PageRenderTime 96ms CodeModel.GetById 20ms RepoModel.GetById 1ms app.codeStats 1ms

/email.php

https://github.com/adamfranco/segue-1.x
PHP | 1196 lines | 766 code | 219 blank | 211 comment | 220 complexity | 725ddede9e6a9f0c33dffe11557eb0c6 MD5 | raw file
    

  1. <? 
    2. 

  2. include("objects/objects.inc.php");
    3. 

  3. 

  4. $content = '';
    5. 

  5. $message = '';
    6. 

  6. 

  7. ob_start();
    8. 

  8. session_start();
    9. 

  9. 

  10. // include all necessary files
    11. 

  11. include("includes.inc.php");
    12. 

  12. 

  13. /* if ($_SESSION['ltype'] != 'admin') { */
    14. 

  14. /* 	// take them right to the user lookup page */
    15. 

  15. /* 	header("Location: username_lookup.php"); */
    16. 

  16. /* 	exit; */
    17. 

  17. /* } */
    18. 

  18. 

  19. //printpre($curraction);
    20. 

  20. 

  21. 

  22. db_connect($dbhost, $dbuser, $dbpass, $dbdb);
    23. 

  23. 

  24. 

  25. /******************************************************************************
    26. 

  26.  * Action: list, review, user
    27. 

  27.  ******************************************************************************/
    28. 

  28. if ($_REQUEST['action']) {
    29. 

  29. 	$curraction = $_REQUEST['action'];
    30. 

  30. 	$action = $_REQUEST['action'];
    31. 

  31. } else {
    32. 

  32. 	$action = 'list';
    33. 

  33. 	$curraction = 'list';
    34. 

  34. }
    35. 

  35. 

  36. if ($_REQUEST['email']) {
    37. 

  37. 	if ($_REQUEST['action'] == 'send') {
    38. 

  38. 		$curraction = 'send';
    39. 

  39. 	} else {
    40. 

  40. 		$curraction = 'email';
    41. 

  41. 	}
    42. 

  42. 	$action = 'email';
    43. 

  43. } 
    44. 

  44. 

  45. 

  46. /******************************************************************************
    47. 

  47.  * Determine which subsets of participants will be checked
    48. 

  48.  ******************************************************************************/
    49. 

  49. 

  50. if ($_REQUEST[checkclass] == "Check Class only") $_REQUEST[checkgroup] = "Check Class only";
    51. 

  51. 

  52. //$checkgroup = $_REQUEST['checkgroup'];
    53. 

  53. //$checkgroup = "Check Class only";
    54. 

  54. 

  55. 

  56. if ($curraction != "list" && $curraction != "review") $_SESSION[editors] = $_REQUEST['editors'];
    57. 

  57. //$_SESSION[editors] = $_REQUEST['editors'];
    58. 

  58. //printpre($_SESSION[editors]);
    59. 

  59. //printpre($_REQUEST);
    60. 

  60. 

  61. 

  62. /******************************************************************************
    63. 

  63.  * Scope: site, discussion/assessment
    64. 

  64.  ******************************************************************************/
    65. 

  65. 

  66. if ($_REQUEST['scope']) 
    67. 

  67. 	$scope = $_REQUEST['scope'];
    68. 

  68. else if ($_REQUEST['storyid'])
    69. 

  69. 	$scope = 'discussion';
    70. 

  70. else
    71. 

  71. 	$scope = 'site';
    72. 

  72. 

  73. 

  74. $sql = $_REQUEST['sql'];
    75. 

  75. $query_custom = $_REQUEST['newquery'];
    76. 

  76. 

  77. /******************************************************************************
    78. 

  78.  * Sort order: 
    79. 

  79.  ******************************************************************************/
    80. 

  80. 

  81. if ($_REQUEST['order']) {
    82. 

  82. 	$order = urldecode($_REQUEST['order']);
    83. 

  83. } else if (!$_REQUEST['order'] && $action == "user") {
    84. 

  84. 	$order = "discussion_tstamp DESC";
    85. 

  85. } else if (!isset($order)
    86. 

  86. 	|| !preg_match('/^[a-z0-9_.]+( (ASC|DESC))?$/i', $order)) {
    87. 

  87. 	$order = "user_fname ASC";
    88. 

  88. }
    89. 

  89. 

  90. $orderby = " ORDER BY $order";
    91. 

  91. 

  92. 

  93. /******************************************************************************
    94. 

  94.  * Username and id or findall
    95. 

  95.  ******************************************************************************/
    96. 

  96.  
    97. 

  97. if ($_REQUEST['findall']) {
    98. 

  98. 	$userid = "'%'";
    99. 

  99. 	$useruname = "";
    100. 

  100. 	$find = "";
    101. 

  101. } else if ($_REQUEST['find']) {
    102. 

  102. 	$findall = "";
    103. 

  103. } else if ($_REQUEST['useruname']) {
    104. 

  104. 	$useruname = $_REQUEST['useruname'];
    105. 

  105. 	$userid = db_get_value ("user", "user_id", "user_uname = '".addslashes($useruname)."'");
    106. 

  106. 	if (!$userid) error("invalid username");
    107. 

  107. 	$userfname = db_get_value ("user", "user_fname", "user_id = '".addslashes($userid)."'");
    108. 

  108. } else if ($_REQUEST['userid']) {
    109. 

  109. 	$userid = $_REQUEST['userid'];
    110. 

  110. } else {
    111. 

  111. 	$userid = $_SESSION['aid'];
    112. 

  112. }
    113. 

  113. 

  114. // if full name and not username (ie clicking full name to review...)
    115. 

  115. if ($_REQUEST['userfname'] && !$_REQUEST['useruname']) {
    116. 

  116. 	$userfname = urldecode($_REQUEST['userfname']);
    117. 

  117. 	$userfname = db_get_value ("user", "user_fname", "user_id = '".addslashes($userid)."'");
    118. 

  118. 	$useruname = db_get_value ("user", "user_uname", "user_id = '".addslashes($userid)."'");
    119. 

  119. }
    120. 

  120. 

  121. /******************************************************************************
    122. 

  122.  * Story and Site ids
    123. 

  123.  ******************************************************************************/
    124. 

  124. 

  125. 

  126. if ($_REQUEST['storyid']) $storyid = $_REQUEST['storyid'];
    127. 

  127. 

  128. 

  129. $siteid = $_REQUEST['siteid'];
    130. 

  130. $class_id = $_REQUEST['site'];
    131. 

  131. $site = $_REQUEST['site'];
    132. 

  132. 

  133. 

  134. /******************************************************************************
    135. 

  135.  * STUDENT and CLASS if class get all members of class from ldap
    136. 

  136.  * returns array with uname, fname and type
    137. 

  137.  ******************************************************************************/
    138. 

  138. $students = array();
    139. 

  139. $roster_ids = array();
    140. 

  140. 

  141. if (isclass($class_id)) {
    142. 

  142. 	$students = getclassstudents($class_id);	
    143. 

  143. 	foreach (array_keys($students) as $key) {
    144. 

  144. 		$roster_ids[] = $students[$key][id];
    145. 

  145. 	}
    146. 

  146. 

  147. 	//printpre($students);
    148. 

  148. }
    149. 

  149. 

  150. /******************************************************************************
    151. 

  151.  * Add Participants to Roster
    152. 

  152.  ******************************************************************************/
    153. 

  153. 

  154. if ($_REQUEST[addtoclass] == "Add Checked to Roster") {
    155. 

  155. 	$_SESSION[editors] = $_REQUEST[editors];
    156. 

  156. 	foreach($_SESSION[editors] as $studentid) {
    157. 

  157. 	
    158. 

  158. 		//get ids of all student currently in class
    159. 

  159. 		$currentstudents = array();
    160. 

  160. 		foreach (array_keys($students) as $key) {
    161. 

  161. 			$currentstudents[] = $students[$key][id];
    162. 

  162. 		}
    163. 

  163. 

  164. 		//add to class roster only if not currently a student
    165. 

  165. 		if (!in_array($studentid, $currentstudents)) {
    166. 

  166. 			//print "Participants added to roster";
    167. 

  167. 			$user_id = $studentid;
    168. 

  168. 			$ugroup_id = getClassUGroupId($class_id);
    169. 

  169. 			
    170. 

  170. 			// add them to the ugroup
    171. 

  171. 			$query = "
    172. 

  172. 				INSERT INTO
    173. 

  173. 					ugroup_user
    174. 

  174. 				SET
    175. 

  175. 					FK_user='".addslashes($user_id)."',
    176. 

  176. 					FK_ugroup='".addslashes($ugroup_id)."'			
    177. 

  177. 			";
    178. 

  178. 			//printpre($query);
    179. 

  179. 			db_query($query);
    180. 

  180. 		}
    181. 

  181. 	}
    182. 

  182. 	unset($_SESSION[editors]);
    183. 

  183. 	unset($_SESSION[roster_ids]);
    184. 

  184. 	unset($_SESSION[non_roster_ids]);
    185. 

  185. 	unset($_SESSION[logged_participants_ids]);
    186. 

  186. 	$students = getclassstudents($class_id);
    187. 

  187. 	foreach (array_keys($students) as $key) {
    188. 

  188. 		$roster_ids[] = $students[$key][id];
    189. 

  189. 	}
    190. 

  190. 

  191. }
    192. 

  192. 

  193. 

  194. /******************************************************************************
    195. 

  195.  * Query: WHERE clause
    196. 

  196.  * story, site, and/or user or 
    197. 

  197.  * all users, all sites
    198. 

  198.  ******************************************************************************/
    199. 

  199. 

  200. if ($_REQUEST['findall'] && !$_REQUEST['find']) {
    201. 

  201. 	$where = "user_id > 0";
    202. 

  202. } else if ($_REQUEST['find']) {
    203. 

  203. 	$useruname = $_REQUEST['useruname'];
    204. 

  204. 	$userid = db_get_value ("user", "user_id", "user_uname = '".addslashes($useruname)."'");
    205. 

  205. 	if ($userid) {
    206. 

  206. 		$where = "user_id = '".addslashes($userid)."'";
    207. 

  207. 	} else {
    208. 

  208. 		error("invalid username");
    209. 

  209. 		$where = "user_id > 0";
    210. 

  210. 	}
    211. 

  211. } else if ($scope == "site") {
    212. 

  212. 	$where = "site_id = '".addslashes($siteid)."'";
    213. 

  213. } else if ($action != "user") {
    214. 

  214. 	$where = "story_id = '".addslashes($storyid)."'";	
    215. 

  215. } else if ($userid && $action == "user") {
    216. 

  216. 	$where = "user_id = '".addslashes($userid)."'";
    217. 

  217. }
    218. 

  218. 

  219. if ($_REQUEST['userid'] && !$_REQUEST['findall'] && $action == "review" && $_REQUEST['userfname']) {
    220. 

  220. 	$where .= " AND user_id = '".addslashes($userid)."'";
    221. 

  221. }
    222. 

  222. 

  223. if ($_REQUEST['findsite'] && $action == "review") {
    224. 

  224. 	$findsite = $_REQUEST['findsite'];
    225. 

  225. 	$where .= " AND slotname = ''".addslashes($findsite)."''";
    226. 

  226. }
    227. 

  227. 

  228. 

  229. /******************************************************************************
    230. 

  230.  * Query: SELECT and ORDER clauses
    231. 

  231.  ******************************************************************************/
    232. 

  232. 

  233. if ($action == "review" || $action == "user") {
    234. 

  234. 	$select = "user_id, user_fname, user_uname, user_email, discussion_rate, discussion_tstamp, discussion_id, discussion_subject, story_id, page_id, page_title, story_text_short, section_id, site_id, slot_name";
    235. 

  235. 	if (!isset($order)) $order = "discussion_tstamp ASC";
    236. 

  236. // action = list, email
    237. 

  237. } else {
    238. 

  238. 	$select = "DISTINCT user_id, user_fname, user_uname, user_email";
    239. 

  239. 	$order = "user_fname ASC";	
    240. 

  240. }
    241. 

  241. 

  242. 

  243. /******************************************************************************
    244. 

  244.  * Query: NUMBER of post for given user (i.e. number of posts for WHERE clause) 
    245. 

  245.  ******************************************************************************/
    246. 

  246.  
    247. 

  247. 	$query = "
    248. 

  248. 	SELECT 
    249. 

  249. 		user_id
    250. 

  250. 	FROM 
    251. 

  251. 		discussion
    252. 

  252. 	INNER JOIN story ON FK_story = story_id
    253. 

  253. 	INNER JOIN page ON FK_page = page_id
    254. 

  254. 	INNER JOIN section ON FK_section = section_id
    255. 

  255. 	INNER JOIN site ON FK_site = site_id
    256. 

  256. 	INNER JOIN user ON FK_author = user_id
    257. 

  257. 	WHERE 
    258. 

  258. 		$where
    259. 

  259. 	";
    260. 

  260. 	$r = db_query($query);
    261. 

  261. 	$a = db_fetch_assoc($r);
    262. 

  262. 	$numrows = db_num_rows($r);
    263. 

  263. 	
    264. 

  264. 

  265. /******************************************************************************
    266. 

  266.  * Query: NUMBER and ID's of participants (i.e. distinct users)
    267. 

  267.  ******************************************************************************/
    268. 

  268. 	
    269. 

  269. 	$query = "
    270. 

  270. 	SELECT 
    271. 

  271. 		DISTINCT user_id
    272. 

  272. 	FROM 
    273. 

  273. 		discussion
    274. 

  274. 	INNER JOIN story ON FK_story = story_id
    275. 

  275. 	INNER JOIN page ON FK_page = page_id
    276. 

  276. 	INNER JOIN section ON FK_section = section_id
    277. 

  277. 	INNER JOIN site ON FK_site = site_id
    278. 

  278. 	INNER JOIN user ON FK_author = user_id
    279. 

  279. 	WHERE 
    280. 

  280. 		$where
    281. 

  281. 	";
    282. 

  282. 	$r = db_query($query);
    283. 

  283. 	$a = db_fetch_assoc($r);
    284. 

  284. 	$numparticipants = db_num_rows($r);
    285. 

  285. 	$logged_participants = db_query($query);
    286. 

  286. 	//print $numparticipants."<br />";
    287. 

  287. 	
    288. 

  288. 	if ($action == "list") $numrows = $numparticipants;
    289. 

  289. 	//print $numrows."<br />";
    290. 

  290. 

  291. ///******************************************************************************
    292. 

  292. // * Query: GET ids of all participants discussion post information based on select:
    293. 

  293. // * 1. select summary info for each user
    294. 

  294. // * 2. select all post info for all specified users
    295. 

  295. // ******************************************************************************/
    296. 

  296. //
    297. 

  297. //	$query = "
    298. 

  298. //	SELECT 
    299. 

  299. //		$select
    300. 

  300. //	FROM 
    301. 

  301. //		discussion
    302. 

  302. //	INNER JOIN story ON FK_story = story_id
    303. 

  303. //	INNER JOIN page ON FK_page = page_id
    304. 

  304. //	INNER JOIN section ON FK_section = section_id
    305. 

  305. //	INNER JOIN site ON section.FK_site = site.site_id
    306. 

  306. //	INNER JOIN slot ON slot.FK_site = site.site_id
    307. 

  307. //	INNER JOIN user ON FK_author = user_id
    308. 

  308. //	WHERE 
    309. 

  309. //		$where $orderby
    310. 

  310. //	";	
    311. 

  311. //		
    312. 

  312. //	//printpre($_REQUEST);
    313. 

  313. //	//printpre("where: ".$where);	
    314. 

  314. //	//printpre($query);
    315. 

  315. //	//printpre($curraction);
    316. 

  316. //	//$r = db_query($query);
    317. 

  317. //	//$r2 = db_query($query);
    318. 

  318. //	$logged_participants = db_query($query);
    319. 

  319. 

  320. 	
    321. 

  321. printerr();
    322. 

  322. 

  323. /******************************************************************************
    324. 

  324.  * SUBSETS of participants 
    325. 

  325.  * $logged_participants_ids = ids of all users who have posted to discussion
    326. 

  326.  * $roster_ids = ids of all participants in roster
    327. 

  327.  * $non_roster_ids = ids of all participants not in roster
    328. 

  328.  ******************************************************************************/
    329. 

  329.  
    330. 

  330. $non_roster_ids = array();
    331. 

  331. $logged_participants_ids = array();
    332. 

  332. 

  333. while ($a = db_fetch_assoc($logged_participants)) {
    334. 

  334. 	$logged_participant_id = $a[user_id];
    335. 

  335. 	$logged_participants_ids[] = $a[user_id];
    336. 

  336. 	
    337. 

  337. 	if (!in_array($logged_participant_id, $roster_ids)) {
    338. 

  338. 		$non_roster_ids[] = $logged_participant_id;
    339. 

  339. 	}	
    340. 

  340. }
    341. 

  341. //printpre($roster_ids);
    342. 

  342. //printpre($non_roster_ids);
    343. 

  343. //printpre($_SESSION[editors]);
    344. 

  344. 

  345. /******************************************************************************
    346. 

  346.  * define limits for pagination of results
    347. 

  347.  ******************************************************************************/
    348. 

  348. 

  349. //if (!isset($lowerlimit)) $lowerlimit = 0;
    350. 

  350. //if (!isset($range)) $range = 30;
    351. 

  351. //if ($lowerlimit < 0) $lowerlimit = 0;
    352. 

  352. 

  353. if (isset($_REQUEST['range']))
    354. 

  354. 	$range = intval($_REQUEST['range']);
    355. 

  355. else
    356. 

  356. 	$range = 30;
    357. 

  357. 

  358. 

  359. if (isset($_REQUEST['lowerlimit']))
    360. 

  360. 	$lowerlimit = intval($_REQUEST['lowerlimit']);
    361. 

  361. else
    362. 

  362. 	$lowerlimit = 0;
    363. 

  363. 

  364. if ($lowerlimit < 0) 
    365. 

  365. 	$lowerlimit = 0;
    366. 

  366. 

  367. $limit = " limit $lowerlimit,30";
    368. 

  368. 

  369. 

  370. if ($action != "list") $limit = " LIMIT $lowerlimit,$range";
    371. 

  371. 

  372. 

  373. /******************************************************************************
    374. 

  374.  * Query: GET all discussion post information based on select:
    375. 

  375.  * 1. select summary info for each user
    376. 

  376.  * 2. select all post info for all specified users
    377. 

  377.  ******************************************************************************/
    378. 

  378. 

  379. 	$query = "
    380. 

  380. 	SELECT 
    381. 

  381. 		$select
    382. 

  382. 	FROM 
    383. 

  383. 		discussion
    384. 

  384. 	INNER JOIN story ON FK_story = story_id
    385. 

  385. 	INNER JOIN page ON FK_page = page_id
    386. 

  386. 	INNER JOIN section ON FK_section = section_id
    387. 

  387. 	INNER JOIN site ON section.FK_site = site.site_id
    388. 

  388. 	INNER JOIN slot ON slot.FK_site = site.site_id
    389. 

  389. 	INNER JOIN user ON FK_author = user_id
    390. 

  390. 	WHERE 
    391. 

  391. 		$where $orderby $limit
    392. 

  392. 	";	
    393. 

  393. 		
    394. 

  394. 	//printpre($_REQUEST);
    395. 

  395. 	//printpre("where: ".$where);	
    396. 

  396. 	//printpre($query);
    397. 

  397. 	//printpre($curraction);
    398. 

  398. 	$r = db_query($query);
    399. 

  399. 	$r2 = db_query($query);
    400. 

  400. 	//$logged_participants = db_query($query);
    401. 

  401. 

  402. 	
    403. 

  403. printerr();
    404. 

  404. 

  405. 

  406. 

  407. 

  408. /******************************************************************************
    409. 

  409.  * Print out HTML
    410. 

  410.  ******************************************************************************/
    411. 

  411. 

  412. ?>
    413. 

  413. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    414. 

  414. <html>
    415. 

  415. <head>
    416. 

  416. 	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    417. 

  417. 	
    418. 

  418. 	<? 
    419. 

  419. 	if ($action == "user") {
    420. 

  420. 		print "<title>Your Posts</title>";
    421. 

  421. 	} else {
    422. 

  422. 		print "<title>Participants</title>";
    423. 

  423. 	}
    424. 

  424. 	
    425. 

  425. 	include("themes/common/logs_css.inc.php"); ?>
    426. 

  426. 	
    427. 

  427. 	<script type="text/javascript">
    428. 

  428. 	// <![CDATA[
    429. 

  429. 	
    430. 

  430. 	function changeOrder(order) {
    431. 

  431. 		f = document.searchform;
    432. 

  432. 		f.order.value=order;
    433. 

  433. 		f.submit();
    434. 

  434. 	}
    435. 

  435. 	
    436. 

  436. 	function doWindow(name,width,height) {
    437. 

  437. 		var win = window.open("",name,"toolbar=no,location=no,directories=no,status=yes,scrollbars=yes,resizable=yes,copyhistory=no,width="+width+",height="+height);
    438. 

  438. 		win.focus();
    439. 

  439. 	}
    440. 

  440. 	
    441. 

  441. 	function sendWindow(name,width,height,url) {
    442. 

  442. 		var win = window.open("",name,"toolbar=no,location=no,directories=no,status=yes,scrollbars=yes,resizable=yes,copyhistory=no,width="+width+",height="+height);
    443. 

  443. 		win.document.location=url.replace(/&amp;/, '&');
    444. 

  444. 		win.focus();
    445. 

  445. 	}
    446. 

  446. 	
    447. 

  447. 	function checkAll() {
    448. 

  448. 		field = document.forms[1].elements['editors[]'];
    449. 

  449. 		for (i = 0; i < field.length; i++)
    450. 

  450. 			field[i].checked = true ;
    451. 

  451. 	}
    452. 

  452. 	
    453. 

  453. 	function uncheckAll() {
    454. 

  454. 		field = document.forms[1].elements['editors[]'];
    455. 

  455. 		for (i = 0; i < field.length; i++)
    456. 

  456. 			field[i].checked = false ;
    457. 

  457. 	}
    458. 

  458. 	
    459. 

  459. 	function checkGroup() {
    460. 

  460. 		selectField = document.forms[1].elements['groupcheck'];
    461. 

  461. 		groupName = selectField.value;
    462. 

  462. 		field = document.forms[1].elements['editors[]'];
    463. 

  463. 		
    464. 

  464. 		classIds = new Array ();
    465. 

  465. 		<? 
    466. 

  466. 		foreach ($roster_ids as $id)
    467. 

  467. 			print "\n\t\tclassIds.push('".$id."');";
    468. 

  468. 		?>
    469. 

  469. 		
    470. 

  470. 		
    471. 

  471. 		otherIds = new Array ();
    472. 

  472. 		<? 
    473. 

  473. 		foreach ($non_roster_ids as $id)
    474. 

  474. 			print "\n\t\totherIds.push('".$id."');";
    475. 

  475. 		?>
    476. 

  476. 		
    477. 

  477. 

  478. 		switch(groupName) {
    479. 

  479. 		case 'all':
    480. 

  480. 			checkAll();
    481. 

  481. 			break;
    482. 

  482. 		case 'un_all':
    483. 

  483. 			uncheckAll();
    484. 

  484. 			break;
    485. 

  485. 		case 'class':
    486. 

  486. 			checkArrayMembersInField(classIds, field, true);
    487. 

  487. 			break;
    488. 

  488. 		case 'un_class':
    489. 

  489. 			checkArrayMembersInField(classIds, field, false);
    490. 

  490. 			break;
    491. 

  491. 		case 'other':
    492. 

  492. 			checkArrayMembersInField(otherIds, field, true);
    493. 

  493. 			break;
    494. 

  494. 		case 'un_other':
    495. 

  495. 			checkArrayMembersInField(otherIds, field, false);
    496. 

  496. 			break;
    497. 

  497. 		}
    498. 

  498. 	}
    499. 

  499. 	
    500. 

  500. 	function checkArrayMembersInField (arrayToCheck, field, checkValue) {
    501. 

  501. 		for (i=0; i<arrayToCheck.length; i++) {
    502. 

  502. 				id = arrayToCheck[i];
    503. 

  503. 				for (j = 0; j < field.length; j++) {
    504. 

  504. 					if (field[j].value == id)
    505. 

  505. 						field[j].checked = checkValue;
    506. 

  506. 				}
    507. 

  507. 		}
    508. 

  508. 	}
    509. 

  509. 	
    510. 

  510. 	function doFieldChange(user,scope,site,section,page,story,field,what) {
    511. 

  511. 		f = document.addform;
    512. 

  512. 		f.fieldchange.value = 1;
    513. 

  513. 		f.puser.value = user;
    514. 

  514. 		f.pscope.value = scope;
    515. 

  515. 		f.psite.value = site;
    516. 

  516. 		f.psection.value = section;
    517. 

  517. 		f.ppage.value = page;
    518. 

  518. 		f.pstory.value = story;
    519. 

  519. 		f.pfield.value = field;
    520. 

  520. 		f.pwhat.value = what;
    521. 

  521. 		f.submit();
    522. 

  522. 	}
    523. 

  523. 	
    524. 

  524. 	// ]]>
    525. 

  525. 	</script>
    526. 

  526. 

  527. </head>
    528. 

  528. <body>
    529. 

  529. 

  530. 	<?
    531. 

  531. 	
    532. 

  532. 	//printpre($_REQUEST);
    533. 

  533. 	
    534. 

  534. 	/******************************************************************************
    535. 

  535. 	 * If admin print out admin tools (e.g. add/edit users, classes, slots updates
    536. 

  536. 	 ******************************************************************************/
    537. 

  537. 	
    538. 

  538. 	if ($_SESSION['ltype']=='admin') {
    539. 

  539. 		print "\n\t<table width='100%'  class='bg'>";
    540. 

  540. 		print "\n\t\t<tr>\n\t\t\t<td class='bg'>";
    541. 

  541. 		print "\n\t\t\t\tLogs: <a href='viewsites.php?$sid&amp;site=$site'>sites</a>";
    542. 

  542. 		print "\n\t\t\t\t | <a href='viewlogs.php?$sid&amp;site=$site'>users</a>";
    543. 

  543. 		print "\n\t\t\t</td>\n\t\t\t<td align='right' class='bg'>";
    544. 

  544. 		print "\n\t\t\t\t<a href='users.php?$sid&amp;site=$site'>add/edit users</a> | ";
    545. 

  545. 		print "\n\t\t\t\t<a href='classes.php?$sid&amp;site=$site'>add/edit classes</a> | ";
    546. 

  546. 		print "\n\t\t\t\t<a href='add_slot.php?$sid&amp;site=$site'>add/edit slots</a> | ";
    547. 

  547. 		print "\n\t\t\t\t<a href='update.php?$sid&amp;site=$site'>segue updates</a>";
    548. 

  548. 		print "\n\t\t\t</td>\n\t\t</tr>";
    549. 

  549. 		print "\n\t</table>";
    550. 

  550. 	}
    551. 

  551. 	
    552. 

  552. 	/******************************************************************************
    553. 

  553. 	 * Links: Roster | Participation | Logs | Your Posts
    554. 

  554. 	 ******************************************************************************/
    555. 

  555. 	
    556. 

  556. 	print "\n\t<table width='100%'  class='bg'>";
    557. 

  557. 	
    558. 

  558. 	// for admins print out participation select and where and order by sql
    559. 

  559. 	print "\n\t\t<tr>\n\t\t\t<td class='bg'>";
    560. 

  560. 	if ($_SESSION['ltype']=='admin') {
    561. 

  561. 		//print $action.": ";
    562. 

  562. 		//print "WHERE ".$where." ORDER BY ";
    563. 

  563. 		//print $order;
    564. 

  564. 	}
    565. 

  565. 	print "\n\t\t\t</td>";
    566. 

  566. 	
    567. 

  567. 	print "\n\t\t\t<td class='bg' align='right'>";
    568. 

  568. 	// roster
    569. 

  569. 	if (isclass($_REQUEST[site])) print "\n\t\t\t\t<a href='add_students.php?$sid&amp;name=$site&amp;scope=$scope&amp;storyid=".$_REQUEST['storyid']."'>Roster</a> |";
    570. 

  570. 	
    571. 

  571. 	// participation (not link when coming from home)
    572. 

  572. 	if ($_REQUEST[from] != "home") {
    573. 

  573. 		if ($action == "user") {
    574. 

  574. 			print "\n\t\t\t\t <a href='email.php?$sid&amp;siteid=$siteid&amp;storyid=$storyid&amp;site=$site&amp;scope=$scope&amp;action=list'>Participation</a>";
    575. 

  575. 		} else {
    576. 

  576. 			print " Participation";
    577. 

  577. 		}
    578. 

  578. 		if ($action == "user") {
    579. 

  579. 			print " - Your Posts";
    580. 

  580. 		} else {
    581. 

  581. 			print "\n\t\t\t\t - <a href='email.php?$sid&amp;siteid=$siteid&amp;storyid=$storyid&amp;scope=$scope&amp;site=$site&amp;action=user'>Your Posts</a>";
    582. 

  582. 		}
    583. 

  583. 		
    584. 

  584. 		// logs (not link when coming from home)
    585. 

  585. 		print "\n\t\t\t\t | <a href='viewlogs.php?$sid&amp;site=$site&amp;storyid=$storyid&amp;scope=$scope&amp;'>Logs</a>";
    586. 

  586. 	} else {
    587. 

  587. 		print "\n\t\t\t\t Your Posts";
    588. 

  588. 	}
    589. 

  589. 	
    590. 

  590. 	print "\n\t\t\t</td>\n\t\t</tr>";
    591. 

  591. 	print "\n\t</table>\n\t<br />";
    592. 

  592. 	?>
    593. 

  593. 	
    594. 

  594. 	<?=$content?>
    595. 

  595. 	
    596. 

  596. 	<table cellspacing='1' width='100%' id='maintable'>
    597. 

  597. 		<tr>
    598. 

  598. 			<td>
    599. 

  599. 				<form action="<? echo $PHP_SELF ?>" method='get' name='searchform'>
    600. 

  600. 					<table cellspacing='1' width='100%'>
    601. 

  601. 						<tr>
    602. 

  602. 							<td>
    603. 

  603. 								<input type='hidden' name='order' value='<? echo urlencode($order) ?>' />
    604. 

  604. 								<input type='hidden' name='action' value='<? echo $action ?>' />
    605. 

  605. 								<input type='hidden' name='checkgroup' value='<? echo $checkgroup ?>' />
    606. 

  606. 								<input type='hidden' name='storyid' value='<? echo $storyid ?>' />
    607. 

  607. 								<input type='hidden' name='siteid' value='<? echo $siteid ?>' />
    608. 

  608. 								<input type='hidden' name='site' value='<? echo $site ?>' />
    609. 

  609. 								<input type='hidden' name='userid' value='<? echo $userid ?>' />
    610. 

  610. 								<input type='hidden' name='from' value='<? echo $from ?>' />
    611. 

  611. 								<input type='hidden' name='findall' value='<? echo $findall ?>' />
    612. 

  612. 								<input type='hidden' name='find' value='<? echo $find ?>' />
    613. 

  613. 								<input type='hidden' name='findsite' value='<? echo $findsite ?>' />
    614. 

  614. 								<input type='hidden' name='userfname' value='<? echo urlencode($userfname) ?>' />
    615. 

  615. 							</td>
    616. 

  616. 							<td align='right'>
    617. 

  617. 								<?
    618. 

  618. 								//$order = urlencode($order);
    619. 

  619. 								if ($curraction == 'user') {
    620. 

  620. 									$getvariables = "storyid=$storyid&siteid=$siteid&scope=$scope";
    621. 

  621. 								} else {
    622. 

  622. 									$getvariables = "storyid=$storyid&siteid=$siteid&site=$site&scope=$scope";
    623. 

  623. 								}
    624. 

  624. 								
    625. 

  625. 								if ($userid) {
    626. 

  626. 									$userfname = urlencode($userfname);
    627. 

  627. 									$getusers = "&userid=$userid&userfname=$userfname";
    628. 

  628. 								}
    629. 

  629. 						
    630. 

  630. 						
    631. 

  631. 								$tpages = ceil($numrows/$range);
    632. 

  632. 								$curr = ceil(($lowerlimit+$range)/$range);
    633. 

  633. 								$prev = $lowerlimit-$range;
    634. 

  634. 								if ($prev < 0) $prev = 0;
    635. 

  635. 								$next = $lowerlimit+$range;
    636. 

  636. 								if ($next >= $numrows) $next = $numrows-$range;
    637. 

  637. 								if ($next < 0) $next = 0;
    638. 

  638. 								
    639. 

  639. 								if ($action != "list") {
    640. 

  640. 								print "$curr of $tpages ";
    641. 

  641. 								
    642. 

  642. 								if ($prev != $lowerlimit)
    643. 

  643. 									if (!$userfname) {
    644. 

  644. 										print "\n\t\t\t\t\t\t\t\t<input type='button' value='&lt;&lt;' onclick='window.location=\"$PHP_SELF?$sid&lowerlimit=".$prev."&".$getvariables."&action=".$curraction."\"' />";
    645. 

  645. 									} else {
    646. 

  646. 										//$userfname = urlencode($userfname);
    647. 

  647. 										print "\n\t\t\t\t\t\t\t\t<input type='button' value='&lt;&lt;' onclick='window.location=\"$PHP_SELF?$sid&lowerlimit=".$prev."&".$getvariables."&action=$curraction&userfname=$userfname&userid=$userid\"' />";
    648. 

  648. 									}
    649. 

  649. 								if ($next != $lowerlimit && $next > $lowerlimit)
    650. 

  650. 									if (!$userfname) {
    651. 

  651. 										print "\n\t\t\t\t\t\t\t\t<input type='button' value='&gt;&gt;' onclick='window.location=\"$PHP_SELF?$sid&lowerlimit=".$next."&".$getvariables."&action=$curraction\"' />";
    652. 

  652. 									} else {
    653. 

  653. 										print "\n\t\t\t\t\t\t\t\t<input type='button' value='&gt;&gt;' onclick='window.location=\"$PHP_SELF?$sid&lowerlimit=".$next."&".$getvariables."&action=$curraction&userfname=$userfname&userid=$userid\"' />";
    654. 

  654. 									}
    655. 

  655. 								}
    656. 

  656. 						
    657. 

  657. 								?>
    658. 

  658. 						
    659. 

  659. 							</td>
    660. 

  660. 						</tr>
    661. 

  661. 					</table>
    662. 

  662. 				</form>
    663. 

  663. 				
    664. 

  664. 				<form action="<? echo $PHP_SELF ?>" method='post'>
    665. 

  665. 					<input type='hidden' name='storyid' value='<? echo $storyid ?>' />
    666. 

  666. 					<input type='hidden' name='siteid' value='<? echo $siteid ?>' />
    667. 

  667. 					<input type='hidden' name='site' value='<? echo $site ?>' />
    668. 

  668. 		
    669. 

  669. 				<? 
    670. 

  670. 				if ($numparticipants == 0) {
    671. 

  671. 					print "No participants found. Try extending the scope to all participants in the site";
    672. 

  672. 				}
    673. 

  673. 					
    674. 

  674. 			/******************************************************************************
    675. 

  675. 			 * depending on action print out either:
    676. 

  676. 			 * list of participants
    677. 

  677. 			 * email UI
    678. 

  678. 			 * sent email confirmation
    679. 

  679. 			 ******************************************************************************/
    680. 

  680. 			
    681. 

  681. 					/******************************************************************************
    682. 

  682. 					 * Navigation Email | List | Review participants in discussion or site
    683. 

  683. 					 ******************************************************************************/
    684. 

  684. 					print "\n\t\t\t\t<table>\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td style='font-size: 12px'>";
    685. 

  685. 					
    686. 

  686. 					// lists all participants with summary of posts and avg. rating
    687. 

  687. 					if ($curraction == "list") {
    688. 

  688. 						//print "<a href='$PHP_SELF?$sid&amp;action=email&".$getvariables.$getusers."'>Email</a> | ";
    689. 

  689. 						print "\n\t\t\t\t\t\t\tList | ";
    690. 

  690. 						print "\n\t\t\t\t\t\t\t<a href='$PHP_SELF?$sid&amp;action=review&amp;".htmlspecialchars($getvariables)."&amp;order=$order'>Review</a> - ";
    691. 

  691. 						print $numparticipants." participants";
    692. 

  692. 					
    693. 

  693. 					// reviews posts by a given user to a given site/discussion/assessment
    694. 

  694. 					// or reviews all posts by all users to a given site/discussion/assessment
    695. 

  695. 					} else if ($curraction == 'review') {
    696. 

  696. 						print "\n\t\t\t\t\t\t\t<a href='$PHP_SELF?$sid&amp;action=list&amp;".htmlspecialchars($getvariables)."&amp;order=user_fname'>List</a> | ";
    697. 

  697. 						
    698. 

  698. 						if ($_REQUEST['userid']) {
    699. 

  699. 							print "\n\t\t\t\t\t\t\t<a href='$PHP_SELF?$sid&amp;action=review&amp;".htmlspecialchars($getvariables)."'>Review all</a> - ";
    700. 

  700. 							print $numrows." posts from ".urldecode($userfname);
    701. 

  701. 						} else {
    702. 

  702. 							print "\n\t\t\t\t\t\t\tReview - ";
    703. 

  703. 							print $numrows." posts from ".$numparticipants." participants";
    704. 

  704. 						}
    705. 

  705. 					
    706. 

  706. 					// displays all posts of a given user across all sites	
    707. 

  707. 					} else if ($curraction == 'user') {
    708. 

  708. 						if ($_SESSION['ltype'] == "admin") {
    709. 

  709. 							print "\n\t\t\t\t\t\t\tusername: <input type='text' name='useruname' value='".$useruname."' class='textfield' />";
    710. 

  710. 							print "\n\t\t\t\t\t\t\t <input type='submit' name='find' value='Find' />";
    711. 

  711. 							print "\n\t\t\t\t\t\t\t <input type='submit' name='findall' value='Find All' />  ";		
    712. 

  712. 			
    713. 

  713. 						}
    714. 

  714. 						if ($userid) {
    715. 

  715. 							print "\n\t\t\t\t\t\t\t".$numrows." posts";
    716. 

  716. 						}
    717. 

  717. 						print "\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>";
    718. 

  718. 								
    719. 

  719. 					// emails all participants currently listed	
    720. 

  720. 					} else if ($curraction == 'email') {
    721. 

  721. 						//print "Email | ";
    722. 

  722. 						print "\n\t\t\t\t\t\t\t<a href='$PHP_SELF?$sid&amp;action=list&amp;".htmlspecialchars($getvariables)."&amp;order=user_fname'>List</a> | ";
    723. 

  723. 						print "\n\t\t\t\t\t\t\t<a href='$PHP_SELF?$sid&amp;action=review&amp;".htmlspecialchars($getvariables)."'>Review</a> - ";
    724. 

  724. 						print $numparticipants." participants";
    725. 

  725. 					
    726. 

  726. 					// sends email to all participants in email list	
    727. 

  727. 					} else if ($curraction == 'send') {
    728. 

  728. 						print "\n\t\t\t\t\t\t\t<a href='$PHP_SELF?$sid&amp;action=list&amp;".htmlspecialchars($getvariables)."&amp;order=user_fname'>List</a> | ";
    729. 

  729. 						print "\n\t\t\t\t\t\t\t<a href='$PHP_SELF?$sid&amp;action=review&amp;".htmlspecialchars($getvariables).htmlspecialchars($getusers)."&amp;order=$order'>Review</a> - ";
    730. 

  730. 						print "\n\t\t\t\t\t\t\t".$numparticipants." participants";
    731. 

  731. 					}
    732. 

  732. 					
    733. 

  733. 					// if action is not listing of a user's posts across all sites, then include scope 
    734. 

  734. 					// select (i.e. participants in this discussions/assessment or in this site
    735. 

  735. 					if ($curraction != 'user') {
    736. 

  736. 						print " in this ";
    737. 

  737. 						print "\n\t\t\t\t\t\t\t<select name='scope'>";	
    738. 

  738. 							
    739. 

  739. 						// if viewed from roster, then no storyid and no specific discussion/assessment is viewable
    740. 

  740. 						if ($_REQUEST[storyid] != "") {
    741. 

  741. 							print "\n\t\t\t\t\t\t\t\t<option value='discussion'";
    742. 

  742. 							if ($scope=='discussion')
    743. 

  743. 								print " selected='selected'";
    744. 

  744. 							print ">discussion/assessment</option>";
    745. 

  745. 						}
    746. 

  746. 									
    747. 

  747. 						if ($scope=='site' || $_REQUEST[site] != "") {
    748. 

  748. 							print "\n\t\t\t\t\t\t\t\t<option";
    749. 

  749. 							($scope=='site')? print " value='site' selected='selected'": print "";
    750. 

  750. 							print ">site</option>";
    751. 

  751. 						}
    752. 

  752. 						print "\n\t\t\t\t\t\t\t</select>";
    753. 

  753. 						print "\n\t\t\t\t\t\t\t<input type='submit' name='update' value='Update' />";
    754. 

  754. 						print "\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>";
    755. 

  755. 						
    756. 

  756. 						
    757. 

  757. 						/******************************************************************************
    758. 

  758. 						 * Buttons:
    759. 

  759. 						 * check all/uncheck all buttons, check class only
    760. 

  760. 						 * add checked to roster, email checked participants
    761. 

  761. 						 ******************************************************************************/
    762. 

  762. 												
    763. 

  763. 						$selectbuttons .= "\n\t\t\t\t\t\t\t<select name='groupcheck' onchange='checkGroup()'>";
    764. 

  764. 						$selectbuttons .= "\n\t\t\t\t\t\t\t\t<option value=''>Check...</option>";
    765. 

  765. 						$selectbuttons .= "\n\t\t\t\t\t\t\t\t<option value='all'>Check All</option>";
    766. 

  766. 						$selectbuttons .= "\n\t\t\t\t\t\t\t\t<option value='un_all'>Uncheck All</option>";
    767. 

  767. 						if (isclass($_REQUEST[site])) $selectbuttons .= "\n\t\t\t\t\t\t\t\t<option value='class'>Check Roster Participants</option>";
    768. 

  768. 						if (isclass($_REQUEST[site])) $selectbuttons .= "\n\t\t\t\t\t\t\t\t<option value='un_class'>Uncheck Roster Participants</option>";
    769. 

  769. 						if (isclass($_REQUEST[site])) $selectbuttons .= "\n\t\t\t\t\t\t\t\t<option value='other'>Check Other Participants</option>";	
    770. 

  770. 						if (isclass($_REQUEST[site])) $selectbuttons .= "\n\t\t\t\t\t\t\t\t<option value='un_other'>uncheck Other Participants</option>";
    771. 

  771. 						$selectbuttons .= "\n\t\t\t\t\t\t\t</select> ";
    772. 

  772. 						
    773. 

  773. 						if (isclass($_REQUEST[site])) $buttons .= "\n\t\t\t\t\t\t\t<input type='submit' name='addtoclass' value='Add Checked to Roster' /> ";
    774. 

  774. 						$buttons .= "\n\t\t\t\t\t\t\t<input type='submit' name='email' value='Email Checked Participants-&gt;' onclick=\"for (var i = 0; i < this.form.elements.length; i++) {if (this.form.elements[i].name == 'editors[]' && this.form.elements[i].checked) {return true;}} alert('None selected'); return false;\"  />";
    775. 

  775. 						if ($action != 'email') {
    776. 

  776. 							print "\n\t\t\t\t\t<tr>";
    777. 

  777. 							print "\n\t\t\t\t\t\t<td align='left' colspan='2'>";
    778. 

  778. 							print $selectbuttons;
    779. 

  779. 							print $buttons;
    780. 

  780. 							print "\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>";
    781. 

  781. 						}
    782. 

  782. 			
    783. 

  783. 					} 
    784. 

  784. 					
    785. 

  785. 					?>
    786. 

  786. 

  787. 

  788. 				</table>	
    789. 

  789. 			
    790. 

  790. 				<?
    791. 

  791. 				/******************************************************************************
    792. 

  792. 				 * if action is email, then compile to list and print out email UI
    793. 

  793. 				 ******************************************************************************/
    794. 

  794. 				
    795. 

  795. 				if ($curraction == 'email') {
    796. 

  796. 					
    797. 

  797. 					$emaillist = array();
    798. 

  798. 		
    799. 

  799. 					foreach ($_REQUEST[editors] as $editor) {
    800. 

  800. 						$editor_email = db_get_value("user","user_email", "user_id ='".addslashes($editor)."'");
    801. 

  801. 						$editor_fname = db_get_value("user","user_fname", "user_id ='".addslashes($editor)."'");
    802. 

  802. 						$editor_femail = $editor_fname."<".$editor_email.">";
    803. 

  803. 						array_push($emaillist, $editor_femail);
    804. 

  804. 						$emaillist = array_unique($emaillist);
    805. 

  805. 					}
    806. 

  806. 					
    807. 

  807. 								
    808. 

  808. 					$to = implode(", ", $emaillist);
    809. 

  809. 								
    810. 

  810. 					//compile from and cc into headers
    811. 

  811. 					if ($_SESSION['ltype']=='admin' && $_SESSION['lfname'] != $_SESSION['afname']) {
    812. 

  812. 						$from = $_SESSION['lfname']." as ".$_SESSION['afname']." <".$_SESSION['aemail'].">";
    813. 

  813. 					} else {
    814. 

  814. 						$from = $_SESSION['afname']." <".$_SESSION['aemail'].">";
    815. 

  815. 					}
    816. 

  816. 		
    817. 

  817. 					$headers = "From: ".$from."\n";
    818. 

  818. 					$headers .= "Cc: ".$from."\n";
    819. 

  819. 					
    820. 

  820. 					//add content type to header
    821. 

  821. 					$html = 1;
    822. 

  822. 					if ($html == 1) {
    823. 

  823. 						$headers .= "Content-Type: text/html\n";
    824. 

  824. 					} 
    825. 

  825. 				
    826. 

  826. 					//$text = "email text here";
    827. 

  827. 					//$textarea = "email";
    828. 

  828. 					?>
    829. 

  829. 					
    830. 

  830. 					<form action="<? echo $PHP_SELF ?>" method='post' name='emailform'>
    831. 

  831. 						<table width='100%'>
    832. 

  832. 							<tr>
    833. 

  833. 								<td align='right'>To:</td>
    834. 

  834. 								<td><? echo $to ?></td>
    835. 

  835. 								<td align='right'></td>
    836. 

  836. 							</tr>
    837. 

  837. 					<? if ($_SESSION['ltype']=='admin' && $_SESSION['lfname'] != $_SESSION['afname']) {
    838. 

  838. 							print "\n\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t<td align='right'>From:</td>\n\t\t\t\t\t\t\t\t<td>".$_SESSION['lfname']." as ".$_SESSION['afname']."</td>\n\t\t\t\t\t\t\t\t<td align='right'></td>\n\t\t\t\t\t\t\t</tr>";
    839. 

  839. 						} else {
    840. 

  840. 							print "\n\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t<td align='right'>From:</td>\n\t\t\t\t\t\t\t\t<td>".$_SESSION['afname']."</td>\n\t\t\t\t\t\t\t\t<td align='right'></td>\n\t\t\t\t\t\t\t</tr>";
    841. 

  841. 						}
    842. 

  842. 					?>
    843. 

  843. 							<tr>
    844. 

  844. 								<td align='right'>Cc:</td>
    845. 

  845. 								<td><? echo $_SESSION['afname'] ?></td>
    846. 

  846. 								<td align='right'></td>
    847. 

  847. 							</tr>
    848. 

  848. 							<tr>
    849. 

  849. 								<td align='right'>Subject</td>
    850. 

  850. 								<td>
    851. 

  851. 									<input type='text' name='subject' value='' size='50' /> 
    852. 

  852. 									<input type='submit' name='email' value='Send' />
    853. 

  853. 								</td>
    854. 

  854. 								<td align='left'></td>
    855. 

  855. 							</tr>
    856. 

  856. 							<tr>
    857. 

  857. 								<td></td>
    858. 

  858. 								<td align='left'>
    859. 

  859. 								
    860. 

  860. 									<?
    861. 

  861. 									require_once("htmleditor/editor.inc.php");
    862. 

  862. 									include("sniffer.inc.php");
    863. 

  863. 									addeditor ("body",80,20,$text,"discuss"); 
    864. 

  864. 									print $content;
    865. 

  865. 									?>
    866. 

  866. 					
    867. 

  867. 								</td>
    868. 

  868. 								<td align='right'></td>
    869. 

  869. 							</tr>
    870. 

  870. 						</table>
    871. 

  871. 						<input type='hidden' name='action' value='send' />
    872. 

  872. 						<input type='hidden' name='scope' value='<? echo $scope ?>' />
    873. 

  873. 						<input type='hidden' name='storyid' value='<? echo $storyid ?>' />
    874. 

  874. 						<input type='hidden' name='siteid' value='<? echo $siteid ?>' />
    875. 

  875. 						<input type='hidden' name='site' value='<? echo $site ?>' />
    876. 

  876. 						<input type='hidden' name='to' value='<? echo $to ?>' />
    877. 

  877. 						<input type='hidden' name='headers' value='<? echo $headers ?>' />
    878. 

  878. 					</form>
    879. 

  879. 					<?
    880. 

  880. 				//	$r = db_query($query);
    881. 

  881. 					exit();
    882. 

  882. 					
    883. 

  883. 				/******************************************************************************
    884. 

  884. 				 * if action is send then mail subject and body
    885. 

  885. 				 ******************************************************************************/
    886. 

  886. 		
    887. 

  887. 				} else if ($curraction == 'send') {
    888. 

  888. 					
    889. 

  889. 					$to = $_REQUEST[to];
    890. 

  890. 					$body = $_REQUEST[body];
    891. 

  891. 					$headers = $_REQUEST[headers];
    892. 

  892. 					
    893. 

  893. 					if ($_SESSION['ltype']=='admin' && $_SESSION['lfname'] != $_SESSION['afname']) {
    894. 

  894. 						$subject = $_REQUEST[subject]." (sent by Segue Admin: ".$_SESSION['lfname'].")";
    895. 

  895. 					} else {
    896. 

  896. 						$subject = $_REQUEST[subject];
    897. 

  897. 					}
    898. 

  898. 					print "\n\t\t\t\t\t<table>";
    899. 

  899. 					print "\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td>To:</td>\n\t\t\t\t\t\t<td>".$to."</td>\n\t\t\t\t\t</tr>";
    900. 

  900. 					print "\n\t\t\t\t\t<br /><hr />";	// BAD!
    901. 

  901. 					print "\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td>From:</td>\n\t\t\t\t\t\t<td>".$_SESSION['afname']."</td>\n\t\t\t\t\t</tr>";
    902. 

  902. 					print "\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td>Cc:</td>\n\t\t\t\t\t\t<td>".$_SESSION['afname']."</td>\n\t\t\t\t\t</tr>";
    903. 

  903. 					print "\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td>Subject:</td>\n\t\t\t\t\t<td>".$subject."</td>\n\t\t\t\t\t</tr>";
    904. 

  904. 					print "\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td></td>\n\t\t\t\t\t\t<td>".$body."</td>\n\t\t\t\t\t</tr>";
    905. 

  905. 					print "\n\t\t\t</table>";
    906. 

  906. 

  907. 					if (!mail($to, $subject, $body, $headers)) 
    908. 

  908. 						print "\n\t\t\t\tAN ERROR OCCURED SENDING MAIL!";
    909. 

  909. ;
    910. 

  910. 					exit();
    911. 

  911. 				}
    912. 

  912. 			// } 
    913. 

  913. 		
    914. 

  914. 		/******************************************************************************
    915. 

  915. 		 * Print out table of participant names
    916. 

  916. 		 ******************************************************************************/
    917. 

  917. 		
    918. 

  918. 		?>
    919. 

  919. 

  920. 				<table width='100%'>
    921. 

  921. 					<tr>
    922. 

  922. 						<th>edit</th>							
    923. 

  923. 						<?
    924. 

  924. 						print "\n\t\t\t\t\t\t<th><a href='#' onclick=\"changeOrder('";
    925. 

  925. 						if ($order =='user_fname desc') print "user_fname asc";
    926. 

  926. 						else print "user_fname desc";
    927. 

  927. 						print "')\">Participant Name";
    928. 

  928. 						if ($order =='user_fname asc') print " &or;";
    929. 

  929. 						if ($order =='user_fname desc') print " &and;";	
    930. 

  930. 						print "</a></th>";
    931. 

  931. 				
    932. 

  932. 				
    933. 

  933. 						if ($curraction == 'review'  || $curraction == 'user') {
    934. 

  934. 							if ($curraction == 'user') 
    935. 

  935. 								print "\n\t\t\t\t\t\t<th>Site</th>";
    936. 

  936. 							print "\n\t\t\t\t\t\t<th>Page > Topic</th>";
    937. 

  937. 							print "\n\t\t\t\t\t\t<th>discussion_subject</th>";
    938. 

  938. 										
    939. 

  939. 							print "\n\t\t\t\t\t\t<th><a href='#' onclick=\"changeOrder('";
    940. 

  940. 							if ($order =='discussion_rate asc') print "discussion_rate desc";
    941. 

  941. 							else print "discussion_rate asc";
    942. 

  942. 							print "')\">Rating<br />Grade";
    943. 

  943. 							if ($order =='discussion_rate asc') print " &or;";
    944. 

  944. 							if ($order =='discussion_rate desc') print " &and;";	
    945. 

  945. 							print "</a></th>";
    946. 

  946. 							
    947. 

  947. 							print "\n\t\t\t\t\t\t<th><a href='#' onclick=\"changeOrder('";
    948. 

  948. 							if ($order =='discussion_tstamp asc') print "discussion_tstamp desc";
    949. 

  949. 							else print "discussion_tstamp asc";
    950. 

  950. 							print "')\">Date Time";
    951. 

  951. 							if ($order =='discussion_tstamp asc') print " &or;";
    952. 

  952. 							if ($order =='discussion_tstamp desc') print " &and;";	
    953. 

  953. 							print "</a></th>";
    954. 

  954. 							
    955. 

  955. 						} else {
    956. 

  956. 							print "\n\t\t\t\t\t\t<th>Email</th>";
    957. 

  957. 							print "\n\t\t\t\t\t\t<th># of Posts</th>";
    958. 

  958. 							print "\n\t\t\t\t\t\t<th>Avg. Rating/Grade</th>";
    959. 

  959. 						}
    960. 

  960. 						?>
    961. 

  961. 

  962. 					</tr>
    963. 

  963. 					
    964. 

  964. 					<? 
    965. 

  965. 			
    966. 

  966. 						
    967. 

  967. 						/******************************************************************************
    968. 

  968. 						 * if a class site, print out list of students
    969. 

  969. 						 * if student has participated get post stats
    970. 

  970. 						 * get # of posts and avg. rating
    971. 

  971. 						 ******************************************************************************/
    972. 

  972. 						$color = 0;
    973. 

  973. 						$logged_students_id = array();
    974. 

  974. 						 
    975. 

  975. 						if (is_array($students) && $curraction == 'list' && isclass($_REQUEST[site])) {
    976. 

  976. 							$rostercount = count($students);
    977. 

  977. 							print "\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td colspan='4'>\n\t\t\t\t\t\t\t<b>".$rostercount." Participants from Roster</b>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>";
    978. 

  978. 							
    979. 

  979. 							foreach (array_keys($students) as $key) {
    980. 

  980. 								$e = $students[$key][id];
    981. 

  981. 			
    982. 

  982. //								if (!$_SESSION[editors]) {
    983. 

  983. //									$checkstatus = " checked='checked'";
    984. 

  984. //								} else if (in_array($e,$_SESSION[editors])) {
    985. 

  985. //									$checkstatus = " checked='checked'";
    986. 

  986. //								} else {
    987. 

  987. //									$checkstatus = "";
    988. 

  988. //								}
    989. 

  989. 								
    990. 

  990. 								print "\n\t\t\t\t\t<tr>";
    991. 

  991. 												
    992. 

  992. 								// if not in logged participant array, then just print out name
    993. 

  993. 								if (!in_array($students[$key]['id'], $logged_participants_ids)) {
    994. 

  994. 									print "\n\t\t\t\t\t\t<td class='td$color' align='center'>\n\t\t\t\t\t\t\t<input type='checkbox' name='editors[]' value='$e' ".$checkstatus." /></td>";
    995. 

  995. 									print "\n\t\t\t\t\t\t<td class='td$color'>".$students[$key][fname]."</td>";
    996. 

  996. 									print "\n\t\t\t\t\t\t<td class='td$color'>".$students[$key][email]."</td>";
    997. 

  997. 									print "\n\t\t\t\t\t\t<td class='td$color'>0</td>";
    998. 

  998. 									print "\n\t\t\t\t\t\t<td class='td$color'></td>";
    999. 

  999. 									
    1000. 

  1000. 								// if in logged participants, then query for post and print summary
    1001. 

  1001. 								} else {
    1002. 

  1002. 									$userid = $students[$key]['id'];
    1003. 

  1003. 									$postcount = getNumPosts($userid);
    1004. 

  1004. 									$avg_rating = getAvgRating($userid);
    1005. 

  1005. 									print "\n\t\t\t\t\t\t<td class='td$color' align='center'>\n\t\t\t\t\t\t\t<input type='checkbox' name='editors[]' value='$e' ".$checkstatus." />\n\t\t\t\t\t\t</td>";
    1006. 

  1006. 									print "\n\t\t\t\t\t\t<td class='td$color'>\n\t\t\t\t\t\t\t<a href='$PHP_SELF?$sid&amp;action=review&amp;userid=".$students[$key][id]."&amp;userfname=".urlencode($students[$key][fname])."&amp;".htmlspecialchars($getvariables)."'>".$students[$key][fname]."</a\n\t\t\t\t\t\t></td>";
    1007. 

  1007. 									print "\n\t\t\t\t\t\t<td class='td$color'>".$students[$key][email]."</td>";
    1008. 

  1008. 									print "\n\t\t\t\t\t\t<td class='td$color'>".$postcount."</td>";
    1009. 

  1009. 									print "\n\t\t\t\t\t\t<td class='td$color'>".$avg_rating."</td>";
    1010. 

  1010. 									$logged_students_id[] = $students[$key][id];
    1011. 

  1011. 								}
    1012. 

  1012. 								print "\n\t\t\t\t\t</tr>";
    1013. 

  1013. 								$color = 1-$color;
    1014. 

  1014. 							}
    1015. 

  1015. 						}
    1016. 

  1016. 						
    1017. 

  1017. 						
    1018. 

  1018. 						if ($curraction == 'list' && is_array($students) && isclass($_REQUEST[site])) 
    1019. 

  1019. 							print "\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td colspan='4'>\n\t\t\t\t\t\t\t<b>Participants not in Roster</b>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>";
    1020. 

  1020. 						
    1021. 

  1021. 						$logged_participants = array();
    1022. 

  1022. 						
    1023. 

  1023. 						while ($a = db_fetch_assoc($r)) {
    1024. 

  1024. 							
    1025. 

  1025. 							$userid = $a['user_id'];
    1026. 

  1026. 							$e = $a['user_id'];
    1027. 

  1027. 							
    1028. 

  1028. 							/******************************************************************************
    1029. 

  1029. 							 * if listing participants and site has roster, 
    1030. 

  1030. 							 * include here only non-roster participants (roster participants listed above)
    1031. 

  1031. 							 * for each participant get # of posts and avg. rating
    1032. 

  1032. 							 ******************************************************************************/
    1033. 

  1033. 							 
    1034. 

  1034. 							if (!in_array($userid, $logged_students_id) && $curraction == 'list') {
    1035. 

  1035. 							
    1036. 

  1036. 								$userid = $a[user_id];
    1037. 

  1037. 								$logged_participants[] = $a[user_uname];
    1038. 

  1038. 								
    1039. 

  1039. 								$postcount = getNumPosts($userid);
    1040. 

  1040. 								$avg_rating = getAvgRating($userid);
    1041. 

  1041. 								
    1042. 

  1042. //								if (!$_SESSION[editors]) {
    1043. 

  1043. //									$checkstatus = " checked='checked'";
    1044. 

  1044. //								} else if (in_array($e,$_SESSION[editors])) {
    1045. 

  1045. //									$checkstatus = " checked='checked'";
    1046. 

  1046. //								} else {
    1047. 

  1047. //									$checkstatus = "";
    1048. 

  1048. //								}
    1049. 

  1049. 								
    1050. 

  1050. 								print "\n\t\t\t\t\t<tr>";
    1051. 

  1051. 								print "\n\t\t\t\t\t\t<td class='td$color' align='center'>\n\t\t\t\t\t\t\t<input type='checkbox' name='editors[]' value='$e' ".$checkstatus." />\n\t\t\t\t\t\t</td>";
    1052. 

  1052. 								print "\n\t\t\t\t\t\t<td class='td$color'>\n\t\t\t\t\t\t\t<a href='$PHP_SELF?$sid&amp;action=review&amp;userid=".$a['user_id']."&amp;userfname=".urlencode($a['user_fname'])."&amp;".htmlspecialchars($getvariables)."'>".$a['user_fname']."</a>\n\t\t\t\t\t\t</td>";
    1053. 

  1053. 								print "\n\t\t\t\t\t\t<td class='td$color'>".$a['user_email']."</td>";
    1054. 

  1054. 								print "\n\t\t\t\t\t\t<td class='td$color'>".$postcount."</td>";
    1055. 

  1055. 								print "\n\t\t\t\t\t\t<td class='td$color'>".$avg_rating."</td>";
    1056. 

  1056. 								print "\n\t\t\t\t\t</tr>";
    1057. 

  1057. 							}
    1058. 

  1058. 							
    1059. 

  1059. 							
    1060. 

  1060. 								$discussion_date = $a['discussion_tstamp'];
    1061. 

  1061. 								$discussion_date = timestamp2usdate($discussion_date);
    1062. 

  1062. 								if ($action == "user") $sitename = $a['slot_name'];
    1063. 

  1063. 								$page_link = $_full_uri."/index.php?action=site&amp;site=".$a['slot_name']."&amp;section=".$a['section_id']."&amp;page=".$a['page_id'];
    1064. 

  1064. 								$fullstory_link = $_full_uri."/index.php?action=site&amp;site=".$a['slot_name']."&amp;section=".$a['section_id']."&amp;page=".$a['page_id']."&amp;story=".$a['story_id']."&amp;detail=".$a['story_id'];
    1065. 

  1065. 								$dicuss_link = $_full_uri."/index.php?action=site&amp;site=".$a['slot_name']."&amp;section=".$a['section_id']."&amp;page=".$a['page_id']."&amp;story=".$a['story_id']."&amp;detail=".$a['story_id']."#".$a['discussion_id'];
    1066. 

  1066. 								$shory_text_all = strip_tags(urldecode($a['story_text_short']));
    1067. 

  1067. 								$shory_text = substr($shory_text_all,0,15)."...";
    1068. 

  1068. 								$discussion_subject_all = urldecode($a['discussion_subject']);
    1069. 

  1069. 								$discussion_subject = substr($discussion_subject_all,0,15)."...";
    1070. 

  1070. 								
    1071. 

  1071. 					
    1072. 

  1072. 								/******************************************************************************
    1073. 

  1073. 								 * Print Participants (depends on curraction
    1074. 

  1074. 								 * Review: participant name, page > topic, discussion subject, rating, time
    1075. 

  1075. 								 * User: participant name, site, page > topic, discussion subject, rating, time
    1076. 

  1076. 								 * List: participant name, email, # of posts, average rating
    1077. 

  1077. 								 ******************************************************************************/
    1078. 

  1078. 								
    1079. 

  1079. 								
    1080. 

  1080. 								
    1081. 

  1081. 								if ($curraction == 'review'  || $curraction == 'user') {
    1082. 

  1082. 									print "\n\t\t\t\t\t<tr>";
    1083. 

  1083. 									
    1084. 

  1084. 									// user full name
    1085. 

  1085. 									if ($curraction == 'user') {
    1086. 

  1086. 										print "\n\t\t\t\t\t\t<td class='td$color' align='center'>\n\t\t\t\t\t\t\t<input type='checkbox' name='editors[]' value='$e' ".$checkstatus." />\n\t\t\t\t\t\t</td>";
    1087. 

  1087. 										print "\n\t\t\t\t\t\t<td class='td$color'>".$a['user_fname']." (".$a['user_uname'].")</td>";
    1088. 

  1088. 									} else {
    1089. 

  1089. 										print "\n\t\t\t\t\t\t<td class='td$color' align='center'>\n\t\t\t\t\t\t\t<input type='checkbox' name='editors[]' value='$e' ".$checkstatus." />\n\t\t\t\t\t\t</td>";
    1090. 

  1090. 										print "\n\t\t\t\t\t\t<td class='td$color'>\n\t\t\t\t\t\t\t<a href='$PHP_SELF?$sid&amp;action=review&amp;userid=".$a['user_id']."&amp;userfname=".urlencode($a['user_fname'])."&amp;".htmlspecialchars($getvariables)."'>".$a['user_fname']."</a>\n\t\t\t\t\t\t</td>";
    1091. 

  1091. 									}
    1092. 

  1092. 									//site links
    1093. 

  1093. 									if ($curraction == 'user') {
    1094. 

  1094. 										print "\n\t\t\t\t\t\t<td class='td$color'>\n\t\t\t\t\t\t\t<a href='#' onclick='opener.window.location=\"$_full_uri/index.php?action=site&site=".$a['slot_name']."\"'>".$a['slot_name']."</a>\n\t\t\t\t\t\t</td>";
    1095. 

  1095. 									}
    1096. 

  1096. 									print "\n\t\t\t\t\t\t<td class='td$color'>\n\t\t\t\t\t\t\t<a href='#' onclick='opener.window.location=\"$page_link\"'>".$a['page_title']."</a> &gt; \n\t\t\t\t\t\t\t<a href='#' onclick='opener.window.location=\"$fullstory_link\"'>".$shory_text."</a>\n\t\t\t\t\t\t</td>";
    1097. 

  1097. 									print "\n\t\t\t\t\t\t<td class='td$color'>\n\t\t\t\t\t\t\t<a href='#' onclick='opener.window.location=\"$dicuss_link\"'>".$discussion_subject."</a>\n\t\t\t\t\t\t</td>";
    1098. 

  1098. 									print "\n\t\t\t\t\t\t<td class='td$color'>".$a['discussion_rate']."</td>";
    1099. 

  1099. 									print "\n\t\t\t\t\t\t<td class='td$color'>\n\t\t\t\t\t\t\t<a href='#' onclick='opener.window.location=\"$dicuss_link\"'>".$discussion_date."</a>\n\t\t\t\t\t\t</td>";
    1100. 

  1100. 									
    1101. 

  1101. 									print "\n\t\t\t\t\t</tr>";
    1102. 

  1102. 								}
    1103. 

  1103. 												
    1104. 

  1104. 								
    1105. 

  1105. 								$color = 1-$color;				
    1106. 

  1106. 						}
    1107. 

  1107. 			
    1108. 

  1108. 						
    1109. 

  1109. 					?>
    1110. 

  1110. 					
    1111. 

  1111. 				</table>
    1112. 

  1112. 

  1113. 				<? 
    1114. 

  1114. 				if ($action != 'email') {
    1115. 

  1115. 				//	print $selectbuttons;
    1116. 

  1116. 					print $buttons;
    1117. 

  1117. 				}
    1118. 

  1118. 				?>
    1119. 

  1119. 				
    1120. 

  1120. 				
    1121. 

  1121. 				</form>
    1122. 

  1122. 			</td>
    1123. 

  1123. 		</tr>
    1124. 

  1124. 	</table>
    1125. 

  1125. 	
    1126. 

  1126. 	<br />
    1127. 

  1127. 	<div align='right'>
    1128. 

  1128. 		<input type='button' value='Close Window' onclick='window.close()' />
    1129. 

  1129. 	</div>
    1130. 

  1130. 	<?
    1131. 

  1131. 	
    1132. 

  1132. 	function getNumPosts ($userid) {
    1133. 

  1133. 		global $where, $orderby, $limit;
    1134. 

  1134. 		
    1135. 

  1135. 		$query2 = "
    1136. 

  1136. 		SELECT 
    1137. 

  1137. 			user_id, user_email, discussion_rate, discussion_tstamp
    1138. 

  1138. 		FROM 
    1139. 

  1139. 			discussion
    1140. 

  1140. 		INNER JOIN story ON FK_story = story_id
    1141. 

  1141. 		INNER JOIN page ON FK_page = page_id
    1142. 

  1142. 		INNER JOIN section ON FK_section = section_id
    1143. 

  1143. 		INNER JOIN site ON FK_site = site_id
    1144. 

  1144. 		INNER JOIN user ON FK_author = user_id
    1145. 

  1145. 		WHERE 
    1146. 

  1146. 			$where AND user_id = '".addslashes($userid)."' 
    1147. 

  1147. 		";		
    1148. 

  1148. 		$r2 = db_query($query2);
    1149. 

  1149. 		//$a2 = db_fetch_assoc($r2);
    1150. 

  1150. 		$postcount = db_num_rows($r2);
    1151. 

  1151. 		return $postcount;
    1152. 

  1152. 		
    1153. 

  1153. 	}
    1154. 

  1154. 	
    1155. 

  1155. 	function getAvgRating ($userid) {
    1156. 

  1156. 		global $where, $orderby, $limit;
    1157. 

  1157. 		
    1158. 

  1158. 		$query2 = "
    1159. 

  1159. 		SELECT 
    1160. 

  1160. 			user_id, user_email, discussion_rate, discussion_tstamp
    1161. 

  1161. 		FROM 
    1162. 

  1162. 			discussion
    1163. 

  1163. 		INNER JOIN story ON FK_story = story_id
    1164. 

  1164. 		INNER JOIN page ON FK_page = page_id
    1165. 

  1165. 		INNER JOIN section ON FK_section = section_id
    1166. 

  1166. 		INNER JOIN site ON FK_site = site_id
    1167. 

  1167. 		INNER JOIN user ON FK_author = user_id
    1168. 

  1168. 		WHERE 
    1169. 

  1169. 			$where AND user_id = '".addslashes($userid)."' 
    1170. 

  1170. 		";		
    1171. 

  1171. 		$r2 = db_query($query2);
    1172. 

  1172. 		$postcount = db_num_rows($r2);
    1173. 

  1173. 		$rating_sum = 0;
    1174. 

  1174. 		if ($postcount == 1) {
    1175. 

  1175. 			$avg_rating = $a2['discussion_rate'];
    1176. 

  1176. 		} else {
    1177. 

  1177. 			$adjpostcount = $postcount;
    1178. 

  1178. 			
    1179. 

  1179. 			
    1180. 

  1180. 			while ($a2 = db_fetch_assoc($r2)) {
    1181. 

  1181. 				if ($a2['discussion_rate'] == 0) 
    1182. 

  1182. 					$adjpostcount = $adjpostcount - 1;
    1183. 

  1183. 				$rating_sum = $rating_sum + $a2['discussion_rate'];
    1184. 

  1184. 			}
    1185. 

  1185. 			if ($adjpostcount)
    1186. 

  1186. 				$avg_rating = round($rating_sum/$adjpostcount, 1);
    1187. 

  1187. 			else
    1188. 

  1188. 				$avg_rating = "n/a";
    1189. 

  1189. 		}
    1190. 

  1190. 		return $avg_rating;
    1191. 

  1191. 	}
    1192. 

  1192. 	
    1193. 

  1193. 	?>
    1194. 

  1194. 

  1195. </body>
    1196. 

  1196. </html>
    1197.