2 /************************************************************************/
4 /************************************************************************/
5 /* Copyright (c) 2002-2008 by Greg Gay, Joel Kronenberg & Heidi Hazelton*/
6 /* Adaptive Technology Resource Centre / University of Toronto */
9 /* This program is free software. You can redistribute it and/or */
10 /* modify it under the terms of the GNU General Public License */
11 /* as published by the Free Software Foundation. */
12 /************************************************************************/
13 // $Id: enroll_edit.php 6662 2006-11-20 15:52:49Z joel $
14 if (!defined('AT_INCLUDE_PATH')) { exit; }
18 //if user wants to cancel action
19 if (isset($_POST['cancel'])) {
20 $msg->addFeedback('CANCELLED');
21 header('Location: index.php?course_id='.$course_id);
23 } else if (isset($_POST['submit'])) {
26 $mid = $_POST['dmid'];
27 $privs = $_POST['privs'];
28 $role = $_POST['role'];
30 //loop through selected users to perform update
33 change_privs(intval($mid[$i]), $privs[$i]);
37 $msg->addFeedback('PRIVS_CHANGED');
38 header('Location: index.php?tab=1'.SEP.'course_id='.$course_id);
42 require(AT_INCLUDE_PATH.'header.inc.php');
46 <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
47 <input type="hidden" name="course_id" value="<?php echo $course_id; ?>"/>
48 <div class="input-form">
50 //Store id's into a hidden element for use by functions
52 while ($_GET['mid'.$j]) {
53 echo '<input type="hidden" name="dmid[]" value="'.$_GET['mid'.$j].'" />';
57 //loop through all the students
58 for ($k = 0; $k < $j; $k++) {
59 $mem_id = intval($_GET['mid'.$k]);
61 //NO!!! extra check to ensure that user doesnt send in instructor for change privs
62 $sql = "SELECT CE.privileges, M.login FROM ".TABLE_PREFIX."course_enrollment CE INNER JOIN ".TABLE_PREFIX."members M USING (member_id) WHERE M.member_id=$mem_id AND CE.course_id=$course_id AND CE.approved='y'";
64 $result = mysql_query($sql, $db);
65 $student_row = mysql_fetch_assoc($result);
68 <h3><?php echo $student_row['login']; ?></h3>
72 <?php echo _AT('privileges'); ?><br />
73 <table width="100%" border="0" cellspacing="5" cellpadding="0" summary="">
77 $student_row['privileges'] = intval($student_row['privileges']);
78 $module_list = $moduleFactory->getModules(AT_MODULE_STATUS_ENABLED, 0, TRUE);
79 $keys = array_keys($module_list);
80 foreach ($keys as $module_name) {
81 $module =& $module_list[$module_name];
82 if (!($module->getPrivilege() > 1)) {
86 echo '<td><label><input type="checkbox" name="privs['.$k.'][]" value="'.$module->getPrivilege().'" ';
88 if (query_bit($student_row['privileges'], $module->getPrivilege())) {
89 echo 'checked="checked"';
92 echo ' />'.$module->getName().'</label></td>';
94 if (!($count % $num_cols)) {
98 if ($count % $num_cols) {
99 echo '<td colspan="'.($num_cols-($count % $num_cols)).'"> </td>';
101 echo '<td colspan="'.$num_cols.'"> </td>';
110 <div class="row buttons">
111 <input type="submit" name="submit" value="<?php echo _AT('save'); ?>" accesskey="s" />
112 <input type="submit" name="cancel" value="<?php echo _AT('cancel'); ?>" />
120 * Updates the Role & Priviliges of users
122 * @param int $member The member_id of the user whose values are to be updated
123 * @param int $privs value of the privileges of the user
124 * @author Joel Kronenberg
126 function change_privs ($member, $privs) {
127 global $db, $course_id;
129 //calculate privileges
131 if (!(empty($privs))) {
132 foreach ($privs as $priv) {
133 $privilege += intval($priv);
138 * if we're making a student a GROUP TA then we have to remove them
139 * from all the groups they may belong to.
141 if (query_bit($privilege, AT_PRIV_GROUPS)) {
142 $group_list = implode(',', $_SESSION['groups']);
144 $sql = "DELETE FROM ".TABLE_PREFIX."groups_members WHERE group_id IN ($group_list) AND member_id=$member";
145 $result = mysql_query($sql,$db);
149 $sql = "UPDATE ".TABLE_PREFIX."course_enrollment SET `privileges`=$privilege WHERE member_id=$member AND course_id=$course_id AND `approved`='y'";
150 $result = mysql_query($sql,$db);
153 //print error or confirm change
155 $msg->printErrors('DB_NOT_UPDATED');
160 require(AT_INCLUDE_PATH.'footer.inc.php'); ?>