public function submit() { $user = new User_model(); if (!$user->loadPropertiesFromPrimaryKey($_SESSION['UserID'])) { redirect('Login/logout'); } if (!$user->isAdmin()) { header("Content-type: text/plain", true, 401); echo "Unauthorized access"; return; } if (!isset($_POST['year']) || !isset($_POST['quarter'])) { header("Content-type: text/plain", true, 400); echo "Missing required academic quarter information"; return; } $academic_quarter = new Academic_quarter_model(); if (!$academic_quarter->loadPropertiesFromNameAndYear($_POST['quarter'], $_POST['year'])) { $academic_quarter->setName($_POST['quarter']); $academic_quarter->setYear($_POST['year']); if (!$academic_quarter->create()) { header("Content-type: text/plain", true, 500); echo "Unable to load academic quarter"; return; } } // Check $_FILES['upfile']['error'] value. switch ($_FILES['boss_file']['error']) { case UPLOAD_ERR_OK: break; case UPLOAD_ERR_NO_FILE: header("Content-type: text/plain", true, 400); echo "No file sent"; return; case UPLOAD_ERR_INI_SIZE: case UPLOAD_ERR_FORM_SIZE: header("Content-type: text/plain", true, 400); echo "Exceeded file size limit"; return; default: header("Content-type: text/plain", true, 500); echo "Unknown error occurred"; return; } // You should also check filesize here. if ($_FILES['boss_file']['size'] > self::MAX_FILE_SIZE) { header("Content-type: text/plain", true, 400); echo "Exceeded file size limit"; return; } $file_name = hash("md5", time() . $_FILES['boss_file']['tmp_name']); $file_path = self::UPLOAD_FILE_DIR . "/" . $file_name . ".txt"; if (!move_uploaded_file($_FILES['boss_file']['tmp_name'], $file_path)) { header("Content-type: text/plain", true, 500); echo "Failed to move uploaded file"; return; } $result = self::parseFutureCourseOfferingsFile($file_path, $academic_quarter->getAcademicQuarterID()); // In future, possibly check to make sure file was successfully deleted here unlink($file_path); if ($result == null) { header("Content-type: text/plain", true, 200); echo "Success"; } else { header("Content-type: text/plain", true, 400); echo $result; } }
public function Student_Cancel() { $User_model = new User_model(); $User_model->loadPropertiesFromPrimaryKey($_SESSION['UserID']); $quarter = Academic_quarter_model::getLatestAcademicQuarter(); $quarter = $quarter->getAcademicQuarterID(); $Advising_schedule = new Advising_schedule_model(); $Advising_appointment = new Advising_appointment_model(); $advisor = $User_model->getAdvisor(); $advisor = $advisor->getUserID(); $Advising_schedule->loadPropertiesFromAdvisorIDAndAcademicQuarterID($advisor, $quarter); $app_array = $Advising_schedule->getAllAdvisingAppointments(); foreach ($app_array as $key) { if ($key->getScheduledStudentUserID() == $_SESSION['UserID'] && $key->isScheduled()) { $Advising_appointment->loadPropertiesFromPrimaryKey($key->getAdvisingAppointmentID()); $Advising_appointment->setAdvisingAppointmentState(3); $Advising_appointment->update(); break; } } //SEND Optional Email redirect('appointment_controller'); }