First, click on the name to review the activity. If you wish to go ahead and approve it, close the window it popped up in and
come back to this page to click approve. Or you can write your comments and click "Send for Review". This will send an email to
the person who posted the activity asking them to make the necessary changes. Once they have done this and resubmitted it, you will recieve an
email so that you can go back and review the activity again. The activity will not show up until you click the approve button on this page.
When you Approve an activity, an email will be sent to the person who posted it to let them know that their activity has been approved.
Same with Decline, only the user will get a declination notice and their activity will be removed from the database.
If you click Remove, the activity will be removed from the database, but, no email will be sent.
EOD;
$sql = "SELECT id,name,posted_by,DATE_FORMAT(post_date,'%M %d, %Y') AS posted FROM activities WHERE accepted='N'";
$result = db_connect($sql);
if ( mysql_num_rows($result) > 0 )
{
$content .= "Unapproved Activities:
\n";
}
$content .= "\n \n";
}
else
{
$content .= "There are currently no approved activities at this time.\n";
}
}
else
{
$content = "This is a restricted area, only administrators are allowed.\n";
}
return $content;
}
function display_activity_form()
{
$content =<<Suggest a new Activity
EOD;
return $content;
}
function enter_activity($name,$content_area,$pass_skills,$purpose,$game_desc,$procedure,$assessment,$user,$pass)
{
global $site_url,$administrator;
# Admin users
if ( validate($user,$pass) == 2 )
{
$content = "Thank you for the submission.
";
$sql = "INSERT INTO activities (name,content_area,pass_skills,purpose,game_desc,`procedure`,assessment,posted_by,post_date,accepted) VALUES('" . $name . "','" . $content_area . "','" . $pass_skills . "','" . $purpose . "','" . $game_desc . "','" . $procedure . "','" . $assessment . "','" . $user . "',NOW(),'Y')";
$content .= "Your activity has been submitted. You may return to the Main activities page, by clicking the link in the lower right hand corner. ";
db_connect($sql);
}
# Normal (non-admin) users
elseif ( validate($user,$pass) == 1 )
{
$content = "Thank you for the submission.
";
$sql = "INSERT INTO activities (name,content_area,pass_skills,purpose,game_desc,`procedure`,assessment,posted_by,post_date,accepted) VALUES('" . $name . "','" . $content_area . "','" . $pass_skills . "','" . $purpose . "','" . $game_desc . "','" . $procedure . "','" . $assessment . "','" . $user . "',NOW(),'N')";
$content .= "Thank you for your submission, once it has been approved you will be notified by email and it will appear on the Main activities page.";
db_connect($sql);
$sql = "SELECT id FROM activities WHERE ((name='" . $name . "') AND (posted_by='" . $user . "'))";
$result = db_connect($sql);
if (mysql_num_rows($result) > 0)
{
$row = mysql_fetch_assoc($result);
$emailBody =<<here to register. If you have already registered, it is possible that you may not have been approved yet, once approved you will recieve an email noting so, you may then return to this site to post your activity.";
return $content;
}
return $content;
}
function remove_activity($aid,$user,$pass)
{
if ( validate($user,$pass) == 2 )
{
$sql = "DELETE FROM activities WHERE id=" . $aid;
db_connect($sql);
$content = "Activity successfully removed.\n";
}
else
{
$content = "Only administrators are allowed to remove activities.\n";
}
return $content;
}
function approve_activity($aid,$user,$pass)
{
global $administrator;
if ( validate($user,$pass) == 2 )
{
$sql = "SELECT posted_by FROM activities WHERE id=".$aid;
$result = db_connect($sql);
if (mysql_num_rows($result) > 0)
{
$row = mysql_fetch_assoc($result);
$posted_by = $row['posted_by'];
free_result($result);
$sql = "UPDATE activities SET accepted='Y' WHERE id=" . $aid;
db_connect($sql);
$content = "Activity successfully approved.\n";
$emailBody =<< 0)
{
$row = mysql_fetch_assoc($result);
$posted_by = $row['posted_by'];
free_result($result);
$sql = "DELETE FROM activities WHERE id=" . $aid;
db_connect($sql);
$content = "Activity has been declined and an email has been sent to notify the poster.\n";
$emailBody =<< 0 )
{
$content .= "
";
}
else
{
$content .= "There are no activities currently listed. Please come by and check later.\n";
}
return $content;
}
function view_activity($id)
{
$sql = "SELECT id,activities.name,content_area,pass_skills,purpose,game_desc,`procedure`,assessment,posted_by,DATE_FORMAT(post_date,'%M %d, %Y') AS posted,accepted,comments, users.name AS full_name FROM activities, users WHERE ((users.username=activities.posted_by) AND (id=" . $id ."))";
$result = db_connect($sql);
if ( mysql_num_rows($result) > 0 )
{
$row = mysql_fetch_assoc($result);
$comm = stripslashes($row['comments']);
$content .=<<Viewing Activity : $row[name]
Content Area:
$row[content_area]
Pass Skills:
$row[pass_skills]
Purpose:
$row[purpose]
Description:
$row[game_desc]
Procedure:
$row[procedure]
Assessment:
$row[assessment]
Information:
Posted By: $row[full_name] ($row[posted_by])
Post Date: $row[posted]
EOD;
if ($row['accepted'] == 'N')
{
$content .=<<
Comments:
Email:
Password:
EOD;
}
}
else
$content = "Sorry, there is no article with the ID:" . $id;
return $content;
}
function send_for_review($aid,$comments,$user,$pass)
{
global $site_url,$administrator;
if (validate($user,$pass) == 2)
{
$sql = "UPDATE activities SET comments='" . addslashes($comments) . "' WHERE id=" . $aid;
db_connect($sql);
$sql = "SELECT id,activities.name,posted_by FROM activities WHERE id=" . $aid;
$result = db_connect($sql);
$row = mysql_fetch_assoc($result);
$link = $site_url . "/activities.php?action=edit&id=" . $aid;
$comm = stripslashes($comments);
$emailBody =<<Make Changes to Your Activity
EOD;
return $content;
}
function submit_changes($aid,$name,$content_area,$pass_skills,$purpose,$game_desc,$procedure,$assessment,$user,$pass)
{
global $site_url,$administrators;
# Admin users
if ( validate($user,$pass) == 2 )
{
$sql = "UPDATE activities SET name='" . addslashes($name) . "',content_area='" . addslashes($content_area) . "',pass_skills='" . addslashes($pass_skills) . "',purpose='" . addslashes($purpose) . "',game_desc='" . addslashes($game_desc) . "',`procedure`='" . addslashes($procedure) . "',assessment='" . addslashes($assessment) . "',post_date=NOW() WHERE id=" . $aid;
$content = "Your activity has been updated. You may return to the Main activities page, by clicking the link in the lower right hand corner. ";
}
# Normal (non-admin) users
elseif ( validate($user,$pass) == 1 )
{
$sql = "UPDATE activities SET name='" . addslashes($name) . "',content_area='" . addslashes($content_area) . "',pass_skills='" . addslashes($pass_skills) . "',purpose='" . addslashes($purpose) . "',game_desc='" . addslashes($game_desc) . "',`procedure`='" . addslashes($procedure) . "',assessment='" . addslashes($assessment) . "',post_date=NOW() WHERE id=" . $aid;
$content = "Thank you for the updates, once it has been approved you will be notified by email and it will appear on the Main activities page.";
$body = "The changes you have requested have been made to the activity:\n" . $name . "\nTo view this activity go here:\n" . $site_url . "/activities.php?action=show&id=" . $aid;
if(mail($administrator,"Changes to Activity on ORA Website have been made",$body,"From: " . $administrator))
$content .= "An email has been sent to the site Administrator notifying them of your changes.";
}
# Anyone else
else
{
$content = "We're sorry this is a restricted area.
