Listing successfully deleted.
"); } else { print("Deletion was not successful: delete from UIUCPsychSubjects where id=$delId
"); } } } else if (array_key_exists("longdesc", $_POST) && HasPriviledges("basic")) { # Check form validity if (strlen($_POST["longdesc"]) == 0) { # One of the fields is invalid print "Sorry, your description is blank. Please correct this and re-submit your request.
"; $postError = 1; } else if (strlen($_POST["longdesc"]) > 500) { # One of the fields is invalid print "Sorry, your description is too long (maximum of 500 chars.) Please correct this and re-submit your request.
"; $postError = 1; } else if (strlen($_POST["contactname"]) == 0) { # One of the fields is invalid print "Sorry, your contact name is blank. Please correct this and re-submit your request.
"; $postError = 1; } else if (strlen($_POST["contactemail"]) == 0 && strlen($_POST["contactphone"]) == 0) { # One of the fields is invalid print "Sorry, you must give an email address or a phone number. Please correct this and re-submit your request.
"; $postError = 1; } else if (strlen($_POST["irb_protocol_number"]) == 0 || strlen($_POST["irb_expiration_date"]) == 0 || strlen($_POST["faculty_sponsor"]) == 0) { # One of the fields is invalid print "Sorry, you must provide the IRB Protocol Number, IRB Expiration Date, and faculty sponsor. Please correct this and re-submit your request.
"; $postError = 1; } else if (mysqli_num_rows(mysqli_query($db,"SELECT * FROM UIUCPsychSubjects WHERE longdesc = '".AlterSQLText($_POST["longdesc"])."'")) > 0) { print "That subject request already exists!
"; $postError = 1; } else { # If valid, submit proposed subject announcement with flag set # so it doesn't show up until approved # Strip "http://" from link if there $_POST["link"] = FixLink($_POST["link"]); mysql_query("INSERT INTO UIUCPsychSubjects (submitted, username, longdesc, contactname, contactphone, contactemail, weblink, weblinkdesc, irb_protocol_number, irb_expiration_date, faculty_sponsor) VALUES ('".date("YmdHis")."', '".Username()."', '".AlterSQLText($_POST["longdesc"])."', '".AlterSQLText($_POST["contactname"])."', '".$_POST["contactphone"]."', '".$_POST["contactemail"]."', '".AlterSQLText($_POST["link"])."', '".AlterSQLText($_POST["linkdesc"])."', '".AlterSQLText($_POST["irb_protocol_number"])."', '".AlterSQLText(FixDate($_POST["irb_expiration_date"]))."', '".AlterSQLText($_POST["faculty_sponsor"])."')"); # Email administrators to say that a new announcement is pending $emailSubject = "Website subject listing submission"; $emailUsername = Username(); $emailLongDesc = $_POST["longdesc"]; $emailContactname = $_POST["contactname"]; $emailContactphone = $_POST["contactphone"]; $emailContactemail = $_POST["contactemail"]; $emailLink = $_POST["link"]; $emailLinkDesc = $_POST["linkdesc"]; $emailIRBInfo = $_POST["irb_protocol_number"] . " / " . FixDate($_POST["irb_expiration_date"]) . " / " . $_POST["faculty_sponsor"]; $emailLinkDesc = $_POST["linkdesc"]; $emailLinkDesc = $_POST["linkdesc"]; $emailBody = <<$emailLinkDesc IRB protocol number / expiration date / faculty sponsor: $emailIRBInfo This submission must be approved before it is displayed on the website. http://internal.psychology.illinois.edu/events/editsubjects.php EOF; AlertAdministrators("subjects", $emailSubject, $emailBody); # Print a message noting that the announcement was submitted print "Your subject request has been successfully submitted. Your submission will be reviewed by an administrator shortly.
"; } } if (array_key_exists("MassApprove", $_POST) && HasPriviledges("subjects")) { #change all approvals $query = mysqli_query($db,"SELECT * FROM UIUCPsychSubjects"); while ($row = @mysqli_fetch_array($query)) { $newapp = 0; if (array_key_exists("app_".$row["id"], $_POST)) $newapp = 1; mysqli_query($db,sprintf("UPDATE UIUCPsychSubjects SET approved = %d WHERE id = %d", $newapp, $row['id'])); } } ?>