Location: PHPKode > projects > Course-manager > courseman-0.1.1/edit-course.php
<?php
  require('global-php.php');
  require('local-criteria.php');
  $verbindung = database_connection($lang_database_failure[$language]);
  $PHP_AUTH_USER = $_SERVER["PHP_AUTH_USER"];
  $PHP_AUTH_PW = $_SERVER["PHP_AUTH_PW"];
  $ergebnis = db_exec($verbindung,
			"SELECT * FROM staff_authorization,superuser "
				. "WHERE superuser.account"
				. "=staff_authorization.id "
				. "AND "
				. login_query_clauses(
					$PHP_AUTH_USER,
					$PHP_AUTH_PW)
				. ";");
  if (pg_numrows($ergebnis) < 1) {
    header('WWW-Authenticate: Basic realm="Kursverwaltung"');
    header("HTTP/1.0 401 Unauthorized");
    echo $lang_authentication_failure[$language];
    db_close($verbindung);
    exit;
  }
  function basic_column_editor($name,$value) {
    return "<input type='TEXT' name='$name' value='$value' />";
  }
  function weekday_column_editor($name,$value) {
    global $verbindung, $language;
    $editor = "<select name='$name'>\n";
    $result = db_exec($verbindung, "SELECT weekday,translation
	FROM weekday_translation,language
	WHERE language=language.id
	AND code='$language'
	ORDER BY weekday;");
    for ($row = 0; $row < pg_numrows($result); $row++) {
      $col = 0;
      $id = pg_result($result, $row, $col++);
      $weekday = pg_result($result, $row, $col++);
      $editor .= "<option value='$id'"
			. (($value == $id) ? " selected" : "")
			. ">$weekday</option>\n";
    }
    $editor .= "</select>";
    return $editor;
  }
  function type_editor($type) {
    $type_editors = array(
	'weekday' => weekday_column_editor);
    $specific = $type_editors[$type];
    if ($specific) {
      return $specific;
    } else {
      return basic_column_editor;
    }
  }
  $course = intval($_REQUEST["course"]);
  $category = intval($_REQUEST["category"]);
  $course_period = option_value($course_period_option);
  $columns = array();
  $ergebnis = db_exec($verbindung,
		"SELECT course_date_column_type.table_column,type,translation "
			. "FROM course_date_column_type,language,"
				. "course_period_date_tables,"
				. "course_date_column_translation "
			. "WHERE course_date_column_type.tables="
				. "course_date_column_translation.tables "
			. "AND course_date_column_translation.table_column="
				. "course_date_column_type.table_column "
			. "AND course_date_column_translation.tables="
				. "course_date_tables "
			. "AND language=language.id "
			. "AND code='$language' "
			. "AND course_period=$course_period;");
  for ($row = 0;  $row < pg_numrows($ergebnis); $row++) {
    $col = 0;
    $column = pg_result($ergebnis, $row, $col++);
    $type = pg_result($ergebnis, $row, $col++);
    $description = pg_result($ergebnis, $row, $col++);
    $descriptions[$column] = $description;
    $types[$column] = $type;
    array_push($columns, $column);
  }
  if ($_REQUEST['category_name']) {
    $category_name = $_REQUEST['category_name'];
    $course_name = $_REQUEST['course_name'];
    foreach ($columns as $column) {
      $column_names .= ",$column";
      $column_values .= ",'" . pg_escape_string($_REQUEST[$column]) . "'";
    }
    db_exec($verbindung, "START TRANSACTION;");
    db_exec($verbindung, "LOCK TABLE category;");
    db_exec($verbindung, "LOCK TABLE course;");
    db_exec($verbindung, "LOCK TABLE $course_date;");
    db_exec($verbindung, "INSERT INTO category (name) "
				. "SELECT '"
					. pg_escape_string($category_name)
					. "' "
				. "WHERE NOT EXISTS ("
				. "SELECT true FROM category "
				. "WHERE name='"
					. pg_escape_string($category_name)
					. "');");
    db_exec($verbindung, "INSERT INTO course (name,category,course_period) "
				. "SELECT '"
					. pg_escape_string($course_name)
					. "',id,$course_period "
				. "FROM category "
				. "WHERE name='"
					. pg_escape_string($category_name)
					. "' "
				. "AND NOT EXISTS ("
				. "SELECT true FROM course "
				. "WHERE course.name='"
					. pg_escape_string($course_name)
					. "' "
				. "AND course_period=$course_period);");
    db_exec($verbindung, "DELETE FROM $course_date WHERE id=$course;");
    db_exec($verbindung, "INSERT INTO $course_date (id,course$column_names) "
				. "SELECT $course,course.id$column_values "
				. "FROM course,category "
				. "WHERE category.name='"
					. pg_escape_string($category_name)
					. "' "
				. "AND course.name='"
					. pg_escape_string($course_name)
					. "' "
				. "AND category=category.id "
				. "AND course_period=$course_period;");
    db_exec($verbindung, "COMMIT;");
  }
  $fields = value_pass('course') . value_pass('category') . "<table>
";
  $date_columns = "";
  foreach ($columns as $column) {
    $date_columns .= ",$column";
  }
  $ergebnis = db_exec($verbindung,
			"SELECT category.name,course.name$date_columns "
				. "FROM category,course,$course_date "
				. "WHERE category=category.id "
				. "AND course=course.id "
				. "AND $course_date.id=$course;");
  for ($row = 0;  $row < pg_numrows($ergebnis); $row++) {
    $col = 0;
    $category_name = pg_result($ergebnis, $row, $col++);
    $course_name = pg_result($ergebnis, $row, $col++);
    foreach ($columns as $column) {
      $values[$column] = pg_result($ergebnis, $row, $col++);
    }
  }
  $fields .= "<tr>
<td>
$application_specific_category
</td>
<td>
<input type='TEXT' name='category_name' value='$category_name' />
</td>
</tr>
<tr>
<td>
" . $lang_course_name[$language] . "
</td>
<td>
<input type='TEXT' name='course_name' value='$course_name' />
</td>
</tr>
";
  foreach ($columns as $column) {
    $type_editor = type_editor($types[$column]);
    $fields .= "<tr>
<td>
" . $descriptions[$column] . "
</td>
<td>
" . $type_editor($column,$values[$column]) . "
</td>
</tr>
";
  }
  $fields .= "</table>
";
  db_close($verbindung);
  require_once('template-edit-course.php');
?>
Return current item: Course-manager