PageRenderTime 47ms CodeModel.GetById 20ms RepoModel.GetById 0ms app.codeStats 0ms

/mods/_standard/reading_list/add_resource_av.php

https://github.com/harriswong/ATutor
PHP | 165 lines | 118 code | 27 blank | 20 comment | 21 complexity | ed966f2f4d05a31d4e653ea2691278a1 MD5 | raw file
    

  1. <?php
    2. 

  2. /****************************************************************/
    3. 

  3. /* ATutor														*/
    4. 

  4. /****************************************************************/
    5. 

  5. /* Copyright (c) 2002-2008                                      */
    6. 

  6. /* Written by Greg Gay, Joel Kronenberg & Chris Ridpath         */
    7. 

  7. /* Inclusive Design Institute                                   */
    8. 

  8. /* http://atutor.ca												*/
    9. 

  9. /*                                                              */
    10. 

  10. /* This program is free software. You can redistribute it and/or*/
    11. 

  11. /* modify it under the terms of the GNU General Public License  */
    12. 

  12. /* as published by the Free Software Foundation.				*/
    13. 

  13. /****************************************************************/
    14. 

  14. // $Id$
    15. 

  15. define('AT_INCLUDE_PATH', '../../../include/');
    16. 

  16. require (AT_INCLUDE_PATH.'vitals.inc.php');
    17. 

  17. authenticate(AT_PRIV_READING_LIST);
    18. 

  18. 

  19. // initial values for form
    20. 

  20. $id = intval($_REQUEST['id']);
    21. 

  21. $title = "";
    22. 

  22. $author = "";
    23. 

  23. $publisher = ""; 
    24. 

  24. $date = ""; 
    25. 

  25. $comments = "";
    26. 

  26. $page_return = $_GET['page_return'];
    27. 

  27. 

  28. // check if user has submitted form
    29. 

  29. if (isset($_POST['cancel'])) {
    30. 

  30. 	$msg->addFeedback('CANCELLED');
    31. 

  31. 

  32. 	header('Location: display_resources.php');
    33. 

  33. 	exit;
    34. 

  34. } else if (isset($_POST['submit'])) {
    35. 

  35. 	$missing_fields = array();
    36. 

  36. 

  37. 	if (trim($_POST['title']) == '') {
    38. 

  38. 		$missing_fields[] = _AT('title');
    39. 

  39. 	}
    40. 

  40. 	if (trim($_POST['author']) == '') {
    41. 

  41. 		$missing_fields[] = _AT('author');
    42. 

  42. 	}
    43. 

  43. 

  44. 	if ($missing_fields) {
    45. 

  45. 		$missing_fields = implode(', ', $missing_fields);
    46. 

  46. 		$msg->addError(array('EMPTY_FIELDS', $missing_fields));
    47. 

  47. 	}
    48. 

  48. 

  49. 

  50. 	if (!$msg->containsErrors()) {
    51. 

  51. 		$_POST['title'] = $addslashes(validate_length($_POST['title'], 255));
    52. 

  52. 		$_POST['author'] = $addslashes(validate_length($_POST['author'], 150));
    53. 

  53. 		$_POST['publisher'] = $addslashes(validate_length($_POST['publisher'], 150));
    54. 

  54. 		$_POST['date'] = $addslashes($_POST['date']);
    55. 

  55. 		$_POST['comments'] = $addslashes(validate_length($_POST['comments'], 255));
    56. 

  56. 		
    57. 

  57. 		if ($id == '0'){ // creating a new URL resource
    58. 

  58. 			$sql = "INSERT INTO ".TABLE_PREFIX."external_resources VALUES (NULL, $_SESSION[course_id],
    59. 

  59. 			".RL_TYPE_AV.", 
    60. 

  60. 			'$_POST[title]', 
    61. 

  61. 			'$_POST[author]', 
    62. 

  62. 			'$_POST[publisher]', 
    63. 

  63. 			'$_POST[date]', 
    64. 

  64. 			'$_POST[comments]',
    65. 

  65. 			'',
    66. 

  66. 			'')";
    67. 

  67. 			$result = mysql_query($sql,$db);
    68. 

  68. 

  69. 			// index to new URL resource
    70. 

  70. 			$id_new = mysql_insert_id($db);
    71. 

  71. 

  72. 			$msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
    73. 

  73. 		} else { // modifying an existing URL resource
    74. 

  74. 

  75. 			$sql = "UPDATE ".TABLE_PREFIX."external_resources SET title='$_POST[title]', author='$_POST[author]', publisher='$_POST[publisher]', date='$_POST[date]', comments='$_POST[comments]' WHERE resource_id='$id' AND course_id=$_SESSION[course_id]";
    76. 

  76. 

  77. 			$result = mysql_query($sql,$db);
    78. 

  78. 

  79. 			// index to URL resource
    80. 

  80. 			$id_new = $id;
    81. 

  81. 

  82. 			$msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
    83. 

  83. 		}
    84. 

  84. 

  85. 		if (trim($_POST['page_return']) != ''){
    86. 

  86. 			header('Location: '. $_POST['page_return']. '?existingbook='. $id_new);
    87. 

  87. 		} else {
    88. 

  88. 			header('Location: index_instructor.php');
    89. 

  89. 		}
    90. 

  90. 		exit;
    91. 

  91. 	} else { // submission contained an error, update form values for redisplay
    92. 

  92. 		$title       = $stripslashes($_POST['title']);
    93. 

  93. 		$author      = $stripslashes($_POST['author']);
    94. 

  94. 		$publisher   = $stripslashes($_POST['publisher']);
    95. 

  95. 		$date        = $stripslashes($_POST['date']);
    96. 

  96. 		$comments    = $stripslashes($_POST['comments']);
    97. 

  97. 		$page_return = $stripslashes($_POST['page_return']);
    98. 

  98. 	}
    99. 

  99. }
    100. 

  100. 

  101. // is user modifying an existing AV resource?
    102. 

  102. if ($id && !isset($_POST['submit'])){
    103. 

  103. 	// yes, get resource from database
    104. 

  104. 	$id = intval ($_GET['id']);
    105. 

  105. 

  106. 	$sql = "SELECT * FROM ".TABLE_PREFIX."external_resources WHERE course_id=$_SESSION[course_id] AND resource_id=$id";
    107. 

  107. 	$result = mysql_query($sql, $db);
    108. 

  108. 	if ($row = mysql_fetch_assoc($result)){
    109. 

  109. 		$title     = AT_print($row['title'], 'input.text');
    110. 

  110. 		$author    = AT_print($row['author'], 'input.text');
    111. 

  111. 		$publisher = AT_print($row['publisher'], 'input.text');
    112. 

  112. 		$date      = AT_print($row['date'], 'input.text'); 
    113. 

  113. 		$comments  = AT_print($row['comments'], 'input.text');
    114. 

  114. 	}
    115. 

  115. 	// change title of page to 'edit AV resource' (default is 'add AV resource')
    116. 

  116. 	$_pages['mods/_standard/reading_list/add_resource_av.php'][title_var] = 'rl_edit_resource_av';
    117. 

  117. } else if ($id) {
    118. 

  118. 	$_pages['mods/_standard/reading_list/add_resource_av.php'][title_var] = 'rl_edit_resource_av';
    119. 

  119. }
    120. 

  120. 

  121. $onload = 'document.form.name.focus();';
    122. 

  122. 

  123. require(AT_INCLUDE_PATH.'header.inc.php');
    124. 

  124. ?>
    125. 

  125. 

  126. <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="form">
    127. 

  127. <input type="hidden" name="id" value="<?php echo $id ?>" />
    128. 

  128. <input type="hidden" name="page_return" value="<?php echo $page_return ?>" />
    129. 

  129. 

  130. <div class="input-form">	
    131. 

  131. 	<fieldset class="group_form"><legend class="group_form"><?php echo _AT('rl_add_resource_av'); ?></legend>
    132. 

  132. 	<div class="row">
    133. 

  133. 		<span class="required" title="<?php echo _AT('required_field'); ?>">*</span><label for="title"><?php  echo _AT('title'); ?></label><br />
    134. 

  134. 		<input type="text" name="title" size="35" id="title" value="<?php echo $title; ?>" />
    135. 

  135. 	</div>
    136. 

  136. 

  137. 	<div class="row">
    138. 

  138. 		<span class="required" title="<?php echo _AT('required_field'); ?>">*</span><label for="author"><?php  echo _AT('author'); ?></label><br />
    139. 

  139. 		<input type="text" name="author" size="25" id="author" value="<?php echo $author; ?>" />
    140. 

  140. 	</div>
    141. 

  141. 

  142. 	<div class="row">
    143. 

  143. 		<label for="date"><?php  echo _AT('rl_year_written'); ?></label><br />
    144. 

  144. 		<input type="text" name="date" size="6" id="date" value="<?php echo $date; ?>" />
    145. 

  145. 	</div>
    146. 

  146. 

  147. 	<div class="row">
    148. 

  148. 		<label for="publisher"><?php  echo _AT('rl_publisher'); ?></label><br />
    149. 

  149. 		<input type="text" name="publisher" size="20" id="publisher" value="<?php echo $publisher; ?>" />
    150. 

  150. 	</div>
    151. 

  151. 

  152. 	<div class="row">
    153. 

  153. 		<label for="comments"><?php  echo _AT('comment'); ?></label><br />
    154. 

  154. 		<textarea name="comments" cols="30" rows="2" id="comments"><?php echo $comments; ?></textarea>
    155. 

  155. 	</div>
    156. 

  156. 

  157. 	<div class="row buttons">
    158. 

  158. 		<input type="submit" name="submit" value="<?php echo _AT('save'); ?>" accesskey="s" />
    159. 

  159. 		<input type="submit" name="cancel" value="<?php echo _AT('cancel'); ?>" />
    160. 

  160. 	</div>
    161. 

  161. 	</fieldset>
    162. 

  162. </div>
    163. 

  163. </form>
    164. 

  164. 

  165. <?php require(AT_INCLUDE_PATH.'footer.inc.php'); ?>
    166.