1 |
<?php |
2 |
/********************************************************** |
3 |
Function Library: app_controls.php |
4 |
Original Author: Paul Bramscher <brams006@umn.edu> |
5 |
Last Modified: 03.15.2004 |
6 |
*********************************************************** |
7 |
Comments: |
8 |
Functions here are generally related to drawing of HTML |
9 |
form input: text boxes, drop-down boxes, and radio buttons. |
10 |
Other functions include lookup and picklist related duties. |
11 |
|
12 |
These have been separated from forms.php since they are |
13 |
typically used in more than one place. Some are quite |
14 |
generic and are used throughout the system. |
15 |
*********************************************************** |
16 |
Table of Contents: |
17 |
adminReturn |
18 |
authPage |
19 |
authResourceDelete |
20 |
authResourceEdit |
21 |
authSubject |
22 |
dropDownAccountOmit |
23 |
dropDownAuthCourses |
24 |
dropDownAuthPages |
25 |
dropDownAuthSubjects |
26 |
dropDownCourses |
27 |
dropDownCoursesubOmit |
28 |
dropDownCoursesubSelected |
29 |
dropDownFaculty |
30 |
dropDownFacultySelected |
31 |
dropDownField |
32 |
dropDownFieldOmit |
33 |
dropDownFieldSelected |
34 |
dropDownInfotype |
35 |
dropDownPageStaff |
36 |
dropDownPageSubject |
37 |
dropDownResource |
38 |
dropDownServiceLimit |
39 |
dropDownStaff |
40 |
dropDownStaffOmit |
41 |
dropDownStaffSelected |
42 |
existsResSub |
43 |
existsResSubNA |
44 |
existsResSubNOTNA |
45 |
existsRow |
46 |
getNotIn |
47 |
lookupFaculty |
48 |
lookupField |
49 |
lookupStaff |
50 |
msgTableClose |
51 |
msgTableOpen |
52 |
recordCount |
53 |
selectCoursesub |
54 |
selectFaculty |
55 |
selectKey |
56 |
selectStaff |
57 |
statQuery |
58 |
textInmySQL |
59 |
textOutHTML |
60 |
textSearchmySQL |
61 |
**********************************************************/ |
62 |
|
63 |
|
64 |
|
65 |
/********************************************************** |
66 |
Function: adminReturn($sess_access_level) |
67 |
Author: Paul Bramscher |
68 |
Last Modified: 07.02.2003 |
69 |
*********************************************************** |
70 |
Incoming: |
71 |
$sess_access_level Access level of the current |
72 |
session. |
73 |
*********************************************************** |
74 |
Outgoing: |
75 |
None |
76 |
*********************************************************** |
77 |
Purpose: |
78 |
A simple HTML link back to the author console, used |
79 |
throughout the Lumina(r) system. This function may be |
80 |
(optionally) passed the access level of the current user |
81 |
session. Higher access will display more menu link |
82 |
options. Note that each menu, upon arrival, verifies the |
83 |
session and access level so this presents no security |
84 |
risk. |
85 |
**********************************************************/ |
86 |
function adminReturn($sess_access_level) { |
87 |
|
88 |
include ("global_vars.php"); |
89 |
|
90 |
// Return to admin console |
91 |
printf("<center><br>\n"); |
92 |
printf("<a href=\"%sconsole.phtml\">Authoring Console</a>", $GLOBAL_ADMIN_URL); |
93 |
|
94 |
// If manager or higher |
95 |
if ($sess_access_level >= 100) printf(" | <a href=\"%sconsole_manager.phtml\">Manager Functions</a>", $GLOBAL_ADMIN_URL); |
96 |
|
97 |
// If DBA |
98 |
if ($sess_access_level == 1000) printf(" | <a href=\"%sconsole_dba.phtml\">DBA Tools</a>", $GLOBAL_ADMIN_URL); |
99 |
|
100 |
printf("</center>"); |
101 |
} |
102 |
|
103 |
|
104 |
/********************************************************** |
105 |
Function: authPage($page_id, $sess_access_level, $sess_staff_id) |
106 |
Author: Paul Bramscher |
107 |
Last Modified: 03.02.2004 |
108 |
*********************************************************** |
109 |
Incoming: |
110 |
$page_id Page to test authorization |
111 |
$sess_access_level Access level of the current user |
112 |
session. |
113 |
$sess_staff_id staff id of the current user |
114 |
*********************************************************** |
115 |
Outgoing: |
116 |
1 = authorized to work on this page. |
117 |
0 = non-authorized. |
118 |
*********************************************************** |
119 |
Purpose: |
120 |
A check to ensure whether the current user may access the |
121 |
supplied page. The following rules apply: |
122 |
|
123 |
(1) DBA's can edit anything. |
124 |
(2) Managers can edit pages created by anyone within their unit. |
125 |
(3) Page coordinators can edit pages they coordinate. |
126 |
(4) Page maintainers may also edit pages they are assigned to. |
127 |
|
128 |
Some scenarios of pages that are NOT editable: |
129 |
|
130 |
(1) The original page creator is no longer the coordinator, |
131 |
not a DBA, and not assigned as a maintainer. S/he can no |
132 |
longer edit the page. |
133 |
(2) You are a unit managager and used to have access to a page |
134 |
coordinated by one of your employees. S/he switches units, |
135 |
and is now under a new manager. The page can now be accessed |
136 |
by the manager of the new unit and not yourself. |
137 |
|
138 |
etc... |
139 |
|
140 |
**********************************************************/ |
141 |
function authPage($page_id, $sess_access_level, $sess_staff_id){ |
142 |
|
143 |
/* Access Table Definitions |
144 |
+-----------+--------------+---------+ |
145 |
| access_id | access_level | access | |
146 |
+-----------+--------------+---------+ |
147 |
| 1 | 0 | Denied | |
148 |
| 2 | 10 | Guest | |
149 |
| 3 | 20 | Author | |
150 |
| 4 | 100 | Manager | |
151 |
| 5 | 1000 | DBA | |
152 |
+-----------+--------------+---------+ |
153 |
*/ |
154 |
|
155 |
|
156 |
// Default no authorization |
157 |
$auth_page = 0; |
158 |
|
159 |
|
160 |
// User is an author. Must be page coordinator or a co-maintainer. |
161 |
if ($sess_access_level == 20) { |
162 |
|
163 |
$sql = "SELECT count(DISTINCT p.page_id) AS auth_page FROM |
164 |
page p |
165 |
LEFT JOIN page_staff ps using (page_id) |
166 |
WHERE p.page_id = " |
167 |
. $page_id |
168 |
. " AND (p.staff_coordinator = " |
169 |
. $sess_staff_id |
170 |
. " OR ps.staff_id = " |
171 |
. $sess_staff_id |
172 |
. ")"; |
173 |
|
174 |
} |
175 |
|
176 |
|
177 |
// User is a manager. Must be page coordinator, co-maintainer, or manager of |
178 |
// the coordinator's unit. |
179 |
else if ($sess_access_level == 100) { |
180 |
|
181 |
// Determine libunit |
182 |
$lu_sql = "SELECT libunit_id FROM libunit |
183 |
WHERE head_staff_id = " |
184 |
. $sess_staff_id; |
185 |
$lu_rs = mysql_tryquery($lu_sql); |
186 |
|
187 |
$lu_string = "ls.libunit_id IN ("; |
188 |
$first_element = 0; |
189 |
|
190 |
// Concatenate the IN clause |
191 |
while ($lu_row = mysql_fetch_array ($lu_rs, MYSQL_ASSOC)) { |
192 |
$libunit_id = $lu_row["libunit_id"]; |
193 |
//printf("libunit id was: %d<BR><BR>", $libunit_id); |
194 |
|
195 |
if ($first_element == 0) { |
196 |
$first_element = 1; |
197 |
$lu_string .= $libunit_id; |
198 |
} |
199 |
else $lu_string .= ", " . $libunit_id; |
200 |
} |
201 |
|
202 |
// Cleanup |
203 |
$lu_string .= ") OR"; |
204 |
|
205 |
// If nothing found, then return a blank string |
206 |
if ($first_element == 0) $lu_string = ""; |
207 |
|
208 |
$sql = "SELECT count(DISTINCT p.page_id) AS auth_page |
209 |
FROM page p |
210 |
LEFT JOIN page_staff ps using (page_id) |
211 |
LEFT JOIN libunit_staff ls on p.staff_coordinator = ls.staff_id |
212 |
WHERE p.page_id = " |
213 |
. $page_id |
214 |
. " AND (" |
215 |
. $lu_string |
216 |
. " p.staff_coordinator = " |
217 |
. $sess_staff_id |
218 |
. " OR ps.staff_id = " |
219 |
. $sess_staff_id |
220 |
. ")"; |
221 |
} |
222 |
|
223 |
|
224 |
|
225 |
// DBA. Access everything. |
226 |
else if ($sess_access_level == "1000") { |
227 |
$auth_page = 1; |
228 |
} |
229 |
|
230 |
// Every other access level. No pages at all! |
231 |
else { |
232 |
$auth_page = 0; |
233 |
} |
234 |
|
235 |
// Run the authorized page query if not DBA level |
236 |
if ($sess_access_level >= 20 && $sess_access_level < 1000) { |
237 |
|
238 |
$rs = mysql_tryquery($sql); |
239 |
$row = mysql_fetch_array ($rs, MYSQL_ASSOC); |
240 |
|
241 |
// Collect the access information |
242 |
$auth_page = $row["auth_page"]; |
243 |
} |
244 |
|
245 |
if ($auth_page > 0) $auth_page = 1; |
246 |
|
247 |
return $auth_page; |
248 |
|
249 |
} |
250 |
|
251 |
|
252 |
/********************************************************** |
253 |
Function: authResourceDelete($resource_id, $sess_access_level, |
254 |
$sess_staff_account) |
255 |
Author: Paul Bramscher |
256 |
Last Modified: 03.02.2004 |
257 |
*********************************************************** |
258 |
Incoming: |
259 |
$resource_id Resource to test authorization |
260 |
$sess_access_level Access level of the current user |
261 |
session. |
262 |
$sess_staff_account x500 id of the current user |
263 |
*********************************************************** |
264 |
Outgoing: |
265 |
1 = authorized to work on this resource |
266 |
0 = non-authorized. |
267 |
*********************************************************** |
268 |
Purpose: |
269 |
A check to ensure whether the current user may delete the |
270 |
supplied resource. The following rules apply: |
271 |
|
272 |
(1) DBA's and managers can delete all resources |
273 |
(2) Any staffperson with access greater than guest and less than |
274 |
manager may delete only those resource s/he has created. |
275 |
**********************************************************/ |
276 |
function authResourceDelete($resource_id, $sess_access_level, |
277 |
$sess_staff_account) { |
278 |
|
279 |
/* Access Table Definitions |
280 |
+-----------+--------------+---------+ |
281 |
| access_id | access_level | access | |
282 |
+-----------+--------------+---------+ |
283 |
| 1 | 0 | Denied | |
284 |
| 2 | 10 | Guest | |
285 |
| 3 | 20 | Author | |
286 |
| 4 | 100 | Manager | |
287 |
| 5 | 1000 | DBA | |
288 |
+-----------+--------------+---------+ |
289 |
*/ |
290 |
|
291 |
|
292 |
// Default no authorization |
293 |
$auth_resource = 0; |
294 |
|
295 |
/* If wishing to enforce resource delete access against author access, |
296 |
uncomment this portion -- it's been temporarily commented out to allow |
297 |
conversion staff the ability to tweak resources. |
298 |
*/ |
299 |
|
300 |
// Scenario: guest access < THE USER < manager access |
301 |
if ($sess_access_level > 10 && $sess_access_level < 100 ) { |
302 |
|
303 |
$sql = "SELECT count(r.resource_id) AS auth_resource FROM |
304 |
resource r |
305 |
WHERE r.resource_id = " |
306 |
. $resource_id |
307 |
. " AND r.account_created = '" |
308 |
. $sess_staff_account |
309 |
. "'"; |
310 |
|
311 |
$rs = mysql_tryquery($sql); |
312 |
$row = mysql_fetch_array ($rs, MYSQL_ASSOC); |
313 |
|
314 |
// Collect the access information |
315 |
$auth_resource = $row["auth_resource"]; |
316 |
|
317 |
if ($auth_resource > 0) $auth_resource = 1; |
318 |
} |
319 |
|
320 |
// Manager or higher access. Great edit/delete access for everything. |
321 |
else if ($sess_access_level >= 100 ) { |
322 |
$auth_resource = 1; |
323 |
} |
324 |
|
325 |
|
326 |
/* If wishing to enforce resource edit/delete access against author access, |
327 |
uncomment the previous portion and delete this. |
328 |
Note: 08.21.2003 - PFB. Open editing of resources by any author is now verboten. |
329 |
|
330 |
// Author or higher access. Grant edit/delete access for everything. |
331 |
if ($sess_access_level >= "10" ) { |
332 |
$auth_resource = 1; |
333 |
} |
334 |
*/ |
335 |
|
336 |
return $auth_resource; |
337 |
|
338 |
} |
339 |
|
340 |
|
341 |
/********************************************************** |
342 |
Function: authResourceEdit($resource_id, $sess_access_level, |
343 |
$sess_staff_account) |
344 |
Author: Paul Bramscher |
345 |
Last Modified: 03.10.2004 |
346 |
*********************************************************** |
347 |
Incoming: |
348 |
$resource_id Resource to test authorization |
349 |
$sess_access_level Access level of the current user |
350 |
session. |
351 |
$sess_staff_account x500 id of the current user |
352 |
*********************************************************** |
353 |
Outgoing: |
354 |
1 = authorized to work on this resource |
355 |
0 = non-authorized. |
356 |
*********************************************************** |
357 |
Purpose: |
358 |
A check to ensure whether the current user may edit the |
359 |
supplied resource. The following rules apply: |
360 |
|
361 |
(1) Authors and above may edit all resources |
362 |
**********************************************************/ |
363 |
function authResourceEdit($resource_id, $sess_access_level, |
364 |
$sess_staff_account) { |
365 |
|
366 |
/* Access Table Definitions |
367 |
+-----------+--------------+---------+ |
368 |
| access_id | access_level | access | |
369 |
+-----------+--------------+---------+ |
370 |
| 1 | 0 | Denied | |
371 |
| 2 | 10 | Guest | |
372 |
| 3 | 20 | Author | |
373 |
| 4 | 100 | Manager | |
374 |
| 5 | 1000 | DBA | |
375 |
+-----------+--------------+---------+ |
376 |
*/ |
377 |
|
378 |
|
379 |
// Default no authorization |
380 |
$auth_resource = 0; |
381 |
|
382 |
/* If wishing to enforce resource edit/delete access against author access, |
383 |
uncomment this portion -- it's been temporarily commented out to allow |
384 |
conversion staff the ability to tweak resources. |
385 |
Note: 08.21.2003 - PFB. Resource editing access is now being enforced again. |
386 |
|
387 |
|
388 |
// Scenario: guest access < THE USER < manager access |
389 |
if ($sess_access_level > 10 && $sess_access_level < 100 ) { |
390 |
|
391 |
$sql = "SELECT count(r.resource_id) AS auth_resource FROM |
392 |
resource r |
393 |
WHERE r.resource_id = " |
394 |
. $resource_id |
395 |
. " AND r.account_created = '" |
396 |
. $sess_staff_account |
397 |
. "'"; |
398 |
|
399 |
$rs = mysql_tryquery($sql); |
400 |
$row = mysql_fetch_array ($rs, MYSQL_ASSOC); |
401 |
|
402 |
// Collect the access information |
403 |
$auth_resource = $row["auth_resource"]; |
404 |
|
405 |
if ($auth_resource > 0) $auth_resource = 1; |
406 |
} |
407 |
|
408 |
|
409 |
|
410 |
// Manager or higher access. Great edit/delete access for everything. |
411 |
else if ($sess_access_level >= "100" ) { |
412 |
$auth_resource = 1; |
413 |
} |
414 |
*/ |
415 |
|
416 |
/* If wishing to enforce resource edit/delete access against author access, |
417 |
uncomment the previous portion and delete this. |
418 |
Note: 08.21.2003 - PFB. Open editing of resources by any author is now verboten. |
419 |
Note: 08.26.2003 - PFB. Editing of resources is allowed, but not deleting. |
420 |
*/ |
421 |
|
422 |
// Author or higher access. Great edit/delete access for everything. |
423 |
if ($sess_access_level >= 10 ) { |
424 |
$auth_resource = 1; |
425 |
} |
426 |
|
427 |
return $auth_resource; |
428 |
|
429 |
} |
430 |
|
431 |
|
432 |
/********************************************************** |
433 |
Function: authSubject($sess_access_level, $sess_staff_id, |
434 |
$subject_id) |
435 |
Author: Paul Bramscher |
436 |
Last Modified: 03.02.2004 |
437 |
*********************************************************** |
438 |
Incoming: |
439 |
$sess_access_level Access level of the current user |
440 |
session. |
441 |
$sess_staff_id staff id of the current user |
442 |
$subject_id Subject to test authorization |
443 |
*********************************************************** |
444 |
Outgoing: |
445 |
1 = authorized to work on this subject |
446 |
0 = non-authorized. |
447 |
*********************************************************** |
448 |
Purpose: |
449 |
A check to ensure whether the current user may access the |
450 |
supplied subject. The following rules apply: |
451 |
|
452 |
(1) DBA's can edit anything. |
453 |
(2) Managers can edit subjects maintained by anyone within their unit, |
454 |
subjects to which they are personally assigned. |
455 |
(3) Any staffperson, regardless of access, may edit subjects to |
456 |
which they are assigned. |
457 |
|
458 |
|
459 |
**********************************************************/ |
460 |
function authSubject($sess_access_level, $sess_staff_id, |
461 |
$subject_id){ |
462 |
|
463 |
/* Access Table Definitions |
464 |
+-----------+--------------+---------+ |
465 |
| access_id | access_level | access | |
466 |
+-----------+--------------+---------+ |
467 |
| 1 | 0 | Denied | |
468 |
| 2 | 10 | Guest | |
469 |
| 3 | 20 | Author | |
470 |
| 4 | 100 | Manager | |
471 |
| 5 | 1000 | DBA | |
472 |
+-----------+--------------+---------+ |
473 |
*/ |
474 |
|
475 |
|
476 |
// Default no authorization |
477 |
$auth_subject = 0; |
478 |
|
479 |
|
480 |
// Scenario: guest access < THE USER < manager access |
481 |
if ($sess_access_level > 10 && $sess_access_level < 100 ) { |
482 |
|
483 |
$sql = "SELECT count(DISTINCT s.subject_id) AS auth_subject FROM |
484 |
subject s |
485 |
LEFT JOIN sub_staff st using (subject_id) |
486 |
WHERE s.subject_id = " |
487 |
. $subject_id |
488 |
. " AND st.staff_id = " |
489 |
. $sess_staff_id; |
490 |
|
491 |
} |
492 |
|
493 |
|
494 |
// User is a manager. |
495 |
else if ($sess_access_level == 100) { |
496 |
|
497 |
|
498 |
// Determine libunit |
499 |
$lu_sql = "SELECT libunit_id FROM libunit |
500 |
WHERE head_staff_id = " |
501 |
. $sess_staff_id; |
502 |
$lu_rs = mysql_tryquery($lu_sql); |
503 |
|
504 |
$lu_string = "ls.libunit_id IN ("; |
505 |
$first_element = 0; |
506 |
|
507 |
// Concatenate the IN clause |
508 |
while ($lu_row = mysql_fetch_array ($lu_rs, MYSQL_ASSOC)) { |
509 |
$libunit_id = $lu_row["libunit_id"]; |
510 |
//printf("libunit id was: %d<BR><BR>", $libunit_id); |
511 |
|
512 |
if ($first_element == 0) { |
513 |
$first_element = 1; |
514 |
$lu_string .= $libunit_id; |
515 |
} |
516 |
else $lu_string .= ", " . $libunit_id; |
517 |
} |
518 |
|
519 |
// Cleanup |
520 |
$lu_string .= ") OR"; |
521 |
|
522 |
// If nothing found, then return a blank string |
523 |
if ($first_element == 0) $lu_string = ""; |
524 |
|
525 |
|
526 |
$sql = "SELECT count(DISTINCT s.subject_id) AS auth_subject FROM |
527 |
subject s |
528 |
LEFT JOIN sub_staff st using (subject_id) |
529 |
LEFT JOIN libunit_staff ls on st.staff_id = ls.staff_id |
530 |
WHERE s.subject_id = " |
531 |
. $subject_id |
532 |
. " AND (" |
533 |
. $lu_string |
534 |
. " st.staff_id = " |
535 |
. $sess_staff_id |
536 |
. ")"; |
537 |
} |
538 |
|
539 |
|
540 |
|
541 |
// DBA. Access everything. |
542 |
else if ($sess_access_level == "1000") { |
543 |
$auth_subject = 1; |
544 |
} |
545 |
|
546 |
// Every other access level. No subjects at all! |
547 |
else { |
548 |
$auth_subject = 0; |
549 |
} |
550 |
|
551 |
// Run the authorized subject query if not DBA level |
552 |
if ($sess_access_level >= 20 && $sess_access_level < 1000) { |
553 |
|
554 |
$rs = mysql_tryquery($sql); |
555 |
$row = mysql_fetch_array ($rs, MYSQL_ASSOC); |
556 |
|
557 |
// Collect the access information |
558 |
$auth_subject = $row["auth_subject"]; |
559 |
} |
560 |
|
561 |
if ($auth_subject > 0) $auth_subject = 1; |
562 |
|
563 |
return $auth_subject; |
564 |
|
565 |
} |
566 |
|
567 |
|
568 |
/********************************************************** |
569 |
Function: dropDownAccountOmit($omit) |
570 |
Author: Paul Bramscher |
571 |
Last Modified: 03.10.2004 |
572 |
*********************************************************** |
573 |
Incoming: |
574 |
$omit String of staff's to omit |
575 |
*********************************************************** |
576 |
Outgoing: |
577 |
None |
578 |
*********************************************************** |
579 |
Purpose: |
580 |
Populates a drop-down box on an HTML form with select |
581 |
statements. $omit limits output. Similar to dropDownStaffOmit, |
582 |
but instead of returning the staff_id as the HTML value, |
583 |
it returns the staff_account. This was done for situations in |
584 |
which a relational tie with the staff table is not desirable |
585 |
after the value is inserted. For example, historical statistics. |
586 |
**********************************************************/ |
587 |
function dropDownAccountOmit($omit){ |
588 |
$sql = "SELECT * from staff " |
589 |
. $omit |
590 |
. " ORDER BY last_name, first_name"; |
591 |
|
592 |
$rs = mysql_tryquery($sql); |
593 |
while ($row = mysql_fetch_array ($rs, MYSQL_ASSOC)) { |
594 |
$last_name = $row["last_name"]; |
595 |
$first_name = $row["first_name"]; |
596 |
$staff_id = $row["staff_id"]; |
597 |
$staff_account = $row["staff_account"]; |
598 |
|
599 |
// Make it look more friendly |
600 |
if ($staff_id == 1) $staff = "(N/A)"; |
601 |
else $staff = $last_name . ", " . $first_name . " (" . $staff_account . ")"; |
602 |
printf("<option value = \"" |
603 |
. $staff_account |
604 |
. "\" >" |
605 |
. $staff |
606 |
. "</option>\n"); |
607 |
}; |
608 |
} |
609 |
|
610 |
|
611 |
/********************************************************** |
612 |
Function: dropDownAuthCourses($sess_access_level, $sess_staff_id) |
613 |
Author: Paul Bramscher |
614 |
Last Modified: 03.02.2004 |
615 |
*********************************************************** |
616 |
Incoming: |
617 |
$sess_access_level Access level of the current user |
618 |
session. |
619 |
$sess_staff_id staff id of the current user |
620 |
*********************************************************** |
621 |
Outgoing: |
622 |
None |
623 |
*********************************************************** |
624 |
Purpose: |
625 |
Identical to dropDownAuthPages, except for a pagetype_id = 3 |
626 |
and extra LEFT JOIN to the course table to fetch the |
627 |
course_concat field as the course title. |
628 |
|
629 |
Populates a drop-down box on an HTML form with select |
630 |
options of CourseScribe pages that the current |
631 |
user has authorization to edit. The following rules apply: |
632 |
|
633 |
(1) DBA's can edit anything. |
634 |
(2) Managers can edit pages created by anyone within their unit. |
635 |
(3) Page coordinators can edit pages they coordinate. |
636 |
(4) Page maintainers may also edit pages they are assigned to. |
637 |
|
638 |
Some scenarios of pages that are NOT editable: |
639 |
|
640 |
(1) The original page creator is no longer the coordinator, |
641 |
not a DBA, and not assigned as a maintainer. S/he can no |
642 |
longer edit the page. |
643 |
(2) You are a unit managager and used to have access to a page |
644 |
coordinated by one of your employees. S/he switches units, |
645 |
and is now under a new manager. The course page can now be |
646 |
accessed by the manager of the new unit and not yourself. |
647 |
|
648 |
etc... |
649 |
|
650 |
**********************************************************/ |
651 |
function dropDownAuthCourses($sess_access_level, $sess_staff_id){ |
652 |
|
653 |
/* Access Table Definitions |
654 |
+-----------+--------------+---------+ |
655 |
| access_id | access_level | access | |
656 |
+-----------+--------------+---------+ |
657 |
| 1 | 0 | Denied | |
658 |
| 2 | 10 | Guest | |
659 |
| 3 | 20 | Author | |
660 |
| 4 | 100 | Manager | |
661 |
| 5 | 1000 | DBA | |
662 |
+-----------+--------------+---------+ |
663 |
*/ |
664 |
|
665 |
|
666 |
// Behave differently based on access level |
667 |
switch ($sess_access_level) { |
668 |
|
669 |
// Author. Start from the page table. |
670 |
case "20" : |
671 |
$page_sql = "SELECT DISTINCT |
672 |
p.page_id, |
673 |
c.course_concat |
674 |
FROM page p |
675 |
LEFT JOIN page_staff ps using (page_id) |
676 |
LEFT JOIN course c on p.page_id = c.page_id |
677 |
WHERE p.pagetype_id = 3 |
678 |
AND |
679 |
(ps.staff_id = " |
680 |
. $sess_staff_id |
681 |
. " OR p.staff_coordinator = " |
682 |
. $sess_staff_id |
683 |
. ") ORDER BY c.course_concat"; |
684 |
break; |
685 |
|
686 |
// Manager. Start from the libunit table, work down to pages |
687 |
case "100" : |
688 |
|
689 |
// Determine libunit |
690 |
$lu_sql = "SELECT libunit_id FROM libunit |
691 |
WHERE head_staff_id = " |
692 |
. $sess_staff_id; |
693 |
$lu_rs = mysql_tryquery($lu_sql); |
694 |
|
695 |
$lu_string = "ls.libunit_id IN ("; |
696 |
$first_element = 0; |
697 |
|
698 |
// Concatenate the IN clause |
699 |
while ($lu_row = mysql_fetch_array ($lu_rs, MYSQL_ASSOC)) { |
700 |
$libunit_id = $lu_row["libunit_id"]; |
701 |
|
702 |
if ($first_element == 0) { |
703 |
$first_element = 1; |
704 |
$lu_string .= $libunit_id; |
705 |
} |
706 |
else $lu_string .= ", " . $libunit_id; |
707 |
} |
708 |
|
709 |
// Cleanup |
710 |
$lu_string .= ") OR"; |
711 |
|
712 |
// If nothing found, then return a blank string |
713 |
if ($first_element == 0) $lu_string = ""; |
714 |
|
715 |
$page_sql = "SELECT DISTINCT |
716 |
p.page_id, |
717 |
c.course_concat |
718 |
FROM page p |
719 |
LEFT JOIN page_staff ps using (page_id) |
720 |
LEFT JOIN course c on p.page_id = c.page_id |
721 |
LEFT JOIN libunit_staff ls on p.staff_coordinator = ls.staff_id |
722 |
WHERE p.pagetype_id = 3 |
723 |
AND (" |
724 |
. $lu_string |
725 |
. " ps.staff_id = " |
726 |
. $sess_staff_id |
727 |
. " OR p.staff_coordinator = " |
728 |
. $sess_staff_id |
729 |
. ") ORDER BY c.course_concat"; |
730 |
break; |
731 |
|
732 |
// DBA. Access everything. |
733 |
case "1000" : |
734 |
dropDownCourses(); |
735 |
break; |
736 |
|
737 |
// Every other access level. No pages at all! |
738 |
default : |
739 |
break; |
740 |
|
741 |
} |
742 |
|
743 |
// Run the authorized page query if not DBA level |
744 |
if ($sess_access_level >= 20 && $sess_access_level < 1000) { |
745 |
|
746 |
$page_rs = mysql_tryquery($page_sql); |
747 |
|
748 |
while ($page_row = mysql_fetch_array ($page_rs, MYSQL_ASSOC)) { |
749 |
|
750 |
// Collect the page information |
751 |
$page_id = $page_row["page_id"]; |
752 |
$course_concat = $page_row["course_concat"]; |
753 |
|
754 |
if (strlen($course_concat) > 45) $course_concat = substr($course_concat, 0, 45) . "..."; |
755 |
|
756 |
// Print the options |
757 |
printf("<option value=\"%d\">%s</option>\n", $page_id, $course_concat); |
758 |
} |
759 |
|
760 |
} |
761 |
|
762 |
} |
763 |
|
764 |
|
765 |
/********************************************************** |
766 |
Function: dropDownAuthPages($sess_access_level, $sess_staff_id) |
767 |
Author: Paul Bramscher |
768 |
Last Modified: 03.02.2004 |
769 |
*********************************************************** |
770 |
Incoming: |
771 |
$sess_access_level Access level of the current user |
772 |
session. |
773 |
$sess_staff_id staff id of the current user |
774 |
*********************************************************** |
775 |
Outgoing: |
776 |
None |
777 |
*********************************************************** |
778 |
Purpose: |
779 |
Populates a drop-down box on an HTML form with select |
780 |
options of PageScribe pages that the current |
781 |
user has authorization to edit. The following rules apply: |
782 |
|
783 |
(1) DBA's can edit anything. |
784 |
(2) Managers can edit pages created by anyone within their unit. |
785 |
(3) Page coordinators can edit pages they coordinate. |
786 |
(4) Page maintainers may also edit pages they are assigned to. |
787 |
|
788 |
Some scenarios of pages that are NOT editable: |
789 |
|
790 |
(1) The original page creator is no longer the coordinator, |
791 |
not a DBA, and not assigned as a maintainer. S/he can no |
792 |
longer edit the page. |
793 |
(2) You are a unit managager and used to have access to a page |
794 |
coordinated by one of your employees. S/he switches units, |
795 |
and is now under a new manager. The page can now be accessed |
796 |
by the manager of the new unit and not yourself. |
797 |
|
798 |
etc... |
799 |
|
800 |
**********************************************************/ |
801 |
function dropDownAuthPages($sess_access_level, $sess_staff_id){ |
802 |
|
803 |
/* Access Table Definitions |
804 |
+-----------+--------------+---------+ |
805 |
| access_id | access_level | access | |
806 |
+-----------+--------------+---------+ |
807 |
| 1 | 0 | Denied | |
808 |
| 2 | 10 | Guest | |
809 |
| 3 | 20 | Author | |
810 |
| 4 | 100 | Manager | |
811 |
| 5 | 1000 | DBA | |
812 |
+-----------+--------------+---------+ |
813 |
*/ |
814 |
|
815 |
|
816 |
// Behave differently based on access level |
817 |
switch ($sess_access_level) { |
818 |
|
819 |
// Editor. Start from the page table. |
820 |
case "20" : |
821 |
$page_sql = "SELECT DISTINCT |
822 |
p.page_id, |
823 |
p.page_title |
824 |
FROM page p |
825 |
LEFT JOIN page_staff ps using (page_id) |
826 |
WHERE p.pagetype_id = 2 |
827 |
AND |
828 |
(ps.staff_id = " |
829 |
. $sess_staff_id |
830 |
. " OR p.staff_coordinator = " |
831 |
. $sess_staff_id |
832 |
. ") ORDER BY p.page_title"; |
833 |
break; |
834 |
|
835 |
// Manager. Start from the libunit table, work down to pages |
836 |
case "100" : |
837 |
|
838 |
// Determine libunit |
839 |
$lu_sql = "SELECT libunit_id FROM libunit |
840 |
WHERE head_staff_id = " |
841 |
. $sess_staff_id; |
842 |
$lu_rs = mysql_tryquery($lu_sql); |
843 |
|
844 |
$lu_string = "ls.libunit_id IN ("; |
845 |
$first_element = 0; |
846 |
|
847 |
// Concatenate the IN clause |
848 |
while ($lu_row = mysql_fetch_array ($lu_rs, MYSQL_ASSOC)) { |
849 |
$libunit_id = $lu_row["libunit_id"]; |
850 |
printf("libunit id was: %d<BR><BR>", $libunit_id); |
851 |
|
852 |
if ($first_element == 0) { |
853 |
$first_element = 1; |
854 |
$lu_string .= $libunit_id; |
855 |
} |
856 |
else $lu_string .= ", " . $libunit_id; |
857 |
} |
858 |
|
859 |
// Cleanup |
860 |
$lu_string .= ") OR"; |
861 |
|
862 |
// If nothing found, then return a blank string |
863 |
if ($first_element == 0) $lu_string = ""; |
864 |
|
865 |
$page_sql = "SELECT DISTINCT |
866 |
p.page_id, |
867 |
p.page_title |
868 |
FROM page p |
869 |
LEFT JOIN page_staff ps using (page_id) |
870 |
LEFT JOIN libunit_staff ls on p.staff_coordinator = ls.staff_id |
871 |
WHERE p.pagetype_id = 2 |
872 |
AND (" |
873 |
. $lu_string |
874 |
. " ps.staff_id = " |
875 |
. $sess_staff_id |
876 |
. " OR p.staff_coordinator = " |
877 |
. $sess_staff_id |
878 |
. ") ORDER BY p.page_title"; |
879 |
break; |
880 |
|
881 |
// DBA. Access everything. |
882 |
case "1000" : |
883 |
dropDownFieldOmit("page", "page_title", "page_id", " WHERE pagetype_id = 2"); |
884 |
break; |
885 |
|
886 |
// Every other access level. No pages at all! |
887 |
default : |
888 |
break; |
889 |
|
890 |
} |
891 |
|
892 |
// Run the authorized page query if not DBA level |
893 |
if ($sess_access_level >= 20 && $sess_access_level < 1000) { |
894 |
|
895 |
$page_rs = mysql_tryquery($page_sql); |
896 |
|
897 |
while ($page_row = mysql_fetch_array ($page_rs, MYSQL_ASSOC)) { |
898 |
|
899 |
// Collect the page information |
900 |
$page_id = $page_row["page_id"]; |
901 |
$page_title = $page_row["page_title"]; |
902 |
|
903 |
if (strlen($page_title) > 39) $page_title = substr($page_title, 0, 39) . "..."; |
904 |
|
905 |
// Print the options |
906 |
printf("<option value=\"%d\">%s</option>\n", $page_id, $page_title); |
907 |
} |
908 |
|
909 |
} |
910 |
|
911 |
} |
912 |
|
913 |
|
914 |
/********************************************************** |
915 |
Function: dropDownAuthSubjects($sess_access_level, $sess_staff_id) |
916 |
Author: Paul Bramscher |
917 |
Last Modified: 03.02.2004 |
918 |
*********************************************************** |
919 |
Incoming: |
920 |
$sess_access_level Access level of the current user |
921 |
session. |
922 |
$sess_staff_id staff id of the current user |
923 |
*********************************************************** |
924 |
Outgoing: |
925 |
None |
926 |
*********************************************************** |
927 |
Purpose: |
928 |
Populates a drop-down box on an HTML form with select |
929 |
options of SubjectBuilder pages that the current |
930 |
user has authorization to edit. The following rules apply: |
931 |
|
932 |
(1) DBA's can edit anything. |
933 |
(2) Managers can edit subjects on behalf of anyone within their unit. |
934 |
(3) Any staffperson can manage subjects to which s/he is assigned. |
935 |
|
936 |
**********************************************************/ |
937 |
function dropDownAuthSubjects($sess_access_level, $sess_staff_id){ |
938 |
|
939 |
/* Access Table Definitions |
940 |
+-----------+--------------+---------+ |
941 |
| access_id | access_level | access | |
942 |
+-----------+--------------+---------+ |
943 |
| 1 | 0 | Denied | |
944 |
| 2 | 10 | Guest | |
945 |
| 3 | 20 | Author | |
946 |
| 4 | 100 | Manager | |
947 |
| 5 | 1000 | DBA | |
948 |
+-----------+--------------+---------+ |
949 |
*/ |
950 |
|
951 |
|
952 |
// Behave differently based on access level |
953 |
switch ($sess_access_level) { |
954 |
|
955 |
// Editor. Start from the subb_staff table. |
956 |
case "20" : |
957 |
$sql = "SELECT |
958 |
s.subject_id, |
959 |
s.subject |
960 |
FROM subject s |
961 |
LEFT JOIN sub_staff ss using (subject_id) |
962 |
WHERE ss.staff_id = " |
963 |
. $sess_staff_id |
964 |
. " ORDER BY s.subject"; |
965 |
break; |
966 |
|
967 |
// Manager. Start from the libunit table, work down to pages |
968 |
case "100" : |
969 |
|
970 |
// Determine libunit |
971 |
$lu_sql = "SELECT libunit_id FROM libunit |
972 |
WHERE head_staff_id = " |
973 |
. $sess_staff_id; |
974 |
$lu_rs = mysql_tryquery($lu_sql); |
975 |
|
976 |
$lu_string = "ls.libunit_id IN ("; |
977 |
$first_element = 0; |
978 |
|
979 |
// Concatenate the IN clause |
980 |
while ($lu_row = mysql_fetch_array ($lu_rs, MYSQL_ASSOC)) { |
981 |
$libunit_id = $lu_row["libunit_id"]; |
982 |
printf("libunit id was: %d<BR><BR>", $libunit_id); |
983 |
|
984 |
if ($first_element == 0) { |
985 |
$first_element = 1; |
986 |
$lu_string .= $libunit_id; |
987 |
} |
988 |
else $lu_string .= ", " . $libunit_id; |
989 |
} |
990 |
|
991 |
// Cleanup |
992 |
$lu_string .= ") OR"; |
993 |
|
994 |
// If nothing found, then return a blank string |
995 |
if ($first_element == 0) $lu_string = ""; |
996 |
|
997 |
$sql = "SELECT DISTINCT |
998 |
s.subject_id, |
999 |
s.subject |
1000 |
FROM subject s |
1001 |
LEFT JOIN sub_staff ss using (subject_id) |
1002 |
LEFT JOIN libunit_staff ls on ss.staff_id = ls.staff_id |
1003 |
WHERE " |
1004 |
. $lu_string |
1005 |
. " ss.staff_id = " |
1006 |
. $sess_staff_id |
1007 |
. " ORDER BY s.subject"; |
1008 |
|
1009 |
break; |
1010 |
|
1011 |
// DBA. Access everything. |
1012 |
case "1000" : |
1013 |
dropDownFieldOmit("subject", "subject", "subject_id", "WHERE SUBJECT_ID > 1"); |
1014 |
break; |
1015 |
|
1016 |
// Every other access level. No pages at all! |
1017 |
default : |
1018 |
break; |
1019 |
|
1020 |
} |
1021 |
|
1022 |
// Run the authorized page query if not DBA level |
1023 |
if ($sess_access_level >= 20 && $sess_access_level < 1000) { |
1024 |
|
1025 |
$rs = mysql_tryquery($sql); |
1026 |
|
1027 |
while ($row = mysql_fetch_array ($rs, MYSQL_ASSOC)) { |
1028 |
|
1029 |
// Collect the page information |
1030 |
$subject_id = $row["subject_id"]; |
1031 |
$subject = $row["subject"]; |
1032 |
|
1033 |
// Print the option |
1034 |
printf("<option value=\"%d\">%s</option>\n", $subject_id, $subject); |
1035 |
} |
1036 |
|
1037 |
} |
1038 |
|
1039 |
} |
1040 |
|
1041 |
|
1042 |
/********************************************************** |
1043 |
Function: dropDownCourses() |
1044 |
Author: Paul Bramscher |
1045 |
Last Modified: 03.10.2004 |
1046 |
*********************************************************** |
1047 |
Incoming: |
1048 |
None |
1049 |
*********************************************************** |
1050 |
Outgoing: |
1051 |
None |
1052 |
*********************************************************** |
1053 |
Purpose: |
1054 |
Populates a drop-down box on an HTML form with courseScribe |
1055 |
courses, listed by course name and designator. |
1056 |
**********************************************************/ |
1057 |
function dropDownCourses() { |
1058 |
|
1059 |
$sql = "SELECT page_id, course_concat |
1060 |
FROM course |
1061 |
ORDER BY course_concat"; |
1062 |
|
1063 |
$rs = mysql_tryquery($sql); |
1064 |
while ($row = mysql_fetch_array ($rs, MYSQL_ASSOC)) { |
1065 |
$page_id = $row["page_id"]; |
1066 |
$course_concat = $row["course_concat"]; |
1067 |
|
1068 |
if (strlen($course_concat) > 45) $course_concat = substr($course_concat, 0, 45) . "..."; |
1069 |
|
1070 |
printf("<option value = \"" |
1071 |
. $page_id |
1072 |
. "\" >" |
1073 |
. $course_concat |
1074 |
. "</option>\n"); |
1075 |
}; |
1076 |
} |
1077 |
|
1078 |
|
1079 |
/********************************************************** |
1080 |
Function: dropDownCoursesubOmit($omit) |
1081 |
Author: Paul Bramscher |
1082 |
Last Modified: 03.02.2004 |
1083 |
*********************************************************** |
1084 |
Incoming: |
1085 |
$omit String of coursesub's to omit |
1086 |
*********************************************************** |
1087 |
Outgoing: |
1088 |
None |
1089 |
*********************************************************** |
1090 |
Purpose: |
1091 |
Populates a drop-down box on an HTML form with select |
1092 |
statements. $omit limits output. |
1093 |
**********************************************************/ |
1094 |
function dropDownCoursesubOmit($omit){ |
1095 |
|
1096 |
$sql = "SELECT |
1097 |
coursesub, |
1098 |
coursesub_descr, |
1099 |
coursesub_id, |
1100 |
cip_code |
1101 |
FROM coursesub " |
1102 |
. $omit |
1103 |
. " ORDER BY coursesub_descr"; |
1104 |
|
1105 |
// Fetch the values |
1106 |
$rs = mysql_tryquery($sql); |
1107 |
while ($row = mysql_fetch_array ($rs, MYSQL_ASSOC)) { |
1108 |
$coursesub = $row["coursesub"]; |
1109 |
$coursesub_id = $row["coursesub_id"]; |
1110 |
$coursesub_descr = $row["coursesub_descr"]; |
1111 |
$cip_code = $row["cip_code"]; |
1112 |
|
1113 |
// Limit length |
1114 |
if (strlen($coursesub_descr) > 30) |
1115 |
$coursesub_descr = substr($coursesub_descr, 0, 30) . "..."; |
1116 |
|
1117 |
printf("<option value = \"%s\">%s | %s [%s]</option>", |
1118 |
$coursesub_id, $coursesub, $coursesub_descr, $cip_code); |
1119 |
} |
1120 |
} |
1121 |
|
1122 |
|
1123 |
/********************************************************** |
1124 |
Function: dropDownCoursesubSelected($limit, $preselected) |
1125 |
Author: Paul Bramscher |
1126 |
Last Modified: 03.02.2004 |
1127 |
*********************************************************** |
1128 |
Incoming: |
1129 |
$limit Additional limit on the box |
1130 |
$preselected Pre-selected course subject |
1131 |
*********************************************************** |
1132 |
Outgoing: |
1133 |
None |
1134 |
*********************************************************** |
1135 |
Purpose: |
1136 |
Populates a drop-down box on an HTML form with select |
1137 |
statements. $limit limits output. |
1138 |
**********************************************************/ |
1139 |
function dropDownCoursesubSelected($limit, $preselected){ |
1140 |
|
1141 |
$sql = "SELECT |
1142 |
coursesub, |
1143 |
coursesub_descr, |
1144 |
coursesub_id, |
1145 |
cip_code |
1146 |
FROM coursesub "; |
1147 |
|
1148 |
// Concatenate a limit if provided |
1149 |
if (strlen($limit) > 0) $sql .= $limit; |
1150 |
|
1151 |
$sql .= " ORDER BY coursesub_descr"; |
1152 |
|
1153 |
// Fetch the values |
1154 |
$rs = mysql_tryquery($sql); |
1155 |
while ($row = mysql_fetch_array ($rs, MYSQL_ASSOC)) { |
1156 |
$coursesub = $row["coursesub"]; |
1157 |
$coursesub_id = $row["coursesub_id"]; |
1158 |
$coursesub_descr = $row["coursesub_descr"]; |
1159 |
$cip_code = $row["cip_code"]; |
1160 |
|
1161 |
// Limit length |
1162 |
if (strlen($coursesub_descr) > 25) |
1163 |
$coursesub_descr = substr($coursesub_descr, 0, 30) . "..."; |
1164 |
|
1165 |
printf("<option value = \"%d\"", $coursesub_id); |
1166 |
if ($coursesub_id == $preselected) printf(" selected "); |
1167 |
printf(">" . $coursesub . " | " . $coursesub_descr . " [" . $cip_code . "]</option>\n"); |
1168 |
|
1169 |
} |
1170 |
} |
1171 |
|
1172 |
|
1173 |
/********************************************************** |
1174 |
Function: dropDownFaculty() |
1175 |
Author: Paul Bramscher |
1176 |
Last Modified: 03.02.2004 |
1177 |
*********************************************************** |
1178 |
Incoming: |
1179 |
None |
1180 |
*********************************************************** |
1181 |
Outgoing: |
1182 |
None |
1183 |
*********************************************************** |
1184 |
Purpose: |
1185 |
Populates a drop-down box on an HTML form with select |
1186 |
options of faculty members. They are displayed and ordered |
1187 |
in the following format: "last name, first name (staff account)". |
1188 |
**********************************************************/ |
1189 |
function dropDownFaculty(){ |
1190 |
// Build the SQL. |
1191 |
$sql = "SELECT * |
1192 |
FROM faculty |
1193 |
ORDER BY faculty_lastname, faculty_firstname, faculty_account"; |
1194 |
$rs = mysql_tryquery($sql); |
1195 |
|
1196 |
while ($row = mysql_fetch_array ($rs, MYSQL_ASSOC)) { |
1197 |
$faculty_id = $row["faculty_id"]; |
1198 |
$faculty_lastname = $row["faculty_lastname"]; |
1199 |
$faculty_firstname = $row["faculty_firstname"]; |
1200 |
$faculty_account = $row["faculty_account"]; |
1201 |
|
1202 |
// Make it look more friendly |
1203 |
if ($faculty_id == 1) $faculty = "(N/A)"; |
1204 |
else { |
1205 |
$faculty = $faculty_lastname . ", " . $faculty_firstname; |
1206 |
if (strlen($faculty_account) > 0) $faculty .= " (" . $faculty_account . ")"; |
1207 |
} |
1208 |
|
1209 |
printf("<option value = \"" |
1210 |
. $faculty_id |
1211 |
. "\" >" |
1212 |
. $faculty |
1213 |
. "</option>\n"); |
1214 |
}; |
1215 |
} |
1216 |
|
1217 |
|
1218 |
/********************************************************** |
1219 |
Function: dropDownFacultyOmit($omit) |
1220 |
Author: Paul Bramscher |
1221 |
Last Modified: 03.10.2004 |
1222 |
*********************************************************** |
1223 |
Incoming: |
1224 |
$omit String of human's to omit |
1225 |
*********************************************************** |
1226 |
Outgoing: |
1227 |
None |
1228 |
*********************************************************** |
1229 |
Purpose: |
1230 |
Populates a drop-down box on an HTML form with select |
1231 |
statements. $omit limits output. |
1232 |
**********************************************************/ |
1233 |
function dropDownFacultyOmit($omit){ |
1234 |
$sql = "SELECT * FROM faculty " |
1235 |
. $omit |
1236 |
. " ORDER BY faculty_lastname, faculty_firstname"; |
1237 |
$rs = mysql_tryquery($sql); |
1238 |
|
1239 |
while ($row = mysql_fetch_array ($rs, MYSQL_ASSOC)) { |
1240 |
$faculty_id = $row["faculty_id"]; |
1241 |
$faculty_lastname = $row["faculty_lastname"]; |
1242 |
$faculty_firstname = $row["faculty_firstname"]; |
1243 |
$faculty_account = $row["faculty_account"]; |
1244 |
|
1245 |
// Make it look more friendly |
1246 |
if ($faculty_id == 1) $faculty = "(N/A)"; |
1247 |
else { |
1248 |
$faculty = $faculty_lastname . ", " . $faculty_firstname; |
1249 |
if (strlen($faculty_account) > 0) $faculty .= " (" . $faculty_account . ")"; |
1250 |
} |
1251 |
|
1252 |
printf("<option value = \"" |
1253 |
. $faculty_id |
1254 |
. "\" >" |
1255 |
. $faculty |
1256 |
. "</option>\n"); |
1257 |
}; |
1258 |
} |
1259 |
|
1260 |
|
1261 |
/********************************************************** |
1262 |
Function: dropDownFacultySelected($limit, $preselected) |
1263 |
Author: Paul Bramscher |
1264 |
Last Modified: 03.02.2004 |
1265 |
*********************************************************** |
1266 |
Incoming: |
1267 |
$limit Any WHERE clause |
1268 |
$preselected Incoming faculty person to preselect |
1269 |
*********************************************************** |
1270 |
Outgoing: |
1271 |
None |
1272 |
*********************************************************** |
1273 |
Purpose: |
1274 |
Populates a drop-down box on an HTML form with select |
1275 |
statements. $omit limits output. |
1276 |
**********************************************************/ |
1277 |
function dropDownFacultySelected($limit, $preselected){ |
1278 |
$sql = "SELECT * FROM faculty " |
1279 |
. $limit |
1280 |
. " ORDER BY faculty_lastname, faculty_firstname"; |
1281 |
$rs = mysql_tryquery($sql); |
1282 |
|
1283 |
while ($row = mysql_fetch_array ($rs, MYSQL_ASSOC)) { |
1284 |
$faculty_id = $row["faculty_id"]; |
1285 |
$faculty_lastname = $row["faculty_lastname"]; |
1286 |
$faculty_firstname = $row["faculty_firstname"]; |
1287 |
$faculty_account = $row["faculty_account"]; |
1288 |
|
1289 |
// Make it look more friendly |
1290 |
if ($faculty_id == 1) $faculty = "(N/A)"; |
1291 |
else { |
1292 |
$faculty = $faculty_lastname . ", " . $faculty_firstname; |
1293 |
} |
1294 |
|
1295 |
printf("<option value = \"%d\"", $faculty_id); |
1296 |
if ($faculty_id == $preselected) printf(" selected "); |
1297 |
printf(">" . $faculty . "</option>\n"); |
1298 |
}; |
1299 |
} |
1300 |
|
1301 |
|
1302 |
/********************************************************** |
1303 |
Function: dropDownField($table, $field_display, |
1304 |
$field_value) |
1305 |
Author: Paul Bramscher |
1306 |
Last Modified: 03.10.2004 |
1307 |
*********************************************************** |
1308 |
Incoming: |
1309 |
$table Table in database to search |
1310 |
$field_display Select displayed to user |
1311 |
$field_value Actual value of the HTML tag |
1312 |
*********************************************************** |
1313 |
Outgoing: |
1314 |
None |
1315 |
*********************************************************** |
1316 |
Purpose: |
1317 |
Populates a drop-down box on an HTML form with select |
1318 |
options. They are ordered by the $field_display field. |
1319 |
Typically, $field_value is the primary key field. |
1320 |
**********************************************************/ |
1321 |
function dropDownField($table, $field_display, $field_value){ |
1322 |
|
1323 |
$sql = "SELECT " |
1324 |
. $field_display |
1325 |
. ", " |
1326 |
. $field_value |
1327 |
. " FROM " |
1328 |
. $table |
1329 |
. " ORDER BY " |
1330 |
. $field_display; |
1331 |
$rs = mysql_tryquery($sql); |
1332 |
|
1333 |
while ($row = mysql_fetch_array ($rs, MYSQL_ASSOC)) { |
1334 |
$field_display_item = $row[$field_display]; |
1335 |
if (strlen($field_display_item) > 40) $field_display_item = substr($field_display_item, 0, 39) . "..."; |
1336 |
$field_value_item = $row[$field_value]; |
1337 |
printf("<option value = \"" |
1338 |
. $field_value_item |
1339 |
. "\" >" |
1340 |
. $field_display_item |
1341 |
. "</option>\n"); |
1342 |
}; |
1343 |
} |
1344 |
|
1345 |
|
1346 |
/********************************************************** |
1347 |
Function: dropDownFieldOmit($table, $field_display, |
1348 |
$field_value, $where) |
1349 |
Author: Paul Bramscher |
1350 |
Last Modified: 03.10.2004 |
1351 |
*********************************************************** |
1352 |
Incoming: |
1353 |
$table Table in database to search |
1354 |
$field_display Select displayed to user |
1355 |
$field_value Actual value of the HTML tag |
1356 |
$where SQL criteria in the list to exlude |
1357 |
*********************************************************** |
1358 |
Outgoing: |
1359 |
None |
1360 |
*********************************************************** |
1361 |
Purpose: |
1362 |
Populates a drop-down box on an HTML form with select |
1363 |
options. They are ordered by the $field_display field. |
1364 |
Typically, $field_value is the primary key field. $where |
1365 |
can be used to filter out results. |
1366 |
**********************************************************/ |
1367 |
function dropDownFieldOmit($table, $field_display, |
1368 |
$field_value, $where){ |
1369 |
|
1370 |
$sql = "SELECT " |
1371 |
. $field_display |
1372 |
. ", " |
1373 |
. $field_value |
1374 |
. " FROM " |
1375 |
. $table |
1376 |
. " " |
1377 |
. $where |
1378 |
. " ORDER BY " |
1379 |
. $field_display; |
1380 |
$rs = mysql_tryquery($sql); |
1381 |
|
1382 |
while ($row = mysql_fetch_array ($rs, MYSQL_ASSOC)) { |
1383 |
$field_display_item = $row[$field_display]; |
1384 |
if (strlen($field_display_item) > 40) $field_display_item = substr($field_display_item, 0, 39) . "..."; |
1385 |
$field_value_item = $row[$field_value]; |
1386 |
printf("<option value = \"" |
1387 |
. $field_value_item |
1388 |
. "\" >" |
1389 |
. $field_display_item |
1390 |
. "</option>\n"); |
1391 |
}; |
1392 |
} |
1393 |
|
1394 |
|
1395 |
/********************************************************** |
1396 |
Function: dropDownFieldSelected($table, $field_display, |
1397 |
$field_value, $limit, $preselected) |
1398 |
Author: Paul Bramscher |
1399 |
Last Modified: 03.02.2004 |
1400 |
*********************************************************** |
1401 |
Incoming: |
1402 |
$table Table in database to search |
1403 |
$field_display Select displayed to user |
1404 |
$field_value Actual value of the HTML tag |
1405 |
$preselected A selected $field_value |
1406 |
$limit A WHERE clause |
1407 |
*********************************************************** |
1408 |
Outgoing: |
1409 |
None |
1410 |
*********************************************************** |
1411 |
Purpose: |
1412 |
Populates a drop-down box on an HTML form with select |
1413 |
options. They are ordered by the $field_display field. |
1414 |
Typically, $field_value is the primary key field. The |
1415 |
parameter $preselected determines which (single) selection |
1416 |
is selected. |
1417 |
**********************************************************/ |
1418 |
function dropDownFieldSelected($table, $field_display, |
1419 |
$field_value, $limit, $preselected){ |
1420 |
|
1421 |
$sql = "SELECT " |
1422 |
. $field_display |
1423 |
. ", " |
1424 |
. $field_value |
1425 |
. " FROM " |
1426 |
. $table |
1427 |
. " " |
1428 |
. $limit |
1429 |
. " ORDER BY " |
1430 |
. $field_display; |
1431 |
$rs = mysql_tryquery($sql); |
1432 |
|
1433 |
while ($row = mysql_fetch_array ($rs, MYSQL_ASSOC)) { |
1434 |
$field_display_item = $row[$field_display]; |
1435 |
$field_value_item = $row[$field_value]; |
1436 |
if (strlen($field_display_item) > 50) $field_display_item = substr($field_display_item, 0, 49) . "..."; |
1437 |
|
1438 |
printf("<option value = \"" . $field_value_item . "\" "); |
1439 |
if ($field_value_item == $preselected) printf (" selected"); |
1440 |
printf(">" . $field_display_item . "</option>\n"); |
1441 |
}; |
1442 |
} |
1443 |
|
1444 |
|
1445 |
/********************************************************** |
1446 |
Function: dropDownInfotype($infotype_id, $subject_id) |
1447 |
Author: Paul Bramscher |
1448 |
Last Modified: 03.02.2004 |
1449 |
*********************************************************** |
1450 |
Incoming: |
1451 |
$subject_id Subject on which to limit the list |
1452 |
*********************************************************** |
1453 |
Outgoing: |
1454 |
None |
1455 |
*********************************************************** |
1456 |
Purpose: |
1457 |
Populates a drop-down box on an HTML form with select |
1458 |
options of information types including general and |
1459 |
master subject-specific. |
1460 |
**********************************************************/ |
1461 |
function dropDownInfotype($infotype_id, $subject_id){ |
1462 |
|
1463 |
// Initialize |
1464 |
$selected_infotype_id = $infotype_id; |
1465 |
|
1466 |
/* |
1467 |
Collect a string of mastersubjects for this subject. |
1468 |
This will be used in a later SQL query to limit list of infotypes based |
1469 |
on subject. |
1470 |
*/ |
1471 |
|
1472 |
$sql = "SELECT sm.mastersubject_id |
1473 |
FROM sub_mastersubject sm |
1474 |
WHERE sm.subject_id = " |
1475 |
. $subject_id; |
1476 |
|
1477 |
// Build the string. Start with the "(N/A)" and the "(ALL)" master subjects. |
1478 |
$masterstring = "(1, 2 "; |
1479 |
|
1480 |
$rs = mysql_tryquery($sql); |
1481 |
while ($row = mysql_fetch_array ($rs, MYSQL_ASSOC)) { |
1482 |
$mastersubject_id = $row["mastersubject_id"]; |
1483 |
$masterstring .= ", " . $mastersubject_id; |
1484 |
} |
1485 |
$masterstring .= ")"; |
1486 |
|
1487 |
// Build the list of infotypes appropriate to all of the mastersubjects found |
1488 |
$sql = "SELECT i.infotype, i.infotype_id, mi.masterinfotype |
1489 |
FROM infotype i, masterinfotype mi |
1490 |
WHERE i.masterinfotype_id = mi.masterinfotype_id |
1491 |
AND i.infotype_id > 0 and mi.masterinfotype_id > 0 |
1492 |
AND i.mastersubject_id IN " . $masterstring . |
1493 |
" ORDER BY mi.masterinfotype"; |
1494 |
$rs = mysql_tryquery($sql); |
1495 |
|
1496 |
while ($row = mysql_fetch_array ($rs, MYSQL_ASSOC)) { |
1497 |
$masterinfotype = $row["masterinfotype"]; |
1498 |
$infotype_id = $row["infotype_id"]; |
1499 |
$infotype = $row["infotype"]; |
1500 |
|
1501 |
// Make it look more friendly |
1502 |
$useroutput = $masterinfotype . " -> " . $infotype; |
1503 |
|
1504 |
printf("<option value = \"%d\"", $infotype_id); |
1505 |
if ($infotype_id == $selected_infotype_id) printf (" selected "); |
1506 |
printf(">" . $useroutput . "</option>\n"); |
1507 |
}; |
1508 |
} |
1509 |
|
1510 |
|
1511 |
/********************************************************** |
1512 |
Function: dropDownPageStaff($page_id) |
1513 |
Author: Paul Bramscher |
1514 |
Last Modified: 03.10.2004 |
1515 |
*********************************************************** |
1516 |
Incoming: |
1517 |
$page_id PageScribe page involved |
1518 |
*********************************************************** |
1519 |
Outgoing: |
1520 |
None |
1521 |
*********************************************************** |
1522 |
Purpose: |
1523 |
Populates a drop-down box on an HTML form with select |
1524 |
options of staff members. They are displayed and ordered |
1525 |
in the following format: "last name, first name (x500id)". |
1526 |
The staff displayed are those associated as PageScribe |
1527 |
maintainers. |
1528 |
**********************************************************/ |
1529 |
function dropDownPageStaff($page_id){ |
1530 |
|
1531 |
// Build the SQL. |
1532 |
$sql = "SELECT s.first_name, s.last_name, s.staff_id, s.staff_account |
1533 |
FROM staff s, page_staff ps |
1534 |
WHERE ps.page_id = " |
1535 |
. $page_id |
1536 |
. " AND s.staff_id > 1 AND ps.staff_id = s.staff_id ORDER BY last_name, first_name, staff_account"; |
1537 |
$rs = mysql_tryquery($sql); |
1538 |
|
1539 |
while ($row = mysql_fetch_array ($rs, MYSQL_ASSOC)) { |
1540 |
$staff_id = $row["staff_id"]; |
1541 |
$last_name = $row["last_name"]; |
1542 |
$first_name = $row["first_name"]; |
1543 |
$staff_account = $row["staff_account"]; |
1544 |
|
1545 |
// Make it look more friendly |
1546 |
$staff = $last_name . ", " . $first_name . " (" . $staff_account . ")"; |
1547 |
printf("<option value = \"" |
1548 |
. $staff_id |
1549 |
. "\" >" |
1550 |
. $staff |
1551 |
. "</option>\n"); |
1552 |
}; |
1553 |
} |
1554 |
|
1555 |
|
1556 |
/********************************************************** |
1557 |
Function: dropDownPageSubject($page_id) |
1558 |
Author: Paul Bramscher |
1559 |
Last Modified: 03.10.2004 |
1560 |
*********************************************************** |
1561 |
Incoming: |
1562 |
$page_id PageScribe page involved |
1563 |
*********************************************************** |
1564 |
Outgoing: |
1565 |
None |
1566 |
*********************************************************** |
1567 |
Purpose: |
1568 |
Populates a drop-down box on an HTML form with select |
1569 |
options of associated RQS subjects for the supplied page id. |
1570 |
**********************************************************/ |
1571 |
function dropDownPageSubject($page_id){ |
1572 |
|
1573 |
// Build the SQL. |
1574 |
$sql = "SELECT s.subject_id, s.subject |
1575 |
FROM subject s, page_subject ps |
1576 |
WHERE ps.page_id = " |
1577 |
. $page_id |
1578 |
. " AND s.subject_id > 1 AND ps.subject_id = s.subject_id ORDER BY s.subject"; |
1579 |
$rs = mysql_tryquery($sql); |
1580 |
|
1581 |
while ($row = mysql_fetch_array ($rs, MYSQL_ASSOC)) { |
1582 |
$subject_id = $row["subject_id"]; |
1583 |
$subject = $row["subject"]; |
1584 |
|
1585 |
printf("<option value = \"" |
1586 |
. $subject_id |
1587 |
. "\" >" |
1588 |
. $subject |
1589 |
. "</option>\n"); |
1590 |
}; |
1591 |
} |
1592 |
|
1593 |
|
1594 |
/********************************************************** |
1595 |
Function: dropDownResource($key_id, $letter, $masterinfotype_id, $feature_id) |
1596 |
Author: Paul Bramscher |
1597 |
Last Modified: 03.02.2004 |
1598 |
*********************************************************** |
1599 |
Incoming: |
1600 |
$key_id "0" for a new resource, otherwise |
1601 |
indicates a pre-selected resource |
1602 |
$limit Starting with letter A-Z or freetext. |
1603 |
$masterinfotype_id To limit by the masterinfotype. |
1604 |
$feature_id To limit by feature id |
1605 |
*********************************************************** |
1606 |
Outgoing: |
1607 |
None |
1608 |
*********************************************************** |
1609 |
Purpose: |
1610 |
Populates an HTML drop-down box of resources in the |
1611 |
following format: ID#:TT:AA. Where ID is the resource |
1612 |
ID#, TT is the first 35 char. of the title, and AA is the |
1613 |
first 35 characters of the author. |
1614 |
|
1615 |
NOTE: Currently only titles are displayed, the author |
1616 |
portion has been commented out. |
1617 |
|
1618 |
If incoming $limit is a single character (a letter), then |
1619 |
the query checks against all titles starting with it. |
1620 |
Otherwise it checks against all titles or annotations |
1621 |
containing that string. |
1622 |
**********************************************************/ |
1623 |
function dropDownResource($key_id, $limit, $masterinfotype_id, $feature_id){ |
1624 |
|
1625 |
// Clean up the limit string |
1626 |
if (strlen($limit) > 0) $limit = textSearchmySQL($limit); |
1627 |
|
1628 |
// Build the query |
1629 |
$sql = "SELECT DISTINCT r.resource_id, r.title, r.author |
1630 |
FROM resource r |
1631 |
LEFT JOIN infotype i using (infotype_id) |
1632 |
LEFT JOIN masterinfotype m on i.masterinfotype_id = m.masterinfotype_id |
1633 |
LEFT JOIN res_feature rf on r.resource_id = rf.resource_id |
1634 |
WHERE r.infotype_id = i.infotype_id AND i.masterinfotype_id = m.masterinfotype_id"; |
1635 |
|
1636 |
// If a single letter, limit to title match |
1637 |
if (strlen($limit) == 1) $sql .= " AND title LIKE '" . $limit . "%'"; |
1638 |
|
1639 |
// If incoming freetext, query title or annotation |
1640 |
if (strlen($limit) > 1) $sql .= " AND ((title LIKE '%" . $limit . "%') OR (annotation LIKE '%" . $limit . "%'))"; |
1641 |
|
1642 |
|
1643 |
// Limit by masterinfotype_id |
1644 |
if ($masterinfotype_id > 0) $sql .= " AND m.masterinfotype_id = " . $masterinfotype_id; |
1645 |
|
1646 |
// Limit by feature |
1647 |
if ($feature_id > 0) $sql .= " AND rf.feature_id = " . $feature_id; |
1648 |
|
1649 |
$sql .=" ORDER BY title, author, resource_id"; |
1650 |
|
1651 |
$rs = mysql_tryquery($sql); |
1652 |
|
1653 |
while ($row = mysql_fetch_array ($rs, MYSQL_ASSOC)) { |
1654 |
$resource_id = $row["resource_id"]; |
1655 |
$title = $row["title"]; |
1656 |
//$author = $row["author"]; |
1657 |
|
1658 |
// Trim and add ellipsis |
1659 |
if (strlen($title) > 65) $title = substr($title, 0, 65) . "..."; |
1660 |
//if (strlen($author) > 35) $author = substr($author, 0, 35) . "..."; |
1661 |
|
1662 |
$display = $title; |
1663 |
//if (strlen($author) > 0) $display .= " | " .$author; |
1664 |
$display .= " | ID: " . $resource_id; |
1665 |
|
1666 |
if ($resource_id == $key_id) $selected = "selected"; |
1667 |
else $selected = ""; |
1668 |
|
1669 |
printf("<option %s value = \"" |
1670 |
. $resource_id |
1671 |
. "\" >" |
1672 |
. $display . "</option>\n", $selected); |
1673 |
}; |
1674 |
} |
1675 |
|
1676 |
|
1677 |
/********************************************************** |
1678 |
Function: dropDownServiceLimit($servicetype_id) |
1679 |
Author: Paul Bramscher |
1680 |
Last Modified: 03.02.2004 |
1681 |
*********************************************************** |
1682 |
Incoming: |
1683 |
$servicetype_id Service type to limit the picklist |
1684 |
*********************************************************** |
1685 |
Outgoing: |
1686 |
None |
1687 |
*********************************************************** |
1688 |
Purpose: |
1689 |
Populates a drop-down box on an HTML form with select |
1690 |
options for library services, limited to a supplied service |
1691 |
type id. |
1692 |
**********************************************************/ |
1693 |
function dropDownServiceLimit($servicetype_id){ |
1694 |
|
1695 |
$sql = "SELECT DISTINCT s.service, s.service_id FROM service s |
1696 |
LEFT JOIN serv_servtype ss using (service_id) |
1697 |
LEFT JOIN servicetype v on ss.servicetype_id = v.servicetype_id |
1698 |
WHERE s.service_id > 1"; |
1699 |
|
1700 |
if ($servicetype_id > 0) { |
1701 |
$sql .= " AND ss.servicetype_id = " |
1702 |
. $servicetype_id; |
1703 |
} |
1704 |
|
1705 |
$sql .= " ORDER BY s.service"; |
1706 |
|
1707 |
$rs = mysql_tryquery($sql); |
1708 |
|
1709 |
while ($row = mysql_fetch_array ($rs, MYSQL_ASSOC)) { |
1710 |
$service = $row["service"]; |
1711 |
$service_id = $row["service_id"]; |
1712 |
if (strlen($service) > 50) $service = substr($service, 0, 49) . "..."; |
1713 |
|
1714 |
printf("<option value=\"%d\">%s</option>\n", $service_id, $service); |
1715 |
}; |
1716 |
} |
1717 |
|
1718 |
|
1719 |
/********************************************************** |
1720 |
Function: dropDownStaff() |
1721 |
Author: Paul Bramscher |
1722 |
Last Modified: 03.10.2004 |
1723 |
*********************************************************** |
1724 |
Incoming: |
1725 |
None |
1726 |
*********************************************************** |
1727 |
Outgoing: |
1728 |
None |
1729 |
*********************************************************** |
1730 |
Purpose: |
1731 |
Populates a drop-down box on an HTML form with select |
1732 |
options of staff members. They are displayed and ordered |
1733 |
in the following format: "last name, first name (x500id)". |
1734 |
**********************************************************/ |
1735 |
function dropDownStaff(){ |
1736 |
|
1737 |
// Build the SQL |
1738 |
$sql = "SELECT * |
1739 |
FROM staff |
1740 |
ORDER BY last_name, first_name, staff_account"; |
1741 |
$rs = mysql_tryquery($sql); |
1742 |
|
1743 |
while ($row = mysql_fetch_array ($rs, MYSQL_ASSOC)) { |
1744 |
$staff_id = $row["staff_id"]; |
1745 |
$last_name = $row["last_name"]; |
1746 |
$first_name = $row["first_name"]; |
1747 |
$staff_account = $row["staff_account"]; |
1748 |
|
1749 |
// Make it look more friendly |
1750 |
if ($staff_id == 1) $staff = "(N/A)"; |
1751 |
else $staff = $last_name . ", " . $first_name . " (" . $staff_account . ")"; |
1752 |
printf("<option value = \"" |
1753 |
. $staff_id |
1754 |
. "\" >" |
1755 |
. $staff |
1756 |
. "</option>\n"); |
1757 |
}; |
1758 |
} |
1759 |
|
1760 |
|
1761 |
/********************************************************** |
1762 |
Function: dropDownStaffOmit($omit) |
1763 |
Author: Paul Bramscher |
1764 |
Last Modified: 03.10.2004 |
1765 |
*********************************************************** |
1766 |
Incoming: |
1767 |
$omit String of staff's to omit |
1768 |
*********************************************************** |
1769 |
Outgoing: |
1770 |
None |
1771 |
*********************************************************** |
1772 |
Purpose: |
1773 |
Populates a drop-down box on an HTML form with select |
1774 |
statements. $omit limits output. |
1775 |
**********************************************************/ |
1776 |
function dropDownStaffOmit($omit){ |
1777 |
|
1778 |
// Build the SQL |
1779 |
$sql = "SELECT * from staff " |
1780 |
. $omit |
1781 |
. " ORDER BY last_name, first_name"; |
1782 |
$rs = mysql_tryquery($sql); |
1783 |
|
1784 |
while ($row = mysql_fetch_array ($rs, MYSQL_ASSOC)) { |
1785 |
$last_name = $row["last_name"]; |
1786 |
$first_name = $row["first_name"]; |
1787 |
$staff_id = $row["staff_id"]; |
1788 |
$staff_account = $row["staff_account"]; |
1789 |
|
1790 |
// Make it look more friendly |
1791 |
if ($staff_id == 1) $staff = "(N/A)"; |
1792 |
else $staff = $last_name . ", " . $first_name . " (" . $staff_account . ")"; |
1793 |
printf("<option value = \"" |
1794 |
. $staff_id |
1795 |
. "\" >" |
1796 |
. $staff |
1797 |
. "</option>\n"); |
1798 |
}; |
1799 |
} |
1800 |
|
1801 |
|
1802 |
/********************************************************** |
1803 |
Function: dropDownStaffSelected($selected_id) |
1804 |
Author: Paul Bramscher |
1805 |
Last Modified: 03.10.2004 |
1806 |
*********************************************************** |
1807 |
Incoming: |
1808 |
$selected_id Selected staff id |
1809 |
*********************************************************** |
1810 |
Outgoing: |
1811 |
None |
1812 |
*********************************************************** |
1813 |
Purpose: |
1814 |
Populates a drop-down box on an HTML form with select |
1815 |
statements. Selected id represents the preselected staff. |
1816 |
**********************************************************/ |
1817 |
function dropDownStaffSelected($selected_id){ |
1818 |
|
1819 |
// Build the SQL |
1820 |
$sql = "SELECT * from staff WHERE staff_id > 1 ORDER BY last_name, first_name"; |
1821 |
$rs = mysql_tryquery($sql); |
1822 |
|
1823 |
while ($row = mysql_fetch_array ($rs, MYSQL_ASSOC)) { |
1824 |
$last_name = $row["last_name"]; |
1825 |
$first_name = $row["first_name"]; |
1826 |
$staff_id = $row["staff_id"]; |
1827 |
printf("<option value = \"" . $staff_id . "\" "); |
1828 |
if ($staff_id == $selected_id) printf (" selected"); |
1829 |
printf(">" . $last_name . ", " . $first_name . "</option>\n"); |
1830 |
}; |
1831 |
} |
1832 |
|
1833 |
|
1834 |
/********************************************************** |
1835 |
Function: existsFaculty |
1836 |
Author: Paul Bramscher |
1837 |
Last Modified: 03.02.2004 |
1838 |
*********************************************************** |
1839 |
Incoming: |
1840 |
$faculty_firstname Faculty first name |
1841 |
$faculty_lastname Faculty last name |
1842 |
*********************************************************** |
1843 |
Outgoing: |
1844 |
"1" if a match exists, "0" if not |
1845 |
*********************************************************** |
1846 |
Purpose: |
1847 |
This function checks to see whether a match against the |
1848 |
supplied faculty first and last name already exists. |
1849 |
**********************************************************/ |
1850 |
function existsFaculty($faculty_firstname, $faculty_lastname){ |
1851 |
|
1852 |
// Build the sql |
1853 |
$faculty_firstname = textInmySQL($faculty_firstname); |
1854 |
$faculty_lastname = textInmySQL($faculty_lastname); |
1855 |
|
1856 |
$sql = "SELECT * FROM faculty WHERE faculty_firstname = '" |
1857 |
. $faculty_firstname |
1858 |
. "' AND faculty_lastname = '" |
1859 |
. $faculty_lastname |
1860 |
. "'"; |
1861 |
|
1862 |
$faculty_id = 0; |
1863 |
$rs = mysql_tryquery($sql); |
1864 |
|
1865 |
// Concatenate the NOT IN clause |
1866 |
while ($row = mysql_fetch_array ($rs, MYSQL_ASSOC)) { |
1867 |
if ($faculty_id == 0) $faculty_id = $row["faculty_id"]; |
1868 |
} |
1869 |
|
1870 |
return $faculty_id; |
1871 |
} |
1872 |
|
1873 |
|
1874 |
/********************************************************** |
1875 |
Function: existsResSub |
1876 |
Author: Paul Bramscher |
1877 |
Last Modified: 03.02.2004 |
1878 |
*********************************************************** |
1879 |
Incoming: |
1880 |
$resource_id Record ID |
1881 |
$subject_id Subject ID |
1882 |
*********************************************************** |
1883 |
Outgoing: |
1884 |
"1" if an association already exists, "0" if not |
1885 |
*********************************************************** |
1886 |
Purpose: |
1887 |
This function checks to see whether a resource has already |
1888 |
been attached to a given subject id. |
1889 |
**********************************************************/ |
1890 |
function existsResSub($resource_id, $subject_id){ |
1891 |
|
1892 |
// Build the sql |
1893 |
$sql = "SELECT * FROM res_sub_infotype WHERE resource_id = " |
1894 |
. $resource_id |
1895 |
. " AND subject_id = " |
1896 |
. $subject_id; |
1897 |
|
1898 |
$rs = mysql_tryquery($sql); |
1899 |
$rowcount = mysql_num_rows($rs); |
1900 |
if ($rowcount >= 1){ |
1901 |
$rowcount = 1; |
1902 |
} |
1903 |
else $rowcount = 0; |
1904 |
|
1905 |
return $rowcount; |
1906 |
} |
1907 |
|
1908 |
|
1909 |
/********************************************************** |
1910 |
Function: existsResSubNA |
1911 |
Author: Paul Bramscher |
1912 |
Last Modified: 03.02.2004 |
1913 |
*********************************************************** |
1914 |
Incoming: |
1915 |
$resource_id Record ID |
1916 |
$subject_id Subject ID |
1917 |
*********************************************************** |
1918 |
Outgoing: |
1919 |
"1" if an association already exists, "0" if not |
1920 |
*********************************************************** |
1921 |
Purpose: |
1922 |
This function is similar to existsResSub, but with checks |
1923 |
specifically to see whether the (N/A) type information type |
1924 |
is currently assigned to the resource-subject combination. |
1925 |
**********************************************************/ |
1926 |
function existsResSubNA($resource_id, $subject_id){ |
1927 |
|
1928 |
// Build the sql |
1929 |
$sql = "SELECT * FROM res_sub_infotype WHERE resource_id = " |
1930 |
. $resource_id |
1931 |
. " AND subject_id = " |
1932 |
. $subject_id |
1933 |
. " AND infotype_id = 1"; |
1934 |
|
1935 |
$rs = mysql_tryquery($sql); |
1936 |
$rowcount = mysql_num_rows($rs); |
1937 |
if ($rowcount == 1){ |
1938 |
$rowcount = 1; |
1939 |
} |
1940 |
else $rowcount = 0; |
1941 |
|
1942 |
return $rowcount; |
1943 |
} |
1944 |
|
1945 |
|
1946 |
/********************************************************** |
1947 |
Function: existsResSubNOTNA |
1948 |
Author: Paul Bramscher |
1949 |
Last Modified: 03.02.2004 |
1950 |
*********************************************************** |
1951 |
Incoming: |
1952 |
$resource_id Record ID |
1953 |
$subject_id Subject ID |
1954 |
*********************************************************** |
1955 |
Outgoing: |
1956 |
"1" if an association already exists, "0" if not |
1957 |
*********************************************************** |
1958 |
Purpose: |
1959 |
This function is similar to existsResSubNA, but it checks to |
1960 |
see if the combination of resource/subject appears in the |
1961 |
res_sub_infotype table under a heading other than N/A for |
1962 |
the infotype. |
1963 |
**********************************************************/ |
1964 |
function existsResSubNOTNA($resource_id, $subject_id){ |
1965 |
|
1966 |
// Build the sql |
1967 |
$sql = "SELECT * FROM res_sub_infotype WHERE resource_id = " |
1968 |
. $resource_id |
1969 |
. " AND subject_id = " |
1970 |
. $subject_id |
1971 |
. " AND infotype_id <> 1"; |
1972 |
|
1973 |
$rs = mysql_tryquery($sql); |
1974 |
$rowcount = mysql_num_rows($rs); |
1975 |
if ($rowcount == 1){ |
1976 |
$rowcount = 1; |
1977 |
} |
1978 |
else $rowcount = 0; |
1979 |
|
1980 |
return $rowcount; |
1981 |
} |
1982 |
|
1983 |
|
1984 |
/********************************************************** |
1985 |
Function: existsRow |
1986 |
Author: Paul Bramscher |
1987 |
Last Modified: 03.02.2004 |
1988 |
*********************************************************** |
1989 |
Incoming: |
1990 |
$table Table to search |
1991 |
$key_field Field against which to search |
1992 |
$key_id Limit for the where clause |
1993 |
*********************************************************** |
1994 |
Outgoing: |
1995 |
"1" if the row exists, "0" if not |
1996 |
*********************************************************** |
1997 |
Purpose: |
1998 |
Useful in performing delete and other operations to make |
1999 |
sure that a row entity exists matching the supplied key |
2000 |
before going any further. |
2001 |
**********************************************************/ |
2002 |
function existsRow($table, $key_field, $limit_id){ |
2003 |
// Cast as integer to avoid future problems |
2004 |
$limit_id = (int) $limit_id; |
2005 |
|
2006 |
// Build the sql |
2007 |
$sql = "SELECT " |
2008 |
. $key_field |
2009 |
. " FROM " |
2010 |
. $table |
2011 |
. " WHERE " |
2012 |
. $key_field |
2013 |
. "=" |
2014 |
. $limit_id; |
2015 |
|
2016 |
$rs = mysql_tryquery($sql); |
2017 |
$rowcount = mysql_num_rows($rs); |
2018 |
if ($rowcount >= 1){ |
2019 |
$rowcount = 1; |
2020 |
} |
2021 |
else $rowcount = 0; |
2022 |
|
2023 |
return $rowcount; |
2024 |
} |
2025 |
|
2026 |
|
2027 |
/********************************************************** |
2028 |
Function: getNotIn |
2029 |
Author: Paul Bramscher |
2030 |
Last Modified: 03.02.2004 |
2031 |
*********************************************************** |
2032 |
Incoming: |
2033 |
$in_field Name of ID field to return |
2034 |
$static_field Name of the "other" ID field in the |
2035 |
bridging table |
2036 |
$static_value Value for the other ID field to |
2037 |
limit by |
2038 |
$table Bridging table involved |
2039 |
*********************************************************** |
2040 |
Outgoing: |
2041 |
$in_string Concatenated string of $in_field |
2042 |
ID's to be excluded from a drop-down |
2043 |
box. |
2044 |
*********************************************************** |
2045 |
Purpose: |
2046 |
This applies to a bridging table with a dual primary key. |
2047 |
For example, in the res_loc table, produce a list of all |
2048 |
location_id's associated with a particular resource_id. |
2049 |
This list is comma-separated and returned to an |
2050 |
assignment-type form in which drop-down boxes of the |
2051 |
current selections are displayed alongside remaining |
2052 |
selections. The remaining (available) selections need to |
2053 |
exclude the current ones. Thus, this function builds the |
2054 |
NOT IN portion of the SQL WHERE clause. |
2055 |
**********************************************************/ |
2056 |
function getNotIn($in_field, $static_field, |
2057 |
$static_value, $table) { |
2058 |
|
2059 |
// Initialze |
2060 |
$in_string = "("; |
2061 |
$first_element = 0; |
2062 |
|
2063 |
// Build the sql |
2064 |
$sql = "SELECT " |
2065 |
. $in_field |
2066 |
. " FROM " |
2067 |
. $table |
2068 |
. " WHERE " |
2069 |
. $static_field |
2070 |
. " = " |
2071 |
. $static_value; |
2072 |
|
2073 |
$rs = mysql_tryquery($sql); |
2074 |
|
2075 |
// Concatenate the NOT IN clause |
2076 |
while ($row = mysql_fetch_array ($rs, MYSQL_ASSOC)) { |
2077 |
$in_element = $row[$in_field]; |
2078 |
|
2079 |
if ($first_element == 0) { |
2080 |
$first_element = 1; |
2081 |
$in_string .= "'" . $in_element . "'"; |
2082 |
} |
2083 |
else $in_string .= ", '" . $in_element . "'"; |
2084 |
} |
2085 |
|
2086 |
// Cleanup |
2087 |
$in_string .= ")"; |
2088 |
|
2089 |
// If nothing found, then return a blank string |
2090 |
if ($first_element == 0) $in_string = ""; |
2091 |
|
2092 |
// Done, return to calling function |
2093 |
return $in_string; |
2094 |
} |
2095 |
|
2096 |
|
2097 |
/********************************************************** |
2098 |
Function: lookupFaculty($faculty_id) |
2099 |
Author: Paul Bramscher |
2100 |
Last Modified: 03.02.2004 |
2101 |
*********************************************************** |
2102 |
Incoming: |
2103 |
$faculty_id Faculty ID number to retrieve |
2104 |
*********************************************************** |
2105 |
Outgoing: |
2106 |
Faculty name in {First Name} {Last Name} format. |
2107 |
*********************************************************** |
2108 |
Purpose: |
2109 |
Performs a lookup on faculty ID to retrieve name. |
2110 |
**********************************************************/ |
2111 |
function lookupFaculty($faculty_id){ |
2112 |
|
2113 |
$sql = "SELECT faculty_firstname, faculty_lastname FROM faculty WHERE faculty_id = " |
2114 |
. $faculty_id; |
2115 |
$rs = mysql_tryquery($sql); |
2116 |
$row = mysql_fetch_array ($rs, MYSQL_ASSOC); |
2117 |
$faculty_lastname = $row["faculty_lastname"]; |
2118 |
$faculty_firstname = $row["faculty_firstname"]; |
2119 |
|
2120 |
$faculty_name .= $faculty_firstname . " " . $faculty_lastname; |
2121 |
|
2122 |
return $faculty_name; |
2123 |
} |
2124 |
|
2125 |
|
2126 |
/********************************************************** |
2127 |
Function: lookupField($table, $key_field, $key_value, |
2128 |
$desc_field) |
2129 |
Author: Paul Bramscher |
2130 |
Last Modified: 03.02.2004 |
2131 |
*********************************************************** |
2132 |
Incoming: |
2133 |
$table Table in database to search |
2134 |
$key_field Name of field on which to lookup |
2135 |
$key_value Value to attempt lookup with |
2136 |
$desc_field Descriptive value to return |
2137 |
*********************************************************** |
2138 |
Outgoing: |
2139 |
A descriptive name for an ID number. |
2140 |
*********************************************************** |
2141 |
Purpose: |
2142 |
Performs a lookup, typically on an ID field, to retrieve a |
2143 |
user-friendly descriptive name to the page. |
2144 |
**********************************************************/ |
2145 |
function lookupField($table, $key_field, $key_value, |
2146 |
$desc_field){ |
2147 |
|
2148 |
$sql = "SELECT " |
2149 |
. $desc_field |
2150 |
. " FROM " |
2151 |
. $table |
2152 |
. " WHERE " |
2153 |
. $key_field |
2154 |
. "='" |
2155 |
. $key_value |
2156 |
. "'"; |
2157 |
$rs = mysql_tryquery($sql); |
2158 |
$row = mysql_fetch_array ($rs, MYSQL_ASSOC); |
2159 |
if (mysql_num_rows($rs) == 1) $result = $row[$desc_field]; |
2160 |
else $result = ""; |
2161 |
|
2162 |
return $result; |
2163 |
} |
2164 |
|
2165 |
|
2166 |
/********************************************************** |
2167 |
Function: lookupStaff($staff_id) |
2168 |
Author: Paul Bramscher |
2169 |
Last Modified: 03.10.2004 |
2170 |
*********************************************************** |
2171 |
Incoming: |
2172 |
$staff_id Staff ID number to retrieve |
2173 |
*********************************************************** |
2174 |
Outgoing: |
2175 |
Staff name in {First Name} {Last Name} format. |
2176 |
*********************************************************** |
2177 |
Purpose: |
2178 |
Performs a lookup on staff ID to retrieve name. |
2179 |
**********************************************************/ |
2180 |
function lookupStaff($staff_id){ |
2181 |
|
2182 |
$sql = "SELECT first_name, last_name FROM staff WHERE staff_id = " |
2183 |
. $staff_id; |
2184 |
$rs = mysql_tryquery($sql); |
2185 |
$row = mysql_fetch_array ($rs, MYSQL_ASSOC); |
2186 |
$last_name = $row["last_name"]; |
2187 |
$first_name = $row["first_name"]; |
2188 |
|
2189 |
$staff_name .= $first_name . " " . $last_name; |
2190 |
|
2191 |
return $staff_name; |
2192 |
} |
2193 |
|
2194 |
|
2195 |
/********************************************************** |
2196 |
Function: msgTableClose() |
2197 |
Author: Paul Bramscher |
2198 |
Last Modified: 03.15.2004 |
2199 |
*********************************************************** |
2200 |
Incoming: |
2201 |
None |
2202 |
*********************************************************** |
2203 |
Outgoing: |
2204 |
None |
2205 |
*********************************************************** |
2206 |
Purpose: |
2207 |
Closes the message box table. |
2208 |
**********************************************************/ |
2209 |
function msgTableClose () { |
2210 |
|
2211 |
printf("</td></tr></table>\n"); |
2212 |
printf("</center>\n"); |
2213 |
|
2214 |
} |
2215 |
|
2216 |
|
2217 |
/********************************************************** |
2218 |
Function: msgTableOpen ($colspan, $header) |
2219 |
Author: Paul Bramscher |
2220 |
Last Modified: 03.15.2004 |
2221 |
*********************************************************** |
2222 |
Incoming: |
2223 |
$colspan Columns to span the first |
2224 |
row. |
2225 |
$header Message to appear in the |
2226 |
first table header row. |
2227 |
*********************************************************** |
2228 |
Outgoing: |
2229 |
None |
2230 |
*********************************************************** |
2231 |
Purpose: |
2232 |
Starts the drawing of a message box table. |
2233 |
**********************************************************/ |
2234 |
function msgTableOpen ($colspan, $header) { |
2235 |
|
2236 |
// Table |
2237 |
printf("<center>\n"); |
2238 |
printf("<table width=\"50%%\" class=\"backLight\" border=\"1\" cellpadding=\"4\">\n"); |
2239 |
|
2240 |
// Row header |
2241 |
printf("<tr><td class=\"cellPlain\" colspan=\"%d\" >\n", $colspan); |
2242 |
printf("%s", $header); |
2243 |
printf("</td></tr>\n"); |
2244 |
|
2245 |
// Initial cell |
2246 |
printf("<tr><td>\n"); |
2247 |
} |
2248 |
|
2249 |
|
2250 |
/********************************************************** |
2251 |
Function: recordCount($table, $limit_field, |
2252 |
$limit_where, $type) |
2253 |
Author: Paul Bramscher |
2254 |
Last Modified: 03.02.2004 |
2255 |
*********************************************************** |
2256 |
Incoming: |
2257 |
$table Table in database to query |
2258 |
$limit_field Field to limit |
2259 |
$limit_where Criteria upon which to limit |
2260 |
$type "N" for numeric or "C" for character |
2261 |
*********************************************************** |
2262 |
Outgoing: |
2263 |
None |
2264 |
*********************************************************** |
2265 |
Purpose: |
2266 |
This function is typically used in conjunction with a |
2267 |
printf statement elsewhere "This operation affects |
2268 |
N record(s). Do you wish to proceed?" This function |
2269 |
returns a value for N. |
2270 |
**********************************************************/ |
2271 |
function recordCount($table, $limit_field, |
2272 |
$limit_where, $type) { |
2273 |
|
2274 |
// Guard against single quotes |
2275 |
$limit_where = addslashes($limit_where); |
2276 |
|
2277 |
$sql = "SELECT " |
2278 |
. $limit_field |
2279 |
. " FROM " |
2280 |
. $table |
2281 |
. " WHERE " |
2282 |
. $limit_field |
2283 |
. "="; |
2284 |
|
2285 |
// If the field is numeric |
2286 |
if ($type == "N") { |
2287 |
$sql .= $limit_where; |
2288 |
} |
2289 |
|
2290 |
// If character, use single-quotes |
2291 |
else { |
2292 |
$sql .= "'" |
2293 |
.$limit_where |
2294 |
. "'"; |
2295 |
} |
2296 |
|
2297 |
// Open the query and take a row count |
2298 |
$rs = mysql_tryquery($sql); |
2299 |
$count = mysql_num_rows($rs); |
2300 |
|
2301 |
return $count; |
2302 |
} |
2303 |
|
2304 |
|
2305 |
/********************************************************** |
2306 |
Function: selectCoursesub($limit) |
2307 |
Author: Paul Bramscher |
2308 |
Last Modified: 03.10.2004 |
2309 |
*********************************************************** |
2310 |
Incoming: |
2311 |
$limit String to limit the results by |
2312 |
*********************************************************** |
2313 |
Outgoing: |
2314 |
None |
2315 |
*********************************************************** |
2316 |
Purpose: |
2317 |
Draws a table with all course subjects for basic |
2318 |
command add/edit/ delete selection. |
2319 |
**********************************************************/ |
2320 |
function selectCoursesub($limit){ |
2321 |
|
2322 |
printf("<table width=\"90%%\" border = \"1\" cellpadding = \"2\" >\n"); |
2323 |
printf("<tr>\n"); |
2324 |
printf("<td class = \"cellPlain\">ID</td>\n"); |
2325 |
printf("<td class = \"cellPlain\">Subject</td>\n"); |
2326 |
printf("<td class = \"cellPlain\">Subject Description</td>\n"); |
2327 |
printf("<td class = \"cellPlain\">Campus</td>\n"); |
2328 |
printf("<td class = \"cellPlain\">CIP Code</td>\n"); |
2329 |
printf("<td class = \"cellPlain\">Select</td>\n"); |
2330 |
printf("</tr>"); |
2331 |
|
2332 |
// Build the sql |
2333 |
$sql = "SELECT |
2334 |
c.coursesub_id, |
2335 |
c.coursesub, |
2336 |
c.coursesub_descr, |
2337 |
c.cip_code, |
2338 |
p.campus |
2339 |
FROM |
2340 |
coursesub c |
2341 |
LEFT JOIN campus p on c.campus_id = p.campus_id |
2342 |
WHERE coursesub_id > 1"; |
2343 |
|
2344 |
if (strlen($limit) > 0 && $limit != "*") { |
2345 |
|
2346 |
$limit = textSearchmySQL($limit); |
2347 |
|
2348 |
$sql .= " AND (coursesub LIKE '%" |
2349 |
. $limit |
2350 |
. "%' OR coursesub_descr LIKE '%" |
2351 |
. $limit |
2352 |
. "%')"; |
2353 |
|
2354 |
} |
2355 |
|
2356 |
// Order the display |
2357 |
$sql .= " ORDER BY coursesub_descr"; |
2358 |
|
2359 |
$rs = mysql_tryquery($sql); |
2360 |
|
2361 |
// Initialize row counter |
2362 |
$rowcount = 0; |
2363 |
|
2364 |
while ($row = mysql_fetch_array ($rs, MYSQL_ASSOC)) { |
2365 |
$coursesub_id = $row["coursesub_id"]; |
2366 |
$coursesub = Trim($row["coursesub"]); |
2367 |
$coursesub_descr = Trim($row["coursesub_descr"]); |
2368 |
$campus = Trim($row["campus"]); |
2369 |
$cip_code = Trim($row["cip_code"]); |
2370 |
|
2371 |
// Make every other row colored |
2372 |
if ($rowcount % 2 == 0) $color = " class=\"backLight\" "; |
2373 |
else $color = ""; |
2374 |
|
2375 |
printf("<tr>"); |
2376 |
|
2377 |
printf("<td %s>%d</td>\n", $color, $coursesub_id); |
2378 |
printf("<td %s>%s</td>\n", $color, $coursesub); |
2379 |
printf("<td %s>%s</td>\n", $color, $coursesub_descr); |
2380 |
printf("<td %s>%s</td>\n", $color, $campus); |
2381 |
printf("<td %s>%s</td>\n", $color, $cip_code); |
2382 |
|
2383 |
printf("<td %s> <input type = \"Radio\" name = \"coursesub_id\" value =\"%d\" > </td>\n", $color, $coursesub_id); |
2384 |
|
2385 |
printf("</tr>\n"); |
2386 |
|
2387 |
$rowcount++; |
2388 |
}; |
2389 |
printf("</table>\n"); |
2390 |
} |
2391 |
|
2392 |
|
2393 |
/********************************************************** |
2394 |
Function: selectFaculty() |
2395 |
Author: Paul Bramscher |
2396 |
Last Modified: 03.10.2004 |
2397 |
*********************************************************** |
2398 |
Incoming: |
2399 |
None |
2400 |
*********************************************************** |
2401 |
Outgoing: |
2402 |
None |
2403 |
*********************************************************** |
2404 |
Purpose: |
2405 |
Draws a table with all faculty for basic command add/edit/ |
2406 |
delete selection. |
2407 |
**********************************************************/ |
2408 |
function selectFaculty(){ |
2409 |
|
2410 |
printf("<table width=\"90%%\" border = \"1\" cellpadding = \"2\" >\n"); |
2411 |
printf("<tr>\n"); |
2412 |
printf("<td class = \"cellPlain\">ID</td>\n"); |
2413 |
printf("<td class = \"cellPlain\">Faculty name</td>\n"); |
2414 |
printf("<td class = \"cellPlain\">Account</td>\n"); |
2415 |
printf("<td class = \"cellPlain\">Email</td>\n"); |
2416 |
printf("<td class = \"cellPlain\">Select</td>\n"); |
2417 |
printf("</tr>"); |
2418 |
|
2419 |
// Build the sql |
2420 |
$sql = "SELECT |
2421 |
f.faculty_id, |
2422 |
f.faculty_firstname, |
2423 |
f.faculty_lastname, |
2424 |
f.faculty_account, |
2425 |
f.faculty_email |
2426 |
FROM |
2427 |
faculty f |
2428 |
WHERE faculty_id > 1"; |
2429 |
|
2430 |
// Order the display |
2431 |
$sql .= " ORDER BY faculty_lastname, faculty_firstname"; |
2432 |
|
2433 |
$rs = mysql_tryquery($sql); |
2434 |
|
2435 |
// Row counter |
2436 |
$rowcount = 0; |
2437 |
|
2438 |
while ($row = mysql_fetch_array ($rs, MYSQL_ASSOC)) { |
2439 |
$faculty_id = $row["faculty_id"]; |
2440 |
$faculty_firstname = Trim($row["faculty_firstname"]); |
2441 |
$faculty_lastname = Trim($row["faculty_lastname"]); |
2442 |
$faculty_account = $row["faculty_account"]; |
2443 |
$faculty_email = $row["faculty_email"]; |
2444 |
|
2445 |
// For display purposes |
2446 |
if (strlen($faculty_account) < 1) $faculty_account = " "; |
2447 |
if (strlen($faculty_email) < 1) $faculty_email = " "; |
2448 |
|
2449 |
// Make every other row colored |
2450 |
if ($rowcount % 2 == 0) $color = " class=\"backLight\" "; |
2451 |
else $color = ""; |
2452 |
|
2453 |
printf("<tr>"); |
2454 |
|
2455 |
printf("<td %s>%d</td>\n", $color, $faculty_id); |
2456 |
printf("<td %s>%s, %s</td>\n", $color, $faculty_lastname, $faculty_firstname); |
2457 |
printf("<td %s>%s</td>\n", $color, $faculty_account); |
2458 |
printf("<td %s>%s</td>\n", $color, $faculty_email); |
2459 |
|
2460 |
printf("<td %s> <input type = \"Radio\" name = \"faculty_id\" value =\"%d\" > </td>\n", $color, $faculty_id); |
2461 |
|
2462 |
printf("</tr>\n"); |
2463 |
|
2464 |
$rowcount++; |
2465 |
}; |
2466 |
printf("</table>\n"); |
2467 |
} |
2468 |
|
2469 |
|
2470 |
/********************************************************** |
2471 |
Function: selectKey($display, $display_field, |
2472 |
$key_field, $limit, $table) |
2473 |
Author: Paul Bramscher |
2474 |
Last Modified: 03.10.2004 |
2475 |
*********************************************************** |
2476 |
Incoming: |
2477 |
$display A form header to display to user |
2478 |
$display_field Meaningful field in the table to display |
2479 |
$key_field The table primary key (no composites) |
2480 |
$table Table in database to search |
2481 |
$limit Field to limit $field_display by |
2482 |
*********************************************************** |
2483 |
Outgoing: |
2484 |
None |
2485 |
*********************************************************** |
2486 |
Purpose: |
2487 |
Does a simple text dump to show descriptive values and |
2488 |
their associated primary keys in a small table. If |
2489 |
$limit is defined, then limit the result set to display |
2490 |
only $display_field which matches a like cause. Each |
2491 |
result is indicated by a radio button named key_id to be |
2492 |
used in a form to select one of them for further |
2493 |
processing (editing, deleting, etc). |
2494 |
|
2495 |
Note that the pick-list filters out the primary key #1, |
2496 |
(N/A) rows which are present in many tables as system |
2497 |
placeholders. |
2498 |
**********************************************************/ |
2499 |
function selectKey($display, $display_field, |
2500 |
$key_field, $limit, $table){ |
2501 |
|
2502 |
$sql = "SELECT " |
2503 |
. $display_field |
2504 |
. ", " |
2505 |
. $key_field |
2506 |
. " FROM " |
2507 |
. $table |
2508 |
. " WHERE (" |
2509 |
. $key_field |
2510 |
. " != 1 AND " |
2511 |
. $display_field |
2512 |
. " != '(N/A)')"; |
2513 |
|
2514 |
if (strlen($limit) > 0){ |
2515 |
|
2516 |
// Attach a limit unless "*" is indicated |
2517 |
if ($limit != "*") { |
2518 |
$sql .= " AND " |
2519 |
. $display_field |
2520 |
. " LIKE '%" |
2521 |
. $limit |
2522 |
. "%'"; |
2523 |
|
2524 |
} |
2525 |
|
2526 |
|
2527 |
// Order the display |
2528 |
$sql .= " ORDER BY " . $display_field; |
2529 |
|
2530 |
$rs = mysql_tryquery($sql); |
2531 |
|
2532 |
printf("<table width=\"60%%\" border = \"1\" >\n"); |
2533 |
printf("<tr><td class=\"cellPlain\">Description</td>\n"); |
2534 |
printf("<td class=\"cellPlain\">Select</td></tr>\n"); |
2535 |
|
2536 |
$rowcount = 0; |
2537 |
|
2538 |
while ($row = mysql_fetch_array ($rs, MYSQL_ASSOC)) { |
2539 |
$field_display_item = $row[$display_field]; |
2540 |
$field_value_item = (int) Trim($row[$key_field]); |
2541 |
|
2542 |
// Make every other row colored |
2543 |
if ($rowcount % 2 == 0) $color = " class=\"backLight\" "; |
2544 |
else $color = ""; |
2545 |
|
2546 |
printf("<tr>\n"); |
2547 |
printf("<td %s>%s", $color, $field_display_item); |
2548 |
printf("</td>\n"); |
2549 |
printf("<td %s><input type =\"Radio\" name =\"key_id\" value =\"%s\"></td>\n", |
2550 |
$color, $field_value_item); |
2551 |
printf("</tr>\n"); |
2552 |
|
2553 |
$rowcount++; |
2554 |
}; |
2555 |
printf("</table>\n"); |
2556 |
} |
2557 |
else { |
2558 |
printf("You must limit by some criteria before proceeding.<BR>\n"); |
2559 |
} |
2560 |
} |
2561 |
|
2562 |
|
2563 |
/********************************************************** |
2564 |
Function: selectStaff() |
2565 |
Author: Paul Bramscher |
2566 |
Last Modified: 03.10.2004 |
2567 |
*********************************************************** |
2568 |
Incoming: |
2569 |
None |
2570 |
*********************************************************** |
2571 |
Outgoing: |
2572 |
None |
2573 |
*********************************************************** |
2574 |
Purpose: |
2575 |
Draws a table with all staff for basic command add/edit/ |
2576 |
delete selection. |
2577 |
**********************************************************/ |
2578 |
function selectStaff(){ |
2579 |
|
2580 |
printf("<table width=\"90%%\" border = \"1\" cellpadding = \"2\" >\n"); |
2581 |
printf("<tr>\n"); |
2582 |
printf("<td class = \"cellPlain\">ID</td>\n"); |
2583 |
printf("<td class = \"cellPlain\">Staff name</td>\n"); |
2584 |
printf("<td class = \"cellPlain\">Staff Account</td>\n"); |
2585 |
printf("<td class = \"cellPlain\">Local pwd?</td>\n"); |
2586 |
printf("<td class = \"cellPlain\">Access</td>\n"); |
2587 |
printf("<td class = \"cellPlain\">Level</td>\n"); |
2588 |
printf("<td class = \"cellPlain\">Last login</td>\n"); |
2589 |
printf("<td class = \"cellPlain\">Last ip</td>\n"); |
2590 |
printf("<td class = \"cellPlain\">Select</td>\n"); |
2591 |
printf("</tr>"); |
2592 |
|
2593 |
// Build the sql |
2594 |
$sql = "SELECT |
2595 |
s.staff_id, |
2596 |
s.staff_account, |
2597 |
s.password, |
2598 |
s.first_name, |
2599 |
s.last_name, |
2600 |
s.last_login, |
2601 |
s.last_ip, |
2602 |
a.access, |
2603 |
a.access_level |
2604 |
FROM |
2605 |
staff s, access a |
2606 |
WHERE staff_id > 1 AND s.access_id = a.access_id"; |
2607 |
|
2608 |
// Order the display |
2609 |
$sql .= " ORDER BY last_name, first_name"; |
2610 |
|
2611 |
$rs = mysql_tryquery($sql); |
2612 |
|
2613 |
$rowcount = 0; |
2614 |
|
2615 |
while ($row = mysql_fetch_array ($rs, MYSQL_ASSOC)) { |
2616 |
$first_name = Trim($row["first_name"]); |
2617 |
$last_name = Trim($row["last_name"]); |
2618 |
$staff_account = $row["staff_account"]; |
2619 |
$staff_id = $row["staff_id"]; |
2620 |
$access = Trim($row["access"]); |
2621 |
$access_level = Trim($row["access_level"]); |
2622 |
$last_login = Trim($row["last_login"]); |
2623 |
$last_ip = Trim($row["last_ip"]); |
2624 |
|
2625 |
// See whether the local password has been set |
2626 |
if (strlen($row["password"]) > 0) $local_pwd = "<b>Yes</b>"; |
2627 |
else $local_pwd = "No"; |
2628 |
|
2629 |
// For display purposes |
2630 |
if (strlen($last_login) < 1) $last_login = " "; |
2631 |
if (strlen($last_ip) < 1) $last_ip = " "; |
2632 |
|
2633 |
// Make every other row colored |
2634 |
if ($rowcount % 2 == 0) $color = " class=\"backLight\" "; |
2635 |
else $color = ""; |
2636 |
|
2637 |
printf("<tr>"); |
2638 |
|
2639 |
printf("<td %s>%d</td>\n", $color, $staff_id); |
2640 |
printf("<td %s>%s, %s</td>\n", $color, $last_name, $first_name); |
2641 |
printf("<td %s>%s</td>\n", $color, $staff_account); |
2642 |
printf("<td %s>%s</td>\n", $color, $local_pwd); |
2643 |
printf("<td %s>%s</td>\n", $color, $access); |
2644 |
printf("<td %s>%d</td>\n", $color, $access_level); |
2645 |
printf("<td %s>%s</td>\n", $color, $last_login); |
2646 |
printf("<td %s>%s</td>\n", $color, $last_ip); |
2647 |
|
2648 |
printf("<td %s> <input type = \"Radio\" name = \"staff_id\" |
2649 |
value =\"%d\" > </td>\n", $color, $staff_id); |
2650 |
|
2651 |
printf("</tr>\n"); |
2652 |
|
2653 |
$rowcount++; |
2654 |
}; |
2655 |
printf("</table>\n"); |
2656 |
} |
2657 |
|
2658 |
|
2659 |
/********************************************************** |
2660 |
Function: statQuery($sql) |
2661 |
Author: Paul Bramscher |
2662 |
Last Modified: 03.02.2004 |
2663 |
*********************************************************** |
2664 |
Incoming: |
2665 |
$sql A SQL statement to execute. The |
2666 |
SELECT must have a COUNT(*) in it. |
2667 |
The stat logic should be in WHERE. |
2668 |
*********************************************************** |
2669 |
Outgoing: |
2670 |
$result The numerical result of the query, |
2671 |
or else "UNKNOWN" in case of error. |
2672 |
*********************************************************** |
2673 |
Purpose: |
2674 |
Accepts a simple SQL statement, performs the lookup, and |
2675 |
drawns the result in a two-column table row. The first |
2676 |
column is $label explaining the purpose of the lookup, |
2677 |
the second column is the numerical figure of the $sql. |
2678 |
**********************************************************/ |
2679 |
|
2680 |
function statQuery($sql){ |
2681 |
$rs = mysql_tryquery($sql); |
2682 |
$row = mysql_fetch_array ($rs, MYSQL_ASSOC); |
2683 |
|
2684 |
// We should be getting only a single row. |
2685 |
if (mysql_num_rows($rs) == 1) $result = $row["COUNT(*)"]; |
2686 |
else $result = "UNKNOWN"; |
2687 |
|
2688 |
return $result; |
2689 |
} |
2690 |
|
2691 |
|
2692 |
/********************************************************** |
2693 |
Function: textInmySQL |
2694 |
Author: Paul Bramscher |
2695 |
Last Modified: 09.23.2003 |
2696 |
*********************************************************** |
2697 |
Purpose: |
2698 |
This function creates filtering rules for input into |
2699 |
mySQL. Depending on your configuration of the PHP |
2700 |
variable magic_quotes_gpc, security needs, and possible |
2701 |
foreign character set issues you may want to change this. |
2702 |
**********************************************************/ |
2703 |
function textInmySQL($incoming) { |
2704 |
|
2705 |
// Replace single quotes with two single quotes |
2706 |
$outgoing = ereg_replace("'","''",$incoming); |
2707 |
|
2708 |
return $outgoing; |
2709 |
|
2710 |
} |
2711 |
|
2712 |
/********************************************************** |
2713 |
Function: textOutHTML |
2714 |
Author: Paul Bramscher |
2715 |
Last Modified: 04.21.2003 |
2716 |
*********************************************************** |
2717 |
Purpose: |
2718 |
This function will help render some data more presentable |
2719 |
on HTML forms, particularly pre-setting form field values |
2720 |
which might contain a double-quote. This function may also |
2721 |
be extended to cover other cases. |
2722 |
**********************************************************/ |
2723 |
function textOutHTML($incoming) { |
2724 |
|
2725 |
// Replace double quotes with the HTML " |
2726 |
$outgoing = ereg_replace("\"",""",$incoming); |
2727 |
|
2728 |
return $outgoing; |
2729 |
|
2730 |
} |
2731 |
|
2732 |
|
2733 |
/********************************************************** |
2734 |
Function: textSearchmySQL |
2735 |
Author: Paul Bramscher |
2736 |
Last Modified: 05.20.2003 |
2737 |
*********************************************************** |
2738 |
Purpose: |
2739 |
This function is to be used on HTML search forms |
2740 |
that might contain a single quote. They are escaped with |
2741 |
a backslash. Any other potential SELECT filtering can |
2742 |
happen here. |
2743 |
**********************************************************/ |
2744 |
function textSearchmySQL($incoming) { |
2745 |
|
2746 |
// Replace single quotes with two single quotes |
2747 |
// You may need to uncomment this. |
2748 |
$outgoing = ereg_replace("'","\'",$incoming); |
2749 |
|
2750 |
// You may need to comment this out, and uncomment the previous. |
2751 |
//$outgoing = $incoming; |
2752 |
|
2753 |
return $outgoing; |
2754 |
|
2755 |
} |
2756 |
?> |