forked from mrlan/LRR
add confirm ID and student valid ID
parent
f7f9558721
commit
f76cc2eb49
28
Script.php
28
Script.php
|
@ -105,9 +105,8 @@ if (!empty($_POST["form_signup"])) {
|
||||||
|
|
||||||
// check if email is taken
|
// check if email is taken
|
||||||
$result = mysqli_query($con, "SELECT * FROM users_table WHERE email='$email'");
|
$result = mysqli_query($con, "SELECT * FROM users_table WHERE email='$email'");
|
||||||
if(mysqli_num_rows($result) != 0)
|
if (mysqli_num_rows($result) != 0) {
|
||||||
{
|
$_SESSION["info_signup"] = "Email address " . $email . " is already in use.";
|
||||||
$_SESSION["info_signup"]="Email address ".$email." is already in use.";
|
|
||||||
$_SESSION['user_fullname'] = null;
|
$_SESSION['user_fullname'] = null;
|
||||||
header("Location: signup.php");
|
header("Location: signup.php");
|
||||||
return;
|
return;
|
||||||
|
@ -272,15 +271,16 @@ if (!empty($_POST["frm_createlecturrer"])) {
|
||||||
$type = mysqli_real_escape_string($con, $_POST["type"]);
|
$type = mysqli_real_escape_string($con, $_POST["type"]);
|
||||||
$password = mysqli_real_escape_string($con, $_POST["passport"]);
|
$password = mysqli_real_escape_string($con, $_POST["passport"]);
|
||||||
// check if email is taken
|
// check if email is taken
|
||||||
$result = mysqli_query($con,
|
$result = mysqli_query(
|
||||||
"SELECT * FROM Users_Table WHERE email='$email'");
|
$con,
|
||||||
if(mysqli_num_rows($result)!=0)
|
"SELECT * FROM Users_Table WHERE email='$email'"
|
||||||
{
|
);
|
||||||
$_SESSION["info_Admin_Users"]="Email address : ".$email." is already in use.";
|
if (mysqli_num_rows($result) != 0) {
|
||||||
|
$_SESSION["info_Admin_Users"] = "Email address : " . $email . " is already in use.";
|
||||||
header("Location: Admin.php");
|
header("Location: Admin.php");
|
||||||
}
|
}
|
||||||
$password_hash = password_hash("$password", PASSWORD_DEFAULT);
|
$password_hash = password_hash("$password", PASSWORD_DEFAULT);
|
||||||
$sql= "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`) VALUES "
|
$sql = "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`) VALUES "
|
||||||
. "('$email','$password_hash','$fullname','$type')";
|
. "('$email','$password_hash','$fullname','$type')";
|
||||||
|
|
||||||
if ($con->query($sql) === TRUE) {
|
if ($con->query($sql) === TRUE) {
|
||||||
|
@ -741,14 +741,22 @@ if (!empty($_GET["groupinvite"])) {
|
||||||
$courseid = mysqli_real_escape_string($con, $_GET["courseid"]);
|
$courseid = mysqli_real_escape_string($con, $_GET["courseid"]);
|
||||||
$groupid = mysqli_real_escape_string($con, $_GET["groupid"]);
|
$groupid = mysqli_real_escape_string($con, $_GET["groupid"]);
|
||||||
|
|
||||||
|
$student = mysqli_query($con, "SELECT * FROM students_data WHERE Student_ID = '$student_id' ");
|
||||||
|
|
||||||
|
if (mysqli_num_rows($student) > 0) {
|
||||||
|
|
||||||
$result = mysqli_query($con, "SELECT * FROM course_group_members_table where Course_Group_id = '$groupid' and Student_ID = '$student_id'");
|
$result = mysqli_query($con, "SELECT * FROM course_group_members_table where Course_Group_id = '$groupid' and Student_ID = '$student_id'");
|
||||||
if (mysqli_num_rows($result) > 0) {
|
if (mysqli_num_rows($result) > 0) {
|
||||||
$_SESSION["info_ReMarking"] = $student_id . " has already been invited";
|
$_SESSION["Reflect"] = $student_id . " has already been invited";
|
||||||
header("Location: Course.php?url=" . $url);
|
header("Location: Course.php?url=" . $url);
|
||||||
} else {
|
} else {
|
||||||
$sql = "INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`)
|
$sql = "INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`)
|
||||||
VALUES ('$groupid','$student_id','Invited')";
|
VALUES ('$groupid','$student_id','Invited')";
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
$_SESSION["Reflect"] = $student_id . " Invalid Student Number ";
|
||||||
|
header("Location: Course.php?url=" . $url);
|
||||||
|
}
|
||||||
|
|
||||||
if ($con->query($sql) === TRUE) {
|
if ($con->query($sql) === TRUE) {
|
||||||
$resultx1 = mysqli_query($con, "SELECT * FROM course_groups_table where Course_Group_id ='$groupid'");
|
$resultx1 = mysqli_query($con, "SELECT * FROM course_groups_table where Course_Group_id ='$groupid'");
|
||||||
|
|
Loading…
Reference in New Issue