#!/usr/bin/perl
#  Copyright 2001-2021 Leslie Richardson

#  This file is part of Open Admin for Schools.

#  Open Admin for Schools is free software; you can redistribute it 
#  and/or modify it under the terms of the GNU General Public License
#  as published by the Free Software Foundation; either version 2 of 
#  the License, or (at your option) any later version.

my %lex = ('Main' => 'Main',
	   'Error' => 'Error',
	   'Edit' => 'Edit',
	   'Name' => 'Name',
	   'Update' => 'Update',
	   'Score' => 'Score',
	   'Test Date' => 'Test Date',
	   'No Blanks Allowed' => 'No Blanks Allowed',
	   'No User Id' => 'No User Id',
	   'No Password' => 'No Password',
	   'Please Log In' => 'Please Log In',
	   'Record(s) Updated' => 'Record(s) Updated',
	   'Edit not allowed' => 'Edit not allowed',

	   'Raw Score' => 'Raw Score',
	   'Continue' => 'Continue',
	   'Standard Score' => 'Standard Score',
	   'Confidence' => 'Confidence',
	   'Interval' => 'Interval',
	   'Percentile' => 'Percentile',
	   'Normal Curve Equivalent' => 'Normal Curve Equivalent',
	   'Stanine' => 'Stanine',
	   'Growth Scale Value' => 'Growth Scale Value',
	   'Age' => 'Age',
	   'Equivalent' => 'Equivalent',
	   'Period' => 'Period',
	   'Score' => 'Score',
	   'Math' => 'Math',
	   'Scores' => 'Scores',
	   'Date' => 'Date',
	   'Close' => 'Close',

	   );

use DBI;
use CGI;
use CGI::Session;


my $self = 'mathTestEdit.pl';


# NOW in config file math.conf
# my @phases = qw(Emergent Matching Quantifying Partitioning Factoring Operating);
# my @seasons = qw(Sep-2012 Nov-2012 Apr-2013 Sep-2013 Nov-2013 Apr-2014 Sep-2014 Nov-2014);
# Configuration Settings -----------------------
my $allow_author = 1; # allow author to edit
my $allow_fsim = 1; # allow user with math access code to edit
#-----------------------------------------------

my $q = new CGI;
my %arr = $q->Vars;

my @time = localtime(time);
my $year = $time[5] + 1900;
my $month = $time[4] + 1;
my $currdate = "$year-$month-$time[3]";


eval require "../../etc/admin.conf";
if ( $@ ) {
    print $lex{Error}. " $self: $@<br>\n";
    die $lex{Error}. "$self: $@\n";
}

eval require "./fsim.conf";
if ( $@ ) {
    print $lex{Error}. " $self: $@<br>\n";
    die $lex{Error}. "$self: $@\n";
}


my $dsn = "DBI:$dbtype:dbname=$dbase";
my $dbh = DBI->connect($dsn,$user,$password);

# Session Setup Here
my $session = new CGI::Session("driver:mysql;serializer:FreezeThaw",
 undef,{Handle => $dbh}) or die CGI::Session->errstr;

# Get/Set  Session Values (a defined userid means it was passed)
if ( $arr{userid} ){ # we want to login, passed userid/password pair.

    # Check password/userid against database (-1 no user, -2 wrong password);
    my $error = checkPassword($arr{userid}, $arr{password}, $dbh);
    if ($error == -1){ print $q->header( -charset, $charset ); login($lex{'No User Id'}); }
    if ($error == -2){ print $q->header( -charset, $charset ); login($lex{'No Password'}); }

    $cookietime = checkCookieTime( $arr{duration} );

    # Set values for userid and logged_in in session
    $session->param( 'logged_in','1');
    $session->expire( 'logged_in', $cookietime );
    $session->param( 'userid',$arr{userid} );
    $session->param( 'duration',$cookietime );

    $userid = $arr{userid};


} else { # check logged_in value in session

    if ( not $session->param('logged_in') ){
	$userid = $session->param('userid');
        print $q->header( -charset, $charset );
        print qq{$lex{'Please Log In'}</body></html>\n}; 
        exit;
    }
    # Ok, we have a login. Values below we have in environment.

    $userid = $session->param('userid');
    $duration = $session->param('duration');

    if ( not ($duration =~ /\+/)) { # if not in +20m format, do so.
	$duration = checkCookieTime( $duration );
    }

    $session->expire('logged_in', $duration );


} # End of check for logged_in value

print $session->header( -charset, $charset );
# Session Setup End


# Check for fsim access code
my $sth = $dbh->prepare("select field_value from staff_multi 
  where field_name = 'access' and userid = ?");
$sth->execute( $userid );
if ( $DBI::errstr ){ print $DBI::errstr; die $DBI::errstr; }

my $accessfsim;
while ( my $val = $sth->fetchrow ) {
    if ( uc $val eq 'FSIM' ) { $accessfsim = 1; }
     print qq{VAL:$val ACCESS:$accessdra<br>\n};
}



# Page Header
my $title = "$lex{Edit} $lex{Math} $lex{Scores}";
print qq{$doctype\n<html><head><title>$title</title>};
print qq{<link rel="stylesheet" href="$tchcss" type="text/css">\n};

print qq{$chartype\n</head><body style="padding:1em 2em;">\n};
print qq{[ <a href="$tchpage">$lex{Main}</a> ]\n};
print qq{<h1>$title</h1>\n};


if ( not $arr{page} ) {
    editTest( $arr{testid} );

} elsif ( $arr{page} == 1 ) {
    delete $arr{page};
    writeTest();
}


#-------------
sub editTest {
#-------------

    # foreach my $key ( sort keys %arr ) { print qq{K:$key V:$arr{$key}<br>\n}; }

    my $testid = shift;

    # Get Reading Test fields.
    my $sth = $dbh->prepare("select * from math_fstep where id = ?");
    $sth->execute( $testid );
    if ( $DBI::errstr ){ print $DBI::errstr; die $DBI::errstr; }
    my $ref = $sth->fetchrow_hashref;
    my $studnum = $ref->{studnum};

    # Access Controls
    my $failflag;
    if ( not $allow_author and not $allow_fsim ) { $failflag = 1; } # nobody edits
    elsif ( $allow_author and $ref->{tauthor} ne $userid ) { $failflag = 1; } # not author

    if ( $allow_fsim and $accessfsim ) { $failflag = 0; }
    # allow override of author failure for catalyst.

    if ( $failflag ) {
	print qq{<h3>$lex{'Edit not allowed'}</h3>\n};
	print qq{</body></html>\n};
	exit;
    }

    # Get Student Name
    my $sth1 = $dbh->prepare("select lastname, firstname from student where studnum = ?");
    $sth1->execute( $studnum );
    if ( $DBI::errstr ) { print $DBI::errstr; die $DBI::errstr; }
    my ( $lastname, $firstname ) = $sth1->fetchrow;
    # print qq{Name: $lastname $firstname<br>\n};

    # Print Form Heading
    print qq{<form action="$self" method="post"> \n};
    print qq{<input type="hidden" name="page" value="1">\n};
    print qq{<input type="hidden" name="id" value="$testid">\n};

    # Print Table Header and Heading values
    print qq{<table cellpadding="3" cellspacing="0" border="0">\n};
    # print qq{<tr><th></th><th></th></tr>\n};
    print qq{<tr><td colspan="3" class="la">};
    print qq{<input type="submit" value="$lex{Update}"></td></tr>\n};

    # Name
    print qq{<tr><td class="bra">$lex{Name}</td><td class="la">};
    print qq{<b>$lastname</b>, $firstname</td></tr>\n};


    # Score
    print qq{<tr><td class="bra">$lex{Score}</td>};
    print qq{<td class="la"><select name="tphase"><option>$ref->{tphase}</option>\n};
    foreach my $phase ( @phases ) {
	print qq{<option>$phase</option>\n};
    }
    print qq{</select></td></tr>\n};

    # Period / Season
    print qq{<tr><td class="bra">$lex{Period}</td>};
    print qq{<td><select name="tseason"><option>$ref->{tseason}</option>\n};
    foreach my $season ( @seasons ) {
	print qq{<option>$season</option>\n};
    }
    print qq{</select></td></tr>\n};

    # Period / Season
    print qq{<tr><td class="bra">$lex{Date}</td>};
    print qq{<td><input type="text" name="tdate" size="12" value="$ref->{tdate}"></td></tr>\n};


    print qq{<tr><td colspan="3" class="la">\n};
    print qq{<input type="submit" value="$lex{Update}"></td></tr>\n};
    print qq{</table></form></body></html>\n};

    exit;

}


#--------------
sub writeTest {
#--------------

    # This only updates student scores; no change to test itself.
    # foreach my $key ( sort keys %arr ) { print qq{K:$key V:$arr{$key}<br>\n}; }

    my $sth = $dbh->prepare("update math_fstep set 
      tphase = ?, tseason = ?, tdate = ? where id = ?");  

    $sth->execute( $arr{tphase},$arr{tseason},$arr{tdate}, $arr{id} );

    if ( $DBI::errstr ){ print $DBI::errstr; die $DBI::errstr; }

    print qq{<h1>$lex{'Record(s) Updated'}</h1>\n};

    print qq{<p><form><input type="hidden" name="none">\n};
    print qq{<input type="button" value="$lex{Close}" };
    print qq{onClick="parent.close()"></form></p>};

    print qq{</body></html>\n};

    exit;

}