3279308836
/
LRR
forked from mrlan/LRR
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Script.php: allow people to log in when they give a valid student number.

SIMPLICITY_link
Hui Lan 2020-06-29 14:44:21 +08:00
parent cd0085b919
commit f8995eec6f
1 changed files with 4 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Script.php
View File

@ -144,10 +144,10 @@ if (!empty($_POST["frm_login"])) {
$user=mysqli_real_escape_string($con,$_POST["user"]); $user=mysqli_real_escape_string($con,$_POST["user"]);
$password=mysqli_real_escape_string($con,$_POST["password"]); $password=mysqli_real_escape_string($con,$_POST["password"]);
// $hashed_password=hash('sha512', $password); Not necessary in the login // $hashed_password=hash('sha512', $password); Not necessary in the login
$result = mysqli_query($con, "SELECT * FROM users_table WHERE (Email='$user')"); $result = mysqli_query($con, "SELECT * FROM users_table WHERE (Student_ID='$user') OR (Email='$user')");
if(mysqli_num_rows($result)==0) if(mysqli_num_rows($result)==0)
{ {
$_SESSION["info_login"]="Inavlid login Information."; $_SESSION["info_login"]="Inavlid login information.";
echo $_SESSION["info_login"]; echo $_SESSION["info_login"];
@ -833,14 +833,11 @@ if(strlen($_FILES['attachment1']['name']) > 2 ) {
if (trim($group_id) === '') { // when $group_id is an empty string or contains only whitespace characters. if (trim($group_id) === '') { // when $group_id is an empty string or contains only whitespace characters.
$group_id = 0; // FIXME $group_id = 0; // FIXME
} }
$sql="INSERT INTO `lab_report_submissions`(`Submission_Date`, `Lab_Report_ID`, `Student_id`," $sql="INSERT INTO `lab_report_submissions`(`Submission_Date`, `Lab_Report_ID`, `Student_id`,"
. " `Course_Group_id`, `Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Status`, `Title`,`Remarking_Reason`)" . " `Course_Group_id`, `Attachment1`, `Notes`, `Attachment2`, `Attachment3`, `Attachment4`, `Status`, `Title`,`Remarking_Reason`)"
. " VALUES ('$date',$lab_id,$student_id,$group_id,'$targetfile','$instructions','$targetfile2','$targetfile3','$targetfile4'," . " VALUES ('$date',$lab_id,$student_id,$group_id,'$targetfile','$instructions','$targetfile2','$targetfile3','$targetfile4',"
. "'Pending','$title','')"; . "'Pending','$title','')";
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
if($_SESSION['Sub_Type']=='Individual') if($_SESSION['Sub_Type']=='Individual')
// { // {