File: /home/nyiet8349bzl/Backup/sbc_back/homedir/public_html/classes/resources_class.php
<?php
include('../config/connection.php');
class Work extends createCon
{
function __construct()
{
$this->connect();
}
//*******************GET SUBJECT LIST***************************/
function getSubjectList()
{
$listSubject = "";
$subject_array = array();
$subject = mysqli_query($this->myconn, "SELECT * FROM subject ORDER BY name ASC");
while ($subject_values = mysqli_fetch_array($subject))
{
$subject_array[$subject_values['id']] = $subject_values['name'];
}
foreach($subject_array as $key => $value)
{
$listSubject.="<option value=\"".$key."\"".">".$value."</option>";
}
return $listSubject;
}
//*******************GET TEACHER LIST***************************/
function getTeacherList()
{
$listTeacher = "";
$teacher_array = array();
$teacher = mysqli_query($this->myconn, "SELECT * FROM teacher ORDER BY name ASC");
while ($teacher_values = mysqli_fetch_array($teacher))
{
$teacher_array[$teacher_values['id']] = $teacher_values['name'];
}
foreach($teacher_array as $key => $value)
{
$listTeacher.="<option value=\"".$key."\"".">".$value."</option>";
}
return $listTeacher;
}
//*************** ADD AND UPDATE SUBJECT ***************//
function addSubject()
{
$offset1=19800; //converting 5:30 hours to seconds.
$dateFormat1="Y-m-d H:i:s";
$timeNdate1=gmdate($dateFormat1, time()+$offset1);
if(isset($_REQUEST['subject']) and !empty($_REQUEST['subject']))
{
$name = mysqli_real_escape_string($this->myconn, $_REQUEST['subject']);
$sql = "INSERT INTO subject SET name = '".$name."', action='1', created_on='".$timeNdate1."'";
$resp = mysqli_query($this->myconn, $sql) or die(mysqli_error($this->myconn));
if($resp==true)
{
return 5; //##### ADDED SUCCESS
}else
{
return 1; //##### FAILED SQL ERROR
}
}else
{
return 0; //##### REQUIRED PARAMETER MISSING
}
}
function updateSubject()
{
if(isset($_REQUEST['subject']) and !empty($_REQUEST['subject']))
{
$id = mysqli_real_escape_string($this->myconn, $_REQUEST['id']);
$name = mysqli_real_escape_string($this->myconn, $_REQUEST['subject']);
$sql = "UPDATE subject SET name = '".$name."' WHERE id='".$id."'";
$resp = mysqli_query($this->myconn, $sql) or die(mysqli_error($this->myconn));
if($resp==true)
{
return 5; //##### ADDED SUCCESS
}else
{
return 1; //##### FAILED SQL ERROR
}
}else
{
return 0; //##### REQUIRED PARAMETER MISSING
}
}
//*************** ADD AND UPDATE TEACHER ***************//
function addTeacher()
{
$offset1=19800; //converting 5:30 hours to seconds.
$dateFormat1="Y-m-d H:i:s";
$timeNdate1=gmdate($dateFormat1, time()+$offset1);
if(isset($_REQUEST['teacher']) and !empty($_REQUEST['teacher']))
{
$subject = mysqli_real_escape_string($this->myconn, $_REQUEST['subject']);
$name = mysqli_real_escape_string($_REQUEST['teacher']);
$sql = "INSERT INTO teacher SET subject_id = '".$subject."', name = '".$name."', action='1', created_on='".$timeNdate1."'";
$resp = mysqli_query($this->myconn, $sql) or die(mysqli_error($this->myconn));
if($resp==true)
{
return 5; //##### ADDED SUCCESS
}else
{
return 1; //##### FAILED SQL ERROR
}
}else
{
return 0; //##### REQUIRED PARAMETER MISSING
}
}
function updateTeacher()
{
if(isset($_REQUEST['teacher']) and !empty($_REQUEST['teacher']))
{
$id = mysqli_real_escape_string($this->myconn, $_REQUEST['id']);
$name = mysqli_real_escape_string($this->myconn, $_REQUEST['teacher']);
$sql = "UPDATE teacher SET name = '".$name."' WHERE id='".$id."'";
$resp = mysqli_query($this->myconn, $sql) or die(mysqli_error($this->myconn));
if($resp==true)
{
return 5; //##### ADDED SUCCESS
}else
{
return 1; //##### FAILED SQL ERROR
}
}else
{
return 0; //##### REQUIRED PARAMETER MISSING
}
}
//*************** ADD AND UPDATE WORK ***************//
function addWork()
{
$offset1=19800; //converting 5:30 hours to seconds.
$dateFormat1="Y-m-d H:i:s";
$timeNdate1=gmdate($dateFormat1, time()+$offset1);
if(isset($_REQUEST['name']) and !empty($_REQUEST['name']))
{
$category = mysqli_real_escape_string($this->myconn, $_REQUEST['subject']);
$subCategory = mysqli_real_escape_string($this->myconn, $_REQUEST['teacher']);
$name = mysqli_real_escape_string($this->myconn, $_REQUEST['name']);
$url = mysqli_real_escape_string($this->myconn, $_REQUEST['url']);
if($url!='')
{
$sql = "INSERT INTO work SET subject_id = '".$category."', teacher_id = '".$subCategory."', name = '".$name."', image = '".$url."', action='1', created_on='".$timeNdate1."'";
}else
{
$imagequery ='';
$dir_name = "../pdf/resources/";
if($_FILES['image']['name']!='')
{
$fsize = $_FILES['image']['size'];
if($fsize > FILESIZE)
{
return 7; //##### file is greater then 15 MB
}
$filename = explode(".",$_FILES["image"]["name"]);
$file_ext = strtolower(end($filename));
$imgname = substr($_FILES["image"]["name"],0,-(strlen($file_ext)+1));
$filename = str_replace(" ","_",$imgname);
//################CHECK EXTENTION FOR IMAGE ######################//
$allExtarray = array("pdf","docx","doc","png","jpg","jpeg","pptx","ppt");
if(!in_array($file_ext,$allExtarray))
{
return 8; //##### file extension not accepted
}
$profile_image = time().'_'.$filename.'.'.$file_ext;
if(!file_exists($dir_name))
{
$flag = mkdir($dir_name, 0777,true);
}
if(file_exists($dir_name."/".$profile_image))
{
@unlink($dir_name."/".$profile_image);
}
$movefile=move_uploaded_file($_FILES["image"]["tmp_name"],$dir_name."/".$profile_image);
if($movefile)
{
$imagequery = ",image='".$profile_image."'";
}
}
$sql = "INSERT INTO work SET subject_id = '".$category."', teacher_id = '".$subCategory."', name = '".$name."' $imagequery, action='1', created_on='".$timeNdate1."'";
}
$resp = mysqli_query($this->myconn, $sql) or die(mysqli_error($this->myconn));
if($resp==true)
{
return 5; //##### ADDED SUCCESS
}else
{
return 1; //##### FAILED SQL ERROR
}
}else
{
return 0; //##### REQUIRED PARAMETER MISSING
}
}
function updateWork()
{
if(isset($_REQUEST['name']) and !empty($_REQUEST['name']))
{
$id = mysqli_real_escape_string($this->myconn, $_REQUEST['id']);
$name = mysqli_real_escape_string($this->myconn, $_REQUEST['name']);
$url = mysqli_real_escape_string($this->myconn, $_REQUEST['url']);
if($url!='')
{
$sql = "UPDATE work SET name = '".$name."', image = '".$url."' WHERE id='".$id."'";
}else
{
$imagequery ='';
$dir_name = "../pdf/resources/";
if($_FILES["image"]["name"]!='')
{
$fsize = $_FILES["image"]["size"];
if($fsize > FILESIZE)
{
return 7; //##### file is greater then 15 MB
}
$filename = explode(".",$_FILES["image"]["name"]);
$file_ext = strtolower(end($filename));
$imgname = substr($_FILES["image"]["name"],0,-(strlen($file_ext)+1));
$filename = str_replace(" ","_",$imgname);
//################CHECK EXTENTION FOR IMAGE ######################//
$allExtarray = array("pdf","docx","doc","png","jpg","jpeg","pptx","ppt");
if(!in_array($file_ext,$allExtarray))
{
return 8; //##### file extension not accepted
}
$profile_image = time().'_'.$filename.'.'.$file_ext;
if(!file_exists($dir_name))
{
$flag = mkdir($dir_name, 0777,true);
}
if(file_exists($dir_name."/".$profile_image))
{
@unlink($dir_name."/".$profile_image);
}
$movefile=move_uploaded_file($_FILES["image"]["tmp_name"],$dir_name."/".$profile_image);
if($movefile)
{
$imagequery = ",image='".$profile_image."'";
}
}
$sql = "UPDATE work SET name = '".$name."' $imagequery WHERE id='".$id."'";
}
$resp = mysqli_query($this->myconn, $sql) or die(mysqli_error($this->myconn));
if($resp==true)
{
return 5; //##### ADDED SUCCESS
}else
{
return 1; //##### FAILED SQL ERROR
}
}else
{
return 0; //##### REQUIRED PARAMETER MISSING
}
}
}
?>