<?
require ('../admin/config.php');
require ('../admin/connect.php');
$database = mysql_connect($hostname, $user, $password);
#mysql_select_db(portalxp, $database);
$lastday = 1;
while (checkdate($month,$lastday,$year))
{
$lastday++;
}
switch ($action)
{
case "Delete marked":
if (!$id)
{
echo "<p>You can't delete nothing from the table.";
break;
}
echo "We are about to delete id $id from $mysql_tablename<p>";
$query = mysql_query("SELECT username FROM $mysql_tablename WHERE id = $id");
$row = mysql_fetch_array($query);
if ( !$REMOTE_USER )
{
mysql_query("DELETE FROM $mysql_tablename WHERE id = '$id'");
echo "Item Deleted";
}
else
{
if ( strcmp($row[username], $REMOTE_USER) == 0 )
{
mysql_query("DELETE FROM $mysql_tablename WHERE id = '$id'");
echo "Item Deleted";
}
else
{
echo "You aren't the original user, you can't delete this";
}
}
break;
case "Modify marked":
if (!$id)
{
echo "<p>You can't modify nothing.";
break;
}
echo "We are about to modify id $id from $mysql_tablename";
$query = mysql_query("SELECT *, RIGHT(stamp, 8) AS thetime, SUBSTRING(stamp FROM 9 FOR 2) AS theday FROM $mysql_tablename WHERE id = '$id'");
$row = mysql_fetch_array($query);
$row[description] = ereg_replace("<br>", "", $row[description]);
echo "<form method=post action=operate.php>
<input type=hidden name=id value='$row[id]'>
<table>
<tr>
<td><b>Username</td>";
if ( !$REMOTE_USER )
{
echo "<td><input type=text name=username size=20 value='$row[username]'></td></tr>";
}
else
{
if ( strcmp($REMOTE_USER, $row[username]) == 0)
{
echo "<td>$REMOTE_USER<input type=hidden name=username value='$REMOTE_USER'></td></tr>";
}
else
{
echo "<td>Since you are not the original user, you can't change this</td></tr>
</table></form>";
break;
}
}
echo "
<tr>
<td><b>Day</td>
<td><select name=day size=1>";
for ($i=1; $i<$lastday; $i++)
{
if ($i == $row[theday])
echo "<option value=$i selected>$i</option>";
else
echo "<option value=$i>$i</option>";
}
echo "</select><select size=1 name=month>";
for ($i=1; $i<13; $i++)
{
$nm = date("F", mktime(0,0,0,$i,1,$year));
if ($i == $month)
echo "<option value=$i selected>$nm</option>";
else
echo "<option value=$i>$nm</option>";
}
echo "</select><select size=1 name=year>";
for ($i=$year-2; $i<$year+5; $i++)
{
if ($i == $year)
echo "<option value=$i selected>$i</option>";
else
echo "<option value=$i>$i</option>";
}
echo "</select></tr>
<tr><td><b>Time (hh:mm:ss)</td>
<td><input type=text name=time value='$row[thetime]'></td></tr>
<tr><td><b>Subject (255 chars max)</td>
<td><input type=text name=subject value=\"$row[subject]\"></td></tr>
<tr><td><b>Description</td>
<td><textarea wrap=virtual rows=5 cols=50 name=description>$row[description]</textarea></td></tr>
</table>
<input type=hidden name=action value=Addsucker>
<input type=hidden name=modify value=Modify>
<input type=submit value=\"Submit item\">
</form>";
break;
case "Add item to calendar":
echo "Adding item to calendar";
$query = mysql_query("SELECT max(id) as id FROM calendar");
if ($query)
{
$result = mysql_fetch_array($query);
$result["id"]++;
}
else
{
$result["id"] = 0;
}
echo "<form method=post action=operate.php>
<input type=hidden name=id value=$result[id]>
<table>
<tr>";
//if ( !$REMOTE_USER )
//{
// echo "<td><input type=text name=username size=20></td></tr>";
//}
//else
//{
// echo "<td>$REMOTE_USER<input type=hidden name=username value='$REMOTE_USER'></td></tr>";
//}
echo " <tr><td><b>Day</td>
<td><select name=day size=1>";
for ($i=1; $i<$lastday; $i++)
{
if ($i == $day)
echo "<option value=$i selected>$i</option>";
else
echo "<option value=$i>$i</option>";
}
echo "</select><select size=1 name=month>";
for ($i=1; $i<13; $i++)
{
$nm = date("F", mktime(0,0,0,$i,1,$year));
if ($i == $month)
echo "<option value=$i selected>$nm</option>";
else
echo "<option value=$i>$nm</option>";
}
echo "</select><select size=1 name=year>";
for ($i=$year-2; $i<$year+5; $i++)
{
if ($i == $year)
echo "<option value=$i selected>$i</option>";
else
echo "<option value=$i>$i</option>";
}
echo "</select></td></tr>
<tr><td><b>Time (hh:mm)</td>
<td><input type=text name=time>
<input type=radio name=timeofday value=am>AM
<input type=radio name=timeofday value=pm>PM
</td></tr>
<tr><td><b>Subject (255 chars max)</td>
<td><input type=text name=subject></td></tr>
<tr><td><b>Description</td>
<td><textarea wrap=virtual rows=5 cols=50 name=description></textarea></td></tr>
</table>
<input type=hidden name=teacher_id value=$teacher_id>
<input type=hidden name=action value=Addsucker>
<input type=submit value=\"Submit item\">
</form>";
break;
case "Addsucker":
if ($modify)
{
mysql_query("DELETE FROM $mysql_tablename WHERE id = '$id'");
ereg_replace("<br>", "", $description);
}
$description = nl2br($description);
$description = addslashes($description);
$subject = addslashes($subject);
$temp = mysql_query("INSERT INTO calendar (teacher_id, stamp, timeofday, subject, description) VALUES ('$teacher_id', '$year-$month-$day $time', '$timeofday', '$subject', '$description')");
if ($temp != 0)
echo "Item added ...";
else
{
echo "Item may not have been added ...";
echo mysql_error();
}
break;
}
//echo "<p><form method=get action=welcome.php><input type=submit value='Back to Calendar'>
// <input type=hidden name=month value=$month><input type=hidden name=year value=$year></form>";
?>