/**
* Adds user to the databse.
* Creates a temporary randomly generated password string
* for user, emails the user a confirmation message about account creation
* along with
* temporary password string.
*
* @param $DB_con -
* PDO Database connection object
*/
public function add_user($DB_con)
{
// generate random password string
$temp_password = random_str(10);
// not currently needed
// hash password
// if (isset($password)) {
// $password = crypt($password);
// }
// prepare and executer query to add user to database
$add_user_query = 'INSERT INTO `tat_user` (`employee_number`, `First_Name`, `Last_Name`, `Email`, `Phone_Number`, `GPA`, `Gender`, `Password`, `Access_Level`)
VALUES (:sid, :first_name, :last_name, :email, :phone_number, :gpa, :gender, :password, :access_level)';
$statement = $DB_con->prepare($add_user_query);
// bind query parameters
$statement->bindParam(':sid', $this->id, PDO::PARAM_STR);
$statement->bindParam(':first_name', $this->first_name, PDO::PARAM_STR);
$statement->bindParam(':last_name', $this->last_name, PDO::PARAM_STR);
$statement->bindParam(':email', $this->email, PDO::PARAM_STR);
$statement->bindParam(':phone_number', $this->phone_number, PDO::PARAM_STR);
$statement->bindParam(':gpa', $this->gpa, PDO::PARAM_STR);
$statement->bindParam(':gender', $this->gender, PDO::PARAM_STR);
$statement->bindParam(':password', $temp_password, PDO::PARAM_STR);
$statement->bindParam(':access_level', $this->access_level, PDO::PARAM_STR);
// execute query
if (!$statement->execute()) {
// set error message and redirect user
$_SESSION['add_user_error'] = 'An unknown error has occurred. Please contact system support and provide a detailed description of what you were trying to accomplish when this error occurred. (Error: -1)';
header('Location: ../add_user_gui.php');
die;
} else {
// redirect to dash board
$_SESSION['user_added'] = 1;
$fullName = $this->first_name . " " . $this->last_name;
// finally send them an email
if ($this->access_level == 'lecturer') {
$email = new Emailer();
$email->sendLecturerTempEmail($_POST['user_email'], $fullName, $temp_password);
header('Location: ../add_user_gui.php');
die;
} else {
if ($this->access_level == 'student') {
$email = new Emailer();
$email->sendStudentTempEmail($_POST['user_email'], $fullName, $temp_password);
header('Location: ../add_user_gui.php');
die;
}
}
}
}
public function importCsvData($id)
{
$file = fopen("uploads/" . $_FILES['file']['name'], "r");
$i = 0;
while (!fof($file)) {
$value = fgetcsv($file, 0, ';');
if ($i > 0) {
if ($value[0] != '') {
$empId = $value[0];
$fname = $value[1];
$surname = $value[2];
$email = $value[3];
$phone = $value[4];
$gender = $value[5];
$length = 10;
$temp_password = random_str($length);
// generates temp password
$stmt = $this->db->prepare("SELECT employee_number FROM tat_user WHERE employee_number = '{$empId}'");
$stmt->execute();
// insert student data
if ($stmt->rowCount() == 0) {
$stmt = $this->db->prepare("INSERT INTO tat_user (employee_number, First_Name, Last_Name, Email, Phone_Number, Gender, Password, Access_Level, Token)\n VALUES('{$empId}','{$fname}', '{$surname}', '{$email}',\n '{$phone}', '{$gender}','{$temp_password}', 'student', '{$temp_password}')");
$stmt->execute();
// insert user id and course id
$stmt = $this->db->prepare("SELECT Id FROM tat_user WHERE employee_number = '{$empId}'");
$stmt->execute();
$result = $stmt->fetch();
$sid = $result['Id'];
$stmt = $this->db->prepare("INSERT INTO tat_course_student (User_Id, Course_Instance_Id, Skills_Updated)\n VALUES('{$sid}','{$id}', 'No')");
$stmt->execute();
// sebd the emails to inform the students
$fullName = $fname . " " . $surname;
$email = new Emailer();
$email->sendStudentTempEmail($email, $fullName, $temp_password);
} else {
$_SESSION['none_adds'][] = $empId . " " . $fname . " " . $surname . " " . $email;
}
}
}
}
fclose($file);
}
