/
course_add.php
executable file
·105 lines (90 loc) · 3.56 KB
/
course_add.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
<?php
// Start the page
require("template/header.php");
echo "<div class='newsbox'>";
echo "<div class='newstitle'>Create Course</div>";
echo "<div class='newscontent'>";
// If its a non-logged in user, display public text
if (!$theSentry->login())
{
echo "You need to be logged in to view this page";
}
else
{
if ($theSentry->hasPermission(5))
{
if (isset($_POST['do_modify']))
{
if (!$_POST['name'] )
{
echo('You did not fill in a required field. - <a href="course_add.php">try again?</a>');
}
else
{
$_POST['name'] = strip_tags($_POST['name']);
if (!get_magic_quotes_gpc())
{
$_POST['name'] = addslashes($_POST['name']);
}
$update = "insert into training_courses set name = '".$_POST['name']."',
role_id = '".$_POST['role_id']."',
validity = '".$_POST['validity']."',
tier = '".$_POST['tier']."';";
$result = $theDB->doQuery($update);
if (!result)
{
print 'Error inserting course - '.$theDB->lasterror().' - <a href="course_add.php">try again?</a>';
}
else
{
$theLogger->log("Created new training course ".$_POST['name']);
echo '<br/>Course details successfully added<br/><br/>';
}
}
}
else
{
echo "<form action=\"course_add.php\" method=\"post\">";
echo "<table align=\"center\" border=\"1\" cellspacing=\"0\" cellpadding=\"3\">";
echo "<tr><td>Name*:</td><td>";
echo "<input type=\"text\" name=\"name\" maxlength=\"50\">";
echo "</td></tr>";
echo "<tr><td>Awarded Role*:</td><td>";
$res = $theDB->fetchQuery("select * from roles where role_id > 100;");
if (!$res)
{
echo "No roles found!";
die();
}
else
{
echo "<select name=role_id>";
for ($i=0; $i<count($res); $i++)
{
echo "<option value='".$res[$i]['role_id']."'>".$res[$i]['role']."</option>";
}
echo "</select>";
}
echo "</td></tr>";
echo "<tr><td>Valid for (days):</td><td>";
echo "<input type=\"text\" name=\"validity\" value = '730' maxlength=\"50\">";
echo "</td></tr>";
echo "<tr><td>Importance Tier (1=highest):</td><td>";
echo "<input type=\"text\" name=\"tier\" value = '1' maxlength=\"50\">";
echo "</td></tr>";
echo "<tr><td colspan=\"2\" align=\"right\">";
echo "<input type=\"submit\" name=\"do_modify\" value=\"Create Course\">";
echo "</td></tr>";
echo "</table>";
echo "</form>";
}
}
else
{
echo "<br/>Permission Denied - Sorry!<br/><br/>";
}
}
// End the page
echo "<div id='clear_both' style='clear:both;'></div></div>";
require("template/footer.html");
?>