`Group ID`";
$query .= filterBy(["UG.`User ID`", "G.`Type ID`", "UG.`Archived`"], [$staffid, 3, 0]);
$query .= orderBy([$orderby], [$desc]);
try {
$sets = db_select_exception($query);
} catch (Exception $ex) {
errorLog("Error loading the worksheets: " . $ex->getMessage());
$response = array("success" => TRUE);
echo json_encode($response);
}
$response = array("success" => TRUE, "sets" => $sets);
function deleteGroupWorksheet($gwid)
{
$query = "UPDATE TGROUPWORKSHEETS SET `Deleted` = 1 WHERE `Group Worksheet ID` = {$gwid}";
try {
db_query_exception($query);
} catch (Exception $ex) {
failRequest($ex->getMessage());
}
$result = array("success" => TRUE);
echo json_encode($result);
}
