|
Server IP : 103.191.208.50 / Your IP : 216.73.216.53 Web Server : LiteSpeed System : Linux orion.herosite.pro 4.18.0-553.53.1.lve.el8.x86_64 #1 SMP Wed May 28 17:01:02 UTC 2025 x86_64 User : celkcksm ( 1031) PHP Version : 7.4.33 Disable Function : show_source, system, shell_exec, passthru, popen, exec MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON Directory (0750) : /home/celkcksm/websites/attendance.rmpharma.in/ |
| [ Home ] | [ C0mmand ] | [ Upload File ] |
|---|
<?php
session_start();
$user_id=$_SESSION['user_id'];
include_once('include/config.inc.php');
$do=mysqli_real_escape_string($con,$_REQUEST['do']);
switch($do)
{
case "MarkAbsent":
$doid=mysqli_real_escape_string($con,$_REQUEST['doid']);
$q=mysqli_query($con,"update register set absent=1 where id=".$doid);
if($q){
$_SESSION['msg']="Marked Absent Successfully";
}else{
$_SESSION['msg']="Absent Marking Failed";
}
header("location:register_report.php");
break;
case "RemoveAbsent":
$doid=mysqli_real_escape_string($con,$_REQUEST['doid']);
$q=mysqli_query($con,"update register set absent=0 where id=".$doid);
if($q){
$_SESSION['msg']="Mark Removed Successfully";
}else{
$_SESSION['msg']="Mark Removing Failed";
}
header("location:register_report.php");
break;
case "MarkAbsentT":
$doid=mysqli_real_escape_string($con,$_REQUEST['doid']);
$q=mysqli_query($con,"update teacher set absent=1 where id=".$doid);
if($q){
$_SESSION['msg']="Marked Absent Successfully";
}else{
$_SESSION['msg']="Absent Marking Failed";
}
header("location:teacher_register_report.php");
break;
case "RemoveAbsentT":
$doid=mysqli_real_escape_string($con,$_REQUEST['doid']);
$q=mysqli_query($con,"update teacher set absent=0 where id=".$doid);
if($q){
$_SESSION['msg']="Mark Removed Successfully";
}else{
$_SESSION['msg']="Mark Removing Failed";
}
header("location:teacher_register_report.php");
break;
case "MarkAbsentS":
$doid=mysqli_real_escape_string($con,$_REQUEST['doid']);
$q=mysqli_query($con,"update register set absent=1 where session_id=$doid");
if($q){
$q=mysqli_query($con,"update session set absent=1 where id=".$doid);
}
if($q){
$_SESSION['msg']="Marked Absent Successfully";
}else{
$_SESSION['msg']="Absent Marking Failed";
}
header("location:session.php");
break;
case "RemoveAbsentS":
$doid=mysqli_real_escape_string($con,$_REQUEST['doid']);
$q=mysqli_query($con,"update register set absent=0 where session_id=$doid");
if($q){
$q=mysqli_query($con,"update session set absent=0 where id=".$doid);
}
if($q){
$_SESSION['msg']="Mark Removed Successfully";
}else{
$_SESSION['msg']="Mark Removing Failed";
}
header("location:session.php");
break;
case "Delete":
$start=mysqli_real_escape_string($con,$_REQUEST['start']);
$end=mysqli_real_escape_string($con,$_REQUEST['end']);
$type=mysqli_real_escape_string($con,$_REQUEST['type']);
if($type=="combined"){
$q=mysqli_query($con,"delete from attendance where date>='$start' AND date<='$end'");
$q=mysqli_query($con,"delete from t_attendance where date>='$start' AND date<='$end'");
}else if($type=="student"){
$q=mysqli_query($con,"delete from attendance where date>='$start' AND date<='$end'");
}else if($type=="teacher"){
$q=mysqli_query($con,"delete from t_attendance where date>='$start' AND date<='$end'");
}
mysqli_query($con,"delete from generation where start='$start' AND end='$end' AND type='$type'");
if($q){
$_SESSION['msg']="$type Attendance Data Deleted Successfully";
}else{
$_SESSION['msg']="$type Attendance Data Deletion Failed";
}
header("location:delete_attendance.php");
break;
case "Teacher":
$name=mysqli_real_escape_string($con,$_REQUEST['name']);
$gender=mysqli_real_escape_string($con,$_REQUEST['gender']);
$mobile=mysqli_real_escape_string($con,$_REQUEST['mobile']);
$course_id=mysqli_real_escape_string($con,$_REQUEST['course_id']);
$enquiry_date=mysqli_real_escape_string($con,$_REQUEST['enquiry_date']);
$q=mysqli_query($con,"insert into teacher (name,course_id,gender,mobile,
enquiry_date,user_id)
values ('$name','$course_id','$gender','$mobile',
'$enquiry_date','$user_id')");
$insert_id=$con->insert_id;
$registration_no="EMP".str_pad($insert_id, 4, '0', STR_PAD_LEFT);
$q=mysqli_query($con,"update teacher set registration_no='$registration_no' where id='$insert_id'");
if($q){
$_SESSION['msg']="Teacher Data Added Successfully";
}
else{
$_SESSION['msg']="Teacher Data Adding Failed!";
}
header("Location:teacher_register_report.php");
break;
case "EditTeacher":
$name=mysqli_real_escape_string($con,$_REQUEST['name']);
$course_id=mysqli_real_escape_string($con,$_REQUEST['course_id']);
$gender=mysqli_real_escape_string($con,$_REQUEST['gender']);
$mobile=mysqli_real_escape_string($con,$_REQUEST['mobile']);
$enquiry_date=mysqli_real_escape_string($con,$_REQUEST['enquiry_date']);
$doid=mysqli_real_escape_string($con,$_REQUEST['doid']);
$q=mysqli_query($con,"update teacher set name='$name',course_id='$course_id',
gender='$gender',mobile='$mobile',
enquiry_date='$enquiry_date'
where id=$doid");
if($q){
$_SESSION['msg']="Teacher Data Updated Successfully";
}
else{
$_SESSION['msg']="Teacher Data Update Failed!";
}
header("Location:teacher_register_report.php");
break;
case "Time":
$in_time=mysqli_real_escape_string($con,$_REQUEST['in_time']);
$out_time=mysqli_real_escape_string($con,$_REQUEST['out_time']);
$q=mysqli_query($con,"insert into time (in_time,out_time)
values ('$in_time','$out_time')");
if($q){
$_SESSION['msg']="Time Data Added Successfully";
}
else{
$_SESSION['msg']="Time Data Adding Failed!";
}
header("Location:time.php");
break;
case "EditTime":
$in_time=mysqli_real_escape_string($con,$_REQUEST['in_time']);
$out_time=mysqli_real_escape_string($con,$_REQUEST['out_time']);
$doid=mysqli_real_escape_string($con,$_REQUEST['doid']);
$q=mysqli_query($con,"update time set in_time='$in_time',out_time='$out_time' where id=$doid");
if($q){
$_SESSION['msg']="Time Data Added Successfully";
}
else{
$_SESSION['msg']="Time Data Adding Failed!";
}
header("Location:time.php");
break;
case "Attendance":
// 0=absent
// 1=present
// 2=leave
$date=mysqli_real_escape_string($con,$_REQUEST['date']);
$session_id=mysqli_real_escape_string($con,$_REQUEST['doid']);
$q=mysqli_query($con,"select id from register where session_id=$session_id");
$attendance="";
while($r=mysqli_fetch_array($q)){
$status=mysqli_real_escape_string($con,$_REQUEST["status_".$r['id']]);
$remark=mysqli_real_escape_string($con,$_REQUEST["remark_".$r['id']]);
$attendance.=$r['id']."__".$status."__".$remark.",";
}
$q=mysqli_query($con,"insert into attendance (date,session_id,status) values('$date','$session_id','$attendance')");
if($q){
$_SESSION['msg']="Attendance Data Added Successfully";
}
else{
$_SESSION['msg']="Attendance Data Adding Failed!";
}
header("Location:attendance.php");
break;
case "Register":
$student_name=mysqli_real_escape_string($con,$_REQUEST['student_name']);
$course_id=mysqli_real_escape_string($con,$_REQUEST['course_id']);
$gender=mysqli_real_escape_string($con,$_REQUEST['gender']);
$student_mobile=mysqli_real_escape_string($con,$_REQUEST['student_mobile']);
$parent_mobile=mysqli_real_escape_string($con,$_REQUEST['parent_mobile']);
$enquiry_date=mysqli_real_escape_string($con,$_REQUEST['enquiry_date']);
$session_id=mysqli_real_escape_string($con,$_REQUEST['session_id']);
$q=mysqli_query($con,"insert into register (student_name,course_id,gender,student_mobile,parent_mobile,
enquiry_date,user_id,session_id)
values ('$student_name','$course_id','$gender','$student_mobile','$parent_mobile',
'$enquiry_date','$user_id','$session_id')");
$insert_id=$con->insert_id;
$registration_no="STU".str_pad($insert_id, 4, '0', STR_PAD_LEFT);
$q=mysqli_query($con,"update register set registration_no='$registration_no' where id='$insert_id'");
if($q){
$_SESSION['msg']="Registeration Data Added Successfully";
}
else{
$_SESSION['msg']="Registeration Data Adding Failed!";
}
header("Location:register_report.php");
break;
case "EditRegister":
$student_name=mysqli_real_escape_string($con,$_REQUEST['student_name']);
$course_id=mysqli_real_escape_string($con,$_REQUEST['course_id']);
$gender=mysqli_real_escape_string($con,$_REQUEST['gender']);
$student_mobile=mysqli_real_escape_string($con,$_REQUEST['student_mobile']);
$parent_mobile=mysqli_real_escape_string($con,$_REQUEST['parent_mobile']);
$enquiry_date=mysqli_real_escape_string($con,$_REQUEST['enquiry_date']);
$session_id=mysqli_real_escape_string($con,$_REQUEST['session_id']);
$doid=mysqli_real_escape_string($con,$_REQUEST['doid']);
$q=mysqli_query($con,"update register set student_name='$student_name',course_id='$course_id',
gender='$gender',student_mobile='$student_mobile',parent_mobile='$parent_mobile',
enquiry_date='$enquiry_date',session_id='$session_id'
where id=$doid");
if($q){
$_SESSION['msg']="Registeration Data Updated Successfully";
}
else{
$_SESSION['msg']="Registeration Data Update Failed!";
}
header("Location:register_report.php");
break;
case "Course":
$name=mysqli_real_escape_string($con,$_REQUEST['name']);
$q=mysqli_query($con,"insert into course (name,user_id)
values ('$name','$user_id')");
if($q){
$_SESSION['msg']="Course Data Added Successfully";
}
else{
$_SESSION['msg']="Course Data Adding Failed!";
}
header("Location:course.php");
break;
case "EditCourse":
$name=mysqli_real_escape_string($con,$_REQUEST['name']);
$doid=mysqli_real_escape_string($con,$_REQUEST['doid']);
$q=mysqli_query($con,"update course set name='$name',user_id='$user_id' where id=$doid");
if($q){
$_SESSION['msg']="Course Data Updated Successfully";
}
else{
$_SESSION['msg']="Course Data Update Failed!";
}
header("Location:course.php");
break;
case "Session":
$name=mysqli_real_escape_string($con,$_REQUEST['name']);
$course_id=mysqli_real_escape_string($con,$_REQUEST['course_id']);
$duration=mysqli_real_escape_string($con,$_REQUEST['duration']);
$q=mysqli_query($con,"insert into session (name,course_id,duration,user_id)
values ('$name','$course_id','$duration','$user_id')");
if($q){
$_SESSION['msg']="Session Data Added Successfully";
}
else{
$_SESSION['msg']="Session Data Adding Failed!";
}
header("Location:session.php");
break;
case "EditSession":
$name=mysqli_real_escape_string($con,$_REQUEST['name']);
$course_id=mysqli_real_escape_string($con,$_REQUEST['course_id']);
$duration=mysqli_real_escape_string($con,$_REQUEST['duration']);
$doid=mysqli_real_escape_string($con,$_REQUEST['doid']);
$q=mysqli_query($con,"update session set name='$name',course_id='$course_id',duration='$duration' where id=$doid");
if($q){
$_SESSION['msg']="Session Data Updated Successfully";
}
else{
$_SESSION['msg']="Session Data Update Failed!";
}
header("Location:session.php");
break;
case "Menu" :
$menu = mysqli_escape_string($con,$_REQUEST['menu']);
$UserID = mysqli_escape_string($con,$_REQUEST['EntryUser']);
if(!empty($_REQUEST['doid'])){
$check=mysqli_query($con,"update menu set menuname='".$menu."'
where id=".(int)$_REQUEST['doid']);
if($check){
$_SESSION['msg']=' Record Updated Successfully .';
}else{
$_SESSION['msg']='Record Not Updated Failed! ';
}
}else{
$check=mysqli_query($con,"insert into menu(user_id,menuname)
values('".$UserID."','".$menu."')");
if($check){
$_SESSION['msg']=' Record Add Successfully .';
}else{
$_SESSION['msg']='Record Not Add Failed! ';
}
}
header("Location:addmenu.php");
break;
case "usercreate" :
$name = mysqli_escape_string($con,$_REQUEST['name']);
$username = mysqli_escape_string($con,$_REQUEST['username']);
$email = mysqli_escape_string($con,$_REQUEST['email']);
$password = mysqli_escape_string($con,$_REQUEST['password']);
$password=md5($password);
$mobile = mysqli_escape_string($con,$_REQUEST['mobile']);
$role = mysqli_escape_string($con,$_REQUEST['role']);
$per = $_REQUEST['per'];
$menu=implode(',',$per);
$UserID = mysqli_escape_string($con,$_REQUEST['UserID']);
if(!empty($_REQUEST['doid'])){
$check=mysqli_query($con,"update admin set menuper='".$menu."',mobile='".$mobile."'
,mobile='".$mobile."',name='".$name."',user_id='".$UserID."',role='".$role."' where id=".(int)$_REQUEST['doid']);
if($check){
$_SESSION['msg']=' Record Updated Successfully .';
}else{
$_SESSION['msg']='Record Not Updated Failed! ';
}
}else{
$upuserresult=mysqli_query($con,"select * from admin where email='".$email."' or username='".$username."' ");
$row=mysqli_num_rows($upuserresult);
if($row>0){
$_SESSION['msg']='Email Id Allready Exits ! ';
}else{
$check=mysqli_query($con,"insert into admin(password,username,email,role,mobile,menuper,name,user_id)
values('".$password."','".$username."','".$email."','".$role."',
'".$mobile."','".$menu."','".$name."','".$UserID."')");
if($check){
$_SESSION['msg']=' Record Add Successfully .';
}else{
$_SESSION['msg']='Record Not Add Failed! ';
}
}
}
header("Location:usersreports.php");
break;
}
?>