$extra ); } if ( ! empty( $_REQUEST['bottom_back'] ) || ( User( 'PROFILE' ) !== 'parent' && ! empty( $_REQUEST['search_modfunc'] ) && $_REQUEST['search_modfunc'] === 'list' ) ) { unset( $_SESSION['staff_id'] ); } if ( ! empty( $_REQUEST['staff_id'] ) ) { if ( $_REQUEST['staff_id'] !== 'new' && $_REQUEST['staff_id'] != UserStaffID() ) { SetUserStaffID( $_REQUEST['staff_id'] ); } elseif ( $_REQUEST['staff_id'] === 'new' && UserStaffID() ) { unset( $_SESSION['staff_id'] ); } } elseif ( ! UserStaffID() || ! empty( $extra['new'] ) ) { if ( UserStaffID() ) { unset( $_SESSION['staff_id'] ); } $_REQUEST['next_modname'] = $_REQUEST['modname']; require_once 'modules/Users/Search.inc.php'; } break; // Find a Student form General Info & Grade Level. case 'general_info': // TODO: // http://ux.stackexchange.com/questions/85050/what-is-the-best-practice-for-password-field-placeholders echo '' . _( 'Last Name' ) . ' '; echo '' . _( 'First Name' ) . ' '; echo '' . sprintf( _( '%s ID' ), Config( 'NAME' ) ) . ' '; echo '' . _( 'Address' ) . ' '; // Grade Level. $grade_levels_RET = DBGet( "SELECT ID,TITLE,SHORT_NAME FROM SCHOOL_GRADELEVELS WHERE SCHOOL_ID='" . UserSchool() . "' ORDER BY SORT_ORDER" ); if ( isset( $_REQUEST['advanced'] ) && $_REQUEST['advanced'] === 'Y' || ! empty( $extra ) && is_array( $extra ) ) { echo '' . _( 'Grade Levels' ) . '   ' . _( 'Not' ) . '    ' . _( 'Check All' ) . ' '; $i = 0; foreach ( (array) $grade_levels_RET as $grade_level ) { $id = $grade_level['ID']; $checked = ! empty( $extra[ $id ] ) || $extra == $id ? ' checked' : ''; echo ''; $i++; if ( $i%4 === 0 ) { echo ''; } } echo '

' . $grade_level['SHORT_NAME'] . '

'; } else { echo '' . _( 'Grade Level' ) . ' ' . _( 'Not Specified' ) . ''; foreach ( (array) $grade_levels_RET as $grade_level ) { $id = $grade_level['ID']; echo '' . $grade_level['TITLE'] . ''; } echo ''; } break; // Find a User form General Info & Profile. case 'staff_general_info': echo '' . _( 'Last Name' ) . ' '; echo '' . _( 'First Name' ) . ' '; echo '' . _( 'User ID' ) . ' '; echo '' . _( 'Username' ) . ' '; $options = array( '' => _( 'N/A' ), 'teacher' => _( 'Teacher' ), 'parent' => _( 'Parent' ), ); // Profile. if ( User( 'PROFILE' ) === 'admin' ) { $options = array( '' => _( 'N/A' ), 'admin' => _( 'Administrator' ), 'teacher' => _( 'Teacher' ), 'parent' => _( 'Parent' ), 'none' => _( 'No Access' ), ); } if ( ! empty( $extra['profile'] ) ) { $options = array( $extra['profile'] => $options[ $extra['profile'] ] ); } echo '' . _( 'Profile' ) . ' '; foreach ( (array) $options as $key => $val ) { echo '' . $val . ''; } echo ''; // @since 4.8 Search Parents by Student Grade Level. $grade_levels_RET = DBGet( "SELECT ID,TITLE,SHORT_NAME FROM SCHOOL_GRADELEVELS WHERE SCHOOL_ID='" . UserSchool() . "' ORDER BY SORT_ORDER" ); // Do not hide in case first Profile is "Parent". $maybe_hide = key( $options ) === 'parent' ? '' : ' class="hide"'; echo ' ' . _( 'Student Grade Level' ) . ' ' . _( 'Not Specified' ) . ''; foreach ( (array) $grade_levels_RET as $grade_level ) { echo '' . $grade_level['TITLE'] . ''; } echo ''; // Show Student Grade Level when selected Profile is "Parent". echo ''; break; case 'staff_fields': case 'staff_fields_all': case 'student_fields': case 'student_fields_all': if ( $type === 'staff_fields_all' ) { $categories_SQL = "SELECT sfc.ID,sfc.TITLE AS CATEGORY_TITLE, 'CUSTOM_'||cf.ID AS COLUMN_NAME,cf.TYPE,cf.TITLE,SELECT_OPTIONS FROM STAFF_FIELD_CATEGORIES sfc,STAFF_FIELDS cf WHERE (SELECT CAN_USE FROM " . ( User( 'PROFILE_ID' ) ? "PROFILE_EXCEPTIONS WHERE PROFILE_ID='" . User( 'PROFILE_ID' ) . "'" : "STAFF_EXCEPTIONS WHERE USER_ID='" . User( 'STAFF_ID' ) . "'" ) . " AND MODNAME='Users/User.php&category_id='||sfc.ID LIMIT 1)='Y' AND cf.CATEGORY_ID=sfc.ID AND NOT EXISTS(SELECT '' FROM PROGRAM_USER_CONFIG WHERE PROGRAM='StaffFieldsSearch' AND TITLE=cast(cf.ID AS TEXT) AND USER_ID='" . User( 'STAFF_ID' ) . "' AND VALUE='Y') AND cf.TYPE<>'files' ORDER BY sfc.SORT_ORDER,sfc.TITLE,cf.SORT_ORDER,cf.TITLE"; } elseif ( $type === 'staff_fields' ) { $categories_SQL = "SELECT '0' AS ID,'' AS CATEGORY_TITLE, 'CUSTOM_'||cf.ID AS COLUMN_NAME,cf.TYPE,cf.TITLE,cf.SELECT_OPTIONS FROM STAFF_FIELDS cf WHERE (SELECT CAN_USE FROM " . ( User( 'PROFILE_ID' ) ? "PROFILE_EXCEPTIONS WHERE PROFILE_ID='" . User( 'PROFILE_ID' ) . "'" : "STAFF_EXCEPTIONS WHERE USER_ID='" . User( 'STAFF_ID' ) . "'") . " AND MODNAME='Users/User.php&category_id='||cf.CATEGORY_ID LIMIT 1)='Y' AND (SELECT VALUE FROM PROGRAM_USER_CONFIG WHERE TITLE=cast(cf.ID AS TEXT) AND PROGRAM='StaffFieldsSearch' AND USER_ID='" . User( 'STAFF_ID' ) . "' LIMIT 1)='Y' ORDER BY cf.SORT_ORDER,cf.TITLE"; } elseif ( $type === 'student_fields_all' ) { $categories_SQL = "SELECT sfc.ID,sfc.TITLE AS CATEGORY_TITLE, 'CUSTOM_'||cf.ID AS COLUMN_NAME,cf.TYPE,cf.TITLE,SELECT_OPTIONS FROM STUDENT_FIELD_CATEGORIES sfc,CUSTOM_FIELDS cf WHERE (SELECT CAN_USE FROM " . ( User( 'PROFILE_ID' ) ? "PROFILE_EXCEPTIONS WHERE PROFILE_ID='" . User( 'PROFILE_ID' ) . "'" : "STAFF_EXCEPTIONS WHERE USER_ID='" . User( 'STAFF_ID' ) . "'") . " AND MODNAME='Students/Student.php&category_id='||sfc.ID)='Y' AND cf.CATEGORY_ID=sfc.ID AND NOT exists(SELECT '' FROM PROGRAM_USER_CONFIG WHERE PROGRAM='StudentFieldsSearch' AND TITLE=cast(cf.ID AS TEXT) AND USER_ID='" . User( 'STAFF_ID' ) . "' AND VALUE='Y') AND cf.TYPE<>'files' ORDER BY sfc.SORT_ORDER,sfc.TITLE,cf.SORT_ORDER,cf.TITLE"; } else { $categories_SQL = "SELECT '0' AS ID,'' AS CATEGORY_TITLE, 'CUSTOM_'||cf.ID AS COLUMN_NAME,cf.TYPE,cf.TITLE,cf.SELECT_OPTIONS FROM CUSTOM_FIELDS cf WHERE (SELECT CAN_USE FROM " . ( User( 'PROFILE_ID' ) ? "PROFILE_EXCEPTIONS WHERE PROFILE_ID='" . User( 'PROFILE_ID' ) . "'" : "STAFF_EXCEPTIONS WHERE USER_ID='" . User( 'STAFF_ID' ) . "'") . " AND MODNAME='Students/Student.php&category_id='||cf.CATEGORY_ID)='Y' AND ((SELECT VALUE FROM PROGRAM_USER_CONFIG WHERE TITLE=cast(cf.ID AS TEXT) AND PROGRAM='StudentFieldsSearch' AND USER_ID='" . User( 'STAFF_ID' ) . "')='Y') ORDER BY cf.SORT_ORDER,cf.TITLE"; } $categories_RET = ParseMLArray( DBGet( $categories_SQL, array(), array( 'ID', 'TYPE' ) ), array( 'CATEGORY_TITLE', 'TITLE' ) ); if ( $type === 'student_fields_all' ) { // Student Fields: search Username. $general_info_category_title = ParseMLField( DBGetOne( "SELECT sfc.TITLE FROM STUDENT_FIELD_CATEGORIES sfc WHERE sfc.ID=1" ) ); $i = empty( $categories_RET[1]['text'] ) ? 1 : count( $categories_RET[1]['text'] ); if ( Preferences( 'USERNAME', 'StudentFieldsSearch' ) !== 'Y' ) { if ( ! isset( $categories_RET[1] ) ) { // Empty General Info category. $categories_RET[1] = array(); } // Add Username to Staff General Info. $categories_RET[1]['text'][ $i++ ] = array( 'ID' => '1', 'CATEGORY_TITLE' => $general_info_category_title, 'COLUMN_NAME' => 'USERNAME', 'TYPE' => 'text', 'TITLE' => _( 'Username' ), 'SELECT_OPTIONS' => null, ); } } elseif ( $type === 'student_fields' ) { $i = isset( $i ) ? $i : 0; if ( Preferences( 'USERNAME', 'StudentFieldsSearch' ) === 'Y' ) { // Add USername to Find a User form. $categories_RET[1]['text'][ $i++ ] = array( 'ID' => '1', 'CATEGORY_TITLE' => '', 'COLUMN_NAME' => 'USERNAME', 'TYPE' => 'text', 'TITLE' => _( 'Username' ), 'SELECT_OPTIONS' => null, ); } } elseif ( $type === 'staff_fields_all' ) { $i = 1; } elseif ( $type === 'staff_fields' ) { $i = isset( $i ) ? $i : 0; } foreach ( (array) $categories_RET as $category ) { $TR_classes = ''; $category_default = array( 'text' => array(), 'numeric' => array(), 'select' => array(), 'autos' => array(), 'exports' => array(), 'date' => array(), 'radio' => array(), ); $category = array_replace_recursive( $category_default, (array) $category ); foreach ( $category as $cols ) { if ( ! empty( $cols[1]['CATEGORY_TITLE'] ) ) { $category_title = $cols[1]['CATEGORY_TITLE']; break; } } if ( $type === 'student_fields_all' || $type === 'staff_fields_all' ) { echo ' ' . $category_title . '
'; $TR_classes .= 'st'; if ( $type === 'student_fields_all' && isset( $category['text'][1]['ID'] ) && $category['text'][1]['ID'] === '2' ) { // @since 5.1 Medical Immunization or Physical Widget. Widgets( 'medical_date', $extra ); echo $extra['search']; } } // Text. foreach ( (array) $category['text'] as $col ) { if ( ( $type === 'staff_fields' || $type === 'staff_fields_all' ) && $col['COLUMN_NAME'] === 'CUSTOM_200000000' ) { // @since 5.9 Move Email & Phone Staff Fields to custom fields. $col['COLUMN_NAME'] = 'EMAIL'; } $name = 'cust[' . $col['COLUMN_NAME'] . ']'; $id = GetInputID( $name ); echo ''; } // Numeric. foreach ( (array) $category['numeric'] as $col ) { echo ''; } // Merge select, autos, edits, exports & codeds // (same or similar SELECT output). $category['select_autos_exports'] = array_merge( (array) $category['select'], (array) $category['autos'], (array) $category['exports'] ); // Select. foreach ( (array) $category['select_autos_exports'] as $col ) { $options = array(); $col_name = $col['COLUMN_NAME']; if ( $col['SELECT_OPTIONS'] ) { $options = explode( "\r", str_replace( array( "\r\n", "\n" ), "\r", $col['SELECT_OPTIONS'] ) ); } $name = 'cust[' . $col_name . ']'; $id = GetInputID( $name ); echo ''; } // Date. foreach ( (array) $category['date'] as $col ) { echo ''; } // Radio. foreach ( (array) $category['radio'] as $col ) { $name = 'cust[' . $col['COLUMN_NAME'] . ']'; echo ''; } if ( $type === 'student_fields_all' || $type === 'staff_fields_all' ) { echo '

' . $col['TITLE'] . '
' . $col['TITLE'] . '	≥ ≤ ' . _( 'No Value' ) . '
' . $col['TITLE'] . '	' . _( 'N/A' ) . ' ' . _( 'No Value' ) . ''; foreach ( (array) $options as $option ) { $value = $option; // Exports specificities. if ( $col['TYPE'] === 'exports' ) { $option = explode( '|', $option ); $option = $value = $option[0]; } if ( $value !== '' && $option !== '' ) { echo '' . $option . ''; } } if ( $col['TYPE'] === 'autos' ) { // Autos specificities. echo '' . _( 'Other Value' ) . ''; // Get autos edited options. if ( mb_strpos( $type, 'student' ) !== false ) { $sql_options = "SELECT DISTINCT s." . $col_name . ",upper(s." . $col_name . ") AS SORT_KEY FROM STUDENTS s,STUDENT_ENROLLMENT sse WHERE sse.STUDENT_ID=s.STUDENT_ID AND sse.SYEAR='" . UserSyear() . "' AND s." . $col_name . " IS NOT NULL AND s." . $col_name . " != '' ORDER BY SORT_KEY"; } else // Staff. { $sql_options = "SELECT DISTINCT s." . $col_name . ",upper(s." . $col_name . ") AS KEY FROM STAFF s WHERE s.SYEAR='" . UserSyear() . "' AND s." . $col_name . " IS NOT NULL AND s." . $col_name . " != '' ORDER BY KEY"; } $options_RET = DBGet( $sql_options ); // Add the 'new' option, is also the separator. echo '-' . _( 'Edit' ) . '-'; foreach ( (array) $options_RET as $option ) { if ( ! in_array( $option[ $col_name ], $options ) ) { echo '' . $option[ $col_name ] . ''; } } } echo '
' . $col['TITLE'] . '   ' . _( 'No Value' ) . '	≥  ' . PrepareDate( '', '_cust_begin[' . $col['COLUMN_NAME'] . ']', true, array( 'short' => true ) ) . ' ≤  ' . PrepareDate( '', '_cust_end[' . $col['COLUMN_NAME'] . ']', true, array( 'short' => true ) ) . '
' . $col['TITLE'] . '	' . _( 'All' ) . '   ' . _( 'Yes' ) . '   ' . _( 'No' ) . '

'; } } break; } } /** * Search (custom) (staff) Field SQL * Call in an SQL statement to select students / staff based on this field * Also sets $_ROSARIO['SearchTerms'] to display search term * * @since 3.0 * * @see appendSQL(), appendStaffSQL() & CustomFields() for use cases. * * Use in the where section of the query: * @example $return .= SearchField( $first_name, 'student', $extra ); * * Searching "Attendance Start" date >= to value, use PART => 'begin': * @example $sql .= SearchField( array( 'COLUMN' => 'ENROLLED_BEGIN', 'VALUE' => '2017-02-15', 'TYPE' => 'date', 'PART' => 'begin', 'TITLE' => _( 'Attendance Start' ) ), 'student', $extra ); * Same applies for numeric fields. * PART can be 'begin' (greater than or equal) or 'end' (lower than or equal), defaults to equal. * * @global array $_ROSARIO Sets $_ROSARIO['SearchTerms'] * * @param array $field Field data: must include COLUMN|VALUE|TYPE|TITLE, may include SELECT_OPTIONS|PART. * @param string $type student|staff (optional). * @param array $extra disable search terms: array( 'NoSearchTerms' => true ) (optional). * * @return string (Custom) Field SQL WHERE */ function SearchField( $field, $type = 'student', $extra = array() ) { global $_ROSARIO; // No empty values. if ( ! is_array( $field ) || $field['VALUE'] === '' ) { return ''; } $no_search_terms = isset( $extra['NoSearchTerms'] ) && $extra['NoSearchTerms']; if ( ! $no_search_terms ) { $_ROSARIO['SearchTerms'] .= '' . $field['TITLE'] . ': '; } $column = $field['COLUMN']; $sql_col = 's.' . DBEscapeIdentifier( $column ); $value = $field['VALUE']; switch ( $field['TYPE'] ) { // Text // Enter '!' for No Value // Enter text inside double quotes "" for exact search. case 'text': // No value. if ( $value === '!' ) { if ( ! $no_search_terms ) { $_ROSARIO['SearchTerms'] .= _( 'No Value' ) . '
'; } return ' AND (' . $sql_col . "='' OR " . $sql_col . " IS NULL) "; } // Matches "searched expression". if ( mb_substr( $value, 0, 1 ) === '"' && mb_substr( $value, -1 ) === '"' ) { if ( ! $no_search_terms ) { $_ROSARIO['SearchTerms'] .= mb_substr( $value, 1, -1 ) . '
'; } return ' AND ' . $sql_col . "='" . mb_substr( $value, 1, -1 ) . "' "; } // Starts with. if ( ! $no_search_terms ) { $_ROSARIO['SearchTerms'] .= _( 'starts with' ) . ' ' . str_replace( "''", "'", $value ) . '
'; } return ' AND LOWER(' . $sql_col . ") LIKE '" . mb_strtolower( $value ) . "%' "; break; // Checkbox. case 'radio': // Yes. if ( $value == 'Y' ) { if ( ! $no_search_terms ) { $_ROSARIO['SearchTerms'] .= _( 'Yes' ) . '
'; } return ' AND ' . $sql_col . "='" . $value . "' "; } // No. if ( $value == 'N' ) { if ( ! $no_search_terms ) { $_ROSARIO['SearchTerms'] .= _( 'No' ) . '
'; } return ' AND (' . $sql_col . "!='Y' OR " . $sql_col . " IS NULL) "; } break; case 'numeric': case 'date': if ( isset( $_REQUEST['cust_null'][ $column ] ) ) { // No Value for Custom Dates & Number. if ( ! $no_search_terms ) { $_ROSARIO['SearchTerms'] .= _( 'No Value' ) . '
'; } return ' AND ' . $sql_col . " IS NULL "; } $value = preg_replace( '/[^0-9.-]+/', '', $value ); if ( $value === '' ) { return ''; } if ( $field['TYPE'] === 'date' && ! VerifyDate( $value ) ) { return ''; } // Default: compares to equal. $part = array( 'operator' => '=', 'html' => '=', ); if ( isset( $field['PART'] ) ) { if ( $field['PART'] === 'begin' ) { // Begin Dates / Number. // Compares to greater than or equal. $part = array( 'operator' => '>=', 'html' => '≥', ); } elseif ( $field['PART'] === 'end' ) { // End Dates / Number. // Compares to lower than or equal. $part = array( 'operator' => '<=', 'html' => '≤', ); } } if ( ! $no_search_terms ) { $_ROSARIO['SearchTerms'] .= '' . $part['html'] . ' '; if ( $field['TYPE'] === 'date' ) { $_ROSARIO['SearchTerms'] .= ProperDate( $value ); } else $_ROSARIO['SearchTerms'] .= $value; $_ROSARIO['SearchTerms'] .= '
'; } return ' AND ' . $sql_col . " " . $part['operator'] . " '" . $value . "' "; break; // Export Pull-Down. case 'exports': // No Value. if ( $value === '!' ) { if ( ! $no_search_terms ) { $_ROSARIO['SearchTerms'] .= _( 'No Value' ) . '
'; } return ' AND (' . $sql_col . "='' OR " . $sql_col . " IS NULL) "; } if ( ! $no_search_terms ) { $select_options = explode( "\r", str_replace( array( "\r\n", "\n" ), "\r", $field['SELECT_OPTIONS'] ) ); foreach ( (array) $select_options as $option ) { $option = explode( '|', $option ); if ( $field['TYPE'] == 'exports' && $option[0] !== '' && $value == $option[0] ) { $value = $option[0]; break; } } $_ROSARIO['SearchTerms'] .= $value; } return ' AND ' . $sql_col . "='" . $value . "' "; break; // Pull-Down. case 'select': // Auto Pull-Down. case 'autos': // No Value. if ( $value === '!' ) { if ( ! $no_search_terms ) { $_ROSARIO['SearchTerms'] .= _( 'No Value' ) . '
'; } return ' AND (' . $sql_col . "='' OR " . $sql_col . " IS NULL) "; } // Other Value. if ( $field['TYPE'] == 'autos' && $value === '~' ) { if ( ! $no_search_terms ) { $_ROSARIO['SearchTerms'] .= _( 'Other Value' ) . '
'; } $select_options = explode( "\r", str_replace( array( "\r\n", "\n" ), "\r", $field['SELECT_OPTIONS'] ) ); $select_options_list = "'" . implode( "','", $select_options ) . "'"; // Other value = not null && value <> select options. return " AND " . $sql_col . " IS NOT NULL AND " . $sql_col . " NOT IN (" . $select_options_list . ") "; } if ( ! $no_search_terms ) { $_ROSARIO['SearchTerms'] .= $value . '
'; } return ' AND ' . $sql_col . "='" . $value . "' "; break; } return ''; }