} else { if (isset($_SESSION['student'])) { header('Location: studentlogin.php'); } else { header('Location: index.html'); } } if (isset($_POST['submit'])) { $provided_cat = htmlspecialchars(trim($_POST['categoryName'])); $getCategories = "select * from missiontype"; $Categories = mysqli_query($connection, $getCategories); $categoryNames = array(); while ($row = mysqli_fetch_array($Categories)) { array_push($categoryNames, $row["Type"]); } if (compareValue($classNames, $provided_cat)) { $message = "A mission cateogry with this name already exists"; } if (empty($provided_cat)) { $message = "No name provided"; } if (!isset($message)) { $addCategory = "insert into missiontype(id,Type) values(0,'" . $provided_cat . "');"; if ($connection->query($addCategory) === TRUE) { echo "Mission type created successfully"; } else { echo "Error: " . $addCategory . "<br>" . $connection->error; } } } function compareValue($array, $value)
} else { if (isset($_SESSION['student'])) { header('Location: studentlogin.php'); } else { header('Location: index.html'); } } if (isset($_POST['submit'])) { $provided_name = htmlspecialchars(trim($_POST['chainName'])); $getChains = "select * from chainmission"; $chains = mysqli_query($connection, $getChains); $chainNames = array(); while ($row = mysqli_fetch_array($chains)) { array_push($chainNames, $row["name"]); } if (compareValue($chainNames, $provided_name)) { $message = "A chain with this name already exists"; } if (empty($provided_name)) { $message = "No name provided"; } if (!isset($message)) { $addChain = "insert into chainmission(id,name) values(0,'" . $provided_name . "');"; if ($connection->query($addChain) === TRUE) { echo "chain created successfully"; } else { echo "Error: " . $addChain . "<br>" . $connection->error; } } } function compareValue($array, $value)
if (isset($_POST['submit'])) { $provided_name = htmlspecialchars(trim($_POST['missionName'])); $provided_cat = htmlspecialchars(trim($_POST['category'])); $provided_desc = htmlspecialchars(trim($_POST['missionDesc'])); $provided_rubric = htmlspecialchars(trim($_POST['missionRubric'])); $provided_coin = htmlspecialchars(trim($_POST['coinValue'])); $provided_pill = htmlspecialchars(trim($_POST['pillValue'])); $provided_envelope = htmlspecialchars(trim($_POST['envelopeValue'])); $provided_time = htmlspecialchars(trim($_POST['completionTime'])); $getMissions = "select * from mission"; $Missions = mysqli_query($connection, $getMissions); $missionNames = array(); while ($row = mysqli_fetch_array($Missions)) { array_push($missionNames, $row["name"]); } if (compareValue($missionNames, $provided_name)) { $message['name'] = "A mission with this name already exists"; } if (empty($provided_name)) { $message['name'] = "No name provided"; } if (empty($provided_desc)) { $message['desc'] = "No Description Provided"; } if (empty($provided_rubric)) { $message['rubric'] = "No Rubric Provided"; } if (empty($provided_coin)) { $message['coins'] = "No Coin Value"; } if (empty($provided_pill)) {
$message['email'] = "Invalid email"; } //Checking to see if the user entered a first name if (strlen($user_firstname) == 0) { $message['firstname'] = "A first name is required."; } //Checking to see if the user entered a last name if (strlen($user_lastname) == 0) { $message['lastname'] = "A last name is required."; } //Checking if the user entered a password, and a confirmation, and making sure they are the same if (strlen($user_password) == 0 || strlen($user_confirmpassword) == 0 || $user_password != $user_confirmpassword) { $message['password'] = "******"; } //Checking if the class code entered by the user exists in the database if (!compareValue($classArray, $user_classcode)) { $message['classcode'] = "Invalid class code"; } //echo $classArray; //Checking to see if any part of the $message array is filled, if no part is filled, enter the user into database if (!isset($message)) { //Hashing the user's password $hashedPW = password_hash($user_password, PASSWORD_DEFAULT); $getUserClass = "SELECT * FROM Classes WHERE classname='" . $user_classcode . "';"; $userClass = mysqli_query($connection, $getUserClass); $userClassID = mysqli_fetch_array($userClass)['id']; //sql query that inserts the user into our database based on the information given $createAccount = "INSERT INTO student (id,Classes_id,email,firstname,lastname,password,coins,pills,envelopes) VALUES(DEFAULT," . $userClassID . ",'" . $user_email . "','" . $user_firstname . "','" . $user_lastname . "','" . $hashedPW . "',0,0,0)"; //If the account was created successfully, echo account created, otherwise echo the error recieved by the sql server if ($connection->query($createAccount) === TRUE) { header('Location: studentlogin.php');