function authStud(&$response, $mst_id, array $stud_id) { $faculty_id = true; if (Privilege_Master::is_super($_SESSION['privilege_id'])) { $faculty_id = false; } if (!getStudentsByMst($response, $mst_id, $faculty_id)) { return false; } foreach ($stud_id as $id) { $flag = false; foreach ($response['data'] as $stud) { if (strcmp($stud['stud_id'], $id) == 0) { $flag = true; break; } } if (!$flag) { break; } } if ($flag) { $response = true; return true; } $response = array('code' => HTTP_Status::FORBIDDEN, 'message' => HTTP_Status::FORBIDDEN_MSG); return false; }
echo json_encode($try); exit; } if ('POST' == $_SERVER['REQUEST_METHOD']) { if (!isset($_SESSION['login']) || $_SESSION['login'] !== true) { attd_error(HTTP_Status::UNAUTHORIZED); } else { if (!ctype_digit($_SESSION['faculty_id']) && !Privilege_Master::is_super($_SESSION['privilege_id'])) { attd_error(HTTP_Status::FORBIDDEN); } } parse_str(parse_url($_SERVER['HTTP_REFERER'], PHP_URL_QUERY), $queries); if (empty($queries['mst']) || !ctype_digit($queries['mst'])) { attd_error(HTTP_Status::BAD_REQUEST); } if (getStudentsByMst($students, $queries['mst'])) { $abs_ids = array(); if (isset($_POST['abs']) && is_array($_POST['abs'])) { $abs_ids = $_POST['abs']; } //var_dump($students); try { $today = new DateTime(); $lec_date = new DateTime($_POST['date']); $st_date = new DateTime($students['metadata']['start_date']); $end_date = new DateTime($students['metadata']['end_date']); } catch (\Exception $e) { attd_error(HTTP_Status::BAD_REQUEST, "Invalid lecture date format."); } if ($lec_date < $st_date || $lec_date > $today) { attd_error(HTTP_Status::BAD_REQUEST, "Lecture date must be within " . $st_date->format("d-m-Y") . " to " . $today->format("d-m-Y") . ".");
} $try = array("req_aborted" => true, "error" => $err, "status" => $status); $try = json_encode($try); header('Content-Length: ' . strlen($try)); header('Content-Type: application/json'); echo $try; exit; } if ('GET' == $_SERVER['REQUEST_METHOD']) { //var_dump($_GET); if (!isset($_SESSION['login']) || $_SESSION['login'] !== true) { attd_error(HTTP_Status::UNAUTHORIZED); } else { if (!ctype_digit($_SESSION['faculty_id']) && !Privilege_Master::is_super($_SESSION['privilege_id'])) { attd_error(HTTP_Status::FORBIDDEN); } else { if (empty($_GET['mst']) || !ctype_digit($_GET['mst'])) { attd_error(HTTP_Status::BAD_REQUEST); } } } $response = array(); if (getStudentsByMst($response, $_GET['mst'])) { $response = json_encode($response); header('Content-Length: ' . strlen($response)); header('Content-Type: application/json'); echo $response; } else { attd_error($response['code'], isset($response['message']) ? $response['message'] : ""); } }