1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
|
<?php
session_start();
# Variables
$prefix = ".."; # Prefix for relative links
$title = "Administration Panel"; # Title of the page
# Including includes
include "$prefix/config/config.php"; # General configuration file for all pages
include "$prefix/includes/db.inc"; # DB access
include "$prefix/includes/other.inc"; # Other scripts
include "$prefix/includes/header.inc"; # Including HTML headers, etc
include "$prefix/includes/js.inc"; # Javascript access
# Check for Login and Privileges
if (isset($_POST['username']) && isset($_POST['password'])) {
$result = login_admin($_POST['username'],$_POST['password']);
if ($result == 0) {
messagebox(error,error,'Error 3: You are either not logged in, or do not have the permissions to access this page<br /><br /><a href="/">Home</a>',true);
}
}
elseif ($_SESSION['type'] == "admin" || $_SESSION['type'] == "superuser");
else messagebox(error,error,'Error 3: You are either not logged in, or do not have the permissions to access this page<br /><br /><a href="/">Home</a>',true);
?>
<p class="blurb">
The Administration panel allows you to modify permissions and instrument contracts. From here, you can
also modify registered users and manage the database system.
<p>
<hr />
</td>
</tr>
<?php
if ($_SESSION['type'] == "superuser") {
db_connect();
$countpending = mysql_fetch_row(mysql_query("SELECT COUNT(id) FROM contracts WHERE status='pending'"));
$today = strtotime('today');
$aweekfromtoday = $today + 604800; # Does not account for leap years (see bug #537046), but this does not require that kind of precision
$countexpiring = mysql_fetch_row(mysql_query("SELECT COUNT(id) FROM contracts WHERE dateto BETWEEN '$today' AND '$aweekfromtoday' AND status<>'returned'"));
$listexpiring = mysql_query("SELECT name, instrument FROM authz, contracts WHERE authz.studentno = contracts.studentno AND dateto BETWEEN 'today' AND '$aweekfromtoday' AND status<>'returned'");
$countoverdue = mysql_fetch_row(mysql_query("SELECT COUNT(id) FROM contracts WHERE (status='out' AND dateto<'$today')"));
db_close();
if ($countpending[0] > 0) {
echo '<tr><td colspan="2">';
if ($countpending[0] == 1) messagebox(notice,folder_yellow,'<b>Message to Cage Manager</b><br />There is ' . $countpending[0] . ' new instrument request to be processed',false);
else messagebox(notice,folder_yellow,'<b>Message to Cage Manager</b><br />There are ' . $countpending[0] . ' new instrument requests to be processed',false);
echo '</td></tr>';
}
if ($countexpiring[0] > 0) {
# Make the list of students
for ($x=0;$x<$countexpiring[0];$x++) {
$row = mysql_fetch_row($listexpiring);
$list = $list . $row[0] . ' (' . ucwords($row[1]) . ')<br />';
}
echo '<tr><td colspan="2">';
if ($countexpiring[0] == 1) messagebox(notice,folder_yellow,'<b>Message to Cage Manager</b><br />There is ' . $countexpiring[0] . ' instrument contract expiring within 7 days<br /><a onClick="toggle_visibility(\'expiring\')" style="cursor: pointer;">Click for More Information</a><span id="expiring" name="list" style="display: none;"><br />The aforementioned students:<br />' . stripslashes($list) . '</span>',false);
else messagebox(notice,folder_yellow,'<b>Message to Cage Manager</b><br />There are ' . $countexpiring[0] . ' instrument contracts expiring within 7 days<br /><a onClick="toggle_visibility(\'cleared\')" style="cursor: pointer;">Click for More Information</a><span id="cleared" name="list" style="display: none;"><br />The aforementioned students:<br />' . stripslashes($list) . '</span>',false);
echo '</td></tr>';
}
if ($countoverdue[0] > 0) {
echo '<tr><td colspan="2">';
if ($countoverdue[0] == 1) messagebox(error,folder_red,'<b>Message to Cage Manager</b><br />There is ' . $countoverdue[0] . ' student with an <u>overdue</u> instrument!',false);
else messagebox(error,folder_red,'<b>Message to Cage Manager</b><br />There are ' . $countoverdue[0] . ' students with <u>overdue</u> instruments!',false);
echo '</td></tr>';
}
}
?>
<tr>
<td class="left">
<div class="admin_menu_option" onClick="window.location='./contracts.php';">
<img src="/images/contracts.png" title="" />
<p>Add/View Instrument Contracts</p>
</div>
<div class="admin_menu_option" onClick="window.location='./users.php';">
<img src="/images/user.png" title="" />
<p>Add/View Registered Users</p>
</div>
<?php
db_connect();
$check_locker_enabled = mysql_fetch_row(mysql_query("SELECT value FROM meta WHERE `option`='lockers_enabled'"));
db_close();
if ($check_locker_enabled[0] == 1) echo '
<div class="admin_menu_option" onClick="window.location=\'/modules/lockers/index.php\';">
<img src="/images/lockers.png" title="" />
<p>Locker Assignments</p>
</div>
';
?>
<div class="admin_menu_option" onClick="window.location='./stats.php';">
<img src="/images/summary.png" title="" />
<p>Statistics and Summaries</p>
</div>
</td>
<td class="right">
<div class="admin_menu_option" onClick="window.location='./permissions.php';">
<img src="/images/permissions.png" title="" />
<p>Add/View Permissions</p>
</div>
<div class="admin_menu_option" onClick="window.location='./inventory.php';">
<img src="/images/inventory.png" title="" />
<p>Instrument Inventory</p>
</div>
<?php
db_connect();
$check_accessories_enabled = mysql_fetch_row(mysql_query("SELECT value FROM meta WHERE `option`='accessories_enabled'"));
db_close();
if ($check_accessories_enabled[0] == 1) echo '
<div class="admin_menu_option" onClick="window.location=\'/modules/accessories/index.php\';">
<img src="/images/accessories.png" title="" />
<p>Accessories Management</p>
</div>
';
?>
<div class="admin_menu_option" onClick="window.location='./system.php';">
<img src="/images/db.png" title="" />
<p>System Options</p>
</div>
</td>
</tr>
<tr>
<td colspan="2" align="center">
<div class="buttons" style="display: table; margin: auto;">
<a href="/index.php?action=logout" class="negative">
<img src="/images/logoff.png" title="" />
Log out
</a>
</div>
<span id="displaylogin">Current logged in as <strong><?=$_SESSION['name']?></strong></span>
</td>
</tr>
</table>
<?php
# Including includes
include "$prefix/includes/footer.inc";
?>
|