<?
include('phplib/phplib.php');
include('common.php');
$db = mdb2_open($dsn);

check_personeel();
header('Content-type: text/plain');
//print_r($_POST);

$bevoegd = mdb2_single_val($db, "SELECT invigilator_id FROM invigilators WHERE ppl_id = {$_SESSION['ppl_id']}");
if (!$bevoegd) error_user("Permission denied", "U bent geen surveillant en mag derhalve geen constateringen in het systeem zetten", 'index.php');

$moment_id = mdb2_single_val($db, "SELECT moment_id FROM moments WHERE moment_id = %i", $_POST['moment_id']);

if (!$moment_id) error_user("Moment onbekend", "Onbekend moment!", 'index.php');

$ok = mdb2_single_val($db, <<<EOQ
SELECT DATE(NOW()) <= cDate(year, week, dag) FROM moments JOIN $roosterdb.weken USING (week_id) WHERE moment_id = $moment_id
EOQ
);
if (!$ok) error_user("Tijdreizen mag niet", "Moment ligt in het verleden", 'index.php');

unset($_POST['moment_id']);


//echo("ok=$ok\n");
foreach ($_POST as $key => $val) {
	$array = explode('-', $key);
	if (count($array) != 2) continue;
	$enrollment_id = mdb2_single_val($db, "SELECT enrollment_id FROM enrollments WHERE moment_id = $moment_id AND enrollment_id = %i", $array[1]);
	if (!$enrollment_id) continue;
	if ($array[0] == 'status') {
		if ($val != 'AANWEZIG' && $val != 'AFWEZIG') error_system('invalid status');
		//echo("STATUS $enrollment_id $moment_id $val");
		mdb2_exec($db, "INSERT INTO reviews ( enrollment_id, invigilator_ppl_id, invigilator_orig_username, status ) VALUES ( $enrollment_id, {$_SESSION['ppl_id']}, '%q', '%q' ) ON DUPLICATE KEY UPDATE invigilator_ppl_id = {$_SESSION['ppl_id']}, invigilator_orig_username = '%q', status = '%q'", $_SESSION['orig_username'], $val, $_SESSION['orig_username'], $val);
	} else if ($array[0] == 'text') {
		mdb2_exec($db, "INSERT INTO reviews ( enrollment_id, invigilator_ppl_id, invigilator_orig_username, text ) VALUES ( $enrollment_id, {$_SESSION['ppl_id']}, '%q', '%q' ) ON DUPLICATE KEY UPDATE invigilator_ppl_id = {$_SESSION['ppl_id']}, invigilator_orig_username = '%q', text = '%q'", $_SESSION['orig_username'], htmlenc($val), $_SESSION['orig_username'], htmlenc($val));
	} else continue;
}

notice_user("Opgeslagen", "Constateringen opgeslagen op ".date('r', $_SERVER['REQUEST_TIME']), 'index.php?rol=surveillant');


?>