Skip to content

N
Network-And-Database-Assesment
Commit 07c60f23 authored by ben.coxford's avatar ben.coxford
Browse files
Options

Initial commit

parents
Expand all Show whitespace changes
Inline Side-by-side
Showing with 4168 additions and 0 deletions
.DS_Store 0 → 100644
View file @ 07c60f23
File added
DataSchema.xlsx 0 → 100644
View file @ 07c60f23
File added
ERD2.png 0 → 100644
View file @ 07c60f23
ERD2.png

110 KB

Website/ApartmentSearch.php 0 → 100644
View file @ 07c60f23
<?php
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
$placeNumber = $_POST['placeNumber'];
$buildingNumber = $_POST['buildingNumber'];
$firstLine = $_POST['firstLine'];
$postcode = $_POST['postcode'];
$sql = "SELECT DISTINCT a.apartmentID, c.buildingNumber, c.firstLine, c.secondLine, c.postcode FROM Apartment a INNER JOIN Room b ON a.apartmentID=b.apartmentID INNER JOIN Address c ON a.addressID=c.addressID WHERE b.placeNumber='$placeNumber' OR c.buildingNumber='$buildingNumber' OR c.postcode='$postcode' OR c.firstLine='$firstLine'";
if(isset($sql)) {
$result = mysqli_query($db,$sql) or die(mysqli_error($db));
$count = mysqli_num_rows($result);
if($count >= 1) {
$numResults = $count . " results";
$results = "<table><tr><th>Apartment Id</th><th>Building Number</th><th>First Line</th><th>Second Line</th><th>Postcode</th><th>More Details</th></tr>";
while($row = mysqli_fetch_array($result)) {
$results = $results . "<tr><th>".$row["apartmentID"]."</th><th>".$row["buildingNumber"]."</th><th>".$row["firstLine"]."</th><th>".$row["secondLine"]."</th><th>".$row["postcode"]."</th><th><form action='ApartmentView.php' method='post'><input style='margin-top:15px;' type='submit' value='View'/><input type='hidden' name='search' value='".$row["apartmentID"]."'</input></form></th></tr>";
}
$results = $results . "</table>";
}
else {
$numResults = "0 results";
}
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){ echo $username; } ?></a></li>
</ul>
<div class="form">
<form class="centerBoxes" action = "" method = "post">
<br/>
<input class="searchField" placeholder="Place Number" type = "text" name = "placeNumber"/>
<input class="searchField" placeholder="Building Number" type = "text" name = "buildingNumber"/>
<input class="searchField" placeholder="First Line" type = "text" name = "firstLine"/>
<input class="searchField"placeholder="Postcode" type = "text" name = "postcode"/>
<input class="searchField" type = "submit" value = "Search"/>
<br/>
</form>
<p><?php if(isset($numResults)){echo $numResults;}?></p>
<div id="results">
<?php if(isset($results)){echo $results; }?>
</div>
</div>
</body>
</html>
Website/ApartmentView.php 0 → 100644
View file @ 07c60f23
<?php
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
//Read Data
if(isset($_POST['search'])) {
$apartmentID = $_POST['search'];
$sql = NULL;
$apartmentID = mysqli_real_escape_string($db, $apartmentID);
$sql = "SELECT a.apartmentID, a.numberSingleBeds, b.buildingNumber, b.firstLine, b.secondLine, b.postcode FROM Apartment a INNER JOIN Address b ON a.addressID=b.addressID WHERE a.apartmentID='$apartmentID'";
if(isset($sql)) {
$result = mysqli_query($db,$sql) or die(mysqli_error($db));
$count = mysqli_num_rows($result);
$result = mysqli_fetch_array($result);
if($count >= 1) {
$apartmentID = $result['apartmentID'];
$numberSingleBeds = $result['numberSingleBeds'];
$buildingNumber = $result['buildingNumber'];
$firstLine = $result['firstLine'];
$secondLine = $result['secondLine'];
$postcode = $result['postcode'];
}
else {
header("location: ApartmentSearch.php");
}
}
}
if ($_POST['action'] == "Update Details") {
//Update Data
$message = "";
$valid=true;
//error_log("Reached 1", 0);
//Check shared fields
if(isset($_POST['apartmentID']) && isset($_POST['numberSingleBeds']) && isset($_POST['buildingNumber']) && isset($_POST['firstLine']) && isset($_POST['postcode'])) {
//Generic Details Defined
$apartmentID = $_POST['apartmentID'];
$numberSingleBeds = $_POST['numberSingleBeds'];
$buildingNumber = $_POST['buildingNumber'];
$firstLine = $_POST['firstLine'];
$secondLine = $_POST['secondLine'];
$postcode = $_POST['postcode'];
if(!empty($postcode)) {
if (!(strlen($postcode)>=5 && strlen($postcode)<=8)) {
$message = "Please enter a valid UK postcode";
$valid=false;
}
}
else {
$message = "Please enter a postcode";
$valid=false;
}
if(empty($firstLine)) {
$message= "Please enter the first line address";
$valid=false;
}
if(empty($buildingNumber)) {
$message= "Please enter the building number";
$valid=false;
}
if(empty($numberSingleBeds)) {
$message= "Please enter the number of single beds";
$valid=false;
}
else if(!is_int((int)$numberSingleBeds)) {
$message= "Please enter a valid number of single beds";
$valid=false;
}
$sqlGeneric = "";
if(!empty($apartmentID)) {
$sqlGeneric = "UPDATE Apartment a INNER JOIN Address b ON a.addressID=b.addressID SET b.buildingNumber='$buildingNumber', b.firstLine='$firstLine', b.secondLine='$secondLine', b.postcode='$postcode', a.numberSingleBeds='$numberSingleBeds' WHERE a.apartmentID='$apartmentID'; ";
}
else {
$message = "An error occurred! The information was not updated!";
$valid=false;
}
if($valid==true && !empty($sqlGeneric)) {
if ($db->query($sqlGeneric)) {
$message = "The update is successful!";
}
else {
$message = $db->error;
}
}
}
}
else if ($_POST['action'] == "Delete Record") {
if(!empty($_POST['deleteRecord']) && isset($_POST['apartmentID'])) {
$id = $_POST['apartmentID'];
$sqlUpdate = "UPDATE Room SET apartmentID = NULL WHERE apartmentID='$id'";
$sqlDelete = "DELETE FROM Apartment WHERE apartmentID='$id'";
$errors = [];
$db->autocommit(FALSE);
if(!$db->query($sqlUpdate)) {
$errors[] = $db->error;
}
if(!$db->query($sqlDelete)) {
$errors[] = $db->error;
}
if (count($errors) ===0) {
$db->commit();
$message = "The apartment has been deleted!";
}
else {
$db->rollback();
foreach($errors as $e) {
$message = $message . "Error: " . $e . "<br>";
}
}
$db->autocommit(TRUE);
}
else {
$message = "You must confirm by ticking the box to delete the record!";
}
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){echo $username;}?></a></li>
</ul>
<div class="updateResults">
<form action = "" method = "post">
<a><?php if(isset($message)){echo $message;}?></a>
<p>Apartment Id</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($apartmentID)){echo ucfirst($apartmentID);} ?>" type = "text" name = "apartmentID" readonly/>
<p>Number of Single Beds</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($numberSingleBeds)){echo ucfirst($numberSingleBeds);}?>" type = "text" name = "numberSingleBeds"/>
<p>Building Number</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($buildingNumber)){echo $buildingNumber;} ?>" type = "text" name = "buildingNumber"/>
<p>First Line Address</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($firstLine)){echo $firstLine;} ?>" type = "text" name = "firstLine"/>
<p>Second Line Address</p>
<input placeholder="N/A" placeholder="N/A" class="resultField" value="<?php if(isset($secondLine) && !empty($secondLine)){echo $secondLine;} ?>" type = "text" name = "secondLine"/>
<p>Postcode</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($postcode)){echo $postcode;} ?>" type = "text" name = "postcode"/>
<hr>
<input type="submit" name="action" value="Update Details"/>
<hr>
<div style="display:flex; justify-content:center;">
<a>Tick the box to delete the record</a><input type="checkbox" name="deleteRecord" value="Yes"/>
</div>
<hr>
<input type="submit" name="action" value="Delete Record"/>
<hr>
<a href="ApartmentSearch.php"><input class="backButton" type="button" value="Create New Search" /></a>
</form>
</div>
</body>
</html>
Website/ChangePass.php 0 → 100644
View file @ 07c60f23
<?php
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
//Read Data
if(isset($_POST['pass']) && isset($_POST['confirm'])) {
$pass = $_POST['pass'];
$confirm = $_POST['confirm'];
$oldPass = $_POST['oldPass'];
$oldPass = md5($oldPass);
$sql = NULL;
$username = $_SESSION['username'];
$splitName = explode(".", $username);
$firstname = mysqli_real_escape_string($db,$splitName[0]);
$lastname = mysqli_real_escape_string($db,$splitName[1]);
$valid=true;
if(!empty($pass) && !empty($confirm)) {
if($pass == $confirm) {
if (!(strlen($pass)>=8)) {
$message = "Please enter a password greater than 8 characters long!";
$valid=false;
}
}
else {
$message = "The passwords do not match!";
$valid=false;
}
}
else {
$message = "Please confirm your password!";
$valid=false;
}
$pass = md5($pass);
$pass = mysqli_real_escape_string($db, $pass);
$oldPass = mysqli_real_escape_string($db, $oldPass);
$username = $_SESSION['username'];
$splitName = explode(".", $username);
$firstname = mysqli_real_escape_string($db,$splitName[0]);
$lastname = mysqli_real_escape_string($db,$splitName[1]);
$sql = "UPDATE Login a INNER JOIN ResidentStaff b ON a.loginID=b.loginID INNER JOIN GeneralDetails c ON b.detailsID=c.detailsID SET a.password='$pass' WHERE c.firstname='$firstname' AND c.lastname='$lastname' AND a.password='$oldPass'";
if($valid==true && !empty($sql)) {
if ($db->query($sql)) {
$message = "Your new password has been updated!";
}
else {
$message = $db->error;
}
}
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){echo $username;}?></a></li>
</ul>
<div class="updateResults">
<form action = "" method = "post">
<a><?php if(isset($message)){echo $message;}?></a>
<input placeholder="Old Password" class="resultField" type = "password" name = "oldPass"/>
<input placeholder="New Password" class="resultField" type = "password" name = "pass"/>
<input placeholder="Confirm New Password" class="resultField" type = "password" name = "confirm"/>
<hr>
<input type="submit" value="Update Password"/>
<a href="Dashboard.php"><input class="backButton" type="button" value="Back" /></a>
</form>
</div>
</body>
</html>
Website/Config.php 0 → 100644
View file @ 07c60f23
<?php
define('DB_SERVER', 'localhost');
define('DB_USERNAME', 'ben.coxford');
define('DB_PASSWORD', 'DTREX2D8');
define('DB_DATABASE', 'bencoxford_AccommodationDB');
$db = mysqli_connect(DB_SERVER,DB_USERNAME,DB_PASSWORD,DB_DATABASE);
$dbError = NULL;
if ($db==false) {
$dbError = mysqli_connect_error();
}
?>
\ No newline at end of file
Website/CourseSearch.php 0 → 100644
View file @ 07c60f23
<?php
function validateDate($date) {
$Date = explode('-', $date);
return checkdate($Date[1], $Date[2], $Date[0]);
}
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
$courseNumber = $_POST['courseNumber'];
$universityID = $_POST['universityID'];
$sql = "SELECT DISTINCT * FROM Course WHERE courseNumber='$courseNumber' OR universityID='$universityID'";
if(isset($sql)) {
$result = mysqli_query($db,$sql) or die(mysqli_error($db));
$count = mysqli_num_rows($result);
if($count >= 1) {
$numResults = $count . " results";
$results = "<table><tr><th>Course Number</th><th>Course Title</th><th>Course Instructor</th><th>Course Email</th><th>Course Mobile</th><th>More Details</th></tr>";
while($row = mysqli_fetch_array($result)) {
$results = $results . "<tr><th>".$row["courseNumber"]."</th><th>".$row["courseTitle"]."</th><th>".$row["courseInstructor"]."</th><th>".$row["courseEmail"]."</th><th>".$row["courseTelephone"]."</th><th><form action='CourseView.php' method='post'><input style='margin-top:15px;' type='submit' value='View'/><input type='hidden' name='search' value='".$row["courseNumber"]."'</input></form></th></tr>";
}
$results = $results . "</table>";
}
else {
$numResults = "0 results";
}
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){ echo $username; } ?></a></li>
</ul>
<div class="form">
<form class="centerBoxes" action = "" method = "post">
<br/>
<input class="searchField" placeholder="University Id" type = "text" name = "universityID"/>
<input class="searchField" placeholder="Course Number" type = "text" name = "courseNumber"/>
<input class="searchField" type = "submit" value = "Search"/>
<br/>
</form>
<p><?php if(isset($numResults)){echo $numResults;}?></p>
<div id="results">
<?php if(isset($results)){echo $results; }?>
</div>
</div>
</body>
</html>
Website/CourseView.php 0 → 100644
View file @ 07c60f23
<?php
function validateDate($date) {
$Date = explode('-', $date);
return checkdate($Date[1], $Date[2], $Date[0]);
}
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
//Read Data
if(isset($_POST['search'])) {
$courseNumber = $_POST['search'];
$sql = NULL;
$courseNumber = mysqli_real_escape_string($db, $courseNumber);
$sql = $sql = "SELECT * FROM Course WHERE courseNumber='$courseNumber'";
if(isset($sql)) {
$result = mysqli_query($db,$sql) or die(mysqli_error($db));
$count = mysqli_num_rows($result);
$result = mysqli_fetch_array($result);
if($count >= 1) {
$courseNumber = $result['courseNumber'];
$courseTitle = $result['courseTitle'];
$courseInstructor = $result['courseInstructor'];
$campusTelephone = $result['courseTelephone'];
$campusEmail = $result['courseEmail'];
$campusRoomNumber = $result['roomNumber'];
$campusDepartment = $result['department'];
$universityID = $result['universityID'];
}
else {
header("location: CourseSearch.php");
}
}
}
if ($_POST['action'] == "Update Details") {
//Update Data
$message = "";
$valid=true;
//error_log("Reached 1", 0);
//Check shared fields
if(isset($_POST['courseNumber']) && isset($_POST['courseTitle'])) {
//Generic Details Defined
$courseNumber = $_POST['courseNumber'];
$courseTitle = $_POST['courseTitle'];
$courseInstructor = $_POST['courseInstructor'];
$campusTelephone = $_POST['courseTelephone'];
$campusEmail = $_POST['courseEmail'];
$campusRoomNumber = $_POST['roomNumber'];
$campusDepartment = $_POST['department'];
$universityID = $_POST['universityID'];
if(!empty($universityID)) {
if (!is_int((int)$universityID)) {
$message = "Please enter a valid university Id";
$valid=false;
}
}
else {
$message = "Please enter a valid university Id";
$valid=false;
}
if(empty($courseTitle)) {
$message = "Please enter a course title";
$valid=false;
}
if(empty($courseInstructor)) {
$message = "Please enter a course instructor";
$valid=false;
}
if(empty($campusTelephone)) {
$message = "Please enter a course telephone";
$valid=false;
}
if(!empty($campusEmail)) { //Not an empty field?
if(!filter_var($campusEmail, FILTER_VALIDATE_EMAIL)) { //Correct Format?
$message = "Please enter a valid campus email address";
$valid=false;
}
}
else {
$message = "Please enter a campus email address";
$valid=false;
}
if(empty($campusRoomNumber)) {
$message = "Please enter a campus room number";
$valid=false;
}
if(empty($campusDepartment)) {
$message = "Please enter a campus department";
$valid=false;
}
$sqlGeneric = "";
if(!empty($courseNumber)) {
$sqlGeneric = "UPDATE Course SET courseTitle='$courseTitle', courseInstructor='$courseInstructor', courseTelephone='$campusTelephone', courseEmail='$campusEmail', roomNumber='$campusRoomNumber', department='$campusDepartment', universityID='$universityID' WHERE courseNumber='$courseNumber'";
}
else {
if(empty($message)) {
$message = "An error occurred! The information was not updated!";
$valid=false;
}
}
if($valid==true && !empty($sqlGeneric)) {
if ($db->query($sqlGeneric)) {
$message = "The update is successful!";
}
else {
$message = $db->error;
}
}
else {
$message = "An error occurred! The information was not updated!";
}
}
}
else if ($_POST['action'] == "Delete Record") {
if(!empty($_POST['deleteRecord']) && isset($_POST['courseNumber'])) {
$id = $_POST['courseNumber'];
$sqlUpdate = "UPDATE Student SET courseNumber = NULL WHERE courseNumber='$id'";
$sqlDelete = "DELETE FROM Course WHERE courseNumber='$id'";
$errors = [];
$db->autocommit(FALSE);
if(!$db->query($sqlUpdate)) {
$errors[] = $db->error;
}
if(!$db->query($sqlDelete)) {
$errors[] = $db->error;
}
if (count($errors) ===0) {
$db->commit();
$message = "The course has been deleted!";
}
else {
$db->rollback();
foreach($errors as $e) {
$message = $message . "Error: " . $e . "<br>";
}
}
$db->autocommit(TRUE);
}
else {
$message = "You must confirm by ticking the box to delete the record!";
}
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){echo $username;}?></a></li>
</ul>
<div class="updateResults">
<form action = "" method = "post">
<a><?php if(isset($message)){echo $message;}?></a>
<p>Course Number</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($courseNumber)){echo $courseNumber;} ?>" type = "text" name = "courseNumber" readonly/>
<p>Course Title</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($courseTitle)){echo $courseTitle;} ?>" type = "text" name = "courseTitle"/>
<p>Course Instructor</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($courseInstructor)){echo $courseInstructor;} ?>" type = "text" name = "courseInstructor"/>
<p>Campus Telephone</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($campusTelephone)){echo $campusTelephone;} ?>" type = "text" name = "courseTelephone"/>
<p>Campus Email</p>
<input placeholder="N/A" placeholder="N/A" class="resultField" value="<?php if(isset($campusEmail)){echo $campusEmail;} ?>" type = "text" name = "courseEmail"/>
<p>Campus Room Number</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($campusRoomNumber)){echo $campusRoomNumber;} ?>" type = "text" name = "roomNumber"/>
<p>Campus Department</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($campusDepartment)){echo $campusDepartment;} ?>" type = "text" name = "department"/>
<p>University Id</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($universityID)){echo $universityID;} ?>" type = "text" name = "universityID"/>
<hr>
<input type="submit" name="action" value="Update Details"/>
<hr>
<div style="display:flex; justify-content:center;">
<a>Tick the box to delete the record</a><input type="checkbox" name="deleteRecord" value="Yes"/>
</div>
<hr>
<input type="submit" name="action" value="Delete Record"/>
<hr>
<a href="CourseSearch.php"><input class="backButton" type="button" value="Create New Search" /></a>
</form>
</div>
</body>
</html>
Website/CreateAdviser.php 0 → 100644
View file @ 07c60f23
<?php
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
$universityID = $_POST['universityID'];
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$middlename = $_POST['middlename'];
$email = $_POST['email'];
$mobile = $_POST['mobile'];
$buildingNumber = $_POST['buildingNumber'];
$firstLine = $_POST['firstLine'];
$secondLine = $_POST['secondLine'];
$postcode = $_POST['postcode'];
$valid = true;
//Validate the email address
if(!empty($email)) { //Not an empty field?
if(!filter_var($email, FILTER_VALIDATE_EMAIL)) { //Correct Format?
$message = "Please enter a valid email address";
$valid=false;
}
}
else {
$message = "Please enter a valid email address";
$valid=false;
}
if(!empty($mobile)) {
$mobile = filter_var($mobile, FILTER_SANITIZE_NUMBER_INT);
$mobile = str_replace("-", "", $mobile);
if (strlen($mobile)!=11) {
$message = "Please enter a valid UK mobile number";
$valid=false;
}
}
else {
$message = "Please enter a mobile number";
$valid=false;
}
if(!empty($postcode)) {
if (!(strlen($postcode)>=5 && strlen($postcode)<=8)) {
$message = "Please enter a valid UK postcode";
$valid=false;
}
}
else {
$message = "Please enter a postcode";
$valid=false;
}
if(empty($firstLine)) {
$message= "Please enter the first line address";
$valid=false;
}
if(empty($buildingNumber)) {
$message= "Please enter the building number";
$valid=false;
}
if(empty($firstname)) {
$message= "Please enter a first name";
$valid=false;
}
if(empty($lastname)) {
$message= "Please enter the last name";
$valid=false;
}
if(empty($universityID)) {
$message= "Please enter a university Id";
$valid=false;
}
if($valid==true) {
$sqlAddress = "INSERT INTO Address (addressID, buildingNumber, firstLine, secondLine, postcode) VALUES (NULL, '$buildingNumber', '$firstLine', '$secondLine', '$postcode');";
$sqlDetails = "INSERT INTO GeneralDetails (detailsID, firstname, middlename, lastname, email, mobile, addressID) VALUES (NULL, '$firstname', '$middlename', '$lastname', '$email', '$mobile', (SELECT addressID FROM Address WHERE buildingNumber='$buildingNumber' AND firstLine='$firstLine' AND postcode='$postcode'));";
$sqlAdviser = "INSERT INTO Adviser (adviserID, detailsID, universityID) VALUES (NULL, (SELECT detailsID FROM GeneralDetails WHERE email='$email' AND mobile='$mobile'), '$universityID');";
$errors = [];
$db->autocommit(FALSE);
if(!$db->query($sqlAddress)) {
$errors[] = $db->error;
}
if(!$db->query($sqlDetails)) {
$errors[] = $db->error;
}
if(!$db->query($sqlAdviser)) {
$errors[] = $db->error;
}
if (count($errors) ===0) {
$db->commit();
$message = "The adviser has been created!";
}
else {
$db->rollback();
foreach($errors as $e) {
$message = $message . "Error: " . $e . "<br>";
}
}
$db->autocommit(TRUE);
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){echo $username;}?></a></li>
</ul>
<div class="updateResults">
<form action = "" method = "post">
<a><?php if(isset($message)){echo $message;}?></a>
<p>University ID</p>
<input placeholder="Required" class="resultField" type = "text" name = "universityID"/>
<p>First Name</p>
<input placeholder="Required" class="resultField" type = "text" name = "firstname"/>
<p>Middle Name</p>
<input placeholder="Optional" class="resultField" type = "text" name = "middlename"/>
<p>Last Name</p>
<input placeholder="Required" class="resultField" type = "text" name = "lastname"/>
<p>Email</p>
<input placeholder="Required" class="resultField" type = "text" name = "email"/>
<p>Mobile</p>
<input placeholder="Required" class="resultField" type = "text" name = "mobile"/>
<p>Building Number</p>
<input placeholder="Required" class="resultField" type = "text" name = "buildingNumber"/>
<p>First Line</p>
<input placeholder="Required" class="resultField" type = "text" name = "firstLine"/>
<p>Second Line</p>
<input placeholder="Optional" class="resultField" type = "text" name = "secondLine"/>
<p>Postcode</p>
<input placeholder="Required" class="resultField" type = "text" name = "postcode"/>
<hr>
<input type="submit" name="action" value="Create New Student Adviser"/>
<hr>
<a href="CreateDashboard.php"><input class="backButton" type="button" value="Dashboard" /></a>
</form>
</div>
</body>
</html>
Website/CreateApartment.php 0 → 100644
View file @ 07c60f23
<?php
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
$numberSingleBeds = $_POST['numberSingleBeds'];
$buildingNumber = $_POST['buildingNumber'];
$firstLine = $_POST['firstLine'];
$secondLine = $_POST['secondLine'];
$postcode = $_POST['postcode'];
$valid = true;
if(!empty($postcode)) {
if (!(strlen($postcode)>=5 && strlen($postcode)<=8)) {
$message = "Please enter a valid UK postcode";
$valid=false;
}
}
else {
$message = "Please enter a postcode";
$valid=false;
}
if(!empty($numberSingleBeds)) {
if (!is_int($numberSingleBeds)) {
$message = "Please enter the number of single beds as an integer";
$valid=false;
}
}
else {
$message = "Please enter the number of single beds";
$valid=false;
}
if(empty($firstLine)) {
$message= "Please enter the first line address";
$valid=false;
}
if(empty($buildingNumber)) {
$message= "Please enter the building number";
$valid=false;
}
if($valid==true) {
$sqlAddress = "INSERT INTO Address (addressID, buildingNumber, firstLine, secondLine, postcode) VALUES (NULL, '$buildingNumber', '$firstLine', '$secondLine', '$postcode');";
$sqlApartment = "INSERT INTO Apartment (apartmentID, addressID, numberSingleBeds) VALUES (NULL, (SELECT addressID FROM Address WHERE firstLine='$firstLine' AND buildingNumber='$buildingNumber'), '$numberSingleBeds')";
$errors = [];
$db->autocommit(FALSE);
if(!$db->query($sqlAddress)) {
$errors[] = $db->error;
}
if(!$db->query($sqlApartment)) {
$errors[] = $db->error;
}
if (count($errors) ===0) {
$db->commit();
$message = "The apartment has been created!";
}
else {
$db->rollback();
foreach($errors as $e) {
$message = $message . "Error: " . $e . "<br>";
}
}
$db->autocommit(TRUE);
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){echo $username;}?></a></li>
</ul>
<div class="updateResults">
<form action = "" method = "post">
<a><?php if(isset($message)){echo $message;}?></a>
<p>Number of Single Beds</p>
<input placeholder="Optional" class="resultField" type = "text" name = "numberSingleBeds"/>
<p>Building Number</p>
<input placeholder="Required" class="resultField" type = "text" name = "buildingNumber"/>
<p>First Line</p>
<input placeholder="Required" class="resultField" type = "text" name = "firstLine"/>
<p>Second Line</p>
<input placeholder="Optional" class="resultField" type = "text" name = "secondLine"/>
<p>Postcode</p>
<input placeholder="Required" class="resultField" type = "text" name = "postcode"/>
<hr>
<input type="submit" name="action" value="Create New Apartment"/>
<hr>
<a href="CreateDashboard.php"><input class="backButton" type="button" value="Dashboard" /></a>
</form>
</div>
</body>
</html>
Website/CreateCourse.php 0 → 100644
View file @ 07c60f23
<?php
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
$courseNumber = $_POST['courseNumber'];
$courseTitle = $_POST['courseTitle'];
$courseInstructor = $_POST['courseInstructor'];
$campusTelephone = $_POST['courseTelephone'];
$campusEmail = $_POST['courseEmail'];
$campusRoomNumber = $_POST['roomNumber'];
$campusDepartment = $_POST['department'];
$universityID = $_POST['universityID'];
$valid = true;
if(!empty($universityID)) {
if (!is_int((int) $universityID)) {
$message = "Please enter the university ID";
$valid=false;
}
}
else {
$message = "Please enter the university ID";
$valid=false;
}
if(empty($courseNumber)) {
$message = "Please enter the course number";
$valid=false;
}
if(empty($courseTitle)) {
$message = "Please enter the course title";
$valid=false;
}
if(empty($courseInstructor)) {
$message = "Please enter the course's instructors name";
$valid=false;
}
if(!empty($campusEmail)) { //Not an empty field?
if(!filter_var($campusEmail, FILTER_VALIDATE_EMAIL)) { //Correct Format?
$message = "Please enter a valid email address";
$valid=false;
}
}
else {
$message = "Please enter a valid email address";
$valid=false;
}
if(!empty($campusTelephone)) {
$campusTelephone = filter_var($campusTelephone, FILTER_SANITIZE_NUMBER_INT);
$campusTelephone = str_replace("-", "", $campusTelephone);
if (strlen($campusTelephone)!=11) {
$message = "Please enter a valid UK telephone number";
$valid=false;
}
}
else {
$message = "Please enter a telephone number";
$valid=false;
}
if(empty($campusRoomNumber)) {
$message = "Please enter the course's room number";
$valid=false;
}
if(empty($campusDepartment)) {
$message = "Please enter the course's department name";
$valid=false;
}
if($valid==true) {
$sqlCourse = "INSERT INTO Course (courseNumber, courseTitle, courseInstructor, courseTelephone, courseEmail, roomNumber, department, universityID) VALUES ('$courseNumber','$courseTitle','$courseInstructor','$campusTelephone','$campusEmail','$campusRoomNumber','$campusDepartment','$universityID');";
if($valid==true) {
if ($db->query($sqlCourse)) {
$message = "A new course has been created!";
}
else {
$message = $db->error;
}
}
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){echo $username;}?></a></li>
</ul>
<div class="updateResults">
<form action = "" method = "post">
<a><?php if(isset($message)){echo $message;}?></a>
<p>Course Number</p>
<input placeholder="Required" class="resultField" type = "text" name = "courseNumber"/>
<p>Course Title</p>
<input placeholder="Required" class="resultField" type = "text" name = "courseTitle"/>
<p>Course Instructors' Name</p>
<input placeholder="Required" class="resultField" type = "text" name = "courseInstructor"/>
<p>Course Telephone</p>
<input placeholder="Required" class="resultField" type = "text" name = "courseTelephone"/>
<p>Course Email</p>
<input placeholder="Required" class="resultField" type = "text" name = "courseEmail"/>
<p>Room Number</p>
<input placeholder="Required" class="resultField" type = "text" name = "roomNumber"/>
<p>Department</p>
<input placeholder="Required" class="resultField" type = "text" name = "department"/>
<p>University ID</p>
<input placeholder="Required" class="resultField" type = "text" name = "universityID"/>
<hr>
<input type="submit" name="action" value="Create Course"/>
<hr>
<a href="CreateDashboard.php"><input class="backButton" type="button" value="Dashboard" /></a>
</form>
</div>
</body>
</html>
Website/CreateDashboard.php 0 → 100644
View file @ 07c60f23
<?php
include('Session.php');
$username = $_SESSION['username'];
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php echo $username;?></a></li>
</ul>
<div class="dashboard">
<ul class="navBar">
<li><a href="CreateLease.php">New Lease</a></li>
<li><a href="CreateInspection.php">New Inspection Log</a></li>
<li><a href="CreateStaff.php">New Staff</a></li>
<li><a href="CreateApartment.php">New Apartment</a></li>
</ul>
<ul class="navBar">
<li><a href="CreateHallOfRes.php">New Hall of Residents</a></li>
<li><a href="CreateUniversity.php">New University</a></li>
<li><a href="CreateCourse.php">New Course</a></li>
<li><a href="CreateRoom.php">New New Room</a></li>
</ul>
<ul class="navBar">
<li><a href="CreateInvoice.php">New Invoice</a></li>
<li><a href="CreateAdviser.php">New Adviser</a></li>
<li><a href="Dashboard.php">Back</a></li>
</ul>
</div>
</body>
</html>
Website/CreateHallOfRes.php 0 → 100644
View file @ 07c60f23
<?php
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
$numberSingleBeds = $_POST['numberSingleBeds'];
$staffID = $_POST['staffID'];
$buildingNumber = $_POST['buildingNumber'];
$firstLine = $_POST['firstLine'];
$secondLine = $_POST['secondLine'];
$postcode = $_POST['postcode'];
$valid = true;
if(!empty($postcode)) {
if (!(strlen($postcode)>=5 && strlen($postcode)<=8)) {
$message = "Please enter a valid UK postcode";
$valid=false;
}
}
else {
$message = "Please enter a postcode";
$valid=false;
}
if(!empty($numberSingleBeds)) {
if (!is_int($numberSingleBeds)) {
$message = "Please enter the number of single beds as an integer";
$valid=false;
}
}
else {
$message = "Please enter the number of single beds";
$valid=false;
}
if(empty($firstLine)) {
$message= "Please enter the first line address";
$valid=false;
}
if(empty($buildingNumber)) {
$message= "Please enter the building number";
$valid=false;
}
if($valid==true) {
$sqlAddress = "INSERT INTO Address (addressID, buildingNumber, firstLine, secondLine, postcode) VALUES (NULL, '$buildingNumber', '$firstLine', '$secondLine', '$postcode');";
$sqlHall = "INSERT INTO HallOfResidents (hallID, addressID, numberSingleBeds, staffID) VALUES (NULL, (SELECT addressID FROM Address WHERE firstLine='$firstLine' AND buildingNumber='$buildingNumber'), '$numberSingleBeds', '$staffID')";
$errors = [];
$db->autocommit(FALSE);
if(!$db->query($sqlAddress)) {
$errors[] = $db->error;
}
if(!$db->query($sqlHall)) {
$errors[] = $db->error;
}
if (count($errors) ===0) {
$db->commit();
$message = "The apartment has been deleted!";
}
else {
$db->rollback();
foreach($errors as $e) {
$message = $message . "Error: " . $e . "<br>";
}
}
$db->autocommit(TRUE);
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){echo $username;}?></a></li>
</ul>
<div class="updateResults">
<form action = "" method = "post">
<a><?php if(isset($message)){echo $message;}?></a>
<p>Number of Single Beds</p>
<input placeholder="Optional" class="resultField" type = "text" name = "numberSingleBeds"/>
<p>Staff ID</p>
<input placeholder="Optional" class="resultField" type = "text" name = "staffID"/>
<p>Building Number</p>
<input placeholder="Required" class="resultField" type = "text" name = "buildingNumber"/>
<p>First Line</p>
<input placeholder="Required" class="resultField" type = "text" name = "firstLine"/>
<p>Second Line</p>
<input placeholder="Optional" class="resultField" type = "text" name = "secondLine"/>
<p>Postcode</p>
<input placeholder="Required" class="resultField" type = "text" name = "postcode"/>
<hr>
<input type="submit" name="action" value="Create New Hall of Residents"/>
<hr>
<a href="CreateDashboard.php"><input class="backButton" type="button" value="Dashboard" /></a>
</form>
</div>
</body>
</html>
Website/CreateInspection.php 0 → 100644
View file @ 07c60f23
<?php
function validateDate($date) {
$Date = explode('-', $date);
return checkdate($Date[1], $Date[2], $Date[0]);
}
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
$date = $_POST['date'];
$duration = $_POST['duration'];
$valid = true;
$sql = "SELECT placeNumber FROM Room;";
$result = mysqli_query($db,$sql) or die(mysqli_error($db));
$count = mysqli_num_rows($result);
if($count >= 1) {
$placeNumbers=[];
while ($row = mysqli_fetch_row($result)) {
$placeNumbers[] = $row[0];
}
if(empty($date) || !validateDate($date)) {
$message = "Please enter a validate start date in format YYYY-MM-DD";
$valid=false;
}
$numberInspectionsPerDay = 0;
$dates = [];
if(!empty($duration)) {
if (!is_int((int) $duration)) {
$message = "Please enter the duration in days as an integer";
$valid=false;
}
else {
for ($i=0; $i<=$duration-1; $i++) {
$dates[] = date("Y-m-d", strtotime($date . ' + ' . $i . ' days'));
}
}
}
else {
$message = "Please enter the duration in days as an integer";
$valid=false;
}
if($valid==true) {
$errors = array();
$numberInspectionsPerDay = round($count / $duration);
$db->autocommit(FALSE);
if($count%$duration == 0) {
for ($i=0; $i<=$duration-1; $i++) {
for ($z=($numberInspectionsPerDay*$i); $z<(($numberInspectionsPerDay*$i)+$numberInspectionsPerDay); $z++) {
$sql = "INSERT INTO Inspection (inspectionID, date, placeNumber) VALUES (NULL, '$dates[$i]', '$placeNumbers[$z]');";
if(!$db->query($sql)) {
$errors[] = $db->error;
}
}
}
}
else {
$numberInspectionsPerDay = $count/$duration;
$numberInspectionsPerDay = (int) $numberInspectionsPerDay;
$remainder = $count%$duration;
$z=0;
for ($i=0; $i<=$duration-1; $i++) {
for ($z=($numberInspectionsPerDay*$i); $z<(($numberInspectionsPerDay*$i)+$numberInspectionsPerDay); $z++) {
$sql = "INSERT INTO Inspection (inspectionID, date, placeNumber) VALUES (NULL, '$dates[$i]', '$placeNumbers[$z]');";
if(!$db->query($sql)) {
$errors[] = $db->error;
}
}
}
for ($i=$z; $i<=$z+$remainder-1; $i++) {
$date = $i-$z;
$sql = "INSERT INTO Inspection (inspectionID, date, placeNumber) VALUES (NULL, '$dates[$date]', '$placeNumbers[$i]');";
if(!$db->query($sql)) {
$errors[] = $db->error;
}
}
}
if (count($errors) === 0) {
$db->commit();
$date2 = date("Y-m-d", strtotime($date . ' + ' . $duration . ' days'));
$message = "Inspections for all dates have been created. Produce an inspection report between '$date' and '$date2'";
}
else {
$db->rollback();
foreach($errors as $e) {
$message = $message . "Error: " . $e . "<br>";
}
}
$db->autocommit(TRUE);
}
}
else {
$message = "An error has occurred";
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){echo $username;}?></a></li>
</ul>
<div class="updateResults">
<form action = "" method = "post">
<a><?php if(isset($message)){echo $message;}?></a>
<p>Start Date</p>
<input placeholder="Required" class="resultField" type = "text" name = "date"/>
<p>Duration (In Days)</p>
<input placeholder="Required (Max 7 days)" class="resultField" type = "text" name = "duration"/>
<hr>
<input type="submit" name="action" value="Create Inspection Records"/>
<hr>
<a href="CreateDashboard.php"><input class="backButton" type="button" value="Dashboard" /></a>
</form>
</div>
</body>
</html>
Website/CreateInvoice.php 0 → 100644
View file @ 07c60f23
<?php
function validateDate($date) {
$Date = explode('-', $date);
return checkdate($Date[1], $Date[2], $Date[0]);
}
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
$dateDue = $_POST['dateDue'];
$semester = $_POST['semester'];
$paymentDue = $_POST['paymentDue'];
$leaseNumber = $_POST['leaseNumber'];
$firstReminder = "";
$secondReminder = "";
$valid = true;
if(!empty($dateDue) && validateDate($dateDue)) {
$firstReminder = date("Y-m-d", strtotime($dateDue . ' - 15 days'));
$secondReminder = date("Y-m-d", strtotime($dateDue . ' - 5 days'));
}
else {
$message = "Please enter a validate date in format YYYY-MM-DD";
$valid=false;
}
if(!empty($semester)) {
if (!is_int((int) $semester)) {
$message = "Please enter the semester number 1/2/3(Summer)";
$valid=false;
}
}
else {
$message = "Please enter the semester number 1/2/3(Summer)";
$valid=false;
}
if(!empty($paymentDue)) {
if (!is_numeric((float) $paymentDue)) {
$message = "Please enter the payment amount due";
$valid=false;
}
}
else {
$message = "Please enter the payment amount due";
$valid=false;
}
if(!empty($leaseNumber)) {
if (!is_int((int) $leaseNumber)) {
$message = "Please enter the lease number";
$valid=false;
}
}
else {
$message = "Please enter the lease number";
$valid=false;
}
if($valid==true) {
$sqlInvoice = "INSERT INTO Invoice (invoiceID, dateDue, semester, paymentDue, leaseNumber) VALUES (NULL, '$dateDue', '$semester', '$paymentDue', '$leaseNumber');";
$sqlDates = "INSERT INTO ReminderDates (dateDue, firstReminder, secondReminder) VALUES ('$dateDue', '$firstReminder', '$secondReminder');";
$db->autocommit(FALSE);
$db->query($sqlInvoice);
$db->query($sqlDates);
if ($db->commit()) {
$message = "The invoice has been created!";
}
else {
$message = $db->error;
}
$db->autocommit(TRUE);
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){echo $username;}?></a></li>
</ul>
<div class="updateResults">
<form action = "" method = "post">
<a><?php if(isset($message)){echo $message;}?></a>
<p>Date Due</p>
<input placeholder="Required (YYYY-MM-DD)" class="resultField" type = "text" name = "dateDue"/>
<p>Semester</p>
<input placeholder="Required (1/2/3(Summer))" class="resultField" type = "text" name = "semester"/>
<p>Payment Due (£GBP)</p>
<input placeholder="Required" class="resultField" type = "text" name = "paymentDue"/>
<p>Lease Number</p>
<input placeholder="Required" class="resultField" type = "text" name = "leaseNumber"/>
<hr>
<input type="submit" name="action" value="Create Invoice"/>
<hr>
<a href="CreateDashboard.php"><input class="backButton" type="button" value="Dashboard" /></a>
</form>
</div>
</body>
</html>
Website/CreateLease.php 0 → 100644
View file @ 07c60f23
<?php
function validateDate($date) {
$Date = explode('-', $date);
return checkdate($Date[1], $Date[2], $Date[0]);
}
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
$placeNumber = $_POST['placeNumber'];
$leaseDurationInSemesters = $_POST['leaseDurationInSemesters'];
$leaseStart = $_POST['leaseStart'];
$leaseEnd = $_POST['leaseEnd'];
$valid = true;
if(!empty($leaseStart) && validateDate($leaseStart)) {
$message = "Please enter a validate start date in format YYYY-MM-DD";
$valid=false;
}
if(!empty($leaseEnd) && validateDate($leaseEnd)) {
$message = "Please enter a validate end date in format YYYY-MM-DD";
$valid=false;
}
if(!empty($leaseDurationInSemesters)) {
if (!is_int((int) $leaseDurationInSemesters)) {
$message = "Please enter the duration in semesters 1/2/3(Summer)";
$valid=false;
}
}
if(!empty($placeNumber)) {
if (!is_int((int) $placeNumber)) {
$message = "Please enter the place number as an integer";
$valid=false;
}
}
if($valid==true) {
if(empty($placeNumber) && empty($leaseStart) && empty($leaseEnd)) {
$sqlLease = "INSERT INTO Lease (leaseNumber, leaseDurationInSemesters, leaseStart, leaseEnd, placeNumber) VALUES (NULL, '$leaseDurationInSemesters',NULL,NULL, NULL);";
}
else if(empty($placeNumber) && !empty($leaseStart) && empty($leaseEnd)) {
$sqlLease = "INSERT INTO Lease (leaseNumber, leaseDurationInSemesters, leaseStart, leaseEnd, placeNumber) VALUES (NULL, '$leaseDurationInSemesters','$leaseStart',NULL, NULL);";
}
else if(empty($placeNumber) && empty($leaseStart) && !empty($leaseEnd)) {
$sqlLease = "INSERT INTO Lease (leaseNumber, leaseDurationInSemesters, leaseStart, leaseEnd, placeNumber) VALUES (NULL, '$leaseDurationInSemesters',NULL,'$leaseEnd', NULL);";
}
else {
$sqlLease = "INSERT INTO Lease (leaseNumber, leaseDurationInSemesters, leaseStart, leaseEnd, placeNumber) VALUES (NULL, '$leaseDurationInSemesters','$leaseStart','$leaseEnd','$placeNumber');";
}
if($valid==true) {
if ($db->query($sqlLease)) {
$message = "A new lease has been created!";
}
else {
$message = $db->error;
}
}
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){echo $username;}?></a></li>
</ul>
<div class="updateResults">
<form action = "" method = "post">
<a><?php if(isset($message)){echo $message;}?></a>
<p>Place Number</p>
<input placeholder="Optional" class="resultField" type = "text" name = "placeNumber"/>
<p>Duration (Semesters)</p>
<input placeholder="Optional (1/2/3(Summer))" class="resultField" type = "text" name = "leaseDurationInSemesters"/>
<p>Start Date</p>
<input placeholder="Optional" class="resultField" type = "text" name = "leaseStart"/>
<p>End Date</p>
<input placeholder="Optional" class="resultField" type = "text" name = "leaseEnd"/>
<hr>
<input type="submit" name="action" value="Create Lease"/>
<hr>
<a href="CreateDashboard.php"><input class="backButton" type="button" value="Dashboard" /></a>
</form>
</div>
</body>
</html>
Website/CreateRoom.php 0 → 100644
View file @ 07c60f23
<?php
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
$roomNumber = $_POST['roomNumber'];
$floorNumber = $_POST['floorNumber'];
$monthlyRate = $_POST['monthlyRate'];
$apartmentID = $_POST['apartmentID'];
$hallID = $_POST['hallID'];
$valid = true;
if(!empty($apartmentID)) {
if (!is_int((int) $apartmentID)) {
$message = "Please enter the apartment ID as an integer";
$valid=false;
}
}
if(!empty($hallID)) {
if (!is_int((int) $hallID)) {
$message = "Please enter the hall ID as an integer";
$valid=false;
}
}
if(!empty($hallID) && !empty($apartmentID)) {
$message = "Please enter either an apartment ID or a hall ID";
$valid=false;
}
if(!empty($monthlyRate)) {
if (!is_integer((int) $monthlyRate)) {
$message = "Please enter the monthly rate as an integer";
$valid=false;
}
}
else {
$message = "Please enter the monthly rate as an integer";
$valid=false;
}
if(empty($roomNumber)) {
$message= "Please enter a room number";
$valid=false;
}
if($valid==true) {
$sqlRoom = "INSERT INTO Room (placeNumber, roomNumber, floorNumber, monthlyRate, apartmentID, hallID) VALUES (NULL, '$roomNumber', '$floorNumber', '$monthlyRate', NULL, NULL);";
if(!empty($hallID)) {
$sqlRoom = "INSERT INTO Room (placeNumber, roomNumber, floorNumber, monthlyRate, apartmentID, hallID) VALUES (NULL, '$roomNumber', '$floorNumber', '$monthlyRate', NULL, '$hallID');";
}
if(!empty($apartmentID)) {
$sqlRoom = "INSERT INTO Room (placeNumber, roomNumber, floorNumber, monthlyRate, apartmentID, hallID) VALUES (NULL, '$roomNumber', '$floorNumber', '$monthlyRate', '$apartmentID', NULL);";
}
if($valid==true) {
if ($db->query($sqlRoom)) {
$message = "A new room has been created!";
}
else {
$message = $db->error;
}
}
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){echo $username;}?></a></li>
</ul>
<div class="updateResults">
<form action = "" method = "post">
<a><?php if(isset($message)){echo $message;}?></a>
<p>Room Number</p>
<input placeholder="Required" class="resultField" type = "text" name = "roomNumber"/>
<p>Floor Number</p>
<input placeholder="Optional" class="resultField" type = "text" name = "floorNumber"/>
<p>Monthly Rate</p>
<input placeholder="Required" class="resultField" type = "text" name = "monthlyRate"/>
<p>Apartment ID</p>
<input placeholder="Optional" class="resultField" type = "text" name = "apartmentID"/>
<p>Hall ID</p>
<input placeholder="Optional" class="resultField" type = "text" name = "hallID"/>
<hr>
<input type="submit" name="action" value="Create Room"/>
<hr>
<a href="CreateDashboard.php"><input class="backButton" type="button" value="Dashboard" /></a>
</form>
</div>
</body>
</html>
Website/CreateStaff.php 0 → 100644
View file @ 07c60f23
<?php
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
$location = $_POST['location'];
$position = $_POST['position'];
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$middlename = $_POST['middlename'];
$email = $_POST['email'];
$mobile = $_POST['mobile'];
$buildingNumber = $_POST['buildingNumber'];
$firstLine = $_POST['firstLine'];
$secondLine = $_POST['secondLine'];
$postcode = $_POST['postcode'];
$pass = $_POST['password'];
$confirm = $_POST['confirm'];
$valid = true;
//Validate the email address
if(!empty($email)) { //Not an empty field?
if(!filter_var($email, FILTER_VALIDATE_EMAIL)) { //Correct Format?
$message = "Please enter a valid email address";
$valid=false;
}
}
else {
$message = "Please enter a valid email address";
$valid=false;
}
if(!empty($mobile)) {
$mobile = filter_var($mobile, FILTER_SANITIZE_NUMBER_INT);
$mobile = str_replace("-", "", $mobile);
if (strlen($mobile)!=11) {
$message = "Please enter a valid UK mobile number";
$valid=false;
}
}
else {
$message = "Please enter a mobile number";
$valid=false;
}
if(!empty($postcode)) {
if (!(strlen($postcode)>=5 && strlen($postcode)<=8)) {
$message = "Please enter a valid UK postcode";
$valid=false;
}
}
else {
$message = "Please enter a postcode";
$valid=false;
}
if(empty($firstLine)) {
$message= "Please enter the first line address";
$valid=false;
}
if(empty($buildingNumber)) {
$message= "Please enter the building number";
$valid=false;
}
if(empty($firstname)) {
$message= "Please enter a first name";
$valid=false;
}
if(empty($lastname)) {
$message= "Please enter the last name";
$valid=false;
}
if(!empty($pass) && !empty($confirm)) {
if($pass == $confirm) {
if (strlen($pass)>=8) {
$pass = md5($pass);
$valid=true;
}
else {
$message = "Please enter a password greater than 8 characters long!";
$valid=false;
}
}
else {
$message = "The passwords do not match!";
$valid=false;
}
}
else {
$message = "Please confirm your password!";
$valid=false;
}
if($valid==true) {
$sqlAddress = "INSERT INTO Address (addressID, buildingNumber, firstLine, secondLine, postcode) VALUES (NULL, '$buildingNumber', '$firstLine', '$secondLine', '$postcode');";
$sqlDetails = "INSERT INTO GeneralDetails (detailsID, firstname, middlename, lastname, email, mobile, addressID) VALUES (NULL, '$firstname', '$middlename', '$lastname', '$email', '$mobile', (SELECT addressID FROM Address WHERE buildingNumber='$buildingNumber' AND firstLine='$firstLine' AND postcode='$postcode'));";
$sqlLogin = "INSERT INTO Login (loginID, password, isLocked) VALUES (NULL, '$pass', 0);";
$sqlStaff = "INSERT INTO ResidentStaff (staffID, position, location, loginID, detailsID) VALUES (NULL, '$position', '$location', (SELECT loginID FROM Login WHERE password='$pass'), (SELECT detailsID FROM GeneralDetails WHERE email='$email' AND mobile='$mobile'));";
$errors = [];
$db->autocommit(FALSE);
if(!$db->query($sqlAddress)) {
$errors[] = $db->error;
}
if(!$db->query($sqlDetails)) {
$errors[] = $db->error;
}
if(!$db->query($sqlLogin)) {
$errors[] = $db->error;
}
if(!$db->query($sqlStaff)) {
$errors[] = $db->error;
}
if (count($errors) ===0) {
$db->commit();
$message = "The staff member has been created.";
}
else {
$db->rollback();
foreach($errors as $e) {
$message = $message . "Error: " . $e . "<br>";
}
}
$db->autocommit(TRUE);
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){echo $username;}?></a></li>
</ul>
<div class="updateResults">
<form action = "" method = "post">
<a><?php if(isset($message)){echo $message;}?></a>
<p>Position</p>
<input placeholder="Optional" class="resultField" type = "text" name = "position"/>
<p>Location</p>
<input placeholder="Optional" class="resultField" type = "text" name = "location"/>
<p>First Name</p>
<input placeholder="Required" class="resultField" type = "text" name = "firstname"/>
<p>Middle Name</p>
<input placeholder="Optional" class="resultField" type = "text" name = "middlename"/>
<p>Last Name</p>
<input placeholder="Required" class="resultField" type = "text" name = "lastname"/>
<p>Email</p>
<input placeholder="Required" class="resultField" type = "text" name = "email"/>
<p>Mobile</p>
<input placeholder="Required" class="resultField" type = "text" name = "mobile"/>
<p>Building Number</p>
<input placeholder="Required" class="resultField" type = "text" name = "buildingNumber"/>
<p>First Line</p>
<input placeholder="Required" class="resultField" type = "text" name = "firstLine"/>
<p>Second Line</p>
<input placeholder="Optional" class="resultField" type = "text" name = "secondLine"/>
<p>Postcode</p>
<input placeholder="Required" class="resultField" type = "text" name = "postcode"/>
<p>Password</p>
<input placeholder="Must be 8 or more characters long." class="resultField" type = "password" name = "password"/>
<p>Confirm Password</p>
<input placeholder="Make it match!" class="resultField" type = "password" name = "confirm"/>
<hr>
<input type="submit" name="action" value="Create New Staff Member"/>
<hr>
<a href="CreateDashboard.php"><input class="backButton" type="button" value="Dashboard" /></a>
</form>
</div>
</body>
</html>
Website/CreateUniversity.php 0 → 100644
View file @ 07c60f23
<?php
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
$universityName = $_POST['universityName'];
$buildingNumber = $_POST['buildingNumber'];
$firstLine = $_POST['firstLine'];
$secondLine = $_POST['secondLine'];
$postcode = $_POST['postcode'];
$valid = true;
if(!empty($postcode)) {
if (!(strlen($postcode)>=5 && strlen($postcode)<=8)) {
$message = "Please enter a valid UK postcode";
$valid=false;
}
}
else {
$message = "Please enter a postcode";
$valid=false;
}
if(empty($firstLine)) {
$message= "Please enter the first line address";
$valid=false;
}
if(empty($buildingNumber)) {
$message= "Please enter the building number";
$valid=false;
}
if(empty($universityName)) {
$message= "Please enter the university name";
$valid=false;
}
if($valid==true) {
$sqlAddress = "INSERT INTO Address (addressID, buildingNumber, firstLine, secondLine, postcode) VALUES (NULL, '$buildingNumber', '$firstLine', '$secondLine', '$postcode');";
$sqlUniversity = "INSERT INTO University (universityID, universityName, addressID) VALUES (NULL, '$universityName', (SELECT addressID FROM Address WHERE buildingNumber='$buildingNumber' AND firstLine='$firstLine' AND postcode='$postcode'));";
$errors = [];
$db->autocommit(FALSE);
if(!$db->query($sqlAddress)) {
$errors[] = $db->error;
}
if(!$db->query($sqlUniversity)) {
$errors[] = $db->error;
}
if (count($errors) ===0) {
$db->commit();
$message = "The university has been created.";
}
else {
$db->rollback();
foreach($errors as $e) {
$message = $message . "Error: " . $e . "<br>";
}
}
$db->autocommit(TRUE);
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){echo $username;}?></a></li>
</ul>
<div class="updateResults">
<form action = "" method = "post">
<a><?php if(isset($message)){echo $message;}?></a>
<p>University Name</p>
<input placeholder="Required" class="resultField" type = "text" name = "universityName"/>
<p>Building Number</p>
<input placeholder="Required" class="resultField" type = "text" name = "buildingNumber"/>
<p>First Line</p>
<input placeholder="Required" class="resultField" type = "text" name = "firstLine"/>
<p>Second Line</p>
<input placeholder="Optional" class="resultField" type = "text" name = "secondLine"/>
<p>Postcode</p>
<input placeholder="Required" class="resultField" type = "text" name = "postcode"/>
<hr>
<input type="submit" name="action" value="Create New University"/>
<hr>
<a href="CreateDashboard.php"><input class="backButton" type="button" value="Dashboard" /></a>
</form>
</div>
</body>
</html>
Website/Dashboard.php 0 → 100644
View file @ 07c60f23
<?php
include('Session.php');
$username = $_SESSION['username'];
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php echo $username;?></a></li>
</ul>
<div class="dashboard">
<ul class="navBar">
<li><a href="SearchDashboard.php">Search Tool</a></li>
<li><a href="ReportDashboard.php">Report Tool</a></li>
<li><a href="CreateDashboard.php">Create Tool</a></li>
<li><a href="ChangePass.php">Change Password</a></li>
</ul>
</div>
</body>
</html>
Website/HORSearch.php 0 → 100644
View file @ 07c60f23
<?php
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
$placeNumber = $_POST['placeNumber'];
$buildingNumber = $_POST['buildingNumber'];
$firstLine = $_POST['firstLine'];
$postcode = $_POST['postcode'];
$sql= "SELECT DISTINCT b.hallID, c.buildingNumber, c.firstLine, c.secondLine, c.postcode FROM Room a INNER JOIN HallOfResidents b ON a.hallID=b.hallID INNER JOIN Address c ON b.addressID=c.addressID WHERE a.placeNumber='$placeNumber' OR c.buildingNumber='$buildingNumber' OR c.postcode='$postcode' OR c.firstLine='$firstLine'";
if(isset($sql)) {
$result = mysqli_query($db,$sql) or die(mysqli_error($db));
$count = mysqli_num_rows($result);
if($count >= 1) {
$numResults = $count . " results";
$results = "<table><tr><th>Hall of Residents Id</th><th>Building Number</th><th>First Line</th><th>Second Line</th><th>Postcode</th><th>More Details</th></tr>";
while($row = mysqli_fetch_array($result)) {
$results = $results . "<tr><th>".$row["hallID"]."</th><th>".$row["buildingNumber"]."</th><th>".$row["firstLine"]."</th><th>".$row["secondLine"]."</th><th>".$row["postcode"]."</th><th><form action='HORView.php' method='post'><input style='margin-top:15px;' type='submit' value='View'/><input type='hidden' name='search' value='".$row["hallID"]."'</input></form></th></tr>";
}
$results = $results . "</table>";
}
else {
$numResults = "0 results";
}
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){ echo $username; } ?></a></li>
</ul>
<div class="form">
<form class="centerBoxes" action = "" method = "post">
<br/>
<input class="searchField" placeholder="Place Number" type = "text" name = "placeNumber"/>
<input class="searchField" placeholder="Building Number" type = "text" name = "buildingNumber"/>
<input class="searchField" placeholder="First Line" type = "text" name = "firstLine"/>
<input class="searchField"placeholder="Postcode" type = "text" name = "postcode"/>
<input class="searchField" type = "submit" value = "Search"/>
<br/>
</form>
<p><?php if(isset($numResults)){echo $numResults;}?></p>
<div id="results">
<?php if(isset($results)){echo $results; }?>
</div>
</div>
</body>
</html>
Website/HORView.php 0 → 100644
View file @ 07c60f23
<?php
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
//Read Data
if(isset($_POST['search'])) {
$hallID = $_POST['search'];
$sql = NULL;
$hallID = mysqli_real_escape_string($db, $hallID);
$sql = "SELECT a.hallID, a.numberSingleBeds, b.buildingNumber, b.firstLine, b.secondLine, b.postcode FROM HallOfResidents a INNER JOIN Address b ON a.addressID=b.addressID WHERE a.hallID='$hallID'";
if(isset($sql)) {
$result = mysqli_query($db,$sql) or die(mysqli_error($db));
$count = mysqli_num_rows($result);
$result = mysqli_fetch_array($result);
if($count >= 1) {
$hallID = $result['hallID'];
$numberSingleBeds = $result['numberSingleBeds'];
$buildingNumber = $result['buildingNumber'];
$firstLine = $result['firstLine'];
$secondLine = $result['secondLine'];
$postcode = $result['postcode'];
}
else {
header("location: HORSearch.php");
}
}
}
if ($_POST['action'] == "Update Details") {
//Update Data
$message = "";
$valid=true;
//error_log("Reached 1", 0);
//Check shared fields
if(isset($_POST['hallID']) && isset($_POST['numberSingleBeds']) && isset($_POST['buildingNumber']) && isset($_POST['firstLine']) && isset($_POST['postcode'])) {
//Generic Details Defined
$hallID = $_POST['hallID'];
$numberSingleBeds = $_POST['numberSingleBeds'];
$buildingNumber = $_POST['buildingNumber'];
$firstLine = $_POST['firstLine'];
$secondLine = $_POST['secondLine'];
$postcode = $_POST['postcode'];
if(!empty($postcode)) {
if (!(strlen($postcode)>=5 && strlen($postcode)<=8)) {
$message = "Please enter a valid UK postcode";
$valid=false;
}
}
else {
$message = "Please enter a postcode";
$valid=false;
}
if(empty($firstLine)) {
$message= "Please enter the first line address";
$valid=false;
}
if(empty($buildingNumber)) {
$message= "Please enter the building number";
$valid=false;
}
if(empty($numberSingleBeds)) {
$message= "Please enter the number of single beds";
$valid=false;
}
else if(!is_int((int)$numberSingleBeds)) {
$message= "Please enter a valid number of single beds";
$valid=false;
}
$sqlGeneric = "";
if(!empty($hallID)) {
$sqlGeneric = "UPDATE HallOfResidents a INNER JOIN Address b ON a.addressID=b.addressID SET b.buildingNumber='$buildingNumber', b.firstLine='$firstLine', b.secondLine='$secondLine', b.postcode='$postcode', a.numberSingleBeds='$numberSingleBeds' WHERE a.hallID='$hallID'; ";
}
else {
$message = "An error occurred! The information was not updated!";
$valid=false;
}
if($valid==true && !empty($sqlGeneric)) {
if ($db->query($sqlGeneric)) {
$message = "The update is successful!";
}
else {
$message = $db->error;
}
}
}
}
else if ($_POST['action'] == "Delete Record") {
if(!empty($_POST['deleteRecord']) && isset($_POST['hallID'])) {
$id = $_POST['hallID'];
$sqlUpdate = "UPDATE Room SET hallID = NULL WHERE hallID='$id'";
$sqlDelete = "DELETE FROM HallOfResidents WHERE hallID='$id'";
$errors = [];
$db->autocommit(FALSE);
if(!$db->query($sqlUpdate)) {
$errors[] = $db->error;
}
if(!$db->query($sqlDelete)) {
$errors[] = $db->error;
}
if (count($errors) ===0) {
$db->commit();
$message = "The hall has been deleted.";
}
else {
$db->rollback();
foreach($errors as $e) {
$message = $message . "Error: " . $e . "<br>";
}
}
$db->autocommit(TRUE);
}
else {
$message = "You must confirm by ticking the box to delete the record!";
}
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){echo $username;}?></a></li>
</ul>
<div class="updateResults">
<form action = "" method = "post">
<a><?php if(isset($message)){echo $message;}?></a>
<p>Hall of Residents Id</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($hallID)){echo ucfirst($hallID);} ?>" type = "text" name = "hallID" readonly/>
<p>Number of Single Beds</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($numberSingleBeds)){echo ucfirst($numberSingleBeds);}?>" type = "text" name = "numberSingleBeds"/>
<p>Building Number</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($buildingNumber)){echo $buildingNumber;} ?>" type = "text" name = "buildingNumber"/>
<p>First Line Address</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($firstLine)){echo $firstLine;} ?>" type = "text" name = "firstLine"/>
<p>Second Line Address</p>
<input placeholder="N/A" placeholder="N/A" class="resultField" value="<?php if(isset($secondLine) && !empty($secondLine)){echo $secondLine;} ?>" type = "text" name = "secondLine"/>
<p>Postcode</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($postcode)){echo $postcode;} ?>" type = "text" name = "postcode"/>
<hr>
<input type="submit" name="action" value="Update Details"/>
<hr>
<div style="display:flex; justify-content:center;">
<a>Tick the box to delete the record</a><input type="checkbox" name="deleteRecord" value="Yes"/>
</div>
<hr>
<input type="submit" name="action" value="Delete Record"/>
<hr>
<a href="ApartmentSearch.php"><input class="backButton" type="button" value="Create New Search" /></a>
</form>
</div>
</body>
</html>
Website/IncomeReport.php 0 → 100644
View file @ 07c60f23
<?php
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
$dateTo = $_POST['dateTo'];
$dateFrom = $_POST['dateFrom'];
if(!empty($dateTo) && !empty($dateFrom)) {
//If All
$sql = "SELECT a.leaseNumber, a.paymentDue, a.datePaid, a.paymentMethod, d.firstname, d.lastname FROM Invoice a INNER JOIN Lease b ON a.leaseNumber=b.leaseNumber INNER JOIN Student c ON b.leaseNumber=c.leaseNumber INNER JOIN GeneralDetails d ON c.detailsID=d.detailsID WHERE a.datePaid < '$dateTo' AND a.datePaid > '$dateFrom'";
}
else {
$numResults = "You can produce an income report on all paid invoices using the date from and date to";
}
if(isset($sql)) {
$result = mysqli_query($db,$sql) or die(mysqli_error($db));
$count = mysqli_num_rows($result);
if($count >= 1) {
$numResults = $count . " results";
$results = "<table><tr><th>Lease Number</th><th>Amount Paid</th><th>Date Paid</th><th>Payment Method</th><th>First Name</th><th>Last Name</th></tr>";
$total = 0;
while($row = mysqli_fetch_array($result)) {
$total = $total + (int)$row['paymentDue'];
$results = $results . "<tr><th>".$row["leaseNumber"]."</th><th>£".$row["paymentDue"]."</th><th>".$row["datePaid"]."</th><th>".$row["paymentMethod"]."</th><th>".ucfirst($row["firstname"])."</th><th>".ucfirst($row["lastname"])."</th></tr>";
}
$results = $results . "</table>";
$button = "<input class='print' type='button' value='Print' onclick='window.print()'>";
}
else {
$numResults = "0 results";
}
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<div class="noPrint">
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){ echo $username; } ?></a></li>
</ul>
</div>
<div class="form">
<div class="noPrint">
<form class="centerBoxes" action = "" method = "post">
<br/>
<input class="searchField" placeholder="Date From (YYYY-MM-DD)" type = "text" name = "dateFrom"/>
<input class="searchField" placeholder="Date To (YYYY-MM-DD)" type = "text" name = "dateTo"/>
<input class="searchField" type = "submit" value = "Produce Income Report"/>
<br/>
</form>
</div>
<p><?php if(isset($numResults)){echo $numResults;}?></p>
<div id="results">
<?php if(isset($results)){echo $results; }?>
<br>
<?php if(isset($total) && isset($dateTo) && isset($dateFrom)){echo "Total Income Between ".$dateFrom." and ".$dateTo.": <b>£".$total."</b>"; }?>
<br>
<br>
</div>
<div class="noPrint">
<?php if(isset($button)){echo $button; }?>
</div>
</div>
</body>
</html>
Website/InspectionReport.php 0 → 100644
View file @ 07c60f23
<?php
include('Session.php');
$username = $_SESSION['username'];
function validateDate($date) {
$Date = explode('-', $date);
return checkdate($Date[1], $Date[2], $Date[0]);
}
if($_SERVER["REQUEST_METHOD"] == "POST") {
$dateTo = $_POST['dateTo'];
$dateFrom = $_POST['dateFrom'];
if(!empty($dateTo) && !empty($dateFrom) && validateDate($dateTo) && validateDate($dateFrom)) {
$sql = "SELECT a.inspectionID, a.date, a.additionalComments, a.staffID, a.placeNumber FROM Inspection a WHERE a.date < '$dateTo' AND a.date > '$dateFrom' AND a.conditionSatisfactory=0";
}
else {
$numResults = "You can produce a report on all unsatisfactory inspection rooms using the date to and date from fields";
}
if(isset($sql)) {
$result = mysqli_query($db,$sql) or die(mysqli_error($db));
$count = mysqli_num_rows($result);
if($count >= 1) {
$numResults = $count . " results";
$results = "<table><tr><th>Inspection Id</th><th>Date</th><th>Additional Comments</th><th>Staff Id</th><th>Place Number</th></tr>";
while($row = mysqli_fetch_array($result)) {
$results = $results . "<tr><th>".$row["inspectionID"]."</th><th>".$row["date"]."</th><th>".$row["additionalComments"]."</th><th>".$row["staffID"]."</th><th>".$row["placeNumber"]."</th></tr>";
}
$results = $results . "</table>";
$button = "<input class='print' type='button' value='Print' onclick='window.print()'>";
}
else {
$numResults = "0 results";
}
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<div class="noPrint">
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){ echo $username; } ?></a></li>
</ul>
</div>
<div class="form">
<div class="noPrint">
<form class="centerBoxes" action = "" method = "post">
<br/>
<input class="searchField" placeholder="Date From (YYYY-MM-DD)" type = "text" name = "dateFrom"/>
<input class="searchField" placeholder="Date To (YYYY-MM-DD)" type = "text" name = "dateTo"/>
<input class="searchField" type = "submit" value = "Produce Inspection Damage Report"/>
<br/>
</form>
</div>
<p><?php if(isset($numResults)){echo $numResults;}?></p>
<div id="results">
<?php if(isset($results)){echo $results; }?>
</div>
<div class="noPrint">
<?php if(isset($button)){echo $button; }?>
</div>
</div>
</body>
</html>
Website/InspectionSearch.php 0 → 100644
View file @ 07c60f23
<?php
function validateDate($date) {
$Date = explode('-', $date);
return checkdate($Date[1], $Date[2], $Date[0]);
}
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
$date = $_POST['date'];
$conditionSatisfactory = $_POST['conditionSatisfactory'];
$placeNumber = $_POST['placeNumber'];
$format=false;
if(!empty($conditionSatisfactory)) {
$conditionSatisfactory="OR conditionSatisfactory IS NULL";
$placeNumber="";
$date="";
$format=true;
}
else {
$conditionSatisfactory="";
}
$valid=true;
if(!empty($date) && !validateDate($date)) {
$valid=false;
$numResults = "Enter a valid date (YYYY-MM-DD)";
}
$sql="SELECT DISTINCT inspectionID, date, conditionSatisfactory, additionalComments, staffID, placeNumber FROM Inspection WHERE date='$date' OR placeNumber='$placeNumber' ". $conditionSatisfactory;
if(isset($sql) && $format==false && $valid) {
$result = mysqli_query($db,$sql) or die(mysqli_error($db));
$count = mysqli_num_rows($result);
if($count >= 1) {
$yes="No";
if($row["conditionSatisfactory"] == "1") {
$yes="Yes";
}
$numResults = $count . " results";
$results = "<table><tr><th>Inspection Id</th><th>Date</th><th>Condition Satisfactory</th><th>Additional Comments</th><th>Staff Id</th><th>Place Number</th></tr>";
while($row = mysqli_fetch_array($result)) {
$results = $results . "<tr><th>".$row["inspectionID"]."</th><th>".$row["date"]."</th><th>".$yes."</th><th>".$row["additionalComments"]."</th><th>".$row["staffID"]."</th><th>".$row["placeNumber"]."</th></tr>";
}
$results = $results . "</table>";
}
else {
$numResults = "0 results";
}
}
else if(isset($sql) && $format==true) {
$result = mysqli_query($db,$sql) or die(mysqli_error($db));
$count = mysqli_num_rows($result);
if($count >= 1) {
$numResults = $count . " results";
$results = "<table><tr><th>Inspection Id</th><th>Date</th><th>Place Number</th><th>Update Log</th></tr>";
while($row = mysqli_fetch_array($result)) {
$results = $results . "<tr><th>".$row["inspectionID"]."</th><th>".$row["date"]."</th><th>".$row["placeNumber"]."</th><th><form action='InspectionView.php' method='post'><input style='margin-top:15px;' type='submit' value='Update'/><input type='hidden' name='search' value='".$row["inspectionID"]."'</input></form></th></tr>";
}
$results = $results . "</table>";
}
else {
$numResults = "0 results";
}
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){ echo $username; } ?></a></li>
</ul>
<div class="form">
<form class="centerBoxes" action = "" method = "post">
<br/>
<input class="searchField" placeholder="Place Number" type = "text" name = "placeNumber"/>
<input class="searchField" placeholder="Date (YYYY-MM-DD)" type = "text" name = "date"/>
<p style="color:white; margin-left:5px; margin-right:5px;">Tick to search for uncompleted logs</p><input type="checkbox" name="conditionSatisfactory" value="Yes"/>
<input class="searchField" type = "submit" value = "Search"/>
<br/>
</form>
<p><?php if(isset($numResults)){echo $numResults;}?></p>
<div id="results">
<?php if(isset($results)){echo $results; }?>
</div>
</div>
</body>
</html>
Website/InspectionView.php 0 → 100644
View file @ 07c60f23
<?php
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
if(isset($_POST['search'])) {
$id = $_POST['search'];
}
else if (isset($_POST['updateLog'])) {
$valid = true;
$condition = $_POST['condition'];
$additional = $_POST['additionalComments'];
$staffID = $_POST['staffID'];
$logID = $_POST['inspectionID'];
if(!empty($staffID)) {
if (!is_int((int)$staffID)) {
$message = "Please enter your staff ID";
$valid=false;
}
}
else {
$message = "Please enter your staff ID";
$valid=false;
}
if(empty($condition) && empty($additional)) {
$message = "Please enter why the condition was unsatisfactory.";
$valid=false;
}
if(!empty($condition)) {
$condition = 1;
}
else {
$condition = 0;
}
$sql = "UPDATE Inspection SET conditionSatisfactory='$condition', additionalComments='$additional', staffID='$staffID' WHERE inspectionID='$logID'";
if($valid==true && !empty($sql)) {
if ($db->query($sql)) {
$message = "The update is successful!";
}
else {
$message = $db->error;
}
}
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){echo $username;}?></a></li>
</ul>
<div class="updateResults">
<form action = "" method = "post">
<a><?php if(isset($message)){echo $message;}?></a>
<p>Was the condition of the room satisfactory?</p>
<input type="checkbox" name="condition" value="Yes" checked/>
<p>Additional Comments</p>
<input placeholder="Enter here" class="resultField" type = "text" name = "additionalComments"/>
<p>Staff ID</p>
<input placeholder="Enter here" class="resultField" type = "text" name = "staffID"/>
<input type='hidden' name='inspectionID' value="<?php if(isset($id)){echo $id;} ?>"/>
<hr>
<input type="submit" name="updateLog" value="Update Inspection Log"/>
<a href="InspectionSearch.php"><input class="backButton" type="button" value="Search Inspections" /></a>
</form>
</div>
</body>
</html>
Website/InvoiceSearch.php 0 → 100644
View file @ 07c60f23
<?php
function validateDate($date) {
$Date = explode('-', $date);
return checkdate($Date[1], $Date[2], $Date[0]);
}
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
$leaseNumber = $_POST['leaseNumber'];
$paymentMethod = strtolower($_POST['paymentMethod']);
$semester = $_POST['semester'];
$dateDue = $_POST['dateDue'];
$datePaid = $_POST['datePaid'];
$sql="";
if(!empty($dateDue) && !validateDate($dateDue)) {
$numResults="Enter a valid date due.";
}
else if(!empty($datePaid) && !validateDate($datePaid)) {
$numResults="Enter a valid date paid.";
}
else {
$sql = "SELECT DISTINCT invoiceID, leaseNumber, semester, dateDue FROM Invoice WHERE leaseNumber='$leaseNumber' OR semester='$semester' OR paymentMethod='$paymentMethod' OR dateDue='$dateDue' OR datePaid='$datePaid'";
}
if(isset($sql)) {
$result = mysqli_query($db,$sql) or die(mysqli_error($db));
$count = mysqli_num_rows($result);
if($count >= 1) {
$numResults = $count . " results";
$results = "<table><tr><th>Lease Number</th><th>Semester</th><th>Date Due</th><th>More Details</th></tr>";
while($row = mysqli_fetch_array($result)) {
$results = $results . "<tr><th>".$row["leaseNumber"]."</th><th>".$row["semester"]."</th><th>".$row["dateDue"]."</th><th><form action='InvoiceView.php' method='post'><input style='margin-top:15px;' type='submit' value='View'/><input type='hidden' name='search' value='".$row["invoiceID"]."'</input></form></th></tr>";
}
$results = $results . "</table>";
}
else {
$numResults = "0 results";
}
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){ echo $username; } ?></a></li>
</ul>
<div class="form">
<form class="centerBoxes" action = "" method = "post">
<br/>
<input class="searchField" placeholder="Lease Number" type = "text" name = "leaseNumber"/>
<input class="searchField" placeholder="Payment Method" type = "text" name = "paymentMethod"/>
<input class="searchField" placeholder="Semester" type = "text" name = "semester"/>
<input class="searchField" placeholder="Date Due (YYYY-MM-DD)" type = "text" name = "dateDue"/>
<input class="searchField"placeholder="Date Paid (YYYY-MM-DD)" type = "text" name = "datePaid"/>
<input class="searchField" type = "submit" value = "Search"/>
<br/>
</form>
<p><?php if(isset($numResults)){echo $numResults;}?></p>
<div id="results">
<?php if(isset($results)){echo $results; }?>
</div>
</div>
</body>
</html>
Website/InvoiceView.php 0 → 100644
View file @ 07c60f23
This diff is collapsed.
Website/LeaseSearch.php 0 → 100644
View file @ 07c60f23
<?php
function validateDate($date) {
$Date = explode('-', $date);
return checkdate($Date[1], $Date[2], $Date[0]);
}
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
$leaseNumber = $_POST['leaseNumber'];
$leaseStart = $_POST['leaseStart'];
$leaseEnd = $_POST['leaseEnd'];
$leaseDurationInSemesters = $_POST['leaseDurationInSemesters'];
if (!empty($leaseStart) && !empty($leaseEnd) && validateDate($leaseStart) && validateDate($leaseEnd)) {
$sql="SELECT DISTINCT leaseNumber, leaseDurationInSemesters, leaseStart, leaseEnd, placeNumber FROM Lease WHERE leaseNumber='$leaseNumber' OR leaseDurationInSemesters='$leaseDurationInSemesters' OR (leaseStart BETWEEN '$leaseStart' AND '$leaseEnd' OR leaseEnd BETWEEN '$leaseStart' AND '$leaseEnd')";
}
else {
$sql="SELECT DISTINCT leaseNumber, leaseDurationInSemesters, leaseStart, leaseEnd, placeNumber FROM Lease WHERE leaseNumber='$leaseNumber' OR leaseDurationInSemesters='$leaseDurationInSemesters'";
}
if(isset($sql)) {
$result = mysqli_query($db,$sql) or die(mysqli_error($db));
$count = mysqli_num_rows($result);
if($count >= 1) {
$numResults = $count . " results";
$results = "<table><tr><th>Lease Number</th><th>Duration (Semesters)</th><th>Start Date</th><th>End Date</th><th>Place Number</th><th>More Details</th></tr>";
while($row = mysqli_fetch_array($result)) {
$results = $results . "<tr><th>".$row["leaseNumber"]."</th><th>".$row["leaseDurationInSemesters"]."</th><th>".$row["leaseStart"]."</th><th>".$row["leaseEnd"]."</th><th>".$row["placeNumber"]."</th><th><form action='LeaseView.php' method='post'><input style='margin-top:15px;' type='submit' value='View'/><input type='hidden' name='search' value='".$row["leaseNumber"]."'</input></form></th></tr>";
}
$results = $results . "</table>";
}
else {
$numResults = "0 results";
}
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){ echo $username; } ?></a></li>
</ul>
<div class="form">
<form class="centerBoxes" action = "" method = "post">
<br/>
<input class="searchField" placeholder="Lease Number" type = "text" name = "leaseNumber"/>
<input class="searchField" placeholder="Duration (Semesters)" type = "text" name = "leaseDurationInSemesters"/>
<input class="searchField" placeholder="Start Date (YYYY-MM-DD)" type = "text" name = "leaseStart"/>
<input class="searchField"placeholder="End Date (YYYY-MM-DD)" type = "text" name = "leaseEnd"/>
<input class="searchField" type = "submit" value = "Search"/>
<br/>
</form>
<p><?php if(isset($numResults)){echo $numResults;}?></p>
<div id="results">
<?php if(isset($results)){echo $results; }?>
</div>
</div>
</body>
</html>
Website/LeaseView.php 0 → 100644
View file @ 07c60f23
<?php
function validateDate($date) {
$Date = explode('-', $date);
return checkdate($Date[1], $Date[2], $Date[0]);
}
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
//Read Data
if(isset($_POST['search'])) {
$leaseNumber = $_POST['search'];
$sql = NULL;
$leaseNumber = mysqli_real_escape_string($db, $leaseNumber);
$sql = "SELECT leaseNumber, leaseDurationInSemesters, leaseStart, leaseEnd, placeNumber FROM Lease WHERE leaseNumber='$leaseNumber'";
if(isset($sql)) {
$result = mysqli_query($db,$sql) or die(mysqli_error($db));
$count = mysqli_num_rows($result);
$result = mysqli_fetch_array($result);
if($count >= 1) {
$leaseNumber = $result['leaseNumber'];
$leaseDurationInSemesters = $result['leaseDurationInSemesters'];
$leaseStart = $result['leaseStart'];
$leaseEnd = $result['leaseEnd'];
$placeNumber = $result['placeNumber'];
}
else {
header("location: LeaseSearch.php");
}
}
}
if ($_POST['action'] == "Update Details") {
//Update Data
$message = "";
$valid=true;
//error_log("Reached 1", 0);
//Check shared fields
if(isset($_POST['leaseNumber']) && isset($_POST['leaseDurationInSemesters'])) {
//Generic Details Defined
$leaseNumber = $_POST['leaseNumber'];
$leaseDurationInSemesters = $_POST['leaseDurationInSemesters'];
$leaseStart = $_POST['leaseStart'];
$leaseEnd = $_POST['leaseEnd'];
$placeNumber = $_POST['placeNumber'];
if(!empty($leaseStart)) {
if (!validateDate($leaseStart)) {
$message = "Please enter a valid start date (YYYY-MM--DD)";
$valid=false;
}
}
else {
$message = "Please enter a valid start date (YYYY-MM--DD)";
$valid=false;
}
if(!empty($leaseEnd)) {
if (!validateDate($leaseEnd)) {
$message = "Please enter a valid end date (YYYY-MM--DD)";
$valid=false;
}
}
if(!empty(leaseStart) && !empty(leaseEnd) && validateDate($leaseStart) && validateDate($leaseEnd)) {
if(strtotime($leaseStart) >= strtotime($leaseEnd)) {
$message = "The end date must come after the start date!";
$valid=false;
}
}
if(!empty($leaseDurationInSemesters)) {
if (!is_int((int)$leaseDurationInSemesters)) {
$message = "Please enter a valid integer duration (in semesters)";
$valid=false;
}
}
else {
$message = "Please enter a valid integer duration (in semesters)";
$valid=false;
}
if(!empty($placeNumber)) {
if (!is_int((int)$placeNumber)) {
$message = "Please enter a valid place number";
$valid=false;
}
}
else {
$message = "Please enter a valid place number";
$valid=false;
}
$sqlGeneric = "";
if(!empty($leaseNumber) && !empty($leaseEnd)) {
$sqlGeneric = "UPDATE Lease SET leaseDurationInSemesters='$leaseDurationInSemesters', leaseStart='$leaseStart', leaseEnd='$leaseEnd', placeNumber='$placeNumber' WHERE leaseNumber='$leaseNumber'";
}
else if(!empty($leaseNumber) && empty($leaseEnd)) {
$sqlGeneric = "UPDATE Lease SET leaseDurationInSemesters='$leaseDurationInSemesters', leaseStart='$leaseStart', placeNumber='$placeNumber' WHERE leaseNumber='$leaseNumber'";
}
else {
if(empty($message)) {
$message = "An error occurred! The information was not updated!";
$valid=false;
}
}
if($valid==true && !empty($sqlGeneric)) {
if ($db->query($sqlGeneric)) {
$message = "The update is successful!";
}
else {
$message = $db->error;
}
}
}
}
else if ($_POST['action'] == "Delete Record") {
if(!empty($_POST['deleteRecord']) && isset($_POST['leaseID'])) {
$id = $_POST['leaseID'];
$sqlUpdate = "UPDATE Student SET leaseID = NULL WHERE leaseID='$id'";
$sqlUpdate2 = "UPDATE Invoice SET leaseID = NULL WHERE leaseID='$id'";
$sqlDelete = "DELETE FROM Lease WHERE leaseID='$id'";
$errors = [];
$db->autocommit(FALSE);
if(!$db->query($sqlUpdate)) {
$errors[] = $db->error;
}
if(!$db->query($sqlUpdate2)) {
$errors[] = $db->error;
}
if(!$db->query($sqlDelete)) {
$errors[] = $db->error;
}
if (count($errors) ===0) {
$db->commit();
$message = "The staff member has been created.";
}
else {
$db->rollback();
foreach($errors as $e) {
$message = $message . "Error: " . $e . "<br>";
}
}
$db->autocommit(TRUE);
}
else {
$message = "You must confirm by ticking the box to delete the record!";
}
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){echo $username;}?></a></li>
</ul>
<div class="updateResults">
<form action = "" method = "post">
<a><?php if(isset($message)){echo $message;}?></a>
<p>Lease Number</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($leaseNumber)){echo $leaseNumber;} ?>" type = "text" name = "leaseNumber" readonly/>
<p>Lease Duration (In Semesters)</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($leaseDurationInSemesters)){echo $leaseDurationInSemesters;} ?>" type = "text" name = "leaseDurationInSemesters"/>
<p>Lease Start Date</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($leaseStart)){echo $leaseStart;} ?>" type = "text" name = "leaseStart"/>
<p>Lease End Date</p>
<input placeholder="N/A" placeholder="N/A" class="resultField" value="<?php if(isset($leaseEnd)){echo $leaseEnd;} ?>" type = "text" name = "leaseEnd"/>
<p>Place Number</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($placeNumber)){echo $placeNumber;} ?>" type = "text" name = "placeNumber"/>
<hr>
<input type="submit" name="action" value="Update Details"/>
<hr>
<div style="display:flex; justify-content:center;">
<a>Tick the box to delete the record</a><input type="checkbox" name="deleteRecord" value="Yes"/>
</div>
<hr>
<input type="submit" name="action" value="Delete Record"/>
<hr>
<a href="ApartmentSearch.php"><input class="backButton" type="button" value="Create New Search" /></a>
</form>
</div>
</body>
</html>
Website/Login.php 0 → 100644
View file @ 07c60f23
<?php
include("Config.php");
session_start();
$error= " ";
if(isset($dbError)) {
$error = $dbError;
}
if($_SERVER["REQUEST_METHOD"] == "POST") {
$username = $_POST['username'];
$splitName = explode(".", $username);
$firstname = mysqli_real_escape_string($db,$splitName[0]);
$lastname = mysqli_real_escape_string($db,$splitName[1]);
$password = md5(mysqli_real_escape_string($db,$_POST['password']));
$sql = "SELECT a.staffID FROM ResidentStaff a INNER JOIN GeneralDetails b ON a.detailsID=b.detailsID INNER JOIN Login c ON a.loginID=c.loginID WHERE b.firstname='$firstname' AND b.lastname='$lastname' AND c.password='$password'";
$result = mysqli_query($db,$sql) or die(mysqli_error($connection));
$count = mysqli_num_rows($result);
if($count == 1) { //If the result returns 1 row, then the login is accepted.
$_SESSION['username'] = $username;
header("location: Dashboard.php");
}
else {
$error = "Either the password or username was incorrect!";
}
}
?>
<html>
<head>
<title>Login</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css">
</head>
<body bgcolor="#FFFFFF">
<div align="center">
<div class="centered" align="center">
<div class="heading"><b>YAHUAS Staff Login</b></div>
<div style = "margin:30px">
<form action = "" method = "post">
<input style="width:80%" placeholder="Username" type = "text" name = "username" class = "box"/>
<br/><br/>
<input style="width:80%" placeholder="Password" type = "password" name = "password" class = "box" />
<br/><br/>
<input style="width:80%" type = "submit" value = "Login"/>
<br/>
</form>
<div style = "font-size:11px; color:#cc0000; margin-top:10px"><?php echo $error; ?></div>
</div>
</div>
</div>
</body>
</html>
\ No newline at end of file
Website/Logout.php 0 → 100644
View file @ 07c60f23
<?php
session_start();
session_destroy();
header("Location: Login.php");
?>
\ No newline at end of file
Website/OccupancyReport.php 0 → 100644
View file @ 07c60f23
<?php
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
$apartmentID = $_POST['apartmentID'];
$hallID = $_POST['hallID'];
$all = $_POST['all'];
if(!empty($all)) {
//If All
$sql = "SELECT a.placeNumber, a.roomNumber, a.floorNumber, a.monthlyRate, a.hallID, a.apartmentID, d.firstname, d.lastname, d.email, d.mobile FROM Room a INNER JOIN Lease b ON a.placeNumber=b.placeNumber INNER JOIN Student c ON b.leaseNumber=c.leaseNumber INNER JOIN GeneralDetails d ON c.detailsID=d.detailsID";
}
else if(!empty($apartmentID) && empty($hallID)) {
//If Apartment Id
$sql = "SELECT a.placeNumber, a.roomNumber, a.floorNumber, a.monthlyRate, a.hallID, a.apartmentID, d.firstname, d.lastname, d.email, d.mobile FROM Room a INNER JOIN Lease b ON a.placeNumber=b.placeNumber INNER JOIN Student c ON b.leaseNumber=c.leaseNumber INNER JOIN GeneralDetails d ON c.detailsID=d.detailsID WHERE a.apartmentID='$apartmentID'";
}
else if(!empty($hallID) && empty($apartmentID)) {
//If Hall Id
$sql = "SELECT a.placeNumber, a.roomNumber, a.floorNumber, a.monthlyRate, a.hallID, a.apartmentID, d.firstname, d.lastname, d.email, d.mobile FROM Room a INNER JOIN Lease b ON a.placeNumber=b.placeNumber INNER JOIN Student c ON b.leaseNumber=c.leaseNumber INNER JOIN GeneralDetails d ON c.detailsID=d.detailsID WHERE a.hallID='$hallID'";
}
else if(!empty($hallID) && !empty($apartmentID)) {
//If Hall Id
$sql = "SELECT a.placeNumber, a.roomNumber, a.floorNumber, a.monthlyRate, a.hallID, a.apartmentID, d.firstname, d.lastname, d.email, d.mobile FROM Room a INNER JOIN Lease b ON a.placeNumber=b.placeNumber INNER JOIN Student c ON b.leaseNumber=c.leaseNumber INNER JOIN GeneralDetails d ON c.detailsID=d.detailsID WHERE a.hallID='$hallID' OR a.apartmentID='$apartmentID'";
}
else {
$numResults = "You can produce a report on all rooms or those beloning to an apartment and/or hall";
}
if(isset($sql)) {
$result = mysqli_query($db,$sql) or die(mysqli_error($db));
$count = mysqli_num_rows($result);
if($count >= 1) {
$numResults = $count . " results";
$results = "<table><tr><th>Place Number</th><th>Room Number</th><th>Floor Number</th><th>Monthly Rate</th><th>Hall Id</th><th>Apartment Id</th><th>Occupant's First Name</th><th>Occupant's Last Name</th><th>Occupant's Email</th><th>Occupant's Mobile</th></tr>";
while($row = mysqli_fetch_array($result)) {
$apartmentID=$row["apartmentID"];
$hallID=$row["hallID"];
if(empty($apartmentID)) {
$apartmentID= "N/A";
}
if(empty($hallID)) {
$hallID= "N/A";
}
$results = $results . "<tr><th>".$row["placeNumber"]."</th><th>".$row["roomNumber"]."</th><th>".$row["floorNumber"]."</th><th>".$row["monthlyRate"]."</th><th>".$hallID."</th><th>".$apartmentID."</th><th>".ucfirst($row["firstname"])."</th><th>".ucfirst($row["lastname"])."</th><th>".$row["email"]."</th><th>".$row["mobile"]."</th></tr>";
}
$results = $results . "</table>";
$button = "<input class='print' type='button' value='Print' onclick='window.print()'>";
}
else {
$numResults = "0 results";
}
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<div class="noPrint">
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){ echo $username; } ?></a></li>
</ul>
</div>
<div class="form">
<div class="noPrint">
<form class="centerBoxes" action = "" method = "post">
<br/>
<input class="searchField" placeholder="Apartment Id" type = "text" name = "apartmentID"/>
<input class="searchField" placeholder="Hall Id" type = "text" name = "hallID"/>
<p style="color:white; margin-left:5px; margin-right:5px;">Tick to search for all occupants</p>
<input type="checkbox" name="all" value="Yes"/>
<input class="searchField" type = "submit" value = "Produce Occupancy Report"/>
<br/>
</form>
</div>
<p><?php if(isset($numResults)){echo $numResults;}?></p>
<div id="results">
<?php if(isset($results)){echo $results; }?>
</div>
<div class="noPrint">
<?php if(isset($button)){echo $button; }?>
</div>
</div>
</body>
</html>
Website/OverdueInvoiceReport.php 0 → 100644
View file @ 07c60f23
<?php
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
$semester = $_POST['semester'];
if(!empty($semester) && is_int((int)$semester)) {
$sql = "SELECT a.invoiceID, a.paymentDue, a.dateDue, a.datePaid, a.semester, a.leaseNumber, d.firstname, d.lastname, d.email, d.mobile FROM Invoice a INNER JOIN Lease b ON a.leaseNumber=b.leaseNumber INNER JOIN Student c ON b.leaseNumber=c.leaseNumber INNER JOIN GeneralDetails d ON c.detailsID=d.detailsID WHERE a.datePaid IS NULL AND a.semester='$semester'";
}
else {
$numResults = "Please enter the semester number!";
}
if(isset($sql)) {
$result = mysqli_query($db,$sql) or die(mysqli_error($db));
$count = mysqli_num_rows($result);
if($count >= 1) {
$numResults = $count . " results";
$results = "<table><tr><th>Invoice Id</th><th>Date Due</th><th>Semester</th><th>Lease Number</th><th>Payment Due</th><th>First Name</th><th>Last Name</th><th>Email</th><th>Mobile</th></tr>";
while($row = mysqli_fetch_array($result)) {
$results = $results . "<tr><th>".$row["invoiceID"]."</th><th>".$row["dateDue"]."</th><th>".$row["semester"]."</th><th>".$row["leaseNumber"]."</th><th>£".$row["paymentDue"]."</th><th>".ucfirst($row['firstname'])."</th><th>".ucfirst($row['lastname'])."</th><th>".$row['email']."</th><th>".$row['mobile']."</th></tr>";
}
$results = $results . "</table>";
$button = "<input class='print' type='button' value='Print' onclick='window.print()'>";
}
else {
$numResults = "0 results";
}
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<div class="noPrint">
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){ echo $username; } ?></a></li>
</ul>
</div>
<div class="form">
<div class="noPrint">
<form class="centerBoxes" action = "" method = "post">
<br/>
<input class="searchField" placeholder="Semester (1/2/3)" type = "text" name = "semester"/>
<input class="searchField" type = "submit" value = "Produce Unpaid Invoice Report"/>
<br/>
</form>
</div>
<p><?php if(isset($numResults)){echo $numResults;}?></p>
<div id="results">
<?php if(isset($results)){echo $results; }?>
</div>
<div class="noPrint">
<?php if(isset($button)){echo $button; }?>
</div>
</div>
</body>
</html>
Website/PeopleSearch.php 0 → 100644
View file @ 07c60f23
<?php
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$email = $_POST['email'];
$mobile = $_POST['mobile'];
$firstname = mysqli_real_escape_string($db, strtolower($firstname));
$lastname = mysqli_real_escape_string($db, strtolower($lastname));
$email = mysqli_real_escape_string($db, $email);
$mobile = mysqli_real_escape_string($db, $mobile);
$sql = "SELECT detailsID, firstname, lastname, email, mobile FROM GeneralDetails WHERE firstname='$firstname' OR lastname='$lastname' OR email='$email' OR mobile='$mobile'";
if(isset($sql)) {
$result = mysqli_query($db,$sql) or die(mysqli_error($db));
$count = mysqli_num_rows($result);
if($count >= 1) {
$numResults = $count . " results";
$results = "<table><tr><th>First name</th><th>Last name</th><th>Email</th><th>Mobile</th><th>More Details</th></tr>";
while($row = mysqli_fetch_array($result)) {
$results = $results . "<tr><th>".ucfirst($row["firstname"])."</th><th>".ucfirst($row["lastname"])."</th><th>".$row["email"]."</th><th>".$row["mobile"]."</th><th><form action='PeopleView.php' method='post'><input style='margin-top:15px;' type='submit' value='View'/><input type='hidden' name='search' value='". $row["detailsID"] ."'</input></form></th></tr>";
}
$results = $results . "</table>";
}
else {
$numResults = "0 results";
}
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){ echo $username; } ?></a></li>
</ul>
<div class="form">
<form class="centerBoxes" action = "" method = "post">
<br/>
<input class="searchField" placeholder="First name" type = "text" name = "firstname"/>
<input class="searchField" placeholder="Last name" type = "text" name = "lastname"/>
<input class="searchField" placeholder="Email" type = "text" name = "email"/>
<input class="searchField"placeholder="Mobile" type = "text" name = "mobile"/>
<input class="searchField" type = "submit" value = "Search"/>
<br/>
</form>
<p><?php if(isset($numResults)){echo $numResults;}?></p>
<div id="results">
<?php if(isset($results)){echo $results; }?>
</div>
</div>
</body>
</html>
Website/PeopleView.php 0 → 100644
View file @ 07c60f23
This diff is collapsed.
Website/PlannedInspectionReport.php 0 → 100644
View file @ 07c60f23
<?php
include('Session.php');
$username = $_SESSION['username'];
$date = date("Y-m-d");
if($_SERVER["REQUEST_METHOD"] == "POST") {
$sql = "SELECT a.inspectionID, b.placeNumber, b.apartmentID, b.hallID, a.date FROM Inspection a INNER JOIN Room b ON a.placeNumber=b.placeNumber WHERE conditionSatisfactory IS NULL";
if(isset($sql)) {
$result = mysqli_query($db,$sql) or die(mysqli_error($db));
$count = mysqli_num_rows($result);
if($count >= 1) {
$numResults = $count . " results";
$results = "<table><tr><th>Inspection Id</th><th>Date</th><th>Place Number</th><th>Hall ID</th><th>Apartment ID</th></tr>";
while($row = mysqli_fetch_array($result)) {
$apartmentID=$row["apartmentID"];
$hallID=$row["hallID"];
if(empty($apartmentID)) {
$apartmentID= "N/A";
}
if(empty($hallID)) {
$hallID= "N/A";
}
$results = $results . "<tr><th>".$row["inspectionID"]."</th><th>".$row["date"]."</th><th>".$row["placeNumber"]."</th><th>".$hallID."</th><th>".$apartmentID."</th></tr>";
}
$results = $results . "</table>";
$button = "<input class='print' type='button' value='Print' onclick='window.print()'>";
}
else {
$numResults = "0 results";
}
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<div class="noPrint">
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){ echo $username; } ?></a></li>
</ul>
</div>
<div class="form">
<div class="noPrint">
<form class="centerBoxes" action = "" method = "post">
<br/>
<input class="searchField" type = "submit" value = "Produce Planned Inspection Report"/>
<br/>
</form>
</div>
<p><?php if(isset($numResults)){echo $numResults;}?></p>
<div id="results">
<?php if(isset($results)){echo $results; }?>
</div>
<div class="noPrint">
<?php if(isset($button)){echo $button; }?>
</div>
</div>
</body>
</html>
Website/ReportDashboard.php 0 → 100644
View file @ 07c60f23
<?php
include('Session.php');
$username = $_SESSION['username'];
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php echo $username;?></a></li>
</ul>
<div class="dashboard">
<ul class="navBar">
<li><a href="RoomVacancyReport.php">Room Vacancy Report</a></li>
<li><a href="WaitingReport.php">Waiting Student's Report</a></li>
<li><a href="OverdueInvoiceReport.php">Unpaid Invoice Report</a></li>
<li><a href="InspectionReport.php">Inspection Damage Report</a></li>
</ul>
<ul class="navBar">
<li><a href="PlannedInspectionReport.php">Planned Inspection Report</a></li>
<li><a href="OccupancyReport.php">Occupancy Report</a></li>
<li><a href="IncomeReport.php">Income Report</a></li>
<li><a href="UnknownLeavingReport.php">Unknown Leaving Date Report</a></li>
</ul>
<ul class="navBar">
<li><a href="Dashboard.php">Back</a></li>
</ul>
</div>
</body>
</html>
Website/RoomSearch.php 0 → 100644
View file @ 07c60f23
<?php
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
$placeNumber = $_POST['placeNumber'];
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$byName=false;
if(!empty($placeNumber)) {
$placeNumber = mysqli_real_escape_string($db, $placeNumber);
$sql = "IF EXISTS (SELECT 1 FROM Room a INNER JOIN Lease b ON a.placeNumber=b.placeNumber INNER JOIN Student c ON c.leaseNumber=b.placeNumber INNER JOIN GeneralDetails d ON d.detailsID=c.detailsID WHERE a.placeNumber='$placeNumber')
THEN
SELECT a.placeNumber, a.roomNumber, a.floorNumber, a.monthlyRate, d.firstname, d.lastname FROM Room a INNER JOIN Lease b ON a.placeNumber=b.placeNumber INNER JOIN Student c ON c.leaseNumber=b.placeNumber INNER JOIN GeneralDetails d ON d.detailsID=c.detailsID WHERE a.placeNumber='$placeNumber' LIMIT 1;
ELSE
SELECT placeNumber, roomNumber, floorNumber, monthlyRate FROM Room WHERE placeNumber='$placeNumber' LIMIT 1;
END IF;";
}
else if(!empty($firstname) && !empty($lastname)) {
$placeNumber = mysqli_real_escape_string($db, $placeNumber);
$sql = "SELECT d.firstname, d.lastname, a.placeNumber, a.roomNumber, a.floorNumber, a.monthlyRate FROM Room a INNER JOIN Lease b ON a.placeNumber=b.placeNumber INNER JOIN Student c ON c.leaseNumber=b.placeNumber INNER JOIN GeneralDetails d ON d.detailsID=c.detailsID WHERE d.firstname='$firstname' AND d.lastname='$lastname' LIMIT 1";
}
else {
$numResults = "You can search by a place number or by the occupants full name!";
}
if(isset($sql)) {
$result = mysqli_query($db,$sql) or die(mysqli_error($db));
$count = mysqli_num_rows($result);
if($count >= 1) {
$numResults = $count . " results";
$row = mysqli_fetch_assoc($result);
if(isset($row['firstname'])) {
$results = "<table><tr><th>Place Number</th><th>Room Number</th><th>Floor Number</th><th>Monthly Rate</th><th>Occupant</th><th>More Details</th></tr><tr><th>".$row["placeNumber"]."</th><th>".$row["roomNumber"]."</th><th>".$row["floorNumber"]."</th><th>£".$row["monthlyRate"]."</th><th>".ucfirst($row["firstname"])." ".ucfirst($row['lastname'])."</th><th><form action='RoomView.php' method='post'><input style='margin-top:15px;' type='submit' value='View'/><input type='hidden' name='search' value='".$row["placeNumber"]."'</input></form></th></tr></table>";
}
else {
$results = "<table><tr><th>Place Number</th><th>Room Number</th><th>Floor Number</th><th>Monthly Rate</th><th>More Details</th></tr><tr><th>".$row["placeNumber"]."</th><th>".$row["roomNumber"]."</th><th>".$row["floorNumber"]."</th><th>£".$row["monthlyRate"]."</th><th><form action='RoomView.php' method='post'><input style='margin-top:15px;' type='submit' value='View'/><input type='hidden' name='search' value='".$row["placeNumber"]."'</input></form></th></tr></table>";
}
}
else {
$numResults = "0 results";
}
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){ echo $username; } ?></a></li>
</ul>
<div class="form">
<form class="centerBoxes" action = "" method = "post">
<br/>
<input class="searchField" placeholder="Place number" type = "text" name = "placeNumber"/>
<input class="searchField" placeholder="First name" type = "text" name = "firstname"/>
<input class="searchField" placeholder="Last name" type = "text" name = "lastname"/>
<input class="searchField" type = "submit" value = "Search"/>
<br/>
</form>
<p><?php if(isset($numResults)){echo $numResults;}?></p>
<div id="results">
<?php if(isset($results)){echo $results; }?>
</div>
</div>
</body>
</html>
Website/RoomVacancyReport.php 0 → 100644
View file @ 07c60f23
<?php
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
$apartmentID = $_POST['apartmentID'];
$hallID = $_POST['hallID'];
$all = $_POST['all'];
if(isset($all) && !empty($all)) {
//If All
$sql = "SELECT placeNumber, roomNumber, floorNumber, monthlyRate, hallID, apartmentID FROM Room WHERE placeNumber NOT IN (SELECT a.placeNumber FROM Lease a)";
}
else if(!empty($apartmentID) && empty($hallID)) {
//If Apartment Id
$sql = "SELECT placeNumber, roomNumber, floorNumber, monthlyRate, hallID, apartmentID FROM Room WHERE placeNumber NOT IN (SELECT a.placeNumber FROM Lease a) AND apartmentID='$apartmentID'";
}
else if(!empty($hallID) && empty($apartmentID)) {
//If Hall Id
$sql = "SELECT placeNumber, roomNumber, floorNumber, monthlyRate, hallID, apartmentID FROM Room WHERE placeNumber NOT IN (SELECT a.placeNumber FROM Lease a) AND hallID='$hallID'";
}
else if(!empty($hallID) && !empty($apartmentID)) {
//If Hall Id
$sql = "SELECT placeNumber, roomNumber, floorNumber, monthlyRate, hallID, apartmentID FROM Room WHERE placeNumber NOT IN (SELECT a.placeNumber FROM Lease a) AND (hallID='$hallID' OR apartmentID='$apartmentID')";
}
else {
$numResults = "You can produce a report on all rooms or those beloning to an apartment and/or hall";
}
if(isset($sql)) {
$result = mysqli_query($db,$sql) or die(mysqli_error($db));
$count = mysqli_num_rows($result);
if($count >= 1) {
$numResults = $count . " results";
$results = "<table><tr><th>Place Number</th><th>Room Number</th><th>Floor Number</th><th>Monthly Rate</th><th>Hall Id</th><th>Apartment Id</th></tr>";
while($row = mysqli_fetch_array($result)) {
$apartmentID=$row["apartmentID"];
$hallID=$row["hallID"];
if(empty($apartmentID)) {
$apartmentID= "N/A";
}
if(empty($hallID)) {
$hallID= "N/A";
}
$results = $results . "<tr><th>".$row["placeNumber"]."</th><th>".$row["roomNumber"]."</th><th>".$row["floorNumber"]."</th><th>".$row["monthlyRate"]."</th><th>".$hallID."</th><th>".$apartmentID."</th></tr>";
}
$results = $results . "</table>";
$button = "<input class='print' type='button' value='Print' onclick='window.print()'>";
}
else {
$numResults = "0 results";
}
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<div class="noPrint">
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){ echo $username; } ?></a></li>
</ul>
</div>
<div class="form">
<div class="noPrint">
<form class="centerBoxes" action = "" method = "post">
<br/>
<input class="searchField" placeholder="Apartment Id" type = "text" name = "apartmentID"/>
<input class="searchField" placeholder="Hall Id" type = "text" name = "hallID"/>
<p style="color:white; margin-left:5px; margin-right:5px;">Tick to search for all vancant rooms</p>
<input type="checkbox" name="all" value="Yes"/>
<input class="searchField" type = "submit" value = "Produce Vacancy Report"/>
<br/>
</form>
</div>
<p><?php if(isset($numResults)){echo $numResults;}?></p>
<div id="results">
<?php if(isset($results)){echo $results; }?>
</div>
<div class="noPrint">
<?php if(isset($button)){echo $button; }?>
</div>
</div>
</body>
</html>
Website/RoomView.php 0 → 100644
View file @ 07c60f23
<?php
include('Session.php');
$username = $_SESSION['username'];
if($_SERVER["REQUEST_METHOD"] == "POST") {
//Read Data
if(isset($_POST['search'])) {
$placeNumber = $_POST['search'];
$sql = NULL;
$placeNumber = mysqli_real_escape_string($db, $placeNumber);
$sql = "SELECT placeNumber, roomNumber, floorNumber, monthlyRate, hallID, apartmentID FROM Room WHERE placeNumber='$placeNumber'";
if(isset($sql)) {
$result = mysqli_query($db,$sql) or die(mysqli_error($db));
$count = mysqli_num_rows($result);
$result = mysqli_fetch_array($result);
if($count >= 1) {
$placeNumber = $result['placeNumber'];
$roomNumber = $result['roomNumber'];
$floorNumber = $result['floorNumber'];
$monthlyRate = $result['monthlyRate'];
$hallID = $result['hallID'];
$apartmentID = $result['apartmentID'];
}
else {
header("location: RoomSearch.php");
}
}
}
//Update Data
if($_POST['action'] == "Update Details") {
$message = "";
$valid=true;
//error_log("Reached 1", 0);
//Check shared fields
if(isset($_POST['placeNumber']) && isset($_POST['roomNumber'])) {
//Generic Details Defined
$placeNumber = $_POST['placeNumber'];
$roomNumber = $_POST['roomNumber'];
$floorNumber = $_POST['floorNumber'];
$monthlyRate = $_POST['monthlyRate'];
$hallID = $_POST['hallID'];
$apartmentID = $_POST['apartmentID'];
if(empty($roomNumber)) {
$message = "Please enter a a room number";
$valid=false;
}
if(!empty($hallID) && !empty($apartmentID)) {
$message= "Please enter either an apartment Id or a hall Id";
$valid=false;
}
else if(empty($hallID) && !empty($apartmentID)) {
if(!is_int((int)$apartmentID)) {
$message= "Please enter a valid integer for the apartment Id";
$valid=false;
}
}
else if(!empty($hallID) && empty($apartmentID)) {
if(!is_int((int)$hallID)) {
$message= "Please enter a valid integer for the hall Id";
$valid=false;
}
}
else {
$message= "Please enter either an apartment Id or a hall Id";;
$valid=false;
}
if(empty($monthlyRate)) {
$message= "Please enter the monthly rate";
$valid=false;
}
else if(!is_int((int)$monthlyRate)) {
$message= "Please enter a valid integer for the monthly rate";
$valid=false;
}
$sqlGeneric = "";
if(!empty($placeNumber) && !empty($apartmentID)) {
$sqlGeneric = "UPDATE Room SET roomNumber='$roomNumber', floorNumber='$floorNumber', monthlyRate='$monthlyRate', hallID=NULL, apartmentID='$apartmentID' WHERE placeNumber='$placeNumber'";
}
else if(!empty($placeNumber) && !empty($hallID)) {
$sqlGeneric = "UPDATE Room SET roomNumber='$roomNumber', floorNumber='$floorNumber', monthlyRate='$monthlyRate', hallID='$hallID', apartmentID=NULL WHERE placeNumber='$placeNumber'";
}
else {
if(empty($message)) {
$message = "An error occurred! The information was not updated!";
$valid=false;
}
}
if($valid==true && !empty($sqlGeneric)) {
if ($db->query($sqlGeneric)) {
$message = "The update is successful!";
}
else {
$message = $db->error;
}
}
}
}
else if ($_POST['action'] == "Delete Record") {
if(!empty($_POST['deleteRecord']) && isset($_POST['placeNumber'])) {
$id = $_POST['placeNumber'];
$sqlUpdate = "UPDATE Lease SET placeNumber = NULL WHERE placeNumber='$id'";
$sqlDelete = "DELETE FROM Inspection WHERE placeNumber='$id'";
$sqlDelete2 = "DELETE FROM Room WHERE placeNumber='$id'";
$errors = [];
$db->autocommit(FALSE);
if(!$db->query($sqlUpdate)) {
$errors[] = $db->error;
}
if(!$db->query($sqlDelete)) {
$errors[] = $db->error;
}
if(!$db->query($sqlDelete2)) {
$errors[] = $db->error;
}
if (count($errors) ===0) {
$db->commit();
$message = "The room has been deleted along with its inspection logs.";
}
else {
$db->rollback();
foreach($errors as $e) {
$message = $message . "Error: " . $e . "<br>";
}
}
$db->autocommit(TRUE);
}
else {
$message = "You must confirm by ticking the box to delete the record!";
}
}
}
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css?<?php echo time(); ?>">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php if(isset($username)){echo $username;}?></a></li>
</ul>
<div class="updateResults">
<form action = "" method = "post">
<a><?php if(isset($message)){echo $message;}?></a>
<p>Place Number</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($placeNumber)){echo $placeNumber;} ?>" type = "text" name = "placeNumber" readonly/>
<p>Room Number</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($roomNumber)){echo $roomNumber;} ?>" type = "text" name = "roomNumber"/>
<p>Floor Number</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($floorNumber)){echo $floorNumber;} ?>" type = "text" name = "floorNumber"/>
<p>Monthly Rate (£GBP)</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($monthlyRate)){echo $monthlyRate;} ?>" type = "text" name = "monthlyRate"/>
<p>Hall Id</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($hallID)){echo $hallID;} ?>" type = "text" name = "hallID"/>
<p>Apartment Id</p>
<input placeholder="N/A" class="resultField" value="<?php if(isset($apartmentID)){echo $apartmentID;} ?>" type = "text" name = "apartmentID"/>
<hr>
<input type="submit" name="action" value="Update Details"/>
<hr>
<div style="display:flex; justify-content:center;">
<a>Tick the box to delete the record</a><input type="checkbox" name="deleteRecord" value="Yes"/>
</div>
<hr>
<input type="submit" name="action" value="Delete Record"/>
<hr>
<a href="ApartmentSearch.php"><input class="backButton" type="button" value="Create New Search" /></a>
</form>
</div>
</body>
</html>
Website/SearchDashboard.php 0 → 100644
View file @ 07c60f23
<?php
include('Session.php');
$username = $_SESSION['username'];
?>
<html>
<head>
<title>Dashboard</title>
<link rel="stylesheet" type="text/css" href="stylesheet.css">
</head>
<body>
<ul>
<li><a id="link" class="active" href="Dashboard.php">Dashboard</a></li>
<li id="link" style="float:right"><a href="Logout.php">Logout</a></li>
<li style="float:right"><a><?php echo $username;?></a></li>
</ul>
<div class="dashboard">
<ul class="navBar">
<li><a href="PeopleSearch.php">Person Search</a></li>
<li><a href="ApartmentSearch.php">Apartment Search</a></li>
<li><a href="HORSearch.php">Hall of Resident Search</a></li>
<li><a href="RoomSearch.php">Room Search</a></li>
</ul>
<ul class="navBar">
<li><a href="UniversitySearch.php">University Search</a></li>
<li><a href="LeaseSearch.php">Lease Search</a></li>
<li><a href="InvoiceSearch.php">Invoice Search</a></li>
<li><a href="InspectionSearch.php">Inspection Log Search</a></li>
</ul>
<ul class="navBar">
<li><a href="CourseSearch.php">Course Search</a></li>
<li><a href="Dashboard.php">Back</a></li>
</ul>
</div>
</body>
</html>
Website/Session.php 0 → 100644
View file @ 07c60f23
<?php
include('Config.php');
session_start();
$user_check = $_SESSION['username'];
$splitName = explode(".", $user_check);
$ses_sql = mysqli_query($db,"SELECT firstname || '.' || lastname FROM GeneralDetails WHERE firstname = '$splitName[0]' AND lastname = '$splitName[1]'");
$username = $ses_sql;
if(!isset($_SESSION['username'])){
header("location:Login.php");
die();
}
?>
\ No newline at end of file
Website/UniversitySearch.php 0 → 100644
View file @ 07c60f23
This diff is collapsed.
Website/UniversityView.php 0 → 100644
View file @ 07c60f23
This diff is collapsed.
Website/UnknownLeavingReport.php 0 → 100644
View file @ 07c60f23
This diff is collapsed.
Website/WaitingReport.php 0 → 100644
View file @ 07c60f23
This diff is collapsed.
Website/printStyle.css 0 → 100644
View file @ 07c60f23
table {
font-family: arial, sans-serif;
border-collapse: collapse;
width: 100%;
}
td, th {
border: 1px solid #162431;;
text-align: left;
}
th {
text-align: center;
padding: 5px;
border: 1px solid #162431;;
}
tr:nth-child(1) {
background-color: #162431;
color: white;
border: 1px solid #162431;;
}
tr:nth-child(odd) {
background-color: #162431;
color: white;
border: 1px solid #162431;;
}
\ No newline at end of file
Website/stylesheet.css 0 → 100644
View file @ 07c60f23
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment