Hệ thống xếp lịch học tín chỉ cho sinh viên CNTT trên PHP & MySQL
111.101 lượt xem;
- notices_dml.php
- project /
1 <?php
2
3 // Data functions (insert, update, delete, form) for table notices
4
5 // This script and data application were generated by AppGini 5.72
6 // Download AppGini for free from https://bigprof.com/appgini/download/
7
8 function notices_insert(){
9 global $Translation;
10
11 // mm: can member insert record?
12 $arrPerm=getTablePermissions('notices');
13 if(!$arrPerm[1]){
14 return false;
15 }
16
17 $data['notice'] = br2nl(makeSafe($_REQUEST['notice']));
18 $data['school'] = makeSafe($_REQUEST['school']);
19 if($data['school'] == empty_lookup_value){ $data['school'] = ''; }
20 $data['department'] = makeSafe($_REQUEST['department']);
21 if($data['department'] == empty_lookup_value){ $data['department'] = ''; }
22 $data['year_of_study'] = makeSafe($_REQUEST['year_of_study']);
23 if($data['year_of_study'] == empty_lookup_value){ $data['year_of_study'] = ''; }
24 $data['date'] = parseCode('<%%creationDate%%>', true, true);
25 if($data['notice']== ''){
26 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">" . $Translation['error:'] . " 'Notice': " . $Translation['field not null'] . '<br><br>';
27 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
28 exit;
29 }
30 if($data['school']== ''){
31 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">" . $Translation['error:'] . " 'School': " . $Translation['field not null'] . '<br><br>';
32 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
33 exit;
34 }
35 if($data['department']== ''){
36 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">" . $Translation['error:'] . " 'Department': " . $Translation['field not null'] . '<br><br>';
37 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
38 exit;
39 }
40 if($data['year_of_study']== ''){
41 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">" . $Translation['error:'] . " 'Year of study': " . $Translation['field not null'] . '<br><br>';
42 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
43 exit;
44 }
45
46 // hook: notices_before_insert
47 if(function_exists('notices_before_insert')){
48 $args=array();
49 if(!notices_before_insert($data, getMemberInfo(), $args)){ return false; }
50 }
51
52 $o = array('silentErrors' => true);
53 sql('insert into `notices` set `notice`=' . (($data['notice'] !== '' && $data['notice'] !== NULL) ? "'{$data['notice']}'" : 'NULL') . ', `school`=' . (($data['school'] !== '' && $data['school'] !== NULL) ? "'{$data['school']}'" : 'NULL') . ', `department`=' . (($data['department'] !== '' && $data['department'] !== NULL) ? "'{$data['department']}'" : 'NULL') . ', `year_of_study`=' . (($data['year_of_study'] !== '' && $data['year_of_study'] !== NULL) ? "'{$data['year_of_study']}'" : 'NULL') . ', `date`=' . "'{$data['date']}'", $o);
54 if($o['error']!=''){
55 echo $o['error'];
56 echo "<a href=\"notices_view.php?addNew_x=1\">{$Translation['< back']}</a>";
57 exit;
58 }
59
60 $recID = db_insert_id(db_link());
61
62 // hook: notices_after_insert
63 if(function_exists('notices_after_insert')){
64 $res = sql("select * from `notices` where `id`='" . makeSafe($recID, false) . "' limit 1", $eo);
65 if($row = db_fetch_assoc($res)){
66 $data = array_map('makeSafe', $row);
67 }
68 $data['selectedID'] = makeSafe($recID, false);
69 $args=array();
70 if(!notices_after_insert($data, getMemberInfo(), $args)){ return $recID; }
71 }
72
73 // mm: save ownership data
74 set_record_owner('notices', $recID, getLoggedMemberID());
75
76 return $recID;
77 }
78
79 function notices_delete($selected_id, $AllowDeleteOfParents=false, $skipChecks=false){
80 // insure referential integrity ...
81 global $Translation;
82 $selected_id=makeSafe($selected_id);
83
84 // mm: can member delete record?
85 $arrPerm=getTablePermissions('notices');
86 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='notices' and pkValue='$selected_id'");
87 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='notices' and pkValue='$selected_id'");
88 if(($arrPerm[4]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[4]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[4]==3){ // allow delete?
89 // delete allowed, so continue ...
90 }else{
91 return $Translation['You don\'t have enough permissions to delete this record'];
92 }
93
94 // hook: notices_before_delete
95 if(function_exists('notices_before_delete')){
96 $args=array();
97 if(!notices_before_delete($selected_id, $skipChecks, getMemberInfo(), $args))
98 return $Translation['Couldn\'t delete this record'];
99 }
100
101 sql("delete from `notices` where `id`='$selected_id'", $eo);
102
103 // hook: notices_after_delete
104 if(function_exists('notices_after_delete')){
105 $args=array();
106 notices_after_delete($selected_id, getMemberInfo(), $args);
107 }
108
109 // mm: delete ownership data
110 sql("delete from membership_userrecords where tableName='notices' and pkValue='$selected_id'", $eo);
111 }
112
113 function notices_update($selected_id){
114 global $Translation;
115
116 // mm: can member edit record?
117 $arrPerm=getTablePermissions('notices');
118 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='notices' and pkValue='".makeSafe($selected_id)."'");
119 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='notices' and pkValue='".makeSafe($selected_id)."'");
120 if(($arrPerm[3]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[3]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[3]==3){ // allow update?
121 // update allowed, so continue ...
122 }else{
123 return false;
124 }
125
126 $data['notice'] = br2nl(makeSafe($_REQUEST['notice']));
127 if($data['notice']==''){
128 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Notice': {$Translation['field not null']}<br><br>";
129 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
130 exit;
131 }
132 $data['school'] = makeSafe($_REQUEST['school']);
133 if($data['school'] == empty_lookup_value){ $data['school'] = ''; }
134 if($data['school']==''){
135 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'School': {$Translation['field not null']}<br><br>";
136 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
137 exit;
138 }
139 $data['department'] = makeSafe($_REQUEST['department']);
140 if($data['department'] == empty_lookup_value){ $data['department'] = ''; }
141 if($data['department']==''){
142 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Department': {$Translation['field not null']}<br><br>";
143 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
144 exit;
145 }
146 $data['year_of_study'] = makeSafe($_REQUEST['year_of_study']);
147 if($data['year_of_study'] == empty_lookup_value){ $data['year_of_study'] = ''; }
148 if($data['year_of_study']==''){
149 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Year of study': {$Translation['field not null']}<br><br>";
150 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
151 exit;
152 }
153 $data['date'] = parseMySQLDate('', '<%%creationDate%%>');
154 $data['selectedID']=makeSafe($selected_id);
155
156 // hook: notices_before_update
157 if(function_exists('notices_before_update')){
158 $args=array();
159 if(!notices_before_update($data, getMemberInfo(), $args)){ return false; }
160 }
161
162 $o=array('silentErrors' => true);
163 sql('update `notices` set `notice`=' . (($data['notice'] !== '' && $data['notice'] !== NULL) ? "'{$data['notice']}'" : 'NULL') . ', `school`=' . (($data['school'] !== '' && $data['school'] !== NULL) ? "'{$data['school']}'" : 'NULL') . ', `department`=' . (($data['department'] !== '' && $data['department'] !== NULL) ? "'{$data['department']}'" : 'NULL') . ', `year_of_study`=' . (($data['year_of_study'] !== '' && $data['year_of_study'] !== NULL) ? "'{$data['year_of_study']}'" : 'NULL') . ', `date`=`date`' . " where `id`='".makeSafe($selected_id)."'", $o);
164 if($o['error']!=''){
165 echo $o['error'];
166 echo '<a href="notices_view.php?SelectedID='.urlencode($selected_id)."\">{$Translation['< back']}</a>";
167 exit;
168 }
169
170
171 // hook: notices_after_update
172 if(function_exists('notices_after_update')){
173 $res = sql("SELECT * FROM `notices` WHERE `id`='{$data['selectedID']}' LIMIT 1", $eo);
174 if($row = db_fetch_assoc($res)){
175 $data = array_map('makeSafe', $row);
176 }
177 $data['selectedID'] = $data['id'];
178 $args = array();
179 if(!notices_after_update($data, getMemberInfo(), $args)){ return; }
180 }
181
182 // mm: update ownership data
183 sql("update membership_userrecords set dateUpdated='".time()."' where tableName='notices' and pkValue='".makeSafe($selected_id)."'", $eo);
184
185 }
186
187 function notices_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0, $TemplateDV = '', $TemplateDVP = ''){
188 // function to return an editable form for a table records
189 // and fill it with data of record whose ID is $selected_id. If $selected_id
190 // is empty, an empty form is shown, with only an 'Add New'
191 // button displayed.
192
193 global $Translation;
194
195 // mm: get table permissions
196 $arrPerm=getTablePermissions('notices');
197 if(!$arrPerm[1] && $selected_id==''){ return ''; }
198 $AllowInsert = ($arrPerm[1] ? true : false);
199 // print preview?
200 $dvprint = false;
201 if($selected_id && $_REQUEST['dvprint_x'] != ''){
202 $dvprint = true;
203 }
204
205 $filterer_school = thisOr(undo_magic_quotes($_REQUEST['filterer_school']), '');
206 $filterer_department = thisOr(undo_magic_quotes($_REQUEST['filterer_department']), '');
207
208 // populate filterers, starting from children to grand-parents
209 if($filterer_department && !$filterer_school) $filterer_school = sqlValue("select school from departments where id='" . makeSafe($filterer_department) . "'");
210
211 // unique random identifier
212 $rnd1 = ($dvprint ? rand(1000000, 9999999) : '');
213 // combobox: school
214 $combo_school = new DataCombo;
215 // combobox: department, filterable by: school
216 $combo_department = new DataCombo;
217 // combobox: year_of_study
218 $combo_year_of_study = new Combo;
219 $combo_year_of_study->ListType = 0;
220 $combo_year_of_study->MultipleSeparator = ', ';
221 $combo_year_of_study->ListBoxHeight = 10;
222 $combo_year_of_study->RadiosPerLine = 1;
223 if(is_file(dirname(__FILE__).'/hooks/notices.year_of_study.csv')){
224 $year_of_study_data = addslashes(implode('', @file(dirname(__FILE__).'/hooks/notices.year_of_study.csv')));
225 $combo_year_of_study->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($year_of_study_data)));
226 $combo_year_of_study->ListData = $combo_year_of_study->ListItem;
227 }else{
228 $combo_year_of_study->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("1;;2;;3;;4;;5;;6")));
229 $combo_year_of_study->ListData = $combo_year_of_study->ListItem;
230 }
231 $combo_year_of_study->SelectName = 'year_of_study';
232 $combo_year_of_study->AllowNull = false;
233 // combobox: date
234 $combo_date = new DateCombo;
235 $combo_date->DateFormat = "mdy";
236 $combo_date->MinYear = 1900;
237 $combo_date->MaxYear = 2100;
238 $combo_date->DefaultDate = parseMySQLDate('<%%creationDate%%>', '<%%creationDate%%>');
239 $combo_date->MonthNames = $Translation['month names'];
240 $combo_date->NamePrefix = 'date';
241
242 if($selected_id){
243 // mm: check member permissions
244 if(!$arrPerm[2]){
245 return "";
246 }
247 // mm: who is the owner?
248 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='notices' and pkValue='".makeSafe($selected_id)."'");
249 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='notices' and pkValue='".makeSafe($selected_id)."'");
250 if($arrPerm[2]==1 && getLoggedMemberID()!=$ownerMemberID){
251 return "";
252 }
253 if($arrPerm[2]==2 && getLoggedGroupID()!=$ownerGroupID){
254 return "";
255 }
256
257 // can edit?
258 if(($arrPerm[3]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[3]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[3]==3){
259 $AllowUpdate=1;
260 }else{
261 $AllowUpdate=0;
262 }
263
264 $res = sql("select * from `notices` where `id`='".makeSafe($selected_id)."'", $eo);
265 if(!($row = db_fetch_array($res))){
266 return error_message($Translation['No records found'], 'notices_view.php', false);
267 }
268 $urow = $row; /* unsanitized data */
269 $hc = new CI_Input();
270 $row = $hc->xss_clean($row); /* sanitize data */
271 $combo_school->SelectedData = $row['school'];
272 $combo_department->SelectedData = $row['department'];
273 $combo_year_of_study->SelectedData = $row['year_of_study'];
274 $combo_date->DefaultDate = $row['date'];
275 }else{
276 $combo_school->SelectedData = $filterer_school;
277 $combo_department->SelectedData = $filterer_department;
278 $combo_year_of_study->SelectedText = ( $_REQUEST['FilterField'][1]=='5' && $_REQUEST['FilterOperator'][1]=='<=>' ? (get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1]) : "");
279 }
280 $combo_school->HTML = '<span id="school-container' . $rnd1 . '"></span><input type="hidden" name="school" id="school' . $rnd1 . '" value="' . html_attr($combo_school->SelectedData) . '">';
281 $combo_school->MatchText = '<span id="school-container-readonly' . $rnd1 . '"></span><input type="hidden" name="school" id="school' . $rnd1 . '" value="' . html_attr($combo_school->SelectedData) . '">';
282 $combo_department->HTML = '<span id="department-container' . $rnd1 . '"></span><input type="hidden" name="department" id="department' . $rnd1 . '" value="' . html_attr($combo_department->SelectedData) . '">';
283 $combo_department->MatchText = '<span id="department-container-readonly' . $rnd1 . '"></span><input type="hidden" name="department" id="department' . $rnd1 . '" value="' . html_attr($combo_department->SelectedData) . '">';
284 $combo_year_of_study->Render();
285
286 ob_start();
287 ?>
288
289 <script>
290 // initial lookup values
291 AppGini.current_school__RAND__ = { text: "", value: "<?php echo addslashes($selected_id ? $urow['school'] : $filterer_school); ?>"};
292 AppGini.current_department__RAND__ = { text: "", value: "<?php echo addslashes($selected_id ? $urow['department'] : $filterer_department); ?>"};
293
294 jQuery(function() {
295 setTimeout(function(){
296 if(typeof(school_reload__RAND__) == 'function') school_reload__RAND__();
297 <?php echo (!$AllowUpdate || $dvprint ? 'if(typeof(department_reload__RAND__) == \'function\') department_reload__RAND__(AppGini.current_school__RAND__.value);' : ''); ?>
298 }, 10); /* we need to slightly delay client-side execution of the above code to allow AppGini.ajaxCache to work */
299 });
300 function school_reload__RAND__(){
301 <?php if(($AllowUpdate || $AllowInsert) && !$dvprint){ ?>
302
303 $j("#school-container__RAND__").select2({
304 /* initial default value */
305 initSelection: function(e, c){
306 $j.ajax({
307 url: 'ajax_combo.php',
308 dataType: 'json',
309 data: { id: AppGini.current_school__RAND__.value, t: 'notices', f: 'school' },
310 success: function(resp){
311 c({
312 id: resp.results[0].id,
313 text: resp.results[0].text
314 });
315 $j('[name="school"]').val(resp.results[0].id);
316 $j('[id=school-container-readonly__RAND__]').html('<span id="school-match-text">' + resp.results[0].text + '</span>');
317 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=schools_view_parent]').hide(); }else{ $j('.btn[id=schools_view_parent]').show(); }
318
319 if(typeof(department_reload__RAND__) == 'function') department_reload__RAND__(AppGini.current_school__RAND__.value);
320
321 if(typeof(school_update_autofills__RAND__) == 'function') school_update_autofills__RAND__();
322 }
323 });
324 },
325 width: '100%',
326 formatNoMatches: function(term){ /* */ return '<?php echo addslashes($Translation['No matches found!']); ?>'; },
327 minimumResultsForSearch: 10,
328 loadMorePadding: 200,
329 ajax: {
330 url: 'ajax_combo.php',
331 dataType: 'json',
332 cache: true,
333 data: function(term, page){ /* */ return { s: term, p: page, t: 'notices', f: 'school' }; },
334 results: function(resp, page){ /* */ return resp; }
335 },
336 escapeMarkup: function(str){ /* */ return str; }
337 }).on('change', function(e){
338 AppGini.current_school__RAND__.value = e.added.id;
339 AppGini.current_school__RAND__.text = e.added.text;
340 $j('[name="school"]').val(e.added.id);
341 if(e.added.id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=schools_view_parent]').hide(); }else{ $j('.btn[id=schools_view_parent]').show(); }
342
343 if(typeof(department_reload__RAND__) == 'function') department_reload__RAND__(AppGini.current_school__RAND__.value);
344
345 if(typeof(school_update_autofills__RAND__) == 'function') school_update_autofills__RAND__();
346 });
347
348 if(!$j("#school-container__RAND__").length){
349 $j.ajax({
350 url: 'ajax_combo.php',
351 dataType: 'json',
352 data: { id: AppGini.current_school__RAND__.value, t: 'notices', f: 'school' },
353 success: function(resp){
354 $j('[name="school"]').val(resp.results[0].id);
355 $j('[id=school-container-readonly__RAND__]').html('<span id="school-match-text">' + resp.results[0].text + '</span>');
356 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=schools_view_parent]').hide(); }else{ $j('.btn[id=schools_view_parent]').show(); }
357
358 if(typeof(school_update_autofills__RAND__) == 'function') school_update_autofills__RAND__();
359 }
360 });
361 }
362
363 <?php }else{ ?>
364
365 $j.ajax({
366 url: 'ajax_combo.php',
367 dataType: 'json',
368 data: { id: AppGini.current_school__RAND__.value, t: 'notices', f: 'school' },
369 success: function(resp){
370 $j('[id=school-container__RAND__], [id=school-container-readonly__RAND__]').html('<span id="school-match-text">' + resp.results[0].text + '</span>');
371 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=schools_view_parent]').hide(); }else{ $j('.btn[id=schools_view_parent]').show(); }
372
373 if(typeof(school_update_autofills__RAND__) == 'function') school_update_autofills__RAND__();
374 }
375 });
376 <?php } ?>
377
378 }
379 function department_reload__RAND__(filterer_school){
380 <?php if(($AllowUpdate || $AllowInsert) && !$dvprint){ ?>
381
382 $j("#department-container__RAND__").select2({
383 /* initial default value */
384 initSelection: function(e, c){
385 $j.ajax({
386 url: 'ajax_combo.php',
387 dataType: 'json',
388 data: { filterer_school: filterer_school, id: AppGini.current_department__RAND__.value, t: 'notices', f: 'department' },
389 success: function(resp){
390 c({
391 id: resp.results[0].id,
392 text: resp.results[0].text
393 });
394 $j('[name="department"]').val(resp.results[0].id);
395 $j('[id=department-container-readonly__RAND__]').html('<span id="department-match-text">' + resp.results[0].text + '</span>');
396 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=departments_view_parent]').hide(); }else{ $j('.btn[id=departments_view_parent]').show(); }
397
398
399 if(typeof(department_update_autofills__RAND__) == 'function') department_update_autofills__RAND__();
400 }
401 });
402 },
403 width: '100%',
404 formatNoMatches: function(term){ /* */ return '<?php echo addslashes($Translation['No matches found!']); ?>'; },
405 minimumResultsForSearch: 10,
406 loadMorePadding: 200,
407 ajax: {
408 url: 'ajax_combo.php',
409 dataType: 'json',
410 cache: true,
411 data: function(term, page){ /* */ return { filterer_school: filterer_school, s: term, p: page, t: 'notices', f: 'department' }; },
412 results: function(resp, page){ /* */ return resp; }
413 },
414 escapeMarkup: function(str){ /* */ return str; }
415 }).on('change', function(e){
416 AppGini.current_department__RAND__.value = e.added.id;
417 AppGini.current_department__RAND__.text = e.added.text;
418 $j('[name="department"]').val(e.added.id);
419 if(e.added.id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=departments_view_parent]').hide(); }else{ $j('.btn[id=departments_view_parent]').show(); }
420
421
422 if(typeof(department_update_autofills__RAND__) == 'function') department_update_autofills__RAND__();
423 });
424
425 if(!$j("#department-container__RAND__").length){
426 $j.ajax({
427 url: 'ajax_combo.php',
428 dataType: 'json',
429 data: { id: AppGini.current_department__RAND__.value, t: 'notices', f: 'department' },
430 success: function(resp){
431 $j('[name="department"]').val(resp.results[0].id);
432 $j('[id=department-container-readonly__RAND__]').html('<span id="department-match-text">' + resp.results[0].text + '</span>');
433 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=departments_view_parent]').hide(); }else{ $j('.btn[id=departments_view_parent]').show(); }
434
435 if(typeof(department_update_autofills__RAND__) == 'function') department_update_autofills__RAND__();
436 }
437 });
438 }
439
440 <?php }else{ ?>
441
442 $j.ajax({
443 url: 'ajax_combo.php',
444 dataType: 'json',
445 data: { id: AppGini.current_department__RAND__.value, t: 'notices', f: 'department' },
446 success: function(resp){
447 $j('[id=department-container__RAND__], [id=department-container-readonly__RAND__]').html('<span id="department-match-text">' + resp.results[0].text + '</span>');
448 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=departments_view_parent]').hide(); }else{ $j('.btn[id=departments_view_parent]').show(); }
449
450 if(typeof(department_update_autofills__RAND__) == 'function') department_update_autofills__RAND__();
451 }
452 });
453 <?php } ?>
454
455 }
456 </script>
457 <?php
458
459 $lookups = str_replace('__RAND__', $rnd1, ob_get_contents());
460 ob_end_clean();
461
462
463 // code for template based detail view forms
464
465 // open the detail view template
466 if($dvprint){
467 $template_file = is_file("./{$TemplateDVP}") ? "./{$TemplateDVP}" : './templates/notices_templateDVP.html';
468 $templateCode = @file_get_contents($template_file);
469 }else{
470 $template_file = is_file("./{$TemplateDV}") ? "./{$TemplateDV}" : './templates/notices_templateDV.html';
471 $templateCode = @file_get_contents($template_file);
472 }
473
474 // process form title
475 $templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Thông báo', $templateCode);
476 $templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode);
477 $templateCode = str_replace('<%%EMBEDDED%%>', ($_REQUEST['Embedded'] ? 'Embedded=1' : ''), $templateCode);
478 // process buttons
479 if($AllowInsert){
480 if(!$selected_id) $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return notices_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode);
481 $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return notices_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode);
482 }else{
483 $templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode);
484 }
485
486 // 'Back' button action
487 if($_REQUEST['Embedded']){
488 $backAction = 'AppGini.closeParentModal(); return false;';
489 }else{
490 $backAction = '$j(\'form\').eq(0).attr(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;';
491 }
492
493 if($selected_id){
494 if(!$_REQUEST['Embedded']) $templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;" title="' . html_attr($Translation['Print Preview']) . '"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode);
495 if($AllowUpdate){
496 $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return notices_validateData();" title="' . html_attr($Translation['Save Changes']) . '"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode);
497 }else{
498 $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
499 }
500 if(($arrPerm[4]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[4]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[4]==3){ // allow delete?
501 $templateCode = str_replace('<%%DELETE_BUTTON%%>', '<button type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');" title="' . html_attr($Translation['Delete']) . '"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode);
502 }else{
503 $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
504 }
505 $templateCode = str_replace('<%%DESELECT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '" title="' . html_attr($Translation['Back']) . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode);
506 }else{
507 $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
508 $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
509 $templateCode = str_replace('<%%DESELECT_BUTTON%%>', ($ShowCancel ? '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '" title="' . html_attr($Translation['Back']) . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : ''), $templateCode);
510 }
511
512 // set records to read only if user can't insert new records and can't edit current record
513 if(($selected_id && !$AllowUpdate && !$AllowInsert) || (!$selected_id && !$AllowInsert)){
514 $jsReadOnly .= "\tjQuery('#notice').replaceWith('<div class=\"form-control-static\" id=\"notice\">' + (jQuery('#notice').val() || '') + '</div>');\n";
515 $jsReadOnly .= "\tjQuery('#school').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n";
516 $jsReadOnly .= "\tjQuery('#school_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n";
517 $jsReadOnly .= "\tjQuery('#department').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n";
518 $jsReadOnly .= "\tjQuery('#department_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n";
519 $jsReadOnly .= "\tjQuery('#year_of_study').replaceWith('<div class=\"form-control-static\" id=\"year_of_study\">' + (jQuery('#year_of_study').val() || '') + '</div>'); jQuery('#year_of_study-multi-selection-help').hide();\n";
520 $jsReadOnly .= "\tjQuery('.select2-container').hide();\n";
521
522 $noUploads = true;
523 }elseif($AllowInsert){
524 $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', true);"; // temporarily disable form change handler
525 $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', false);"; // re-enable form change handler
526 }
527
528 // process combos
529 $templateCode = str_replace('<%%COMBO(school)%%>', $combo_school->HTML, $templateCode);
530 $templateCode = str_replace('<%%COMBOTEXT(school)%%>', $combo_school->MatchText, $templateCode);
531 $templateCode = str_replace('<%%URLCOMBOTEXT(school)%%>', urlencode($combo_school->MatchText), $templateCode);
532 $templateCode = str_replace('<%%COMBO(department)%%>', $combo_department->HTML, $templateCode);
533 $templateCode = str_replace('<%%COMBOTEXT(department)%%>', $combo_department->MatchText, $templateCode);
534 $templateCode = str_replace('<%%URLCOMBOTEXT(department)%%>', urlencode($combo_department->MatchText), $templateCode);
535 $templateCode = str_replace('<%%COMBO(year_of_study)%%>', $combo_year_of_study->HTML, $templateCode);
536 $templateCode = str_replace('<%%COMBOTEXT(year_of_study)%%>', $combo_year_of_study->SelectedData, $templateCode);
537 $templateCode = str_replace('<%%COMBO(date)%%>', ($selected_id && !$arrPerm[3] ? '<div class="form-control-static">' . $combo_date->GetHTML(true) . '</div>' : $combo_date->GetHTML()), $templateCode);
538 $templateCode = str_replace('<%%COMBOTEXT(date)%%>', $combo_date->GetHTML(true), $templateCode);
539
540 /* lookup fields array: 'lookup field name' => array('parent table name', 'lookup field caption') */
541 $lookup_fields = array( 'school' => array('schools', 'School'), 'department' => array('departments', 'Department'));
542 foreach($lookup_fields as $luf => $ptfc){
543 $pt_perm = getTablePermissions($ptfc[0]);
544
545 // process foreign key links
546 if($pt_perm['view'] || $pt_perm['edit']){
547 $templateCode = str_replace("<%%PLINK({$luf})%%>", '<button type="button" class="btn btn-default view_parent hspacer-md" id="' . $ptfc[0] . '_view_parent" title="' . html_attr($Translation['View'] . ' ' . $ptfc[1]) . '"><i class="glyphicon glyphicon-eye-open"></i></button>', $templateCode);
548 }
549
550 // if user has insert permission to parent table of a lookup field, put an add new button
551 if($pt_perm['insert'] && !$_REQUEST['Embedded']){
552 $templateCode = str_replace("<%%ADDNEW({$ptfc[0]})%%>", '<button type="button" class="btn btn-success add_new_parent hspacer-md" id="' . $ptfc[0] . '_add_new" title="' . html_attr($Translation['Add Newx'] . ' ' . $ptfc[1]) . '"><i class="glyphicon glyphicon-plus-sign"></i></button>', $templateCode);
553 }
554 }
555
556 // process images
557 $templateCode = str_replace('<%%UPLOADFILE(id)%%>', '', $templateCode);
558 $templateCode = str_replace('<%%UPLOADFILE(notice)%%>', '', $templateCode);
559 $templateCode = str_replace('<%%UPLOADFILE(school)%%>', '', $templateCode);
560 $templateCode = str_replace('<%%UPLOADFILE(department)%%>', '', $templateCode);
561 $templateCode = str_replace('<%%UPLOADFILE(year_of_study)%%>', '', $templateCode);
562 $templateCode = str_replace('<%%UPLOADFILE(date)%%>', '', $templateCode);
563
564 // process values
565 if($selected_id){
566 if( $dvprint) $templateCode = str_replace('<%%VALUE(id)%%>', safe_html($urow['id']), $templateCode);
567 if(!$dvprint) $templateCode = str_replace('<%%VALUE(id)%%>', html_attr($row['id']), $templateCode);
568 $templateCode = str_replace('<%%URLVALUE(id)%%>', urlencode($urow['id']), $templateCode);
569 if($dvprint || (!$AllowUpdate && !$AllowInsert)){
570 $templateCode = str_replace('<%%VALUE(notice)%%>', safe_html($urow['notice']), $templateCode);
571 }else{
572 $templateCode = str_replace('<%%VALUE(notice)%%>', html_attr($row['notice']), $templateCode);
573 }
574 $templateCode = str_replace('<%%URLVALUE(notice)%%>', urlencode($urow['notice']), $templateCode);
575 if( $dvprint) $templateCode = str_replace('<%%VALUE(school)%%>', safe_html($urow['school']), $templateCode);
576 if(!$dvprint) $templateCode = str_replace('<%%VALUE(school)%%>', html_attr($row['school']), $templateCode);
577 $templateCode = str_replace('<%%URLVALUE(school)%%>', urlencode($urow['school']), $templateCode);
578 if( $dvprint) $templateCode = str_replace('<%%VALUE(department)%%>', safe_html($urow['department']), $templateCode);
579 if(!$dvprint) $templateCode = str_replace('<%%VALUE(department)%%>', html_attr($row['department']), $templateCode);
580 $templateCode = str_replace('<%%URLVALUE(department)%%>', urlencode($urow['department']), $templateCode);
581 if( $dvprint) $templateCode = str_replace('<%%VALUE(year_of_study)%%>', safe_html($urow['year_of_study']), $templateCode);
582 if(!$dvprint) $templateCode = str_replace('<%%VALUE(year_of_study)%%>', html_attr($row['year_of_study']), $templateCode);
583 $templateCode = str_replace('<%%URLVALUE(year_of_study)%%>', urlencode($urow['year_of_study']), $templateCode);
584 $templateCode = str_replace('<%%VALUE(date)%%>', @date('m/d/Y', @strtotime(html_attr($row['date']))), $templateCode);
585 $templateCode = str_replace('<%%URLVALUE(date)%%>', urlencode(@date('m/d/Y', @strtotime(html_attr($urow['date'])))), $templateCode);
586 }else{
587 $templateCode = str_replace('<%%VALUE(id)%%>', '', $templateCode);
588 $templateCode = str_replace('<%%URLVALUE(id)%%>', urlencode(''), $templateCode);
589 $templateCode = str_replace('<%%VALUE(notice)%%>', '', $templateCode);
590 $templateCode = str_replace('<%%URLVALUE(notice)%%>', urlencode(''), $templateCode);
591 $templateCode = str_replace('<%%VALUE(school)%%>', '', $templateCode);
592 $templateCode = str_replace('<%%URLVALUE(school)%%>', urlencode(''), $templateCode);
593 $templateCode = str_replace('<%%VALUE(department)%%>', '', $templateCode);
594 $templateCode = str_replace('<%%URLVALUE(department)%%>', urlencode(''), $templateCode);
595 $templateCode = str_replace('<%%VALUE(year_of_study)%%>', '', $templateCode);
596 $templateCode = str_replace('<%%URLVALUE(year_of_study)%%>', urlencode(''), $templateCode);
597 $templateCode = str_replace('<%%VALUE(date)%%>', '<%%creationDate%%>', $templateCode);
598 $templateCode = str_replace('<%%URLVALUE(date)%%>', urlencode('<%%creationDate%%>'), $templateCode);
599 }
600
601 // process translations
602 foreach($Translation as $symbol=>$trans){
603 $templateCode = str_replace("<%%TRANSLATION($symbol)%%>", $trans, $templateCode);
604 }
605
606 // clear scrap
607 $templateCode = str_replace('<%%', '<!-- ', $templateCode);
608 $templateCode = str_replace('%%>', ' -->', $templateCode);
609
610 // hide links to inaccessible tables
611 if($_REQUEST['dvprint_x'] == ''){
612 $templateCode .= "\n\n<script>\$j(function(){\n";
613 $arrTables = getTableList();
614 foreach($arrTables as $name => $caption){
615 $templateCode .= "\t\$j('#{$name}_link').removeClass('hidden');\n";
616 $templateCode .= "\t\$j('#xs_{$name}_link').removeClass('hidden');\n";
617 }
618
619 $templateCode .= $jsReadOnly;
620 $templateCode .= $jsEditable;
621
622 if(!$selected_id){
623 }
624
625 $templateCode.="\n});</script>\n";
626 }
627
628 // ajaxed auto-fill fields
629 $templateCode .= '<script>';
630 $templateCode .= '$j(function() {';
631
632
633 $templateCode.="});";
634 $templateCode.="</script>";
635 $templateCode .= $lookups;
636
637 // handle enforced parent values for read-only lookup fields
638
639 // don't include blank images in lightbox gallery
640 $templateCode = preg_replace('/blank.gif" data-lightbox=".*?"/', 'blank.gif"', $templateCode);
641
642 // don't display empty email links
643 $templateCode=preg_replace('/<a .*?href="mailto:".*?<\/a>/', '', $templateCode);
644
645 /* default field values */
646 $rdata = $jdata = get_defaults('notices');
647 if($selected_id){
648 $jdata = get_joined_record('notices', $selected_id);
649 if($jdata === false) $jdata = get_defaults('notices');
650 $rdata = $row;
651 }
652 $templateCode .= loadView('notices-ajax-cache', array('rdata' => $rdata, 'jdata' => $jdata));
653
654 // hook: notices_dv
655 if(function_exists('notices_dv')){
656 $args=array();
657 notices_dv(($selected_id ? $selected_id : FALSE), getMemberInfo(), $templateCode, $args);
658 }
659
660 return $templateCode;
661 }
662 ?>
2
3 // Data functions (insert, update, delete, form) for table notices
4
5 // This script and data application were generated by AppGini 5.72
6 // Download AppGini for free from https://bigprof.com/appgini/download/
7
8 function notices_insert(){
9 global $Translation;
10
11 // mm: can member insert record?
12 $arrPerm=getTablePermissions('notices');
13 if(!$arrPerm[1]){
14 return false;
15 }
16
17 $data['notice'] = br2nl(makeSafe($_REQUEST['notice']));
18 $data['school'] = makeSafe($_REQUEST['school']);
19 if($data['school'] == empty_lookup_value){ $data['school'] = ''; }
20 $data['department'] = makeSafe($_REQUEST['department']);
21 if($data['department'] == empty_lookup_value){ $data['department'] = ''; }
22 $data['year_of_study'] = makeSafe($_REQUEST['year_of_study']);
23 if($data['year_of_study'] == empty_lookup_value){ $data['year_of_study'] = ''; }
24 $data['date'] = parseCode('<%%creationDate%%>', true, true);
25 if($data['notice']== ''){
26 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">" . $Translation['error:'] . " 'Notice': " . $Translation['field not null'] . '<br><br>';
27 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
28 exit;
29 }
30 if($data['school']== ''){
31 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">" . $Translation['error:'] . " 'School': " . $Translation['field not null'] . '<br><br>';
32 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
33 exit;
34 }
35 if($data['department']== ''){
36 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">" . $Translation['error:'] . " 'Department': " . $Translation['field not null'] . '<br><br>';
37 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
38 exit;
39 }
40 if($data['year_of_study']== ''){
41 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">" . $Translation['error:'] . " 'Year of study': " . $Translation['field not null'] . '<br><br>';
42 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
43 exit;
44 }
45
46 // hook: notices_before_insert
47 if(function_exists('notices_before_insert')){
48 $args=array();
49 if(!notices_before_insert($data, getMemberInfo(), $args)){ return false; }
50 }
51
52 $o = array('silentErrors' => true);
53 sql('insert into `notices` set `notice`=' . (($data['notice'] !== '' && $data['notice'] !== NULL) ? "'{$data['notice']}'" : 'NULL') . ', `school`=' . (($data['school'] !== '' && $data['school'] !== NULL) ? "'{$data['school']}'" : 'NULL') . ', `department`=' . (($data['department'] !== '' && $data['department'] !== NULL) ? "'{$data['department']}'" : 'NULL') . ', `year_of_study`=' . (($data['year_of_study'] !== '' && $data['year_of_study'] !== NULL) ? "'{$data['year_of_study']}'" : 'NULL') . ', `date`=' . "'{$data['date']}'", $o);
54 if($o['error']!=''){
55 echo $o['error'];
56 echo "<a href=\"notices_view.php?addNew_x=1\">{$Translation['< back']}</a>";
57 exit;
58 }
59
60 $recID = db_insert_id(db_link());
61
62 // hook: notices_after_insert
63 if(function_exists('notices_after_insert')){
64 $res = sql("select * from `notices` where `id`='" . makeSafe($recID, false) . "' limit 1", $eo);
65 if($row = db_fetch_assoc($res)){
66 $data = array_map('makeSafe', $row);
67 }
68 $data['selectedID'] = makeSafe($recID, false);
69 $args=array();
70 if(!notices_after_insert($data, getMemberInfo(), $args)){ return $recID; }
71 }
72
73 // mm: save ownership data
74 set_record_owner('notices', $recID, getLoggedMemberID());
75
76 return $recID;
77 }
78
79 function notices_delete($selected_id, $AllowDeleteOfParents=false, $skipChecks=false){
80 // insure referential integrity ...
81 global $Translation;
82 $selected_id=makeSafe($selected_id);
83
84 // mm: can member delete record?
85 $arrPerm=getTablePermissions('notices');
86 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='notices' and pkValue='$selected_id'");
87 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='notices' and pkValue='$selected_id'");
88 if(($arrPerm[4]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[4]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[4]==3){ // allow delete?
89 // delete allowed, so continue ...
90 }else{
91 return $Translation['You don\'t have enough permissions to delete this record'];
92 }
93
94 // hook: notices_before_delete
95 if(function_exists('notices_before_delete')){
96 $args=array();
97 if(!notices_before_delete($selected_id, $skipChecks, getMemberInfo(), $args))
98 return $Translation['Couldn\'t delete this record'];
99 }
100
101 sql("delete from `notices` where `id`='$selected_id'", $eo);
102
103 // hook: notices_after_delete
104 if(function_exists('notices_after_delete')){
105 $args=array();
106 notices_after_delete($selected_id, getMemberInfo(), $args);
107 }
108
109 // mm: delete ownership data
110 sql("delete from membership_userrecords where tableName='notices' and pkValue='$selected_id'", $eo);
111 }
112
113 function notices_update($selected_id){
114 global $Translation;
115
116 // mm: can member edit record?
117 $arrPerm=getTablePermissions('notices');
118 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='notices' and pkValue='".makeSafe($selected_id)."'");
119 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='notices' and pkValue='".makeSafe($selected_id)."'");
120 if(($arrPerm[3]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[3]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[3]==3){ // allow update?
121 // update allowed, so continue ...
122 }else{
123 return false;
124 }
125
126 $data['notice'] = br2nl(makeSafe($_REQUEST['notice']));
127 if($data['notice']==''){
128 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Notice': {$Translation['field not null']}<br><br>";
129 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
130 exit;
131 }
132 $data['school'] = makeSafe($_REQUEST['school']);
133 if($data['school'] == empty_lookup_value){ $data['school'] = ''; }
134 if($data['school']==''){
135 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'School': {$Translation['field not null']}<br><br>";
136 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
137 exit;
138 }
139 $data['department'] = makeSafe($_REQUEST['department']);
140 if($data['department'] == empty_lookup_value){ $data['department'] = ''; }
141 if($data['department']==''){
142 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Department': {$Translation['field not null']}<br><br>";
143 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
144 exit;
145 }
146 $data['year_of_study'] = makeSafe($_REQUEST['year_of_study']);
147 if($data['year_of_study'] == empty_lookup_value){ $data['year_of_study'] = ''; }
148 if($data['year_of_study']==''){
149 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Year of study': {$Translation['field not null']}<br><br>";
150 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
151 exit;
152 }
153 $data['date'] = parseMySQLDate('', '<%%creationDate%%>');
154 $data['selectedID']=makeSafe($selected_id);
155
156 // hook: notices_before_update
157 if(function_exists('notices_before_update')){
158 $args=array();
159 if(!notices_before_update($data, getMemberInfo(), $args)){ return false; }
160 }
161
162 $o=array('silentErrors' => true);
163 sql('update `notices` set `notice`=' . (($data['notice'] !== '' && $data['notice'] !== NULL) ? "'{$data['notice']}'" : 'NULL') . ', `school`=' . (($data['school'] !== '' && $data['school'] !== NULL) ? "'{$data['school']}'" : 'NULL') . ', `department`=' . (($data['department'] !== '' && $data['department'] !== NULL) ? "'{$data['department']}'" : 'NULL') . ', `year_of_study`=' . (($data['year_of_study'] !== '' && $data['year_of_study'] !== NULL) ? "'{$data['year_of_study']}'" : 'NULL') . ', `date`=`date`' . " where `id`='".makeSafe($selected_id)."'", $o);
164 if($o['error']!=''){
165 echo $o['error'];
166 echo '<a href="notices_view.php?SelectedID='.urlencode($selected_id)."\">{$Translation['< back']}</a>";
167 exit;
168 }
169
170
171 // hook: notices_after_update
172 if(function_exists('notices_after_update')){
173 $res = sql("SELECT * FROM `notices` WHERE `id`='{$data['selectedID']}' LIMIT 1", $eo);
174 if($row = db_fetch_assoc($res)){
175 $data = array_map('makeSafe', $row);
176 }
177 $data['selectedID'] = $data['id'];
178 $args = array();
179 if(!notices_after_update($data, getMemberInfo(), $args)){ return; }
180 }
181
182 // mm: update ownership data
183 sql("update membership_userrecords set dateUpdated='".time()."' where tableName='notices' and pkValue='".makeSafe($selected_id)."'", $eo);
184
185 }
186
187 function notices_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0, $TemplateDV = '', $TemplateDVP = ''){
188 // function to return an editable form for a table records
189 // and fill it with data of record whose ID is $selected_id. If $selected_id
190 // is empty, an empty form is shown, with only an 'Add New'
191 // button displayed.
192
193 global $Translation;
194
195 // mm: get table permissions
196 $arrPerm=getTablePermissions('notices');
197 if(!$arrPerm[1] && $selected_id==''){ return ''; }
198 $AllowInsert = ($arrPerm[1] ? true : false);
199 // print preview?
200 $dvprint = false;
201 if($selected_id && $_REQUEST['dvprint_x'] != ''){
202 $dvprint = true;
203 }
204
205 $filterer_school = thisOr(undo_magic_quotes($_REQUEST['filterer_school']), '');
206 $filterer_department = thisOr(undo_magic_quotes($_REQUEST['filterer_department']), '');
207
208 // populate filterers, starting from children to grand-parents
209 if($filterer_department && !$filterer_school) $filterer_school = sqlValue("select school from departments where id='" . makeSafe($filterer_department) . "'");
210
211 // unique random identifier
212 $rnd1 = ($dvprint ? rand(1000000, 9999999) : '');
213 // combobox: school
214 $combo_school = new DataCombo;
215 // combobox: department, filterable by: school
216 $combo_department = new DataCombo;
217 // combobox: year_of_study
218 $combo_year_of_study = new Combo;
219 $combo_year_of_study->ListType = 0;
220 $combo_year_of_study->MultipleSeparator = ', ';
221 $combo_year_of_study->ListBoxHeight = 10;
222 $combo_year_of_study->RadiosPerLine = 1;
223 if(is_file(dirname(__FILE__).'/hooks/notices.year_of_study.csv')){
224 $year_of_study_data = addslashes(implode('', @file(dirname(__FILE__).'/hooks/notices.year_of_study.csv')));
225 $combo_year_of_study->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($year_of_study_data)));
226 $combo_year_of_study->ListData = $combo_year_of_study->ListItem;
227 }else{
228 $combo_year_of_study->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("1;;2;;3;;4;;5;;6")));
229 $combo_year_of_study->ListData = $combo_year_of_study->ListItem;
230 }
231 $combo_year_of_study->SelectName = 'year_of_study';
232 $combo_year_of_study->AllowNull = false;
233 // combobox: date
234 $combo_date = new DateCombo;
235 $combo_date->DateFormat = "mdy";
236 $combo_date->MinYear = 1900;
237 $combo_date->MaxYear = 2100;
238 $combo_date->DefaultDate = parseMySQLDate('<%%creationDate%%>', '<%%creationDate%%>');
239 $combo_date->MonthNames = $Translation['month names'];
240 $combo_date->NamePrefix = 'date';
241
242 if($selected_id){
243 // mm: check member permissions
244 if(!$arrPerm[2]){
245 return "";
246 }
247 // mm: who is the owner?
248 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='notices' and pkValue='".makeSafe($selected_id)."'");
249 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='notices' and pkValue='".makeSafe($selected_id)."'");
250 if($arrPerm[2]==1 && getLoggedMemberID()!=$ownerMemberID){
251 return "";
252 }
253 if($arrPerm[2]==2 && getLoggedGroupID()!=$ownerGroupID){
254 return "";
255 }
256
257 // can edit?
258 if(($arrPerm[3]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[3]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[3]==3){
259 $AllowUpdate=1;
260 }else{
261 $AllowUpdate=0;
262 }
263
264 $res = sql("select * from `notices` where `id`='".makeSafe($selected_id)."'", $eo);
265 if(!($row = db_fetch_array($res))){
266 return error_message($Translation['No records found'], 'notices_view.php', false);
267 }
268 $urow = $row; /* unsanitized data */
269 $hc = new CI_Input();
270 $row = $hc->xss_clean($row); /* sanitize data */
271 $combo_school->SelectedData = $row['school'];
272 $combo_department->SelectedData = $row['department'];
273 $combo_year_of_study->SelectedData = $row['year_of_study'];
274 $combo_date->DefaultDate = $row['date'];
275 }else{
276 $combo_school->SelectedData = $filterer_school;
277 $combo_department->SelectedData = $filterer_department;
278 $combo_year_of_study->SelectedText = ( $_REQUEST['FilterField'][1]=='5' && $_REQUEST['FilterOperator'][1]=='<=>' ? (get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1]) : "");
279 }
280 $combo_school->HTML = '<span id="school-container' . $rnd1 . '"></span><input type="hidden" name="school" id="school' . $rnd1 . '" value="' . html_attr($combo_school->SelectedData) . '">';
281 $combo_school->MatchText = '<span id="school-container-readonly' . $rnd1 . '"></span><input type="hidden" name="school" id="school' . $rnd1 . '" value="' . html_attr($combo_school->SelectedData) . '">';
282 $combo_department->HTML = '<span id="department-container' . $rnd1 . '"></span><input type="hidden" name="department" id="department' . $rnd1 . '" value="' . html_attr($combo_department->SelectedData) . '">';
283 $combo_department->MatchText = '<span id="department-container-readonly' . $rnd1 . '"></span><input type="hidden" name="department" id="department' . $rnd1 . '" value="' . html_attr($combo_department->SelectedData) . '">';
284 $combo_year_of_study->Render();
285
286 ob_start();
287 ?>
288
289 <script>
290 // initial lookup values
291 AppGini.current_school__RAND__ = { text: "", value: "<?php echo addslashes($selected_id ? $urow['school'] : $filterer_school); ?>"};
292 AppGini.current_department__RAND__ = { text: "", value: "<?php echo addslashes($selected_id ? $urow['department'] : $filterer_department); ?>"};
293
294 jQuery(function() {
295 setTimeout(function(){
296 if(typeof(school_reload__RAND__) == 'function') school_reload__RAND__();
297 <?php echo (!$AllowUpdate || $dvprint ? 'if(typeof(department_reload__RAND__) == \'function\') department_reload__RAND__(AppGini.current_school__RAND__.value);' : ''); ?>
298 }, 10); /* we need to slightly delay client-side execution of the above code to allow AppGini.ajaxCache to work */
299 });
300 function school_reload__RAND__(){
301 <?php if(($AllowUpdate || $AllowInsert) && !$dvprint){ ?>
302
303 $j("#school-container__RAND__").select2({
304 /* initial default value */
305 initSelection: function(e, c){
306 $j.ajax({
307 url: 'ajax_combo.php',
308 dataType: 'json',
309 data: { id: AppGini.current_school__RAND__.value, t: 'notices', f: 'school' },
310 success: function(resp){
311 c({
312 id: resp.results[0].id,
313 text: resp.results[0].text
314 });
315 $j('[name="school"]').val(resp.results[0].id);
316 $j('[id=school-container-readonly__RAND__]').html('<span id="school-match-text">' + resp.results[0].text + '</span>');
317 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=schools_view_parent]').hide(); }else{ $j('.btn[id=schools_view_parent]').show(); }
318
319 if(typeof(department_reload__RAND__) == 'function') department_reload__RAND__(AppGini.current_school__RAND__.value);
320
321 if(typeof(school_update_autofills__RAND__) == 'function') school_update_autofills__RAND__();
322 }
323 });
324 },
325 width: '100%',
326 formatNoMatches: function(term){ /* */ return '<?php echo addslashes($Translation['No matches found!']); ?>'; },
327 minimumResultsForSearch: 10,
328 loadMorePadding: 200,
329 ajax: {
330 url: 'ajax_combo.php',
331 dataType: 'json',
332 cache: true,
333 data: function(term, page){ /* */ return { s: term, p: page, t: 'notices', f: 'school' }; },
334 results: function(resp, page){ /* */ return resp; }
335 },
336 escapeMarkup: function(str){ /* */ return str; }
337 }).on('change', function(e){
338 AppGini.current_school__RAND__.value = e.added.id;
339 AppGini.current_school__RAND__.text = e.added.text;
340 $j('[name="school"]').val(e.added.id);
341 if(e.added.id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=schools_view_parent]').hide(); }else{ $j('.btn[id=schools_view_parent]').show(); }
342
343 if(typeof(department_reload__RAND__) == 'function') department_reload__RAND__(AppGini.current_school__RAND__.value);
344
345 if(typeof(school_update_autofills__RAND__) == 'function') school_update_autofills__RAND__();
346 });
347
348 if(!$j("#school-container__RAND__").length){
349 $j.ajax({
350 url: 'ajax_combo.php',
351 dataType: 'json',
352 data: { id: AppGini.current_school__RAND__.value, t: 'notices', f: 'school' },
353 success: function(resp){
354 $j('[name="school"]').val(resp.results[0].id);
355 $j('[id=school-container-readonly__RAND__]').html('<span id="school-match-text">' + resp.results[0].text + '</span>');
356 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=schools_view_parent]').hide(); }else{ $j('.btn[id=schools_view_parent]').show(); }
357
358 if(typeof(school_update_autofills__RAND__) == 'function') school_update_autofills__RAND__();
359 }
360 });
361 }
362
363 <?php }else{ ?>
364
365 $j.ajax({
366 url: 'ajax_combo.php',
367 dataType: 'json',
368 data: { id: AppGini.current_school__RAND__.value, t: 'notices', f: 'school' },
369 success: function(resp){
370 $j('[id=school-container__RAND__], [id=school-container-readonly__RAND__]').html('<span id="school-match-text">' + resp.results[0].text + '</span>');
371 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=schools_view_parent]').hide(); }else{ $j('.btn[id=schools_view_parent]').show(); }
372
373 if(typeof(school_update_autofills__RAND__) == 'function') school_update_autofills__RAND__();
374 }
375 });
376 <?php } ?>
377
378 }
379 function department_reload__RAND__(filterer_school){
380 <?php if(($AllowUpdate || $AllowInsert) && !$dvprint){ ?>
381
382 $j("#department-container__RAND__").select2({
383 /* initial default value */
384 initSelection: function(e, c){
385 $j.ajax({
386 url: 'ajax_combo.php',
387 dataType: 'json',
388 data: { filterer_school: filterer_school, id: AppGini.current_department__RAND__.value, t: 'notices', f: 'department' },
389 success: function(resp){
390 c({
391 id: resp.results[0].id,
392 text: resp.results[0].text
393 });
394 $j('[name="department"]').val(resp.results[0].id);
395 $j('[id=department-container-readonly__RAND__]').html('<span id="department-match-text">' + resp.results[0].text + '</span>');
396 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=departments_view_parent]').hide(); }else{ $j('.btn[id=departments_view_parent]').show(); }
397
398
399 if(typeof(department_update_autofills__RAND__) == 'function') department_update_autofills__RAND__();
400 }
401 });
402 },
403 width: '100%',
404 formatNoMatches: function(term){ /* */ return '<?php echo addslashes($Translation['No matches found!']); ?>'; },
405 minimumResultsForSearch: 10,
406 loadMorePadding: 200,
407 ajax: {
408 url: 'ajax_combo.php',
409 dataType: 'json',
410 cache: true,
411 data: function(term, page){ /* */ return { filterer_school: filterer_school, s: term, p: page, t: 'notices', f: 'department' }; },
412 results: function(resp, page){ /* */ return resp; }
413 },
414 escapeMarkup: function(str){ /* */ return str; }
415 }).on('change', function(e){
416 AppGini.current_department__RAND__.value = e.added.id;
417 AppGini.current_department__RAND__.text = e.added.text;
418 $j('[name="department"]').val(e.added.id);
419 if(e.added.id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=departments_view_parent]').hide(); }else{ $j('.btn[id=departments_view_parent]').show(); }
420
421
422 if(typeof(department_update_autofills__RAND__) == 'function') department_update_autofills__RAND__();
423 });
424
425 if(!$j("#department-container__RAND__").length){
426 $j.ajax({
427 url: 'ajax_combo.php',
428 dataType: 'json',
429 data: { id: AppGini.current_department__RAND__.value, t: 'notices', f: 'department' },
430 success: function(resp){
431 $j('[name="department"]').val(resp.results[0].id);
432 $j('[id=department-container-readonly__RAND__]').html('<span id="department-match-text">' + resp.results[0].text + '</span>');
433 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=departments_view_parent]').hide(); }else{ $j('.btn[id=departments_view_parent]').show(); }
434
435 if(typeof(department_update_autofills__RAND__) == 'function') department_update_autofills__RAND__();
436 }
437 });
438 }
439
440 <?php }else{ ?>
441
442 $j.ajax({
443 url: 'ajax_combo.php',
444 dataType: 'json',
445 data: { id: AppGini.current_department__RAND__.value, t: 'notices', f: 'department' },
446 success: function(resp){
447 $j('[id=department-container__RAND__], [id=department-container-readonly__RAND__]').html('<span id="department-match-text">' + resp.results[0].text + '</span>');
448 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=departments_view_parent]').hide(); }else{ $j('.btn[id=departments_view_parent]').show(); }
449
450 if(typeof(department_update_autofills__RAND__) == 'function') department_update_autofills__RAND__();
451 }
452 });
453 <?php } ?>
454
455 }
456 </script>
457 <?php
458
459 $lookups = str_replace('__RAND__', $rnd1, ob_get_contents());
460 ob_end_clean();
461
462
463 // code for template based detail view forms
464
465 // open the detail view template
466 if($dvprint){
467 $template_file = is_file("./{$TemplateDVP}") ? "./{$TemplateDVP}" : './templates/notices_templateDVP.html';
468 $templateCode = @file_get_contents($template_file);
469 }else{
470 $template_file = is_file("./{$TemplateDV}") ? "./{$TemplateDV}" : './templates/notices_templateDV.html';
471 $templateCode = @file_get_contents($template_file);
472 }
473
474 // process form title
475 $templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Thông báo', $templateCode);
476 $templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode);
477 $templateCode = str_replace('<%%EMBEDDED%%>', ($_REQUEST['Embedded'] ? 'Embedded=1' : ''), $templateCode);
478 // process buttons
479 if($AllowInsert){
480 if(!$selected_id) $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return notices_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode);
481 $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return notices_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode);
482 }else{
483 $templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode);
484 }
485
486 // 'Back' button action
487 if($_REQUEST['Embedded']){
488 $backAction = 'AppGini.closeParentModal(); return false;';
489 }else{
490 $backAction = '$j(\'form\').eq(0).attr(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;';
491 }
492
493 if($selected_id){
494 if(!$_REQUEST['Embedded']) $templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;" title="' . html_attr($Translation['Print Preview']) . '"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode);
495 if($AllowUpdate){
496 $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return notices_validateData();" title="' . html_attr($Translation['Save Changes']) . '"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode);
497 }else{
498 $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
499 }
500 if(($arrPerm[4]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[4]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[4]==3){ // allow delete?
501 $templateCode = str_replace('<%%DELETE_BUTTON%%>', '<button type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');" title="' . html_attr($Translation['Delete']) . '"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode);
502 }else{
503 $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
504 }
505 $templateCode = str_replace('<%%DESELECT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '" title="' . html_attr($Translation['Back']) . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode);
506 }else{
507 $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
508 $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
509 $templateCode = str_replace('<%%DESELECT_BUTTON%%>', ($ShowCancel ? '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '" title="' . html_attr($Translation['Back']) . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : ''), $templateCode);
510 }
511
512 // set records to read only if user can't insert new records and can't edit current record
513 if(($selected_id && !$AllowUpdate && !$AllowInsert) || (!$selected_id && !$AllowInsert)){
514 $jsReadOnly .= "\tjQuery('#notice').replaceWith('<div class=\"form-control-static\" id=\"notice\">' + (jQuery('#notice').val() || '') + '</div>');\n";
515 $jsReadOnly .= "\tjQuery('#school').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n";
516 $jsReadOnly .= "\tjQuery('#school_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n";
517 $jsReadOnly .= "\tjQuery('#department').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n";
518 $jsReadOnly .= "\tjQuery('#department_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n";
519 $jsReadOnly .= "\tjQuery('#year_of_study').replaceWith('<div class=\"form-control-static\" id=\"year_of_study\">' + (jQuery('#year_of_study').val() || '') + '</div>'); jQuery('#year_of_study-multi-selection-help').hide();\n";
520 $jsReadOnly .= "\tjQuery('.select2-container').hide();\n";
521
522 $noUploads = true;
523 }elseif($AllowInsert){
524 $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', true);"; // temporarily disable form change handler
525 $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', false);"; // re-enable form change handler
526 }
527
528 // process combos
529 $templateCode = str_replace('<%%COMBO(school)%%>', $combo_school->HTML, $templateCode);
530 $templateCode = str_replace('<%%COMBOTEXT(school)%%>', $combo_school->MatchText, $templateCode);
531 $templateCode = str_replace('<%%URLCOMBOTEXT(school)%%>', urlencode($combo_school->MatchText), $templateCode);
532 $templateCode = str_replace('<%%COMBO(department)%%>', $combo_department->HTML, $templateCode);
533 $templateCode = str_replace('<%%COMBOTEXT(department)%%>', $combo_department->MatchText, $templateCode);
534 $templateCode = str_replace('<%%URLCOMBOTEXT(department)%%>', urlencode($combo_department->MatchText), $templateCode);
535 $templateCode = str_replace('<%%COMBO(year_of_study)%%>', $combo_year_of_study->HTML, $templateCode);
536 $templateCode = str_replace('<%%COMBOTEXT(year_of_study)%%>', $combo_year_of_study->SelectedData, $templateCode);
537 $templateCode = str_replace('<%%COMBO(date)%%>', ($selected_id && !$arrPerm[3] ? '<div class="form-control-static">' . $combo_date->GetHTML(true) . '</div>' : $combo_date->GetHTML()), $templateCode);
538 $templateCode = str_replace('<%%COMBOTEXT(date)%%>', $combo_date->GetHTML(true), $templateCode);
539
540 /* lookup fields array: 'lookup field name' => array('parent table name', 'lookup field caption') */
541 $lookup_fields = array( 'school' => array('schools', 'School'), 'department' => array('departments', 'Department'));
542 foreach($lookup_fields as $luf => $ptfc){
543 $pt_perm = getTablePermissions($ptfc[0]);
544
545 // process foreign key links
546 if($pt_perm['view'] || $pt_perm['edit']){
547 $templateCode = str_replace("<%%PLINK({$luf})%%>", '<button type="button" class="btn btn-default view_parent hspacer-md" id="' . $ptfc[0] . '_view_parent" title="' . html_attr($Translation['View'] . ' ' . $ptfc[1]) . '"><i class="glyphicon glyphicon-eye-open"></i></button>', $templateCode);
548 }
549
550 // if user has insert permission to parent table of a lookup field, put an add new button
551 if($pt_perm['insert'] && !$_REQUEST['Embedded']){
552 $templateCode = str_replace("<%%ADDNEW({$ptfc[0]})%%>", '<button type="button" class="btn btn-success add_new_parent hspacer-md" id="' . $ptfc[0] . '_add_new" title="' . html_attr($Translation['Add Newx'] . ' ' . $ptfc[1]) . '"><i class="glyphicon glyphicon-plus-sign"></i></button>', $templateCode);
553 }
554 }
555
556 // process images
557 $templateCode = str_replace('<%%UPLOADFILE(id)%%>', '', $templateCode);
558 $templateCode = str_replace('<%%UPLOADFILE(notice)%%>', '', $templateCode);
559 $templateCode = str_replace('<%%UPLOADFILE(school)%%>', '', $templateCode);
560 $templateCode = str_replace('<%%UPLOADFILE(department)%%>', '', $templateCode);
561 $templateCode = str_replace('<%%UPLOADFILE(year_of_study)%%>', '', $templateCode);
562 $templateCode = str_replace('<%%UPLOADFILE(date)%%>', '', $templateCode);
563
564 // process values
565 if($selected_id){
566 if( $dvprint) $templateCode = str_replace('<%%VALUE(id)%%>', safe_html($urow['id']), $templateCode);
567 if(!$dvprint) $templateCode = str_replace('<%%VALUE(id)%%>', html_attr($row['id']), $templateCode);
568 $templateCode = str_replace('<%%URLVALUE(id)%%>', urlencode($urow['id']), $templateCode);
569 if($dvprint || (!$AllowUpdate && !$AllowInsert)){
570 $templateCode = str_replace('<%%VALUE(notice)%%>', safe_html($urow['notice']), $templateCode);
571 }else{
572 $templateCode = str_replace('<%%VALUE(notice)%%>', html_attr($row['notice']), $templateCode);
573 }
574 $templateCode = str_replace('<%%URLVALUE(notice)%%>', urlencode($urow['notice']), $templateCode);
575 if( $dvprint) $templateCode = str_replace('<%%VALUE(school)%%>', safe_html($urow['school']), $templateCode);
576 if(!$dvprint) $templateCode = str_replace('<%%VALUE(school)%%>', html_attr($row['school']), $templateCode);
577 $templateCode = str_replace('<%%URLVALUE(school)%%>', urlencode($urow['school']), $templateCode);
578 if( $dvprint) $templateCode = str_replace('<%%VALUE(department)%%>', safe_html($urow['department']), $templateCode);
579 if(!$dvprint) $templateCode = str_replace('<%%VALUE(department)%%>', html_attr($row['department']), $templateCode);
580 $templateCode = str_replace('<%%URLVALUE(department)%%>', urlencode($urow['department']), $templateCode);
581 if( $dvprint) $templateCode = str_replace('<%%VALUE(year_of_study)%%>', safe_html($urow['year_of_study']), $templateCode);
582 if(!$dvprint) $templateCode = str_replace('<%%VALUE(year_of_study)%%>', html_attr($row['year_of_study']), $templateCode);
583 $templateCode = str_replace('<%%URLVALUE(year_of_study)%%>', urlencode($urow['year_of_study']), $templateCode);
584 $templateCode = str_replace('<%%VALUE(date)%%>', @date('m/d/Y', @strtotime(html_attr($row['date']))), $templateCode);
585 $templateCode = str_replace('<%%URLVALUE(date)%%>', urlencode(@date('m/d/Y', @strtotime(html_attr($urow['date'])))), $templateCode);
586 }else{
587 $templateCode = str_replace('<%%VALUE(id)%%>', '', $templateCode);
588 $templateCode = str_replace('<%%URLVALUE(id)%%>', urlencode(''), $templateCode);
589 $templateCode = str_replace('<%%VALUE(notice)%%>', '', $templateCode);
590 $templateCode = str_replace('<%%URLVALUE(notice)%%>', urlencode(''), $templateCode);
591 $templateCode = str_replace('<%%VALUE(school)%%>', '', $templateCode);
592 $templateCode = str_replace('<%%URLVALUE(school)%%>', urlencode(''), $templateCode);
593 $templateCode = str_replace('<%%VALUE(department)%%>', '', $templateCode);
594 $templateCode = str_replace('<%%URLVALUE(department)%%>', urlencode(''), $templateCode);
595 $templateCode = str_replace('<%%VALUE(year_of_study)%%>', '', $templateCode);
596 $templateCode = str_replace('<%%URLVALUE(year_of_study)%%>', urlencode(''), $templateCode);
597 $templateCode = str_replace('<%%VALUE(date)%%>', '<%%creationDate%%>', $templateCode);
598 $templateCode = str_replace('<%%URLVALUE(date)%%>', urlencode('<%%creationDate%%>'), $templateCode);
599 }
600
601 // process translations
602 foreach($Translation as $symbol=>$trans){
603 $templateCode = str_replace("<%%TRANSLATION($symbol)%%>", $trans, $templateCode);
604 }
605
606 // clear scrap
607 $templateCode = str_replace('<%%', '<!-- ', $templateCode);
608 $templateCode = str_replace('%%>', ' -->', $templateCode);
609
610 // hide links to inaccessible tables
611 if($_REQUEST['dvprint_x'] == ''){
612 $templateCode .= "\n\n<script>\$j(function(){\n";
613 $arrTables = getTableList();
614 foreach($arrTables as $name => $caption){
615 $templateCode .= "\t\$j('#{$name}_link').removeClass('hidden');\n";
616 $templateCode .= "\t\$j('#xs_{$name}_link').removeClass('hidden');\n";
617 }
618
619 $templateCode .= $jsReadOnly;
620 $templateCode .= $jsEditable;
621
622 if(!$selected_id){
623 }
624
625 $templateCode.="\n});</script>\n";
626 }
627
628 // ajaxed auto-fill fields
629 $templateCode .= '<script>';
630 $templateCode .= '$j(function() {';
631
632
633 $templateCode.="});";
634 $templateCode.="</script>";
635 $templateCode .= $lookups;
636
637 // handle enforced parent values for read-only lookup fields
638
639 // don't include blank images in lightbox gallery
640 $templateCode = preg_replace('/blank.gif" data-lightbox=".*?"/', 'blank.gif"', $templateCode);
641
642 // don't display empty email links
643 $templateCode=preg_replace('/<a .*?href="mailto:".*?<\/a>/', '', $templateCode);
644
645 /* default field values */
646 $rdata = $jdata = get_defaults('notices');
647 if($selected_id){
648 $jdata = get_joined_record('notices', $selected_id);
649 if($jdata === false) $jdata = get_defaults('notices');
650 $rdata = $row;
651 }
652 $templateCode .= loadView('notices-ajax-cache', array('rdata' => $rdata, 'jdata' => $jdata));
653
654 // hook: notices_dv
655 if(function_exists('notices_dv')){
656 $args=array();
657 notices_dv(($selected_id ? $selected_id : FALSE), getMemberInfo(), $templateCode, $args);
658 }
659
660 return $templateCode;
661 }
662 ?>