Location: PHPKode > projects > Echelon - A Writing Center Portal > echelon-1.0.0/dbaccess/getadmindata.php
<?php
/* getadmindata.php -- Provides DB access to Admin-only pages using AJAX */

require_once("../include/user.php");
require_once("../include/config.php");
require_once("../include/sql_manip.php");
require_once("../include/util.php");

session_start();
/* Following snippet of code to prevent caching is from W3Schools.com */
header("Cache-Control: no-cache, must-revalidate");
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");	// Date in the past

if (!is_admin($_SESSION))
{
	session_destroy();
	die();
}

if (($_GET['action'] == 'stafflist') && is_numeric($_GET['row']) && is_numeric($_GET['col']) && isset($_GET['q']))
{
	$term = trim($_GET['q']);
	if (empty($term))
	{
		die('Bad Request');
	}
	
	global $DATABASE;
	
	$tmpsql = new SQL_manip();
	$gsquery = 'SELECT id FROM ' . $DATABASE['prefix'] . "users WHERE (user_type IN ('advisor', 'receptionist')) AND (firstname LIKE '%" . $term . "%' OR lastname LIKE '%" . $term . "%') LIMIT 4";
	$tmpsql->query($gsquery);
	
	if ($tmpsql->get_num_rows() == 0)
	{
		exit();
	}
	
	$output_html =<<<EOD
	<table id="StaffSearchDisp" cellpadding="0" cellspacing="0">
	<tr>
	<td class="SSDTitle">Name</td><td class="SSDTitle">Action</td>
	</tr>
EOD;

	while ($row = $tmpsql->fetch_assoc())
	{
		$tmpuser = new DO_User();
		$tmpuser->get((int) $row['id']);
		
		$output_html .= "<tr>\n";
		$output_html .= '<td>' . $tmpuser->get_fullname() . "</td>\n";
		$output_html .= '<td><a class="CustomJSCmd" href="javascript:addHiddenStaffVal(' . $tmpuser->get_id() . ', \'' . $tmpuser->get_fullname() . '\', ' . $_GET['row'] . ', ' . $_GET['col'] . ')" />';
		if ($tmpuser->get_user_type() == 'advisor')
		{
			$output_html .= 'Add Advisor';
		}
		else if ($tmpuser->get_user_type() == 'receptionist')
		{
			$output_html .= 'Add Receptionist';
		}
		$output_html .= "</a></td>\n";
	}
	
	println($output_html);
	exit();
}
if (($_GET['action'] == 'schededit') && is_numeric($_GET['id']))
{
	require_once("../include/schedule.php");
	
	$cursched_id = (int) $_GET['id'];
	$cursched_obj = new DO_Schedule();
	
	$cursched_obj->whereAdd("id = $cursched_id");
	$sched_findval = $cursched_obj->find();
	$cursched_obj->whereAdd();
	if ($sched_findval == 0)
	{
		exit();
	}
	
	$cursched_obj->load_schedule($cursched_id);
	$sched_arr = $cursched_obj->get_schedule();
	$all_sessions = $cursched_obj->get_schedule_sessions();
	$day_names = $cursched_obj->get_day_names();
	$sched_name = $cursched_obj->get_name();
		
	$output_html =<<<EOD
	<div id="HintSection" class="Hint">
	<span class="HSTitle">Read Carefully:</span><br />
	<ul>
		<li>The schedule&#39;s name must remain unique.</li>
		<li>Each session must have a unique value.</li>
		<li>To delete an advisor from a certain cell, click his/her name within that cell.</li>
	</ul>
	</div>
	<form id="edit_schedule" name="edit_schedule" action="procschedule.php?mode=edit" method="post">
	<input type="hidden" name="schedule_id" value="{$cursched_id}" />
	<span class="FieldName">Name:</span>
	<input type="text" name="schedule_name" value="{$sched_name}" /><br /><br />
	<table id="EditSchedTable" cellpadding="0" cellspacing="0">
	<tr class="SchedTableWhiteRow">
	<td class="SchedTableDayName">Session</td>
EOD;
	
	foreach ($day_names as $value)
	{
		$output_html .= '<td class="SchedTableDayName">' . $value . "</td>\n";
	}
	$output_html .= "</tr>\n";
	
	$row_count = 0;
	$col_count = 0;
	for ($i = 0; $i < count($all_sessions); $i++)
	{
		$current_session = $all_sessions[$i];
			
		$output_html .= ($i % 2) ? '<tr class="SchedTableWhiteRow">' : '<tr class="SchedTableDarkRow">';
	
		$output_html .= '<td class="SchedTableSessionName">';
		$output_html .= '<input type="text" id="schedSession' . $i . '" name="schedSession' . $i . '" value="' . $current_session . '" />';
		$output_html .= "</td>\n";
		
		$col = 0;
		foreach ($sched_arr as $day => $daydata)
		{
			$session_found = false;
			$output_html .= '<td>';
			for ($j = 0; $j < count($daydata); $j++)
			{
				if ($current_session == $daydata[$j]['name'])
				{
					$advlist = $daydata[$j]['advlist'];
					$advinput = '<input type="hidden" id="schedCellInput' . $i . $col . '" name="schedCellInput' . $i . $col . '" value="';
					$output_html .= '<span id="schedStaffList' . $i . $col . '">';
					foreach ($advlist as $advisor)
					{
						$tmpadvobj = new DO_User();
						$tmpadvobj->whereAdd('id = ' . (int) $advisor['id']);
						$tao_findval = $tmpadvobj->find(true);
						$tmpadvobj->whereAdd();
						if ($tao_findval != 1)
						{
							continue;
						}
						$tmpfullname = $tmpadvobj->get_fullname();
						$output_html .= '<span id="rSLinkSpan' . $i . $col . '_' . $advisor['id'] . '"><a title="Click to Delete" class="CustomJSCmd" href="javascript:removeStaff('. $advisor['id'] . ', \'' . $tmpfullname . '\', ' . $i . ', ' . $col . ')">' . $tmpfullname . "</a><br /></span>\n";
						$advinput .= $advisor['id'] . ',';
					}
					$output_html .= "</span>\n";
					$advinput = trim($advinput, ',');
					
					$advinput .= '" />' . "\n";
					$output_html .= $advinput;
					$session_found = true;
					break;
				}
			}
			if (!$session_found)
			{
				$output_html .= '<span id="schedStaffList' . $i . $col . '"></span>';
				$advinput = '<input type="hidden" id="schedCellInput' . $i . $col . '" name="schedCellInput' . $i . $col . '" value="" />' . "\n";
				$output_html .= $advinput;
			}
			
			$output_html .= '<br /><span class="FieldName">Add:</span><input type="text" size="15" id="schedCellSearch' . $i . $col . '" onkeyup="loadSchedStaffList(this.value, ' . $i . ', ' . $col . ')" />' . "\n";
			$output_html .= '<div id="schedCellResults' . $i . $col . '">' . "</div>\n";
			
			$output_html .= "<br /></td>\n";
			$col++;
		}
		
		$output_html .= "</tr>\n";
		$row_count = $i;
		$col_count = $col;
	}
	
	$output_html .= '</table>';
	
	$output_html .=<<<EOD
	<table style="width: 100%;"><tr>
	<td style="text-align: left;">
	<input type="button" value="Add New Session" onclick="addStaffSchedRow()" />
	<input type="button" value="Delete Last Row" onclick="deleteSchedStaffRow()" />
	</td>
	<td style="text-align: right;"><input type="submit" value="Save Schedule" /></td>
	</tr></table>
	</form>
EOD;
	
	println($output_html);
	exit();
}
if (($_GET['action'] == 'schedview') && is_numeric($_GET['id']))
{
	require_once("../include/schedule.php");
	
	$sched_id = (int) $_GET['id'];
	$sched_obj = new DO_Schedule();
	
	$sched_obj->whereAdd("id = $sched_id");
	$sched_findval = $sched_obj->find();
	$sched_obj->whereAdd();
	if ($sched_findval == 0)
	{
		exit();
	}
	
	$output_html = get_schedule_html($sched_id);
	
	println($output_html);
	exit();
}

if (($_GET['action'] == 'gtedit') && is_numeric($_GET['id']))
{
	require_once("../include/goaltemplate.php");
	
	$gt_id = (int) $_GET['id'];
	$gt_obj = new DO_GoalTemplate();
	
	$gt_obj->whereAdd("id = $gt_id");
	$gt_findval = $gt_obj->find();
	$gt_obj->whereAdd();
	if ($gt_findval == 0)
	{
		exit();
	}
	
	$gt_obj->load_template_arr($gt_id);
	$gt_arr = $gt_obj->get_template_arr();
	$gt_name = $gt_obj->get_name();
	
	$output_html =<<<EOD
	<div id="HintSection" class="Hint">
	<span class="HSTitle">Read Carefully:</span><br />
	<ul>
		<li>The goal template&#39;s name must remain unique.</li>
		<li>Each "Selection Title" must have a unique value.</li>
	</ul>
	*The "Variable Name" is used for internal purposes.  Each "Variable Name" must be a string only containing alphanumeric characters and no spaces with the first letter being alphabetic.<br /><br />
	</div>
	<form id="edit_goaltemp" name="edit_goaltemp" action="procgoaltemplate.php?mode=edit" method="post">
	<input type="hidden" name="goaltemp_id" value="{$gt_id}" />
	<span class="FieldName">Name:</span>
	<input type="text" name="goaltemp_name" value="{$gt_name}" /><br /><br />
	<table id="EditGoalTempTable" cellpadding="0" cellspacing="0">
	<tr class="EditGTHeaderRow">
	<td>Selection Title</td>
	<td>Variable Name*</td>
	<td>Options (<span class="Hint">List Each Option on a Separate Line</span>)</td>
	</tr>
EOD;
	
	for ($i = 0; $i < count($gt_arr); $i++)
	{
		$selection = $gt_arr[$i];
		
		$output_html .= ($i % 2) ? '<tr class="GTEditTableWhiteRow">' : '<tr class="GTEditTableDarkRow">';
		$output_html .= "\n";
		$output_html .= '<td><input name="gtSelTitle' . $i . '" id="gtSelTitle' . $i . '" type="text" value="' . $selection['title'] . '" />' . "</td>\n";
		$output_html .= '<td><input name="gtSelVarname' . $i . '" id="gtSelVarname' . $i . '" type="text" value="' . $selection['varname'] . '" />' . "</td>\n";
		
		$selopts_str = implode("\n", $selection['options']);
		$output_html .= '<td><textarea name="gtSelOptions' . $i . '" id="gtSelOptions' . $i . '" rows="5" cols="43">' . $selopts_str . "</textarea></td>\n";
		
		$output_html .= "</tr>\n";
	}
	
	$output_html .= '</table>';
	
	$output_html .=<<<EOD
	<table style="width: 100%;"><tr>
	<td style="text-align: left;">
	<input type="button" value="Add New Selection" onclick="addGTSelectionRow()" />
	<input type="button" value="Delete Last Selection" onclick="deleteGTSelectionRow()" />
	</td>
	<td style="text-align: right;"><input type="submit" value="Save Goal Template" /></td>
	</tr></table>
	</form>
EOD;
	
	println($output_html);
	exit();
}

/* BEGIN Attendance related actions */

if (($_GET['action'] == 'attndlist') && isset($_GET['q']))
{
	$term = trim($_GET['q']);
	if (empty($term))
	{
		die('Bad Request');
	}
	
	global $DATABASE;
	
	$tmpsql = new SQL_manip();
	$gsquery = 'SELECT id FROM ' . $DATABASE['prefix'] . "users WHERE (user_type = 'advisor') AND (firstname LIKE '%" . $term . "%' OR lastname LIKE '%" . $term . "%') LIMIT 4";
	$tmpsql->query($gsquery);
	
	if ($tmpsql->get_num_rows() == 0)
	{
		exit();
	}
	
	$output_html =<<<EOD
	<table id="AttndSearchDisp" cellpadding="0" cellspacing="0">
	<tr>
	<td class="ASDTitle">Name</td><td class="ASDTitle">Action</td>
	</tr>
EOD;

	while ($row = $tmpsql->fetch_assoc())
	{
		$tmpuser = new DO_User();
		$tmpuser->get((int) $row['id']);
		
		$output_html .= "<tr>\n";
		$output_html .= '<td>' . $tmpuser->get_fullname() . "</td>\n";
		$output_html .= '<td><a class="CustomJSCmd" href="javascript:loadAttendance(' . $tmpuser->get_id() . ')" />View Attendance</a>';
		$output_html .= "</td>\n";
		$output_html .= "</tr>\n";
	}
	
	$output_html .= "</table>\n";
	
	println($output_html);
	exit();
}
if (($_GET['action'] == 'attndview') && is_numeric($_GET['id']))
{
	require_once("../include/attendance.php");
	
	global $DATABASE;
	
	$tmpadvisor = new DO_User();
	$advisor_id = (int) $_GET['id'];
	$tmpadvisor->get($advisor_id);
	if ($tmpadvisor->get_user_type() != 'advisor')
	{
		exit();
	}
	$advisorname = $tmpadvisor->get_fullname();
	
	$tmpsql = new SQL_manip();
	$gmquery = 'SELECT * FROM ' . $DATABASE['prefix'] . 'attendance WHERE advisor_id = ' . $advisor_id . ' AND month = ' . date("m") . ' AND year = ' . date("Y");
	$tmpsql->query($gmquery);
	
	$output_html =<<<EOD
	<br />
	<hr style="width: 50%;" />
	<br />
	<table id="StaffAttndView" cellspacing="0" cellpadding="0">
	<tr>
		<td class="SAVTitle"><span class="FieldName">Advisor Name</span></td>
		<td class="SAVTitle"><span class="FieldName">Attendance for This Month</span></td>
		<td class="SAVTitle"><span class="FieldName">Attendance History</span></td>
	</tr>
	<tr>
		<td>$advisorname</td>
EOD;

	$output_html .= '<td class="AttndRecCell">' . "\n";
	if ($tmpsql->get_num_rows() == 0)
	{
		$output_html .= '<span class="NoAttendance">&lt;No Records&gt;</span>' . "\n";
	}
	else
	{
		while ($row = $tmpsql->fetch_assoc())
		{
			$tmpattnd = new DO_Attendance();
			$tmpattnd->get((int) $row['id']);
			$output_html .= $tmpattnd->get_date(true) . "<br />\n";
		}
	}
	$output_html .= "</td>\n";
	
	$gaquery = 'SELECT * FROM ' . $DATABASE['prefix'] . 'attendance WHERE advisor_id = ' . $advisor_id;
	$tmpsql->query($gaquery);
	
	$output_html .= '<td class="AttndRecCell">' . "\n";
	if ($tmpsql->get_num_rows() == 0)
	{
		$output_html .= '<span class="NoAttendance">&lt;No Records&gt;</span>' . "\n";
	}
	else
	{
		
		while ($row = $tmpsql->fetch_assoc())
		{
			$tmpattnd = new DO_Attendance();
			$tmpattnd->get((int) $row['id']);
			$output_html .= $tmpattnd->get_date(true) . "<br />\n";
		}
	}
	$output_html .= "</td>\n";
	
	$output_html .= "</tr></table>";
	println($output_html);
	exit();
}

/* END Attendance related actions */

if (($_GET['action'] == 'apptadvlist') && isset($_GET['q']))
{
	$term = trim($_GET['q']);
	if (empty($term))
	{
		die('Bad Request');
	}
	
	global $DATABASE;
	
	$tmpsql = new SQL_manip();
	$gsquery = 'SELECT id FROM ' . $DATABASE['prefix'] . "users WHERE (user_type = 'advisor') AND (firstname LIKE '%" . $term . "%' OR lastname LIKE '%" . $term . "%') LIMIT 4";
	$tmpsql->query($gsquery);
	
	if ($tmpsql->get_num_rows() == 0)
	{
		exit();
	}
	
	$output_html =<<<EOD
	<table id="AdvApptSearchDisp" cellpadding="0" cellspacing="0">
	<tr>
	<td class="AdvApptSDTitle">Name</td><td class="AdvApptSDTitle">Action</td>
	</tr>
EOD;

	while ($row = $tmpsql->fetch_assoc())
	{
		$tmpuser = new DO_User();
		$tmpuser->get((int) $row['id']);
		
		$output_html .= "<tr>\n";
		$output_html .= '<td>' . $tmpuser->get_fullname() . "</td>\n";
		$output_html .= '<td><a class="CustomJSCmd" href="javascript:loadAdvisorAppts(' . $tmpuser->get_id() . ')" />View Appointments</a>';
		$output_html .= "</td>\n";
		$output_html .= "</tr>\n";
	}
	
	$output_html .= "</table>\n";
	
	println($output_html);
	exit();
}

if (($_GET['action'] == 'advapptview') && is_numeric($_GET['id']))
{
	require_once("../include/classdata.php");
	require_once("../include/appointment.php");
	
	$userid = (int) $_GET['id'];
	
	$userobj = new DO_User();
	$userobj->whereAdd("id = " . $userid);
	$user_findval = $userobj->find(true);
	$userobj->whereAdd();
	if (($user_findval == 0) || ($userobj->get_user_type() != 'advisor'))
	{
		exit();
	}
	else
	{
		$userobj = $userobj->get_specific_usertype();
	}

	$apptlist = $userobj->get_appointment_list();

	if (empty($apptlist))
	{
		println('<span class="NoAppointments">No appointments available.</span>');
		exit();
	}	
	
	$advisorname = $userobj->get_fullname();
	// Possible actions are View, Delete, and Archive
	$output_html =<<<EOD
	<center><div id="remoteApptActionMessage"></div></center><br />
	<div class="SATTitle">Appointment History for {$advisorname}:</div>
	<table id="StaffApptTable" class="AdminApptTable" border="0">
	<tr>
	<td class="ApptDispTitleCell">Student Name</td>
	<td class="ApptDispTitleCell">Class - Teacher</td>
	<td class="ApptDispTitleCell">Date (Y-M-D)</td>
	<td class="ApptDispTitleCell">Status</td>
	<td class="ApptDispTitleCell" colspan="3">Action</td>
	</tr>
EOD;

	for ($i = 0; $i < count($apptlist); $i++)
	{
		$tmpappt = new DO_Appointment();
		$tmpappt->get((int) $apptlist[$i]);
		$tmpclass = new DO_ClassData();
		$tmpclass->get((int) $tmpappt->get_classdata_id());
		$tmpstudent = new Student();
		$tmpstudent->get((int) $tmpappt->get_student_id());
	
		$output_html .= '<tr id="apptRow' . $tmpappt->get_id() . '">' . "\n";
		$output_html .= '<td>' . $tmpstudent->get_fullname() . "</td>\n";
		$output_html .= '<td>' . $tmpclass->get_fullname() . "</td>\n";
		$output_html .= '<td>' . $tmpappt->get_date() . "</td>\n";
		// $output_html .= '<td>' . $tmpappt->get_meeting_session() . "</td>\n";
		
		if ($tmpappt->is_checked_out())
		{
			$output_html .= "<td>Checked Out</td>\n";
		}
		else
		{
			$output_html .= "<td>Not Checked Out</td>\n";
		}
		$output_html .= '<td class="AdminApptAction"><a class="CustomJSCmd" href="javascript:openApptWindow(\'accessappt.php?action=view&amp;id=' . $tmpappt->get_id() . '\')">View</a>' . "</td>\n";
		$output_html .= '<td class="AdminApptAction"><a class="CustomJSCmd" href="javascript:deleteAppointment(' . $tmpappt->get_id() . ')">Delete</a>' . "</td>\n";
		$output_html .= '<td class="AdminApptAction"><a class="CustomJSCmd" href="javascript:archiveAppointment(' . $tmpappt->get_id() . ')">Archive</a>' . "</td>\n";
		$output_html .= "</tr>\n";
	}
	
	$output_html .= "</table>\n";
	
	println($output_html);
	exit();
}

if (($_GET['action'] == 'viewusers') && isset($_GET['q']))
{
	global $DATABASE;
	
	$term = trim($_GET['q']);
	if (empty($term))
	{
		$guquery = 'SELECT * FROM ' . $DATABASE['prefix'] . 'users';
	}
	else
	{
		$guquery = 'SELECT * FROM ' . $DATABASE['prefix'] . "users WHERE (firstname LIKE '%" . $term . "%' OR lastname LIKE '%" . $term . "%' OR username LIKE '%" . $term . "%')";
	}
	
	$tmpsql = new SQL_manip();

	$tmpsql->query($guquery);
	
	if ($tmpsql->get_num_rows() == 0)
	{
		println('<span class="NormalError">No Users Found</span>');
		exit();
	}
	
	$output_html =<<<EOD
	<table id="UserSearchDisp" cellpadding="0">
	<tr>
	<td class="USDTitle" colspan="2">Action</td>
	<td class="USDTitle">Name</td>
	<td class="USDTitle">Username</td>
	<td class="USDTitle">E-Mail</td>
	<td class="USDTitle">User Type</td>
	</tr>
EOD;

	while ($row = $tmpsql->fetch_assoc())
	{
		$tmpuser = new DO_User();
		$tmpuser->get((int) $row['id']);
		
		$output_html .= '<tr id="userRow' . $tmpuser->get_id() . '">' . "\n";
		
		$output_html .= '<td><a class="CustomJSCmd" href="javascript:editUser(' . $tmpuser->get_id() . ')" />View/Edit</a>';
		$output_html .= "</td>\n";
		$output_html .= '<td><a class="CustomJSCmd" href="javascript:deleteUser(' . $tmpuser->get_id() . ', \'' . $tmpuser->get_username() . '\')" />Delete</a>';
		$output_html .= "</td>\n";
		
		$output_html .= '<td>' . $tmpuser->get_fullname();
		$output_html .= ($tmpuser->is_confirmed()) ? '' : '<b>*</b>';
		$output_html .= "</td>\n";
		$output_html .= '<td>' . $tmpuser->get_username() . "</td>\n";
		$output_html .= '<td>' . $tmpuser->get_email_address() . "</td>\n";
		$output_html .= '<td>' . $tmpuser->get_usertype_regstr() . "</td>\n";
		
		$output_html .= "</tr>\n";
	}
	
	$output_html .= "</table>\n";
	
	println($output_html);
	exit();
}

if (($_GET['action'] == 'tposclasslist') && isset($_GET['q']))
{
	require_once("../include/classdata.php");
	
	$term = trim($_GET['q']);
	if (empty($term))
	{
		die('Bad Request');
	}
	
	global $DATABASE;
	
	$tmpsql = new SQL_manip();
	$gcquery = 'SELECT id FROM ' . $DATABASE['prefix'] . "classdata WHERE (name LIKE '%" . $term . "%') LIMIT 4";
	$tmpsql->query($gcquery);
	
	if ($tmpsql->get_num_rows() == 0)
	{
		exit();
	}
	
	$output_html =<<<EOD
	<table id="TClassSearchDisp" cellpadding="0" cellspacing="0">
	<tr>
	<td class="TCSDTitle">Name</td><td class="TCSDTitle">Action</td>
	</tr>
EOD;

	while ($row = $tmpsql->fetch_assoc())
	{
		$tmpclass = new DO_ClassData();
		$tmpclass->get((int) $row['id']);
		
		$output_html .= "<tr>\n";
		$output_html .= '<td>' . $tmpclass->get_fullname() . "</td>\n";
		$output_html .= '<td><a class="CustomJSCmd" href="javascript:addClassToTeacher(\'' . $tmpclass->get_name() . '\', ' . $tmpclass->get_id() . ')" />Add Class</a>';
		$output_html .= "</td>\n";
		$output_html .= "</tr>\n";
	}
	
	$output_html .= "</table>\n";
	
	println($output_html);
	exit();
}

if (($_GET['action'] == 'teacherlist') && isset($_GET['q']))	// List of teachers
{
	$term = trim($_GET['q']);
	if (empty($term))
	{
		die('Bad Request');
	}
	
	global $DATABASE;
	
	$tmpsql = new SQL_manip();
	$gtquery = 'SELECT * FROM ' . $DATABASE['prefix'] . "users WHERE (user_type='teacher') AND (firstname LIKE '%" . $term . "%' OR lastname LIKE '%" . $term . "%' OR username LIKE '%" . $term . "%')";
	$tmpsql->query($gtquery);
	
	if ($tmpsql->get_num_rows() == 0)
	{
		exit();
	}
	
	$output_html =<<<EOD
	<table id="TeacherSearchDisp" class="GeneralSearchDisp" cellpadding="0" cellspacing="0">
	<tr>
	<td class="GSDTitle">Name</td><td class="GSDTitle">Action</td>
	</tr>
EOD;

	while ($row = $tmpsql->fetch_assoc())
	{
		$tmpteacher = new Teacher();
		$tmpteacher->get((int) $row['id']);
		
		$output_html .= "<tr>\n";
		$output_html .= '<td>' . $tmpteacher->get_fullname() . "</td>\n";
		$output_html .= '<td><a class="CustomJSCmd" href="javascript:selectTeacher(\'' . $tmpteacher->get_fullname() . '\', ' . $tmpteacher->get_id() . ')" />Select</a>';
		$output_html .= "</td>\n";
		$output_html .= "</tr>\n";
	}
	
	$output_html .= "</table>\n";
	
	println($output_html);
	exit();
}

if (($_GET['action'] == 'viewclasses') && isset($_GET['q']))
{
	require_once("../include/classdata.php");
	require_once("../include/department.php");
	require_once("../include/goaltemplate.php");
	
	global $DATABASE;
	
	$term = trim($_GET['q']);
	if (empty($term))
	{
		$gcquery = 'SELECT * FROM ' . $DATABASE['prefix'] . 'classdata';
	}
	else
	{
		$gcquery = 'SELECT * FROM ' . $DATABASE['prefix'] . "classdata WHERE (name LIKE '%" . $term . "%')";
	}
	
	$tmpsql = new SQL_manip();

	$tmpsql->query($gcquery);
	
	if ($tmpsql->get_num_rows() == 0)
	{
		println('<span class="NormalError">No Classes Found</span>');
		exit();
	}
	
	$output_html =<<<EOD
	<table id="ClassSearchDisp" class="GeneralSearchDisp" cellpadding="0">
	<tr>
	<td class="GSDTitle" colspan="2">Action</td>
	<td class="GSDTitle">Name - Teacher</td>
	<td class="GSDTitle">Department</td>
	<td class="GSDTitle">Goal Template</td>
	</tr>
EOD;

	while ($row = $tmpsql->fetch_assoc())
	{
		$tmpclass = new DO_ClassData();
		$tmpclass->get((int) $row['id']);
		$tmpdept = new DO_Department();
		$tmpdept->get((int) $row['department_id']);
		$tmpgt = new DO_GoalTemplate();
		$tmpgt->get((int) $row['goaltemplate_id']);
		
		
		$output_html .= '<tr id="classRow' . $tmpclass->get_id() . '">' . "\n";
		
		$output_html .= '<td><a class="CustomJSCmd" href="javascript:editClass(' . $tmpclass->get_id() . ')" />View/Edit</a>';
		$output_html .= "</td>\n";
		$output_html .= '<td><a class="CustomJSCmd" href="javascript:deleteClass(' . $tmpclass->get_id() . ', \'' . $tmpclass->get_fullname() . '\')" />Delete</a>';
		$output_html .= "</td>\n";
		
		$output_html .= '<td>' . $tmpclass->get_fullname() . "</td>\n";
		$output_html .= '<td>' . $tmpdept->get_name() . "</td>\n";
		$output_html .= '<td>' . $tmpgt->get_name() . "</td>\n";
		
		$output_html .= "</tr>\n";
	}
	
	$output_html .= "</table>\n";
	
	println($output_html);
	exit();
}

if (($_GET['action'] == 'viewdepts') && isset($_GET['q']))
{
	require_once("../include/department.php");
	require_once("../include/goaltemplate.php");
	
	global $DATABASE;
	
	$term = trim($_GET['q']);
	if (empty($term))
	{
		$gdquery = 'SELECT * FROM ' . $DATABASE['prefix'] . 'departments';
	}
	else
	{
		$gdquery = 'SELECT * FROM ' . $DATABASE['prefix'] . "departments WHERE (name LIKE '%" . $term . "%')";
	}
	
	$tmpsql = new SQL_manip();

	$tmpsql->query($gdquery);
	
	if ($tmpsql->get_num_rows() == 0)
	{
		println('<span class="NormalError">No Departments Found</span>');
		exit();
	}
	
	$output_html =<<<EOD
	<table id="DeptSearchDisp" class="GeneralSearchDisp" cellpadding="0">
	<tr>
	<td class="GSDTitle" colspan="2">Action</td>
	<td class="GSDTitle">Name</td>
	<td class="GSDTitle">Goal Template</td>
	<td class="GSDTitle">Class List</td>
	</tr>
EOD;

	while ($row = $tmpsql->fetch_assoc())
	{
		$tmpdept = new DO_Department();
		$tmpdept->get((int) $row['id']);
		
		$classlist_raw = get_classes_by_dept($row['id'], true);
		$classlist_html = (!is_null($classlist_raw)) ? implode(", ", $classlist_raw) : '&nbsp;';
		
		$tmpgt = new DO_GoalTemplate();
		$tmpgt->get((int) $row['goaltemplate_id']);
		
		
		$output_html .= '<tr id="deptRow' . $tmpdept->get_id() . '">' . "\n";
		
		$output_html .= '<td><a class="CustomJSCmd" href="javascript:editDept(' . $tmpdept->get_id() . ')" />View/Edit</a>';
		$output_html .= "</td>\n";
		$output_html .= '<td><a class="CustomJSCmd" href="javascript:deleteDept(' . $tmpdept->get_id() . ', \'' . $tmpdept->get_name() . '\')" />Delete</a>';
		$output_html .= "</td>\n";
		
		$output_html .= '<td>' . $tmpdept->get_name() . "</td>\n";
		$output_html .= '<td>' . $tmpgt->get_name() . "</td>\n";
		$output_html .= '<td style="text-align: right;">' . $classlist_html . "</td>\n";

		$output_html .= "</tr>\n";
	}
	
	$output_html .= "</table>\n";
	
	println($output_html);
	exit();
}

if (($_GET['action'] == 'mailfacultylist') && isset($_GET['q']))
{
	global $DATABASE;
	
	$term = trim($_GET['q']);
	if (empty($term))
	{
		$gfquery = 'SELECT * FROM ' . $DATABASE['prefix'] . "users WHERE user_type IN ('teacher', 'depthead', 'admin')";
	}
	else
	{
		$gfquery = 'SELECT * FROM ' . $DATABASE['prefix'] . "users WHERE (user_type IN ('teacher', 'depthead', 'admin')) AND (firstname LIKE '%" . $term . "%' OR lastname LIKE '%" . $term . "%' OR username LIKE '%" . $term . "%')";
	}
	
	$tmpsql = new SQL_manip();

	$tmpsql->query($gfquery);
	
	if ($tmpsql->get_num_rows() == 0)
	{
		println('<span class="NormalError">No Users Found</span>');
		exit();
	}
	
	$output_html =<<<EOD
	<form id="emailStatsForm" name="emailStatsForm" action="emailstats.php?action=mailchecked" method="post">
	<div style="text-align: left; padding-bottom: 5px;"><input type="submit" value="E-Mail Statistics to Checked Users" /></div>
	<table id="UserSearchDisp" cellpadding="0">
	<tr>
	<td class="USDTitle"><a id="ListCheckControl" class="CustomJSCmd" href="javascript:checkAll('emailStatsForm', 'facultylist[]')"><span id="LCCtrlSpan">Check All</span></a></td>
	<td class="USDTitle">Name</td>
	<td class="USDTitle">E-Mail</td>
	<td class="USDTitle">User Type</td>
	<td class="USDTitle">E-Mail Stats</td>
	</tr>
EOD;

	while ($row = $tmpsql->fetch_assoc())
	{
		$tmpfaculty = new DO_User();
		$tmpfaculty->get((int) $row['id']);
		
		$output_html .= "<tr>\n";
		
		$output_html .= '<td><input type="checkbox" name="facultylist[]" value="' . $tmpfaculty->get_id() . '" /></td>' . "\n";
		
		$output_html .= '<td>' . $tmpfaculty->get_fullname() . "</td>\n";
		$output_html .= '<td>' . $tmpfaculty->get_email_address() . "</td>\n";
		$output_html .= '<td>' . $tmpfaculty->get_usertype_regstr() . "</td>\n";
		
		$output_html .= '<td><a class="CustomJSCmd" href="javascript:emailStats(' . $tmpfaculty->get_id() . ')" />E-Mail</a>';
		$output_html .= "</td>\n";
		
		$output_html .= "</tr>\n";
	}
	
	$output_html .= "</table>\n";
	
	println($output_html);
	exit();
}
?>
Return current item: Echelon - A Writing Center Portal