display_agenda_items();
} else {
show_add_form();
}
break;
case "edit":
if (!(api_is_course_coach() && !api_is_element_in_the_session(TOOL_AGENDA, intval($_REQUEST['id'])))) {
// a coach can only delete an element belonging to his session
if ($_POST['submit_event']) {
$my_id_attach = (int) $_REQUEST['id_attach'];
$my_file_comment = Database::escape_string($_REQUEST['file_comment']);
store_edited_agenda_item($my_id_attach, $my_file_comment);
display_agenda_items();
} else {
$id = (int) $_GET['id'];
show_add_form($id);
}
} else {
display_agenda_items();
}
break;
case "delete":
$id = (int) $_GET['id'];
if (!(api_is_course_coach() && !api_is_element_in_the_session(TOOL_AGENDA, $id))) {
// a coach can only delete an element belonging to his session
if (api_is_allowed_to_edit() && !api_is_anonymous()) {
if (!empty($id)) {
$res_del = delete_agenda_item($id);
if ($res_del) {
Display::display_normal_message(get_lang("AgendaDeleteSuccess"));
}
} else {
if ( isset($_GET['advmode']) ) {
if ( isset($_GET['add']) ) {
if ( isset($_GET['t']) ) {
show_new_form();
} else if ( isset($_GET['r']) ) {
show_receipt_form();
} else if ( isset($_GET['thr']) ) {
show_therapy_form();
} else {
show_add_form();
}
} else {
if ( isset($_GET['edit']) ) {
if ( isset($_GET['cd']) && isset($_GET['order']) && isset($_GET['type']) ) {
show_add_form( $_GET['cd'], $_GET['type'], $_GET['order'], $interface->getInfo( 'desease', $interface->card[0] ));
exit;
} else {
die;
}
} else {
print ( $interface->mode != 3 ) ? "true" : "false";
}
}
exit;
} else {
initP( $interface->mode, $interface->getInfo( 'desease', $interface->card[0] ), $interface->getInfo( 'cdates', $interface->card[0] ) );
exit;
}
}
} else {
function do_add_test()
{
// Check XSRF token
if ($_SESSION['xsrf_token'] != $_POST['xsrf_token']) {
trigger_error('Do_Add: XSRF token invalid', E_USER_ERROR);
}
// Validate the entered information:
//
// Check name length
$name = mysqli_real_escape_string(DB::get(), htmlentities($_POST['name']));
if (strlen($_POST['name']) > 20) {
show_add_form('Name is too long');
return;
}
if ($name == '') {
show_add_form('Name can\'t be blank');
return;
}
// Check date
$date = strtotime($_POST['date']);
if ($date == false) {
show_add_form('Huh? I can\'t understand that date');
return;
}
// Check total points
$total_points = (int) $_POST['total_points'];
if ($total_points <= 0) {
show_add_form('Too few points');
return;
}
// ** INFORMATION VALIDATED AT THIS POINT **
$query = 'INSERT INTO tests (name, date, total_points) VALUES("' . $name . '", "' . date('Y-m-d', $date) . '", "' . $total_points . '")';
DB::queryRaw($query);
$_SESSION['TEST_added'] = 'The test "' . $name . '" has been added';
redirect();
}
break;
} else {
Display::display_confirmation_message(get_lang('AddSuccess'));
echo $agenda_result;
}
} else {
display_ical_import_form();
}
break;
case 'edit':
// a coach can only delete an element belonging to his session
if ($_POST['submit_event']) {
store_edited_agenda_item($event_id, $_REQUEST['id_attach'], $_REQUEST['file_comment']);
$action = 'view';
} else {
show_add_form($event_id, $event_type);
}
break;
case "delete":
if (!(api_is_course_coach() && !api_is_element_in_the_session(TOOL_AGENDA, $event_id))) {
// a coach can only delete an element belonging to his session
delete_agenda_item($event_id);
$action = 'view';
}
break;
case "showhide":
if (!(api_is_course_coach() && !api_is_element_in_the_session(TOOL_AGENDA, $event_id))) {
// a coach can only delete an element belonging to his session
showhide_agenda_item($event_id);
$action = 'view';
}