phowell
/
dir
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
dir/dir_api.php

1766 lines
75 KiB
PHP
Raw Blame History

<?php
$DEBUG = 0;
// _ _ _____ _______ _
// | | | | | __ \ /\|__ __|/\ | |
// | |_| |__ ___ | | | | / \ | | / \ | |__ __ _ ___ ___
// | __| '_ \ / _ \ | | | |/ /\ \ | | / /\ \ | '_ \ / _` / __|/ _ \
// | |_| | | | __/ | |__| / ____ \| |/ ____ \| |_) | (_| \__ \ __/
// \__|_| |_|\___| |_____/_/ \_\_/_/ \_\_.__/ \__,_|___/\___|
//
//
// DATABASE
//
// Yes, there's two different databases.
//
// $c = gavi_db
// $c2 = PeterDB
//
// Why? Just to keep you on your toes.
//
// also, there's 3 different tables that have people/users. Why? Reasons. Which mostly no longer apply.
// I recommend combining conf_users and gavi_personnel_ext so at least there's
// one less opportunity to get out of sync.
//
//
// The $j argument is true for a json result, or false for a raw db object result.
//
$TESTSITE = 1;
if ($TESTSITE) {
$DBServer = '192.168.1.6'; $DBUser = 'phowell';
$DBPass = 'rolley34'; $DBName = 'db';
$DBUser2 = 'phowell';
$DBPass2 = 'rolley34'; $DBName2 = 'db';
} else {
$DBServer = 'localhost'; $DBUser = 'www';
$DBPass = '@$df'; $DBName = 'gavi_db';
$DBUser2 = 'phowell';
$DBPass2 = 'p^howell'; $DBName2 = 'PeterDB';
}
$c = new mysqli($DBServer, $DBUser, $DBPass, $DBName);
if ($c->connect_error) { die('Database connection failed: ' . $c->connect_error ); }
if (!mysqli_select_db($c, $DBName)) { die("Uh oh, couldn't select database $DBName"); }
$c2 = new mysqli($DBServer, $DBUser2, $DBPass2, $DBName2);
if ($c2->connect_error) { die('Database connection failed: ' . $c2->connect_error ); }
if (!mysqli_select_db($c2, $DBName2)) { die("Uh oh, couldn't select database 'PeterDB'"); }
mysqli_set_charset($c, 'utf8');
mysqli_set_charset($c2, 'utf8');
include('underscore.php');
$_ = new __();
// _ _
// | | | |
// | |__ ___| |_ __ ___ _ __ ___
// | '_ \ / _ \ | '_ \ / _ \ '__/ __|
// | | | | __/ | |_) | __/ | \__ \
// |_| |_|\___|_| .__/ \___|_| |___/
// | |
// |_|
// Generic string cleaner
// keep HTML tags string cleaner
function ok($str) { global $c; return mysqli_real_escape_string($c, strip_tags($str, '<p><br><ul><ol><li><b><i><strong><em>')); }
function okh($str) { global $c; return mysqli_real_escape_string($c, $str); }
function unescape_commas($s) { return preg_replace('/\[CMA\]/', ',', $s); }
function p($s) { echo "<p>{$s}</p>\n"; }
function p2($val){ echo '<pre>'; print_r($val); echo "</pre>\n"; }
function d_err($s) { global $DEBUG; if ($DEBUG) { p($s); } }
function logout() { session_destroy(); }
// Some helpful globals
$server = $_SERVER['SERVER_NAME'];
$options_query = "SELECT label,value FROM `conf_uinforecord` WHERE id>1";
$options_array = multi_row_select($options_query, 0, $c2);
$OPTIONS = array_reduce($options_array, function ($result, $item) {
$result[$item["label"]] = $item["value"];
return $result; }, array());
$default_ay_query = "SELECT begin,end FROM conf_academicyears ca JOIN conf_uinforecord cu ON cu.value=ca.id WHERE cu.label='default_ay';";
$AY = single_row_select($default_ay_query,0, $c2);
$OPTIONS['year'] = $AY;
$conf_query = "SELECT semester,date1,date2,title FROM conf_conferences cc JOIN conf_uinforecord cu ON cu.value=cc.id WHERE cu.label='default_conference';";
$CONF = single_row_select($conf_query,0, $c2);
$OPTIONS['conf'] = $CONF;
function name_to_lc($fn,$ln) {
$fn = str_replace( array( '-', ' '), '', strtolower($fn) );
$ln = str_replace( array( '-', ' '), '', strtolower($ln) );
return $fn . "_" . $ln; }
function name_to_file($fn,$ln) {
$fn = str_replace( array( '-', ' '), '', strtolower($fn) );
$ln = str_replace( array( '-', ' '), '', strtolower($ln) );
return $fn . "_" . $ln . ".jpg"; }
// 1. lookups, like a username
function single_row_select($qry, $j, $c) {
$r = mysqli_query($c, $qry); d_err($qry);
$e = mysqli_error($c); if($e) { d_err("sql error: " . $e ); }
if (!$r) { return $r; }
//echo("\n<!--\n" . $qry . "\n\n" . json_encode($r) . "\n-->\n\n");
$a = mysqli_fetch_assoc($r);
$e = mysqli_error($c); if($e) { d_err("sql error: " . $e ); }
if (! $j) { return $a; } return json_encode($a); }
// 1a. inserts
function single_row_insert($qry, $j, $c) {
$r = mysqli_query($c, $qry);
//d_err($qry);
//$e = mysqli_error($c); if($e) { d_err("sql error: " . $e ); }
$new_id = mysqli_insert_id($c);
return $new_id; }
/*$a = mysqli_fetch_assoc($c);
$e = mysqli_error($c); if($e) { d_err("sql error: " . $e ); }
if (! $j) { return $a; } return json_encode($a); } */
// 1b. updates
function single_row_update($qry, $j, $c) {
$r = mysqli_query($c, $qry);
return 1; }
// 2. grid or fancier joins, like get all sessions, rosters, todos, etc
function multi_row_select($qry, $j, $db) {
$rows = array();
$result = mysqli_query($db, $qry);
while($r = mysqli_fetch_assoc($result)) { $rows[] = $r; }
if (! $j) { return $rows; } return json_encode( $rows); }
// 3. Check if an entry exists
function does_exist($qry, $full_record, $db) { global $c, $c2;
$r = mysqli_query($db, $qry);
$a = mysqli_num_rows($r);
if (! $a ) { return 0; }
$row = mysqli_fetch_array($r, MYSQLI_NUM);
$id = $row[0]; // getting the id of that which exists... assuming first column has it.
$e = mysqli_error($db); if($e) { d_err("sql error: " . $e); }
if ($a && $full_record) { return $row; } if ($a) { return $id; } return 0; }
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
// //
// // LOG ENTRIES
// //
// // Enter or get browser log entry
function insert_or_get_browser($b) {
global $c2;
$BROWSER = ok($b);
$existing = does_exist( "SELECT id FROM www_browsers WHERE string='$BROWSER'", 0, $c2);
if ($existing) { return $existing;
} else {
$q = "INSERT INTO www_browsers (string) VALUES ('$BROWSER')";
single_row_insert($q,0,$c2);
return does_exist( "SELECT id FROM www_browsers WHERE string='$BROWSER'",0,$c2); } }
function dumpit($var) {
ob_start();
var_dump($var);
$a=ob_get_contents();
ob_end_clean();
return $a;
}
// //
// // Log everything!
function log_it($action) {
global $USER, $USER_GOO, $USER_EMAIL, $c2;
//echo("\n<!--\n" . json_encode($USER) . "\n-->\n\n");
if (! $USER) {
$USER = array( 'user_id'=>'unknown', 'id'=>-1 ); }
$user_browser = $_SERVER['HTTP_USER_AGENT'];
$user_ip = $_SERVER['REMOTE_ADDR'];
$BROWSER = insert_or_get_browser($user_browser);
$ACTION = ok($action) . " / " . dumpit($USER) . " / " . $USER_GOO . " / " . $USER_EMAIL;
//$persid = $USER->id;
//if (! $persid) { $persid = -1; }
$qupdate = "INSERT INTO gavi_logs SET action='{$ACTION}', " /*personnel_id='{$persid}',name='{$USER->user_id}', */ . "browser=$BROWSER, ip='$user_ip'";
single_row_insert($qupdate,0,$c2);
return array("result"=>"success","action"=>"logged","query"=>$qupdate,"err"=>mysqli_error($c2)); }
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
//
// Look in various folders for STAFF PICTURES
function user_pic_look($first,$last,$g) {
$images = array();
$images[] = 'images_sm/missing.jpg';
$sm_exists = file_exists("/gavilan.edu/staff/images_sm");
$goo_exists = file_exists("/gavilan.edu/staff/images_goo");
if ($sm_exists && $goo_exists) {
$name_name = str_replace(' ','',str_replace('-','', strtolower($first) )) . "_" . str_replace(' ','',str_replace('-','', strtolower($last) ));
$name_name1 = $name_name . ".jpg";
$name_name2 = $name_name . "2" . ".jpg";
$name_name3 = $name_name . "3" . ".jpg";
$name_name4 = $name_name . "4" . ".jpg";
$name_dir = scandir("/gavilan.edu/staff/images_sm");
if ($name_dir && in_array($name_name1,$name_dir)) { $images[] = 'images_sm/' . $name_name1; }
if ($name_dir && in_array($name_name2,$name_dir)) { $images[] = 'images_sm/' . $name_name2; }
if ($name_dir && in_array($name_name3,$name_dir)) { $images[] = 'images_sm/' . $name_name3; }
if ($name_dir && in_array($name_name4,$name_dir)) { $images[] = 'images_sm/' . $name_name4; }
$badge_dir = scandir("/gavilan.edu/staff/images_goo");
$badge_name = $g . ".jpg";
if ($badge_dir && in_array($badge_name,$badge_dir)) { $images[] = 'images_goo/' . $badge_name; }
}
return $images; }
//
// Photos stuff. This shouldn't be needed anymore since we store pic path in the database.
//
function check_dir_photo($fn,$ln) { global $USER;
$filename = name_to_file( $fn,$ln );
$path = '/gavilan.edu/staff/images_sm/' . $filename;
$dir_pic_exists = 0;
$dir_pic_path = 'images_sm/nobody.jpg';
if (file_exists($path)) {
$dir_pic_exists = 1;
$dir_pic_path = 'images_sm/' . $filename; }
$USER->dir_pic_exists = $dir_pic_exists;
$USER->dir_pic_path = $dir_pic_path;
return $dir_pic_exists; }
/////
/////
//
// Insert new user
//
// For whatever reason, we haven't seen this person before. Insert their conf_user row
// so they can have their choices recorded.
//
function insert_new_user() { global $USER, $USER_EMAIL, $USER_GOO, $USER_NAME, $USER_PERS_ID, $USER_CONF_U_ID, $USER_PERS_EXT_ID, $c, $c2;
$LC_EMAIL = strtolower($USER_EMAIL);
single_row_insert("INSERT INTO conf_users (goo, email, name) VALUES ('{$USER_GOO}','{$LC_EMAIL}','{$USER_NAME}');", 1, $c2);
$logaction = log_it("Made a new conf_users row for {$USER_NAME} / {$LC_EMAIL} / {$USER_GOO}");
}
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
//
// Fetching a person's records
//
// 1. use their email to lookup PERSONNEL
// - basic directory info
//
// 2. use their email to lookup CONF_USERS
// - flex app, workshop signups
//
// 3. use conf_users.id to lookup in gavi_personnel_ext.c_users
// - goo, depts, job title, image active
//
// 4. use personnel.id to lookup [webpages, welcomepages, etc]
//
//
// Ultimately the user's data goes into the global $USER
function user_record() { global $USER, $USER_EMAIL, $USER_GOO, $USER_NAME, $USER_PERS_ID, $USER_CONF_U_ID, $USER_PERS_EXT_ID, $c, $c2;
$LC_EMAIL = strtolower($USER_EMAIL);
if (! $USER_EMAIL) {
$goo = substr($USER_GOO, 3);
$q0 = "SELECT email FROM conf_users WHERE goo='{$goo}'";
$temp_usr = single_row_select($q0,0,$c2);
if (is_null($temp_usr)) {
// we have a new user here...
// and the missing email might be a problem....
insert_new_user();
}
//echo($goo);
//print_r($temp_usr);
//echo($temp_usr->email);
//echo("\n");
$LC_EMAIL = strtolower($temp_usr['email']);
}
$usr_check = single_row_select("SELECT id FROM conf_users WHERE LOWER(email)='{$LC_EMAIL}';",0,$c2);
if (is_null($usr_check)) {
// we have a new user here...
insert_new_user();
}
//$q1 = "SELECT last_name, first_name, department, extension, phone_number, email, room, user_id, time_updated, id, web_on, status FROM personnel WHERE LOWER(email)='{$LC_EMAIL}'";
//$usr_dir = single_row_select($q1, 0, $c);
$q2 = "SELECT id AS conf_id, goo AS conf_goo, email AS conf_email, name AS conf_name, active AS conf_active FROM conf_users WHERE LOWER(email)='{$LC_EMAIL}'";
$USER = single_row_select($q2, 0, $c2);
//$mega = $_->extend( (object) $usr_dir, (object) $usr_conf );
//$q3 = 'SELECT id AS ext_id, personnel AS personnel_id, role, goo_short, c_users AS c_users_id_ext, ilearn_id, sched_alias, dept1, dept2, gtitle, active, use_dir_photo, general_photo_release, etc, espanol, zoom, preferred_contact FROM gavi_personnel_ext WHERE personnel=' . $mega->id . ';'; // c_users={$mega->conf_id}';
//$usr_ext = single_row_select($q3,0,$c2);
//$mega = $_->extend( (object) $mega, (object) $usr_ext );
//$q4 = 'SELECT person, officehours, title, picture, education, bio, courses, personal_page, changed FROM webpages WHERE person=' . $mega->id . ';'; // '{$mega->id}'"; // personnel=1');
//$usr_web = single_row_select($q4,0,$c);
//$mega = $_->extend( (object) $mega, (object) $usr_web );
//$USER = $mega;
}
// _____ _____ _ _ _____ _ ______ _ ____ _ _
// / ____|_ _| \ | |/ ____| | | ____| (_) / __ \| \ | |
// | (___ | | | \| | | __| | | |__ ___ _ __ _ _ __ | | | | \| |
// \___ \ | | | . ` | | |_ | | | __| / __| |/ _` | '_ \ | | | | . ` |
// ____) |_| |_| |\ | |__| | |____| |____ \__ \ | (_| | | | | | |__| | |\ |
// |_____/|_____|_| \_|\_____|______|______| |___/_|\__, |_| |_| \____/|_| \_|
// __/ |
// |___/
// SSO
//
// Set GLOBAL VARS corresponding to current logged in user.
// They may only edit their own dir info.
//
if ( $server == 'intranet1.gavilan.edu' ) { // The SSO check should have happened on the actual page. If it gets
// // stuck on an api call the app will break.
if ( session_id() == '' ) { // session_status() == PHP_SESSION_ACTIVE // newer php uses this
require 'mAuth.php';
$USER_TYPE = $attributes['http://wso2.org/claims/Roles'][0];
$USER_GOO = $attributes['http://wso2.org/claims/uid'][0];
$USER_EMAIL = $attributes['http://wso2.org/claims/emailaddress'][0];
?>
<!--
<?php print_r($attributes); ?>
-->
<?php
session_start();
$_SESSION['USER_TYPE'] = $USER_TYPE;
$_SESSION['USER_GOO'] = $USER_GOO;
$_SESSION['USER_EMAIL'] = $USER_EMAIL;
} else { // already logged in....
$USER_TYPE = $_SESSION['USER_TYPE'];
$USER_GOO = $_SESSION['USER_GOO'];
$USER_EMAIL = $_SESSION['USER_EMAIL']; }
} else { // just testing on a different server...
$USER_TYPE = 'FACULTY'; $USER_GOO = 'G00102586'; $USER_EMAIL = 'phowell@gavilan.edu'; }
//
//
//
//
// Did the user AUTHENTICATE? ... then put their info into a global
//
if ($USER_GOO) {
user_record();
//check_dir_photo($USER->first_name, $USER->last_name);
}
//
//
//
//
// _ _
// (_) (_)
// _ __ ___ _ __ _ __ ___ _ ___ ___ _ ___ _ __ ___
// | '_ \ / _ \ '__| '_ ` _ \| / __/ __| |/ _ \| '_ \/ __|
// | |_) | __/ | | | | | | | \__ \__ \ | (_) | | | \__ \
// | .__/ \___|_| |_| |_| |_|_|___/___/_|\___/|_| |_|___/
// | |
// |_|
/*
NEXT STEPS:
- figure out permissions system
- which means knowing dept / hierarchy
- which means cross referencing PERSONNEL and EXT and CONF_USERS.....
## Permissions summary
0. There is a list of table+column combos that users are allowed to edit.
0.5 An activity "belongs" to the user who owns it (or created it).
1. Simple cases:
- current user is updating their own (allowable) record. Allow.
2. Superuser:
- current user is executive, hr, it, or root. (7,2,8,3) Allow.
3. User is "Dept Editor" (4) and
-is updating a record belonging to someone in their dept. Allow.
4. Harder: Updating events
5. Updating attendance, approvals, or other restricted tables. Only FPLC (1) or superusers.
## Calls which edit the database
Everything is sent in two arguments: cols and vals. They are comma separated and actual commas are replaced with [CMA]
This relies on the app knowing the correct columns for the given table.
Everything goes through the permission checker, which uses the: current user, target table, and target table row id
to figure out if its allowed.
TODO: permissions function
TODO: prefer to POST these calls just to be a little cleaner.
TODO: psuedo permissions but just to decide which navigation buttons to show:
- faculty see the welcome letters editor
- certain permissions see: big staff dir list editor (filtered per their dept), activities big list editor or results
- who sees the logs page?
also... determine who sees a particular "edit" button show up for activities...
who sees the "survey results, attendees reports" show up for past activities...
Sample URLs:
https://www.gavilan.edu/staff/dir_api.php?a=update&cols=name,msg&vals=peter,hello
https://intranet1.gavilan.edu/dir/dir_api.php?a=update&cols=name,msg&vals=peter,hello
*/
function check_permission( $acting_user, $target_id, $table ) {
// TODO
return true;
}
// _ _ _
// (_) | | | |
// _ __ ___ _ ___ ___ | |__ ___| |_ __
// | '_ ` _ \| / __|/ __| | '_ \ / _ \ | '_ \
// | | | | | | \__ \ (__ | | | | __/ | |_) |
// |_| |_| |_|_|___/\___| |_| |_|\___|_| .__/
// | |
//
//
// Helper tables
//
// JOB TITLES LIST
function job_titles() { global $c2;
return multi_row_select("SELECT DISTINCT id, name FROM gavi_titles ORDER BY name",1, $c2); }
if (isset($_REQUEST['a']) && $_REQUEST['a']=='get/jobtitles') {
echo job_titles(); exit(); }
// all SUB MENUS
//
function sub_menus() { global $c2;
$ddd = multi_row_select('SELECT * FROM gavi_departments ORDER BY name',0, $c2);
$ttt = multi_row_select('SELECT * FROM gavi_titles ORDER BY name',0, $c2);
$rrr = multi_row_select("SELECT * FROM gavi_roles ORDER BY 'descr'",0, $c2);
$ccc = multi_row_select('SELECT * FROM gavi_committees ORDER BY name',0, $c2);
$sss = multi_row_select('SELECT * FROM conf_sessiontypes ORDER BY id',0, $c2);
$ppp = multi_row_select("SELECT * FROM `conf_sessions` WHERE `type` = '20' OR `type` = '21' ORDER BY starttime",0, $c2);
return json_encode( array( 'departments'=>$ddd, 'titles'=>$ttt, 'roles'=>$rrr, 'committees'=>$ccc, 'sessiontypes'=>$sss, 'parents'=>$ppp ) ); }
if (isset($_REQUEST['a']) && $_REQUEST['a']=='menus') { echo sub_menus(); exit(); }
// all NAMES
//
function get_names() {
global $c2, $AY, $USER;
$q = "SELECT u.id, u.name FROM conf_users AS u ORDER BY u.name";
echo json_encode( array("users"=>multi_row_select($q,0,$c2), "result"=>"success","err"=>mysqli_error($c2)));
exit(); }
if (isset($_GET['a']) && $_GET['a'] == 'get/names') { get_names(); }
// get most RECENT LOGS
//
function get_recent_logs() {
global $c2, $USER;
$my_sessions = multi_row_select("SELECT * FROM `gavi_logs` ORDER BY `id` DESC LIMIT 150",0,$c2);
echo json_encode($my_sessions);
exit(); }
if (isset($_GET['a']) && $_GET['a'] == 'get/logs') { get_recent_logs(); }
// gavilan college EVENTS
//
function get_events() { global $c;
echo json_encode( multi_row_select("SELECT * FROM events WHERE date >= CURDATE() AND visible='1' ORDER BY time LIMIT 6;",0, $c)); }
if (isset($_GET['a']) && $_GET['a'] == 'get/gavevents') { get_events(); exit(); }
// GOTT and workshop signups
// Export MySQL table as JSON grouped by 'training' + 'date_req' with unique 'email' within each group
function signups()
{
global $c;
// SQL query to fetch data from the table
$sql = "SELECT * FROM rsvp WHERE DATE(date_rsvp) >= '2023-01-01'";
$result = mysqli_query($c, $sql);
// Create an associative array to hold the grouped data
$groupedData = array();
// Loop through the result rows
while ($row = mysqli_fetch_assoc($result)) {
// Generate the group key by concatenating 'training' and 'date_req'
$groupKey = $row['training'] . $row['date_rsvp'];
// Check if the group key already exists in the grouped data array
if (!array_key_exists($groupKey, $groupedData)) {
// If the group key doesn't exist, create a new array for the group
$groupedData[$groupKey] = array();
}
// Check if the 'email' already exists within the group
$emailExists = false;
foreach ($groupedData[$groupKey] as $existingRow) {
if ($existingRow['email'] === $row['email']) {
$emailExists = true;
break;
}
}
// Add the row data to the corresponding group if the 'email' doesn't already exist
if (!$emailExists) {
$groupedData[$groupKey][] = $row;
}
}
// Return the grouped data as JSON
return json_encode($groupedData);
}
if (isset($_REQUEST['a']) && $_REQUEST['a']=='signups') {
echo signups(); exit(); }
// ___ | | | |
// ___ ___ _ _ _ __ ___ ___ ___ ( _ ) | |_ ___ __ _ ___| |__ ___ _ __ ___
// / __/ _ \| | | | '__/ __|/ _ \/ __| / _ \/\ | __/ _ \/ _` |/ __| '_ \ / _ \ '__/ __|
// | (_| (_) | |_| | | \__ \ __/\__ \ | (_> < | || __/ (_| | (__| | | | __/ | \__ \
// \___\___/ \__,_|_| |___/\___||___/ \___/\/ \__\___|\__,_|\___|_| |_|\___|_| |___/
//
//
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
//
// Courses in a semester
function semester_sections() { global $c2;
return multi_row_select("SELECT * FROM `gavi_sections` s WHERE s.sem='fa21' ORDER BY s.teacher_id",1, $c2); }
if (isset($_REQUEST['a']) && $_REQUEST['a']=='list/semester') {
echo semester_sections(); exit(); }
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
//
// STAFF + COURSES COMBINED
function staff_dir_w_sections() { global $c;
// just one semesters sections?
$WHERE = "WHERE pgs.sem='fa21'";
// all recorded semesters
$WHERE = "";
return multi_row_select("SELECT p.first_name,p.last_name,p.department,p.status,p.staff_type, p.room,phone_number,LOWER(p.email) AS email,p.web_on, p.id, e.id AS ext_id, e.role, e.goo_short, e.c_users AS c_users_id_ext, e.ilearn_id, e.sched_alias, e.dept1, e.dept2, e.gtitle, e.active, e.use_dir_photo, e.general_photo_release, e.dir_photo_path, e.etc, e.espanol, e.zoom, e.preferred_contact, c.id AS conf_id, c.goo AS conf_goo, c.name AS conf_name, d.name AS dept1name, t.name AS titlename, d.parent AS deptparent, GROUP_CONCAT(DISTINCT s.code SEPARATOR ', ') AS sections, COUNT(s.code) AS num_taught FROM gavi_db.personnel p LEFT JOIN PeterDB.gavi_personnel_ext e ON p.id=e.personnel LEFT JOIN PeterDB.conf_users c ON LOWER(p.email)=LOWER(c.email) LEFT JOIN PeterDB.gavi_departments d ON e.dept1=d.id LEFT JOIN PeterDB.gavi_titles t ON e.gtitle=t.id LEFT JOIN ( SELECT * FROM PeterDB.gavi_sections pgs {$WHERE}) s ON e.id=s.teacher_id GROUP BY p.id ORDER BY p.last_name LIMIT 2500",0, $c); }
if (isset($_REQUEST['a']) && $_REQUEST['a']=='list/staffsemester') {
echo json_encode(staff_dir_w_sections()); exit(); }
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
//
// SEARCH AN INSTRUCTOR BY NAME IN SCHEDULE
//
function get_instructor() { global $c2;
$i = ok($_REQUEST['inst']);
echo json_encode( single_row_select("SELECT * FROM gavi_personnel_ext WHERE sched_alias='{$i}';",0, $c2));
exit(); }
if (isset($_REQUEST['a']) && $_REQUEST['a'] == 'get/instructor/name' ) { get_instructor(); }
function get_instructor_fuzzy() {
global $c2;
$i = ok($_REQUEST['inst']);
echo json_encode( single_row_select("SELECT * FROM gavi_personnel_ext WHERE sched_alias LIKE '{$i}';",0, $c2));
exit(); }
if (isset($_REQUEST['a']) && $_REQUEST['a'] == 'get/instructor/fuzzyname' ) { get_instructor_fuzzy(); }
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
//
// COURSE SECTIONS in a semester
//
function get_sections($semester) { global $c;
$semester = ok($semester);
return multi_row_select("SELECT s.id,s.code,s.name,s.descr,s.teacher_id,s.days,s.start_date,s.end_date,s.units,s.ztc,s.location,s.delivery,s.status,s.pnp,s.note,s.crn,s.sem,p.personnel AS personnel_id,p.use_dir_photo,p.dir_photo_path,d.last_name,d.first_name,d.phone_number,d.email,d.room,d.web_on,s.sem FROM PeterDB.gavi_sections s LEFT JOIN PeterDB.gavi_personnel_ext p ON s.teacher_id=p.id LEFT JOIN personnel d ON d.id=p.personnel WHERE sem='{$semester}' ORDER BY code;",0, $c); }
if (isset($_REQUEST['a']) && preg_match('/^get\/sections\/(\w\w\d\d)$/', $_REQUEST['a'], $matches)) { echo json_encode( get_sections( $matches[1] ) ); exit(); }
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
//
// all COURSE SECTIONS by semester and crn only
//
function get_all_sections() { global $c;
echo json_encode( multi_row_select("SELECT s.id,s.code,s.crn,s.sem,s.teacher_id,s.delivery,s.status,p.personnel AS personnel_id,d.last_name,d.first_name FROM PeterDB.gavi_sections s LEFT JOIN PeterDB.gavi_personnel_ext p ON s.teacher_id=p.id LEFT JOIN personnel d ON d.id=p.personnel ORDER BY sem,code;",0, $c));
exit(); }
if (isset($_REQUEST['a']) && $_REQUEST['a'] == 'get/sections') { get_all_sections(); }
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
//
// all COURSE SECTIONS of a single INSTRUCTOR
//
// use their gavi_personnel_ext id
//
function get_instructor_sections($teacherid) {
global $c;
echo json_encode( multi_row_select("SELECT s.id,s.code,s.name,s.descr,s.teacher_id,s.days,s.times,s.link,s.start_date,s.end_date,s.units,s.ztc,s.location,s.delivery,s.xlist_to,s.status,s.pnp,s.note,s.crn,s.sem,s.year FROM PeterDB.gavi_sections s WHERE s.teacher_id='{$teacherid}' ORDER BY s.sem,s.code;",0, $c));
exit(); }
if (isset($_REQUEST['a']) && preg_match('/^get\/sections\/(\d+)$/', $_REQUEST['a'], $matches)) {
get_instructor_sections( $matches[1] ); }
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
//
// COURSE SINGLE SECTION including welcome letter
//
// Housekeeping: if the gavi_welcome_letters row doesn't exist, we need to make it and populate it with the example text.
//
//
function get_section($sem,$crn) {
global $c, $c2;
$sem = ok($sem);
$crn = ok($crn);
$sched_id = 0;
$sched_entry = single_row_select( "SELECT * FROM PeterDB.gavi_sections gs WHERE sem='{$sem}' AND crn='{$crn}';",0, $c2);
if ($sched_entry) {
$sched_id = $sched_entry['id']; }
else {
echo json_encode( array( "result"=>"fail", "reason"=>"no row for that section {$sem} {$crn}.") );
exit(); }
$wl_entry = single_row_select( "SELECT s.id,s.code,s.name,s.descr,s.teacher_id,s.days,s.start_date,s.end_date,s.units,s.ztc,s.location,s.delivery,s.status,s.pnp,s.note,s.crn,s.sem,w.id AS wl_id,w.photo_path,w.format,w.length,w.course_desc,w.what_expect,w.assessments,w.textbook,w.other_info,w.introduction,w.additional_resources FROM PeterDB.gavi_welcome_letters w LEFT JOIN PeterDB.gavi_sections s ON w.section_id=s.id WHERE w.section_id='{$sched_id}';",0, $c2);
if ($wl_entry) {
echo json_encode($wl_entry);
exit(); }
else {
// no WL row for that section
$logaction = log_it("Creating default welcome letter for Semester: $sem CRN: $crn");
$default = json_decode( file_get_contents('default_welcome_letter.json') );
$default->what_expect = okh($default->what_expect);
$default->assessments = okh($default->assessments);
$default->textbook = okh($default->textbook);
$default->other_info = okh($default->other_info);
$default->introduction = okh($default->introduction);
$default->additional_resources = okh($default->additional_resources);
$q = "INSERT INTO PeterDB.gavi_welcome_letters (section_id,format,length,text_title,course_desc,what_expect,assessments,textbook,other_info,introduction,additional_resources) VALUES ('{$sched_id}', '', '', '', '', '{$default->what_expect}', '{$default->assessments}', '{$default->textbook}', '{$default->other_info}', '{$default->introduction}', '{$default->additional_resources}');";
$new_id = single_row_insert($q,0,$c2);
$q4 = "SELECT s.id,s.code,s.name,s.descr,s.teacher_id,s.days,s.start_date,s.end_date,s.units,s.ztc,s.location,s.delivery,s.status,s.pnp,s.note,s.crn,s.sem,w.id AS wl_id, w.photo_path,w.format,w.length,w.course_desc,w.what_expect,w.assessments,w.textbook,w.other_info,w.introduction,w.additional_resources FROM PeterDB.gavi_welcome_letters w LEFT JOIN PeterDB.gavi_sections s ON w.section_id=s.id WHERE w.id=" . $new_id . ";";
$wl_entry = single_row_select( $q4, 0, $c2);
echo json_encode($wl_entry);
exit();
} }
if (isset($_REQUEST['a']) && preg_match('/^get\/section\/(\w\w\d\d)\/(\d+)$/', $_REQUEST['a'], $matches)) {
get_section( $matches[1], $matches[2] ); }
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
//
// update a course section record
/*function update_section($update=1) {
global $USER, $c2;
$WHERECLAUSE = "";
$START = "INSERT INTO gavi_sections SET ";
$action = "inserted";
if ( check_permission( $USER->id, 0, 'gavi_sections')) {
if ($update) {
$START = "UPDATE webpages SET ";
$WHERECLAUSE = " WHERE id={$_REQUEST['id']}";
$action = "updated";
$logaction = log_it("updating section id {$_REQUEST['id']}");
} else {
$logaction = log_it("inserting new section");
}
} else {
echo json_encode( array("result"=>"fail", "err"=>"dont have permission to edit this") );
exit();
}
$cols = explode(',', $_REQUEST['cols']); $vals = explode(',', $_REQUEST['vals']);
$vals = $_->map($vals, 'unescape_commas');
$cv = $_->zip($cols,$vals);
$q = $_->reduce($cv, function($memo, $a) { return $memo . ok($a[0]) . "='" . ok($a[1]) . "', "; }, $START);
$q = substr($q, 0, -2);
$q .= $WHERECLAUSE;
single_row_insert($q,0,$c2);
echo json_encode( array("rawvalstr"=>$_REQUEST['vals'], "result"=>"success","action"=>$action,
"logaction"=>$logaction, "query"=>$q,"err"=>mysqli_error($c2)));
exit();
}
//if (isset($_POST['a']) && $_POST['a']=='update/section') { update_section(); }
if (isset($_REQUEST['a']) && $_REQUEST['a']=='update/section') { update_section(); }
if (isset($_REQUEST['a']) && $_REQUEST['a']=='add/section') { update_section(0); }
*/
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
//
// update a WELCOME LETTER
//
/*function update_welcome_letter($update=1) {
global $USER, $c2, $_;
$WHERECLAUSE = "";
$START = "INSERT INTO gavi_welcome_letters SET ";
$action = "inserted";
if ( check_permission( $USER->id, 0, 'gavi_welcome_letters')) {
if ($update) {
$START = "UPDATE gavi_welcome_letters SET ";
$WHERECLAUSE = " WHERE id={$_REQUEST['id']}";
$action = "updated";
$logaction = log_it("updating welcome letter id {$_REQUEST['id']}");
} else {
$logaction = log_it("inserting new welcome letter");
}
} else {
echo json_encode( array("result"=>"fail", "err"=>"dont have permission to edit this") );
exit();
}
$cols = explode(',', $_REQUEST['cols']); $vals = explode(',', $_REQUEST['vals']);
$vals = $_->map($vals, 'unescape_commas');
$cv = $_->zip($cols,$vals);
$q = $_->reduce($cv, function($memo, $a) { return $memo . ok($a[0]) . "='" . okh($a[1]) . "', "; }, $START);
$q = substr($q, 0, -2);
$q .= $WHERECLAUSE;
single_row_insert($q,0,$c2);
echo json_encode( array("rawvalstr"=>$_REQUEST['vals'], "result"=>"success","action"=>$action,
"logaction"=>$logaction, "query"=>$q,"err"=>mysqli_error($c2)));
exit();
}
//if (isset($_POST['a']) && $_POST['a']=='update/letter') { update_welcome_letter(); }
if (isset($_REQUEST['a']) && $_REQUEST['a']=='update/letter') { update_welcome_letter(); }
if (isset($_REQUEST['a']) && $_REQUEST['a']=='add/letter') { update_welcome_letter(0); }
*/
// __ _ __ _ _
// / _| | / / | | (_)
// | |_| | _____ __ / / _ __ __| | ___ ___ ___ ___ _ ___ _ __ ___
// | _| |/ _ \ \/ / / / | '_ \ / _` | / __|/ _ \/ __/ __| |/ _ \| '_ \/ __|
// | | | | __/> < / / | |_) | (_| | \__ \ __/\__ \__ \ | (_) | | | \__ \
// |_| |_|\___/_/\_\ /_/ | .__/ \__,_| |___/\___||___/___/_|\___/|_| |_|___/
// | |
// |_|
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
//
// GET LIST OF ALL SESSIONS / WORKSHOPS / EVENTS
//
function get_sessions() { global $c2, $AY;
return multi_row_select("SELECT c.id,c.title,c.desc,c.length,c.starttime,c.track,c.location,c.location_irl,c.mode,c.gets_survey,c.category,c.parent,c.recording,c.instructions,c.image_url,c.is_flex_approved,c.cal_uid,sst.type AS typeStr, sst.id AS type, GROUP_CONCAT(ctg.tag) AS tags FROM conf_sessions c LEFT JOIN conf_sessiontypes sst ON c.type=sst.id LEFT JOIN conf_tagmember ct ON c.id=ct.session LEFT JOIN conf_tags ctg ON ctg.id=ct.tag WHERE c.starttime BETWEEN CAST('{$AY['begin']}' AS DATE) AND CAST('{$AY['end']}' AS DATETIME) GROUP BY c.id ORDER BY c.track, c.starttime;",0, $c2); }
if (isset($_GET['a']) && $_GET['a'] == 'get/sessions') { echo json_encode(get_sessions()); exit(); }
function multi_row_1d($qry, $c) {
$savedQuery = mysqli_query($c, $qry);
while($savedResult = mysqli_fetch_array($savedQuery)) {
$savedArray[] = $savedResult[0]; }
return $savedArray; }
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
//
// GET LIST OF ALL SESSIONS + HOSTS
//
function get_ses_hosts() { global $c2, $AY;
return multi_row_select("select s.id, s.title, s.starttime, u.name, u.email, u.id AS hostid from conf_sessions as s LEFT OUTER JOIN conf_hosts as h ON h.session=s.id LEFT OUTER JOIN conf_users AS u ON h.host=u.id WHERE s.id>1319 ORDER BY u.name;",1, $c2); }
//return multi_row_1d("select DISTINCT(u.email) from conf_sessions as s LEFT OUTER JOIN conf_hosts as h ON h.session=s.id LEFT OUTER JOIN conf_users AS u ON h.host=u.id WHERE s.id>1319 ORDER BY u.name;", $c2); }
if (isset($_GET['a']) && $_GET['a'] == 'get/hosts') { echo get_ses_hosts(); exit(); }
//
// ALL HOST ENTRIES
//
/*function get_all_hosts() { global $c2, $_;
$hh = multi_row_select("select host,session FROM conf_hosts ORDER BY host;",0, $c2);
$byhost = $_->groupBy($hh, function($n) { return $n['host']; });
$_->map( $byhost, function($v,$k) use (&$allhost) { global $_;
$allhost[$k] = $_->pluck($v,'session');
return array( $k => $_->pluck($v,'session')); });
return $allhost; }
if (isset($_GET['a']) && $_GET['a'] == 'get/allhosts') { echo json_encode(get_all_hosts()); exit(); }
*/
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
//
// LIST THE CURRENT USER'S SIGNED UP, (OR HOSTING,) SESSIONS / WORKSHOPS / EVENTS
//
function get_user_sessions() { global $c2, $AY, $USER;
$my_sessions = multi_row_select("SELECT c.id,c.title,c.desc,c.length,c.starttime,c.track,c.location,c.location_irl,c.mode,c.gets_survey,c.category,c.parent,c.recording,c.instructions,c.image_url,c.is_flex_approved,sst.type,sst.id AS typeId, GROUP_CONCAT(ctg.tag) AS tags FROM conf_sessions c JOIN conf_signups as sup on c.id=sup.session LEFT JOIN conf_hosts as h ON h.session=c.id JOIN conf_sessiontypes sst ON c.type=sst.id LEFT JOIN conf_tagmember ct ON c.id=ct.session LEFT JOIN conf_tags ctg ON ctg.id=ct.tag WHERE (h.host='{$USER->conf_id}' OR sup.user='{$USER->conf_id}') AND c.starttime BETWEEN CAST('{$AY['begin']}' AS DATE) AND CAST('{$AY['end']}' AS DATETIME) GROUP BY c.id ORDER BY c.track, c.starttime;",0,$c2);
echo json_encode($my_sessions);
exit(); }
if (isset($_GET['a']) && $_GET['a'] == 'get/mysessions') { get_user_sessions(); }
//
// GET ROSTERS OF ALL SESSIONS
function get_rosters() {
global $AY, $c2;
/* "SELECT i.user, i.session, i.timestamp, u.goo, u.email, u.name, s.title, s.track, s.starttime, s.location, s.id AS sesid FROM conf_signups as i LEFT JOIN conf_users as u ON i.user=u.id RIGHT JOIN conf_sessions as s ON i.session=s.id WHERE s.starttime BETWEEN CAST('{$AY['begin']}' AS DATE) AND CAST('{$AY['end']}' AS DATETIME) {$where} ORDER BY sesid;" */
$where = '';
if (isset($_REQUEST['id'])) {
$ID = ok($_REQUEST['id']);
$where = "AND s.id={$ID}"; }
return multi_row_select(
"SELECT i.user, i.session, u.goo, u.email, u.name, s.id AS sesid FROM conf_signups as i LEFT JOIN conf_users as u ON i.user=u.id RIGHT JOIN conf_sessions as s ON i.session=s.id WHERE s.starttime BETWEEN CAST('{$AY['begin']}' AS DATE) AND CAST('{$AY['end']}' AS DATETIME) {$where} ORDER BY sesid;",0,$c2); }
if (isset($_GET['a']) && $_GET['a'] == 'get/rosters') { echo json_encode(get_rosters()); exit(); }
//
// GET ALL SIGNUPS
function get_signups() {
global $AY, $c2;
$where = '';
if (isset($_REQUEST['id'])) {
$ID = ok($_REQUEST['id']);
$where = "WHERE s.id={$ID}"; }
return multi_row_select(
"SELECT i.id, i.user, i.session, i.timestamp, i.certified_at, i.badged_at, i.not_flex FROM conf_signups AS i JOIN conf_sessions AS s ON i.session=s.id WHERE s.starttime BETWEEN CAST('{$AY['begin']}' AS DATE) AND CAST('{$AY['end']}' AS DATETIME) {$where} ORDER BY i.id DESC;",0,$c2); }
if (isset($_GET['a']) && $_GET['a'] == 'get/signups') { echo json_encode(get_signups()); exit(); }
//
// GET ALL USERS
function get_users() {
global $AY, $c2;
return multi_row_select(
"SELECT * FROM conf_users AS u ORDER BY u.email;",0,$c2); }
if (isset($_GET['a']) && $_GET['a'] == 'get/users') { echo json_encode(get_users()); exit(); }
//
// GET ALL HOSTS
function get_hosttable() {
global $AY, $c2;
return multi_row_select(
"SELECT * FROM conf_hosts;",0,$c2); }
if (isset($_GET['a']) && $_GET['a'] == 'get/hosttable') { echo json_encode(get_hosttable()); exit(); }
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
//
// ARBITRARY USER'S SIGNED UP, (OR HOSTING,) SESSIONS / WORKSHOPS / EVENTS
//
// all years
//
function get_anyuser_sessions($usr) {
global $c2, $AY, $USER;
$my_sessions = multi_row_select("SELECT c.id,c.title,c.desc,c.length,c.starttime,c.track,c.location,c.location_irl,c.mode,c.gets_survey,c.category,c.parent,c.recording,c.instructions,c.image_url,c.is_flex_approved,sst.type,sst.id AS typeId, GROUP_CONCAT(ctg.tag) AS tags FROM conf_sessions c JOIN conf_signups as sup on c.id=sup.session LEFT JOIN conf_hosts as h ON h.session=c.id JOIN conf_sessiontypes sst ON c.type=sst.id LEFT JOIN conf_tagmember ct ON c.id=ct.session LEFT JOIN conf_tags ctg ON ctg.id=ct.tag WHERE (h.host='{$usr}' OR sup.user='{$usr}') GROUP BY c.id ORDER BY c.starttime LIMIT 150;",0,$c2);
// AND c.starttime BETWEEN CAST('{$AY['begin']}' AS DATE) AND CAST('{$AY['end']}' AS DATETIME)
return $my_sessions; }
if (isset($_GET['a']) && preg_match('/get\/sessions\/(\d+)$/', $_GET['a'], $matches)) { echo json_encode( get_anyuser_sessions($matches[1])); exit(); }
// MY Survey ANSWERS
function get_questions() { global $c2, $USER;
//return $USER->id;
return multi_row_select( "SELECT ses.id as ses_id, sup.id as sup_id, sup.certified_at as cert, sup.surveyed_at as surveyed, cus.id as user, qset.order, qq.id, qq.question, qq.type, qq.id as qid, ans.answer FROM conf_sessions as ses JOIN conf_signups as sup on ses.id = sup.session JOIN conf_users as cus on cus.id = sup.user JOIN conf_q_set as qset on ses.gets_survey = qset.q_set RIGHT JOIN conf_questions as qq on qset.question = qq.id LEFT OUTER JOIN conf_answers as ans on ans.user = sup.user AND ans.question = qq.id AND ans.session = ses.id WHERE (cus.id='{$USER->conf_id}') ORDER BY ses.starttime, ses.track asc, qset.order", 0, $c2); }
if (isset($_GET['a']) && $_GET['a'] == 'get/questions') { echo json_encode(get_questions()); exit(); }
// Single session QUESTIONS and possibly ansers
function get_session_questions($id) { global $c2, $USER;
//print_r($USER); exit();
$u = $USER->conf_id;
return multi_row_select( "SELECT ses.title, {$u} AS user, ses.id as session, q.id AS qid, q.question, q.type, ans.answer FROM conf_sessions AS ses JOIN conf_q_set AS qset ON ses.gets_survey=qset.q_set JOIN conf_questions AS q ON q.id=qset.question LEFT OUTER JOIN conf_answers AS ans ON ans.user={$u} AND ans.question=q.id AND ans.session=ses.id WHERE ses.id={$id}", 0, $c2); }
if (isset($_GET['a'])&& preg_match('/get\/questions\/(\d+)$/', $_GET['a'], $matches)) { echo json_encode(get_session_questions($matches[1])); exit(); }
// ALL Survey ANSWERS
function get_answers_all() { global $c2;
return multi_row_select( "SELECT ses.id AS ses_id, ses.title as s_title, ses.starttime, qq.id as q_id, qq.question as question, qq.type as type, ans.answer AS answer FROM conf_sessions AS ses JOIN conf_signups as sup on ses.id = sup.session JOIN conf_users as cus on cus.id = sup.user JOIN conf_q_set as qset on ses.gets_survey = qset.q_set RIGHT JOIN conf_questions as qq on qset.question = qq.id LEFT OUTER JOIN conf_answers as ans on ans.user = sup.user AND ans.question = qq.id AND ans.session = ses.id WHERE ans.answer is not null ORDER BY ses.starttime, ses.track asc, qset.order", 0, $c2); }
if (isset($_GET['a']) && $_GET['a'] == 'get/answers/all') { echo json_encode(get_answers_all()); exit(); }
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
function set_answers() { global $c, $c2;
$ses_id = ok($_REQUEST['session']);
$u = ok($_REQUEST['user']);
$q = ok($_REQUEST['qid']);
$answer = ok($_REQUEST['answer']);
$existing = does_exist( "select * from `conf_answers` where `user`='$u' and `session`='$ses_id' and `question`='$q';",0,$c2 );
if ($existing) {
$qupdate = "UPDATE conf_answers SET answer='$answer' WHERE session=$ses_id AND user=$u AND question=$q";
single_row_update($qupdate,0, $c2);
$logaction = log_it("updated answer for session: $ses_id");
} else {
$qupdate = "INSERT INTO conf_answers SET user='$u', question='$q', session='$ses_id', answer='$answer'";
single_row_insert($qupdate,0,$c2);
$logaction = log_it("Saved answer for session: $ses_id");
}
echo json_encode( array("result"=>"success", "logaction"=>$logaction, "action"=>"save survey answer","query"=>$qupdate,"err"=>mysqli_error($c2)));
exit(); }
if (isset($_REQUEST['a']) && $_REQUEST['a']=='update/answers') { set_answers(); }
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
function set_cert() {
#echo "saving";
global $USER, $c2;
$ses_id = ok($_REQUEST['ses_id']);
$cert = ok($_REQUEST['cert']);
$date = "'" . date('Y-m-d H:i:s') . "'";
if ($cert=="null") { $date = "NULL"; }
$qupdate = "UPDATE conf_signups SET `certified_at`=$date where `user`='$USER' and `session`='$ses_id'";
single_row_update($qupdate, 0, $c2);
$logaction = log_it("updated certified state for session: $ses_id");
echo json_encode( array("result"=>"success", "logaction"=>$logaction, "action"=>"save cert","query"=>$qupdate,"err"=>mysqli_error($c2)));
//print_r($_POST);
exit(); }
if (isset($_REQUEST['a']) && $_REQUEST['a']=='set/cert') { set_cert(); }
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
//
// SIGNUP for (possibly overlapping time) session ... /// id_c_users
//
function signup() {
global $c2, $AY, $USER;
preg_match('/signup\/(\d+)$/', $_GET['a'], $matches);
$ses = $matches[1];
$ts = date("Y-m-d H:i:s");
$logaction = log_it("Signed up for session: " . $ses);
$sesh = "";
if (isset($_SESSION)) { $sesh = $_SESSION; }
$existing = does_exist(
"SELECT i.id FROM conf_signups AS i JOIN conf_sessions AS s ON i.session=s.id WHERE s.id={$ses} AND i.user=" . $USER->conf_id,0,$c2);
if ($existing) {
$qupdate = "UPDATE conf_signups SET session={$ses}, timestamp='{$ts}' WHERE session={$ses} AND user=" . $USER->conf_id;
single_row_select($qupdate,1,$c2);
echo json_encode( array("result"=>"success","action"=>"updated","logaction"=>$logaction, "query"=>$qupdate,"err"=>mysqli_error($c2)));
} else {
$q = "INSERT INTO conf_signups (session,user,timestamp) VALUES ({$ses}," . $USER->conf_id . ",'{$ts}')";
single_row_insert($q,1,$c2);
echo json_encode( array( /* "userglobal"=>$USER, */ "result"=>"success","action"=>"inserted", /* "logaction"=>$logaction, */
"ses"=>$sesh,"query"=>$q,"err"=>mysqli_error($c2)));
} exit(); }
if (isset($_GET['a']) && preg_match('/signup\/(\d+)$/', $_GET['a'], $matches)) { signup(); }
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
//
// CANCEL a signup
//
function signdown() {
global $c2, $AY, $USER;
preg_match('/signdown\/(\d+)$/', $_GET['a'], $matches);
$ses = $matches[1];
$q = "DELETE FROM conf_signups WHERE session={$ses} AND user=" . $USER->conf_id;
single_row_update($q,1,$c2);
$logaction = log_it("Canceled signup for session: $ses");
echo json_encode( array("result"=>"success","action"=>"deleted","logaction"=>$logaction, "query"=>$q,"err"=>mysqli_error($c2)));
exit(); }
if (isset($_GET['a']) && preg_match('/signdown\/(\d+)$/', $_GET['a'], $matches)) { signdown(); }
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
//
// add a HOST for a session ...
//
function addhost($sesid,$hostid) {
global $c2;
$sesid = ok($sesid); $hostid = ok($hostid);
$existing = does_exist("SELECT h.host, h.session FROM conf_hosts AS h WHERE h.host={$hostid} AND h.session={$sesid}",0,$c2);
if ($existing) { return array("result"=>"success","action"=>"already a host"); }
else {
$qupdate = "INSERT INTO conf_hosts SET session='{$sesid}', host='{$hostid}';";
$new_id = single_row_insert($qupdate,0,$c2);
$e = mysqli_error($c2);
if ($new_id) { $success = " with new id {$new_id}"; }
else { $success = " -- error: {$e}"; }
$logaction = log_it("Added host {$hostid} to session: {$sesid}");
return array("result"=>"success".$success,"action"=>"added host","query"=>$qupdate,"err"=>$e); } }
if (isset($_GET['a']) && preg_match('/add\/host\/(\d+)\/(\d+)$/', $_GET['a'], $matches)) {
echo json_encode(addhost($matches[1], $matches[2])); exit(); }
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
//
// REMOVE a HOST for a session ...
//
function removehost($sesid,$hostid) {
global $c2;
$sesid = ok($sesid); $hostid = ok($hostid);
$qupdate = "DELETE FROM conf_hosts WHERE session='{$sesid}' AND host='{$hostid}';";
$new_id = single_row_update($qupdate,0,$c2);
$e = mysqli_error($c2);
$logaction = log_it("Removed host {$hostid} to session: {$sesid}");
return array("result"=>"success","action"=>"removed host","query"=>$qupdate,"err"=>$e); }
if (isset($_GET['a']) && preg_match('/remove\/host\/(\d+)\/(\d+)$/', $_GET['a'], $matches)) {
echo json_encode(removehost($matches[1], $matches[2])); exit(); }
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
//
// NEW SESSION
//
function new_session() {
global $c2, $AY, $USER;
$title = ok($_POST['title']); $starttime = ok($_POST['starttime']);
$length = ok($_POST['length']); if ($length=='') { $length=1; }
$track = ok($_POST['track']); $gets_survey = ok($_POST['gets_survey']);
$is_flex_approved = ok($_POST['is_flex_approved']); $category = ok($_POST['title']);
if ($category=='') { $category=0; }
$author = ok($_POST['author']); if ($author=='') { $author=1; } // $USER->id_c_users; }
$is_custom = ok($_POST['is_custom']); $parent = ok($_POST['parent']);
$desc = okh($_POST['desc']); $location = okh($_POST['location']);
$recording = okh($_POST['recording']); $instructions = okh($_POST['instructions']);
$type = ok($_POST['type']); if ($type=='') { $type=19; }
$cal_uid = ok($_POST['cal_uid']); $mode = okh($_POST['mode']);
$location_irl = okh($_POST['location_irl']);
$q = "INSERT INTO conf_sessions (`title`,`starttime`,`length`,`track`,`gets_survey`,`is_flex_approved`,`category`,`author`,`is_custom`,`parent`,`desc`,`location`,`mode`,`recording`,`instructions`,`type`,`cal_uid`) VALUES ('{$title}', '{$starttime}', '{$length}', '{$track}', '{$gets_survey}', '{$is_flex_approved}', '{$category}', '{$author}', '{$is_custom}', '{$parent}', '{$desc}', '{$location}', '{$location_irl}', '{$mode}', '{$recording}', '{$instructions}', '{$type}', '{$cal_uid}');";
$ins = single_row_insert($q,0,$c2);
$logaction = log_it("created new session id: {$ins}: {$title}");
echo json_encode( array( /*"all_args"=>$_POST,*/ "result"=>"success","action"=>"inserted new session","new_id"=>$ins, "query"=>$q,"logaction"=>$logaction,"err"=>mysqli_error($c2)));
exit(); }
if (isset($_REQUEST['a']) && $_REQUEST['a']=='set/newsession') { new_session(); }
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
//
// Editing of session info
//
function reducer ($memo, $a) { return $memo . "`" . ok($a[0]) . "` = '" . okh($a[1]) . "', "; }
function set_sessioninfo() {
global $c, $c2, $AY, $USER, $_;
$table = 'conf_sessions';
$DO_CHECKING = 0;
if (isset($_POST['id'])) {
$ID = ok($_REQUEST['id']);
if ($DO_CHECKING) {
// (! check_permission( $USER->conf_id, $ID, $table)) {
echo json_encode( array("result"=>"fail", "err"=>"dont have permission to edit this") );
exit();
} else {
$logaction = log_it("edited session id: {$ID}");
$WHERECLAUSE = " WHERE id={$ID}";
$date = date('Y-m-d H:i:s');
$cols = explode(',', $_REQUEST['cols']); $vals = explode(',', $_REQUEST['vals']);
$vals = array_map('unescape_commas', $vals);
$cv = array_map(null,$cols,$vals);
$q = array_reduce($cv, 'reducer', "UPDATE `{$table}` SET ");
$q = substr($q, 0, -2);
$q .= $WHERECLAUSE;
single_row_update($q,0,$c2);
echo json_encode( array("rawvalstr"=>$_REQUEST['vals'], "result"=>"success","action"=>"updated", "query"=>$q,"err"=>mysqli_error($c2)));
}
} else {
echo json_encode( array("result"=>"fail", "err"=>"no activity id specified") ); }
exit(); }
//if (isset($_POST['a']) && $_POST['a']=='update/activity') { set_sessioninfo(); }
if (isset($_REQUEST['a']) && $_REQUEST['a']=='update/activity') { set_sessioninfo(); }
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
//
// App SETTINGS
//
//
// GET
function get_settings() { global $AY, $c2;
return multi_row_select( "SELECT * FROM conf_uinforecord;",0,$c2); }
if (isset($_GET['a']) && $_GET['a'] == 'get/settings') { echo json_encode(get_settings()); exit(); }
function set_settings() {
global $c, $c2, $AY, $USER, $_;
$table = 'conf_uinforecord';
$DO_CHECKING = 0;
if (isset($_POST['id'])) {
$ID = ok($_REQUEST['id']);
if ($DO_CHECKING) {
// (! check_permission( $USER->conf_id, $ID, $table)) {
echo json_encode( array("result"=>"fail", "err"=>"dont have permission to edit this") );
exit();
} else {
$logaction = log_it("edited session id: {$ID}");
$WHERECLAUSE = " WHERE id={$ID}";
$date = date('Y-m-d H:i:s');
$cols = explode(',', $_REQUEST['cols']); $vals = explode(',', $_REQUEST['vals']);
$vals = array_map('unescape_commas', $vals);
$cv = array_map(null,$cols,$vals);
$q = array_reduce($cv, 'reducer', "UPDATE `{$table}` SET ");
$q = substr($q, 0, -2);
$q .= $WHERECLAUSE;
single_row_update($q,0,$c2);
echo json_encode( array("rawvalstr"=>$_REQUEST['vals'], "result"=>"success","action"=>"updated", "query"=>$q,"err"=>mysqli_error($c2)));
}
} else {
echo json_encode( array("result"=>"fail", "err"=>"no activity id specified") ); }
exit(); }
//if (isset($_POST['a']) && $_POST['a']=='update/activity') { set_sessioninfo(); }
if (isset($_REQUEST['a']) && $_REQUEST['a']=='update/activity') { set_sessioninfo(); }
// _ __ __ ______ ___________ _____ _____ _____ _____________ __
// | | / _|/ _| | _ \_ _| ___ \ ___/ __ \_ _| _ | ___ \ \ / /
// ___| |_ __ _| |_| |_ | | | | | | | |_/ / |__ | / \/ | | | | | | |_/ /\ V /
// / __| __/ _` | _| _| | | | | | | | /| __|| | | | | | | | / \ /
// \__ \ || (_| | | | | | |/ / _| |_| |\ \| |___| \__/\ | | \ \_/ / |\ \ | |
// |___/\__\__,_|_| |_| |___/ \___/\_| \_\____/ \____/ \_/ \___/\_| \_| \_/
//
//
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
//
// Everyone. Basic dir. Include status==0 which is unpublished.
function staff_dir() { global $c;
return multi_row_select('SELECT first_name,last_name,department,status, room,phone_number,email,web_on,id FROM personnel',1, $c); }
// Everyone. Basic dir
function staff_dir_ext() { global $c;
return multi_row_select('SELECT p.first_name,p.last_name,p.department,p.status, p.room,phone_number,LOWER(p.email) AS email,p.web_on, p.id, e.id AS ext_id, e.role, e.goo_short, e.c_users AS c_users_id_ext, e.ilearn_id, e.sched_alias, e.dept1, e.dept2, e.gtitle, e.active, e.use_dir_photo, e.general_photo_release, e.dir_photo_path, e.etc, c.id AS conf_id, c.goo AS conf_goo, c.name AS conf_name FROM gavi_db.personnel p LEFT JOIN PeterDB.gavi_personnel_ext e ON p.id=e.personnel LEFT JOIN PeterDB.conf_users c ON LOWER(p.email)=LOWER(c.email) ORDER BY p.last_name LIMIT 5000',1, $c); }
if (isset($_REQUEST['a']) && $_REQUEST['a']=='list') {
echo staff_dir_ext(); exit(); }
// Everyone. Directory info with DEPTS and TITLES added
function staff_dir_full_ext() { global $c;
return multi_row_select('SELECT p.first_name,p.last_name,p.department,p.status, p.room,phone_number,LOWER(p.email) AS email,p.web_on, p.id, e.id AS ext_id, e.role, e.goo_short, e.c_users AS c_users_id_ext, e.ilearn_id, e.sched_alias, e.dept1, e.dept2, e.gtitle, e.active, e.use_dir_photo, e.general_photo_release, e.dir_photo_path, e.etc, e.espanol, e.zoom, e.preferred_contact, c.id AS conf_id, c.goo AS conf_goo, c.name AS conf_name, d.name AS dept1name, t.name AS titlename, d.parent AS deptparent FROM gavi_db.personnel p LEFT JOIN PeterDB.gavi_personnel_ext e ON p.id=e.personnel LEFT JOIN PeterDB.conf_users c ON LOWER(p.email)=LOWER(c.email) LEFT JOIN PeterDB.gavi_departments d ON e.dept1=d.id LEFT JOIN PeterDB.gavi_titles t ON e.gtitle=t.id ORDER BY p.last_name LIMIT 5000',1, $c); }
if (isset($_REQUEST['a']) && $_REQUEST['a']=='list2') { echo staff_dir_full_ext(); exit(); }
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
//
// update a name, lname, dept, phone, extension, email, type, room, status, user_id, or web_on
/*function update_dir() {
global $USER, $c, $c2, $_;
$WHERECLAUSE = " WHERE id={$USER->id}";
if (isset($_POST['id'])) { // editing another person's data
if (! check_permission( $USER->id, $_POST['id'], 'personnel')) {
echo json_encode( array("result"=>"fail", "err"=>"dont have permission to edit this") );
exit();
} else {
$logaction = log_it("updating personnel record of personnel id {$_POST['id']}");
$WHERECLAUSE = " WHERE id={$_POST['id']}";
}
} else {
$logaction = log_it("updating personnel record");
}
// date modified is now
$date = date('Y-m-d H:i:s');
$cols = explode(',', $_REQUEST['cols']); $vals = explode(',', $_REQUEST['vals']);
$vals = $_->map($vals, 'unescape_commas');
$cv = $_->zip($cols,$vals);
$q = $_->reduce($cv, function($memo, $a) { return $memo . ok($a[0]) . "='" . ok($a[1]) . "', "; }, "UPDATE personnel SET ");
//$q = substr($q, 0, -2);
$q .= "time_updated='" . $date . "'";
$q .= $WHERECLAUSE;
if ($USER->id) {
single_row_update($q,0,$c);
echo json_encode( array("rawvalstr"=>$_REQUEST['vals'], "result"=>"success","action"=>"updated","logaction"=>$logaction, "query"=>$q,"err"=>mysqli_error($c)));
}
else {
$logaction2 = log_it("failed to update personnel record");
echo json_encode( array("result"=>"fail", "err"=>"dont have an id for user") );
}
exit();
}
//if (isset($_POST['a']) && $_POST['a']=='update') { update_dir(); }
if (isset($_REQUEST['a']) && $_REQUEST['a']=='update') { update_dir(); }
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
//
// update goo, dept1/dept2, title, active, use_dir_photo
function update_dir_ext() {
global $USER, $c, $c2, $_;
$WHERECLAUSE = " WHERE id={$USER->ext_id}";
#print_r($_REQUEST);
if (isset($_REQUEST['id'])) { // editing another person's data
if (! check_permission( $USER->id, $_REQUEST['id'], 'personnel_ext')) {
echo json_encode( array("result"=>"fail", "err"=>"dont have permission to edit this") );
exit();
} else {
$logaction = log_it("updating personnel_ext record of personnel id {$_REQUEST['id']}");
$WHERECLAUSE = " WHERE id={$_REQUEST['id']}";
}
} else {
$logaction = log_it("updating personnel_ext record");
}
// date modified is now
$date = date('Y-m-d H:i:s');
$cols = explode(',', $_REQUEST['cols']); $vals = explode(',', $_REQUEST['vals']);
$vals = $_->map($vals, 'unescape_commas');
$cv = $_->zip($cols,$vals);
$q = $_->reduce($cv, function($memo, $a) { return $memo . ok($a[0]) . "='" . ok($a[1]) . "', "; }, "UPDATE gavi_personnel_ext SET ");
$q = substr($q, 0, -2);
$q .= $WHERECLAUSE;
single_row_update($q,0,$c2);
echo json_encode( array("result"=>"success","action"=>"updated","logaction"=>$logaction, "query"=>$q,"err"=>mysqli_error($c2)));
exit();
}
//if (isset($_POST['a']) && $_POST['a']=='update_xt') { update_dir_ext(); }
if (isset($_REQUEST['a']) && $_REQUEST['a']=='update_xt') { update_dir_ext(); }
*/
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
// // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // // //
//
// update person, officehours, title, picture, education, bio, courses, personal_page, changed
/*function update_webpage() {
global $USER_PERS_ID, $USER, $c, $c2, $_;
$WHERECLAUSE = " WHERE person={$USER->id}";
if (isset($_POST['id'])) { // editing another person's data
if (! check_permission( $USER->id, $_POST['id'], 'personnel')) {
echo json_encode( array("result"=>"fail", "err"=>"dont have permission to edit this") );
exit();
} else {
$logaction = log_it("updating bio webpage record of personnel id {$_POST['id']}");
$WHERECLAUSE = " WHERE person={$_POST['id']}";
}
} else {
$logaction = log_it("updating bio webpage record");
}
$date = date('Y-m-d H:i:s');
$cols = explode(',', $_REQUEST['cols']); $vals = explode(',', $_REQUEST['vals']);
$vals = $_->map($vals, 'unescape_commas');
$cv = $_->zip($cols,$vals);
$q = $_->reduce($cv, function($memo, $a) { return $memo . ok($a[0]) . "='" . okh($a[1]) . "', "; }, "UPDATE webpages SET ");
$q .= "changed='" . $date . "'";
$q .= $WHERECLAUSE;
if ($USER->id) {
single_row_update($q,0,$c);
echo json_encode( array("rawvalstr"=>$_REQUEST['vals'], "result"=>"success","action"=>"updated","logaction"=>$logaction, "query"=>$q,"err"=>mysqli_error($c)));
}
else {
$logaction2 = log_it("failed to update bio webpage record");
echo json_encode( array("result"=>"fail", "err"=>"dont have an id for user") );
}
exit();
}
//if (isset($_POST['a']) && $_POST['a']=='update_web') { update_webpage(); }
if (isset($_REQUEST['a']) && $_REQUEST['a']=='update_web') { update_webpage(); }
*/
// _ _ __ __
// | | | | / _|/ _|
// _ __ __ _ _ __ __| | ___ _ __ ___ ___| |_ _ _| |_| |_
// | '__/ _` | '_ \ / _` |/ _ \| '_ ` _ \ / __| __| | | | _| _|
// | | | (_| | | | | (_| | (_) | | | | | | \__ \ |_| |_| | | | |
// |_| \__,_|_| |_|\__,_|\___/|_| |_| |_| |___/\__|\__,_|_| |_|
//
//
//
//
//
// Next couple functions are for importing, merging, or just dealing w/ historical data
//
// and/or transition tasks......
//
//
function handle_pic_upload() { global $USER;
$uploaddir = '/gavilan.edu/staff/uploads/';
$date = date('Ymd_Hi');
$uploadfile = $uploaddir . name_to_lc($USER->first_name,$USER->last_name) . "_" . $date . "_" . basename($_FILES['file']['name']);
echo '<pre>';
if (move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)) {
echo "File is valid, and was successfully uploaded.\n";
} else {
echo "Possible file upload attack!\n";
}
echo 'Here is some more debugging info:';
print_r($_FILES);
print "</pre>";
}
//if (isset($_REQUEST['file'])) { handle_pic_upload(); }
if (isset($_FILES['file'])) { handle_pic_upload(); }
function get_a_user_by_pid($user_pid) { global $c, $c2, $_;
$q1 = "SELECT last_name, first_name, department, extension, phone_number, email, room, user_id, time_updated, id, web_on FROM personnel WHERE id='{$user_pid}'";
$usr_dir = single_row_select($q1, 0, $c);
$q2 = "SELECT id AS id_c_users, goo, email AS email_c_users, name, active FROM conf_users WHERE email='{$usr_dir['email']}'";
$usr_conf = single_row_select($q2, 0, $c2);
$mega = $_->extend( (object) $usr_dir, (object) $usr_conf );
$q3 = "SELECT id AS ext_id, personnel AS personnel_id, goo_short, c_users AS c_users_id_ext, ilearn_id, sched_alias, dept1, dept2, gtitle, active, use_dir_photo, etc FROM gavi_personnel_ext WHERE personnel='{$mega->id}'";
$usr_ext = single_row_select($q3,0,$c2);
$mega = $_->extend( (object) $mega, (object) $usr_ext );
$q4 = 'SELECT person, officehours, title, picture, education, bio, courses, personal_page, changed FROM webpages WHERE person=' . $mega->id; // personnel=1');
$usr_web = single_row_select($q4,0,$c);
$mega = $_->extend( (object) $mega, (object) $usr_web );
// ?????
/* if (!isset($mega->use_dir_photo)) {
$mega->pic_exists = check_dir_photo($mega->first_name, $mega->last_name);
if ($mega->pic_exists) {
$filename = "images_sm/" . name_to_file( $mega->first_name, $mega->last_name );
$mega->bbqueryfix = "UPDATE gavi_personnel_ext SET use_dir_photo=1, dir_photo_path='{$filename}' WHERE id='{$mega->ext_id}'";
} else {
$mega->bbqueryfix = "UPDATE gavi_personnel_ext SET use_dir_photo=0 WHERE id='{$mega->ext_id}'";
}
}
if (! isset($mega->ext_id)) {
$mega->aaqueryfix = "INSERT INTO gavi_personnel_ext (personnel) VALUES('{$mega->id}')"; }
elseif ($mega->id && ! $mega->personnel_id) {
$mega->aaqueryfix = "UPDATE gavi_personnel_ext SET personnel='{$mega->id}' WHERE id='{$mega->ext_id}'"; }
*/
echo json_encode( $mega );
exit();
}
if (isset($_REQUEST['a']) && preg_match('/^get\/user\/(\d+)$/', $_REQUEST['a'], $matches)) { get_a_user_by_pid( $matches[1] ); }
function get_a_user($user_email) { global $c, $c2, $_;
$q1 = "SELECT last_name, first_name, department, extension, phone_number, email, room, user_id, time_updated, id, web_on FROM personnel WHERE email='" . $user_email . "'";
//p2($q1);
$usr_dir = single_row_select($q1, 0, $c);
//p2($usr_dir);
$q2 = "SELECT id AS id_c_users, goo, email AS email_c_users, name, active FROM conf_users WHERE email='" . $user_email . "'";
//p2($q2);
$usr_conf = single_row_select($q2, 0, $c2);
//p2($usr_conf);
$mega = $_->extend( (object) $usr_dir, (object) $usr_conf );
$q3 = 'SELECT id AS ext_id, personnel AS personnel_id, goo_short, c_users AS c_users_id_ext, ilearn_id, sched_alias, dept1, dept2, gtitle, active, use_dir_photo, etc FROM gavi_personnel_ext WHERE personnel=' . $mega->id;
//p2($q3);
$usr_ext = single_row_select($q3,0,$c2);
//p2($usr_ext);
$mega = $_->extend( (object) $mega, (object) $usr_ext );
$q4 = 'SELECT person, officehours, title, picture, education, bio, courses, personal_page, changed FROM webpages WHERE person=' . $mega->id; // personnel=1');
//p2($q3);
$usr_web = single_row_select($q4,0,$c);
//p2($usr_ext);
$mega = $_->extend( (object) $mega, (object) $usr_web );
/*
if (!isset($mega->use_dir_photo)) {
$mega->pic_exists = check_dir_photo($mega->first_name, $mega->last_name);
if ($mega->pic_exists) {
$filename = "images_sm/" . name_to_file( $mega->first_name, $mega->last_name );
$mega->bbqueryfix = "UPDATE gavi_personnel_ext SET use_dir_photo=1, dir_photo_path='{$filename}' WHERE id='{$mega->ext_id}'";
} else {
$mega->bbqueryfix = "UPDATE gavi_personnel_ext SET use_dir_photo=0 WHERE id='{$mega->ext_id}'";
}
}*/
if (! isset($mega->ext_id)) {
$mega->aaqueryfix = "INSERT INTO gavi_personnel_ext (personnel) VALUES('{$mega->id}')"; }
elseif ($mega->id && ! $mega->personnel_id) {
$mega->aaqueryfix = "UPDATE gavi_personnel_ext SET personnel='{$mega->id}' WHERE id='{$mega->ext_id}'"; }
return $mega; }
function insert_c2($q) {
global $c2;
$result = single_row_insert($q,0,$c2);
return $result; }
function merge_tables() { global $c, $_;
$all_personnel = multi_row_select('SELECT first_name,last_name,department,room,phone_number,email,web_on,id FROM personnel WHERE status IS null OR status=1',0, $c);
$emails = $_->pluck($all_personnel, 'email');
echo json_encode($emails);
//exit();
$emails = array_slice($emails, 0, 10);
$full = $_->map( $emails, "get_a_user" );
echo json_encode($full);
//$results = $_->map( $_->pluck($full,'aaqueryfix'), insert_c2);
//$results = $_->pluck($full,'bbqueryfix');
//$results = $_->map( $results, insert_c2);
//echo json_encode( $full );
exit(); }
if (isset($_REQUEST['merge'])) { merge_tables(); }
function fetch_personnel_dir() { global $c;
$all_personnel = multi_row_select('SELECT * FROM personnel',0, $c);
echo json_encode($all_personnel);
exit(); }
if (isset($_REQUEST['personnel'])) { fetch_personnel_dir(); }
function fetch_conf_users() { global $c2;
$all_personnel = multi_row_select('SELECT * FROM conf_users',0, $c2);
echo json_encode($all_personnel);
exit(); }
if (isset($_REQUEST['users'])) { fetch_conf_users(); }
function fetch_personnel_ext() { global $c2;
$all_personnel = multi_row_select('SELECT * FROM gavi_personnel_ext',0, $c2);
echo json_encode($all_personnel);
exit(); }
if (isset($_REQUEST['personnelext'])) { fetch_personnel_ext(); }
/*
in ilearn but not personnel dir or others
in personnel but not others
*/
//
//
// NAVIGATION
function navigation($user) {
?>
<a href="/">
<img border="0" class="headerimg" src="graf/bird_logo.png" alt="Gavilan College Intranet" />
</a>
<ul>
<li><b><a href="index.php">My Itinerary</a></b></li>
<li><a href="act.php?s=sp23">All Sessions</a></li>
<!--<li><a href="act.php">All Training / Events</a></li>
<li style="list-style:none;">&nbsp;</li>
<li><a href="itn.php">My Events</a></li>
<li><a href="cal.php">Calendar View</a></li>
<li><a href="ed_act.php">Edit Activity</a></li> -->
<li style="list-style:none;">&nbsp;</li>
<!--<li><a href="dir.php">Edit Staff Directory</a></li>
<li><a href="bio.php">Edit Bio Page</a></li>
<li><a href="welcome.php">Edit Course Welcome Pages</a></li> -->
<li style="list-style:none;">&nbsp;</li>
</ul>
<?php
}
function test_sso() { global $c2;
$goo = "102586"; //"123456";
$q0 = "SELECT email FROM conf_users WHERE goo='{$goo}'";
$temp_usr = single_row_select($q0,0,$c2);
echo '<pre>';
var_dump($temp_usr);
echo '</pre>';
exit(); }
if (isset($_REQUEST['test'])) { test_sso(); }
// __ ____ ____ __ _ ____
// ____/ /__ / __/___ ___ __/ / /_ ________ / /___ ___________ __ __________ _____ (_)___ / __/___
// / __ / _ \/ /_/ __ `/ / / / / __/ ______ / ___/ _ \/ __/ / / / ___/ __ \ / / / / ___/ _ \/ ___/ / / __ \/ /_/ __ \
// / /_/ / __/ __/ /_/ / /_/ / / /_ /_____/ / / / __/ /_/ /_/ / / / / / / / /_/ (__ ) __/ / / / / / / __/ /_/ /
// \__,_/\___/_/ \__,_/\__,_/_/\__/ /_/ \___/\__/\__,_/_/ /_/ /_/ \__,_/____/\___/_/ /_/_/ /_/_/ \____/
//
//
// ........finally, if no parameters were matched.......
//
// DO NOTHING IF FILE WAS INCLUDED from another php page.
//
// OTHERWISE, RETURN BASIC USER INFO
//
//
if (basename(__FILE__) == basename($_SERVER["SCRIPT_FILENAME"])) {
// Called directly as api or in browser
//
if ($USER_GOO) {
// Default case is current user data to be embedded in editor page. Log the access
//$USER->logresult = log_it("accessed dir app (in intranet folder)");
//$USER->pics = user_pic_look( $USER->first_name, $USER->last_name, $USER->conf_goo );
//$USER->options = $OPTIONS;
echo json_encode($USER); exit();
} else {
echo json_encode( array("result"=>"fail", "err"=>"not logged in") ); exit(); } }
//
// ELSE it was "included"... do nothing.
//
// draw big text
// https://patorjk.com/software/taag/#p=display&c=c%2B%2B&f=Doom&t=sup
//
// __ __ _______ ______ __ __ __
// / /_/ /_ ___ / ____/ | / / __ \ / /_/ /_ ____ _____ / /__ __ ______ __ __
// / __/ __ \/ _ \ / __/ / |/ / / / / / __/ __ \/ __ `/ __ \/ //_/ / / / / __ \/ / / /
// / /_/ / / / __/ / /___/ /| / /_/ / / /_/ / / / /_/ / / / / ,< / /_/ / /_/ / /_/ /
// \__/_/ /_/\___/ /_____/_/ |_/_____/ \__/_/ /_/\__,_/_/ /_/_/|_| \__, /\____/\__,_/
// /____/
// peter h 2021
?>
Reference in New Issue View Git Blame Copy Permalink