Moved scripts in "docs" one level up into root folder. In addition, removed "docs...

[atutor.git] / mods / _core / users / master_list_edit.php

<?php\r
/****************************************************************************/\r
/* ATutor                                                                                                                                       */\r
/****************************************************************************/\r
/* Copyright (c) 2002-2010                                                  */\r
/* Inclusive Design Institute                                               */\r
/* http://atutor.ca                                                                                                                     */\r
/*                                                                                                                                                      */\r
/* This program is free software. You can redistribute it and/or                        */\r
/* modify it under the terms of the GNU General Public License                          */\r
/* as published by the Free Software Foundation.                                                        */\r
/****************************************************************************/\r
// $Id: master_list_edit.php 10142 2010-08-17 19:17:26Z hwong $\r
\r
define('AT_INCLUDE_PATH', '../../../include/');\r
require(AT_INCLUDE_PATH.'vitals.inc.php');\r
admin_authenticate(AT_ADMIN_PRIV_USERS);\r
\r
$_REQUEST['id'] = $addslashes($_REQUEST['id']);\r
\r
if (isset($_POST['cancel'])) {\r
        $msg->addFeedback('CANCELLED');\r
        header('Location: '.AT_BASE_HREF.'mods/_core/users/master_list.php');\r
        exit;\r
} else if (isset($_POST['submit'])) {\r
        $_POST['public_field'] = trim($_POST['public_field']);\r
        if ($_POST['public_field'] == '') {\r
                $msg->addError(array('EMPTY_FIELDS', _AT('student_id')));\r
        }\r
\r
        if (!$msg->containsErrors()) {\r
                $_POST['public_field'] = $addslashes($_POST['public_field']);\r
\r
                $sql = "UPDATE ".TABLE_PREFIX."master_list SET public_field='$_POST[public_field]' WHERE public_field='$_POST[id]'";\r
                $result = mysql_query($sql, $db);\r
\r
                write_to_log(AT_ADMIN_LOG_UPDATE, 'master_list', mysql_affected_rows($db), $sql);\r
\r
                $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');\r
\r
                header('Location: '.AT_BASE_HREF.'mods/_core/users/master_list.php');\r
                exit;\r
        }\r
} \r
\r
require(AT_INCLUDE_PATH.'header.inc.php'); \r
\r
$sql = "SELECT * FROM ".TABLE_PREFIX."master_list WHERE public_field='$_REQUEST[id]'";\r
$result = mysql_query($sql, $db);\r
if (!($row = mysql_fetch_assoc($result))) {\r
        $msg->addError('USER_NOT_FOUND');\r
        $msg->printErrors();\r
        require(AT_INCLUDE_PATH.'footer.inc.php');\r
        exit;\r
} else {\r
        $_POST = $row;\r
}\r
?>\r
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" name="form">\r
<input type="hidden" name="id" value="<?php echo $_REQUEST['id']; ?>" />\r
<div class="input-form">\r
        <div class="row">\r
                <span class="required" title="<?php echo _AT('required_field'); ?>">*</span><label for="student_id"><?php echo _AT('student_id'); ?></label><br />\r
                <input type="text" name="public_field" id="student_id" size="25" value="<?php echo $_POST['public_field']; ?>" />\r
        </div>\r
\r
        <div class="row buttons">\r
                <input type="submit" name="submit" value="<?php echo _AT('save'); ?>" accesskey="s" />\r
                <input type="submit" name="cancel" value="<?php echo _AT('cancel'); ?>" />\r
        </div>\r
</div>\r
</form>\r
\r
<?php require(AT_INCLUDE_PATH.'footer.inc.php'); ?>