if (! empty($_GET['displayID'])) {
$opID = $_GET['displayID'];
$title = "Undergraduate Research Opportunity";
}else
{
$title = "Undergraduate Research Opportunities";
$opID = 0;
}
include("../common/init.php");
include("../common/top.php");
if (preg_match("/beta/", $_SERVER['REQUEST_URI']))
{
$rsslink = "http://internal.psychology.illinois.edu/beta/undergrad/rsrch_ops_rss.php";
}
else
{
$rsslink = "http://internal.psychology.illinois.edu/undergrad/rsrch_ops_rss.php";
}
?>
include("../common/dbfunctions.php");
include("../events/eventfunctions.php");
// Deal with a submitted request (see form below)
// Only someone with at least basic priviledges (meaning that they've logged in)
// can post something.
$postError = 0;
// Delete a listing
// XXX KLUDGE
if (isset($_POST['DeleteListing']) && ($_POST['DeleteListing'] != -1) && HasPriviledges("basic")) {
$delId = (int)$_POST['DeleteListing'];
if (HasPriviledges("research"))
$query = sprintf("DELETE FROM UIUCPsychResearchOps WHERE id = %d", $delId);
else
$query = sprintf("DELETE FROM UIUCPsychResearchOps WHERE id = %d AND username = '%s'", $delId, Username());
$result = mysqli_query($db,$query);
if (!$result || mysqli_affected_rows($db) == 0)
print("Deletion was not successful: delete from UIUCPsychResearchOps where id=$delId
");
else
print("Listing successfully deleted.");
} else if (array_key_exists("longdesc", $_POST) && HasPriviledges("basic")) {
// Check form validity
if (strlen($_POST["longdesc"]) == 0)
{
// One of the fields is invalid
print "Sorry, your description is blank. Please correct this and re-submit your request.";
$postError = 1;
}
else if (strlen($_POST["longdesc"]) > 500)
{
// One of the fields is invalid
print "Sorry, your description is too long (maximum of 500 chars.) Please correct this and re-submit your request.";
$postError = 1;
}
else if (strlen($_POST["contactname"]) == 0)
{
// One of the fields is invalid
print "Sorry, your contact name is blank. Please correct this and re-submit your request.";
$postError = 1;
}
else if (strlen($_POST["contactemail"]) == 0 && strlen($_POST["contactphone"]) == 0)
{
// One of the fields is invalid
print "Sorry, you must give an email address or a phone number. Please correct this and re-submit your request.";
$postError = 1;
}
else if (mysqli_num_rows(mysqli_query($db,"SELECT * FROM UIUCPsychResearchOps WHERE longdesc = '".AlterSQLText($_POST["longdesc"])."'")) > 0)
{
print "That listing already exists!";
$postError = 1;
}
else
{
// If valid, submit proposed research opportunity listing with flag set
// so it doesn't show up until approved
// Strip "http://" from link if there
$_POST["link"] = FixLink($_POST["link"]);
$query = sprintf(
"INSERT INTO UIUCPsychResearchOps (submitted, username, longdesc, ".
" contactname, contactphone, contactemail, weblink, weblinkdesc, faculty_sponsor)".
"VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
date("YmdHis"), Username(), AlterSQLText($_POST['longdesc']),
AlterSQLText($_POST['contactname']), AlterSQLText($_POST['contactphone']),
AlterSQLText($_POST['contactemail']), AlterSQLText($_POST['link']),
AlterSQLText($_POST['linkdesc']), AlterSQLText($_POST['faculty_sponsor'])
);
mysqli_query($db,$query);
// Email administrators to say that a new announcement is pending
$emailSubject = "Website research opportunity listing submission";
$emailUsername = Username();
$emailLongDesc = $_POST["longdesc"];
$emailContactname = $_POST["contactname"];
$emailContactphone = $_POST["contactphone"];
$emailContactemail = $_POST["contactemail"];
$emailLink = $_POST["link"];
$emailLinkDesc = $_POST["linkdesc"];
$emailFacSponsor = $_POST["faculty_sponsor"];
$emailBody = <<$emailLinkDesc
Faculty sponsor (if given): $emailFacSponsor
This submission must be approved before it is displayed on the website.
http://internal.psychology.illinois.edu/undergrad/editresearchopportunities.php
EOF;
AlertAdministrators("researchopportunities", $emailSubject, $emailBody);
// Print a message noting that the announcement was submitted
print "Your request has been successfully submitted. Your submission will be reviewed by an administrator shortly.";
}
}
if (array_key_exists("MassApprove", $_POST) && HasPriviledges("research"))
{
//change all approvals
$query = mysqli_query($db,"SELECT * FROM UIUCPsychResearchOps");
while ($row = @mysqli_fetch_array($query))
{
$newapp = 0;
if (array_key_exists("app_".$row["id"], $_POST))
$newapp = 1;
mysqli_query($db,
sprintf(
"UPDATE UIUCPsychResearchOps SET approved = %d WHERE id = %d",
$newapp, $row["id"]
)
);
}
}
/*
* XXX In order to edit the static content (description of 494s, etc.),
* you should edit research-static.php. This content was put into a separate
* file so that the developers don't overwrite it when changing database code.
*/
if (! $opID)
{
require("research-static.php");
}
if ($opID) {
$query = mysqli_query($db,"SELECT * FROM UIUCPsychResearchOps where approved=1 AND id=$opID");
}else
{
$query = mysqli_query($db,"SELECT * FROM UIUCPsychResearchOps where approved=1 ORDER BY submitted DESC");
}
if (mysqli_num_rows($query) == 0) {
print "No research opportunities are currently posted.";
} else {
if (! $opID) {
print " Current Research Opportunity Listings:
";
// If the listing was submitted by the current user, or the user has su or research priviledges,
// write a link to delete the entry
if ($row["username"] == Username() || HasPriviledges("research")) {
print("[Delete]");
}
print "
";
}
}
if (! $opID) {
print "";
}else{
$all_link = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['SCRIPT_NAME'];
print "Show all listings\n";
}
}
?>
// Allow any logged-in user to submit a new request
if (HasPriviledges("basic")) {
// $u = Username();
// Extract any posted info (e.g. from a failed attempt) and
// fill in the form with it
if ($postError) {
extract($_POST, EXTR_PREFIX_ALL, "f");
$divStyle = "block";
} else {
$divStyle = "none";
}
echo '';
echo 'Submit a new research opportunity listing';
echo '
';
echo '';
echo '
*You must enter a phone number, email address, or both.
';
}
// Allow users with su or research priviledges to edit the requests
if (HasPriviledges("research")) {
print <<Manage Research Opportunity Listings
EOF;
}
?>
include("../common/bottom.php");
?>