<?
session_start();
require "config.php";

$sql = "SELECT * FROM PageContent WHERE filename='{$filename}'"; 
$page = fetchRow($sql);


/* password protected pages */
if ( $page['password'] )
{
  $password = fetchOne("SELECT password FROM passwords WHERE id = '{$page['password']}'");
  
  /* if submitting password */
  if ( $_POST['password'] )
    $_SESSION['password'] = $_POST['password'];
 
  if ( $password != $_SESSION['password'] ) 
  {
	if ( $_POST['password'] )
	  $TPL->assign("password_error",1);
    $TPL->assign("title","Password Required");
	$TPL->assign("content",$TPL->fetch('LoginRequired.tpl'));
	$TPL->display("subpage.tpl");
    exit();
  }
}

$TPL->assign(array("title"=>$page[title],"content"=>$page[content]));

switch($filename)
{
  case "studentcentre.php":
    /* select all programs */
	$programs = fetchAll("SELECT id, name FROM Course");
	$classes = array();
	/* select most recently added classes for each program */
	foreach ( $programs as $program )
	{
      $classes = array_merge($classes, fetchAll("SELECT graduates.class as id, CONCAT(year(CourseSchedule.startdate),'-',year(CourseSchedule.enddate),' ',Course.name,' (',Venue.name,')') AS class FROM graduates INNER JOIN CourseSchedule ON CourseSchedule.id=graduates.class INNER JOIN Course ON Course.id=CourseSchedule.courseid INNER JOIN Venue ON Venue.id=CourseSchedule.venueid WHERE CourseSchedule.courseid = {$program[id]} AND CourseSchedule.enddate >= now() GROUP BY CourseSchedule.id ORDER BY CourseSchedule.startdate DESC"));
	}
    $TPL->assign("classpage","currentclass.php");	
    $TPL->assign("dynamic_rows",$classes);
	$TPL->assign("dynamic_list",$TPL->fetch("list_graduate_classes.tpl"));
  break;
  
  
  case "graduatecentre.php":
    $sql = "SELECT DISTINCT graduates.class AS id, CONCAT(year(CourseSchedule.startdate),'-',year(CourseSchedule.enddate),' ',Course.name,' (',Venue.name,')') AS class FROM graduates INNER JOIN CourseSchedule ON CourseSchedule.id=graduates.class INNER JOIN Course ON Course.id=CourseSchedule.courseid INNER JOIN Venue ON Venue.id=CourseSchedule.venueid WHERE graduates.graduated=1";
    $TPL->assign("classpage","graduatingclass.php");
	$TPL->assign("dynamic_rows",fetchAll($sql));
	$TPL->assign("dynamic_list",$TPL->fetch("list_graduate_classes.tpl"));
  break;
  case "programinformation.php":
    $sql = "SELECT * FROM Course WHERE featured = 1";
	$featured = fetchAll($sql);
	$sql = "SELECT * FROM Course WHERE featured = 0";
	$others = fetchAll($sql);
	$TPL->assign("featured_programs",$featured);
	$TPL->assign("others",$others);
	$TPL->assign("dynamic_list",$TPL->fetch("list_programs.tpl"));
  break;
  case "news.php":
    $sql = "SELECT * FROM news ORDER BY date DESC";
	$TPL->assign("news",fetchAll($sql));
    $TPL->assign("dynamic_list",$TPL->fetch("list_news.tpl"));
  break;
  case "gallery.php";
    $sql = "SELECT * FROM albums";
	$TPL->assign("albums",fetchAll($sql));
    $TPL->assign("dynamic_list",$TPL->fetch("list_albums.tpl"));
  break;
  case "graduatephotos.php":
    $sql = "SELECT * FROM photos WHERE album_id=7";
	$TPL->assign("photos",fetchAll($sql));
	$TPL->assign("dynamic_list",$TPL->fetch("album.tpl"));
  break;
  case "faculty.php":
	/* emails are no longer obfuscated */
	$TPL->assign("content", $page['content'] );
  break;
}

$TPL->display("subpage.tpl");

?>