function authStud(&$response, $mst_id, array $stud_id) { $faculty_id = true; if (Privilege_Master::is_super($_SESSION['privilege_id'])) { $faculty_id = false; } if (!getStudentsByMst($response, $mst_id, $faculty_id)) { return false; } foreach ($stud_id as $id) { $flag = false; foreach ($response['data'] as $stud) { if (strcmp($stud['stud_id'], $id) == 0) { $flag = true; break; } } if (!$flag) { break; } } if ($flag) { $response = true; return true; } $response = array('code' => HTTP_Status::FORBIDDEN, 'message' => HTTP_Status::FORBIDDEN_MSG); return false; }
$err = $custom; } else { $err = HTTP_Status::getMessage($status); } $try = array("done" => false, "final" => $err, "status" => $status); $try = json_encode($try); header('Content-Length: ' . strlen($try)); header('Content-Type: application/json'); echo $try; exit; } if ('GET' == $_SERVER['REQUEST_METHOD']) { if (!isset($_SESSION['login']) || $_SESSION['login'] !== true) { attd_error(HTTP_Status::UNAUTHORIZED); } else { if (!ctype_digit($_SESSION['faculty_id']) && !Privilege_Master::is_super($_SESSION['privilege_id']) || empty($_SERVER['HTTP_REFERER'])) { attd_error(HTTP_Status::FORBIDDEN); } } parse_str(parse_url($_SERVER['HTTP_REFERER'], PHP_URL_QUERY), $queries); if (empty($queries['mst']) || !ctype_digit($queries['mst'])) { attd_error(HTTP_Status::BAD_REQUEST); } if (getMstMetaData($metadata, $queries['mst']) && (isset($_GET['step2']) && !empty($_GET['stud_id']) && getLectureWiseAttendanceOfStudByMst($response, $queries['mst'], $_GET['stud_id']) || isset($_GET['step2']) && !empty($_GET['lec_id']) && getStudentAttendanceByLec($response, $_GET['lec_id']) || !isset($_GET['lecwise']) && getStudentWiseAttendanceByMst($response, $queries['mst']) || getLectureWiseAttendanceByMst($response, $queries['mst']))) { if (isset($metadata) && !isset($_GET['step2'])) { $response['metadata'] = $metadata; } $response = json_encode($response); header('Content-Length: ' . strlen($response)); header('Content-Type: application/json'); echo $response;
function getStudentsByMst(&$response, $mst_id, $faculty_id = true, $now = true) { if (!ctype_digit($mst_id)) { $response = array('code' => HTTP_Status::BAD_REQUEST, 'message' => 'Master ID must be digits only'); return false; } $meta_data = array("batchno" => null, "division" => null, "inst_name" => null, "prog_name" => null, "dept_name" => null, "semester" => null, "subject" => null); try { $dbh = new MyDbCon(); $dbh->select("Attendance_Master"); $dbh->select->where->equalTo("attd_mst_id", $mst_id); $dbh->prepare(); if ($dbh->execute()) { $tmp = $dbh->fetchAssoc()[0]; $meta_data['batchno'] = $tmp['batchno']; $meta_data['division'] = $tmp['division']; } else { $response = array('code' => HTTP_Status::FORBIDDEN); return false; } $where_funcs = array('=' => 'equalTo', '<' => 'lessThan', '>' => 'greaterThan', '<=' => 'lessThanOrEqualTo', '>=' => 'greaterThanOrEqualTo', 'like' => 'like'); $where = array("attd_mst_id" => $mst_id, "stud_status" => "C"); if ($now) { try { $now = (new DateTime())->format("Y-m-d"); //throw new Exception("asd"); } catch (Exception $e) { $response = array('code' => HTTP_Status::INTERNAL_SERVER_ERROR); return false; } $where['end_date'] = "{$now}:>="; $where['start_date'] = "{$now}:<="; } if ($faculty_id && !Privilege_Master::is_super($_SESSION['privilege_id'])) { $where['faculty_id'] = $_SESSION['faculty_id']; } $join_tables = array("Academic_Calendar", "Teaches", "Syllabus", "Student_Master"); $join_on = array("Academic_Calendar" => "Academic_Calendar.ac_id=Attendance_Master.ac_id", "Teaches" => "Attendance_Master.teaches_id=Teaches.teaches_id", "Syllabus" => "Teaches.syllabus_id=Syllabus.syllabus_id", "Student_Master" => "Student_Master.o_id=Syllabus.o_id AND Student_Master.stud_sem=Academic_Calendar.semester AND Student_Master.stud_div=Attendance_Master.division"); if (!empty($meta_data['batchno'])) { $join_on["Student_Master"] .= " AND Student_Master.stud_batchno=Attendance_Master.batchno"; } $join_columns = array("Academic_Calendar" => array("start_date", "end_date"), "Teaches" => array(), "Syllabus" => array("sub_id"), "Student_Master" => array("stud_id", "stud_enrolmentno", "stud_rollno", "stud_name", "stud_father_name", "stud_surname", "stud_sem", "stud_div", "stud_batchno", "o_id")); $meta_keys = array("stud_sem", "stud_div", "stud_batchno", "o_id", "sub_id", "start_date", "end_date"); $dbh = new MyDbCon(); $dbh->select("Attendance_Master"); $dbh->select->columns(array()); // Join Tables foreach ($join_tables as $val) { $cols = Select::SQL_STAR; if (isset($join_columns[$val])) { $cols = $join_columns[$val]; } $dbh->join($val, $join_on[$val], $cols); } // Where Clause foreach ($where as $key => $val) { $vals = explode(':', $val); $wh = $where_funcs['=']; if (!empty($vals[1]) && isset($where_funcs[$vals[1]])) { $wh = $where_funcs[$vals[1]]; } $dbh->select->where->{$wh}($key, $vals[0]); } $dbh->select->order("stud_rollno ASC"); $dbh->prepare(); if ($dbh->execute()) { $objs = $dbh->fetchAssoc(); $meta_data['semester'] = $objs[0]['stud_sem']; $meta_data['start_date'] = $objs[0]['start_date']; $meta_data['end_date'] = $objs[0]['end_date']; $names = Offers_Master::getNames($objs[0]['o_id']); $meta_data['subject'] = Sub_Master::getSubjectName($objs[0]['sub_id']); if ($names) { $meta_data['inst_name'] = $names['inst_name']; $meta_data['prog_name'] = $names['prog_name']; $meta_data['dept_name'] = $names['dept_name']; } foreach ($objs as $row) { foreach ($meta_keys as $val) { unset($row[$val]); } if (!empty($row['stud_father_name'])) { $row['stud_name'] .= " " . $row['stud_father_name']; } if (!empty($row['stud_surname'])) { $row['stud_name'] .= " " . $row['stud_surname']; } unset($row['stud_father_name']); unset($row['stud_surname']); } //var_dump($meta_data); //var_dump($objs); $response = array("metadata" => $meta_data, "data" => $objs); return true; } else { $response = array('code' => HTTP_Status::FORBIDDEN); return false; } } catch (\Exception $e) { $message = $e->getPrevious() ? $e->getPrevious()->getMessage() : $e->getMessage(); $code = $e->getPrevious() ? $e->getPrevious()->getCode() : $e->getCode(); $err = "Error Code: " . $code . " <br/>Detailed Info: " . $message; $response = array('code' => HTTP_Status::FORBIDDEN, 'message' => $err); return false; } }
$err = $custom; } else { $err = HTTP_Status::getMessage($status); } $try = array("done" => false, "final" => $err, "status" => $status); $try = json_encode($try); header('Content-Length: ' . strlen($try)); header('Content-Type: application/json'); echo $try; exit; } if ('POST' == $_SERVER['REQUEST_METHOD']) { if (!isset($_SESSION['login']) || $_SESSION['login'] !== true) { attd_error(HTTP_Status::UNAUTHORIZED); } else { if (!ctype_digit($_SESSION['faculty_id']) && !Privilege_Master::is_super($_SESSION['privilege_id'])) { attd_error(HTTP_Status::FORBIDDEN); } } parse_str(parse_url($_SERVER['HTTP_REFERER'], PHP_URL_QUERY), $queries); if (empty($queries['mst']) || !ctype_digit($queries['mst'])) { attd_error(HTTP_Status::BAD_REQUEST); } /*var_dump($_POST); var_dump(authMst($response,$queries['mst'],$_SESSION['faculty_id'])); var_dump($response);*/ /*var_dump(authStud($response,$queries['mst'],array($_POST['stud_id']))); var_dump($response);*/ /*var_dump(authLec($response,$queries['mst'],array($_POST['lec_id']))); var_dump($response);*/ $flag = false;
function getMstByFaculty(&$response, $fac_id, $now = true) { if (!ctype_digit($fac_id) && !Privilege_Master::is_super($_SESSION['privilege_id'])) { $response = array('code' => HTTP_Status::BAD_REQUEST, 'message' => 'Faculty ID must be digits only'); return false; } try { $where_funcs = array('=' => 'equalTo', '<' => 'lessThan', '>' => 'greaterThan', '<=' => 'lessThanOrEqualTo', '>=' => 'greaterThanOrEqualTo', 'like' => 'like'); if (!Privilege_Master::is_super($_SESSION['privilege_id'])) { $where = array("Teaches.faculty_id" => $fac_id); } try { $now = (new DateTime())->format("Y-m-d"); } catch (Exception $e) { $response = array('code' => HTTP_Status::INTERNAL_SERVER_ERROR); return false; } $where['end_date'] = "{$now}:>="; $where['start_date'] = "{$now}:<="; $join_tables = array("Academic_Calendar", "Teaches", "Syllabus", "Offers_Master", "Inst_Master", "Prog_Master", "Dept_Master", "Sub_Master", "Faculty_Master"); $join_on = array("Academic_Calendar" => "Academic_Calendar.ac_id=Attendance_Master.ac_id", "Teaches" => "Attendance_Master.teaches_id=Teaches.teaches_id", "Syllabus" => "Teaches.syllabus_id=Syllabus.syllabus_id", "Offers_Master" => "Offers_Master.o_id=Syllabus.o_id", "Inst_Master" => "Inst_Master.inst_id=Offers_Master.inst_id", "Prog_Master" => "Prog_Master.prog_id=Offers_Master.prog_id", "Dept_Master" => "Dept_Master.dept_id=Offers_Master.dept_id", "Sub_Master" => "Sub_Master.sub_id=Syllabus.sub_id", "Faculty_Master" => "Faculty_Master.faculty_id=Teaches.faculty_id"); $join_columns = array("Academic_Calendar" => array("start_date", "end_date", "semester"), "Teaches" => array("type"), "Syllabus" => array("sub_id"), "Offers_Master" => array("o_id"), "Inst_Master" => array("inst_name"), "Prog_Master" => array("prog_name"), "Dept_Master" => array("dept_name"), "Sub_Master" => array("sub_name"), "Faculty_Master" => array("faculty_name", "faculty_father_name", "faculty_surname")); $dbh = new MyDbCon(); $dbh->select("Attendance_Master"); $dbh->select->columns(array("attd_mst_id", "batchno", "division")); // Join Tables foreach ($join_tables as $val) { $cols = Select::SQL_STAR; if (isset($join_columns[$val])) { $cols = $join_columns[$val]; } $dbh->join($val, $join_on[$val], $cols); } // Where Clause foreach ($where as $key => $val) { $vals = explode(':', $val); $wh = $where_funcs['=']; if (!empty($vals[1]) && isset($where_funcs[$vals[1]])) { $wh = $where_funcs[$vals[1]]; } $dbh->select->where->{$wh}($key, $vals[0]); } $dbh->prepare(); if ($dbh->execute()) { $objs = $dbh->fetchAssoc(); foreach ($objs as $row) { if (!empty($row['faculty_father_name'])) { $row['faculty_name'] .= " " . $row['faculty_father_name']; } if (!empty($row['faculty_surname'])) { $row['faculty_name'] .= " " . $row['faculty_surname']; } unset($row['faculty_father_name']); unset($row['faculty_surname']); } $response = $objs; return true; } else { $response = array('code' => HTTP_Status::NOT_FOUND); return false; } } catch (\Exception $e) { $message = $e->getPrevious() ? $e->getPrevious()->getMessage() : $e->getMessage(); $code = $e->getPrevious() ? $e->getPrevious()->getCode() : $e->getCode(); $err = "Error Code: " . $code . " <br/>Detailed Info: " . $message; $response = array('code' => HTTP_Status::FORBIDDEN, 'message' => $err); return false; } }