<!-- Copyright (C) 2009 DNA Bank Network
http://www.dnabank-network.org
The contents of this file are subject to the Mozilla Public License Version 1.1
See LICENSE.TXT at the top of this package for the full license terms. -->
<?php
include ("head.php");
include ("auth.php");
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>DNA Bank Network - Staff Administration</title>
<link rel="stylesheet" type="text/css" href="format.css">
<SCRIPT LANGUAGE="JavaScript1.1" src="Functions.js"></SCRIPT>
<NOSCRIPT>Bitte aktivieren Sie Javascript!</NOSCRIPT>
</head>
<body>
<form name="formular" method="POST" action="new_People.php">
<table id="tablemain" border="0">
<tr>
<td id="tdLogo"><img border="0" src="images/Logo-DNA-Bank-Network-ocker.jpg" width="123" height="78"></td>
<td>
<h1>DNA Bank Network - Staff Administration</h1></td>
<td id="tdLogo"><img border="0" src="images/Logo.jpg"></td>
</tr>
<tr>
<td><?php
echo "Logged in as: ";
$log = $_SESSION["log"];
echo $log;
?></td><td colspan="2"><a href="logout.php">Logout</a>.</td>
</tr>
<tr>
<td valign="top" align="center" valign="middle" colspan="3">
<table id="table" width="100%" border="0" style="margin:30 0 0 0">
<tr><td align="center" colspan="2"><a class="black" href="Help-People.php" target="_blank">>>> Help <<<</a><br><br></td></tr>
<tr><td>
<?php
if ($formSubmitSave)
{
$Name_All = $formSurname.", ".$formForename;
$result10 = "INSERT INTO tablepeople (Title, Forename, Surname, Phone, Email, ID_Institut, Name_All, Created_Who) VALUES " .
"('$formTitle','$formForename','$formSurname','$formPhone','$formEmail','$formUniversity','$Name_All','$log')";
$sql10 = mysql_query($result10);
$ID=mysql_insert_id();
if($formIntern == 'intern')
{ $result11 = "INSERT INTO tablepeople_rank (ID_Rank, ID_People, Created_Who) VALUES (1,'$ID','$log')";
$sql11 = mysql_query($result11);
#######################################Error 1###############################################################
if(!$sql11)
{ $msg = $result11."\n";
$msg .= "####Error 1####";
trigger_error($msg, E_USER_ERROR); }
#############################################################################################################
}
if($formProvider == 'provider')
{
$result12 = "INSERT INTO tablepeople_rank (ID_Rank, ID_People, Created_Who) VALUES (2,'$ID','$log')";
$sql12 = mysql_query($result12);
#######################################Error 2###############################################################
if(!$sql12)
{ $msg = $result12."\n";
$msg .= "####Error 2####";
trigger_error($msg, E_USER_ERROR); }
#############################################################################################################
}
if($formCustomer == 'customer')
{
$result13 = "INSERT INTO tablepeople_rank (ID_Rank, ID_People, Created_Who) VALUES (3,'$ID','$log')";
$sql13 = mysql_query($result13);
#######################################Error 3###############################################################
if(!$sql13)
{ $msg = $result13."\n";
$msg .= "####Error 3####";
trigger_error($msg, E_USER_ERROR); }
#############################################################################################################
}
#######################################Error 4###############################################################
if(!$sql10)
{ $msg = $result10."\n";
$msg .= "####Error 4####";
trigger_error($msg, E_USER_ERROR);
include ("Errorreport.php"); }
#############################################################################################################
else {
echo "<span class='fine'>Changes accepted!</span>"; }
}
if ($formSubmitSaveInstitut)
{
$result14 = "INSERT INTO tableinstitut (University, Division, Address, Postal_Code, City, Country, Homepage, Created_Who) VALUES " .
"('$formInstitut','$formDivision','$formAddress','$formPostal_Code','$formCity','$formCountry','$formHomepage','$log')";
$sql14 = mysql_query($result14);
#######################################Error 14###############################################################
if(!$sql14)
{ $msg = $result14."\n";
$msg .= "####Error 14####";
trigger_error($msg, E_USER_ERROR);
include ("Errorreport.php"); }
#############################################################################################################
else {
echo "<span class='fine'>Changes accepted!</span>"; }
}
if($formEditPersons)
{
if($_POST['x']=="")
{ unset($x); }
else
{
echo "<a class='red' href='javascript:history.go(-1)'>Back to overview.</a></td></tr><tr><td><hr /></td></tr><tr><td>";
echo "<table width='100%'><th>Title</th><th>Forname</th><th>Surname</th><th>Phone</th><th>Email</th><th>Institut</th>";
foreach ($_POST['x'] as $index)
{
$View = $_POST['formPeople'][$index];
$result1= mysql_query ("SELECT tablepeople.Title, " .
" tablepeople.ID_People, ".
" tablepeople.Forename, " .
" tablepeople.Surname, " .
" tablepeople.Phone, " .
" tablepeople.Email, " .
" tablepeople.ID_Institut, " .
" tableinstitut.University, " .
" tableinstitut.Division, " .
" tableinstitut.Address, " .
" tableinstitut.Postal_Code, " .
" tableinstitut.City, " .
" tableinstitut.Country, " .
" tableinstitut.Homepage " .
"FROM tablepeople " .
"LEFT JOIN tableinstitut ON tablepeople.ID_Institut = tableinstitut.ID_Institut " .
"WHERE tablepeople.ID_People = '$View'");
$resultUniversity = mysql_query("SELECT ID_Institut, University FROM tableinstitut " .
"ORDER BY University");
$result2 = mysql_query("SELECT tablepeople_rank.ID_People, " .
"tablerank.Rank AS Rank " .
"FROM tablepeople_rank, tablerank " .
"WHERE tablerank.ID_Rank = tablepeople_rank.ID_Rank " .
" AND tablepeople_rank.ID_People = '$View'");
while($row = mysql_fetch_object($result1))
{
echo "<tr><td><input type='text' name='formTitle[".$index."]' value='".$row->Title."' id='InputShort'><input type='hidden' name='formPeoplehidden[".$index."]' value='".$View."'>"."</td>";
echo "<td><input id='InputLong2' name='formForename[".$index."]' value='".$row->Forename."'></td>";
echo "<td><input id='InputLong2' name='formSurname[".$index."]' value='".$row->Surname."'></td>";
echo "<td><input id='InputLong2' name='formPhone[".$index."]' value='".$row->Phone."'></td>";
echo "<td><input id='InputLong2' name='formEmail[".$index."]' value='".$row->Email."'></td>";
echo "<td><select name='formUniversity[".$index."]' id='InputLong2'><option value=''>--------";
while($roww=mysql_fetch_row($resultUniversity))
{
$Institut_ID_Institut = $roww[0];
$Institut_Institut = $roww[1];
echo "<option value=\"$Institut_ID_Institut\"";
if($row->University == $Institut_Institut) { echo "selected "; }
echo "> $Institut_Institut <br>\n";
}
echo "</select>\n";
mysql_free_result($resultUniversity);
while ($row2 = mysql_fetch_object($result2))
{
if(isset($Rank[$row2->ID_People]))
{$Rank[$row2->ID_People] .= ",";
//$Test123 .= $roww->Rank.$roww->ID_People . ", ";
}
else
{$Rank[$row2->ID_People] = ""; }
$tmp = $row2->Rank;
$Rank[$row2->ID_People] .= $tmp;
$View1 = $Rank[$row2->ID_People];
$array = explode(",", $View1);
$Part1 = $array[0];
$Part2 = $array[1];
$Part3 = $array[2]; }
echo "</td></tr>";
echo "<tr><td colspan='6'>";
echo "<b>Internal Staff: <input type='checkbox' name='formIntern[".$index."]' value='intern' ";
if ($Part1 == 'Internal Staff' or $Part2 == 'Internal Staff' or $Part3 == 'Internal Staff') { echo "checked";}
echo "> Provider: <input type='checkbox' name='formProvider[".$index."]' value='provider' ";
if ($Part1 == 'Provider' or $Part2 == 'Provider' or $Part3 == 'Provider') { echo "checked";}
echo "> Customer: <input type='checkbox' name='formCustomer[".$index."]' value='customer' ";
if ($Part1 == 'Customer' or $Part2 == 'Customer' or $Part3 == 'Customer') { echo "checked";}
echo "></b></td></tr>";
echo "<tr><td colspan='4'>Details for ".$row->University.":</td><td colspan='2'>";
if ($row->ID_Institut != 0) { echo "<a href='Update_Institut.php?Institut=".$row->ID_Institut."' target='_blank'>Edit Institut/University details</a> (öffnet in neuem Fenster)"; } else {}
echo "</td></tr>";
echo "<td colspan='6'><b>Division: </b>",
$row->Division ? $row->Division."" : "?";
echo "<b> Address: </b>",
$row->Address ? $row->Address."" : "?";
echo "<b> Postal Code: </b>",
$row->Postal_Code ? $row->Postal_Code."" : "?";
echo "<b> City: </b>",
$row->City ? $row->City."" : "?";
echo "<b> Country: </b>",
$row->Country ? $row->Country."" : "?";
echo "<b> Homepage: </b>",
$row->Homepage ? $row->Homepage."" : "?";
echo "</td></tr>";
echo "<tr><td colspan='6'><hr /></td></tr>";
} // while
} //foreach ['x']
echo "<tr><td colspan='6'><input type='submit' name ='formSubmitEditDataset' value='Save Edits' id='button'></td></tr></table>";
echo "<table width='100%'><tr><td colspan='2'><hr /></td></tr><tr><td colspan='2'><a class='red'>Add new Institut, wenn nicht in Liste:</a></td></tr>";
echo "<tr><td width='20%'><b>Institut/University</b></td><td><b>Division</b></td></tr>";
echo "<tr><td><input type='text' name='formInstitut' id='InputLong2'></td>";
echo "<td><input id='InputLong2' name='formDivision'></td></tr>";
echo "<tr><td colspan='2'><b>Adress</b></td></tr>";
echo "<tr><td colspan='2'><input id='InputLong2' name='formAddress'></td></tr>";
echo "<tr><td<b>Postal Code</b></td><td><b>City</b></td></tr>";
echo "<tr><td><input id='InputLong2' name='formPostal_Code'></td>";
echo "<td><input id='InputLong2' name='formCity'></td></tr>";
echo "<tr><td<b>Country</b></td><td><b>Homepage</b></td></tr>";
echo "<td><select name='formCountry' id='InputLong2'><option value=''>--------";
$resultCountry = mysql_query("SELECT Country, Country FROM tablecountryisocode " .
"ORDER BY Country");
while($roww=mysql_fetch_row($resultCountry))
{
$Institut_ID_Institut = $roww[0];
$Institut_Institut = $roww[1];
echo "<option value=\"$Institut_ID_Institut\"";
echo "> $Institut_Institut <br>\n";
}
echo "</select>\n";
mysql_free_result($resultCountry);
echo "</td>";
echo "<td><input id='InputLong2' name='formHomepage'></td></tr>";
echo "<tr><td colspan='2'><input type='submit' name='formSubmitSaveInstitut' id='button' value='Save new Institut' onclick='return CheckInstitut();'></td></tr></table>";
} //else
} //if ($formEditPersons)
if (!$formEditPersons)
{
if ($formSubmitEditDataset)
{
$Current_Date = date('Y-m-d H:i:s');
foreach ($_POST['formPeoplehidden'] as $index => $value)
{
// $UpdateID_People = $formPeoplehidden[$index];
$UpdateTitle = $formTitle[$index];
$UpdateForename = $formForename[$index];
$UpdateSurname = $formSurname[$index];
$UpdatePhone = $formPhone[$index];
$UpdateEmail = $formEmail[$index];
$UpdateUniversity = $formUniversity[$index];
$UpdateIntern = $formIntern[$index];
$UpdateProvider = $formProvider[$index];
$UpdateCustomer = $formCustomer[$index];
$result = "UPDATE tablepeople SET Title = '$UpdateTitle', " .
"Forename = '$UpdateForename', " .
"Surname = '$UpdateSurname', " .
"Phone = '$UpdatePhone', " .
"Email = '$UpdateEmail', " .
"ID_Institut = '$UpdateUniversity', " .
"Updated_Who = '$log', " .
"Updated_When = '$Current_Date' " .
"WHERE ID_People = '$value'";
$sql = mysql_query($result);
$result2 = "DELETE FROM tablepeople_rank WHERE ID_People = '$value'";
$sql2 = mysql_query($result2);
#######################################Error 7###############################################################
if(!$sql2)
{ $msg = $result2."\n";
$msg .= "####Error 7####";
trigger_error($msg, E_USER_ERROR);
include ("Errorreport.php"); }
#############################################################################################################
if($UpdateIntern == 'intern')
{
$result3 = "INSERT INTO tablepeople_rank (ID_Rank, ID_People, Created_Who) VALUES (1,'$value','$log')";
$sql3 = mysql_query($result3);
#######################################Error 8###############################################################
if(!$sql3)
{ $msg = $result3."\n";
$msg .= "####Error 8####";
trigger_error($msg, E_USER_ERROR);
include ("Errorreport.php"); }
#############################################################################################################
}
if($UpdateProvider == 'provider')
{
$result4 = "INSERT INTO tablepeople_rank (ID_Rank, ID_People, Created_Who) VALUES (2,'$value','$log')";
$sql4 = mysql_query($result4);
#######################################Error 9###############################################################
if(!$sql4)
{ $msg = $result4."\n";
$msg .= "####Error 9####";
trigger_error($msg, E_USER_ERROR);
include ("Errorreport.php"); }
#############################################################################################################
}
if($UpdateCustomer == 'customer')
{
$result5 = "INSERT INTO tablepeople_rank (ID_Rank, ID_People, Created_Who) VALUES (3,'$value','$log')";
$sql5 = mysql_query($result5);
#######################################Error 10###############################################################
if(!$sql5)
{ $msg = $result5."\n";
$msg .= "####Error 10####";
trigger_error($msg, E_USER_ERROR);
include ("Errorreport.php"); }
#############################################################################################################
}
}
#######################################Error 6###############################################################
if(!$sql)
{ $msg = $result."\n";
$msg .= "####Error 6####";
trigger_error($msg, E_USER_ERROR);
include ("Errorreport.php"); }
#############################################################################################################
else {
echo "<span class='fine'>Changes accepted!</span>"; }
}
?>
<tr><td colspan="2"><a class="red">In der Tabelle sind alle gefundenen Personen mit ihren Rängen nach "Nachname" sortiert aufgelistet. Bitte prüfen Sie zuerst, ob die gesuchte Person schon in der Liste steht und nur der Rang geändert werden muss oder ob Sie sie neu hinzufügen müssen. Sie können auch die sonstigen Angaben zu den Personen editieren. Bitte markieren Sie alle zu ändernden Personen und klicken auf "Edit Persons".</a></td></tr>
<tr><td valign="top">Erläuterungen:</td><td>"Internal Staff" - erscheint in "Extraction Staff" und "Amplification Staff"<br>
"Provider" - erscheint in "DNA sample provided by"<br>
"Customer" - erscheint in "Requests" (nur in Suchmaske und Suchausgabe sichtbar, nicht in der Eingabemaske)</td></tr>
<tr>
<td align="center" colspan="2">
<?php
$result1= mysql_query ("SELECT tablepeople.Title, " .
" tablepeople.ID_People, ".
" tablepeople.Forename, " .
" tablepeople.Surname, " .
" tablepeople.Phone, " .
" tablepeople.Email, " .
" tableinstitut.University, " .
" tableinstitut.City " .
"FROM tablepeople " .
"LEFT JOIN tableinstitut ON tablepeople.ID_Institut = tableinstitut.ID_Institut " .
"ORDER BY tablepeople.Surname");
echo "<table border='1' width='100%'><th>Edit</th><th>Title</th><th>Forename</th><th>Surname</th><th>Phone</th><th>Email</th><th>Institut</th><th>Rank</th>";
$gesamt = mysql_num_rows($result1);
for ($i=1; $i<=$gesamt; $i++) {
$row=mysql_fetch_array($result1);
$people[] = $row['ID_People'];
foreach ($people as $Test)
{
$result2 = mysql_query("SELECT tablepeople.ID_People, " .
"tablerank.Rank AS Rank " .
"FROM tablepeople_rank, tablepeople, tablerank " .
"WHERE tablerank.ID_Rank = tablepeople_rank.ID_Rank " .
" AND tablepeople_rank.ID_People = tablepeople.ID_People " .
" AND tablepeople.ID_People = '$Test' " .
"ORDER BY tablepeople.Surname");
while ($roww = mysql_fetch_object($result2))
{
if(isset($Rank[$roww->ID_People]))
{$Rank[$roww->ID_People] .= ", ";
//$Test123 .= $roww->Rank.$roww->ID_People . ", ";
}
else
{$Rank[$roww->ID_People] .= ""; }
$tmp = $roww->Rank;
$Rank[$roww->ID_People] .= $tmp;
$View = $Rank[$roww->ID_People]; }}
echo "<tr><td><input type='checkbox' name='x[".$i."]' value='".$i."'><input type='hidden' name='formPeople[".$i."]' value='".$row['ID_People']."'></td><td align='right'>".$row['Title']."</td><td>".$row['Forename']."</td><td>".$row['Surname']."</td><td>".$row['Phone']."</td><td>".$row['Email']."</td><td>".$row['University']."</td><td>".$View."</td></tr>";
}
echo "</table>";
?>
</td>
</tr>
<tr><td colspan="2"><input type="submit" id="Button" name="formEditPersons" value="Edit Persons"></td></tr>
<tr><td colspan="2"><hr /></td></tr>
<tr><td colspan="2"><a class="red">Add new Person:</a></td></tr>
<tr><td colspan="2">
<?php
echo "<table><tr><th>Title</th><th>Forename</th><th>Surname</th><th>Phone</th><th>Email</th><th>Institut</th>";
echo "<tr><td><input type='text' name='formTitle' id='InputShort'></td>";
echo "<td><input id='InputLong2' name='formForename'></td>";
echo "<td><input id='InputLong2' name='formSurname'></td>";
echo "<td><input id='InputLong2' name='formPhone'></td>";
echo "<td><input id='InputLong2' name='formEmail'></td>";
echo "<td><select name='formUniversity' id='InputLong2'><option value=''>--------";
$resultUniversity = mysql_query("SELECT ID_Institut, University FROM tableinstitut " .
"ORDER BY University");
while($roww=mysql_fetch_row($resultUniversity))
{
$Institut_ID_Institut = $roww[0];
$Institut_Institut = $roww[1];
echo "<option value=\"$Institut_ID_Institut\"";
echo "> $Institut_Institut <br>\n";
}
echo "</select>\n";
mysql_free_result($resultUniversity);
echo "</td></tr>";
echo "<tr><td colspan='6'><b>Internal Staff: <input type='checkbox' name='formIntern' value='intern'> Provider: <input type='checkbox' name='formProvider' value='provider'> Customer: <input type='checkbox' name='formCustomer' value='customer'></b></td></tr>";
echo "<tr><td colspan='6'><input type='submit' name='formSubmitSave' id='button' value='Save new Person' onclick='return CheckPerson();'></td></tr></table>";
echo "<tr><td colspan='2'><hr /></td></tr>";
echo "<tr><td colspan='2'><a class='red'>Add new Institut, wenn nicht in Liste:</a></td></tr>";
echo "<tr><td colspan='2'>";
echo "<table><tr><td><b>Institut/University</b></td><td><b>Division</b></td></tr>";
echo "<tr><td><input type='text' name='formInstitut' id='InputLong2'></td>";
echo "<td><input id='InputLong2' name='formDivision'></td></tr>";
echo "<tr><td colspan='2'><b>Adress</b></td></tr>";
echo "<tr><td colspan='2'><input id='InputLong2' name='formAddress'></td></tr>";
echo "<tr><td<b>Postal Code</b></td><td><b>City</b></td></tr>";
echo "<tr><td><input id='InputLong2' name='formPostal_Code'></td>";
echo "<td><input id='InputLong2' name='formCity'></td></tr>";
echo "<tr><td<b>Country</b></td><td><b>Homepage</b></td></tr>";
echo "<td><select name='formCountry' id='InputLong2'><option value=''>--------";
$resultCountry = mysql_query("SELECT Country, Country FROM tablecountryisocode " .
"ORDER BY Country");
while($roww=mysql_fetch_row($resultCountry))
{
$Institut_ID_Institut = $roww[0];
$Institut_Institut = $roww[1];
echo "<option value=\"$Institut_ID_Institut\"";
echo "> $Institut_Institut <br>\n";
}
echo "</select>\n";
mysql_free_result($resultCountry);
echo "</td>";
echo "<td><input id='InputLong2' name='formHomepage'></td></tr>";
echo "<tr><td colspan='2'><input type='submit' name='formSubmitSaveInstitut' id='button' value='Save new Institut' onclick='return CheckInstitut();'></td></tr></table>";
echo "</td></tr>";
} ?>
<tr>
<td colspan="2"><input type="submit" id="button" name="formSubmitClose" value="Close Form" style="float:right" onclick="window.close();"></td>
</tr>
<tr><td colspan="2">Nach Schließen des Formulares müssen Sie gegebenenfalls die Input- bzw. Suchmaske neu laden, damit die Änderungen aktiv werden.</td></tr>
</table>
</td>
</tr>
</table>
</form>
</body>
</html>