<?php
/****************************************************************************************/
/* ACollab */
/****************************************************************************************/
/* Copyright (c) 2002-2004 Adaptive Technology Resource Centre / University of Toronto */
/* */
/* http://atutor.ca/acollab */
/* */
/* This program is free software. You may redistribute it and/or */
/* modify it under the terms of the GNU General Public License */
/* as published by the Free Software Foundation; either version 2 of the License, */
/* or (at your option) any later version. */
/* */
/* This program is distributed in the hope that it will be useful, but */
/* WITHOUT ANY WARRANTY; without even the implied warranty of */
/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. */
/* See the GNU General Public License for more details. */
/* */
/* You may access the GNU General Public License at: */
/* http://www.opensource.org/licenses/gpl-license.php */
/* */
/* You may contact the Adaptive Technology Resource Centre at */
/* Robarts Library, University of Toronto */
/* 130 St. George Street, Toronto, Ontario, Canada M5S 1A5 */
/* Further contact information is available at http://www.utoronto.ca/atrc/ */
/****************************************************************************************/
/* Programmer: */
/* Joel Kronenberg - ATRC */
/* Heidi Hazelton - ATRC */
/****************************************************************************************/
// $Id: group_assign.php 434 2005-03-07 20:05:14Z shozubq $
define('AC_INCLUDE_PATH', '../include/');
require(AC_INCLUDE_PATH.'vitals.inc.php');
authenticate(USER_GROUP_ADMIN);
if (isset($_GET['private_folder']) && isset($_GET['member_id'])) {
if ($_GET['private_folder'] == 1) {
$priv_fol = 'y';
} else {
$priv_fol = 'n';
}
$mem_id = intval($_GET['member_id']);
$sql = "UPDATE ".TABLE_PREFIX."groups_members SET private_folder='$priv_fol' WHERE member_id=$mem_id AND group_id=$_SESSION[group_id]";
$result = mysql_query($sql, $db);
}
if (isset($_POST['cancel'])) {
if (isset($_POST['confirm'])) {
header('Location: group_assign.php');
} else {
header('Location: index.php');
}
exit;
}
if (isset($_POST['add'])) {
$sql = "INSERT INTO ".TABLE_PREFIX."groups_members VALUES ";
if (is_array($_POST['adds'])) {
foreach ($_POST['adds'] as $mid => $add) {
if($add) {
if ($mid == $_SESSION['member_id']) {
$priv=USER_GROUP_ADMIN;
} else {
$priv=USER_CLIENT;
}
$sql .= "(".$_SESSION['group_id'].", $mid, $priv, 0, 'y'),";
}
}
$sql = substr($sql, 0, -1);
mysql_query($sql,$db);
header('Location: group_assign.php?f='.F_ASSIGN_ADDED);
exit;
}
}
if (isset($_POST['apply'])) {
$rems = array();
if (is_array($_POST['privs'])) {
foreach ($_POST['privs'] as $mid => $priv) {
if ($priv != USER_INVALID) {
$sql = "UPDATE ".TABLE_PREFIX."groups_members SET `privileges`=$priv WHERE group_id=$_SESSION[group_id] AND member_id=$mid";
mysql_query($sql,$db);
} else {
if ($mid == $_SESSION['member_id']) {
$del_self_warning = _AC('del_self_warning');
} else {
$rems[$mid] = $priv;
}
}
}
}
if (count($rems) > 0) {
$sql = "DELETE FROM ".TABLE_PREFIX."groups_members WHERE group_id=".$_SESSION['group_id']." AND (";
foreach ($rems as $mid => $remove) {
$sql .= "member_id=".$mid." OR ";
}
$sql = substr($sql, 0, -4);
$sql .= ")";
mysql_query($sql,$db);
}
if (!isset($del_self_warning)) {
header('Location: group_assign.php?f='.F_ASSIGN_EDITED);
exit;
}
}
if (isset($_POST['continue'])) {
$sql = "DELETE FROM ".TABLE_PREFIX."groups_members WHERE group_id=".$_SESSION['group_id']." AND member_id=".$_SESSION['member_id'];
mysql_query($sql,$db);
header('Location: group_assign.php?f='.F_ASSIGN_EDITED);
exit;
}
if (authenticate(USER_ADMIN, USER_RETURN_CHECK)) {
$group_info = get_group($_SESSION['group_id']);
$_SECTION[0][0] = _AC('administration');
$_SECTION[0][1] = 'admin/index.php';
$_SECTION[1][0] = _AC('groups');
$_SECTION[1][1] = 'admin/groups.php';
$_SECTION[2][0] = $group_info['title'];
$_SECTION[2][1] = 'group_admin/index.php';
$_SECTION[3][0] = _AC('group_member_management');
$_SECTION[3][1] = 'group_admin/group_assign.php';
require(AC_INCLUDE_PATH.'admin/header.inc.php');
} else {
$_SECTION[0][0] = _AC('home');
$_SECTION[0][1] = 'home.php';
$_SECTION[1][0] = _AC('administration');
$_SECTION[1][1] = 'group_admin/';
$_SECTION[2][0] = _AC('group_member_management');
$_SECTION[2][1] = 'group_admin/group_assign.php';
require(AC_INCLUDE_PATH.'header.inc.php');
}
if (isset($errors)) {
print_errors($errors);
unset($errors);
}
if (isset($_GET['f'])) {
$_SESSION['show_feedback'] = '';
print_feedback($_GET['f']);
unset($_GET['f']);
}
if ($_GET['group_sort'] == 'DESC') {
$group_sort = 'ASC';
} else {
$group_sort = 'DESC';
}
if ($_GET['non_group_sort'] == 'DESC') {
$non_group_sort = 'ASC';
} else {
$non_group_sort = 'DESC';
}
if (isset($del_self_warning)) {
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="form_rem_confirm">
<input type="hidden" name="confirm" value="1" />
<table width="100%" cellspacing="0" cellpadding="2" style="border: 1pt solid " bgcolor="white" align="center" summary="">
<tr>
<td align="center"><br /><?php echo $del_self_warning; ?><br /><br />
<input type="submit" name="continue" value="<?php echo _AC('continue'); ?>" class="submitN" onfocus="this.className='submitN highlight'" onblur="this.className='submitN'" /> <input type="submit" name="cancel" value="<?php echo _AC('cancel'); ?>" class="submitN" onfocus="this.className='submitN highlight'" onblur="this.className='submitN'" /><br /><br />
</td>
</tr>
</table>
</form>
<br />
<?php
require(AC_INCLUDE_PATH.'footer.inc.php');
exit;
}
$studs = array();
$studs_group = array();
// COURSE LIST
if ($_SESSION['course_id'] > 0) {
$sql = "SELECT DISTINCT(E.member_id), H.group_id, H.privileges, H.private_folder FROM ".AT_TABLE_PREFIX."course_enrollment E LEFT JOIN ".TABLE_PREFIX."groups_members H USING (member_id) WHERE E.course_id=".$_SESSION['course_id'];
} else {
$sql = "SELECT M.member_id, G.group_id, G.privileges, G.private_folder FROM ".TABLE_PREFIX."members M LEFT JOIN ".TABLE_PREFIX."groups_members G USING (member_id) ORDER BY M.login ASC";
}
if ($result = mysql_query($sql,$db)) {
echo '<table cellspacing="0" cellpadding="5" border="0" align="center" summary=""><tr><td width="50%" valign="top">';
echo '<form action="'.$_SERVER['PHP_SELF'].'" method="post" name="form_add">';
echo '<table width="100%" cellspacing="0" cellpadding="2" border="0" bgcolor="white" align="center" summary="" class="box2">';
echo '<tr>';
echo '<th colspan="2" class="box" align="center">';
if ($non_group_sort == 'DESC' ) {
echo '<a class="sortbox" href="'.$_SERVER['PHP_SELF'].'?non_group_sort=DESC' . SEP . 'group_sort=' . $_GET['group_sort'] . '" onfocus="this.className=\'highlight\'" onblur="this.className=\'\'">' . _AC('nongroup_members') . ' <img src="images/asc.gif" height="7" width="11" alt="'._AC('username_asc').'" border="0" class="img4"/></a>';
}
else {
echo '<a class="sortbox" href="'.$_SERVER['PHP_SELF'].'?non_group_sort=ASC' . SEP . 'group_sort=' . $_GET['group_sort'] . '" onfocus="this.className=\'highlight\'" onblur="this.className=\'\'">' . _AC('nongroup_members') . ' <img src="images/desc.gif" height="7" width="11" alt="'._AC('username_desc').'" border="0" class="img4"/></a>';
}
echo '</th></tr>';
while ($row = mysql_fetch_assoc($result)) {
if ($row['group_id'] == $_SESSION['group_id']) {
$studs_group[$row['member_id']] = $row;
if (isset($studs[$row['member_id']])) {
unset($studs[$row['member_id']]);
}
} else if (!isset($studs_group[$row['member_id']])) {
$studs[$row['member_id']] = $row;
}
}
if (count($studs)>0) {
//sorting order
if ($non_group_sort == 'DESC') {
//reverse the thurst of durst (always wanted to say that :), reverse the array order
$studs = array_reverse($studs);
}
$counter=1;
$d = '';
foreach ($studs as $row) {
$counter++;
echo '<tr>';
echo '<td class="row'.(($counter-1)%2).'">';
echo '<input type="checkbox" name="adds['.$row['member_id'].']" id="add'.$row['member_id'].'" value="1"'.$n.'> <label for="add'.$row['member_id'].'">';
$sql = "SELECT login, first_name, last_name FROM ".MEMBERS_TABLE_PREFIX."members WHERE member_id=".$row['member_id'];
$result = mysql_query($sql, $db);
$mem = mysql_fetch_array($result);
echo $mem['login'];
if ($mem['first_name']!='' || $mem['last_name']!='') {
echo ' - '.$mem['first_name'].' '.$mem['last_name'];
}
echo '</label>';
echo '</td>';
echo '</tr>';
}
} else {
echo '<tr>';
echo '<td class="row'.(($counter-1)%2).'">';
echo _AC('no_unassigned');
$d = 'disabled="disabled"';
echo '</td>';
echo '</tr>';
}
echo '<tr>';
echo '<td colspan="2" align="center" class="row1"><br /><input type="submit" name="add" value="'._AC('add').'" class="submitY" onfocus="this.className=\'submitY highlight\'" onblur="this.className=\'submitY\'" '.$d.' /><br /><br /></td>';
echo '</tr>';
echo '</table>';
echo '</form></td><td width="60%" valign="top">';
//GROUP LIST
echo '<form action="'.$_SERVER['PHP_SELF'].'" method="post" name="form_remove">';
echo '<table width="100%" cellspacing="0" cellpadding="2" border="0" bgcolor="white" align="center" summary="" class="box2">';
echo '<tr>';
echo '<th colspan="2" class="box" align="center">';
if ($group_sort == 'DESC' ) {
echo '<a class="sortbox" href="'.$_SERVER['PHP_SELF'].'?group_sort=DESC' . SEP . 'non_group_sort=' . $_GET['non_group_sort'] . '" onfocus="this.className=\'highlight\'" onblur="this.className=\'\'">' . _AC('group_members') . ' <img src="images/asc.gif" height="7" width="11" alt="'._AC('username_asc').'" border="0" class="img4"/></a>';
}
else {
echo '<a class="sortbox" href="'.$_SERVER['PHP_SELF'].'?group_sort=ASC' . SEP . 'non_group_sort=' . $_GET['non_group_sort'] . '" onfocus="this.className=\'highlight\'" onblur="this.className=\'\'">' . _AC('group_members') . ' <img src="images/desc.gif" height="7" width="11" alt="'._AC('username_desc').'" border="0" class="img4"/></a>';
}
echo '</th></tr>';
if (count($studs_group)>0) {
//sorting order
if ($group_sort == 'DESC') {
//reverse the thurst of durst (always wanted to say that :), reverse the array order
$studs_group = array_reverse($studs_group);
}
$counter=1;
foreach ($studs_group as $stud) {
$counter++;
$inst = FALSE;
$d = '';
echo '<tr>';
echo '<td class="row'.(($counter-1)%2).'">';
$sql = "SELECT login, first_name, last_name FROM ".MEMBERS_TABLE_PREFIX."members WHERE member_id=".$stud['member_id'];
$result = mysql_query($sql, $db);
$mem = mysql_fetch_assoc($result);
if ($stud['member_id'] == $_SESSION['member_id']) {
echo '<strong>'._AC('chat_you').'</strong>';
} else {
echo $mem['login'];
}
if ($mem['first_name']!='' || $mem['last_name']!='') {
echo ' - '.$mem['first_name'].' '.$mem['last_name'];
}
echo '</td>';
if ($_SESSION['course_id'] > 0) {
//check if instructor
$sql = "SELECT count(member_id) FROM ".MEMBERS_TABLE_PREFIX."courses WHERE member_id=".$stud['member_id']." AND course_id=".$_SESSION['course_id'];
$result = mysql_query($sql, $db);
$row = mysql_fetch_array($result);
if ($row[0] > 0) {
$inst = true;
}
}
$a = "";
$r = "";
if (($stud['privileges'] == USER_GROUP_ADMIN) || ($stud['privilege'] == USER_ADMIN)) {
$a = 'checked="checked"';
} else {
$r = 'checked="checked"';
}
if (!$inst) {
echo '<td class="row'.(($counter-1)%2).'" nowrap="nowrap">';
if ($stud['private_folder'] == 'y') {
echo '<a href="'.$_SERVER['PHP_SELF'].'?non_group_sort=' . $_GET['non_group_sort'] . SEP . 'group_sort=' . $_GET['group_sort'] . SEP . 'private_folder=0' . SEP . 'member_id=' . $stud['member_id'] . '" onfocus="this.className=\'highlight\'" onblur="this.className=\'\'">(' . _AC('disable_personal_folder') . ')</a>';
} else {
echo '<a href="'.$_SERVER['PHP_SELF'].'?non_group_sort=' . $_GET['non_group_sort'] . SEP . 'group_sort=' . $_GET['group_sort'] . SEP . 'private_folder=1' . SEP . 'member_id=' . $stud['member_id'] . '" onfocus="this.className=\'highlight\'" onblur="this.className=\'\'">(' . _AC('enable_personal_folder') . ')</a>';
}
if ($_SESSION['member_id'] == $stud['member_id']) {
echo '<input type="radio" name="privs[' . $stud['member_id'] . ']" id="r' . $stud['member_id'] . '" disabled="disabled" /><label for="r' . $stud['member_id'] . '">' . _AC('regular') . '</label>';
} else {
echo '<input type="radio" name="privs[' . $stud['member_id'] . ']" value="' . USER_CLIENT . '" id="r' . $stud['member_id'] . '" ' . $r . ' /><label for="r' . $stud['member_id'] . '">' . _AC('regular') . '</label>';
}
echo '<input type="radio" name="privs['.$stud['member_id'].']" value="'.USER_GROUP_ADMIN.'" id="a' . $stud['member_id'] . '" ' . $a . ' /><label for="a' . $stud['member_id'] . '">' . _AC('group_admin') . '</label> <strong>|</strong>';
if ($_SESSION['member_id'] == $stud['member_id']) {
echo '<input type="radio" name="privs[' . $stud['member_id'] . ']" id="rem' . $stud['member_id'] . '" disabled="disabled" /><label for="rem' . $stud['member_id'] . '">' . _AC('remove') . '</label>';
} else {
echo '<input type="radio" name="privs[' . $stud['member_id'] . ']" value="' . USER_INVALID . '" id="rem' . $stud['member_id'] . '" /><label for="rem' . $stud['member_id'] . '">' . _AC('remove') . '</label>';
}
echo '</td>';
} else {
echo '<td class="row'.(($counter-1)%2).'"> - '._AC('group_admin').'</td>';
}
echo '</tr>';
}
} else {
echo '<tr>';
echo '<td class="row'.(($counter-1)%2).'">';
echo _AC('no_members_found');
$d = 'disabled="disabled"';
echo '</td>';
echo '</tr>';
}
echo '<tr>';
echo '<td colspan="2" align="center" class="row1" nowrap="nowrap"><br /><input type="submit" name="apply" value="'._AC('apply').'" class="submitY" onfocus="this.className=\'submitY highlight\'" onblur="this.className=\'submitY\'" '.$d.' /> <input type="submit" name="cancel" value="'._AC('cancel').'" class="submitN" onfocus="this.className=\'submitN highlight\'" onblur="this.className=\'submitN\'" /><br /><br /></td>';
echo '</tr>';
echo '</table>';
echo '</form>';
echo '</td></tr></table>';
} else {
echo _AC('no_group_members');
}
require(AC_INCLUDE_PATH.'footer.inc.php');
?>