3 include_once("auth.php");
4 include_once("header.php");
6 if($role != 0) { die("Account \"".$user_name."\" Is Not Authorized To View This Page.<br><br>This Event Will Be Logged And Reported."); }
8 $_GET["action"] = mysql_real_escape_string($_GET["action"]);
9 $_GET["user_id"] = mysql_real_escape_string($_GET["user_id"]);
10 $_GET["class"] = mysql_real_escape_string($_GET["class"]);
12 if($_GET['action'] == "delete")
14 if ($_GET['class'] == "") { die("No Class ID Sent"); }
15 if ($_GET['user_id'] == "") { die("No User ID Sent"); }
16 $sql = 'delete from enrollment where user_id='.$_GET['user_id'].' and class_id ='.$_GET['class'];
17 $result = mysql_query($sql);
18 if (!$result) { die("SQL ERROR"); }
21 if($_GET['action'] == "add")
23 if ($_GET['class'] == "") { die("No Class ID Sent"); }
24 if ($_GET['user_id'] == "") { die("No User ID Sent"); }
26 /* TODO: verify user not already listed */
28 $sql = 'insert into enrollment values ("",'.$_GET['class'].','.$_GET['user_id'].')';
29 $result = mysql_query($sql);
30 if (!$result) { die("SQL ERROR"); }
33 /* get list of classes to select from */
34 $sql = 'select * from class';
35 $result = mysql_query($sql);
36 if (!$result) { die("SQL ERROR"); }
37 while($row = mysql_fetch_array($result))
40 <tr><td><a href=enrollment.php?class='.$row['class_id'].'>'.$row['class_name'].'</a></td><td>'.$row['class_section'].'</td><td>'.$row['class_location'].'</td><td>'.$row['class_instructor'].'</td></tr>';
44 /* get list of all students */
45 $sql = 'select user_id, name, email from users order by name';
46 $result = mysql_query($sql);
47 if (!$result) { die("SQL ERROR"); }
48 while($row = mysql_fetch_array($result))
50 $all_students .= '<option value='.$row['user_id'].'>'.$row['name'].'</option>';
54 /* get current class info */
55 $sql = 'select class_name, class_section, class_location, class_instructor from class where class_id ='.$_GET['class'];
56 $result = mysql_query($sql);
57 if (!$result) { die("SQL ERROR"); }
58 while($row = mysql_fetch_array($result))
60 $class_info .= '<h3>'.$row['class_name'].' - '.$row['class_section'].' - '.$row['class_location'].' - '.$row['class_instructor'].'</h3>';
63 /* get list of students in this class */
64 $sql = 'select enrollment.user_id, name, email from enrollment, users where (users.user_id = enrollment.user_id) and class_id='.$_GET['class'].' order by name';
65 $result = mysql_query($sql);
66 if (!$result) { die("SQL ERROR"); }
67 while($row = mysql_fetch_array($result))
69 $students .= '<tr><td>'.$row['name'].'</td><td>'.$row['email'].'</td><td><a href=enrollment.php?class='.$_GET['class'].'&user_id='.$row['user_id'].'&action=delete>Delete</a></td></tr>';
75 <h3
>Enrollment Manager
</h3
>
77 <table
class="gridtable">
79 <th
>Class Name
</th
><th
>Section
</th
><th
>Location
</th
><th
>Instructor
</th
>
81 <?php
echo $classes; ?
>
85 <?php
if($class_info != "") { echo $class_info.'
87 <form name="input" action="enrollment.php" method="get">
88 <input name="action" type="hidden" value="add">
89 <input name="class" type="hidden" value="'.$_GET['class'].'">
90 <select name="user_id"><option></option>'.$all_students.'</select> <input type="submit" value="Add" /><br><br><br>
92 <table class="gridtable">
94 <th>Student Name</th><th>Student Email</th><th>Action</th>