-
Notifications
You must be signed in to change notification settings - Fork 1
/
feedback.php
99 lines (84 loc) · 5.02 KB
/
feedback.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
<link type="text/css" rel="stylesheet" href="css/home.css" />
<?php include('includes/header.php') ?>
<head>
<title>
Subjects
</title>
</head>
<div id="container">
<?php
if(!loggedin()){
header('Location: index.php');
}
elseif(isset($_SESSION['student_id'])){
$query = "select * FROM `student` WHERE `r_no`='".mysql_real_escape_string($_SESSION['student_id'])."'";
$query_run = mysql_query($query);
$query_num_rows = mysql_num_rows($query_run);
$user_row = mysql_fetch_assoc($query_run);
$c1 = $user_row['c1'];
$c2 = $user_row['c2'];
$c3 = $user_row['c3'];
$c4 = $user_row['c4'];
$c5 = $user_row['c5'];
if(isset($_SESSION['no_course'])){
if(($c1 + $c2 + $c3 + $c4 + $c5) == $_SESSION['no_course']){
$query_fb = "UPDATE `student` SET `fb_done` = 1 WHERE `r_no`='".mysql_real_escape_string($_SESSION['student_id'])."'";
$query_run = mysql_query($query_fb);
}
}
$sem_sess = $_SESSION['sem'];
$dept_sess = $_SESSION['dept'];
$query = "select * FROM `student` WHERE `r_no`='".mysql_real_escape_string($_SESSION['student_id'])."'";
$query_run = mysql_query($query);
$query_num_rows = mysql_num_rows($query_run);
$user_row = mysql_fetch_assoc($query_run);
$fb_done = $user_row['fb_done'];
if($fb_done == 0){
$query = "SELECT * FROM `courses` WHERE `dept`='".mysql_real_escape_string($dept_sess)."' AND `sem`='".mysql_real_escape_string($sem_sess)."'";
if($query_run = mysql_query($query))
{
$query_num_rows = mysql_num_rows($query_run);
$c_value = 0;
$_SESSION['no_course'] = $query_num_rows;
if($query_num_rows > 0 ){
while($user_row = mysql_fetch_assoc($query_run))
{
$c_value = $c_value + 1;
$c_id = $user_row['c_id'];
$c_name = $user_row['c_name'];
echo '<br /><center>Course id: '.$c_id.'<br />
Course Name: '.$c_name.'<br />
</center>';
$query_course = "SELECT * FROM `student` WHERE `r_no`='".mysql_real_escape_string($_SESSION['student_id'])."'";
$query_run_course = mysql_query($query_course);
$user_row_course = mysql_fetch_assoc($query_run_course);
if($user_row_course["c{$c_value}"] == 0) {
//echo '<center><form action="evaluate.php" method="POST">
// <input type="hidden" name="c" value="'.$c_value.'" />
// <input type="hidden" name="c_id" value="'.$c_id.'" />
// <input type="submit" value="Submit" />
// </center>';
$c_value_enc = rtrim(strtr(base64_encode($c_value), '+/', '-_'), '=');
$c_id_enc = rtrim(strtr(base64_encode($c_id), '+/', '-_'), '=');
echo '<center><a href="evaluate.php?c='.$c_value_enc.'&c_id='.$c_id_enc.'">Fill feedback</a></center>';
}
else{
echo '<center><a href=""><span style="color:red;">Feedback Filled</span></a></center>';
}
}
}
else{
echo '<center><br /> No subjects for you. </center>';
}
}
}
else{
echo '<br /><center><span style="color:red;">Feedback already filled.</center>';
}
}
else{
header('Location: index.php');
}
?>
</div>
<?php include('includes/footer.php') ?>