docs/mods/_core/enrolment/html/privileges.inc.php

   1 <?php
   2 /************************************************************************/
   3 /* ATutor                                                                                                                               */
   4 /************************************************************************/
   5 /* Copyright (c) 2002-2010                                              */
   6 /* Inclusive Design Institute                                           */
   7 /* http://atutor.ca                                                     */
   8 /* This program is free software. You can redistribute it and/or        */
   9 /* modify it under the terms of the GNU General Public License          */
  10 /* as published by the Free Software Foundation.                        */
  11 /************************************************************************/
  12 // $Id$
  13 if (!defined('AT_INCLUDE_PATH')) { exit; }
  14
  15 $num_cols = 2;
  16
  17 //if user wants to cancel action
  18 if (isset($_POST['cancel'])) {
  19         $msg->addFeedback('CANCELLED');
  20         header('Location: index.php?course_id='.$course_id);
  21         exit;
  22 } else if (isset($_POST['submit'])) {
  23
  24         //update privileges
  25         $mid   = $_POST['dmid'];
  26         $privs = $_POST['privs'];
  27         $role  = $_POST['role'];
  28
  29         //loop through selected users to perform update
  30         $i=0;
  31         while ($mid[$i]) {
  32                 change_privs(intval($mid[$i]), $privs[$i]);
  33                 $i++;
  34         }
  35
  36         $msg->addFeedback('PRIVS_CHANGED');
  37         header('Location: index.php?tab=1'.SEP.'course_id='.$course_id);
  38         exit;
  39 }
  40
  41 require(AT_INCLUDE_PATH.'header.inc.php');
  42
  43 ?>
  44
  45 <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
  46 <input type="hidden" name="course_id" value="<?php echo $course_id; ?>"/>
  47 <div class="input-form">
  48 <?php
  49         //Store id's into a hidden element for use by functions
  50         $j = 0;
  51         while ($_GET['mid'.$j]) {
  52                 echo '<input type="hidden" name="dmid[]" value="'.$_GET['mid'.$j].'" />';
  53                 $j++;
  54         }
  55
  56         //loop through all the students
  57 for ($k = 0; $k < $j; $k++) {
  58         $mem_id = intval($_GET['mid'.$k]);
  59
  60         //NO!!! extra check to ensure that user doesnt send in instructor for change privs
  61         $sql = "SELECT CE.privileges, M.login FROM ".TABLE_PREFIX."course_enrollment CE INNER JOIN ".TABLE_PREFIX."members M USING (member_id) WHERE M.member_id=$mem_id AND CE.course_id=$course_id AND CE.approved='y'";
  62
  63         $result = mysql_query($sql, $db);
  64         $student_row = mysql_fetch_assoc($result);
  65 ?>
  66         <div class="row">
  67                 <h3><?php echo $student_row['login']; ?></h3>
  68         </div>
  69
  70         <div class="row">
  71                 <?php echo _AT('privileges'); ?><br />
  72                         <table width="100%" border="0" cellspacing="5" cellpadding="0" summary="">
  73                         <tr>
  74                         <?php
  75                         $count =0;
  76                         $student_row['privileges'] = intval($student_row['privileges']);
  77                         $module_list = $moduleFactory->getModules(AT_MODULE_STATUS_ENABLED, 0, TRUE);
  78                         $keys = array_keys($module_list);
  79                         foreach ($keys as $module_name) {
  80                                 $module =& $module_list[$module_name];
  81                                 if (!($module->getPrivilege() > 1)) {
  82                                         continue;
  83                                 }
  84                                 $count++;
  85                                 echo '<td><label><input type="checkbox" name="privs['.$k.'][]" value="'.$module->getPrivilege().'" ';
  86
  87                                 if (query_bit($student_row['privileges'], $module->getPrivilege())) {
  88                                         echo 'checked="checked"';
  89                                 }
  90
  91                                 echo ' />'.$module->getName().'</label></td>';
  92
  93                                 if (!($count % $num_cols)) {
  94                                         echo '</tr><tr>';
  95                                 }
  96                         }
  97                         if ($count % $num_cols) {
  98                                 echo '<td colspan="'.($num_cols-($count % $num_cols)).'">&nbsp;</td>';
  99                         } else {
 100                                 echo '<td colspan="'.$num_cols.'">&nbsp;</td>';
 101                         }
 102                         ?>
 103                         </tr>
 104                         </table>
 105                 </div>
 106 <?php
 107         }//end for
 108 ?>
 109         <div class="row buttons">
 110                 <input type="submit" name="submit" value="<?php echo _AT('save');  ?>" accesskey="s" />
 111                 <input type="submit" name="cancel" value="<?php echo _AT('cancel');  ?>" />
 112         </div>
 113 </div>
 114 </form>
 115
 116 <?php
 117
 118 /**
 119 * Updates the Role & Priviliges of users
 120 * @access  private
 121 * @param   int $member                  The member_id of the user whose values are to be updated
 122 * @param   int $privs                   value of the privileges of the user
 123 * @author  Joel Kronenberg
 124 */
 125 function change_privs ($member, $privs) {
 126         global $db, $course_id;
 127
 128         //calculate privileges
 129         $privilege = 0;
 130         if (!(empty($privs))) {
 131                 foreach ($privs as $priv) {
 132                         $privilege += intval($priv);
 133                 }
 134         }
 135
 136         /*
 137         * if we're making a student a GROUP TA then we have to remove them
 138         * from all the groups they may belong to.
 139         */
 140         if (query_bit($privilege, AT_PRIV_GROUPS)) {
 141                 $group_list = implode(',', $_SESSION['groups']);
 142                 if ($group_list) {
 143                         $sql = "DELETE FROM ".TABLE_PREFIX."groups_members WHERE group_id IN ($group_list) AND member_id=$member";
 144                         $result = mysql_query($sql,$db);
 145                 }
 146         }
 147
 148         $sql = "UPDATE ".TABLE_PREFIX."course_enrollment SET `privileges`=$privilege WHERE member_id=$member AND course_id=$course_id AND `approved`='y'";
 149         $result = mysql_query($sql,$db);
 150
 151
 152         //print error or confirm change
 153         if (!$result) {
 154                 $msg->printErrors('DB_NOT_UPDATED');
 155                 exit;
 156         }
 157 }
 158
 159 require(AT_INCLUDE_PATH.'footer.inc.php'); ?>