add confirm ID and student valid ID

2022-12-22 05:50:32 +08:00 · 2022-12-22 05:50:32 +08:00 · f76cc2eb49
parent f7f9558721
commit f76cc2eb49
1 changed files with 26 additions and 18 deletions
--- a/Script.php
+++ b/Script.php
@ -105,9 +105,8 @@ if (!empty($_POST["form_signup"])) {

    // check if email is taken
    $result = mysqli_query($con, "SELECT * FROM users_table WHERE email='$email'");
-    if(mysqli_num_rows($result) != 0)
-    {
-        $_SESSION["info_signup"]="Email address ".$email."  is already in use.";
+    if (mysqli_num_rows($result) != 0) {
+        $_SESSION["info_signup"] = "Email address " . $email . "  is already in use.";
        $_SESSION['user_fullname'] = null;
        header("Location: signup.php");
        return;
@ -272,15 +271,16 @@ if (!empty($_POST["frm_createlecturrer"])) {
    $type = mysqli_real_escape_string($con, $_POST["type"]);
    $password = mysqli_real_escape_string($con, $_POST["passport"]);
    // check if email is taken
-    $result = mysqli_query($con,
-                           "SELECT * FROM Users_Table WHERE email='$email'");
-    if(mysqli_num_rows($result)!=0)
-    {
-        $_SESSION["info_Admin_Users"]="Email address : ".$email." is already in use.";
+    $result = mysqli_query(
+        $con,
+        "SELECT * FROM Users_Table WHERE email='$email'"
+    );
+    if (mysqli_num_rows($result) != 0) {
+        $_SESSION["info_Admin_Users"] = "Email address : " . $email . " is already in use.";
        header("Location: Admin.php");
    }
    $password_hash = password_hash("$password", PASSWORD_DEFAULT);
-    $sql= "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`) VALUES "
+    $sql = "INSERT INTO `users_table`(`Email`, `Password`, `Full_Name`, `UserType`) VALUES "
        . "('$email','$password_hash','$fullname','$type')";

    if ($con->query($sql) === TRUE) {
@ -741,13 +741,21 @@ if (!empty($_GET["groupinvite"])) {
    $courseid = mysqli_real_escape_string($con, $_GET["courseid"]);
    $groupid = mysqli_real_escape_string($con, $_GET["groupid"]);

-    $result = mysqli_query($con, "SELECT * FROM course_group_members_table where Course_Group_id = '$groupid' and Student_ID = '$student_id'");
-    if (mysqli_num_rows($result) > 0) {
-        $_SESSION["info_ReMarking"] = $student_id . " has already been invited";
-        header("Location: Course.php?url=" . $url);
+    $student = mysqli_query($con, "SELECT * FROM students_data WHERE Student_ID = '$student_id'  ");
+
+    if (mysqli_num_rows($student) > 0) {
+
+        $result = mysqli_query($con, "SELECT * FROM course_group_members_table where Course_Group_id = '$groupid' and Student_ID = '$student_id'");
+        if (mysqli_num_rows($result) > 0) {
+            $_SESSION["Reflect"] = $student_id . " has already been invited";
+            header("Location: Course.php?url=" . $url);
+        } else {
+            $sql = "INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`)
+                        VALUES ('$groupid','$student_id','Invited')";
+        }
    } else {
-        $sql = "INSERT INTO `course_group_members_table`( `Course_Group_id`, `Student_ID`, `Status`)
-                      VALUES ('$groupid','$student_id','Invited')";
+        $_SESSION["Reflect"] = $student_id . " Invalid Student Number ";
+        header("Location: Course.php?url=" . $url);
    }

    if ($con->query($sql) === TRUE) {