mrlan
/
LRR
3
0
Fork 2
Code Issues Pull Requests 7 Projects Releases Wiki Activity

add confirm ID and student valid ID

Bug469-kingsley
Adjei Kingsley 2022-12-22 05:50:32 +08:00
parent f7f9558721
commit f76cc2eb49
1 changed files with 26 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
Script.php
View File

@ -105,8 +105,7 @@ if (!empty($_POST["form_signup"])) {
// check if email is taken // check if email is taken
$result = mysqli_query($con, "SELECT * FROM users_table WHERE email='$email'"); $result = mysqli_query($con, "SELECT * FROM users_table WHERE email='$email'");
if(mysqli_num_rows($result) != 0) if (mysqli_num_rows($result) != 0) {
{
$_SESSION["info_signup"] = "Email address " . $email . " is already in use."; $_SESSION["info_signup"] = "Email address " . $email . " is already in use.";
$_SESSION['user_fullname'] = null; $_SESSION['user_fullname'] = null;
header("Location: signup.php"); header("Location: signup.php");
@ -272,10 +271,11 @@ if (!empty($_POST["frm_createlecturrer"])) {
$type = mysqli_real_escape_string($con, $_POST["type"]); $type = mysqli_real_escape_string($con, $_POST["type"]);
$password = mysqli_real_escape_string($con, $_POST["passport"]); $password = mysqli_real_escape_string($con, $_POST["passport"]);
// check if email is taken // check if email is taken
$result = mysqli_query($con, $result = mysqli_query(
"SELECT * FROM Users_Table WHERE email='$email'"); $con,
if(mysqli_num_rows($result)!=0) "SELECT * FROM Users_Table WHERE email='$email'"
{ );
if (mysqli_num_rows($result) != 0) {
$_SESSION["info_Admin_Users"] = "Email address : " . $email . " is already in use."; $_SESSION["info_Admin_Users"] = "Email address : " . $email . " is already in use.";
header("Location: Admin.php"); header("Location: Admin.php");
} }
@ -741,14 +741,22 @@ if (!empty($_GET["groupinvite"])) {
$courseid = mysqli_real_escape_string($con, $_GET["courseid"]); $courseid = mysqli_real_escape_string($con, $_GET["courseid"]);
$groupid = mysqli_real_escape_string($con, $_GET["groupid"]); $groupid = mysqli_real_escape_string($con, $_GET["groupid"]);
$student = mysqli_query($con, "SELECT * FROM students_data WHERE Student_ID = '$student_id' ");
if (mysqli_num_rows($student) > 0) {
$result = mysqli_query($con, "SELECT * FROM course_group_members_table where Course_Group_id = '$groupid' and Student_ID = '$student_id'"); $result = mysqli_query($con, "SELECT * FROM course_group_members_table where Course_Group_id = '$groupid' and Student_ID = '$student_id'");
if (mysqli_num_rows($result) > 0) { if (mysqli_num_rows($result) > 0) {
$_SESSION["info_ReMarking"] = $student_id . " has already been invited"; $_SESSION["Reflect"] = $student_id . " has already been invited";
header("Location: Course.php?url=" . $url); header("Location: Course.php?url=" . $url);
} else { } else {
$sql = "INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`) $sql = "INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`)
VALUES ('$groupid','$student_id','Invited')"; VALUES ('$groupid','$student_id','Invited')";
} }
} else {
$_SESSION["Reflect"] = $student_id . " Invalid Student Number ";
header("Location: Course.php?url=" . $url);
}
if ($con->query($sql) === TRUE) { if ($con->query($sql) === TRUE) {
$resultx1 = mysqli_query($con, "SELECT * FROM course_groups_table where Course_Group_id ='$groupid'"); $resultx1 = mysqli_query($con, "SELECT * FROM course_groups_table where Course_Group_id ='$groupid'");