Hệ thống xếp lịch học tín chỉ cho sinh viên CNTT trên PHP & MySQL
111.156 lượt xem;
- personal_details_dml.php
- project /
1 <?php
2
3 // Data functions (insert, update, delete, form) for table personal_details
4
5 // This script and data application were generated by AppGini 5.72
6 // Download AppGini for free from https://bigprof.com/appgini/download/
7
8 function personal_details_insert(){
9 global $Translation;
10
11 // mm: can member insert record?
12 $arrPerm=getTablePermissions('personal_details');
13 if(!$arrPerm[1]){
14 return false;
15 }
16
17 $data['full_name'] = makeSafe($_REQUEST['full_name']);
18 if($data['full_name'] == empty_lookup_value){ $data['full_name'] = ''; }
19 $data['school'] = makeSafe($_REQUEST['school']);
20 if($data['school'] == empty_lookup_value){ $data['school'] = ''; }
21 $data['department'] = makeSafe($_REQUEST['department']);
22 if($data['department'] == empty_lookup_value){ $data['department'] = ''; }
23 $data['year_of_study'] = makeSafe($_REQUEST['year_of_study']);
24 if($data['year_of_study'] == empty_lookup_value){ $data['year_of_study'] = ''; }
25
26 // hook: personal_details_before_insert
27 if(function_exists('personal_details_before_insert')){
28 $args=array();
29 if(!personal_details_before_insert($data, getMemberInfo(), $args)){ return false; }
30 }
31
32 $o = array('silentErrors' => true);
33 sql('insert into `personal_details` set `full_name`=' . (($data['full_name'] !== '' && $data['full_name'] !== NULL) ? "'{$data['full_name']}'" : 'NULL') . ', `school`=' . (($data['school'] !== '' && $data['school'] !== NULL) ? "'{$data['school']}'" : 'NULL') . ', `department`=' . (($data['department'] !== '' && $data['department'] !== NULL) ? "'{$data['department']}'" : 'NULL') . ', `year_of_study`=' . (($data['year_of_study'] !== '' && $data['year_of_study'] !== NULL) ? "'{$data['year_of_study']}'" : 'NULL'), $o);
34 if($o['error']!=''){
35 echo $o['error'];
36 echo "<a href=\"personal_details_view.php?addNew_x=1\">{$Translation['< back']}</a>";
37 exit;
38 }
39
40 $recID = db_insert_id(db_link());
41
42 // hook: personal_details_after_insert
43 if(function_exists('personal_details_after_insert')){
44 $res = sql("select * from `personal_details` where `id`='" . makeSafe($recID, false) . "' limit 1", $eo);
45 if($row = db_fetch_assoc($res)){
46 $data = array_map('makeSafe', $row);
47 }
48 $data['selectedID'] = makeSafe($recID, false);
49 $args=array();
50 if(!personal_details_after_insert($data, getMemberInfo(), $args)){ return $recID; }
51 }
52
53 // mm: save ownership data
54 set_record_owner('personal_details', $recID, getLoggedMemberID());
55
56 return $recID;
57 }
58
59 function personal_details_delete($selected_id, $AllowDeleteOfParents=false, $skipChecks=false){
60 // insure referential integrity ...
61 global $Translation;
62 $selected_id=makeSafe($selected_id);
63
64 // mm: can member delete record?
65 $arrPerm=getTablePermissions('personal_details');
66 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='personal_details' and pkValue='$selected_id'");
67 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='personal_details' and pkValue='$selected_id'");
68 if(($arrPerm[4]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[4]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[4]==3){ // allow delete?
69 // delete allowed, so continue ...
70 }else{
71 return $Translation['You don\'t have enough permissions to delete this record'];
72 }
73
74 // hook: personal_details_before_delete
75 if(function_exists('personal_details_before_delete')){
76 $args=array();
77 if(!personal_details_before_delete($selected_id, $skipChecks, getMemberInfo(), $args))
78 return $Translation['Couldn\'t delete this record'];
79 }
80
81 sql("delete from `personal_details` where `id`='$selected_id'", $eo);
82
83 // hook: personal_details_after_delete
84 if(function_exists('personal_details_after_delete')){
85 $args=array();
86 personal_details_after_delete($selected_id, getMemberInfo(), $args);
87 }
88
89 // mm: delete ownership data
90 sql("delete from membership_userrecords where tableName='personal_details' and pkValue='$selected_id'", $eo);
91 }
92
93 function personal_details_update($selected_id){
94 global $Translation;
95
96 // mm: can member edit record?
97 $arrPerm=getTablePermissions('personal_details');
98 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='personal_details' and pkValue='".makeSafe($selected_id)."'");
99 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='personal_details' and pkValue='".makeSafe($selected_id)."'");
100 if(($arrPerm[3]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[3]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[3]==3){ // allow update?
101 // update allowed, so continue ...
102 }else{
103 return false;
104 }
105
106 $data['full_name'] = makeSafe($_REQUEST['full_name']);
107 if($data['full_name'] == empty_lookup_value){ $data['full_name'] = ''; }
108 $data['school'] = makeSafe($_REQUEST['school']);
109 if($data['school'] == empty_lookup_value){ $data['school'] = ''; }
110 $data['department'] = makeSafe($_REQUEST['department']);
111 if($data['department'] == empty_lookup_value){ $data['department'] = ''; }
112 $data['year_of_study'] = makeSafe($_REQUEST['year_of_study']);
113 if($data['year_of_study'] == empty_lookup_value){ $data['year_of_study'] = ''; }
114 $data['selectedID']=makeSafe($selected_id);
115
116 // hook: personal_details_before_update
117 if(function_exists('personal_details_before_update')){
118 $args=array();
119 if(!personal_details_before_update($data, getMemberInfo(), $args)){ return false; }
120 }
121
122 $o=array('silentErrors' => true);
123 sql('update `personal_details` set `full_name`=' . (($data['full_name'] !== '' && $data['full_name'] !== NULL) ? "'{$data['full_name']}'" : 'NULL') . ', `school`=' . (($data['school'] !== '' && $data['school'] !== NULL) ? "'{$data['school']}'" : 'NULL') . ', `department`=' . (($data['department'] !== '' && $data['department'] !== NULL) ? "'{$data['department']}'" : 'NULL') . ', `year_of_study`=' . (($data['year_of_study'] !== '' && $data['year_of_study'] !== NULL) ? "'{$data['year_of_study']}'" : 'NULL') . " where `id`='".makeSafe($selected_id)."'", $o);
124 if($o['error']!=''){
125 echo $o['error'];
126 echo '<a href="personal_details_view.php?SelectedID='.urlencode($selected_id)."\">{$Translation['< back']}</a>";
127 exit;
128 }
129
130
131 // hook: personal_details_after_update
132 if(function_exists('personal_details_after_update')){
133 $res = sql("SELECT * FROM `personal_details` WHERE `id`='{$data['selectedID']}' LIMIT 1", $eo);
134 if($row = db_fetch_assoc($res)){
135 $data = array_map('makeSafe', $row);
136 }
137 $data['selectedID'] = $data['id'];
138 $args = array();
139 if(!personal_details_after_update($data, getMemberInfo(), $args)){ return; }
140 }
141
142 // mm: update ownership data
143 sql("update membership_userrecords set dateUpdated='".time()."' where tableName='personal_details' and pkValue='".makeSafe($selected_id)."'", $eo);
144
145 }
146
147 function personal_details_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0, $TemplateDV = '', $TemplateDVP = ''){
148 // function to return an editable form for a table records
149 // and fill it with data of record whose ID is $selected_id. If $selected_id
150 // is empty, an empty form is shown, with only an 'Add New'
151 // button displayed.
152
153 global $Translation;
154
155 // mm: get table permissions
156 $arrPerm=getTablePermissions('personal_details');
157 if(!$arrPerm[1] && $selected_id==''){ return ''; }
158 $AllowInsert = ($arrPerm[1] ? true : false);
159 // print preview?
160 $dvprint = false;
161 if($selected_id && $_REQUEST['dvprint_x'] != ''){
162 $dvprint = true;
163 }
164
165 $filterer_school = thisOr(undo_magic_quotes($_REQUEST['filterer_school']), '');
166 $filterer_department = thisOr(undo_magic_quotes($_REQUEST['filterer_department']), '');
167
168 // populate filterers, starting from children to grand-parents
169 if($filterer_department && !$filterer_school) $filterer_school = sqlValue("select school from departments where id='" . makeSafe($filterer_department) . "'");
170
171 // unique random identifier
172 $rnd1 = ($dvprint ? rand(1000000, 9999999) : '');
173 // combobox: school
174 $combo_school = new DataCombo;
175 // combobox: department, filterable by: school
176 $combo_department = new DataCombo;
177 // combobox: year_of_study
178 $combo_year_of_study = new Combo;
179 $combo_year_of_study->ListType = 0;
180 $combo_year_of_study->MultipleSeparator = ', ';
181 $combo_year_of_study->ListBoxHeight = 10;
182 $combo_year_of_study->RadiosPerLine = 1;
183 if(is_file(dirname(__FILE__).'/hooks/personal_details.year_of_study.csv')){
184 $year_of_study_data = addslashes(implode('', @file(dirname(__FILE__).'/hooks/personal_details.year_of_study.csv')));
185 $combo_year_of_study->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($year_of_study_data)));
186 $combo_year_of_study->ListData = $combo_year_of_study->ListItem;
187 }else{
188 $combo_year_of_study->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("1;;2;;3;;4;;5;;6")));
189 $combo_year_of_study->ListData = $combo_year_of_study->ListItem;
190 }
191 $combo_year_of_study->SelectName = 'year_of_study';
192
193 if($selected_id){
194 // mm: check member permissions
195 if(!$arrPerm[2]){
196 return "";
197 }
198 // mm: who is the owner?
199 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='personal_details' and pkValue='".makeSafe($selected_id)."'");
200 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='personal_details' and pkValue='".makeSafe($selected_id)."'");
201 if($arrPerm[2]==1 && getLoggedMemberID()!=$ownerMemberID){
202 return "";
203 }
204 if($arrPerm[2]==2 && getLoggedGroupID()!=$ownerGroupID){
205 return "";
206 }
207
208 // can edit?
209 if(($arrPerm[3]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[3]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[3]==3){
210 $AllowUpdate=1;
211 }else{
212 $AllowUpdate=0;
213 }
214
215 $res = sql("select * from `personal_details` where `id`='".makeSafe($selected_id)."'", $eo);
216 if(!($row = db_fetch_array($res))){
217 return error_message($Translation['No records found'], 'personal_details_view.php', false);
218 }
219 $urow = $row; /* unsanitized data */
220 $hc = new CI_Input();
221 $row = $hc->xss_clean($row); /* sanitize data */
222 $combo_school->SelectedData = $row['school'];
223 $combo_department->SelectedData = $row['department'];
224 $combo_year_of_study->SelectedData = $row['year_of_study'];
225 }else{
226 $combo_school->SelectedData = $filterer_school;
227 $combo_department->SelectedData = $filterer_department;
228 $combo_year_of_study->SelectedText = ( $_REQUEST['FilterField'][1]=='5' && $_REQUEST['FilterOperator'][1]=='<=>' ? (get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1]) : "");
229 }
230 $combo_school->HTML = '<span id="school-container' . $rnd1 . '"></span><input type="hidden" name="school" id="school' . $rnd1 . '" value="' . html_attr($combo_school->SelectedData) . '">';
231 $combo_school->MatchText = '<span id="school-container-readonly' . $rnd1 . '"></span><input type="hidden" name="school" id="school' . $rnd1 . '" value="' . html_attr($combo_school->SelectedData) . '">';
232 $combo_department->HTML = '<span id="department-container' . $rnd1 . '"></span><input type="hidden" name="department" id="department' . $rnd1 . '" value="' . html_attr($combo_department->SelectedData) . '">';
233 $combo_department->MatchText = '<span id="department-container-readonly' . $rnd1 . '"></span><input type="hidden" name="department" id="department' . $rnd1 . '" value="' . html_attr($combo_department->SelectedData) . '">';
234 $combo_year_of_study->Render();
235
236 ob_start();
237 ?>
238
239 <script>
240 // initial lookup values
241 AppGini.current_school__RAND__ = { text: "", value: "<?php echo addslashes($selected_id ? $urow['school'] : $filterer_school); ?>"};
242 AppGini.current_department__RAND__ = { text: "", value: "<?php echo addslashes($selected_id ? $urow['department'] : $filterer_department); ?>"};
243
244 jQuery(function() {
245 setTimeout(function(){
246 if(typeof(school_reload__RAND__) == 'function') school_reload__RAND__();
247 <?php echo (!$AllowUpdate || $dvprint ? 'if(typeof(department_reload__RAND__) == \'function\') department_reload__RAND__(AppGini.current_school__RAND__.value);' : ''); ?>
248 }, 10); /* we need to slightly delay client-side execution of the above code to allow AppGini.ajaxCache to work */
249 });
250 function school_reload__RAND__(){
251 <?php if(($AllowUpdate || $AllowInsert) && !$dvprint){ ?>
252
253 $j("#school-container__RAND__").select2({
254 /* initial default value */
255 initSelection: function(e, c){
256 $j.ajax({
257 url: 'ajax_combo.php',
258 dataType: 'json',
259 data: { id: AppGini.current_school__RAND__.value, t: 'personal_details', f: 'school' },
260 success: function(resp){
261 c({
262 id: resp.results[0].id,
263 text: resp.results[0].text
264 });
265 $j('[name="school"]').val(resp.results[0].id);
266 $j('[id=school-container-readonly__RAND__]').html('<span id="school-match-text">' + resp.results[0].text + '</span>');
267 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=schools_view_parent]').hide(); }else{ $j('.btn[id=schools_view_parent]').show(); }
268
269 if(typeof(department_reload__RAND__) == 'function') department_reload__RAND__(AppGini.current_school__RAND__.value);
270
271 if(typeof(school_update_autofills__RAND__) == 'function') school_update_autofills__RAND__();
272 }
273 });
274 },
275 width: '100%',
276 formatNoMatches: function(term){ /* */ return '<?php echo addslashes($Translation['No matches found!']); ?>'; },
277 minimumResultsForSearch: 10,
278 loadMorePadding: 200,
279 ajax: {
280 url: 'ajax_combo.php',
281 dataType: 'json',
282 cache: true,
283 data: function(term, page){ /* */ return { s: term, p: page, t: 'personal_details', f: 'school' }; },
284 results: function(resp, page){ /* */ return resp; }
285 },
286 escapeMarkup: function(str){ /* */ return str; }
287 }).on('change', function(e){
288 AppGini.current_school__RAND__.value = e.added.id;
289 AppGini.current_school__RAND__.text = e.added.text;
290 $j('[name="school"]').val(e.added.id);
291 if(e.added.id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=schools_view_parent]').hide(); }else{ $j('.btn[id=schools_view_parent]').show(); }
292
293 if(typeof(department_reload__RAND__) == 'function') department_reload__RAND__(AppGini.current_school__RAND__.value);
294
295 if(typeof(school_update_autofills__RAND__) == 'function') school_update_autofills__RAND__();
296 });
297
298 if(!$j("#school-container__RAND__").length){
299 $j.ajax({
300 url: 'ajax_combo.php',
301 dataType: 'json',
302 data: { id: AppGini.current_school__RAND__.value, t: 'personal_details', f: 'school' },
303 success: function(resp){
304 $j('[name="school"]').val(resp.results[0].id);
305 $j('[id=school-container-readonly__RAND__]').html('<span id="school-match-text">' + resp.results[0].text + '</span>');
306 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=schools_view_parent]').hide(); }else{ $j('.btn[id=schools_view_parent]').show(); }
307
308 if(typeof(school_update_autofills__RAND__) == 'function') school_update_autofills__RAND__();
309 }
310 });
311 }
312
313 <?php }else{ ?>
314
315 $j.ajax({
316 url: 'ajax_combo.php',
317 dataType: 'json',
318 data: { id: AppGini.current_school__RAND__.value, t: 'personal_details', f: 'school' },
319 success: function(resp){
320 $j('[id=school-container__RAND__], [id=school-container-readonly__RAND__]').html('<span id="school-match-text">' + resp.results[0].text + '</span>');
321 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=schools_view_parent]').hide(); }else{ $j('.btn[id=schools_view_parent]').show(); }
322
323 if(typeof(school_update_autofills__RAND__) == 'function') school_update_autofills__RAND__();
324 }
325 });
326 <?php } ?>
327
328 }
329 function department_reload__RAND__(filterer_school){
330 <?php if(($AllowUpdate || $AllowInsert) && !$dvprint){ ?>
331
332 $j("#department-container__RAND__").select2({
333 /* initial default value */
334 initSelection: function(e, c){
335 $j.ajax({
336 url: 'ajax_combo.php',
337 dataType: 'json',
338 data: { filterer_school: filterer_school, id: AppGini.current_department__RAND__.value, t: 'personal_details', f: 'department' },
339 success: function(resp){
340 c({
341 id: resp.results[0].id,
342 text: resp.results[0].text
343 });
344 $j('[name="department"]').val(resp.results[0].id);
345 $j('[id=department-container-readonly__RAND__]').html('<span id="department-match-text">' + resp.results[0].text + '</span>');
346 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=departments_view_parent]').hide(); }else{ $j('.btn[id=departments_view_parent]').show(); }
347
348
349 if(typeof(department_update_autofills__RAND__) == 'function') department_update_autofills__RAND__();
350 }
351 });
352 },
353 width: '100%',
354 formatNoMatches: function(term){ /* */ return '<?php echo addslashes($Translation['No matches found!']); ?>'; },
355 minimumResultsForSearch: 10,
356 loadMorePadding: 200,
357 ajax: {
358 url: 'ajax_combo.php',
359 dataType: 'json',
360 cache: true,
361 data: function(term, page){ /* */ return { filterer_school: filterer_school, s: term, p: page, t: 'personal_details', f: 'department' }; },
362 results: function(resp, page){ /* */ return resp; }
363 },
364 escapeMarkup: function(str){ /* */ return str; }
365 }).on('change', function(e){
366 AppGini.current_department__RAND__.value = e.added.id;
367 AppGini.current_department__RAND__.text = e.added.text;
368 $j('[name="department"]').val(e.added.id);
369 if(e.added.id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=departments_view_parent]').hide(); }else{ $j('.btn[id=departments_view_parent]').show(); }
370
371
372 if(typeof(department_update_autofills__RAND__) == 'function') department_update_autofills__RAND__();
373 });
374
375 if(!$j("#department-container__RAND__").length){
376 $j.ajax({
377 url: 'ajax_combo.php',
378 dataType: 'json',
379 data: { id: AppGini.current_department__RAND__.value, t: 'personal_details', f: 'department' },
380 success: function(resp){
381 $j('[name="department"]').val(resp.results[0].id);
382 $j('[id=department-container-readonly__RAND__]').html('<span id="department-match-text">' + resp.results[0].text + '</span>');
383 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=departments_view_parent]').hide(); }else{ $j('.btn[id=departments_view_parent]').show(); }
384
385 if(typeof(department_update_autofills__RAND__) == 'function') department_update_autofills__RAND__();
386 }
387 });
388 }
389
390 <?php }else{ ?>
391
392 $j.ajax({
393 url: 'ajax_combo.php',
394 dataType: 'json',
395 data: { id: AppGini.current_department__RAND__.value, t: 'personal_details', f: 'department' },
396 success: function(resp){
397 $j('[id=department-container__RAND__], [id=department-container-readonly__RAND__]').html('<span id="department-match-text">' + resp.results[0].text + '</span>');
398 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=departments_view_parent]').hide(); }else{ $j('.btn[id=departments_view_parent]').show(); }
399
400 if(typeof(department_update_autofills__RAND__) == 'function') department_update_autofills__RAND__();
401 }
402 });
403 <?php } ?>
404
405 }
406 </script>
407 <?php
408
409 $lookups = str_replace('__RAND__', $rnd1, ob_get_contents());
410 ob_end_clean();
411
412
413 // code for template based detail view forms
414
415 // open the detail view template
416 if($dvprint){
417 $template_file = is_file("./{$TemplateDVP}") ? "./{$TemplateDVP}" : './templates/personal_details_templateDVP.html';
418 $templateCode = @file_get_contents($template_file);
419 }else{
420 $template_file = is_file("./{$TemplateDV}") ? "./{$TemplateDV}" : './templates/personal_details_templateDV.html';
421 $templateCode = @file_get_contents($template_file);
422 }
423
424 // process form title
425 $templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Thông tin cá nhân', $templateCode);
426 $templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode);
427 $templateCode = str_replace('<%%EMBEDDED%%>', ($_REQUEST['Embedded'] ? 'Embedded=1' : ''), $templateCode);
428 // process buttons
429 if($AllowInsert){
430 if(!$selected_id) $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return personal_details_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode);
431 $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return personal_details_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode);
432 }else{
433 $templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode);
434 }
435
436 // 'Back' button action
437 if($_REQUEST['Embedded']){
438 $backAction = 'AppGini.closeParentModal(); return false;';
439 }else{
440 $backAction = '$j(\'form\').eq(0).attr(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;';
441 }
442
443 if($selected_id){
444 if(!$_REQUEST['Embedded']) $templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;" title="' . html_attr($Translation['Print Preview']) . '"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode);
445 if($AllowUpdate){
446 $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return personal_details_validateData();" title="' . html_attr($Translation['Save Changes']) . '"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode);
447 }else{
448 $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
449 }
450 if(($arrPerm[4]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[4]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[4]==3){ // allow delete?
451 $templateCode = str_replace('<%%DELETE_BUTTON%%>', '<button type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');" title="' . html_attr($Translation['Delete']) . '"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode);
452 }else{
453 $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
454 }
455 $templateCode = str_replace('<%%DESELECT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '" title="' . html_attr($Translation['Back']) . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode);
456 }else{
457 $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
458 $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
459 $templateCode = str_replace('<%%DESELECT_BUTTON%%>', ($ShowCancel ? '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '" title="' . html_attr($Translation['Back']) . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : ''), $templateCode);
460 }
461
462 // set records to read only if user can't insert new records and can't edit current record
463 if(($selected_id && !$AllowUpdate && !$AllowInsert) || (!$selected_id && !$AllowInsert)){
464 $jsReadOnly .= "\tjQuery('#full_name').replaceWith('<div class=\"form-control-static\" id=\"full_name\">' + (jQuery('#full_name').val() || '') + '</div>');\n";
465 $jsReadOnly .= "\tjQuery('#school').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n";
466 $jsReadOnly .= "\tjQuery('#school_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n";
467 $jsReadOnly .= "\tjQuery('#department').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n";
468 $jsReadOnly .= "\tjQuery('#department_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n";
469 $jsReadOnly .= "\tjQuery('#year_of_study').replaceWith('<div class=\"form-control-static\" id=\"year_of_study\">' + (jQuery('#year_of_study').val() || '') + '</div>'); jQuery('#year_of_study-multi-selection-help').hide();\n";
470 $jsReadOnly .= "\tjQuery('.select2-container').hide();\n";
471
472 $noUploads = true;
473 }elseif($AllowInsert){
474 $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', true);"; // temporarily disable form change handler
475 $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', false);"; // re-enable form change handler
476 }
477
478 // process combos
479 $templateCode = str_replace('<%%COMBO(school)%%>', $combo_school->HTML, $templateCode);
480 $templateCode = str_replace('<%%COMBOTEXT(school)%%>', $combo_school->MatchText, $templateCode);
481 $templateCode = str_replace('<%%URLCOMBOTEXT(school)%%>', urlencode($combo_school->MatchText), $templateCode);
482 $templateCode = str_replace('<%%COMBO(department)%%>', $combo_department->HTML, $templateCode);
483 $templateCode = str_replace('<%%COMBOTEXT(department)%%>', $combo_department->MatchText, $templateCode);
484 $templateCode = str_replace('<%%URLCOMBOTEXT(department)%%>', urlencode($combo_department->MatchText), $templateCode);
485 $templateCode = str_replace('<%%COMBO(year_of_study)%%>', $combo_year_of_study->HTML, $templateCode);
486 $templateCode = str_replace('<%%COMBOTEXT(year_of_study)%%>', $combo_year_of_study->SelectedData, $templateCode);
487
488 /* lookup fields array: 'lookup field name' => array('parent table name', 'lookup field caption') */
489 $lookup_fields = array( 'school' => array('schools', 'School'), 'department' => array('departments', 'Department'));
490 foreach($lookup_fields as $luf => $ptfc){
491 $pt_perm = getTablePermissions($ptfc[0]);
492
493 // process foreign key links
494 if($pt_perm['view'] || $pt_perm['edit']){
495 $templateCode = str_replace("<%%PLINK({$luf})%%>", '<button type="button" class="btn btn-default view_parent hspacer-md" id="' . $ptfc[0] . '_view_parent" title="' . html_attr($Translation['View'] . ' ' . $ptfc[1]) . '"><i class="glyphicon glyphicon-eye-open"></i></button>', $templateCode);
496 }
497
498 // if user has insert permission to parent table of a lookup field, put an add new button
499 if($pt_perm['insert'] && !$_REQUEST['Embedded']){
500 $templateCode = str_replace("<%%ADDNEW({$ptfc[0]})%%>", '<button type="button" class="btn btn-success add_new_parent hspacer-md" id="' . $ptfc[0] . '_add_new" title="' . html_attr($Translation['Add New'] . ' ' . $ptfc[1]) . '"><i class="glyphicon glyphicon-plus-sign"></i></button>', $templateCode);
501 }
502 }
503
504 // process images
505 $templateCode = str_replace('<%%UPLOADFILE(id)%%>', '', $templateCode);
506 $templateCode = str_replace('<%%UPLOADFILE(full_name)%%>', '', $templateCode);
507 $templateCode = str_replace('<%%UPLOADFILE(school)%%>', '', $templateCode);
508 $templateCode = str_replace('<%%UPLOADFILE(department)%%>', '', $templateCode);
509 $templateCode = str_replace('<%%UPLOADFILE(year_of_study)%%>', '', $templateCode);
510
511 // process values
512 if($selected_id){
513 if( $dvprint) $templateCode = str_replace('<%%VALUE(id)%%>', safe_html($urow['id']), $templateCode);
514 if(!$dvprint) $templateCode = str_replace('<%%VALUE(id)%%>', html_attr($row['id']), $templateCode);
515 $templateCode = str_replace('<%%URLVALUE(id)%%>', urlencode($urow['id']), $templateCode);
516 if( $dvprint) $templateCode = str_replace('<%%VALUE(full_name)%%>', safe_html($urow['full_name']), $templateCode);
517 if(!$dvprint) $templateCode = str_replace('<%%VALUE(full_name)%%>', html_attr($row['full_name']), $templateCode);
518 $templateCode = str_replace('<%%URLVALUE(full_name)%%>', urlencode($urow['full_name']), $templateCode);
519 if( $dvprint) $templateCode = str_replace('<%%VALUE(school)%%>', safe_html($urow['school']), $templateCode);
520 if(!$dvprint) $templateCode = str_replace('<%%VALUE(school)%%>', html_attr($row['school']), $templateCode);
521 $templateCode = str_replace('<%%URLVALUE(school)%%>', urlencode($urow['school']), $templateCode);
522 if( $dvprint) $templateCode = str_replace('<%%VALUE(department)%%>', safe_html($urow['department']), $templateCode);
523 if(!$dvprint) $templateCode = str_replace('<%%VALUE(department)%%>', html_attr($row['department']), $templateCode);
524 $templateCode = str_replace('<%%URLVALUE(department)%%>', urlencode($urow['department']), $templateCode);
525 if( $dvprint) $templateCode = str_replace('<%%VALUE(year_of_study)%%>', safe_html($urow['year_of_study']), $templateCode);
526 if(!$dvprint) $templateCode = str_replace('<%%VALUE(year_of_study)%%>', html_attr($row['year_of_study']), $templateCode);
527 $templateCode = str_replace('<%%URLVALUE(year_of_study)%%>', urlencode($urow['year_of_study']), $templateCode);
528 }else{
529 $templateCode = str_replace('<%%VALUE(id)%%>', '', $templateCode);
530 $templateCode = str_replace('<%%URLVALUE(id)%%>', urlencode(''), $templateCode);
531 $templateCode = str_replace('<%%VALUE(full_name)%%>', '', $templateCode);
532 $templateCode = str_replace('<%%URLVALUE(full_name)%%>', urlencode(''), $templateCode);
533 $templateCode = str_replace('<%%VALUE(school)%%>', '', $templateCode);
534 $templateCode = str_replace('<%%URLVALUE(school)%%>', urlencode(''), $templateCode);
535 $templateCode = str_replace('<%%VALUE(department)%%>', '', $templateCode);
536 $templateCode = str_replace('<%%URLVALUE(department)%%>', urlencode(''), $templateCode);
537 $templateCode = str_replace('<%%VALUE(year_of_study)%%>', '', $templateCode);
538 $templateCode = str_replace('<%%URLVALUE(year_of_study)%%>', urlencode(''), $templateCode);
539 }
540
541 // process translations
542 foreach($Translation as $symbol=>$trans){
543 $templateCode = str_replace("<%%TRANSLATION($symbol)%%>", $trans, $templateCode);
544 }
545
546 // clear scrap
547 $templateCode = str_replace('<%%', '<!-- ', $templateCode);
548 $templateCode = str_replace('%%>', ' -->', $templateCode);
549
550 // hide links to inaccessible tables
551 if($_REQUEST['dvprint_x'] == ''){
552 $templateCode .= "\n\n<script>\$j(function(){\n";
553 $arrTables = getTableList();
554 foreach($arrTables as $name => $caption){
555 $templateCode .= "\t\$j('#{$name}_link').removeClass('hidden');\n";
556 $templateCode .= "\t\$j('#xs_{$name}_link').removeClass('hidden');\n";
557 }
558
559 $templateCode .= $jsReadOnly;
560 $templateCode .= $jsEditable;
561
562 if(!$selected_id){
563 }
564
565 $templateCode.="\n});</script>\n";
566 }
567
568 // ajaxed auto-fill fields
569 $templateCode .= '<script>';
570 $templateCode .= '$j(function() {';
571
572
573 $templateCode.="});";
574 $templateCode.="</script>";
575 $templateCode .= $lookups;
576
577 // handle enforced parent values for read-only lookup fields
578
579 // don't include blank images in lightbox gallery
580 $templateCode = preg_replace('/blank.gif" data-lightbox=".*?"/', 'blank.gif"', $templateCode);
581
582 // don't display empty email links
583 $templateCode=preg_replace('/<a .*?href="mailto:".*?<\/a>/', '', $templateCode);
584
585 /* default field values */
586 $rdata = $jdata = get_defaults('personal_details');
587 if($selected_id){
588 $jdata = get_joined_record('personal_details', $selected_id);
589 if($jdata === false) $jdata = get_defaults('personal_details');
590 $rdata = $row;
591 }
592 $templateCode .= loadView('personal_details-ajax-cache', array('rdata' => $rdata, 'jdata' => $jdata));
593
594 // hook: personal_details_dv
595 if(function_exists('personal_details_dv')){
596 $args=array();
597 personal_details_dv(($selected_id ? $selected_id : FALSE), getMemberInfo(), $templateCode, $args);
598 }
599
600 return $templateCode;
601 }
602 ?>
2
3 // Data functions (insert, update, delete, form) for table personal_details
4
5 // This script and data application were generated by AppGini 5.72
6 // Download AppGini for free from https://bigprof.com/appgini/download/
7
8 function personal_details_insert(){
9 global $Translation;
10
11 // mm: can member insert record?
12 $arrPerm=getTablePermissions('personal_details');
13 if(!$arrPerm[1]){
14 return false;
15 }
16
17 $data['full_name'] = makeSafe($_REQUEST['full_name']);
18 if($data['full_name'] == empty_lookup_value){ $data['full_name'] = ''; }
19 $data['school'] = makeSafe($_REQUEST['school']);
20 if($data['school'] == empty_lookup_value){ $data['school'] = ''; }
21 $data['department'] = makeSafe($_REQUEST['department']);
22 if($data['department'] == empty_lookup_value){ $data['department'] = ''; }
23 $data['year_of_study'] = makeSafe($_REQUEST['year_of_study']);
24 if($data['year_of_study'] == empty_lookup_value){ $data['year_of_study'] = ''; }
25
26 // hook: personal_details_before_insert
27 if(function_exists('personal_details_before_insert')){
28 $args=array();
29 if(!personal_details_before_insert($data, getMemberInfo(), $args)){ return false; }
30 }
31
32 $o = array('silentErrors' => true);
33 sql('insert into `personal_details` set `full_name`=' . (($data['full_name'] !== '' && $data['full_name'] !== NULL) ? "'{$data['full_name']}'" : 'NULL') . ', `school`=' . (($data['school'] !== '' && $data['school'] !== NULL) ? "'{$data['school']}'" : 'NULL') . ', `department`=' . (($data['department'] !== '' && $data['department'] !== NULL) ? "'{$data['department']}'" : 'NULL') . ', `year_of_study`=' . (($data['year_of_study'] !== '' && $data['year_of_study'] !== NULL) ? "'{$data['year_of_study']}'" : 'NULL'), $o);
34 if($o['error']!=''){
35 echo $o['error'];
36 echo "<a href=\"personal_details_view.php?addNew_x=1\">{$Translation['< back']}</a>";
37 exit;
38 }
39
40 $recID = db_insert_id(db_link());
41
42 // hook: personal_details_after_insert
43 if(function_exists('personal_details_after_insert')){
44 $res = sql("select * from `personal_details` where `id`='" . makeSafe($recID, false) . "' limit 1", $eo);
45 if($row = db_fetch_assoc($res)){
46 $data = array_map('makeSafe', $row);
47 }
48 $data['selectedID'] = makeSafe($recID, false);
49 $args=array();
50 if(!personal_details_after_insert($data, getMemberInfo(), $args)){ return $recID; }
51 }
52
53 // mm: save ownership data
54 set_record_owner('personal_details', $recID, getLoggedMemberID());
55
56 return $recID;
57 }
58
59 function personal_details_delete($selected_id, $AllowDeleteOfParents=false, $skipChecks=false){
60 // insure referential integrity ...
61 global $Translation;
62 $selected_id=makeSafe($selected_id);
63
64 // mm: can member delete record?
65 $arrPerm=getTablePermissions('personal_details');
66 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='personal_details' and pkValue='$selected_id'");
67 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='personal_details' and pkValue='$selected_id'");
68 if(($arrPerm[4]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[4]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[4]==3){ // allow delete?
69 // delete allowed, so continue ...
70 }else{
71 return $Translation['You don\'t have enough permissions to delete this record'];
72 }
73
74 // hook: personal_details_before_delete
75 if(function_exists('personal_details_before_delete')){
76 $args=array();
77 if(!personal_details_before_delete($selected_id, $skipChecks, getMemberInfo(), $args))
78 return $Translation['Couldn\'t delete this record'];
79 }
80
81 sql("delete from `personal_details` where `id`='$selected_id'", $eo);
82
83 // hook: personal_details_after_delete
84 if(function_exists('personal_details_after_delete')){
85 $args=array();
86 personal_details_after_delete($selected_id, getMemberInfo(), $args);
87 }
88
89 // mm: delete ownership data
90 sql("delete from membership_userrecords where tableName='personal_details' and pkValue='$selected_id'", $eo);
91 }
92
93 function personal_details_update($selected_id){
94 global $Translation;
95
96 // mm: can member edit record?
97 $arrPerm=getTablePermissions('personal_details');
98 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='personal_details' and pkValue='".makeSafe($selected_id)."'");
99 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='personal_details' and pkValue='".makeSafe($selected_id)."'");
100 if(($arrPerm[3]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[3]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[3]==3){ // allow update?
101 // update allowed, so continue ...
102 }else{
103 return false;
104 }
105
106 $data['full_name'] = makeSafe($_REQUEST['full_name']);
107 if($data['full_name'] == empty_lookup_value){ $data['full_name'] = ''; }
108 $data['school'] = makeSafe($_REQUEST['school']);
109 if($data['school'] == empty_lookup_value){ $data['school'] = ''; }
110 $data['department'] = makeSafe($_REQUEST['department']);
111 if($data['department'] == empty_lookup_value){ $data['department'] = ''; }
112 $data['year_of_study'] = makeSafe($_REQUEST['year_of_study']);
113 if($data['year_of_study'] == empty_lookup_value){ $data['year_of_study'] = ''; }
114 $data['selectedID']=makeSafe($selected_id);
115
116 // hook: personal_details_before_update
117 if(function_exists('personal_details_before_update')){
118 $args=array();
119 if(!personal_details_before_update($data, getMemberInfo(), $args)){ return false; }
120 }
121
122 $o=array('silentErrors' => true);
123 sql('update `personal_details` set `full_name`=' . (($data['full_name'] !== '' && $data['full_name'] !== NULL) ? "'{$data['full_name']}'" : 'NULL') . ', `school`=' . (($data['school'] !== '' && $data['school'] !== NULL) ? "'{$data['school']}'" : 'NULL') . ', `department`=' . (($data['department'] !== '' && $data['department'] !== NULL) ? "'{$data['department']}'" : 'NULL') . ', `year_of_study`=' . (($data['year_of_study'] !== '' && $data['year_of_study'] !== NULL) ? "'{$data['year_of_study']}'" : 'NULL') . " where `id`='".makeSafe($selected_id)."'", $o);
124 if($o['error']!=''){
125 echo $o['error'];
126 echo '<a href="personal_details_view.php?SelectedID='.urlencode($selected_id)."\">{$Translation['< back']}</a>";
127 exit;
128 }
129
130
131 // hook: personal_details_after_update
132 if(function_exists('personal_details_after_update')){
133 $res = sql("SELECT * FROM `personal_details` WHERE `id`='{$data['selectedID']}' LIMIT 1", $eo);
134 if($row = db_fetch_assoc($res)){
135 $data = array_map('makeSafe', $row);
136 }
137 $data['selectedID'] = $data['id'];
138 $args = array();
139 if(!personal_details_after_update($data, getMemberInfo(), $args)){ return; }
140 }
141
142 // mm: update ownership data
143 sql("update membership_userrecords set dateUpdated='".time()."' where tableName='personal_details' and pkValue='".makeSafe($selected_id)."'", $eo);
144
145 }
146
147 function personal_details_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0, $TemplateDV = '', $TemplateDVP = ''){
148 // function to return an editable form for a table records
149 // and fill it with data of record whose ID is $selected_id. If $selected_id
150 // is empty, an empty form is shown, with only an 'Add New'
151 // button displayed.
152
153 global $Translation;
154
155 // mm: get table permissions
156 $arrPerm=getTablePermissions('personal_details');
157 if(!$arrPerm[1] && $selected_id==''){ return ''; }
158 $AllowInsert = ($arrPerm[1] ? true : false);
159 // print preview?
160 $dvprint = false;
161 if($selected_id && $_REQUEST['dvprint_x'] != ''){
162 $dvprint = true;
163 }
164
165 $filterer_school = thisOr(undo_magic_quotes($_REQUEST['filterer_school']), '');
166 $filterer_department = thisOr(undo_magic_quotes($_REQUEST['filterer_department']), '');
167
168 // populate filterers, starting from children to grand-parents
169 if($filterer_department && !$filterer_school) $filterer_school = sqlValue("select school from departments where id='" . makeSafe($filterer_department) . "'");
170
171 // unique random identifier
172 $rnd1 = ($dvprint ? rand(1000000, 9999999) : '');
173 // combobox: school
174 $combo_school = new DataCombo;
175 // combobox: department, filterable by: school
176 $combo_department = new DataCombo;
177 // combobox: year_of_study
178 $combo_year_of_study = new Combo;
179 $combo_year_of_study->ListType = 0;
180 $combo_year_of_study->MultipleSeparator = ', ';
181 $combo_year_of_study->ListBoxHeight = 10;
182 $combo_year_of_study->RadiosPerLine = 1;
183 if(is_file(dirname(__FILE__).'/hooks/personal_details.year_of_study.csv')){
184 $year_of_study_data = addslashes(implode('', @file(dirname(__FILE__).'/hooks/personal_details.year_of_study.csv')));
185 $combo_year_of_study->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($year_of_study_data)));
186 $combo_year_of_study->ListData = $combo_year_of_study->ListItem;
187 }else{
188 $combo_year_of_study->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("1;;2;;3;;4;;5;;6")));
189 $combo_year_of_study->ListData = $combo_year_of_study->ListItem;
190 }
191 $combo_year_of_study->SelectName = 'year_of_study';
192
193 if($selected_id){
194 // mm: check member permissions
195 if(!$arrPerm[2]){
196 return "";
197 }
198 // mm: who is the owner?
199 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='personal_details' and pkValue='".makeSafe($selected_id)."'");
200 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='personal_details' and pkValue='".makeSafe($selected_id)."'");
201 if($arrPerm[2]==1 && getLoggedMemberID()!=$ownerMemberID){
202 return "";
203 }
204 if($arrPerm[2]==2 && getLoggedGroupID()!=$ownerGroupID){
205 return "";
206 }
207
208 // can edit?
209 if(($arrPerm[3]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[3]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[3]==3){
210 $AllowUpdate=1;
211 }else{
212 $AllowUpdate=0;
213 }
214
215 $res = sql("select * from `personal_details` where `id`='".makeSafe($selected_id)."'", $eo);
216 if(!($row = db_fetch_array($res))){
217 return error_message($Translation['No records found'], 'personal_details_view.php', false);
218 }
219 $urow = $row; /* unsanitized data */
220 $hc = new CI_Input();
221 $row = $hc->xss_clean($row); /* sanitize data */
222 $combo_school->SelectedData = $row['school'];
223 $combo_department->SelectedData = $row['department'];
224 $combo_year_of_study->SelectedData = $row['year_of_study'];
225 }else{
226 $combo_school->SelectedData = $filterer_school;
227 $combo_department->SelectedData = $filterer_department;
228 $combo_year_of_study->SelectedText = ( $_REQUEST['FilterField'][1]=='5' && $_REQUEST['FilterOperator'][1]=='<=>' ? (get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1]) : "");
229 }
230 $combo_school->HTML = '<span id="school-container' . $rnd1 . '"></span><input type="hidden" name="school" id="school' . $rnd1 . '" value="' . html_attr($combo_school->SelectedData) . '">';
231 $combo_school->MatchText = '<span id="school-container-readonly' . $rnd1 . '"></span><input type="hidden" name="school" id="school' . $rnd1 . '" value="' . html_attr($combo_school->SelectedData) . '">';
232 $combo_department->HTML = '<span id="department-container' . $rnd1 . '"></span><input type="hidden" name="department" id="department' . $rnd1 . '" value="' . html_attr($combo_department->SelectedData) . '">';
233 $combo_department->MatchText = '<span id="department-container-readonly' . $rnd1 . '"></span><input type="hidden" name="department" id="department' . $rnd1 . '" value="' . html_attr($combo_department->SelectedData) . '">';
234 $combo_year_of_study->Render();
235
236 ob_start();
237 ?>
238
239 <script>
240 // initial lookup values
241 AppGini.current_school__RAND__ = { text: "", value: "<?php echo addslashes($selected_id ? $urow['school'] : $filterer_school); ?>"};
242 AppGini.current_department__RAND__ = { text: "", value: "<?php echo addslashes($selected_id ? $urow['department'] : $filterer_department); ?>"};
243
244 jQuery(function() {
245 setTimeout(function(){
246 if(typeof(school_reload__RAND__) == 'function') school_reload__RAND__();
247 <?php echo (!$AllowUpdate || $dvprint ? 'if(typeof(department_reload__RAND__) == \'function\') department_reload__RAND__(AppGini.current_school__RAND__.value);' : ''); ?>
248 }, 10); /* we need to slightly delay client-side execution of the above code to allow AppGini.ajaxCache to work */
249 });
250 function school_reload__RAND__(){
251 <?php if(($AllowUpdate || $AllowInsert) && !$dvprint){ ?>
252
253 $j("#school-container__RAND__").select2({
254 /* initial default value */
255 initSelection: function(e, c){
256 $j.ajax({
257 url: 'ajax_combo.php',
258 dataType: 'json',
259 data: { id: AppGini.current_school__RAND__.value, t: 'personal_details', f: 'school' },
260 success: function(resp){
261 c({
262 id: resp.results[0].id,
263 text: resp.results[0].text
264 });
265 $j('[name="school"]').val(resp.results[0].id);
266 $j('[id=school-container-readonly__RAND__]').html('<span id="school-match-text">' + resp.results[0].text + '</span>');
267 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=schools_view_parent]').hide(); }else{ $j('.btn[id=schools_view_parent]').show(); }
268
269 if(typeof(department_reload__RAND__) == 'function') department_reload__RAND__(AppGini.current_school__RAND__.value);
270
271 if(typeof(school_update_autofills__RAND__) == 'function') school_update_autofills__RAND__();
272 }
273 });
274 },
275 width: '100%',
276 formatNoMatches: function(term){ /* */ return '<?php echo addslashes($Translation['No matches found!']); ?>'; },
277 minimumResultsForSearch: 10,
278 loadMorePadding: 200,
279 ajax: {
280 url: 'ajax_combo.php',
281 dataType: 'json',
282 cache: true,
283 data: function(term, page){ /* */ return { s: term, p: page, t: 'personal_details', f: 'school' }; },
284 results: function(resp, page){ /* */ return resp; }
285 },
286 escapeMarkup: function(str){ /* */ return str; }
287 }).on('change', function(e){
288 AppGini.current_school__RAND__.value = e.added.id;
289 AppGini.current_school__RAND__.text = e.added.text;
290 $j('[name="school"]').val(e.added.id);
291 if(e.added.id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=schools_view_parent]').hide(); }else{ $j('.btn[id=schools_view_parent]').show(); }
292
293 if(typeof(department_reload__RAND__) == 'function') department_reload__RAND__(AppGini.current_school__RAND__.value);
294
295 if(typeof(school_update_autofills__RAND__) == 'function') school_update_autofills__RAND__();
296 });
297
298 if(!$j("#school-container__RAND__").length){
299 $j.ajax({
300 url: 'ajax_combo.php',
301 dataType: 'json',
302 data: { id: AppGini.current_school__RAND__.value, t: 'personal_details', f: 'school' },
303 success: function(resp){
304 $j('[name="school"]').val(resp.results[0].id);
305 $j('[id=school-container-readonly__RAND__]').html('<span id="school-match-text">' + resp.results[0].text + '</span>');
306 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=schools_view_parent]').hide(); }else{ $j('.btn[id=schools_view_parent]').show(); }
307
308 if(typeof(school_update_autofills__RAND__) == 'function') school_update_autofills__RAND__();
309 }
310 });
311 }
312
313 <?php }else{ ?>
314
315 $j.ajax({
316 url: 'ajax_combo.php',
317 dataType: 'json',
318 data: { id: AppGini.current_school__RAND__.value, t: 'personal_details', f: 'school' },
319 success: function(resp){
320 $j('[id=school-container__RAND__], [id=school-container-readonly__RAND__]').html('<span id="school-match-text">' + resp.results[0].text + '</span>');
321 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=schools_view_parent]').hide(); }else{ $j('.btn[id=schools_view_parent]').show(); }
322
323 if(typeof(school_update_autofills__RAND__) == 'function') school_update_autofills__RAND__();
324 }
325 });
326 <?php } ?>
327
328 }
329 function department_reload__RAND__(filterer_school){
330 <?php if(($AllowUpdate || $AllowInsert) && !$dvprint){ ?>
331
332 $j("#department-container__RAND__").select2({
333 /* initial default value */
334 initSelection: function(e, c){
335 $j.ajax({
336 url: 'ajax_combo.php',
337 dataType: 'json',
338 data: { filterer_school: filterer_school, id: AppGini.current_department__RAND__.value, t: 'personal_details', f: 'department' },
339 success: function(resp){
340 c({
341 id: resp.results[0].id,
342 text: resp.results[0].text
343 });
344 $j('[name="department"]').val(resp.results[0].id);
345 $j('[id=department-container-readonly__RAND__]').html('<span id="department-match-text">' + resp.results[0].text + '</span>');
346 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=departments_view_parent]').hide(); }else{ $j('.btn[id=departments_view_parent]').show(); }
347
348
349 if(typeof(department_update_autofills__RAND__) == 'function') department_update_autofills__RAND__();
350 }
351 });
352 },
353 width: '100%',
354 formatNoMatches: function(term){ /* */ return '<?php echo addslashes($Translation['No matches found!']); ?>'; },
355 minimumResultsForSearch: 10,
356 loadMorePadding: 200,
357 ajax: {
358 url: 'ajax_combo.php',
359 dataType: 'json',
360 cache: true,
361 data: function(term, page){ /* */ return { filterer_school: filterer_school, s: term, p: page, t: 'personal_details', f: 'department' }; },
362 results: function(resp, page){ /* */ return resp; }
363 },
364 escapeMarkup: function(str){ /* */ return str; }
365 }).on('change', function(e){
366 AppGini.current_department__RAND__.value = e.added.id;
367 AppGini.current_department__RAND__.text = e.added.text;
368 $j('[name="department"]').val(e.added.id);
369 if(e.added.id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=departments_view_parent]').hide(); }else{ $j('.btn[id=departments_view_parent]').show(); }
370
371
372 if(typeof(department_update_autofills__RAND__) == 'function') department_update_autofills__RAND__();
373 });
374
375 if(!$j("#department-container__RAND__").length){
376 $j.ajax({
377 url: 'ajax_combo.php',
378 dataType: 'json',
379 data: { id: AppGini.current_department__RAND__.value, t: 'personal_details', f: 'department' },
380 success: function(resp){
381 $j('[name="department"]').val(resp.results[0].id);
382 $j('[id=department-container-readonly__RAND__]').html('<span id="department-match-text">' + resp.results[0].text + '</span>');
383 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=departments_view_parent]').hide(); }else{ $j('.btn[id=departments_view_parent]').show(); }
384
385 if(typeof(department_update_autofills__RAND__) == 'function') department_update_autofills__RAND__();
386 }
387 });
388 }
389
390 <?php }else{ ?>
391
392 $j.ajax({
393 url: 'ajax_combo.php',
394 dataType: 'json',
395 data: { id: AppGini.current_department__RAND__.value, t: 'personal_details', f: 'department' },
396 success: function(resp){
397 $j('[id=department-container__RAND__], [id=department-container-readonly__RAND__]').html('<span id="department-match-text">' + resp.results[0].text + '</span>');
398 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=departments_view_parent]').hide(); }else{ $j('.btn[id=departments_view_parent]').show(); }
399
400 if(typeof(department_update_autofills__RAND__) == 'function') department_update_autofills__RAND__();
401 }
402 });
403 <?php } ?>
404
405 }
406 </script>
407 <?php
408
409 $lookups = str_replace('__RAND__', $rnd1, ob_get_contents());
410 ob_end_clean();
411
412
413 // code for template based detail view forms
414
415 // open the detail view template
416 if($dvprint){
417 $template_file = is_file("./{$TemplateDVP}") ? "./{$TemplateDVP}" : './templates/personal_details_templateDVP.html';
418 $templateCode = @file_get_contents($template_file);
419 }else{
420 $template_file = is_file("./{$TemplateDV}") ? "./{$TemplateDV}" : './templates/personal_details_templateDV.html';
421 $templateCode = @file_get_contents($template_file);
422 }
423
424 // process form title
425 $templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Thông tin cá nhân', $templateCode);
426 $templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode);
427 $templateCode = str_replace('<%%EMBEDDED%%>', ($_REQUEST['Embedded'] ? 'Embedded=1' : ''), $templateCode);
428 // process buttons
429 if($AllowInsert){
430 if(!$selected_id) $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return personal_details_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode);
431 $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return personal_details_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode);
432 }else{
433 $templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode);
434 }
435
436 // 'Back' button action
437 if($_REQUEST['Embedded']){
438 $backAction = 'AppGini.closeParentModal(); return false;';
439 }else{
440 $backAction = '$j(\'form\').eq(0).attr(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;';
441 }
442
443 if($selected_id){
444 if(!$_REQUEST['Embedded']) $templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;" title="' . html_attr($Translation['Print Preview']) . '"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode);
445 if($AllowUpdate){
446 $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return personal_details_validateData();" title="' . html_attr($Translation['Save Changes']) . '"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode);
447 }else{
448 $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
449 }
450 if(($arrPerm[4]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[4]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[4]==3){ // allow delete?
451 $templateCode = str_replace('<%%DELETE_BUTTON%%>', '<button type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');" title="' . html_attr($Translation['Delete']) . '"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode);
452 }else{
453 $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
454 }
455 $templateCode = str_replace('<%%DESELECT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '" title="' . html_attr($Translation['Back']) . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode);
456 }else{
457 $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
458 $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
459 $templateCode = str_replace('<%%DESELECT_BUTTON%%>', ($ShowCancel ? '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '" title="' . html_attr($Translation['Back']) . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : ''), $templateCode);
460 }
461
462 // set records to read only if user can't insert new records and can't edit current record
463 if(($selected_id && !$AllowUpdate && !$AllowInsert) || (!$selected_id && !$AllowInsert)){
464 $jsReadOnly .= "\tjQuery('#full_name').replaceWith('<div class=\"form-control-static\" id=\"full_name\">' + (jQuery('#full_name').val() || '') + '</div>');\n";
465 $jsReadOnly .= "\tjQuery('#school').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n";
466 $jsReadOnly .= "\tjQuery('#school_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n";
467 $jsReadOnly .= "\tjQuery('#department').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n";
468 $jsReadOnly .= "\tjQuery('#department_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n";
469 $jsReadOnly .= "\tjQuery('#year_of_study').replaceWith('<div class=\"form-control-static\" id=\"year_of_study\">' + (jQuery('#year_of_study').val() || '') + '</div>'); jQuery('#year_of_study-multi-selection-help').hide();\n";
470 $jsReadOnly .= "\tjQuery('.select2-container').hide();\n";
471
472 $noUploads = true;
473 }elseif($AllowInsert){
474 $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', true);"; // temporarily disable form change handler
475 $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', false);"; // re-enable form change handler
476 }
477
478 // process combos
479 $templateCode = str_replace('<%%COMBO(school)%%>', $combo_school->HTML, $templateCode);
480 $templateCode = str_replace('<%%COMBOTEXT(school)%%>', $combo_school->MatchText, $templateCode);
481 $templateCode = str_replace('<%%URLCOMBOTEXT(school)%%>', urlencode($combo_school->MatchText), $templateCode);
482 $templateCode = str_replace('<%%COMBO(department)%%>', $combo_department->HTML, $templateCode);
483 $templateCode = str_replace('<%%COMBOTEXT(department)%%>', $combo_department->MatchText, $templateCode);
484 $templateCode = str_replace('<%%URLCOMBOTEXT(department)%%>', urlencode($combo_department->MatchText), $templateCode);
485 $templateCode = str_replace('<%%COMBO(year_of_study)%%>', $combo_year_of_study->HTML, $templateCode);
486 $templateCode = str_replace('<%%COMBOTEXT(year_of_study)%%>', $combo_year_of_study->SelectedData, $templateCode);
487
488 /* lookup fields array: 'lookup field name' => array('parent table name', 'lookup field caption') */
489 $lookup_fields = array( 'school' => array('schools', 'School'), 'department' => array('departments', 'Department'));
490 foreach($lookup_fields as $luf => $ptfc){
491 $pt_perm = getTablePermissions($ptfc[0]);
492
493 // process foreign key links
494 if($pt_perm['view'] || $pt_perm['edit']){
495 $templateCode = str_replace("<%%PLINK({$luf})%%>", '<button type="button" class="btn btn-default view_parent hspacer-md" id="' . $ptfc[0] . '_view_parent" title="' . html_attr($Translation['View'] . ' ' . $ptfc[1]) . '"><i class="glyphicon glyphicon-eye-open"></i></button>', $templateCode);
496 }
497
498 // if user has insert permission to parent table of a lookup field, put an add new button
499 if($pt_perm['insert'] && !$_REQUEST['Embedded']){
500 $templateCode = str_replace("<%%ADDNEW({$ptfc[0]})%%>", '<button type="button" class="btn btn-success add_new_parent hspacer-md" id="' . $ptfc[0] . '_add_new" title="' . html_attr($Translation['Add New'] . ' ' . $ptfc[1]) . '"><i class="glyphicon glyphicon-plus-sign"></i></button>', $templateCode);
501 }
502 }
503
504 // process images
505 $templateCode = str_replace('<%%UPLOADFILE(id)%%>', '', $templateCode);
506 $templateCode = str_replace('<%%UPLOADFILE(full_name)%%>', '', $templateCode);
507 $templateCode = str_replace('<%%UPLOADFILE(school)%%>', '', $templateCode);
508 $templateCode = str_replace('<%%UPLOADFILE(department)%%>', '', $templateCode);
509 $templateCode = str_replace('<%%UPLOADFILE(year_of_study)%%>', '', $templateCode);
510
511 // process values
512 if($selected_id){
513 if( $dvprint) $templateCode = str_replace('<%%VALUE(id)%%>', safe_html($urow['id']), $templateCode);
514 if(!$dvprint) $templateCode = str_replace('<%%VALUE(id)%%>', html_attr($row['id']), $templateCode);
515 $templateCode = str_replace('<%%URLVALUE(id)%%>', urlencode($urow['id']), $templateCode);
516 if( $dvprint) $templateCode = str_replace('<%%VALUE(full_name)%%>', safe_html($urow['full_name']), $templateCode);
517 if(!$dvprint) $templateCode = str_replace('<%%VALUE(full_name)%%>', html_attr($row['full_name']), $templateCode);
518 $templateCode = str_replace('<%%URLVALUE(full_name)%%>', urlencode($urow['full_name']), $templateCode);
519 if( $dvprint) $templateCode = str_replace('<%%VALUE(school)%%>', safe_html($urow['school']), $templateCode);
520 if(!$dvprint) $templateCode = str_replace('<%%VALUE(school)%%>', html_attr($row['school']), $templateCode);
521 $templateCode = str_replace('<%%URLVALUE(school)%%>', urlencode($urow['school']), $templateCode);
522 if( $dvprint) $templateCode = str_replace('<%%VALUE(department)%%>', safe_html($urow['department']), $templateCode);
523 if(!$dvprint) $templateCode = str_replace('<%%VALUE(department)%%>', html_attr($row['department']), $templateCode);
524 $templateCode = str_replace('<%%URLVALUE(department)%%>', urlencode($urow['department']), $templateCode);
525 if( $dvprint) $templateCode = str_replace('<%%VALUE(year_of_study)%%>', safe_html($urow['year_of_study']), $templateCode);
526 if(!$dvprint) $templateCode = str_replace('<%%VALUE(year_of_study)%%>', html_attr($row['year_of_study']), $templateCode);
527 $templateCode = str_replace('<%%URLVALUE(year_of_study)%%>', urlencode($urow['year_of_study']), $templateCode);
528 }else{
529 $templateCode = str_replace('<%%VALUE(id)%%>', '', $templateCode);
530 $templateCode = str_replace('<%%URLVALUE(id)%%>', urlencode(''), $templateCode);
531 $templateCode = str_replace('<%%VALUE(full_name)%%>', '', $templateCode);
532 $templateCode = str_replace('<%%URLVALUE(full_name)%%>', urlencode(''), $templateCode);
533 $templateCode = str_replace('<%%VALUE(school)%%>', '', $templateCode);
534 $templateCode = str_replace('<%%URLVALUE(school)%%>', urlencode(''), $templateCode);
535 $templateCode = str_replace('<%%VALUE(department)%%>', '', $templateCode);
536 $templateCode = str_replace('<%%URLVALUE(department)%%>', urlencode(''), $templateCode);
537 $templateCode = str_replace('<%%VALUE(year_of_study)%%>', '', $templateCode);
538 $templateCode = str_replace('<%%URLVALUE(year_of_study)%%>', urlencode(''), $templateCode);
539 }
540
541 // process translations
542 foreach($Translation as $symbol=>$trans){
543 $templateCode = str_replace("<%%TRANSLATION($symbol)%%>", $trans, $templateCode);
544 }
545
546 // clear scrap
547 $templateCode = str_replace('<%%', '<!-- ', $templateCode);
548 $templateCode = str_replace('%%>', ' -->', $templateCode);
549
550 // hide links to inaccessible tables
551 if($_REQUEST['dvprint_x'] == ''){
552 $templateCode .= "\n\n<script>\$j(function(){\n";
553 $arrTables = getTableList();
554 foreach($arrTables as $name => $caption){
555 $templateCode .= "\t\$j('#{$name}_link').removeClass('hidden');\n";
556 $templateCode .= "\t\$j('#xs_{$name}_link').removeClass('hidden');\n";
557 }
558
559 $templateCode .= $jsReadOnly;
560 $templateCode .= $jsEditable;
561
562 if(!$selected_id){
563 }
564
565 $templateCode.="\n});</script>\n";
566 }
567
568 // ajaxed auto-fill fields
569 $templateCode .= '<script>';
570 $templateCode .= '$j(function() {';
571
572
573 $templateCode.="});";
574 $templateCode.="</script>";
575 $templateCode .= $lookups;
576
577 // handle enforced parent values for read-only lookup fields
578
579 // don't include blank images in lightbox gallery
580 $templateCode = preg_replace('/blank.gif" data-lightbox=".*?"/', 'blank.gif"', $templateCode);
581
582 // don't display empty email links
583 $templateCode=preg_replace('/<a .*?href="mailto:".*?<\/a>/', '', $templateCode);
584
585 /* default field values */
586 $rdata = $jdata = get_defaults('personal_details');
587 if($selected_id){
588 $jdata = get_joined_record('personal_details', $selected_id);
589 if($jdata === false) $jdata = get_defaults('personal_details');
590 $rdata = $row;
591 }
592 $templateCode .= loadView('personal_details-ajax-cache', array('rdata' => $rdata, 'jdata' => $jdata));
593
594 // hook: personal_details_dv
595 if(function_exists('personal_details_dv')){
596 $args=array();
597 personal_details_dv(($selected_id ? $selected_id : FALSE), getMemberInfo(), $templateCode, $args);
598 }
599
600 return $templateCode;
601 }
602 ?>