forked from Avinm/QuickSlots
/
courses.php
52 lines (47 loc) · 1.56 KB
/
courses.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
<?php
/**
* Back end routines to add/delete courses, invoked by faculty.php
* @author Avin E.M; Kunal Dahiya
*/
require_once('functions.php');
if(!sessionCheck('logged_in'))
postResponse("error","Your session has expired, please login again");
require_once('connect_db.php');
rangeCheck('cId',2,20);
$cId = strtoupper($_POST['cId']);
if(!isset($_SESSION['faculty']))
$_SESSION['faculty'] = $_SESSION['uName'];
if(!sessionCheck('level','faculty') && !empty($_GET['faculty']))
$_SESSION['faculty'] = $_GET['faculty'];
if(valueCheck('action','add'))
{
rangeCheck('cName',6,100);
if(empty($_POST["allowConflict"]))
$_POST["allowConflict"] = 0;
try
{
$query = $db->prepare('INSERT INTO courses(course_Id,course_name,fac_id,allow_conflict) values (?,?,?,?)');
$query->execute([$cId,$_POST['cName'],$_SESSION['faculty'],$_POST["allowConflict"]]);
$query = $db->prepare('INSERT INTO allowed(course_Id,batch_name,batch_dept) values (?,?,?)');
foreach ($_POST['batch'] as $batch)
{
$batch = explode(" : ",$batch);
$query->execute([$cId,$batch[0],$batch[1]]);
}
postResponse("addOpt","Course Added",[$_POST['cName'],$cId]);
}
catch(PDOException $e)
{
if($e->errorInfo[0]==23000)
postResponse("error","Course ID already exists");
else
postResponse("error",$e->errorInfo[2]);
}
}
elseif(valueCheck('action','delete'))
{
$query = $db->prepare('DELETE FROM courses where course_id =? and fac_id =?');
$query->execute([$_POST['cId'],$_SESSION['faculty']]);
postResponse("removeOpt","Course deleted");
}
?>