=2){ if(isset($_GET['delete'])){ $sql=$db->prepare("SELECT COUNT(id) AS count, user, program FROM registrations WHERE id=:id"); $sql->execute(array(":id"=>$_GET['delete'])); $reg=$sql->fetch(PDO::FETCH_ASSOC); if($reg['count']<1){ functions::setError(7); if(!isset($_GET['backend'])) header("Location: ./timetable"); } else{ $sql=$db->prepare("DELETE FROM registrations WHERE id=:id"); $sql->execute(array(":id"=>$_GET['delete'])); $res=$sql->rowCount(); if($res<1){ functions::setError(6); if(!isset($_GET['backend'])) header("Location: ./timetable"); } else{ //keep history integrity $sql=$db->prepare("INSERT INTO registration_log (user, date, action, program) VALUES (:uid, :date, :act, :pid)"); $sql->execute(array(":uid"=>$reg['user'], ":date"=>date("Y-m-d H:i:s"), ":act"=>10, ":pid"=>$reg['program'])); functions::setMessage(4); if(!isset($_GET['backend'])) header("Location: ./timetable"); } } } //force add if(isset($_POST['fa_user']) && isset($_POST['fa_program'])){ $sql=$db->prepare("SELECT COUNT(id) AS count FROM users WHERE id=:uid"); $sql->execute(array(":uid"=>$_POST['fa_user'])); $res=$sql->fetch(PDO::FETCH_ASSOC); if($res['count']<1){ //check if user exists functions::setError(7); if(!isset($_GET['backend'])) header("Location: ./timetable"); } else{ $sql=$db->prepare("SELECT COUNT(id) AS count, time_block FROM programs WHERE id=:pid"); $sql->execute(array(":pid"=>$_POST['fa_program'])); $prog=$sql->fetch(PDO::FETCH_ASSOC); if($prog['count']<1){ //check if program exists functions::setError(7); if(!isset($_GET['backend'])) header("Location: ./timetable"); } else{ $sql=$db->prepare("SELECT COUNT(r.id) AS count FROM registrations AS r INNER JOIN programs AS p ON (p.id=r.program) WHERE r.user=:uid and p.time_block=:tb"); $sql->execute(array(":uid"=>$_POST['fa_user'], ":tb"=>$prog['time_block'])); $res=$sql->fetch(PDO::FETCH_ASSOC); if($res['count']>0){ //check if not occupied functions::setError(12); if(!isset($_GET['backend'])) header("Location: ./timetable"); } else{ //do this! $sql=$db->prepare("INSERT INTO registrations (user, program) VALUES (:uid, :pid)"); $sql->execute(array(":uid"=>$_POST['fa_user'], ":pid"=>$_POST['fa_program'])); $res=$sql->rowCount(); if($res<1){ //check insert failure functions::setError(6); if(!isset($_GET['backend'])) header("Location: ./timetable"); } else{ //keep history integrity $sql=$db->prepare("INSERT INTO registration_log (user, date, action, program) VALUES (:uid, :date, :act, :pid)"); $sql->execute(array(":uid"=>$_POST['fa_user'], ":date"=>date("Y-m-d H:i:s"), ":act"=>11, ":pid"=>$_POST['fa_program'])); functions::setMessage(3); if(!isset($_GET['backend'])) header("Location: ./timetable"); } } } } } if(isset($_POST['fa_class']) && isset($_POST['fa_program'])){ $sql=$db->prepare("SELECT COUNT(id) AS count FROM users WHERE class=:c"); $sql->execute(array(":c"=>$_POST['fa_class'])); $res=$sql->fetch(PDO::FETCH_ASSOC); if($res['count']<1){ //check if class exists functions::setError(7); if(!isset($_GET['backend'])) header("Location: ./timetable"); } else{ $sql=$db->prepare("SELECT COUNT(id) AS count, time_block FROM programs WHERE id=:pid"); $sql->execute(array(":pid"=>$_POST['fa_program'])); $prog=$sql->fetch(PDO::FETCH_ASSOC); if($prog['count']<1){ //check if program exists functions::setError(7); if(!isset($_GET['backend'])) header("Location: ./timetable"); } else{ $sql=$db->prepare("SELECT COUNT(r.id) AS count, r.id FROM registrations AS r INNER JOIN programs AS p ON (p.id=r.program) INNER JOIN users AS u ON (u.id=r.user) WHERE u.class=:c and u.accesslevel=0 and p.time_block=:tb"); $sql->execute(array(":c"=>$_POST['fa_class'], ":tb"=>$prog['time_block'])); $res=$sql->fetch(PDO::FETCH_ASSOC); if($res['count']>0){ //check if not occupied functions::setError(12); if(!isset($_GET['backend'])) header("Location: ./timetable"); } else{ //do this! $sql=$db->prepare("INSERT INTO registrations (user, program) SELECT id, :pid FROM users WHERE class=:c and accesslevel=0"); $sql->execute(array(":c"=>$_POST['fa_class'], ":pid"=>$_POST['fa_program'])); $res=$sql->rowCount(); if($res<1){ //check insert failure functions::setError(6); if(!isset($_GET['backend'])) header("Location: ./timetable"); } else{ //keep history integrity $sql=$db->prepare("INSERT INTO registration_log (user, date, action, program) SELECT id, :date, :act, :pid FROM users WHERE class=:c and accesslevel=0"); $sql->execute(array(":c"=>$_POST['fa_class'], ":date"=>date("Y-m-d H:i:s"), ":act"=>11, ":pid"=>$_POST['fa_program'])); functions::setMessage(3); if(!isset($_GET['backend'])) header("Location: ./timetable"); } } } } } $msql=$db->prepare("SELECT id, name, class FROM users WHERE id<>1 and accesslevel=0 ORDER BY class ASC, name ASC"); $msql->execute(); } if($_SESSION['accesslevel']==1){ $msql=$db->prepare("SELECT id, name, class FROM users WHERE id<>1 and accesslevel=0 and class=:class ORDER BY name ASC"); $msql->execute(array(":class"=>$_SESSION['class'])); } if($_SESSION['accesslevel']<1){ $msql=$db->prepare("SELECT p.id, p.name, p.description, p.instructor, p.location, tb.name AS time_block, ts.name AS time_sequence FROM registrations AS r INNER JOIN programs AS p ON (p.id=r.program) INNER JOIN time_blocks AS tb ON (tb.id=p.time_block) INNER JOIN time_sequences AS ts ON (ts.id=tb.sequence) WHERE r.user=:uid ORDER BY ts.id ASC, tb.name ASC, p.name ASC"); $msql->execute(array(":uid"=>$_SESSION['id'])); } /* * EXPORT */ if(isset($_GET['export']) && $_SESSION['accesslevel']>=1){ $csv=$BOM; $csv.=$config['general']['org']."\n".$config['general']['title']."\n\n"; $prog=""; $sql=$db->prepare("SELECT tb.id, ts.name AS time_sequence, tb.name AS time_block FROM time_blocks AS tb INNER JOIN time_sequences AS ts ON (ts.id=tb.sequence) ORDER BY ts.id ASC, tb.name ASC"); $sql->execute(); $tbs=array(); while($row=$sql->fetch(PDO::FETCH_ASSOC)){ $prog.=$row['time_sequence']."/".$row['time_block'].";"; array_push($tbs, $row['id']); } $prog=rtrim($prog, ";"); $csv.=$lang['uid'].";".$lang['name'].";".$lang['class'].";".$prog."\n"; while($row=$msql->fetch(PDO::FETCH_ASSOC)){ $i=0; $prog=""; $sql=$db->prepare("SELECT r.id AS regid, tb.id AS time_block, p.name FROM registrations AS r INNER JOIN programs AS p ON (p.id=r.program) INNER JOIN time_blocks AS tb ON (tb.id=p.time_block) WHERE r.user=:uid ORDER BY tb.sequence ASC, tb.name ASC"); $sql->execute(array(":uid"=>$row['id'])); while($row2=$sql->fetch(PDO::FETCH_ASSOC)){ while($row2['time_block']!=$tbs[$i]){ $prog.="-;"; $i++; } $prog.=$row2['name'].";"; $i++; } for(;$i"; $html.=""; $html.=""; $html.="

".$config['general']['title']."

"; $html.="

".$config['general']['org']."

"; $html.="
"; $html.="

".$lang['name'].": ".$_SESSION['name']." | ".$lang['class'].": ".$_SESSION['class']." | ".$lang['studentprinted']."

"; $html.=""; $html.=""; $html.=""; $html.=""; $html.=""; $html.=""; $html.=""; while($row=$msql->fetch(PDO::FETCH_ASSOC)){ $html.=""; $html.=""; $html.=""; $html.=""; $html.=""; $html.=""; } $html.="
".$lang['timeblock']."".$lang['progname']."".$lang['instructor']."".$lang['signature']."
".$row['time_sequence']."
".$row['time_block']."
".$row['name']."".$row['instructor']."
"; $html.=""; $html.=""; $html.=""; echo "
".$html."
"; die(); } else{ $html=""; $second=false; while($row=$msql->fetch(PDO::FETCH_ASSOC)){ //header if(!$second){ $html.=""; } //content $html.=""; $html.=""; $html.=""; if($second){ $html.="
"; $html.="

".$config['general']['title']."

"; $html.="

".$config['general']['org']."

"; $html.="
"; $html.="

".$lang['name'].": ".$row['name']." | ".$lang['class'].": ".$row['class']."

"; //programs $html.=""; $html.=""; $html.=""; $html.=""; $html.=""; $html.=""; $html.=""; //subquerry $sql=$db->prepare("SELECT tb.name AS time_block, ts.name AS time_sequence, p.instructor, p.name FROM registrations AS r INNER JOIN programs AS p ON (p.id=r.program) INNER JOIN time_blocks AS tb ON (tb.id=p.time_block) INNER JOIN time_sequences AS ts ON (ts.id=tb.sequence) WHERE r.user=:uid ORDER BY ts.id ASC, tb.name ASC"); $sql->execute(array(":uid"=>$row['id'])); while($row2=$sql->fetch(PDO::FETCH_ASSOC)){ $html.=""; $html.=""; $html.=""; $html.=""; $html.=""; $html.=""; } $html.="
".$lang['timeblock']."".$lang['progname']."".$lang['instructor']."".$lang['signature']."
".$row2['time_sequence']."
".$row2['time_block']."
".$row2['name']."".$row2['instructor']."
"; $html.="
"; } $second=!$second; } echo "
".$html."
"; die(); } }