-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathstudent.php
More file actions
91 lines (79 loc) · 2.98 KB
/
student.php
File metadata and controls
91 lines (79 loc) · 2.98 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
<?php
session_start();
require 'database.php';
class Student
{
private $db;
public $studentID;
public $userNo;
public $lastname;
public $firstname;
public $middlename;
public $fullname;
#Student's Records arrays. use the corresponding get* (e.g. $this->getPayments()) methods to populate these.
public $grades, $appraisals, $payments;
function __construct($Session_StudentID) {
//exit('Init function is not allowed');
if (!$Session_StudentID || empty($Session_StudentID)) {
header("Location: index.php?chkLogin=no_access");
}
$_SESSION['varStudentID']= $Session_StudentID;
$this->studentID = $Session_StudentID;
$this->db = new Database();
$this->getName();
}
public function getName()
{
if (!($this->studentID)) die("Student ID required!");
$sql0="SELECT studID, studLname, studFname, studMname FROM studpersonalinfotbl WHERE studID = '$this->studentID'";
$results = $this->getData($sql0);
foreach ($results as $row) {
$this->lastname = $row['studLname'];
$this->firstname = $row['studFname'];
$this->middlename = $row['studMname'];
}
$this->fullname = " $this->lastname, $this->firstname $this->middlename";
return $this->fullname;
}
# Student's School information
public function getGrades()
{
$sql = "SELECT o.syear AS vSchoolYear, o.semno AS vSemester,
c.subjname AS vSubjectName, c.subjtitle AS vSubjectTitle,
s.subjfgrade as vSubjectGrade, s.subjcomp AS vSubjectCompletion, s.creditearned AS vSubjectEarned
FROM studidsubjid s, subjcodtbl c, subjectsoffered o
WHERE studid = '$this->studentID' AND s.subjid = o.subjectid AND o.subjectcode = c.subjcod
ORDER BY o.syear, o.semno";
$this->grades = $this->getData($sql);
return $this->grades;
}
public function getAppraisals()
{
$sql = "SELECT studid AS vStudentID, sy AS vSchoolYear, term AS vSemester, fund AS vFund, account AS vAccount, round(amount,2) AS vAmount FROM tblstudappraisal WHERE studid = '$this->studentID' ORDER BY sy, term, fund, account";
$this->appraisals = $this->getData($sql);
return $this->appraisals;
}
public function getPayments()
{
$sql = "SELECT studid AS vStudentID, sy AS vSchoolYear, term AS vSemester, orno AS vORno, fund AS vFund, account AS vAccount, round(amount,2) as vAmount from tblstudpayment where studid = '$this->studentID' order by sy, term, fund, account";
$this->payments = $this->getData($sql);
return $this->payments;
}
# Utility methods
public function isAuthenticated($studentID,$studentPassKey)
{
//TODO ISSUE: password is being stored in db as plaintext! This should be saved as a hash!
$sql="SELECT * FROM kioskuser u WHERE u.studid = ? AND u.password = ?";
return ($this->db->count($sql,array($studentID,$studentPassKey)) == 1);
}
public function logout()
{
$db->disconnect();
}
private function getData($q){
# a method for running queries using our $db property and returns the resultset, which is empty if invalid
if (!$q) return array();
return $this->db->row_query($q);
}
}
?>