103 lines
3.4 KiB
PHP
103 lines
3.4 KiB
PHP
<?php
|
|
include('includes/config/config.php');
|
|
include('includes/auth/auth.php');
|
|
include('includes/functions.php');
|
|
include('access.php');
|
|
error_reporting(E_ERROR | E_PARSE);
|
|
?>
|
|
<?php
|
|
// Connect to mysqli database
|
|
$page = 1; // The current page
|
|
$sortname = 'subject_id'; // Sort column
|
|
$sortorder = 'asc'; // Sort order
|
|
$qtype = ''; // Search column
|
|
$query = ''; // Search string
|
|
// Get posted data
|
|
if (isset($_POST['page'])) {
|
|
$page = mysqli_real_escape_string($conn,$_POST['page']);
|
|
}
|
|
if (isset($_POST['sortname'])) {
|
|
$sortname = mysqli_real_escape_string($conn,$_POST['sortname']);
|
|
}
|
|
if (isset($_POST['sortorder'])) {
|
|
$sortorder = mysqli_real_escape_string($conn,$_POST['sortorder']);
|
|
}
|
|
if (isset($_POST['qtype'])) {
|
|
$qtype = mysqli_real_escape_string($conn,$_POST['qtype']);
|
|
}
|
|
if (isset($_POST['query'])) {
|
|
$query = mysqli_real_escape_string($conn,$_POST['query']);
|
|
}
|
|
if (isset($_POST['rp'])) {
|
|
$rp = mysqli_real_escape_string($conn,$_POST['rp']);
|
|
}
|
|
|
|
$hasReadAccess = isAccessible($_SESSION['RoleId'],$menu_key,'R');
|
|
$hasWriteAccess = isAccessible($_SESSION['RoleId'],$menu_key,'W');
|
|
$hasExecuteAccess = isAccessible($_SESSION['RoleId'],$menu_key,'E');
|
|
// Setup sort and search SQL using posted data
|
|
$ohc_type_id = "ohc_type_id = ".$_SESSION['current_ohcttype'];
|
|
|
|
$sortSql = "order by $sortname $sortorder";
|
|
$searchSql = ($qtype != '' && $query != '') ? "where upper($qtype) like upper('%".trim($query)."%') " :'';
|
|
|
|
$searchSql=preg_replace('/and/', 'where', $searchSql, 1);
|
|
// Get total count of records
|
|
$sql = "select count(*)from subjects $searchSql";
|
|
$result = mysqli_query($conn,$sql);
|
|
$row = mysqli_fetch_array($result);
|
|
$total = $row[0];
|
|
// Setup paging SQL
|
|
//$rp=1;
|
|
$pageStart = ($page-1)*$rp;
|
|
$limitSql = "limit $pageStart, $rp";
|
|
|
|
$data = array();
|
|
$data['page'] = $page;
|
|
$data['total'] = $total;
|
|
$data['rows'] = array();
|
|
$sql1 = "select * from subjects $searchSql $sortSql";
|
|
error_log("check_sql : ".$sql1);
|
|
$sql_export = $sql1;
|
|
$sql_1 = ($sql_1 ?? ''). $limitSql;
|
|
|
|
$results_section = mysqli_query($conn,$sql1);
|
|
$count=($page - 1) * $rp + 1;
|
|
|
|
while ($row1= mysqli_fetch_assoc($results_section)) {
|
|
|
|
$subject_id=$row1['subject_id'];
|
|
$view_link="";
|
|
$edit_link="";
|
|
$delete_link="";
|
|
$links="";
|
|
if($hasReadAccess )
|
|
{
|
|
|
|
$view_link="<a href=\"#\"class=\"green\" onclick=\"open_section('".$subject_id."','V');\"><i class=\"ace-icon fa fa-search-plus bigger-130\"></i></a>";
|
|
}
|
|
|
|
if($hasWriteAccess )
|
|
{
|
|
$edit_link="<a href=\"#\" class=\"blue\" onclick=\"open_section('".$subject_id."','E');\"><i class=\"ace-icon fa fa-pencil bigger-130\"></i></a>";
|
|
}
|
|
if($hasExecuteAccess)
|
|
{
|
|
$delete_link="<a href=\"#\" class=\"red\" onclick=\"delete_section('".$subject_id."');\"><i class=\"ace-icon fa fa-trash-o bigger-130\"></i></a>";
|
|
}
|
|
$assign_link = $assign_link ?? '';
|
|
$space=" ";
|
|
$links = $assign_link.$space.$view_link.$space.$edit_link.$space.$delete_link;
|
|
$data['rows'][] = array(
|
|
'id' => $row1['subject_id'],
|
|
'cell' => array( $links,$count++,$row1['subject_name']));
|
|
}
|
|
$paramlist = $paramlist ?? '';
|
|
$data['rows'][] = array(
|
|
'id' => isset($row['filterkey']) ? $row['filterkey'] : '',
|
|
'cell' => array('', "<input type=hidden name='filterkey' id='filterkey' value=\"" . base64_encode($sql_export) . "\">", "<input type=hidden name=paramlist id=paramlist value=\"" . base64_encode($paramlist) . "\">", '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '')
|
|
);
|
|
|
|
|
|
echo json_encode($data);
|
|
?>
|