예제 #1
0
/**
 * rangeCheck()
 * 
 * Returns true if the parameter $postvar is bounded in length by $min and $max 
 */
function rangeCheck($postvar, $min, $max, $spaceAllowed = true)
{
    if (empty($_POST['ajaxcheck']) || $_POST['ajaxcheck'] == $postvar) {
        if (!empty($_POST[$postvar])) {
            if (!$spaceAllowed) {
                if (strpos($_POST[$postvar], " ") !== false) {
                    postResponse("error", $postvar . ' Cannot contain spaces');
                }
            }
            if (strlen($_POST[$postvar]) < $min) {
                postResponse("error", $postvar . ' must be atleast ' . $min . ' characters long');
            } else {
                if (strlen($_POST[$postvar]) > $max) {
                    postResponse("error", $postvar . ' must not be longer than ' . $max . ' characters');
                }
            }
        } else {
            postResponse("error", 'Please enter ' . $postvar);
        }
    }
}
예제 #2
0
    $_SESSION['faculty'] = $_SESSION['uName'];
}
if (!sessionCheck('level', 'faculty') && !empty($_GET['faculty'])) {
    $_SESSION['faculty'] = $_GET['faculty'];
}
if (valueCheck('action', 'add')) {
    rangeCheck('cName', 6, 100);
    if (empty($_POST["allowConflict"])) {
        $_POST["allowConflict"] = 0;
    }
    try {
        $query = $db->prepare('INSERT INTO courses(course_Id,course_name,fac_id,allow_conflict) values (?,?,?,?)');
        $query->execute([$cId, $_POST['cName'], $_SESSION['faculty'], $_POST["allowConflict"]]);
        $query = $db->prepare('INSERT INTO allowed(course_Id,batch_name,batch_dept) values (?,?,?)');
        foreach ($_POST['batch'] as $batch) {
            $batch = explode(" : ", $batch);
            $query->execute([$cId, $batch[0], $batch[1]]);
        }
        postResponse("addOpt", "Course Added", [$_POST['cName'], $cId]);
    } catch (PDOException $e) {
        if ($e->errorInfo[0] == 23000) {
            postResponse("error", "Course ID already exists");
        } else {
            postResponse("error", $e->errorInfo[2]);
        }
    }
} elseif (valueCheck('action', 'delete')) {
    $query = $db->prepare('DELETE FROM courses where course_id =? and fac_id =?');
    $query->execute([$_POST['cId'], $_SESSION['faculty']]);
    postResponse("removeOpt", "Course deleted");
}
예제 #3
0
파일: dean.php 프로젝트: ltlt47/QuickSlots
            $query->execute([$state, $slot[0], $slot[1], $current['table_name']]);
            if ($state == 'disabled') {
                $deleteAllocs->execute([$slot[0], $slot[1], $current['table_name']]);
            }
        }
        postResponse("info", 'Slots updated');
        die;
    }
    if (valueCheck('action', 'deleteTimetable')) {
        $query = $db->prepare('DELETE from timetables where table_name=? AND active=0');
        $query->execute([$_POST['table_name']]);
        if ($query->rowCount()) {
            postResponse("removeOpt", 'Timetable deleted');
            die;
        } else {
            postResponse("error", 'Slot is the current active slot, choose another slot as active before deleting');
        }
    }
}
?>
<!DOCTYPE HTML>
<html>
<head>
  <title>QuickSlots</title>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  <link rel="shortcut icon" type="image/png" href="images/favicon.png"/>
  <link rel="stylesheet" type="text/css" href="css/styles.css">
  <link rel="stylesheet" type="text/css" href="css/dashboard.css">
  <link rel="stylesheet" type="text/css" href="css/table.css">
  <link rel="stylesheet" type="text/css" href="css/chosen.css">
  <script type="text/javascript"  src="js/jquery.min.js" ></script>
예제 #4
0
/**
 * changeUserLevel()
 * 
 * Add or remove $user to the admin table with the given $level
 */
function changeUserLevel($user, $level)
{
    global $db;
    try {
        $query = $db->prepare('UPDATE faculty SET level = ? where uName = ?');
        $query->execute([$level, $user]);
        if (!$query->rowCount()) {
            postResponse("error", "The selected user might have been deleted. Try reloading the page.");
        }
    } catch (PDOException $e) {
        postResponse("error", $e->errorInfo[2]);
    }
}
예제 #5
0
파일: rooms.php 프로젝트: ltlt47/QuickSlots
<?php

/**
 * Back end routines to add/delete rooms, invoked by dean.php
 * @author Avin E.M; Kunal Dahiya
 */
require_once 'functions.php';
require_once 'connect_db.php';
if (!sessionCheck('level', 'dean')) {
    die;
}
rangeCheck('room_name', 2, 25);
if (valueCheck('action', 'add')) {
    rangeCheck('capacity', 1, 3);
    try {
        $query = $db->prepare('INSERT INTO rooms(room_name,capacity) values (?,?)');
        $query->execute([$_POST['room_name'], $_POST['capacity']]);
        postResponse("addOpt", "Room Added", [$_POST['room_name'], $_POST['capacity']]);
    } catch (PDOException $e) {
        if ($e->errorInfo[0] == 23000) {
            postResponse("error", "Room already exists");
        } else {
            postResponse("error", $e->errorInfo[2]);
        }
    }
} elseif (valueCheck('action', 'delete')) {
    $query = $db->prepare('DELETE FROM rooms where room_name = ?');
    $query->execute([$_POST['room_name']]);
    postResponse("removeOpt", "Room deleted");
}
예제 #6
0
파일: login.php 프로젝트: ltlt47/QuickSlots
            $_SESSION['fName'] = $faculty['fac_name'];
            $_SESSION['uName'] = $uName;
            $_SESSION['level'] = $faculty['level'];
            $_SESSION['dept'] = $faculty['dept_code'];
        } else {
            postResponse("error", "Invalid credentials");
        }
    }
}
if (sessionCheck('logged_in')) {
    $home = "faculty.php";
    if ($_SESSION['level'] == "dean") {
        $home = "dean.php";
    }
    if ($_POST) {
        postResponse("redirect", $home);
    }
    header("Location: " . $home);
    die;
}
?>
<!DOCTYPE HTML>
<html>

<head>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  <link rel="shortcut icon" type="image/png" href="images/favicon.png"/>
  <script src="js/jquery.min.js"></script>
  <link href="css/styles.css" rel="stylesheet" type="text/css" />
  <title>QuickSlots | Login</title>
  <script src="js/form.js"></script>
예제 #7
0
 * Back end routines to add/delete batches, invoked by manage.php
 * @author Avin E.M; Kunal Dahiya
 */
require_once 'functions.php';
require_once 'connect_db.php';
if (!sessionCheck('logged_in')) {
    postResponse("error", "Your session has expired, please login again");
}
if (!sessionCheck('level', 'dean')) {
    die('You are not authorized to perform this action');
}
if (valueCheck('action', 'add')) {
    rangeCheck('batch_name', 2, 30);
    rangeCheck('size', 1, 3);
    try {
        $query = $db->prepare('INSERT INTO batches(batch_name,batch_dept,size) values (?,?,?)');
        $query->execute([$_POST['batch_name'], $_POST['dept'], $_POST['size']]);
        postResponse("addOpt", "Batch Added", [$_POST['batch_name'] . ' : ' . $_POST['dept'], $_POST['size']]);
    } catch (PDOException $e) {
        if ($e->errorInfo[0] == 23000) {
            postResponse("error", "Batch already exists");
        } else {
            postResponse("error", $e->errorInfo[2]);
        }
    }
} elseif (valueCheck('action', 'delete')) {
    $query = $db->prepare('DELETE FROM batches where batch_name = ? AND batch_dept=?');
    $batch = explode(" : ", $_POST['batch']);
    $query->execute([$batch[0], $batch[1]]);
    postResponse("removeOpt", "Batch deleted");
}
예제 #8
0
파일: setup.php 프로젝트: ltlt47/QuickSlots
        }
    } catch (PDOException $e) {
        if ($e->getCode() == '42S02') {
            $db->exec(file_get_contents('create_tables.sql'));
            if ($_POST) {
                postResponse('redirect', 'setup.php');
            }
        }
        if ($_POST) {
            if ($e->getCode() == 1045) {
                postResponse('error', "Cannot connect to the database: Invalid username or password");
            } else {
                if ($e->getCode() == 1044) {
                    postResponse('error', $e->getMessage());
                } else {
                    postResponse('error', $e->getMessage());
                }
            }
        } else {
            copy('config.php', 'tmp/config.old_invalid.php');
            file_put_contents('config.php', '');
        }
    }
}
?>
<!DOCTYPE HTML>
<html>
<head>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  <link rel="shortcut icon" type="image/png" href="images/favicon.png"/>
  <link href="css/styles.css" rel="stylesheet" type="text/css" />
예제 #9
0
    try {
        foreach ($_POST as $slotStr => $course_room) {
            $course_room = explode(':', $course_room);
            $course = $course_room[0];
            $room = $course_room[1];
            $slot = explode('_', $slotStr);
            $query->execute([$current['table_name'], $slot[0], $slot[1], $room, $course]);
        }
    } catch (PDOException $e) {
        if ($e->errorInfo[0] == 23000) {
            postResponse("error", "The selected room has been booked already, rooms list has been refreshed");
        } else {
            postResponse("error", $e->errorInfo[2]);
        }
    }
    postResponse("info", "Slots Saved");
    die;
}
if (valueCheck('action', 'queryRooms')) {
    $slot = explode('_', $_POST["slot"]);
    $query = $db->prepare('SELECT min(size) FROM allowed NATURAL JOIN batches where course_id=?');
    $query->execute([$_POST['course']]);
    $minCap = $query->fetch()[0];
    $query = $db->prepare('SELECT room_name,capacity FROM rooms 
             where capacity>=? AND room_name NOT IN 
             (SELECT room FROM slot_allocs where table_name=? AND day=? AND slot_num=?
              AND course_id NOT IN (SELECT course_id FROM courses where fac_id=?)
              ) ORDER BY capacity');
    $query->execute([$minCap, $current['table_name'], $slot[0], $slot[1], $_SESSION['faculty']]);
    $rooms = $query->fetchall(PDO::FETCH_NUM);
    die(json_encode($rooms));
예제 #10
0
<?php

/**
 * Back end routines to generate/restore backups, invoked by dean.php
 * @author Avin E.M; Kunal Dahiya
 */
require_once 'functions.php';
if (!sessionCheck('level', 'dean')) {
    die;
}
require_once 'connect_db.php';
if (valueCheck('action', 'backup')) {
    header('Content-type: text/plain');
    header('Content-Disposition: attachment; filename=backup_' . date("H-i_d-m-Y") . '.sql');
    passthru("mysqldump --user={$config['db_user']} --password={$config['db_pswd']} --host={$config['db_host']} {$config['db_name']}");
} else {
    $snapshot = $_FILES['snapshot']['tmp_name'];
    try {
        $db->exec(file_get_contents($snapshot));
        unlink($snapshot);
        header("Location: dean.php?status=restoreComplete");
    } catch (PDOException $e) {
        postResponse("error", $e->errorInfo[2]);
    }
}
예제 #11
0
파일: depts.php 프로젝트: ltlt47/QuickSlots
<?php

/**
 * Back end routines to add/delete departments, invoked by manage.php
 * @author Avin E.M; Kunal Dahiya
 */
require_once 'functions.php';
if (!sessionCheck('level', 'dean')) {
    die;
}
require_once 'connect_db.php';
rangeCheck('dept_code', 2, 5, false);
$dept_code = strtoupper($_POST['dept_code']);
if (valueCheck('action', 'add')) {
    rangeCheck('dName', 6, 50);
    try {
        $query = $db->prepare('INSERT INTO depts(dept_code,dept_name) values (?,?)');
        $query->execute([$dept_code, $_POST['dName']]);
        postResponse("addOpt", "Deparment Added", [$_POST['dName'], $dept_code]);
    } catch (PDOException $e) {
        if ($e->errorInfo[0] == 23000) {
            postResponse("error", "Deparment already exists");
        } else {
            postResponse("error", $e->errorInfo[2]);
        }
    }
} elseif (valueCheck('action', 'delete')) {
    $query = $db->prepare('DELETE FROM depts where dept_code =?');
    $query->execute([$dept_code]);
    postResponse("removeOpt", "Deparment deleted");
}