PageRenderTime 53ms CodeModel.GetById 20ms RepoModel.GetById 0ms app.codeStats 0ms

/certify_certificate.php

https://github.com/atutor/certify
PHP | 166 lines | 117 code | 42 blank | 7 comment | 24 complexity | 7268bb7a849f90ded1c578176382fa69 MD5 | raw file
    

  1. <?php
    2. 

  2. define('AT_INCLUDE_PATH', '../../include/');
    3. 

  3. require (AT_INCLUDE_PATH.'vitals.inc.php');
    4. 

  4. authenticate(AT_PRIV_CERTIFY);
    5. 

  5. 

  6. $certify_id = '';
    7. 

  7. if (isset($_POST['certify_id'])) {
    8. 

  8.     $certify_id = $addslashes($_POST['certify_id']);
    9. 

  9. } else if (isset($_GET['certify_id'])) {
    10. 

  10.     $certify_id = $addslashes($_GET['certify_id']);
    11. 

  11. }
    12. 

  12. 

  13. $templatefile = AT_CONTENT_DIR .'certify/template_'.$certify_id.'.pdf';
    14. 

  14. $templatepresent = file_exists($templatefile);
    15. 

  15. 

  16. function let_to_num($v){ //This function transforms the php.ini notation for numbers (like '2M') to an integer (2*1024*1024 in this case)
    17. 

  17.     $l = substr($v, -1);
    18. 

  18.     $ret = substr($v, 0, -1);
    19. 

  19.     switch(strtoupper($l)){
    20. 

  20.     case 'P':
    21. 

  21.         $ret *= 1024;
    22. 

  22.     case 'T':
    23. 

  23.         $ret *= 1024;
    24. 

  24.     case 'G':
    25. 

  25.         $ret *= 1024;
    26. 

  26.     case 'M':
    27. 

  27.         $ret *= 1024;
    28. 

  28.     case 'K':
    29. 

  29.         $ret *= 1024;
    30. 

  30.         break;
    31. 

  31.     }
    32. 

  32.     return $ret;
    33. 

  33. }
    34. 

  34. $max_upload_size = min(let_to_num(ini_get('post_max_size')), let_to_num(ini_get('upload_max_filesize')));
    35. 

  35. 

  36. $certify_title = '';
    37. 

  37. $certify_description = '';
    38. 

  38. 

  39. if (isset($_POST['submit'])) { // Incoming changes
    40. 

  40. 	
    41. 

  41. 	$certify_title = $addslashes($_POST['certify_title']);
    42. 

  42. 	$certify_description = $addslashes($_POST['certify_description']);
    43. 

  43. 

  44. 	if (strlen($certify_id) > 0) {
    45. 

  45. 		
    46. 

  46. 		// COMMIT CHANGES
    47. 

  47. 

  48. 

  49.                 $query ="UPDATE %scertify
    50. 

  50. 				SET
    51. 

  51. 					title = '%s',
    52. 

  52. 					description = '%s'
    53. 

  53. 				WHERE
    54. 

  54. 					certify_id = %d
    55. 

  55. 				";                        
    56. 

  56.                         
    57. 

  57.                 $certify_updated = queryDB($query, array(TABLE_PREFIX, $certify_title, $certify_description, $certify_id ));
    58. 

  58.                 
    59. 

  59. 		if (file_exists($templatefile))
    60. 

  60. 			unlink($templatefile);
    61. 

  61. 		if ($_FILES['certify_file']['size'] > 0 && $_FILES['certify_file']['error'] == 0) {
    62. 

  62. 			if (move_uploaded_file($_FILES['certify_file']['tmp_name'], $templatefile)) {
    63. 

  63. 				// File ok
    64. 

  64. 			} else {
    65. 

  65. 				unlink($templatefile);
    66. 

  66. 			}
    67. 

  67. 		}
    68. 

  68. 		$templatepresent = file_exists($templatefile);
    69. 

  69. 

  70. 		write_to_log(AT_ADMIN_LOG_UPDATE, 'certify', count($certify_updated), sprintf($query,TABLE_PREFIX, $certify_title, $certify_description, $certify_id) );
    71. 

  71. 

  72. 		$msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
    73. 

  73. 	
    74. 

  74. 		header('Location: index_instructor.php');
    75. 

  75. 		exit;
    76. 

  76. 

  77. 	} else {
    78. 

  78. 

  79. 		// COMMIT NEW
    80. 

  80. 	
    81. 

  81. 		$query = "INSERT INTO %scertify
    82. 

  82. 				(course_id, 
    83. 

  83. 				 title,
    84. 

  84. 				 description) 
    85. 

  85. 					VALUES (%d, 
    86. 

  86.                                                     '%s',
    87. 

  87.                                                     '%s')";
    88. 

  88. 		
    89. 

  89.                 $certify_inserted = queryDB($query, array(TABLE_PREFIX, $_SESSION['course_id'], $certify_title,$certify_description));
    90. 

  90.                 
    91. 

  91. 		$certify_id = at_insert_id();
    92. 

  92. 		$templatefile = AT_CONTENT_DIR .'certify/template_'.$certify_id.'.pdf';
    93. 

  93. 		
    94. 

  94. 		if ($_FILES['certify_file']['size'] > 0 && $_FILES['certify_file']['error'] == 0) {
    95. 

  95. 			if (move_uploaded_file($_FILES['certify_file']['tmp_name'], $templatefile)) {
    96. 

  96. 				// File ok
    97. 

  97. 			} else {
    98. 

  98. 				unlink($templatefile);
    99. 

  99. 			}
    100. 

  100. 		}
    101. 

  101. 		$templatepresent = file_exists($templatefile);
    102. 

  102. 

  103. 		write_to_log(AT_ADMIN_LOG_INSERT, 'certify', count($certify_updated), sprintf($query,TABLE_PREFIX, $_SESSION['course_id'], $certify_title,$certify_description));
    104. 

  104. 	
    105. 

  105. 		$msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
    106. 

  106. 	
    107. 

  107. 		header('Location: index_instructor.php');
    108. 

  108. 		exit;
    109. 

  109. 		
    110. 

  110. 	}
    111. 

  111. 

  112. 

  113. } else if (isset($_POST['cancel'])) { // Cancelled
    114. 

  114. 	
    115. 

  115. 	// CANCEL
    116. 

  116. 

  117. 	$msg->addFeedback('CANCELLED');
    118. 

  118. 	header('Location: index_instructor.php');
    119. 

  119. 	exit;
    120. 

  120. 

  121. } else if (strlen($certify_id) > 0) {
    122. 

  122. 	
    123. 

  123. 	// EDIT EXISTING
    124. 

  124. 

  125. 	// Fetch basic data        
    126. 

  126.         $query = "SELECT * from %scertify where certify_id=%d";
    127. 

  127.         $rows = queryDB($query, array(TABLE_PREFIX, $certify_id));
    128. 

  128. 		
    129. 

  129. 	if (!$row)
    130. 

  130. 		exit; // TODO: Invalid id - how to handle?
    131. 

  131. 		
    132. 

  132.         foreach($rows as $row){
    133. 

  133.             $certify_title = $row['title'];
    134. 

  134.             $certify_description = $row['description'];
    135. 

  135.         }
    136. 

  136. }
    137. 

  137. 

  138. require(AT_INCLUDE_PATH.'header.inc.php'); 
    139. 

  139. $msg->printAll();
    140. 

  140. 

  141. ?>
    142. 

  142. 

  143. <p>For instructor to add new certificate
    144. 

  144. 

  145. 

  146. <form enctype="multipart/form-data" name="certifydetails" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
    147. 

  147. <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $max_upload_size; ?>"> <!-- We have no real need to restrict the upload here -->
    148. 

  148. <?php if (strlen($certify_id) > 0) { ?>
    149. 

  149. <input type="hidden" name="certify_id" value="<?php echo $certify_id; ?>">
    150. 

  150. <?php } ?>
    151. 

  151. <dl>
    152. 

  152. <dt><label for="certify_title"><?php echo _AT('certify_title'); ?></label></dt>
    153. 

  153. <dd><input type="text" name="certify_title" maxlength="60" value="<?php echo $certify_title; ?>"></dd>
    154. 

  154. <dt><label for="certify_description"><?php echo _AT('certify_description'); ?></label></dt>
    155. 

  155. <dd><textarea name="certify_description" cols="40" rows="5"><?php echo $certify_description; ?></textarea></dd>
    156. 

  156. <dt><label for="certify_file"><?php echo _AT('certify_file'); ?></label></dt>
    157. 

  157. <dd><input type="file" name="certify_file"></dd>
    158. 

  158. </dl>
    159. 

  159. <input type="submit" name="submit" value="<?php echo _AT('save'); ?>">
    160. 

  160. <input type="submit" name="cancel" value="<?php echo _AT('cancel'); ?>" />
    161. 

  161. </form>
    162. 

  162. 

  163. <!-- TODO: Download link for existing template -->
    164. 

  164. 

  165. 

  166. <?php require (AT_INCLUDE_PATH.'footer.inc.php'); ?>
    167.