-
Notifications
You must be signed in to change notification settings - Fork 0
/
classes.php
106 lines (103 loc) · 3.67 KB
/
classes.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
<?php
$pageTitle = "Classes";
include('header.php');
require("db-connect.php");
if(!isset($_COOKIE['teacher'])){
$query = "SELECT NULL FROM user WHERE class='administrator' LIMIT 1";
$result = mysqli_query($conn, $query);
$firstAccess = (mysqli_num_rows($result) == 0);
if (!$firstAccess) {
echo 'Only teachers can create new classes.';
$conn->close();
include('footer.php');
exit;
}
} else {
$firstAccess = false;
}
?>
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" style="margin-bottom: 25px;">
<div class="form-group">
<label for="name"> Add Class Name </label>
<input type="text" id="name" name="name" class="form-control" placeholder="ENG101" required>
</div>
<input type="submit" name="classes" class="btn btn-primary" value="Save class">
</form>
<?php
if(isset($_POST['classes']) && !empty($_POST['name'])){
$name = $_POST['name'];
// Ensure it doesn't already exist.
$query = "SELECT 1 FROM class WHERE UPPER(`name`) = UPPER('$name') LIMIT 1";
$result = mysqli_query($conn, $query);
if(mysqli_num_rows($result) == 1) {
echo '<div class="alert alert-danger" role="alert">
<span class="glyphicon glyphicon-exclamation-sign" aria-hidden="true"></span>
<span class="sr-only">Error:</span>
Class "' . $name . '" already exists.
</div>';
} else {
// Save class to database.
if (strtolower($name) == 'administrator' && !$firstAccess) {
echo '<div class="alert alert-danger" role="alert">
<span class="glyphicon glyphicon-exclamation-sign" aria-hidden="true"></span>
<span class="sr-only">Error:</span>
You cannot create a class called "' . $name . '".
</div>';
} else {
$query = "INSERT IGNORE INTO class(`name`) VALUES('".$name."')";
if(mysqli_query($conn, $query)){
header('Location: ' . $_SERVER['PHP_SELF']);
}
else{
echo "Error: " . $query . "<br>" . mysqli_error($conn);
}
}
}
}
// Generate list of classes.
$query = "SELECT * FROM class ORDER BY name;";
$classes = $classes = mysqli_query($conn, $query);
if($classes && mysqli_num_rows($classes)){ ?>
<div class="panel panel-success">
<div class = "panel-heading">
<h2 class = "panel-title">Current classes</h2>
</div>
<div class = "panel-body">
<ul style="list-style: none;">
<?php
// Get list of available classes.
while($class = $classes->fetch_assoc()){
echo '<li><a href="?delete=' . $class['id'] . '" class="btn btn-danger btn-sm" style="margin:2px;"><span class="glyphicon glyphicon-trash" aria-hidden="true"></span><span class="sr-only">Delete class</span></a> ' . $class['name'] . '</li>';
}
?>
</ul>
</div>
</div>
<?php
} else {
?>
<div class = "panel panel-warning">
<div class = "panel-heading">
<h2 class = "panel-title">Warning</h2>
</div>
<div class = "panel-body">
No classes defined.
</div>
</div>
<?php
}
// Delete class name from class table.
if(isset($_GET['delete'])){
$id = $_GET['delete'];
// Prepare query to be saved to db.
$query = "DELETE FROM class WHERE `id`='".$id."';";
if(mysqli_query($conn, $query)){
$query = "DELETE FROM attendance WHERE `classid`='".$id."';";
mysqli_query($conn, $query);
header('Location: ' . $_SERVER['PHP_SELF']);
} else {
echo "Error: " . $query . "<br>" . mysqli_error($conn);
}
}
$conn->close();
include('footer.php');