Location: PHPKode > projects > Pnyx : des lections virtuelles! > pnyx1.0.1/mod_eleve.php
<?

	#########################################################################################
	# Modifier un élève de Pnyx																#
	# Auteur : V. Blais																		#
	# Création : 2006-05-02																	#
	# Modification : 2008-09-10																#
	# 																						#
	# Pnyx - une application Web (PHP/MySQL) d'élections virtuelles conçue pour	des	élèves	#
	# du primaire et du secondaire, dans lequel ils sont amenés à faire des	propositions	#
	# en ligne et voter pour leur favorite, sous la supervision d'un enseignant.			#
	#																						#
    # Copyright (C) <2008 - 2009>															#
	# <Service national du RÉCIT de l'univers social de la Commission scolaire de la		#
	# Pointe-de-l'Île>																		#
	#																						#
	# This program is free software; you can redistribute it and/or modify it under the 	#
	# terms of the GNU General Public License as published by the Free Software Foundation.	#
	# This program is distributed in the hope that it will be useful, but WITHOUT ANY 		#
	# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A 		#
	# PARTICULAR PURPOSE.  See the GNU General Public License for more details.				#
	# You should have received a copy of the GNU General Public License along with this 	#
	# program as the file LICENSE.txt; if not, please see 									#
	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.									#
	# 																						#
	# Service national du RÉCIT de l'univers social											#
	# http://www.recitus.qc.ca																#
	# Contact e-mail : steve-hide@address.com												#
	#########################################################################################

	require "entete_php.php";
	
	/*session_name("cliquez");
	session_start();
	bd_connexion();*/
	
		# ou verifier si la session est valide 
		# puis verifier si l'usager dispose des autorisations requises
		# pour la saisie
		verifier_session();
		acces_resp("mod_eleve.php");
		
		/*$idp = $HTTP_SESSION_VARS['SESSION']['projet'];
		$niveau = $HTTP_SESSION_VARS['SESSION']['niveau'];*/
if(isset($HTTP_POST_VARS['type_action'])){
	if ($HTTP_POST_VARS['type_action'] == "modifier"){
		
		$valide = "y";
		
		$requete_sql = "SELECT *
						FROM usager
						WHERE login = \"$HTTP_POST_VARS[login]\"
						";
		$reponse_log = bd_executer_sql($requete_sql);
		$ver = mysql_num_rows($reponse_log);
		$ligne_user = mysql_fetch_array($reponse_log);
	
		if ($ver > 0){
			
			$requete_sql = "SELECT *
						FROM eleve
						WHERE usager_id = \"$ligne_user[usager_id]\"
						";
			$reponse_val = bd_executer_sql($requete_sql);
			$ligne_val = mysql_fetch_array($reponse_val);
	#		 echo $HTTP_POST_VARS[id_eleve].">>>";
	#		echo $val[eleve_id];
			if ($ligne_val['eleve_id'] != $HTTP_POST_VARS['id_eleve']){
				$valide = "n";
				$HTTP_SESSION_VARS['SESSION']['message'] = "Le nom d'utilisateur (pseudonyme) est déjà pris.";
				$HTTP_POST_VARS['type_action'] = "";
			} else {
				
				$requete_sql = "SELECT *
						FROM eleve
						WHERE eleve_id = \"$HTTP_POST_VARS[id_eleve]\"
						";
				$reponse_eleve = bd_executer_sql($requete_sql);
				$ligne_eleve = mysql_fetch_array($reponse_eleve);
		
				$requete_sql = "SELECT *
								FROM groupe
								WHERE groupe_id = \"$HTTP_POST_VARS[groupe]\"
								";
				$reponse_mdpg = bd_executer_sql($requete_sql);
				$ligne_groupe = mysql_fetch_array($reponse_mdpg);
		
				$requete_sql = "SELECT *
						FROM eleve
						WHERE groupe_id = \"$ligne_groupe[groupe_id]\"
									";
				$reponse_log = bd_executer_sql($requete_sql);
				$ver = mysql_num_rows($reponse_log);
					
			if ($ver == $ligne_groupe['limite'] && $ver != 0){
				$valide = "n";
				$HTTP_SESSION_VARS['SESSION']['message'] = "Le nombre maximal d'élèves pour le groupe ".$ligne_groupe['nom']." est atteint.";
				$HTTP_POST_VARS['type_action'] = "";
	#			header("Location: $page");
			}
		}
	}
}
	if ($valide == "y"){
		$requete_sql = "SELECT *
					FROM eleve
					WHERE eleve_id = \"$HTTP_POST_VARS[id_eleve]\"
					";
			$reponse_eleve = bd_executer_sql($requete_sql);
			$ligne_eleve = mysql_fetch_array($reponse_eleve);
		
		$requete_sql = "UPDATE usager
    				SET login = \"$HTTP_POST_VARS[login]\"
					WHERE usager_id = \"$ligne_eleve[usager_id]\"
  						";
		$reponse_mod_log = bd_executer_sql($requete_sql);
		
		if($HTTP_POST_VARS['password'] != ""){
			$requete_sql = "UPDATE usager
    				SET password = '" . sha1($HTTP_POST_VARS['password']) . "'
					WHERE usager_id = \"$ligne_eleve[usager_id]\"
  						";
			$reponse_mod_pass = bd_executer_sql($requete_sql);
		}
	
		$requete_sql = "UPDATE eleve
    				SET groupe_id = \"$HTTP_POST_VARS[groupe]\",
						prenom = \"$HTTP_POST_VARS[prenom]\",
						nom = \"$HTTP_POST_VARS[nom]\"
					WHERE eleve_id = \"$HTTP_POST_VARS[id_eleve]\"
  						";
		$reponse_mod_resp = bd_executer_sql($requete_sql);
	
		$HTTP_SESSION_VARS['SESSION']['message'] = "Le compte de l'élève est modifié.";
		}
}
	
	$requete_sql = "SELECT *
					FROM eleve
					WHERE eleve_id = \"$HTTP_GET_VARS[id_eleve]\"
					";
	$reponse_eleve = bd_executer_sql($requete_sql);
	$ligne_eleve = mysql_fetch_array($reponse_eleve);
	
	$requete_sql = "SELECT *
					FROM usager
					WHERE usager_id = \"$ligne_eleve[usager_id]\"
					";
	$reponse_log = bd_executer_sql($requete_sql);
	$ligne_log = mysql_fetch_array($reponse_log);
	
	$requete_sql = "SELECT *
					FROM groupe
					WHERE groupe_id = \"$ligne_eleve[groupe_id]\"
					";
	$reponse_grp = bd_executer_sql($requete_sql);
	$ligne_grp = mysql_fetch_array($reponse_grp);
	
	if ($niveau == "resp"){
	
	$requete_sql = "SELECT *
					FROM groupe
					WHERE resp_id = \"$ligne_grp[resp_id]\"
					AND projet_id = $projet
					";
	$reponse_groupe = bd_executer_sql($requete_sql);
	
	} else if ($HTTP_SESSION_VARS['SESSION']['niveau'] == "admin"){
		
		$requete_sql = "SELECT *
						FROM groupe
						WHERE projet_id = $projet
						";
		$reponse_groupe = bd_executer_sql($requete_sql);
	
	}

	$requete_sql = "SELECT titre
					FROM site_parametres
					";
	$reponse_titre = mysql_query($requete_sql);
	$ligne_titre = mysql_fetch_array($reponse_titre);

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<title><?= $ligne_titre['titre'] ?></title>

<script type="text/javascript" src="lib/fonctions.js"></script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
<script type="text/javascript">
_uacct = "UA-1684383-1";
urchinTracker();
</script>
</head>
<body bgcolor="#FFFFFF">
<?
if(isset($HTTP_POST_VARS['type_action'])){
	if ($HTTP_POST_VARS['type_action'] == "modifier"){
?>
		<script language="JavaScript">
			refresh_parent();
		</script>
<?
	}
}
if($ligne_grp['resp_id'] == $usager || $niveau == "admin"){
?>	
<form action="mod_eleve.php?id_eleve=<?=$ligne_eleve['eleve_id']?>" name="form_mod" method="post">
<table width="664" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td colspan="2"><h2>Modifier un compte élève</h2></td>
</tr>
<tr>
<td colspan="2"><?
	$message = $HTTP_SESSION_VARS['SESSION']['message'];
		echo "<br /><h3 align=\"center\"><font color='#FF0000'>$message</font></h3>";
		$HTTP_SESSION_VARS['SESSION']['message']="";
?>
</td>
</tr>
<tr>
<td width="256" valign="top"><p><strong>Prénom de l'éleve : </strong></p></td>
<td width="408"><input type="text" name="prenom" size="50" maxlength="255" value="<?= $ligne_eleve['prenom'] ?>"/> </td>
</tr>
<tr>
<td width="256" valign="top"><p><strong>Nom de l'élève : </strong></p></td>
<td width="408"><input type="text" name="nom" size="50" maxlength="255" value="<?= $ligne_eleve['nom'] ?>"/> </td>
</tr>
<tr>
<td width="256" valign="top"><p><strong>Nom d'utilisateur : </strong></p></td>
<td width="408"><input type="text" name="login" size="50" maxlength="255" value="<?= $ligne_log['login'] ?>"/> </td>
</tr>
<tr>
<td valign="top"><p><strong>Mot de passe <br />
(entre 6 et 15 caractères) : </strong></p></td>
<td><input name="password" type="text" size="30" maxlength="15" value=""/></td>
</tr>
<tr>
<td width="256" valign="top"><p><strong>Groupe : </strong></p></td>
<td width="408"><select name="groupe" size="1">
<?
	while ($ligne_groupe = mysql_fetch_array($reponse_groupe)){
		if ($ligne_groupe['groupe_id'] == $ligne_grp['groupe_id']){
			echo "<option value=\"".$ligne_groupe['groupe_id']."\" selected=\"selected\">".$ligne_groupe['nom']."</option>";
		} else {
			echo "<option value=\"".$ligne_groupe['groupe_id']."\">".$ligne_groupe['nom']."</option>";
		}
	}
?>
</select>
</td>
</tr>
<tr>
<td colspan="2"><p>&nbsp;</p></td>
</tr>
<tr>
<td colspan="2" align="center"><input type="submit" name="Submit3" value="Modifier" onclick="return val_model('this.form');"/>
<input type="hidden" name="type_action" value="modifier" />
<input type="hidden" name="id_eleve" value="<?=$ligne_eleve['eleve_id'] ?>" />
<?
	if ($niveau == "admin"){
?>
		&nbsp;&nbsp;&nbsp;<input type="button" value="Fermer" onclick="refresh_parent('ges_eleve.php?id_eleve=<?=$ligne_eleve['eleve_id'] ?>')" />
<?
	} else if ($niveau == "resp"){
?>
		&nbsp;&nbsp;&nbsp;<input type="button" value="Fermer" onclick="refresh_parent('ges_elever.php?id_eleve=<?=$ligne_eleve['eleve_id'] ?>')" />
<?
	}
?>	
</td>
</tr>
<tr>
<td colspan="2"><p>&nbsp;</p></td>
</tr>
 </table>
</form>
<?
	}
	else{
?>
	<p>Vous n'êtes pas l'enseignant de cet élève. Il vous est interdit de modifier son profil.</p>
<?
}
	mysql_close();
?>
</body>
</html>
Return current item: Pnyx : des lections virtuelles!