function get_rights($for = "")
{
try {
$dbh = new MyDbCon();
$dbh->select("Privilege_Master");
$dbh->select->where(array("privilege_id" => $_SESSION['privilege_id']));
$dbh->prepare();
if ($dbh->execute()) {
$obj = $dbh->fetchAll()[0];
$rights = $obj->get_assoc_array();
if (empty($for)) {
return $rights;
}
$for = strtolower($for);
if (isset($rights[$for])) {
return $rights[$for];
}
$for .= "_access";
if (isset($rights[$for])) {
return $rights[$for];
}
}
} catch (\Exception $e) {
throw $e;
}
if (!empty($for)) {
return "000";
}
return Privilege_Master::zero_rights();
}
function authStud(&$response, $mst_id, array $stud_id)
{
$faculty_id = true;
if (Privilege_Master::is_super($_SESSION['privilege_id'])) {
$faculty_id = false;
}
if (!getStudentsByMst($response, $mst_id, $faculty_id)) {
return false;
}
foreach ($stud_id as $id) {
$flag = false;
foreach ($response['data'] as $stud) {
if (strcmp($stud['stud_id'], $id) == 0) {
$flag = true;
break;
}
}
if (!$flag) {
break;
}
}
if ($flag) {
$response = true;
return true;
}
$response = array('code' => HTTP_Status::FORBIDDEN, 'message' => HTTP_Status::FORBIDDEN_MSG);
return false;
}
$err = $custom;
} else {
$err = HTTP_Status::getMessage($status);
}
$try = array("done" => false, "final" => $err, "status" => $status);
$try = json_encode($try);
header('Content-Length: ' . strlen($try));
header('Content-Type: application/json');
echo $try;
exit;
}
if ('GET' == $_SERVER['REQUEST_METHOD']) {
if (!isset($_SESSION['login']) || $_SESSION['login'] !== true) {
attd_error(HTTP_Status::UNAUTHORIZED);
} else {
if (!ctype_digit($_SESSION['faculty_id']) && !Privilege_Master::is_super($_SESSION['privilege_id']) || empty($_SERVER['HTTP_REFERER'])) {
attd_error(HTTP_Status::FORBIDDEN);
}
}
parse_str(parse_url($_SERVER['HTTP_REFERER'], PHP_URL_QUERY), $queries);
if (empty($queries['mst']) || !ctype_digit($queries['mst'])) {
attd_error(HTTP_Status::BAD_REQUEST);
}
if (getMstMetaData($metadata, $queries['mst']) && (isset($_GET['step2']) && !empty($_GET['stud_id']) && getLectureWiseAttendanceOfStudByMst($response, $queries['mst'], $_GET['stud_id']) || isset($_GET['step2']) && !empty($_GET['lec_id']) && getStudentAttendanceByLec($response, $_GET['lec_id']) || !isset($_GET['lecwise']) && getStudentWiseAttendanceByMst($response, $queries['mst']) || getLectureWiseAttendanceByMst($response, $queries['mst']))) {
if (isset($metadata) && !isset($_GET['step2'])) {
$response['metadata'] = $metadata;
}
$response = json_encode($response);
header('Content-Length: ' . strlen($response));
header('Content-Type: application/json');
echo $response;
function getStudentsByMst(&$response, $mst_id, $faculty_id = true, $now = true)
{
if (!ctype_digit($mst_id)) {
$response = array('code' => HTTP_Status::BAD_REQUEST, 'message' => 'Master ID must be digits only');
return false;
}
$meta_data = array("batchno" => null, "division" => null, "inst_name" => null, "prog_name" => null, "dept_name" => null, "semester" => null, "subject" => null);
try {
$dbh = new MyDbCon();
$dbh->select("Attendance_Master");
$dbh->select->where->equalTo("attd_mst_id", $mst_id);
$dbh->prepare();
if ($dbh->execute()) {
$tmp = $dbh->fetchAssoc()[0];
$meta_data['batchno'] = $tmp['batchno'];
$meta_data['division'] = $tmp['division'];
} else {
$response = array('code' => HTTP_Status::FORBIDDEN);
return false;
}
$where_funcs = array('=' => 'equalTo', '<' => 'lessThan', '>' => 'greaterThan', '<=' => 'lessThanOrEqualTo', '>=' => 'greaterThanOrEqualTo', 'like' => 'like');
$where = array("attd_mst_id" => $mst_id, "stud_status" => "C");
if ($now) {
try {
$now = (new DateTime())->format("Y-m-d");
//throw new Exception("asd");
} catch (Exception $e) {
$response = array('code' => HTTP_Status::INTERNAL_SERVER_ERROR);
return false;
}
$where['end_date'] = "{$now}:>=";
$where['start_date'] = "{$now}:<=";
}
if ($faculty_id && !Privilege_Master::is_super($_SESSION['privilege_id'])) {
$where['faculty_id'] = $_SESSION['faculty_id'];
}
$join_tables = array("Academic_Calendar", "Teaches", "Syllabus", "Student_Master");
$join_on = array("Academic_Calendar" => "Academic_Calendar.ac_id=Attendance_Master.ac_id", "Teaches" => "Attendance_Master.teaches_id=Teaches.teaches_id", "Syllabus" => "Teaches.syllabus_id=Syllabus.syllabus_id", "Student_Master" => "Student_Master.o_id=Syllabus.o_id AND Student_Master.stud_sem=Academic_Calendar.semester AND Student_Master.stud_div=Attendance_Master.division");
if (!empty($meta_data['batchno'])) {
$join_on["Student_Master"] .= " AND Student_Master.stud_batchno=Attendance_Master.batchno";
}
$join_columns = array("Academic_Calendar" => array("start_date", "end_date"), "Teaches" => array(), "Syllabus" => array("sub_id"), "Student_Master" => array("stud_id", "stud_enrolmentno", "stud_rollno", "stud_name", "stud_father_name", "stud_surname", "stud_sem", "stud_div", "stud_batchno", "o_id"));
$meta_keys = array("stud_sem", "stud_div", "stud_batchno", "o_id", "sub_id", "start_date", "end_date");
$dbh = new MyDbCon();
$dbh->select("Attendance_Master");
$dbh->select->columns(array());
// Join Tables
foreach ($join_tables as $val) {
$cols = Select::SQL_STAR;
if (isset($join_columns[$val])) {
$cols = $join_columns[$val];
}
$dbh->join($val, $join_on[$val], $cols);
}
// Where Clause
foreach ($where as $key => $val) {
$vals = explode(':', $val);
$wh = $where_funcs['='];
if (!empty($vals[1]) && isset($where_funcs[$vals[1]])) {
$wh = $where_funcs[$vals[1]];
}
$dbh->select->where->{$wh}($key, $vals[0]);
}
$dbh->select->order("stud_rollno ASC");
$dbh->prepare();
if ($dbh->execute()) {
$objs = $dbh->fetchAssoc();
$meta_data['semester'] = $objs[0]['stud_sem'];
$meta_data['start_date'] = $objs[0]['start_date'];
$meta_data['end_date'] = $objs[0]['end_date'];
$names = Offers_Master::getNames($objs[0]['o_id']);
$meta_data['subject'] = Sub_Master::getSubjectName($objs[0]['sub_id']);
if ($names) {
$meta_data['inst_name'] = $names['inst_name'];
$meta_data['prog_name'] = $names['prog_name'];
$meta_data['dept_name'] = $names['dept_name'];
}
foreach ($objs as $row) {
foreach ($meta_keys as $val) {
unset($row[$val]);
}
if (!empty($row['stud_father_name'])) {
$row['stud_name'] .= " " . $row['stud_father_name'];
}
if (!empty($row['stud_surname'])) {
$row['stud_name'] .= " " . $row['stud_surname'];
}
unset($row['stud_father_name']);
unset($row['stud_surname']);
}
//var_dump($meta_data);
//var_dump($objs);
$response = array("metadata" => $meta_data, "data" => $objs);
return true;
} else {
$response = array('code' => HTTP_Status::FORBIDDEN);
return false;
}
} catch (\Exception $e) {
$message = $e->getPrevious() ? $e->getPrevious()->getMessage() : $e->getMessage();
$code = $e->getPrevious() ? $e->getPrevious()->getCode() : $e->getCode();
$err = "Error Code: " . $code . " <br/>Detailed Info: " . $message;
$response = array('code' => HTTP_Status::FORBIDDEN, 'message' => $err);
return false;
}
}
$err = $custom;
} else {
$err = HTTP_Status::getMessage($status);
}
$try = array("done" => false, "final" => $err, "status" => $status);
$try = json_encode($try);
header('Content-Length: ' . strlen($try));
header('Content-Type: application/json');
echo $try;
exit;
}
if ('POST' == $_SERVER['REQUEST_METHOD']) {
if (!isset($_SESSION['login']) || $_SESSION['login'] !== true) {
attd_error(HTTP_Status::UNAUTHORIZED);
} else {
if (!ctype_digit($_SESSION['faculty_id']) && !Privilege_Master::is_super($_SESSION['privilege_id'])) {
attd_error(HTTP_Status::FORBIDDEN);
}
}
parse_str(parse_url($_SERVER['HTTP_REFERER'], PHP_URL_QUERY), $queries);
if (empty($queries['mst']) || !ctype_digit($queries['mst'])) {
attd_error(HTTP_Status::BAD_REQUEST);
}
/*var_dump($_POST);
var_dump(authMst($response,$queries['mst'],$_SESSION['faculty_id']));
var_dump($response);*/
/*var_dump(authStud($response,$queries['mst'],array($_POST['stud_id'])));
var_dump($response);*/
/*var_dump(authLec($response,$queries['mst'],array($_POST['lec_id'])));
var_dump($response);*/
$flag = false;
function getMstByFaculty(&$response, $fac_id, $now = true)
{
if (!ctype_digit($fac_id) && !Privilege_Master::is_super($_SESSION['privilege_id'])) {
$response = array('code' => HTTP_Status::BAD_REQUEST, 'message' => 'Faculty ID must be digits only');
return false;
}
try {
$where_funcs = array('=' => 'equalTo', '<' => 'lessThan', '>' => 'greaterThan', '<=' => 'lessThanOrEqualTo', '>=' => 'greaterThanOrEqualTo', 'like' => 'like');
if (!Privilege_Master::is_super($_SESSION['privilege_id'])) {
$where = array("Teaches.faculty_id" => $fac_id);
}
try {
$now = (new DateTime())->format("Y-m-d");
} catch (Exception $e) {
$response = array('code' => HTTP_Status::INTERNAL_SERVER_ERROR);
return false;
}
$where['end_date'] = "{$now}:>=";
$where['start_date'] = "{$now}:<=";
$join_tables = array("Academic_Calendar", "Teaches", "Syllabus", "Offers_Master", "Inst_Master", "Prog_Master", "Dept_Master", "Sub_Master", "Faculty_Master");
$join_on = array("Academic_Calendar" => "Academic_Calendar.ac_id=Attendance_Master.ac_id", "Teaches" => "Attendance_Master.teaches_id=Teaches.teaches_id", "Syllabus" => "Teaches.syllabus_id=Syllabus.syllabus_id", "Offers_Master" => "Offers_Master.o_id=Syllabus.o_id", "Inst_Master" => "Inst_Master.inst_id=Offers_Master.inst_id", "Prog_Master" => "Prog_Master.prog_id=Offers_Master.prog_id", "Dept_Master" => "Dept_Master.dept_id=Offers_Master.dept_id", "Sub_Master" => "Sub_Master.sub_id=Syllabus.sub_id", "Faculty_Master" => "Faculty_Master.faculty_id=Teaches.faculty_id");
$join_columns = array("Academic_Calendar" => array("start_date", "end_date", "semester"), "Teaches" => array("type"), "Syllabus" => array("sub_id"), "Offers_Master" => array("o_id"), "Inst_Master" => array("inst_name"), "Prog_Master" => array("prog_name"), "Dept_Master" => array("dept_name"), "Sub_Master" => array("sub_name"), "Faculty_Master" => array("faculty_name", "faculty_father_name", "faculty_surname"));
$dbh = new MyDbCon();
$dbh->select("Attendance_Master");
$dbh->select->columns(array("attd_mst_id", "batchno", "division"));
// Join Tables
foreach ($join_tables as $val) {
$cols = Select::SQL_STAR;
if (isset($join_columns[$val])) {
$cols = $join_columns[$val];
}
$dbh->join($val, $join_on[$val], $cols);
}
// Where Clause
foreach ($where as $key => $val) {
$vals = explode(':', $val);
$wh = $where_funcs['='];
if (!empty($vals[1]) && isset($where_funcs[$vals[1]])) {
$wh = $where_funcs[$vals[1]];
}
$dbh->select->where->{$wh}($key, $vals[0]);
}
$dbh->prepare();
if ($dbh->execute()) {
$objs = $dbh->fetchAssoc();
foreach ($objs as $row) {
if (!empty($row['faculty_father_name'])) {
$row['faculty_name'] .= " " . $row['faculty_father_name'];
}
if (!empty($row['faculty_surname'])) {
$row['faculty_name'] .= " " . $row['faculty_surname'];
}
unset($row['faculty_father_name']);
unset($row['faculty_surname']);
}
$response = $objs;
return true;
} else {
$response = array('code' => HTTP_Status::NOT_FOUND);
return false;
}
} catch (\Exception $e) {
$message = $e->getPrevious() ? $e->getPrevious()->getMessage() : $e->getMessage();
$code = $e->getPrevious() ? $e->getPrevious()->getCode() : $e->getCode();
$err = "Error Code: " . $code . " <br/>Detailed Info: " . $message;
$response = array('code' => HTTP_Status::FORBIDDEN, 'message' => $err);
return false;
}
}
public static function zero_rights()
{
$rights = array();
$obj = new Privilege_Master();
$arr = $obj->get_assoc_array();
foreach ($arr as $key => $val) {
if ($key != "privilege_id" && $key != "privilege_name") {
$rights[$key] = "000";
}
}
return $rights;
}
