{$_SERVER['REQUEST_TIME']} JOIN $kldv.grp2subj ON grp2subj.grp2subj_id = ppl2grp2subj.grp2subj_id JOIN $kldv.grp ON grp.grp_id = grp2subj.grp_id JOIN $kldv.subj ON subj.subj_id = grp2subj.subj_id JOIN $kldv.ppl2grp ON ppl2grp.grp_id = grp.grp_id AND ppl2grp.ppl_enter <= {$_SERVER['REQUEST_TIME']} AND ppl2grp.ppl_exit >{$_SERVER['REQUEST_TIME']} JOIN $kldv.ppl AS lln ON lln.ppl_id = ppl2grp.ppl_id JOIN results ON results.ppl_id = lln.ppl_id WHERE ppl.ppl_id = {$_SESSION['ppl_id']} AND result_id = $result_id ORDER BY lln.ppl_surname, lln.ppl_forename, lln.ppl_prefix EOQ ); if (!$ppl_id) error_user("Geen toegang", "Je geeft geen les aan deze leerling, de gegevens zijn niet toegankelijk"); mdb2_exec($db, "UPDATE resultcomment SET resultcomment = '%q', agreement = '%q' WHERE resultcomment_id = %i AND result_id = %i", htmlenc($_POST['resultcomment']), $_POST['agreement'], $_POST['resultcomment_id'], $_POST['result_id']); } else if (isset($_POST['result_id'])) { $result_id = mdb2_single_val($db, "SELECT result_id FROM results WHERE result_id = %i", $_POST['result_id']); if (!$result_id) error_user("Niet gevonden", "Resultaat result_id={$_POST['resultcoment']} bestaat niet"); $ppl_id = mdb2_single_val($db, << {$_SERVER['REQUEST_TIME']} JOIN $kldv.grp2subj ON grp2subj.grp2subj_id = ppl2grp2subj.grp2subj_id JOIN $kldv.grp ON grp.grp_id = grp2subj.grp_id JOIN $kldv.subj ON subj.subj_id = grp2subj.subj_id JOIN $kldv.ppl2grp ON ppl2grp.grp_id = grp.grp_id AND ppl2grp.ppl_enter <= {$_SERVER['REQUEST_TIME']} AND ppl2grp.ppl_exit >{$_SERVER['REQUEST_TIME']} JOIN $kldv.ppl AS lln ON lln.ppl_id = ppl2grp.ppl_id JOIN results ON results.ppl_id = lln.ppl_id WHERE ppl.ppl_id = {$_SESSION['ppl_id']} AND result_id = $result_id ORDER BY lln.ppl_surname, lln.ppl_forename, lln.ppl_prefix EOQ ); if (!$ppl_id) error_user("Geen toegang", "Je geeft geen les aan deze leerling, de gegevens zijn niet toegankelijk"); mdb2_exec($db, "INSERT INTO resultcomment ( resultcomment, agreement, result_id, ppl_id ) VALUES ( '%q', '%q', %i, {$_SESSION['ppl_id']} )", htmlenc($_POST['resultcomment']), $_POST['agreement'], $_POST['result_id']); } else error_system("Impossible"); header('Location: '.$location."toets.php?result_id={$_POST['result_id']}");