add confirm ID and student valid ID
parent
f7f9558721
commit
f76cc2eb49
44
Script.php
44
Script.php
|
@ -57,14 +57,14 @@ if (!empty($_POST["form_signup"])) {
|
||||||
|
|
||||||
$student_result = mysqli_query($con, "SELECT * FROM `users_table` WHERE Student_ID='$student_id'");
|
$student_result = mysqli_query($con, "SELECT * FROM `users_table` WHERE Student_ID='$student_id'");
|
||||||
if (mysqli_num_rows($student_result) > 0) {
|
if (mysqli_num_rows($student_result) > 0) {
|
||||||
$_SESSION["info_signup"] = "This Student ID is already in use! Please contact Student Management Office <lanhui at zjnu.edu.cn> for help.";
|
$_SESSION["info_signup"] = "This Student ID is already in use! Please contact Student Management Office <lanhui at zjnu.edu.cn> for help.";
|
||||||
header("Location: signup.php");
|
header("Location: signup.php");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// ############################### CREATE STUDENT USER ##################################
|
// ############################### CREATE STUDENT USER ##################################
|
||||||
if (!empty($_POST["form_signup"])) {
|
if (!empty($_POST["form_signup"])) {
|
||||||
$fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
|
$fullname = mysqli_real_escape_string($con, $_POST["fullname"]);
|
||||||
$student_id = mysqli_real_escape_string($con, $_POST["user_student_id"]);
|
$student_id = mysqli_real_escape_string($con, $_POST["user_student_id"]);
|
||||||
$email = mysqli_real_escape_string($con, $_POST["email"]);
|
$email = mysqli_real_escape_string($con, $_POST["email"]);
|
||||||
|
@ -105,9 +105,8 @@ if (!empty($_POST["form_signup"])) {
|
||||||
|
|
||||||
// check if email is taken
|
// check if email is taken
|
||||||
$result = mysqli_query($con, "SELECT * FROM users_table WHERE email='$email'");
|
$result = mysqli_query($con, "SELECT * FROM users_table WHERE email='$email'");
|
||||||
if(mysqli_num_rows($result) != 0)
|
if (mysqli_num_rows($result) != 0) {
|
||||||
{
|
$_SESSION["info_signup"] = "Email address " . $email . " is already in use.";
|
||||||
$_SESSION["info_signup"]="Email address ".$email." is already in use.";
|
|
||||||
$_SESSION['user_fullname'] = null;
|
$_SESSION['user_fullname'] = null;
|
||||||
header("Location: signup.php");
|
header("Location: signup.php");
|
||||||
return;
|
return;
|
||||||
|
@ -272,15 +271,16 @@ if (!empty($_POST["frm_createlecturrer"])) {
|
||||||
$type = mysqli_real_escape_string($con, $_POST["type"]);
|
$type = mysqli_real_escape_string($con, $_POST["type"]);
|
||||||
$password = mysqli_real_escape_string($con, $_POST["passport"]);
|
$password = mysqli_real_escape_string($con, $_POST["passport"]);
|
||||||
// check if email is taken
|
// check if email is taken
|
||||||
$result = mysqli_query($con,
|
$result = mysqli_query(
|
||||||
"SELECT * FROM Users_Table WHERE email='$email'");
|
$con,
|
||||||
if(mysqli_num_rows($result)!=0)
|
"SELECT * FROM Users_Table WHERE email='$email'"
|
||||||
{
|
);
|
||||||
$_SESSION["info_Admin_Users"]="Email address : ".$email." is already in use.";
|
if (mysqli_num_rows($result) != 0) {
|
||||||
header("Location: Admin.php");
|
$_SESSION["info_Admin_Users"] = "Email address : " . $email . " is already in use.";
|
||||||
|
header("Location: Admin.php");
|
||||||
}
|
}
|
||||||
$password_hash = password_hash("$password", PASSWORD_DEFAULT);
|
$password_hash = password_hash("$password", PASSWORD_DEFAULT);
|
||||||
$sql= "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`) VALUES "
|
$sql = "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`) VALUES "
|
||||||
. "('$email','$password_hash','$fullname','$type')";
|
. "('$email','$password_hash','$fullname','$type')";
|
||||||
|
|
||||||
if ($con->query($sql) === TRUE) {
|
if ($con->query($sql) === TRUE) {
|
||||||
|
@ -741,13 +741,21 @@ if (!empty($_GET["groupinvite"])) {
|
||||||
$courseid = mysqli_real_escape_string($con, $_GET["courseid"]);
|
$courseid = mysqli_real_escape_string($con, $_GET["courseid"]);
|
||||||
$groupid = mysqli_real_escape_string($con, $_GET["groupid"]);
|
$groupid = mysqli_real_escape_string($con, $_GET["groupid"]);
|
||||||
|
|
||||||
$result = mysqli_query($con, "SELECT * FROM course_group_members_table where Course_Group_id = '$groupid' and Student_ID = '$student_id'");
|
$student = mysqli_query($con, "SELECT * FROM students_data WHERE Student_ID = '$student_id' ");
|
||||||
if (mysqli_num_rows($result) > 0) {
|
|
||||||
$_SESSION["info_ReMarking"] = $student_id . " has already been invited";
|
if (mysqli_num_rows($student) > 0) {
|
||||||
header("Location: Course.php?url=" . $url);
|
|
||||||
|
$result = mysqli_query($con, "SELECT * FROM course_group_members_table where Course_Group_id = '$groupid' and Student_ID = '$student_id'");
|
||||||
|
if (mysqli_num_rows($result) > 0) {
|
||||||
|
$_SESSION["Reflect"] = $student_id . " has already been invited";
|
||||||
|
header("Location: Course.php?url=" . $url);
|
||||||
|
} else {
|
||||||
|
$sql = "INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`)
|
||||||
|
VALUES ('$groupid','$student_id','Invited')";
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
$sql = "INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`)
|
$_SESSION["Reflect"] = $student_id . " Invalid Student Number ";
|
||||||
VALUES ('$groupid','$student_id','Invited')";
|
header("Location: Course.php?url=" . $url);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($con->query($sql) === TRUE) {
|
if ($con->query($sql) === TRUE) {
|
||||||
|
|
Loading…
Reference in New Issue