add confirm ID and student valid ID

Adjei Kingsley 2022-12-22 05:50:32 +08:00
parent f7f9558721
commit f76cc2eb49
1 changed files with 26 additions and 18 deletions

View File

@ -105,9 +105,8 @@ if (!empty($_POST["form_signup"])) {
// check if email is taken // check if email is taken
$result = mysqli_query($con, "SELECT * FROM users_table WHERE email='$email'"); $result = mysqli_query($con, "SELECT * FROM users_table WHERE email='$email'");
if(mysqli_num_rows($result) != 0) if (mysqli_num_rows($result) != 0) {
{ $_SESSION["info_signup"] = "Email address " . $email . " is already in use.";
$_SESSION["info_signup"]="Email address ".$email." is already in use.";
$_SESSION['user_fullname'] = null; $_SESSION['user_fullname'] = null;
header("Location: signup.php"); header("Location: signup.php");
return; return;
@ -272,15 +271,16 @@ if (!empty($_POST["frm_createlecturrer"])) {
$type = mysqli_real_escape_string($con, $_POST["type"]); $type = mysqli_real_escape_string($con, $_POST["type"]);
$password = mysqli_real_escape_string($con, $_POST["passport"]); $password = mysqli_real_escape_string($con, $_POST["passport"]);
// check if email is taken // check if email is taken
$result = mysqli_query($con, $result = mysqli_query(
"SELECT * FROM Users_Table WHERE email='$email'"); $con,
if(mysqli_num_rows($result)!=0) "SELECT * FROM Users_Table WHERE email='$email'"
{ );
$_SESSION["info_Admin_Users"]="Email address : ".$email." is already in use."; if (mysqli_num_rows($result) != 0) {
$_SESSION["info_Admin_Users"] = "Email address : " . $email . " is already in use.";
header("Location: Admin.php"); header("Location: Admin.php");
} }
$password_hash = password_hash("$password", PASSWORD_DEFAULT); $password_hash = password_hash("$password", PASSWORD_DEFAULT);
$sql= "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`) VALUES " $sql = "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`) VALUES "
. "('$email','$password_hash','$fullname','$type')"; . "('$email','$password_hash','$fullname','$type')";
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
@ -741,13 +741,21 @@ if (!empty($_GET["groupinvite"])) {
$courseid = mysqli_real_escape_string($con, $_GET["courseid"]); $courseid = mysqli_real_escape_string($con, $_GET["courseid"]);
$groupid = mysqli_real_escape_string($con, $_GET["groupid"]); $groupid = mysqli_real_escape_string($con, $_GET["groupid"]);
$result = mysqli_query($con, "SELECT * FROM course_group_members_table where Course_Group_id = '$groupid' and Student_ID = '$student_id'"); $student = mysqli_query($con, "SELECT * FROM students_data WHERE Student_ID = '$student_id' ");
if (mysqli_num_rows($result) > 0) {
$_SESSION["info_ReMarking"] = $student_id . " has already been invited"; if (mysqli_num_rows($student) > 0) {
header("Location: Course.php?url=" . $url);
$result = mysqli_query($con, "SELECT * FROM course_group_members_table where Course_Group_id = '$groupid' and Student_ID = '$student_id'");
if (mysqli_num_rows($result) > 0) {
$_SESSION["Reflect"] = $student_id . " has already been invited";
header("Location: Course.php?url=" . $url);
} else {
$sql = "INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`)
VALUES ('$groupid','$student_id','Invited')";
}
} else { } else {
$sql = "INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`) $_SESSION["Reflect"] = $student_id . " Invalid Student Number ";
VALUES ('$groupid','$student_id','Invited')"; header("Location: Course.php?url=" . $url);
} }
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {