Hệ thống xếp lịch học tín chỉ cho sinh viên CNTT trên PHP & MySQL
111.079 lượt xem;
- student_details_dml.php
- project /
1 <?php
2
3 // Data functions (insert, update, delete, form) for table student_details
4
5 // This script and data application were generated by AppGini 5.72
6 // Download AppGini for free from https://bigprof.com/appgini/download/
7
8 function student_details_insert(){
9 global $Translation;
10
11 // mm: can member insert record?
12 $arrPerm=getTablePermissions('student_details');
13 if(!$arrPerm[1]){
14 return false;
15 }
16
17 $data['full_name'] = makeSafe($_REQUEST['full_name']);
18 if($data['full_name'] == empty_lookup_value){ $data['full_name'] = ''; }
19 $data['school'] = makeSafe($_REQUEST['school']);
20 if($data['school'] == empty_lookup_value){ $data['school'] = ''; }
21 $data['department'] = makeSafe($_REQUEST['department']);
22 if($data['department'] == empty_lookup_value){ $data['department'] = ''; }
23 $data['year_of_study'] = makeSafe($_REQUEST['year_of_study']);
24 if($data['year_of_study'] == empty_lookup_value){ $data['year_of_study'] = ''; }
25 $data['reg_no'] = makeSafe($_REQUEST['reg_no']);
26 if($data['reg_no'] == empty_lookup_value){ $data['reg_no'] = ''; }
27 if($data['full_name']== ''){
28 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">" . $Translation['error:'] . " 'Full name': " . $Translation['field not null'] . '<br><br>';
29 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
30 exit;
31 }
32 if($data['school']== ''){
33 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">" . $Translation['error:'] . " 'School': " . $Translation['field not null'] . '<br><br>';
34 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
35 exit;
36 }
37 if($data['department']== ''){
38 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">" . $Translation['error:'] . " 'Department': " . $Translation['field not null'] . '<br><br>';
39 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
40 exit;
41 }
42 if($data['year_of_study']== ''){
43 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">" . $Translation['error:'] . " 'Year of study': " . $Translation['field not null'] . '<br><br>';
44 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
45 exit;
46 }
47 if($data['reg_no']== ''){
48 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">" . $Translation['error:'] . " 'Reg no': " . $Translation['field not null'] . '<br><br>';
49 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
50 exit;
51 }
52
53 // hook: student_details_before_insert
54 if(function_exists('student_details_before_insert')){
55 $args=array();
56 if(!student_details_before_insert($data, getMemberInfo(), $args)){ return false; }
57 }
58
59 $o = array('silentErrors' => true);
60 sql('insert into `student_details` set `full_name`=' . (($data['full_name'] !== '' && $data['full_name'] !== NULL) ? "'{$data['full_name']}'" : 'NULL') . ', `school`=' . (($data['school'] !== '' && $data['school'] !== NULL) ? "'{$data['school']}'" : 'NULL') . ', `department`=' . (($data['department'] !== '' && $data['department'] !== NULL) ? "'{$data['department']}'" : 'NULL') . ', `year_of_study`=' . (($data['year_of_study'] !== '' && $data['year_of_study'] !== NULL) ? "'{$data['year_of_study']}'" : 'NULL') . ', `reg_no`=' . (($data['reg_no'] !== '' && $data['reg_no'] !== NULL) ? "'{$data['reg_no']}'" : 'NULL'), $o);
61 if($o['error']!=''){
62 echo $o['error'];
63 echo "<a href=\"student_details_view.php?addNew_x=1\">{$Translation['< back']}</a>";
64 exit;
65 }
66
67 $recID = db_insert_id(db_link());
68
69 // hook: student_details_after_insert
70 if(function_exists('student_details_after_insert')){
71 $res = sql("select * from `student_details` where `id`='" . makeSafe($recID, false) . "' limit 1", $eo);
72 if($row = db_fetch_assoc($res)){
73 $data = array_map('makeSafe', $row);
74 }
75 $data['selectedID'] = makeSafe($recID, false);
76 $args=array();
77 if(!student_details_after_insert($data, getMemberInfo(), $args)){ return $recID; }
78 }
79
80 // mm: save ownership data
81 set_record_owner('student_details', $recID, getLoggedMemberID());
82
83 return $recID;
84 }
85
86 function student_details_delete($selected_id, $AllowDeleteOfParents=false, $skipChecks=false){
87 // insure referential integrity ...
88 global $Translation;
89 $selected_id=makeSafe($selected_id);
90
91 // mm: can member delete record?
92 $arrPerm=getTablePermissions('student_details');
93 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='student_details' and pkValue='$selected_id'");
94 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='student_details' and pkValue='$selected_id'");
95 if(($arrPerm[4]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[4]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[4]==3){ // allow delete?
96 // delete allowed, so continue ...
97 }else{
98 return $Translation['You don\'t have enough permissions to delete this record'];
99 }
100
101 // hook: student_details_before_delete
102 if(function_exists('student_details_before_delete')){
103 $args=array();
104 if(!student_details_before_delete($selected_id, $skipChecks, getMemberInfo(), $args))
105 return $Translation['Couldn\'t delete this record'];
106 }
107
108 sql("delete from `student_details` where `id`='$selected_id'", $eo);
109
110 // hook: student_details_after_delete
111 if(function_exists('student_details_after_delete')){
112 $args=array();
113 student_details_after_delete($selected_id, getMemberInfo(), $args);
114 }
115
116 // mm: delete ownership data
117 sql("delete from membership_userrecords where tableName='student_details' and pkValue='$selected_id'", $eo);
118 }
119
120 function student_details_update($selected_id){
121 global $Translation;
122
123 // mm: can member edit record?
124 $arrPerm=getTablePermissions('student_details');
125 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='student_details' and pkValue='".makeSafe($selected_id)."'");
126 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='student_details' and pkValue='".makeSafe($selected_id)."'");
127 if(($arrPerm[3]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[3]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[3]==3){ // allow update?
128 // update allowed, so continue ...
129 }else{
130 return false;
131 }
132
133 $data['full_name'] = makeSafe($_REQUEST['full_name']);
134 if($data['full_name'] == empty_lookup_value){ $data['full_name'] = ''; }
135 if($data['full_name']==''){
136 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Full name': {$Translation['field not null']}<br><br>";
137 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
138 exit;
139 }
140 $data['school'] = makeSafe($_REQUEST['school']);
141 if($data['school'] == empty_lookup_value){ $data['school'] = ''; }
142 if($data['school']==''){
143 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'School': {$Translation['field not null']}<br><br>";
144 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
145 exit;
146 }
147 $data['department'] = makeSafe($_REQUEST['department']);
148 if($data['department'] == empty_lookup_value){ $data['department'] = ''; }
149 if($data['department']==''){
150 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Department': {$Translation['field not null']}<br><br>";
151 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
152 exit;
153 }
154 $data['year_of_study'] = makeSafe($_REQUEST['year_of_study']);
155 if($data['year_of_study'] == empty_lookup_value){ $data['year_of_study'] = ''; }
156 if($data['year_of_study']==''){
157 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Year of study': {$Translation['field not null']}<br><br>";
158 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
159 exit;
160 }
161 $data['reg_no'] = makeSafe($_REQUEST['reg_no']);
162 if($data['reg_no'] == empty_lookup_value){ $data['reg_no'] = ''; }
163 if($data['reg_no']==''){
164 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Reg no': {$Translation['field not null']}<br><br>";
165 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
166 exit;
167 }
168 $data['selectedID']=makeSafe($selected_id);
169
170 // hook: student_details_before_update
171 if(function_exists('student_details_before_update')){
172 $args=array();
173 if(!student_details_before_update($data, getMemberInfo(), $args)){ return false; }
174 }
175
176 $o=array('silentErrors' => true);
177 sql('update `student_details` set `full_name`=' . (($data['full_name'] !== '' && $data['full_name'] !== NULL) ? "'{$data['full_name']}'" : 'NULL') . ', `school`=' . (($data['school'] !== '' && $data['school'] !== NULL) ? "'{$data['school']}'" : 'NULL') . ', `department`=' . (($data['department'] !== '' && $data['department'] !== NULL) ? "'{$data['department']}'" : 'NULL') . ', `year_of_study`=' . (($data['year_of_study'] !== '' && $data['year_of_study'] !== NULL) ? "'{$data['year_of_study']}'" : 'NULL') . ', `reg_no`=' . (($data['reg_no'] !== '' && $data['reg_no'] !== NULL) ? "'{$data['reg_no']}'" : 'NULL') . " where `id`='".makeSafe($selected_id)."'", $o);
178 if($o['error']!=''){
179 echo $o['error'];
180 echo '<a href="student_details_view.php?SelectedID='.urlencode($selected_id)."\">{$Translation['< back']}</a>";
181 exit;
182 }
183
184
185 // hook: student_details_after_update
186 if(function_exists('student_details_after_update')){
187 $res = sql("SELECT * FROM `student_details` WHERE `id`='{$data['selectedID']}' LIMIT 1", $eo);
188 if($row = db_fetch_assoc($res)){
189 $data = array_map('makeSafe', $row);
190 }
191 $data['selectedID'] = $data['id'];
192 $args = array();
193 if(!student_details_after_update($data, getMemberInfo(), $args)){ return; }
194 }
195
196 // mm: update ownership data
197 sql("update membership_userrecords set dateUpdated='".time()."' where tableName='student_details' and pkValue='".makeSafe($selected_id)."'", $eo);
198
199 }
200
201 function student_details_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0, $TemplateDV = '', $TemplateDVP = ''){
202 // function to return an editable form for a table records
203 // and fill it with data of record whose ID is $selected_id. If $selected_id
204 // is empty, an empty form is shown, with only an 'Add New'
205 // button displayed.
206
207 global $Translation;
208
209 // mm: get table permissions
210 $arrPerm=getTablePermissions('student_details');
211 if(!$arrPerm[1] && $selected_id==''){ return ''; }
212 $AllowInsert = ($arrPerm[1] ? true : false);
213 // print preview?
214 $dvprint = false;
215 if($selected_id && $_REQUEST['dvprint_x'] != ''){
216 $dvprint = true;
217 }
218
219 $filterer_school = thisOr(undo_magic_quotes($_REQUEST['filterer_school']), '');
220 $filterer_department = thisOr(undo_magic_quotes($_REQUEST['filterer_department']), '');
221
222 // populate filterers, starting from children to grand-parents
223 if($filterer_department && !$filterer_school) $filterer_school = sqlValue("select school from departments where id='" . makeSafe($filterer_department) . "'");
224
225 // unique random identifier
226 $rnd1 = ($dvprint ? rand(1000000, 9999999) : '');
227 // combobox: school
228 $combo_school = new DataCombo;
229 // combobox: department, filterable by: school
230 $combo_department = new DataCombo;
231 // combobox: year_of_study
232 $combo_year_of_study = new Combo;
233 $combo_year_of_study->ListType = 0;
234 $combo_year_of_study->MultipleSeparator = ', ';
235 $combo_year_of_study->ListBoxHeight = 10;
236 $combo_year_of_study->RadiosPerLine = 1;
237 if(is_file(dirname(__FILE__).'/hooks/student_details.year_of_study.csv')){
238 $year_of_study_data = addslashes(implode('', @file(dirname(__FILE__).'/hooks/student_details.year_of_study.csv')));
239 $combo_year_of_study->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($year_of_study_data)));
240 $combo_year_of_study->ListData = $combo_year_of_study->ListItem;
241 }else{
242 $combo_year_of_study->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("1;;2;;3;;4;;5;;6")));
243 $combo_year_of_study->ListData = $combo_year_of_study->ListItem;
244 }
245 $combo_year_of_study->SelectName = 'year_of_study';
246 $combo_year_of_study->AllowNull = false;
247
248 if($selected_id){
249 // mm: check member permissions
250 if(!$arrPerm[2]){
251 return "";
252 }
253 // mm: who is the owner?
254 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='student_details' and pkValue='".makeSafe($selected_id)."'");
255 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='student_details' and pkValue='".makeSafe($selected_id)."'");
256 if($arrPerm[2]==1 && getLoggedMemberID()!=$ownerMemberID){
257 return "";
258 }
259 if($arrPerm[2]==2 && getLoggedGroupID()!=$ownerGroupID){
260 return "";
261 }
262
263 // can edit?
264 if(($arrPerm[3]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[3]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[3]==3){
265 $AllowUpdate=1;
266 }else{
267 $AllowUpdate=0;
268 }
269
270 $res = sql("select * from `student_details` where `id`='".makeSafe($selected_id)."'", $eo);
271 if(!($row = db_fetch_array($res))){
272 return error_message($Translation['No records found'], 'student_details_view.php', false);
273 }
274 $urow = $row; /* unsanitized data */
275 $hc = new CI_Input();
276 $row = $hc->xss_clean($row); /* sanitize data */
277 $combo_school->SelectedData = $row['school'];
278 $combo_department->SelectedData = $row['department'];
279 $combo_year_of_study->SelectedData = $row['year_of_study'];
280 }else{
281 $combo_school->SelectedData = $filterer_school;
282 $combo_department->SelectedData = $filterer_department;
283 $combo_year_of_study->SelectedText = ( $_REQUEST['FilterField'][1]=='5' && $_REQUEST['FilterOperator'][1]=='<=>' ? (get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1]) : "");
284 }
285 $combo_school->HTML = '<span id="school-container' . $rnd1 . '"></span><input type="hidden" name="school" id="school' . $rnd1 . '" value="' . html_attr($combo_school->SelectedData) . '">';
286 $combo_school->MatchText = '<span id="school-container-readonly' . $rnd1 . '"></span><input type="hidden" name="school" id="school' . $rnd1 . '" value="' . html_attr($combo_school->SelectedData) . '">';
287 $combo_department->HTML = '<span id="department-container' . $rnd1 . '"></span><input type="hidden" name="department" id="department' . $rnd1 . '" value="' . html_attr($combo_department->SelectedData) . '">';
288 $combo_department->MatchText = '<span id="department-container-readonly' . $rnd1 . '"></span><input type="hidden" name="department" id="department' . $rnd1 . '" value="' . html_attr($combo_department->SelectedData) . '">';
289 $combo_year_of_study->Render();
290
291 ob_start();
292 ?>
293
294 <script>
295 // initial lookup values
296 AppGini.current_school__RAND__ = { text: "", value: "<?php echo addslashes($selected_id ? $urow['school'] : $filterer_school); ?>"};
297 AppGini.current_department__RAND__ = { text: "", value: "<?php echo addslashes($selected_id ? $urow['department'] : $filterer_department); ?>"};
298
299 jQuery(function() {
300 setTimeout(function(){
301 if(typeof(school_reload__RAND__) == 'function') school_reload__RAND__();
302 <?php echo (!$AllowUpdate || $dvprint ? 'if(typeof(department_reload__RAND__) == \'function\') department_reload__RAND__(AppGini.current_school__RAND__.value);' : ''); ?>
303 }, 10); /* we need to slightly delay client-side execution of the above code to allow AppGini.ajaxCache to work */
304 });
305 function school_reload__RAND__(){
306 <?php if(($AllowUpdate || $AllowInsert) && !$dvprint){ ?>
307
308 $j("#school-container__RAND__").select2({
309 /* initial default value */
310 initSelection: function(e, c){
311 $j.ajax({
312 url: 'ajax_combo.php',
313 dataType: 'json',
314 data: { id: AppGini.current_school__RAND__.value, t: 'student_details', f: 'school' },
315 success: function(resp){
316 c({
317 id: resp.results[0].id,
318 text: resp.results[0].text
319 });
320 $j('[name="school"]').val(resp.results[0].id);
321 $j('[id=school-container-readonly__RAND__]').html('<span id="school-match-text">' + resp.results[0].text + '</span>');
322 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=schools_view_parent]').hide(); }else{ $j('.btn[id=schools_view_parent]').show(); }
323
324 if(typeof(department_reload__RAND__) == 'function') department_reload__RAND__(AppGini.current_school__RAND__.value);
325
326 if(typeof(school_update_autofills__RAND__) == 'function') school_update_autofills__RAND__();
327 }
328 });
329 },
330 width: '100%',
331 formatNoMatches: function(term){ /* */ return '<?php echo addslashes($Translation['No matches found!']); ?>'; },
332 minimumResultsForSearch: 10,
333 loadMorePadding: 200,
334 ajax: {
335 url: 'ajax_combo.php',
336 dataType: 'json',
337 cache: true,
338 data: function(term, page){ /* */ return { s: term, p: page, t: 'student_details', f: 'school' }; },
339 results: function(resp, page){ /* */ return resp; }
340 },
341 escapeMarkup: function(str){ /* */ return str; }
342 }).on('change', function(e){
343 AppGini.current_school__RAND__.value = e.added.id;
344 AppGini.current_school__RAND__.text = e.added.text;
345 $j('[name="school"]').val(e.added.id);
346 if(e.added.id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=schools_view_parent]').hide(); }else{ $j('.btn[id=schools_view_parent]').show(); }
347
348 if(typeof(department_reload__RAND__) == 'function') department_reload__RAND__(AppGini.current_school__RAND__.value);
349
350 if(typeof(school_update_autofills__RAND__) == 'function') school_update_autofills__RAND__();
351 });
352
353 if(!$j("#school-container__RAND__").length){
354 $j.ajax({
355 url: 'ajax_combo.php',
356 dataType: 'json',
357 data: { id: AppGini.current_school__RAND__.value, t: 'student_details', f: 'school' },
358 success: function(resp){
359 $j('[name="school"]').val(resp.results[0].id);
360 $j('[id=school-container-readonly__RAND__]').html('<span id="school-match-text">' + resp.results[0].text + '</span>');
361 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=schools_view_parent]').hide(); }else{ $j('.btn[id=schools_view_parent]').show(); }
362
363 if(typeof(school_update_autofills__RAND__) == 'function') school_update_autofills__RAND__();
364 }
365 });
366 }
367
368 <?php }else{ ?>
369
370 $j.ajax({
371 url: 'ajax_combo.php',
372 dataType: 'json',
373 data: { id: AppGini.current_school__RAND__.value, t: 'student_details', f: 'school' },
374 success: function(resp){
375 $j('[id=school-container__RAND__], [id=school-container-readonly__RAND__]').html('<span id="school-match-text">' + resp.results[0].text + '</span>');
376 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=schools_view_parent]').hide(); }else{ $j('.btn[id=schools_view_parent]').show(); }
377
378 if(typeof(school_update_autofills__RAND__) == 'function') school_update_autofills__RAND__();
379 }
380 });
381 <?php } ?>
382
383 }
384 function department_reload__RAND__(filterer_school){
385 <?php if(($AllowUpdate || $AllowInsert) && !$dvprint){ ?>
386
387 $j("#department-container__RAND__").select2({
388 /* initial default value */
389 initSelection: function(e, c){
390 $j.ajax({
391 url: 'ajax_combo.php',
392 dataType: 'json',
393 data: { filterer_school: filterer_school, id: AppGini.current_department__RAND__.value, t: 'student_details', f: 'department' },
394 success: function(resp){
395 c({
396 id: resp.results[0].id,
397 text: resp.results[0].text
398 });
399 $j('[name="department"]').val(resp.results[0].id);
400 $j('[id=department-container-readonly__RAND__]').html('<span id="department-match-text">' + resp.results[0].text + '</span>');
401 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=departments_view_parent]').hide(); }else{ $j('.btn[id=departments_view_parent]').show(); }
402
403
404 if(typeof(department_update_autofills__RAND__) == 'function') department_update_autofills__RAND__();
405 }
406 });
407 },
408 width: '100%',
409 formatNoMatches: function(term){ /* */ return '<?php echo addslashes($Translation['No matches found!']); ?>'; },
410 minimumResultsForSearch: 10,
411 loadMorePadding: 200,
412 ajax: {
413 url: 'ajax_combo.php',
414 dataType: 'json',
415 cache: true,
416 data: function(term, page){ /* */ return { filterer_school: filterer_school, s: term, p: page, t: 'student_details', f: 'department' }; },
417 results: function(resp, page){ /* */ return resp; }
418 },
419 escapeMarkup: function(str){ /* */ return str; }
420 }).on('change', function(e){
421 AppGini.current_department__RAND__.value = e.added.id;
422 AppGini.current_department__RAND__.text = e.added.text;
423 $j('[name="department"]').val(e.added.id);
424 if(e.added.id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=departments_view_parent]').hide(); }else{ $j('.btn[id=departments_view_parent]').show(); }
425
426
427 if(typeof(department_update_autofills__RAND__) == 'function') department_update_autofills__RAND__();
428 });
429
430 if(!$j("#department-container__RAND__").length){
431 $j.ajax({
432 url: 'ajax_combo.php',
433 dataType: 'json',
434 data: { id: AppGini.current_department__RAND__.value, t: 'student_details', f: 'department' },
435 success: function(resp){
436 $j('[name="department"]').val(resp.results[0].id);
437 $j('[id=department-container-readonly__RAND__]').html('<span id="department-match-text">' + resp.results[0].text + '</span>');
438 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=departments_view_parent]').hide(); }else{ $j('.btn[id=departments_view_parent]').show(); }
439
440 if(typeof(department_update_autofills__RAND__) == 'function') department_update_autofills__RAND__();
441 }
442 });
443 }
444
445 <?php }else{ ?>
446
447 $j.ajax({
448 url: 'ajax_combo.php',
449 dataType: 'json',
450 data: { id: AppGini.current_department__RAND__.value, t: 'student_details', f: 'department' },
451 success: function(resp){
452 $j('[id=department-container__RAND__], [id=department-container-readonly__RAND__]').html('<span id="department-match-text">' + resp.results[0].text + '</span>');
453 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=departments_view_parent]').hide(); }else{ $j('.btn[id=departments_view_parent]').show(); }
454
455 if(typeof(department_update_autofills__RAND__) == 'function') department_update_autofills__RAND__();
456 }
457 });
458 <?php } ?>
459
460 }
461 </script>
462 <?php
463
464 $lookups = str_replace('__RAND__', $rnd1, ob_get_contents());
465 ob_end_clean();
466
467
468 // code for template based detail view forms
469
470 // open the detail view template
471 if($dvprint){
472 $template_file = is_file("./{$TemplateDVP}") ? "./{$TemplateDVP}" : './templates/student_details_templateDVP.html';
473 $templateCode = @file_get_contents($template_file);
474 }else{
475 $template_file = is_file("./{$TemplateDV}") ? "./{$TemplateDV}" : './templates/student_details_templateDV.html';
476 $templateCode = @file_get_contents($template_file);
477 }
478
479 // process form title
480 $templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Thông tin cá nhân', $templateCode);
481 $templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode);
482 $templateCode = str_replace('<%%EMBEDDED%%>', ($_REQUEST['Embedded'] ? 'Embedded=1' : ''), $templateCode);
483 // process buttons
484 if($AllowInsert){
485 if(!$selected_id) $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return student_details_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode);
486 $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return student_details_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode);
487 }else{
488 $templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode);
489 }
490
491 // 'Back' button action
492 if($_REQUEST['Embedded']){
493 $backAction = 'AppGini.closeParentModal(); return false;';
494 }else{
495 $backAction = '$j(\'form\').eq(0).attr(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;';
496 }
497
498 if($selected_id){
499 if(!$_REQUEST['Embedded']) $templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;" title="' . html_attr($Translation['Print Preview']) . '"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode);
500 if($AllowUpdate){
501 $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return student_details_validateData();" title="' . html_attr($Translation['Save Changes']) . '"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode);
502 }else{
503 $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
504 }
505 if(($arrPerm[4]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[4]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[4]==3){ // allow delete?
506 $templateCode = str_replace('<%%DELETE_BUTTON%%>', '<button type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');" title="' . html_attr($Translation['Delete']) . '"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode);
507 }else{
508 $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
509 }
510 $templateCode = str_replace('<%%DESELECT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '" title="' . html_attr($Translation['Back']) . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode);
511 }else{
512 $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
513 $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
514 $templateCode = str_replace('<%%DESELECT_BUTTON%%>', ($ShowCancel ? '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '" title="' . html_attr($Translation['Back']) . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : ''), $templateCode);
515 }
516
517 // set records to read only if user can't insert new records and can't edit current record
518 if(($selected_id && !$AllowUpdate && !$AllowInsert) || (!$selected_id && !$AllowInsert)){
519 $jsReadOnly .= "\tjQuery('#full_name').replaceWith('<div class=\"form-control-static\" id=\"full_name\">' + (jQuery('#full_name').val() || '') + '</div>');\n";
520 $jsReadOnly .= "\tjQuery('#school').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n";
521 $jsReadOnly .= "\tjQuery('#school_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n";
522 $jsReadOnly .= "\tjQuery('#department').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n";
523 $jsReadOnly .= "\tjQuery('#department_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n";
524 $jsReadOnly .= "\tjQuery('#year_of_study').replaceWith('<div class=\"form-control-static\" id=\"year_of_study\">' + (jQuery('#year_of_study').val() || '') + '</div>'); jQuery('#year_of_study-multi-selection-help').hide();\n";
525 $jsReadOnly .= "\tjQuery('#reg_no').replaceWith('<div class=\"form-control-static\" id=\"reg_no\">' + (jQuery('#reg_no').val() || '') + '</div>');\n";
526 $jsReadOnly .= "\tjQuery('.select2-container').hide();\n";
527
528 $noUploads = true;
529 }elseif($AllowInsert){
530 $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', true);"; // temporarily disable form change handler
531 $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', false);"; // re-enable form change handler
532 }
533
534 // process combos
535 $templateCode = str_replace('<%%COMBO(school)%%>', $combo_school->HTML, $templateCode);
536 $templateCode = str_replace('<%%COMBOTEXT(school)%%>', $combo_school->MatchText, $templateCode);
537 $templateCode = str_replace('<%%URLCOMBOTEXT(school)%%>', urlencode($combo_school->MatchText), $templateCode);
538 $templateCode = str_replace('<%%COMBO(department)%%>', $combo_department->HTML, $templateCode);
539 $templateCode = str_replace('<%%COMBOTEXT(department)%%>', $combo_department->MatchText, $templateCode);
540 $templateCode = str_replace('<%%URLCOMBOTEXT(department)%%>', urlencode($combo_department->MatchText), $templateCode);
541 $templateCode = str_replace('<%%COMBO(year_of_study)%%>', $combo_year_of_study->HTML, $templateCode);
542 $templateCode = str_replace('<%%COMBOTEXT(year_of_study)%%>', $combo_year_of_study->SelectedData, $templateCode);
543
544 /* lookup fields array: 'lookup field name' => array('parent table name', 'lookup field caption') */
545 $lookup_fields = array( 'school' => array('schools', 'School'), 'department' => array('departments', 'Department'));
546 foreach($lookup_fields as $luf => $ptfc){
547 $pt_perm = getTablePermissions($ptfc[0]);
548
549 // process foreign key links
550 if($pt_perm['view'] || $pt_perm['edit']){
551 $templateCode = str_replace("<%%PLINK({$luf})%%>", '<button type="button" class="btn btn-default view_parent hspacer-md" id="' . $ptfc[0] . '_view_parent" title="' . html_attr($Translation['View'] . ' ' . $ptfc[1]) . '"><i class="glyphicon glyphicon-eye-open"></i></button>', $templateCode);
552 }
553
554 // if user has insert permission to parent table of a lookup field, put an add new button
555 if($pt_perm['insert'] && !$_REQUEST['Embedded']){
556 $templateCode = str_replace("<%%ADDNEW({$ptfc[0]})%%>", '<button type="button" class="btn btn-success add_new_parent hspacer-md" id="' . $ptfc[0] . '_add_new" title="' . html_attr($Translation['Add New'] . ' ' . $ptfc[1]) . '"><i class="glyphicon glyphicon-plus-sign"></i></button>', $templateCode);
557 }
558 }
559
560 // process images
561 $templateCode = str_replace('<%%UPLOADFILE(id)%%>', '', $templateCode);
562 $templateCode = str_replace('<%%UPLOADFILE(full_name)%%>', '', $templateCode);
563 $templateCode = str_replace('<%%UPLOADFILE(school)%%>', '', $templateCode);
564 $templateCode = str_replace('<%%UPLOADFILE(department)%%>', '', $templateCode);
565 $templateCode = str_replace('<%%UPLOADFILE(year_of_study)%%>', '', $templateCode);
566 $templateCode = str_replace('<%%UPLOADFILE(reg_no)%%>', '', $templateCode);
567
568 // process values
569 if($selected_id){
570 if( $dvprint) $templateCode = str_replace('<%%VALUE(id)%%>', safe_html($urow['id']), $templateCode);
571 if(!$dvprint) $templateCode = str_replace('<%%VALUE(id)%%>', html_attr($row['id']), $templateCode);
572 $templateCode = str_replace('<%%URLVALUE(id)%%>', urlencode($urow['id']), $templateCode);
573 if( $dvprint) $templateCode = str_replace('<%%VALUE(full_name)%%>', safe_html($urow['full_name']), $templateCode);
574 if(!$dvprint) $templateCode = str_replace('<%%VALUE(full_name)%%>', html_attr($row['full_name']), $templateCode);
575 $templateCode = str_replace('<%%URLVALUE(full_name)%%>', urlencode($urow['full_name']), $templateCode);
576 if( $dvprint) $templateCode = str_replace('<%%VALUE(school)%%>', safe_html($urow['school']), $templateCode);
577 if(!$dvprint) $templateCode = str_replace('<%%VALUE(school)%%>', html_attr($row['school']), $templateCode);
578 $templateCode = str_replace('<%%URLVALUE(school)%%>', urlencode($urow['school']), $templateCode);
579 if( $dvprint) $templateCode = str_replace('<%%VALUE(department)%%>', safe_html($urow['department']), $templateCode);
580 if(!$dvprint) $templateCode = str_replace('<%%VALUE(department)%%>', html_attr($row['department']), $templateCode);
581 $templateCode = str_replace('<%%URLVALUE(department)%%>', urlencode($urow['department']), $templateCode);
582 if( $dvprint) $templateCode = str_replace('<%%VALUE(year_of_study)%%>', safe_html($urow['year_of_study']), $templateCode);
583 if(!$dvprint) $templateCode = str_replace('<%%VALUE(year_of_study)%%>', html_attr($row['year_of_study']), $templateCode);
584 $templateCode = str_replace('<%%URLVALUE(year_of_study)%%>', urlencode($urow['year_of_study']), $templateCode);
585 if( $dvprint) $templateCode = str_replace('<%%VALUE(reg_no)%%>', safe_html($urow['reg_no']), $templateCode);
586 if(!$dvprint) $templateCode = str_replace('<%%VALUE(reg_no)%%>', html_attr($row['reg_no']), $templateCode);
587 $templateCode = str_replace('<%%URLVALUE(reg_no)%%>', urlencode($urow['reg_no']), $templateCode);
588 }else{
589 $templateCode = str_replace('<%%VALUE(id)%%>', '', $templateCode);
590 $templateCode = str_replace('<%%URLVALUE(id)%%>', urlencode(''), $templateCode);
591 $templateCode = str_replace('<%%VALUE(full_name)%%>', '', $templateCode);
592 $templateCode = str_replace('<%%URLVALUE(full_name)%%>', urlencode(''), $templateCode);
593 $templateCode = str_replace('<%%VALUE(school)%%>', '', $templateCode);
594 $templateCode = str_replace('<%%URLVALUE(school)%%>', urlencode(''), $templateCode);
595 $templateCode = str_replace('<%%VALUE(department)%%>', '', $templateCode);
596 $templateCode = str_replace('<%%URLVALUE(department)%%>', urlencode(''), $templateCode);
597 $templateCode = str_replace('<%%VALUE(year_of_study)%%>', '', $templateCode);
598 $templateCode = str_replace('<%%URLVALUE(year_of_study)%%>', urlencode(''), $templateCode);
599 $templateCode = str_replace('<%%VALUE(reg_no)%%>', '', $templateCode);
600 $templateCode = str_replace('<%%URLVALUE(reg_no)%%>', urlencode(''), $templateCode);
601 }
602
603 // process translations
604 foreach($Translation as $symbol=>$trans){
605 $templateCode = str_replace("<%%TRANSLATION($symbol)%%>", $trans, $templateCode);
606 }
607
608 // clear scrap
609 $templateCode = str_replace('<%%', '<!-- ', $templateCode);
610 $templateCode = str_replace('%%>', ' -->', $templateCode);
611
612 // hide links to inaccessible tables
613 if($_REQUEST['dvprint_x'] == ''){
614 $templateCode .= "\n\n<script>\$j(function(){\n";
615 $arrTables = getTableList();
616 foreach($arrTables as $name => $caption){
617 $templateCode .= "\t\$j('#{$name}_link').removeClass('hidden');\n";
618 $templateCode .= "\t\$j('#xs_{$name}_link').removeClass('hidden');\n";
619 }
620
621 $templateCode .= $jsReadOnly;
622 $templateCode .= $jsEditable;
623
624 if(!$selected_id){
625 }
626
627 $templateCode.="\n});</script>\n";
628 }
629
630 // ajaxed auto-fill fields
631 $templateCode .= '<script>';
632 $templateCode .= '$j(function() {';
633
634
635 $templateCode.="});";
636 $templateCode.="</script>";
637 $templateCode .= $lookups;
638
639 // handle enforced parent values for read-only lookup fields
640
641 // don't include blank images in lightbox gallery
642 $templateCode = preg_replace('/blank.gif" data-lightbox=".*?"/', 'blank.gif"', $templateCode);
643
644 // don't display empty email links
645 $templateCode=preg_replace('/<a .*?href="mailto:".*?<\/a>/', '', $templateCode);
646
647 /* default field values */
648 $rdata = $jdata = get_defaults('student_details');
649 if($selected_id){
650 $jdata = get_joined_record('student_details', $selected_id);
651 if($jdata === false) $jdata = get_defaults('student_details');
652 $rdata = $row;
653 }
654 $templateCode .= loadView('student_details-ajax-cache', array('rdata' => $rdata, 'jdata' => $jdata));
655
656 // hook: student_details_dv
657 if(function_exists('student_details_dv')){
658 $args=array();
659 student_details_dv(($selected_id ? $selected_id : FALSE), getMemberInfo(), $templateCode, $args);
660 }
661
662 return $templateCode;
663 }
664 ?>
2
3 // Data functions (insert, update, delete, form) for table student_details
4
5 // This script and data application were generated by AppGini 5.72
6 // Download AppGini for free from https://bigprof.com/appgini/download/
7
8 function student_details_insert(){
9 global $Translation;
10
11 // mm: can member insert record?
12 $arrPerm=getTablePermissions('student_details');
13 if(!$arrPerm[1]){
14 return false;
15 }
16
17 $data['full_name'] = makeSafe($_REQUEST['full_name']);
18 if($data['full_name'] == empty_lookup_value){ $data['full_name'] = ''; }
19 $data['school'] = makeSafe($_REQUEST['school']);
20 if($data['school'] == empty_lookup_value){ $data['school'] = ''; }
21 $data['department'] = makeSafe($_REQUEST['department']);
22 if($data['department'] == empty_lookup_value){ $data['department'] = ''; }
23 $data['year_of_study'] = makeSafe($_REQUEST['year_of_study']);
24 if($data['year_of_study'] == empty_lookup_value){ $data['year_of_study'] = ''; }
25 $data['reg_no'] = makeSafe($_REQUEST['reg_no']);
26 if($data['reg_no'] == empty_lookup_value){ $data['reg_no'] = ''; }
27 if($data['full_name']== ''){
28 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">" . $Translation['error:'] . " 'Full name': " . $Translation['field not null'] . '<br><br>';
29 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
30 exit;
31 }
32 if($data['school']== ''){
33 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">" . $Translation['error:'] . " 'School': " . $Translation['field not null'] . '<br><br>';
34 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
35 exit;
36 }
37 if($data['department']== ''){
38 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">" . $Translation['error:'] . " 'Department': " . $Translation['field not null'] . '<br><br>';
39 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
40 exit;
41 }
42 if($data['year_of_study']== ''){
43 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">" . $Translation['error:'] . " 'Year of study': " . $Translation['field not null'] . '<br><br>';
44 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
45 exit;
46 }
47 if($data['reg_no']== ''){
48 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">" . $Translation['error:'] . " 'Reg no': " . $Translation['field not null'] . '<br><br>';
49 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
50 exit;
51 }
52
53 // hook: student_details_before_insert
54 if(function_exists('student_details_before_insert')){
55 $args=array();
56 if(!student_details_before_insert($data, getMemberInfo(), $args)){ return false; }
57 }
58
59 $o = array('silentErrors' => true);
60 sql('insert into `student_details` set `full_name`=' . (($data['full_name'] !== '' && $data['full_name'] !== NULL) ? "'{$data['full_name']}'" : 'NULL') . ', `school`=' . (($data['school'] !== '' && $data['school'] !== NULL) ? "'{$data['school']}'" : 'NULL') . ', `department`=' . (($data['department'] !== '' && $data['department'] !== NULL) ? "'{$data['department']}'" : 'NULL') . ', `year_of_study`=' . (($data['year_of_study'] !== '' && $data['year_of_study'] !== NULL) ? "'{$data['year_of_study']}'" : 'NULL') . ', `reg_no`=' . (($data['reg_no'] !== '' && $data['reg_no'] !== NULL) ? "'{$data['reg_no']}'" : 'NULL'), $o);
61 if($o['error']!=''){
62 echo $o['error'];
63 echo "<a href=\"student_details_view.php?addNew_x=1\">{$Translation['< back']}</a>";
64 exit;
65 }
66
67 $recID = db_insert_id(db_link());
68
69 // hook: student_details_after_insert
70 if(function_exists('student_details_after_insert')){
71 $res = sql("select * from `student_details` where `id`='" . makeSafe($recID, false) . "' limit 1", $eo);
72 if($row = db_fetch_assoc($res)){
73 $data = array_map('makeSafe', $row);
74 }
75 $data['selectedID'] = makeSafe($recID, false);
76 $args=array();
77 if(!student_details_after_insert($data, getMemberInfo(), $args)){ return $recID; }
78 }
79
80 // mm: save ownership data
81 set_record_owner('student_details', $recID, getLoggedMemberID());
82
83 return $recID;
84 }
85
86 function student_details_delete($selected_id, $AllowDeleteOfParents=false, $skipChecks=false){
87 // insure referential integrity ...
88 global $Translation;
89 $selected_id=makeSafe($selected_id);
90
91 // mm: can member delete record?
92 $arrPerm=getTablePermissions('student_details');
93 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='student_details' and pkValue='$selected_id'");
94 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='student_details' and pkValue='$selected_id'");
95 if(($arrPerm[4]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[4]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[4]==3){ // allow delete?
96 // delete allowed, so continue ...
97 }else{
98 return $Translation['You don\'t have enough permissions to delete this record'];
99 }
100
101 // hook: student_details_before_delete
102 if(function_exists('student_details_before_delete')){
103 $args=array();
104 if(!student_details_before_delete($selected_id, $skipChecks, getMemberInfo(), $args))
105 return $Translation['Couldn\'t delete this record'];
106 }
107
108 sql("delete from `student_details` where `id`='$selected_id'", $eo);
109
110 // hook: student_details_after_delete
111 if(function_exists('student_details_after_delete')){
112 $args=array();
113 student_details_after_delete($selected_id, getMemberInfo(), $args);
114 }
115
116 // mm: delete ownership data
117 sql("delete from membership_userrecords where tableName='student_details' and pkValue='$selected_id'", $eo);
118 }
119
120 function student_details_update($selected_id){
121 global $Translation;
122
123 // mm: can member edit record?
124 $arrPerm=getTablePermissions('student_details');
125 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='student_details' and pkValue='".makeSafe($selected_id)."'");
126 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='student_details' and pkValue='".makeSafe($selected_id)."'");
127 if(($arrPerm[3]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[3]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[3]==3){ // allow update?
128 // update allowed, so continue ...
129 }else{
130 return false;
131 }
132
133 $data['full_name'] = makeSafe($_REQUEST['full_name']);
134 if($data['full_name'] == empty_lookup_value){ $data['full_name'] = ''; }
135 if($data['full_name']==''){
136 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Full name': {$Translation['field not null']}<br><br>";
137 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
138 exit;
139 }
140 $data['school'] = makeSafe($_REQUEST['school']);
141 if($data['school'] == empty_lookup_value){ $data['school'] = ''; }
142 if($data['school']==''){
143 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'School': {$Translation['field not null']}<br><br>";
144 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
145 exit;
146 }
147 $data['department'] = makeSafe($_REQUEST['department']);
148 if($data['department'] == empty_lookup_value){ $data['department'] = ''; }
149 if($data['department']==''){
150 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Department': {$Translation['field not null']}<br><br>";
151 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
152 exit;
153 }
154 $data['year_of_study'] = makeSafe($_REQUEST['year_of_study']);
155 if($data['year_of_study'] == empty_lookup_value){ $data['year_of_study'] = ''; }
156 if($data['year_of_study']==''){
157 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Year of study': {$Translation['field not null']}<br><br>";
158 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
159 exit;
160 }
161 $data['reg_no'] = makeSafe($_REQUEST['reg_no']);
162 if($data['reg_no'] == empty_lookup_value){ $data['reg_no'] = ''; }
163 if($data['reg_no']==''){
164 echo StyleSheet() . "\n\n<div class=\"alert alert-danger\">{$Translation['error:']} 'Reg no': {$Translation['field not null']}<br><br>";
165 echo '<a href="" onclick="history.go(-1); return false;">'.$Translation['< back'].'</a></div>';
166 exit;
167 }
168 $data['selectedID']=makeSafe($selected_id);
169
170 // hook: student_details_before_update
171 if(function_exists('student_details_before_update')){
172 $args=array();
173 if(!student_details_before_update($data, getMemberInfo(), $args)){ return false; }
174 }
175
176 $o=array('silentErrors' => true);
177 sql('update `student_details` set `full_name`=' . (($data['full_name'] !== '' && $data['full_name'] !== NULL) ? "'{$data['full_name']}'" : 'NULL') . ', `school`=' . (($data['school'] !== '' && $data['school'] !== NULL) ? "'{$data['school']}'" : 'NULL') . ', `department`=' . (($data['department'] !== '' && $data['department'] !== NULL) ? "'{$data['department']}'" : 'NULL') . ', `year_of_study`=' . (($data['year_of_study'] !== '' && $data['year_of_study'] !== NULL) ? "'{$data['year_of_study']}'" : 'NULL') . ', `reg_no`=' . (($data['reg_no'] !== '' && $data['reg_no'] !== NULL) ? "'{$data['reg_no']}'" : 'NULL') . " where `id`='".makeSafe($selected_id)."'", $o);
178 if($o['error']!=''){
179 echo $o['error'];
180 echo '<a href="student_details_view.php?SelectedID='.urlencode($selected_id)."\">{$Translation['< back']}</a>";
181 exit;
182 }
183
184
185 // hook: student_details_after_update
186 if(function_exists('student_details_after_update')){
187 $res = sql("SELECT * FROM `student_details` WHERE `id`='{$data['selectedID']}' LIMIT 1", $eo);
188 if($row = db_fetch_assoc($res)){
189 $data = array_map('makeSafe', $row);
190 }
191 $data['selectedID'] = $data['id'];
192 $args = array();
193 if(!student_details_after_update($data, getMemberInfo(), $args)){ return; }
194 }
195
196 // mm: update ownership data
197 sql("update membership_userrecords set dateUpdated='".time()."' where tableName='student_details' and pkValue='".makeSafe($selected_id)."'", $eo);
198
199 }
200
201 function student_details_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0, $TemplateDV = '', $TemplateDVP = ''){
202 // function to return an editable form for a table records
203 // and fill it with data of record whose ID is $selected_id. If $selected_id
204 // is empty, an empty form is shown, with only an 'Add New'
205 // button displayed.
206
207 global $Translation;
208
209 // mm: get table permissions
210 $arrPerm=getTablePermissions('student_details');
211 if(!$arrPerm[1] && $selected_id==''){ return ''; }
212 $AllowInsert = ($arrPerm[1] ? true : false);
213 // print preview?
214 $dvprint = false;
215 if($selected_id && $_REQUEST['dvprint_x'] != ''){
216 $dvprint = true;
217 }
218
219 $filterer_school = thisOr(undo_magic_quotes($_REQUEST['filterer_school']), '');
220 $filterer_department = thisOr(undo_magic_quotes($_REQUEST['filterer_department']), '');
221
222 // populate filterers, starting from children to grand-parents
223 if($filterer_department && !$filterer_school) $filterer_school = sqlValue("select school from departments where id='" . makeSafe($filterer_department) . "'");
224
225 // unique random identifier
226 $rnd1 = ($dvprint ? rand(1000000, 9999999) : '');
227 // combobox: school
228 $combo_school = new DataCombo;
229 // combobox: department, filterable by: school
230 $combo_department = new DataCombo;
231 // combobox: year_of_study
232 $combo_year_of_study = new Combo;
233 $combo_year_of_study->ListType = 0;
234 $combo_year_of_study->MultipleSeparator = ', ';
235 $combo_year_of_study->ListBoxHeight = 10;
236 $combo_year_of_study->RadiosPerLine = 1;
237 if(is_file(dirname(__FILE__).'/hooks/student_details.year_of_study.csv')){
238 $year_of_study_data = addslashes(implode('', @file(dirname(__FILE__).'/hooks/student_details.year_of_study.csv')));
239 $combo_year_of_study->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions($year_of_study_data)));
240 $combo_year_of_study->ListData = $combo_year_of_study->ListItem;
241 }else{
242 $combo_year_of_study->ListItem = explode('||', entitiesToUTF8(convertLegacyOptions("1;;2;;3;;4;;5;;6")));
243 $combo_year_of_study->ListData = $combo_year_of_study->ListItem;
244 }
245 $combo_year_of_study->SelectName = 'year_of_study';
246 $combo_year_of_study->AllowNull = false;
247
248 if($selected_id){
249 // mm: check member permissions
250 if(!$arrPerm[2]){
251 return "";
252 }
253 // mm: who is the owner?
254 $ownerGroupID=sqlValue("select groupID from membership_userrecords where tableName='student_details' and pkValue='".makeSafe($selected_id)."'");
255 $ownerMemberID=sqlValue("select lcase(memberID) from membership_userrecords where tableName='student_details' and pkValue='".makeSafe($selected_id)."'");
256 if($arrPerm[2]==1 && getLoggedMemberID()!=$ownerMemberID){
257 return "";
258 }
259 if($arrPerm[2]==2 && getLoggedGroupID()!=$ownerGroupID){
260 return "";
261 }
262
263 // can edit?
264 if(($arrPerm[3]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[3]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[3]==3){
265 $AllowUpdate=1;
266 }else{
267 $AllowUpdate=0;
268 }
269
270 $res = sql("select * from `student_details` where `id`='".makeSafe($selected_id)."'", $eo);
271 if(!($row = db_fetch_array($res))){
272 return error_message($Translation['No records found'], 'student_details_view.php', false);
273 }
274 $urow = $row; /* unsanitized data */
275 $hc = new CI_Input();
276 $row = $hc->xss_clean($row); /* sanitize data */
277 $combo_school->SelectedData = $row['school'];
278 $combo_department->SelectedData = $row['department'];
279 $combo_year_of_study->SelectedData = $row['year_of_study'];
280 }else{
281 $combo_school->SelectedData = $filterer_school;
282 $combo_department->SelectedData = $filterer_department;
283 $combo_year_of_study->SelectedText = ( $_REQUEST['FilterField'][1]=='5' && $_REQUEST['FilterOperator'][1]=='<=>' ? (get_magic_quotes_gpc() ? stripslashes($_REQUEST['FilterValue'][1]) : $_REQUEST['FilterValue'][1]) : "");
284 }
285 $combo_school->HTML = '<span id="school-container' . $rnd1 . '"></span><input type="hidden" name="school" id="school' . $rnd1 . '" value="' . html_attr($combo_school->SelectedData) . '">';
286 $combo_school->MatchText = '<span id="school-container-readonly' . $rnd1 . '"></span><input type="hidden" name="school" id="school' . $rnd1 . '" value="' . html_attr($combo_school->SelectedData) . '">';
287 $combo_department->HTML = '<span id="department-container' . $rnd1 . '"></span><input type="hidden" name="department" id="department' . $rnd1 . '" value="' . html_attr($combo_department->SelectedData) . '">';
288 $combo_department->MatchText = '<span id="department-container-readonly' . $rnd1 . '"></span><input type="hidden" name="department" id="department' . $rnd1 . '" value="' . html_attr($combo_department->SelectedData) . '">';
289 $combo_year_of_study->Render();
290
291 ob_start();
292 ?>
293
294 <script>
295 // initial lookup values
296 AppGini.current_school__RAND__ = { text: "", value: "<?php echo addslashes($selected_id ? $urow['school'] : $filterer_school); ?>"};
297 AppGini.current_department__RAND__ = { text: "", value: "<?php echo addslashes($selected_id ? $urow['department'] : $filterer_department); ?>"};
298
299 jQuery(function() {
300 setTimeout(function(){
301 if(typeof(school_reload__RAND__) == 'function') school_reload__RAND__();
302 <?php echo (!$AllowUpdate || $dvprint ? 'if(typeof(department_reload__RAND__) == \'function\') department_reload__RAND__(AppGini.current_school__RAND__.value);' : ''); ?>
303 }, 10); /* we need to slightly delay client-side execution of the above code to allow AppGini.ajaxCache to work */
304 });
305 function school_reload__RAND__(){
306 <?php if(($AllowUpdate || $AllowInsert) && !$dvprint){ ?>
307
308 $j("#school-container__RAND__").select2({
309 /* initial default value */
310 initSelection: function(e, c){
311 $j.ajax({
312 url: 'ajax_combo.php',
313 dataType: 'json',
314 data: { id: AppGini.current_school__RAND__.value, t: 'student_details', f: 'school' },
315 success: function(resp){
316 c({
317 id: resp.results[0].id,
318 text: resp.results[0].text
319 });
320 $j('[name="school"]').val(resp.results[0].id);
321 $j('[id=school-container-readonly__RAND__]').html('<span id="school-match-text">' + resp.results[0].text + '</span>');
322 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=schools_view_parent]').hide(); }else{ $j('.btn[id=schools_view_parent]').show(); }
323
324 if(typeof(department_reload__RAND__) == 'function') department_reload__RAND__(AppGini.current_school__RAND__.value);
325
326 if(typeof(school_update_autofills__RAND__) == 'function') school_update_autofills__RAND__();
327 }
328 });
329 },
330 width: '100%',
331 formatNoMatches: function(term){ /* */ return '<?php echo addslashes($Translation['No matches found!']); ?>'; },
332 minimumResultsForSearch: 10,
333 loadMorePadding: 200,
334 ajax: {
335 url: 'ajax_combo.php',
336 dataType: 'json',
337 cache: true,
338 data: function(term, page){ /* */ return { s: term, p: page, t: 'student_details', f: 'school' }; },
339 results: function(resp, page){ /* */ return resp; }
340 },
341 escapeMarkup: function(str){ /* */ return str; }
342 }).on('change', function(e){
343 AppGini.current_school__RAND__.value = e.added.id;
344 AppGini.current_school__RAND__.text = e.added.text;
345 $j('[name="school"]').val(e.added.id);
346 if(e.added.id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=schools_view_parent]').hide(); }else{ $j('.btn[id=schools_view_parent]').show(); }
347
348 if(typeof(department_reload__RAND__) == 'function') department_reload__RAND__(AppGini.current_school__RAND__.value);
349
350 if(typeof(school_update_autofills__RAND__) == 'function') school_update_autofills__RAND__();
351 });
352
353 if(!$j("#school-container__RAND__").length){
354 $j.ajax({
355 url: 'ajax_combo.php',
356 dataType: 'json',
357 data: { id: AppGini.current_school__RAND__.value, t: 'student_details', f: 'school' },
358 success: function(resp){
359 $j('[name="school"]').val(resp.results[0].id);
360 $j('[id=school-container-readonly__RAND__]').html('<span id="school-match-text">' + resp.results[0].text + '</span>');
361 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=schools_view_parent]').hide(); }else{ $j('.btn[id=schools_view_parent]').show(); }
362
363 if(typeof(school_update_autofills__RAND__) == 'function') school_update_autofills__RAND__();
364 }
365 });
366 }
367
368 <?php }else{ ?>
369
370 $j.ajax({
371 url: 'ajax_combo.php',
372 dataType: 'json',
373 data: { id: AppGini.current_school__RAND__.value, t: 'student_details', f: 'school' },
374 success: function(resp){
375 $j('[id=school-container__RAND__], [id=school-container-readonly__RAND__]').html('<span id="school-match-text">' + resp.results[0].text + '</span>');
376 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=schools_view_parent]').hide(); }else{ $j('.btn[id=schools_view_parent]').show(); }
377
378 if(typeof(school_update_autofills__RAND__) == 'function') school_update_autofills__RAND__();
379 }
380 });
381 <?php } ?>
382
383 }
384 function department_reload__RAND__(filterer_school){
385 <?php if(($AllowUpdate || $AllowInsert) && !$dvprint){ ?>
386
387 $j("#department-container__RAND__").select2({
388 /* initial default value */
389 initSelection: function(e, c){
390 $j.ajax({
391 url: 'ajax_combo.php',
392 dataType: 'json',
393 data: { filterer_school: filterer_school, id: AppGini.current_department__RAND__.value, t: 'student_details', f: 'department' },
394 success: function(resp){
395 c({
396 id: resp.results[0].id,
397 text: resp.results[0].text
398 });
399 $j('[name="department"]').val(resp.results[0].id);
400 $j('[id=department-container-readonly__RAND__]').html('<span id="department-match-text">' + resp.results[0].text + '</span>');
401 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=departments_view_parent]').hide(); }else{ $j('.btn[id=departments_view_parent]').show(); }
402
403
404 if(typeof(department_update_autofills__RAND__) == 'function') department_update_autofills__RAND__();
405 }
406 });
407 },
408 width: '100%',
409 formatNoMatches: function(term){ /* */ return '<?php echo addslashes($Translation['No matches found!']); ?>'; },
410 minimumResultsForSearch: 10,
411 loadMorePadding: 200,
412 ajax: {
413 url: 'ajax_combo.php',
414 dataType: 'json',
415 cache: true,
416 data: function(term, page){ /* */ return { filterer_school: filterer_school, s: term, p: page, t: 'student_details', f: 'department' }; },
417 results: function(resp, page){ /* */ return resp; }
418 },
419 escapeMarkup: function(str){ /* */ return str; }
420 }).on('change', function(e){
421 AppGini.current_department__RAND__.value = e.added.id;
422 AppGini.current_department__RAND__.text = e.added.text;
423 $j('[name="department"]').val(e.added.id);
424 if(e.added.id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=departments_view_parent]').hide(); }else{ $j('.btn[id=departments_view_parent]').show(); }
425
426
427 if(typeof(department_update_autofills__RAND__) == 'function') department_update_autofills__RAND__();
428 });
429
430 if(!$j("#department-container__RAND__").length){
431 $j.ajax({
432 url: 'ajax_combo.php',
433 dataType: 'json',
434 data: { id: AppGini.current_department__RAND__.value, t: 'student_details', f: 'department' },
435 success: function(resp){
436 $j('[name="department"]').val(resp.results[0].id);
437 $j('[id=department-container-readonly__RAND__]').html('<span id="department-match-text">' + resp.results[0].text + '</span>');
438 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=departments_view_parent]').hide(); }else{ $j('.btn[id=departments_view_parent]').show(); }
439
440 if(typeof(department_update_autofills__RAND__) == 'function') department_update_autofills__RAND__();
441 }
442 });
443 }
444
445 <?php }else{ ?>
446
447 $j.ajax({
448 url: 'ajax_combo.php',
449 dataType: 'json',
450 data: { id: AppGini.current_department__RAND__.value, t: 'student_details', f: 'department' },
451 success: function(resp){
452 $j('[id=department-container__RAND__], [id=department-container-readonly__RAND__]').html('<span id="department-match-text">' + resp.results[0].text + '</span>');
453 if(resp.results[0].id == '<?php echo empty_lookup_value; ?>'){ $j('.btn[id=departments_view_parent]').hide(); }else{ $j('.btn[id=departments_view_parent]').show(); }
454
455 if(typeof(department_update_autofills__RAND__) == 'function') department_update_autofills__RAND__();
456 }
457 });
458 <?php } ?>
459
460 }
461 </script>
462 <?php
463
464 $lookups = str_replace('__RAND__', $rnd1, ob_get_contents());
465 ob_end_clean();
466
467
468 // code for template based detail view forms
469
470 // open the detail view template
471 if($dvprint){
472 $template_file = is_file("./{$TemplateDVP}") ? "./{$TemplateDVP}" : './templates/student_details_templateDVP.html';
473 $templateCode = @file_get_contents($template_file);
474 }else{
475 $template_file = is_file("./{$TemplateDV}") ? "./{$TemplateDV}" : './templates/student_details_templateDV.html';
476 $templateCode = @file_get_contents($template_file);
477 }
478
479 // process form title
480 $templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Thông tin cá nhân', $templateCode);
481 $templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode);
482 $templateCode = str_replace('<%%EMBEDDED%%>', ($_REQUEST['Embedded'] ? 'Embedded=1' : ''), $templateCode);
483 // process buttons
484 if($AllowInsert){
485 if(!$selected_id) $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return student_details_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode);
486 $templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return student_details_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode);
487 }else{
488 $templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode);
489 }
490
491 // 'Back' button action
492 if($_REQUEST['Embedded']){
493 $backAction = 'AppGini.closeParentModal(); return false;';
494 }else{
495 $backAction = '$j(\'form\').eq(0).attr(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;';
496 }
497
498 if($selected_id){
499 if(!$_REQUEST['Embedded']) $templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;" title="' . html_attr($Translation['Print Preview']) . '"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode);
500 if($AllowUpdate){
501 $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return student_details_validateData();" title="' . html_attr($Translation['Save Changes']) . '"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode);
502 }else{
503 $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
504 }
505 if(($arrPerm[4]==1 && $ownerMemberID==getLoggedMemberID()) || ($arrPerm[4]==2 && $ownerGroupID==getLoggedGroupID()) || $arrPerm[4]==3){ // allow delete?
506 $templateCode = str_replace('<%%DELETE_BUTTON%%>', '<button type="submit" class="btn btn-danger" id="delete" name="delete_x" value="1" onclick="return confirm(\'' . $Translation['are you sure?'] . '\');" title="' . html_attr($Translation['Delete']) . '"><i class="glyphicon glyphicon-trash"></i> ' . $Translation['Delete'] . '</button>', $templateCode);
507 }else{
508 $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
509 }
510 $templateCode = str_replace('<%%DESELECT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '" title="' . html_attr($Translation['Back']) . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>', $templateCode);
511 }else{
512 $templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
513 $templateCode = str_replace('<%%DELETE_BUTTON%%>', '', $templateCode);
514 $templateCode = str_replace('<%%DESELECT_BUTTON%%>', ($ShowCancel ? '<button type="submit" class="btn btn-default" id="deselect" name="deselect_x" value="1" onclick="' . $backAction . '" title="' . html_attr($Translation['Back']) . '"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Back'] . '</button>' : ''), $templateCode);
515 }
516
517 // set records to read only if user can't insert new records and can't edit current record
518 if(($selected_id && !$AllowUpdate && !$AllowInsert) || (!$selected_id && !$AllowInsert)){
519 $jsReadOnly .= "\tjQuery('#full_name').replaceWith('<div class=\"form-control-static\" id=\"full_name\">' + (jQuery('#full_name').val() || '') + '</div>');\n";
520 $jsReadOnly .= "\tjQuery('#school').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n";
521 $jsReadOnly .= "\tjQuery('#school_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n";
522 $jsReadOnly .= "\tjQuery('#department').prop('disabled', true).css({ color: '#555', backgroundColor: '#fff' });\n";
523 $jsReadOnly .= "\tjQuery('#department_caption').prop('disabled', true).css({ color: '#555', backgroundColor: 'white' });\n";
524 $jsReadOnly .= "\tjQuery('#year_of_study').replaceWith('<div class=\"form-control-static\" id=\"year_of_study\">' + (jQuery('#year_of_study').val() || '') + '</div>'); jQuery('#year_of_study-multi-selection-help').hide();\n";
525 $jsReadOnly .= "\tjQuery('#reg_no').replaceWith('<div class=\"form-control-static\" id=\"reg_no\">' + (jQuery('#reg_no').val() || '') + '</div>');\n";
526 $jsReadOnly .= "\tjQuery('.select2-container').hide();\n";
527
528 $noUploads = true;
529 }elseif($AllowInsert){
530 $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', true);"; // temporarily disable form change handler
531 $jsEditable .= "\tjQuery('form').eq(0).data('already_changed', false);"; // re-enable form change handler
532 }
533
534 // process combos
535 $templateCode = str_replace('<%%COMBO(school)%%>', $combo_school->HTML, $templateCode);
536 $templateCode = str_replace('<%%COMBOTEXT(school)%%>', $combo_school->MatchText, $templateCode);
537 $templateCode = str_replace('<%%URLCOMBOTEXT(school)%%>', urlencode($combo_school->MatchText), $templateCode);
538 $templateCode = str_replace('<%%COMBO(department)%%>', $combo_department->HTML, $templateCode);
539 $templateCode = str_replace('<%%COMBOTEXT(department)%%>', $combo_department->MatchText, $templateCode);
540 $templateCode = str_replace('<%%URLCOMBOTEXT(department)%%>', urlencode($combo_department->MatchText), $templateCode);
541 $templateCode = str_replace('<%%COMBO(year_of_study)%%>', $combo_year_of_study->HTML, $templateCode);
542 $templateCode = str_replace('<%%COMBOTEXT(year_of_study)%%>', $combo_year_of_study->SelectedData, $templateCode);
543
544 /* lookup fields array: 'lookup field name' => array('parent table name', 'lookup field caption') */
545 $lookup_fields = array( 'school' => array('schools', 'School'), 'department' => array('departments', 'Department'));
546 foreach($lookup_fields as $luf => $ptfc){
547 $pt_perm = getTablePermissions($ptfc[0]);
548
549 // process foreign key links
550 if($pt_perm['view'] || $pt_perm['edit']){
551 $templateCode = str_replace("<%%PLINK({$luf})%%>", '<button type="button" class="btn btn-default view_parent hspacer-md" id="' . $ptfc[0] . '_view_parent" title="' . html_attr($Translation['View'] . ' ' . $ptfc[1]) . '"><i class="glyphicon glyphicon-eye-open"></i></button>', $templateCode);
552 }
553
554 // if user has insert permission to parent table of a lookup field, put an add new button
555 if($pt_perm['insert'] && !$_REQUEST['Embedded']){
556 $templateCode = str_replace("<%%ADDNEW({$ptfc[0]})%%>", '<button type="button" class="btn btn-success add_new_parent hspacer-md" id="' . $ptfc[0] . '_add_new" title="' . html_attr($Translation['Add New'] . ' ' . $ptfc[1]) . '"><i class="glyphicon glyphicon-plus-sign"></i></button>', $templateCode);
557 }
558 }
559
560 // process images
561 $templateCode = str_replace('<%%UPLOADFILE(id)%%>', '', $templateCode);
562 $templateCode = str_replace('<%%UPLOADFILE(full_name)%%>', '', $templateCode);
563 $templateCode = str_replace('<%%UPLOADFILE(school)%%>', '', $templateCode);
564 $templateCode = str_replace('<%%UPLOADFILE(department)%%>', '', $templateCode);
565 $templateCode = str_replace('<%%UPLOADFILE(year_of_study)%%>', '', $templateCode);
566 $templateCode = str_replace('<%%UPLOADFILE(reg_no)%%>', '', $templateCode);
567
568 // process values
569 if($selected_id){
570 if( $dvprint) $templateCode = str_replace('<%%VALUE(id)%%>', safe_html($urow['id']), $templateCode);
571 if(!$dvprint) $templateCode = str_replace('<%%VALUE(id)%%>', html_attr($row['id']), $templateCode);
572 $templateCode = str_replace('<%%URLVALUE(id)%%>', urlencode($urow['id']), $templateCode);
573 if( $dvprint) $templateCode = str_replace('<%%VALUE(full_name)%%>', safe_html($urow['full_name']), $templateCode);
574 if(!$dvprint) $templateCode = str_replace('<%%VALUE(full_name)%%>', html_attr($row['full_name']), $templateCode);
575 $templateCode = str_replace('<%%URLVALUE(full_name)%%>', urlencode($urow['full_name']), $templateCode);
576 if( $dvprint) $templateCode = str_replace('<%%VALUE(school)%%>', safe_html($urow['school']), $templateCode);
577 if(!$dvprint) $templateCode = str_replace('<%%VALUE(school)%%>', html_attr($row['school']), $templateCode);
578 $templateCode = str_replace('<%%URLVALUE(school)%%>', urlencode($urow['school']), $templateCode);
579 if( $dvprint) $templateCode = str_replace('<%%VALUE(department)%%>', safe_html($urow['department']), $templateCode);
580 if(!$dvprint) $templateCode = str_replace('<%%VALUE(department)%%>', html_attr($row['department']), $templateCode);
581 $templateCode = str_replace('<%%URLVALUE(department)%%>', urlencode($urow['department']), $templateCode);
582 if( $dvprint) $templateCode = str_replace('<%%VALUE(year_of_study)%%>', safe_html($urow['year_of_study']), $templateCode);
583 if(!$dvprint) $templateCode = str_replace('<%%VALUE(year_of_study)%%>', html_attr($row['year_of_study']), $templateCode);
584 $templateCode = str_replace('<%%URLVALUE(year_of_study)%%>', urlencode($urow['year_of_study']), $templateCode);
585 if( $dvprint) $templateCode = str_replace('<%%VALUE(reg_no)%%>', safe_html($urow['reg_no']), $templateCode);
586 if(!$dvprint) $templateCode = str_replace('<%%VALUE(reg_no)%%>', html_attr($row['reg_no']), $templateCode);
587 $templateCode = str_replace('<%%URLVALUE(reg_no)%%>', urlencode($urow['reg_no']), $templateCode);
588 }else{
589 $templateCode = str_replace('<%%VALUE(id)%%>', '', $templateCode);
590 $templateCode = str_replace('<%%URLVALUE(id)%%>', urlencode(''), $templateCode);
591 $templateCode = str_replace('<%%VALUE(full_name)%%>', '', $templateCode);
592 $templateCode = str_replace('<%%URLVALUE(full_name)%%>', urlencode(''), $templateCode);
593 $templateCode = str_replace('<%%VALUE(school)%%>', '', $templateCode);
594 $templateCode = str_replace('<%%URLVALUE(school)%%>', urlencode(''), $templateCode);
595 $templateCode = str_replace('<%%VALUE(department)%%>', '', $templateCode);
596 $templateCode = str_replace('<%%URLVALUE(department)%%>', urlencode(''), $templateCode);
597 $templateCode = str_replace('<%%VALUE(year_of_study)%%>', '', $templateCode);
598 $templateCode = str_replace('<%%URLVALUE(year_of_study)%%>', urlencode(''), $templateCode);
599 $templateCode = str_replace('<%%VALUE(reg_no)%%>', '', $templateCode);
600 $templateCode = str_replace('<%%URLVALUE(reg_no)%%>', urlencode(''), $templateCode);
601 }
602
603 // process translations
604 foreach($Translation as $symbol=>$trans){
605 $templateCode = str_replace("<%%TRANSLATION($symbol)%%>", $trans, $templateCode);
606 }
607
608 // clear scrap
609 $templateCode = str_replace('<%%', '<!-- ', $templateCode);
610 $templateCode = str_replace('%%>', ' -->', $templateCode);
611
612 // hide links to inaccessible tables
613 if($_REQUEST['dvprint_x'] == ''){
614 $templateCode .= "\n\n<script>\$j(function(){\n";
615 $arrTables = getTableList();
616 foreach($arrTables as $name => $caption){
617 $templateCode .= "\t\$j('#{$name}_link').removeClass('hidden');\n";
618 $templateCode .= "\t\$j('#xs_{$name}_link').removeClass('hidden');\n";
619 }
620
621 $templateCode .= $jsReadOnly;
622 $templateCode .= $jsEditable;
623
624 if(!$selected_id){
625 }
626
627 $templateCode.="\n});</script>\n";
628 }
629
630 // ajaxed auto-fill fields
631 $templateCode .= '<script>';
632 $templateCode .= '$j(function() {';
633
634
635 $templateCode.="});";
636 $templateCode.="</script>";
637 $templateCode .= $lookups;
638
639 // handle enforced parent values for read-only lookup fields
640
641 // don't include blank images in lightbox gallery
642 $templateCode = preg_replace('/blank.gif" data-lightbox=".*?"/', 'blank.gif"', $templateCode);
643
644 // don't display empty email links
645 $templateCode=preg_replace('/<a .*?href="mailto:".*?<\/a>/', '', $templateCode);
646
647 /* default field values */
648 $rdata = $jdata = get_defaults('student_details');
649 if($selected_id){
650 $jdata = get_joined_record('student_details', $selected_id);
651 if($jdata === false) $jdata = get_defaults('student_details');
652 $rdata = $row;
653 }
654 $templateCode .= loadView('student_details-ajax-cache', array('rdata' => $rdata, 'jdata' => $jdata));
655
656 // hook: student_details_dv
657 if(function_exists('student_details_dv')){
658 $args=array();
659 student_details_dv(($selected_id ? $selected_id : FALSE), getMemberInfo(), $templateCode, $args);
660 }
661
662 return $templateCode;
663 }
664 ?>