diff --git a/ProgramFunctions/StudentsUsersInfo.fnc.php b/ProgramFunctions/StudentsUsersInfo.fnc.php index ed5320077..b68ea58b4 100644 --- a/ProgramFunctions/StudentsUsersInfo.fnc.php +++ b/ProgramFunctions/StudentsUsersInfo.fnc.php @@ -55,7 +55,7 @@ function _makeTextInput( $column, $name, $request ) $options .= $field['REQUIRED'] === 'Y' ? ' required' : ''; return TextInput( - $value[ $column ], + issetVal( $value[ $column ], '' ), $request . '[' . $column . ']', $name, $options, @@ -102,7 +102,7 @@ function _makeDateInput( $column, $name, $request ) } return DateInput( - $value[ $column ], + issetVal( $value[ $column ], '' ), $request . '[' . $column . ']', $name, $div, @@ -165,7 +165,7 @@ function _makeSelectInput( $column, $name, $request ) $extra = ( $field['REQUIRED'] === 'Y' ? 'required': '' ); return SelectInput( - $value[ $column ], + issetVal( $value[ $column ], '' ), $request . '[' . $column . ']', $name, $options, diff --git a/functions/ErrorMessage.fnc.php b/functions/ErrorMessage.fnc.php index 1330d413b..eb8da80d9 100644 --- a/functions/ErrorMessage.fnc.php +++ b/functions/ErrorMessage.fnc.php @@ -65,7 +65,8 @@ function ErrorMessage( $errors, $code = 'error' ) if ( count( $errors ) === 1 ) { - $return .= ': ' . issetVal( $errors[0], $errors[1] ) . '
'; + // Note: do not use issetVal() here. + $return .= ': ' . ( isset( $errors[0] ) ? $errors[0] : $errors[1] ) . ''; } // More than one error: list. diff --git a/functions/GetGrade.fnc.php b/functions/GetGrade.fnc.php index 0c5584c3c..6a09ebe52 100644 --- a/functions/GetGrade.fnc.php +++ b/functions/GetGrade.fnc.php @@ -32,6 +32,11 @@ function GetGrade( $grade, $column = 'TITLE' ) FROM SCHOOL_GRADELEVELS", array(), array( 'ID' ) ); } + if ( ! isset( $grades[ $grade ] ) ) + { + return ''; + } + $extra = ''; if ( $column === 'TITLE' ) diff --git a/functions/GetStaffList.fnc.php b/functions/GetStaffList.fnc.php index beed0c289..1f3749ba5 100644 --- a/functions/GetStaffList.fnc.php +++ b/functions/GetStaffList.fnc.php @@ -317,7 +317,7 @@ function appendStaffSQL( $sql, $extra = array() ) ); } - if ( $extra['profile'] ) + if ( ! empty( $extra['profile'] ) ) { $options = array( $extra['profile'] => $options[ $extra['profile'] ] ); } diff --git a/functions/ListOutput.fnc.php b/functions/ListOutput.fnc.php index eac4c2c9c..5706327d1 100644 --- a/functions/ListOutput.fnc.php +++ b/functions/ListOutput.fnc.php @@ -818,7 +818,7 @@ class="button" alt="" title="' . htmlspecialchars( _( 'Search' ), ENT_QUOTES ) . foreach ( (array) $column_names as $key => $value ) { - echo 'diff --git a/modules/Grades/Assignments.php b/modules/Grades/Assignments.php index 64aef52c6..bc07ac0a4 100644 --- a/modules/Grades/Assignments.php +++ b/modules/Grades/Assignments.php @@ -385,7 +385,7 @@ { $hide_previous_assignment_types_sql = ''; - if ( $gradebook_config['HIDE_PREVIOUS_ASSIGNMENT_TYPES'] ) + if ( ! empty( $gradebook_config['HIDE_PREVIOUS_ASSIGNMENT_TYPES'] ) ) { // @since 4.5 Hide previous quarters assignment types. $hide_previous_assignment_types_sql = " AND CREATED_MP='" . UserMP() . "' OR CREATED_MP IS NULL"; diff --git a/modules/Grades/Grades.php b/modules/Grades/Grades.php index 972a6b218..4a73fd8ef 100644 --- a/modules/Grades/Grades.php +++ b/modules/Grades/Grades.php @@ -32,7 +32,9 @@ $gradebook_config = ProgramUserConfig( 'Gradebook' ); //$max_allowed = Preferences('ANOMALOUS_MAX','Gradebook')/100; -$max_allowed = ( $gradebook_config['ANOMALOUS_MAX'] ? $gradebook_config['ANOMALOUS_MAX'] / 100 : 1 ); +$max_allowed = ( isset( $gradebook_config['ANOMALOUS_MAX'] ) && $gradebook_config['ANOMALOUS_MAX'] ? + $gradebook_config['ANOMALOUS_MAX'] / 100 : + 1 ); if ( ! empty( $_REQUEST['student_id'] ) ) { @@ -225,7 +227,7 @@ $sql = ''; - if ( $current_RET[$student_id][$assignment_id] ) + if ( ! empty( $current_RET[$student_id][$assignment_id] ) ) { $sql = "UPDATE GRADEBOOK_GRADES SET "; @@ -290,7 +292,7 @@ if ( ProgramConfig( 'grades', 'GRADES_DOES_LETTER_PERCENT' ) <= 0 ) { - if ( $gradebook_config['LETTER_GRADE_ALL'] != 'Y' ) + if ( empty( $gradebook_config['LETTER_GRADE_ALL'] ) ) { $LO_columns['LETTER_GRADE'] = _( 'Letter' ); } @@ -474,7 +476,7 @@ if ( ProgramConfig( 'grades', 'GRADES_DOES_LETTER_PERCENT' ) <= 0 ) { if ( empty( $_REQUEST['assignment_id'] ) - || $gradebook_config['LETTER_GRADE_ALL'] != 'Y' ) + || empty( $gradebook_config['LETTER_GRADE_ALL'] ) ) { $LO_columns['LETTER_GRADE'] = _( 'Letter' ); } @@ -579,8 +581,14 @@ } $tabs[] = array( - 'title' => $color . $type[1]['TITLE'] . ( $gradebook_config['WEIGHT'] == 'Y' ? '|' . number_format( 100 * $type[1]['FINAL_GRADE_PERCENT'], 0 ) . '%' : '' ), - 'link' => 'Modules.php?modname=' . $_REQUEST['modname'] . '&type_id=' . $id . ( $_REQUEST['assignment_id'] == 'all' ? '&assignment_id=all' : '' ) . ( UserStudentID() ? '&student_id=' . UserStudentID() : '' ) . '&include_inactive=' . $_REQUEST['include_inactive'] . '&include_all=' . $_REQUEST['include_all'], + 'title' => $color . $type[1]['TITLE'] . + ( isset( $gradebook_config['WEIGHT'] ) && $gradebook_config['WEIGHT'] == 'Y' ? + '|' . number_format( 100 * $type[1]['FINAL_GRADE_PERCENT'], 0 ) . '%' : + '' ), + 'link' => 'Modules.php?modname=' . $_REQUEST['modname'] . '&type_id=' . $id . + ( $_REQUEST['assignment_id'] == 'all' ? '&assignment_id=all' : '' ) . + ( UserStudentID() ? '&student_id=' . UserStudentID() : '' ) . + '&include_inactive=' . $_REQUEST['include_inactive'] . '&include_all=' . $_REQUEST['include_all'], ); } @@ -746,7 +754,8 @@ function _makeExtraAssnCols( $assignment_id, $column ) else { if ( ! empty( $_REQUEST['include_all'] ) - || ( $current_RET[$THIS_RET['STUDENT_ID']][$assignment_id][1]['POINTS'] != '' + || ( ( isset( $current_RET[$THIS_RET['STUDENT_ID']][$assignment_id][1]['POINTS'] ) + && $current_RET[$THIS_RET['STUDENT_ID']][$assignment_id][1]['POINTS'] != '' ) || ! $assignments_RET[$assignment_id][1]['DUE_EPOCH'] || $assignments_RET[$assignment_id][1]['DUE_EPOCH'] >= $THIS_RET['START_EPOCH'] && ( ! $THIS_RET['END_EPOCH'] @@ -755,7 +764,7 @@ function _makeExtraAssnCols( $assignment_id, $column ) $total_points = $assignments_RET[$assignment_id][1]['POINTS']; //FJ default points - $points = $current_RET[$THIS_RET['STUDENT_ID']][$assignment_id][1]['POINTS']; + $points = issetVal( $current_RET[$THIS_RET['STUDENT_ID']][$assignment_id][1]['POINTS'] ); $div = true; if ( is_null( $points ) ) @@ -804,8 +813,14 @@ function _makeExtraAssnCols( $assignment_id, $column ) { if ( $partial_points['PARTIAL_TOTAL'] != 0 || $gradebook_config['WEIGHT'] != 'Y' ) { - $total += $partial_points['PARTIAL_POINTS'] * ( $gradebook_config['WEIGHT'] == 'Y' ? $partial_points['FINAL_GRADE_PERCENT'] / $partial_points['PARTIAL_TOTAL'] : 1 ); - $total_percent += ( $gradebook_config['WEIGHT'] == 'Y' ? $partial_points['FINAL_GRADE_PERCENT'] : $partial_points['PARTIAL_TOTAL'] ); + $total += $partial_points['PARTIAL_POINTS'] * + ( isset( $gradebook_config['WEIGHT'] ) && $gradebook_config['WEIGHT'] == 'Y' ? + $partial_points['FINAL_GRADE_PERCENT'] / $partial_points['PARTIAL_TOTAL'] : + 1 ); + + $total_percent += ( isset( $gradebook_config['WEIGHT'] ) && $gradebook_config['WEIGHT'] == 'Y' ? + $partial_points['FINAL_GRADE_PERCENT'] : + $partial_points['PARTIAL_TOTAL'] ); } } @@ -912,7 +927,7 @@ function _makeExtraAssnCols( $assignment_id, $column ) || $assignments_RET[$assignment_id][1]['DUE_EPOCH'] <= $THIS_RET['END_EPOCH'] ) ) ) { return TextInput( - $current_RET[$THIS_RET['STUDENT_ID']][$assignment_id][1]['COMMENT'], + issetVal( $current_RET[$THIS_RET['STUDENT_ID']][$assignment_id][1]['COMMENT'] ), 'values[' . $THIS_RET['STUDENT_ID'] . '][' . $assignment_id . '][COMMENT]', '', ' maxlength=100' diff --git a/modules/Students/Student.php b/modules/Students/Student.php index 0025642eb..1008fcc27 100644 --- a/modules/Students/Student.php +++ b/modules/Students/Student.php @@ -152,19 +152,22 @@ $error[] = _( 'Please fill in the required fields' ); } - // Check username unicity. - $existing_username = DBGet( "SELECT 'exists' - FROM STAFF - WHERE USERNAME='" . $_REQUEST['students']['USERNAME'] . "' - AND SYEAR='" . UserSyear() . "' - UNION SELECT 'exists' - FROM STUDENTS - WHERE USERNAME='" . $_REQUEST['students']['USERNAME'] . "' - AND STUDENT_ID!='" . UserStudentID() . "'" ); - - if ( ! empty( $existing_username ) ) + if ( isset( $_REQUEST['students']['USERNAME'] ) ) { - $error[] = _( 'A user with that username already exists. Choose a different username and try again.' ); + // Check username unicity. + $existing_username = DBGet( "SELECT 'exists' + FROM STAFF + WHERE USERNAME='" . $_REQUEST['students']['USERNAME'] . "' + AND SYEAR='" . UserSyear() . "' + UNION SELECT 'exists' + FROM STUDENTS + WHERE USERNAME='" . $_REQUEST['students']['USERNAME'] . "' + AND STUDENT_ID!='" . UserStudentID() . "'" ); + + if ( ! empty( $existing_username ) ) + { + $error[] = _( 'A user with that username already exists. Choose a different username and try again.' ); + } } if ( UserStudentID() && ! $error ) @@ -183,60 +186,62 @@ if ( ! empty( $_REQUEST['students'] ) && ! $error ) { $sql = "UPDATE STUDENTS SET "; - $fields_RET = DBGet( "SELECT ID,TYPE FROM CUSTOM_FIELDS ORDER BY SORT_ORDER", array(), array( 'ID' ) ); + + $fields_RET = DBGet( "SELECT ID,TYPE + FROM CUSTOM_FIELDS + ORDER BY SORT_ORDER", array(), array( 'ID' ) ); + $go = false; foreach ( (array) $_REQUEST['students'] as $column => $value ) { - if ( 1 ) //!empty($value) || $value=='0') + if ( isset( $fields_RET[str_replace( 'CUSTOM_', '', $column )][1]['TYPE'] ) + && $fields_RET[str_replace( 'CUSTOM_', '', $column )][1]['TYPE'] == 'numeric' + && $value != '' + && ! is_numeric( $value ) ) { - //FJ check numeric fields + $error[] = _( 'Please enter valid Numeric data.' ); + continue; + } - if ( $fields_RET[str_replace( 'CUSTOM_', '', $column )][1]['TYPE'] == 'numeric' && $value != '' && ! is_numeric( $value ) ) + if ( ! is_array( $value ) ) + { + //FJ add password encryption + + if ( $column !== 'PASSWORD' ) { - $error[] = _( 'Please enter valid Numeric data.' ); - continue; + $sql .= $column . "='" . str_replace( ''', "''", $value ) . "',"; + $go = true; } - if ( ! is_array( $value ) ) + if ( $column == 'PASSWORD' && ! empty( $value ) && $value !== str_repeat( '*', 8 ) ) { - //FJ add password encryption - - if ( $column !== 'PASSWORD' ) - { - $sql .= $column . "='" . str_replace( ''', "''", $value ) . "',"; - $go = true; - } - - if ( $column == 'PASSWORD' && ! empty( $value ) && $value !== str_repeat( '*', 8 ) ) - { - $value = str_replace( "''", "'", $value ); - $sql .= $column . "='" . encrypt_password( $value ) . "',"; - $go = true; - } + $value = str_replace( "''", "'", $value ); + $sql .= $column . "='" . encrypt_password( $value ) . "',"; + $go = true; } - else - { - // FJ fix bug none selected not saved. - $sql_multiple_input = ''; + } + else + { + // FJ fix bug none selected not saved. + $sql_multiple_input = ''; - foreach ( (array) $value as $val ) + foreach ( (array) $value as $val ) + { + if ( $val ) { - if ( $val ) - { - $sql_multiple_input .= $val . '||'; - } + $sql_multiple_input .= $val . '||'; } + } - if ( $sql_multiple_input ) - { - $sql_multiple_input = "||" . $sql_multiple_input; - } + if ( $sql_multiple_input ) + { + $sql_multiple_input = "||" . $sql_multiple_input; + } - $sql .= $column . "='" . $sql_multiple_input . "',"; + $sql .= $column . "='" . $sql_multiple_input . "',"; - $go = true; - } + $go = true; } } @@ -687,10 +692,7 @@ echo '