|
Server IP : 103.191.208.50 / Your IP : 216.73.216.53 Web Server : LiteSpeed System : Linux orion.herosite.pro 4.18.0-553.53.1.lve.el8.x86_64 #1 SMP Wed May 28 17:01:02 UTC 2025 x86_64 User : celkcksm ( 1031) PHP Version : 7.4.33 Disable Function : show_source, system, shell_exec, passthru, popen, exec MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON Directory (0750) : /home/celkcksm/websites/miereducation.e-campus.co.in/ |
| [ Home ] | [ C0mmand ] | [ Upload File ] |
|---|
<?php
session_start();
include_once('include/config.inc.php');
include_once('sendmessage.php');
include_once('include/function.php');
$do=mysqli_escape_string($con,$_REQUEST['do']);
switch($do)
{
case "Book":
$user_id=mysqli_escape_string($con,$_REQUEST['user_id']);
$class_type=mysqli_escape_string($con,$_REQUEST['class_type']);
$course_id=mysqli_escape_string($con,$_REQUEST['course_id']);
$accession_code=mysqli_escape_string($con,$_REQUEST['accession_code']);
$book_name=mysqli_escape_string($con,$_REQUEST['book_name']);
$isbn=mysqli_escape_string($con,$_REQUEST['isbn']);
$author=mysqli_escape_string($con,$_REQUEST['author']);
$publisher=mysqli_escape_string($con,$_REQUEST['publisher']);
$publication_year=mysqli_escape_string($con,$_REQUEST['publication_year']);
$edition=mysqli_escape_string($con,$_REQUEST['edition']);
$book_code=mysqli_escape_string($con,$_REQUEST['book_code']);
//$course=mysqli_escape_string($con,$_REQUEST['course']);
$cost=mysqli_escape_string($con,$_REQUEST['cost']);
$copies_number=mysqli_escape_string($con,$_REQUEST['copies_number']);
$copies_available=$copies_number;//mysqli_escape_string($con,$_REQUEST['copies_available']);
$rack_no=mysqli_escape_string($con,$_REQUEST['rack_no']);
$entry_date=mysqli_escape_string($con,$_REQUEST['entry_date']);
$add_bookQ=mysqli_query($con,"insert into book (accession_code,class_type,course_id,book_name,isbn,author,publisher,publication_year,edition,book_code,cost,copies_number,rack_no,copies_available,entry_date,user_id) values ('".$accession_code."','".$class_type."','".$course_id."','".$book_name."','".$isbn."','".$author."','".$publisher."','".$publication_year."','".$edition."','".$book_code."','".$cost."','".$copies_number."','".$rack_no."','".$copies_available."','".$entry_date."','".$user_id."')");
if($add_bookQ){
header("Location:view_book.php");
}
else{
echo "failed";
}
break;
case "EditBook":
$book_name=mysqli_escape_string($con,$_REQUEST['book_name']);
$class_type=mysqli_escape_string($con,$_REQUEST['class_type']);
$course_id=mysqli_escape_string($con,$_REQUEST['course_id']);
$accession_code=mysqli_escape_string($con,$_REQUEST['accession_code']);
$isbn=mysqli_escape_string($con,$_REQUEST['isbn']);
$author=mysqli_escape_string($con,$_REQUEST['author']);
$publisher=mysqli_escape_string($con,$_REQUEST['publisher']);
$publication_year=mysqli_escape_string($con,$_REQUEST['publication_year']);
$edition=mysqli_escape_string($con,$_REQUEST['edition']);
$book_code=mysqli_escape_string($con,$_REQUEST['book_code']);
//$course=mysqli_escape_string($con,$_REQUEST['course']);
$cost=mysqli_escape_string($con,$_REQUEST['cost']);
$copies_number=mysqli_escape_string($con,$_REQUEST['copies_number']);
$copies_available=$copies_number;
$rack_no=mysqli_escape_string($con,$_REQUEST['rack_no']);
$entry_date=mysqli_escape_string($con,$_REQUEST['entry_date']);
$doid=mysqli_escape_string($con,$_REQUEST['doid']);
$insertQ=mysqli_query($con,"update book set accession_code='".$accession_code."',class_type='".$class_type."',course_id='".$course_id."',rack_no='".$rack_no."',book_name='".$book_name."',isbn='".$isbn."',author='".$author."',publisher='".$publisher."',publication_year='".$publication_year."',edition='".$edition."',book_code='".$book_code."',cost='".$cost."',copies_number='".$copies_number."',copies_available='".$copies_available."',entry_date='".$entry_date."' where id='".$doid."'");
header("Location :view_book.php");
break;
case "ReturnBook":
$student_id=mysqli_escape_string($con,$_REQUEST['student_id']);
$book_id=mysqli_escape_string($con,$_REQUEST['book_id']);
$return_date=mysqli_escape_string($con,$_REQUEST['return_date']);
$user_id=mysqli_escape_string($con,$_REQUEST['user_id']);
$fine = mysqli_escape_string($con,$_REQUEST['fine']);
$payment_mode= mysqli_escape_string($con,$_REQUEST['payment_mode']);
$issueQ=mysqli_query($con,"select * from issue_book where student_id='".$student_id."' AND book_id='".$book_id."' AND returned=0");
$issue_book_id=mysqli_fetch_array($issueQ)['id'];
$return_bookQ=mysqli_query($con,"insert into return_book (student_id,book_id,issue_book_id,return_date,
user_id,fine,payment_mode) values ('".$student_id."','".$book_id."','".$issue_book_id."','".$return_date."','".$user_id."','".$fine."','".$payment_mode."')");
if($return_bookQ){
mysqli_query($con,"update issue_book set returned=1 where id='".$issue_book_id."'");
$updated_copies=1+mysqli_fetch_array(mysqli_query($con,"select copies_available from book where id='".$book_id."'"))['copies_available'];
mysqli_query($con,"update book set copies_available='".$updated_copies."' where id='".$book_id."'");
$_SESSION['msg']="Book returned Successfully";
header("Location:view_return_book.php");
}
else{
$_SESSION['msg']="Book return failed";
header("Location:view_return_book.php");
}
break;
case "IssueBook":
$student_id=mysqli_escape_string($con,$_REQUEST['student_id']);
$book_id=mysqli_escape_string($con,$_REQUEST['book_id']);
$already_issued=mysqli_num_rows(mysqli_query($con,"select id from issue_book where book_id='$book_id' AND student_id='$student_id' AND returned=0"));
if($already_issued==0){
$issue_date=mysqli_escape_string($con,$_REQUEST['issue_date']);
$due_date=mysqli_escape_string($con,$_REQUEST['due_date']);
$user_id=mysqli_escape_string($con,$_REQUEST['user_id']);
$copies_available=mysqli_fetch_array(mysqli_query($con,"select * from book where id='".$book_id."'"))['copies_available'];
if($copies_available>0){
$issue_bookQ=mysqli_query($con,"insert into issue_book (student_id,book_id,issue_date,due_date,user_id) values ('".$student_id."','".$book_id."','".$issue_date."','".$due_date."','".$user_id."')");
$copies_available--;
mysqli_query($con,"update book set copies_available='".$copies_available."' where id='".$book_id."'");
if($issue_bookQ){
$_SESSION['msg']="Book issued";
header("Location:view_issue_book.php");
}
else{
$_SESSION['msg']="Failed!";
header("Location:view_issue_book.php");
}
}else{
$_SESSION['msg']="No Books available!";
header("Location:issue_book.php");
}
}//already issued if end
else{
$_SESSION['msg']="Already issued the same book and not yet returned!";
header("Location: issue_book.php");
}
break;
case "LibrarySettings":
$penalty = mysqli_escape_string($con,$_REQUEST['penalty']);
$keep_days = mysqli_escape_string($con,$_REQUEST['keep_days']);
$user_id = mysqli_escape_string($con,$_REQUEST['user_id']);
mysqli_query($con,"truncate table library_settings");
$insertQ=mysqli_query($con,"insert into library_settings (penalty,keep_days,user_id) values ('".$penalty."','".$keep_days."','".$user_id."')");
if($insertQ){
$_SESSION['msg']="Library Settings updated!";
header("Location:library_settings.php");
}else{
$_SESSION['msg']="Library Settings updating failed!";
header("Location:library_settings.php");
}
break;
}
?>