Digital Assignment II

Stalin Sabu Thomas (14BCE0874)

Slot B1

Internet and Web Programming

Project File Link: https://1drv.ms/f/s!AnTZwNzn6vvviuVcck9UuBMbL9HLfg

Facultylogin.php

<?php session_start(); ?>

<html>
<head>
<title>Get Files</title>
<link rel="stylesheet" type="text/css" href="css/style.css">
<script>
function validate(){
var flag = true;
var id=document.getElementById("id").value;
var pwd = document.getElementById("pwd").value;
if(id==""){
document.getElementById("idErr").innerHTML = "Please Enter
Faculty ID!";
flag=false;
}
else{
var pattern = /^[0-9]{5}$/;
if(!pattern.test(id)){
document.getElementById("idErr").innerHTML = "Invalid
Faculty ID!";
flag=false;
}
else if(id.length!=5){
document.getElementById("idErr").innerHTML = "ID should
be 5 characters!";
flag=false;
}
else{
document.getElementById("idErr").innerHTML = "";
}
}
if(pwd==""){
document.getElementById("pwdErr").innerHTML = "Please Enter
Password!";
 flag=false;
}
else{
document.getElementById("pwdErr").innerHTML = "";
}
return flag;
}
</script>
</head>
<body>
<nav><ul>
<li><a href="upload.php">Upload</a></li>
</ul></nav>
<?php
$id=$pwd="";
$idErr=$pwdErr=$Err="";
if($_SERVER["REQUEST_METHOD"]=="POST"){
$flag=true;
if(empty($_POST["id"])){
$idErr="Please Enter Faculty ID!";
$flag=false;
}
else{
$id=clean_input($_POST["id"]);
if(!preg_match("/^[0-9]{5}$/", $id)){
$idErr="Invalid Faculty ID!";
$flag=false;
}
}
if(empty($_POST["pwd"])){
$pwdErr="Please Enter Password!";
$flag=false;
}
else{
$pwd=clean_input($_POST["pwd"]);
}
if($flag){
$conn = new mysqli("localhost", "root", "3333333", "VIT");
if($conn->connect_error){
//die("Connection failed: ".$conn->connect_error);
$Err = "Connection failed: ".$conn->connect_error;
return;
}
$sql = "SELECT * FROM faculty WHERE id=".$id." AND
pwd='".$pwd."';";
 $result = $conn->query($sql);
if($result->num_rows == 0){
$Err="Faculty ID and password does not match!";
$conn->close();
}
else{
$row = $result->fetch_assoc();
$_SESSION["valid"]=true;
$_SESSION["timeout"]=time();
$_SESSION["id"] = $id;
$_SESSION["fname"] = $row["fname"];
$conn->close();
header("Location:home.php");
}
}
}
function clean_input($input){
$input = trim($input);
$input = stripslashes($input);
$input = htmlspecialchars($input);
return $input;
}
?>
<form method="post" action="<?php echo
htmlspecialchars($_SERVER["PHP_SELF"]); ?>" onsubmit="return validate();">
Faculty ID: <input type="text" name="id" id="id" value="<?php echo
$id; ?>" placeholder="Enter Faculty ID"><span class="error" id="idErr"><?php echo
$idErr; ?></span><br/>
Password: <input type="password" name="pwd" id="pwd" value="<?php
echo $pwd; ?>" placeholder="Enter Password"><span class="error" id="pwdErr"><?php
echo $pwdErr; ?></span><br/>
<input type="submit" value="submit"><br/>
<span class="error" id="Err"><?php echo $Err; ?></span>
</form>
</body>
</html>
home.php

<?php session_start();
if(!isset($_SESSION["id"])){
header("Location: facultyLogin.php");
}
?>
<html>
<head>
<title>Home</title>
<link rel="stylesheet" type="text/css" href="css/style.css">
</head>
<body>
<nav><ul>
<li><a class="active" href="home.php">Home</a></li>
<li><a href="slotSelect.php">Set Slot</a></li>
<li><a href="get_files.php">Get Files</a></li>
<li><a href="upload.php">Upload</a></li>
<li style="float:right;"><a href="logout.php">Logout</a></li>
</ul></nav>
<h2>Hello <?php echo $_SESSION["fname"] ?>!</h2>

</body>
</html>
slotSelect.php

<?php session_start();
// Report all errors
error_reporting(E_ALL);
date_default_timezone_set("Asia/Kolkata"); //The time is wrong
?>
<html>
<head>
<title>Slot Select</title>
<link rel="stylesheet" type="text/css" href="css/style.css">
<script>
function validate(){
var flag = true;
var title=document.getElementById("title").value;
var venue = document.getElementById("venue").value;
var open_time=document.getElementById("open_time").value;
var open_date = document.getElementById("open_date").value;
var close_time=document.getElementById("close_time").value;
var close_date = document.getElementById("close_date").value;
var a=null; var b=null;
if(title==""){
document.getElementById("titleErr").innerHTML = "Please Enter
Title!";
flag=false;
}
else{
document.getElementById("titleErr").innerHTML = "";
}
 if(venue==""){
document.getElementById("venueErr").innerHTML = "Please Enter
Venue!";
flag=false;
}
else{
document.getElementById("venueErr").innerHTML = "";
}
if(open_time==""){
document.getElementById("openErr").innerHTML = "Please Enter
Opening Time!";
flag=false;
}
else{
document.getElementById("openErr").innerHTML = "";
}
if(open_date==""){
document.getElementById("openErr").innerHTML = "Please Enter
Opening Date!";
flag=false;
}
else{
document.getElementById("openErr").innerHTML = "";
}
if(close_time==""){
document.getElementById("closeErr").innerHTML = "Please Enter
Closing Time!";
flag=false;
}
else{
document.getElementById("closeErr").innerHTML = "";
}
if(close_date==""){
document.getElementById("closeErr").innerHTML = "Please Enter
Closing Date!";
flag=false;
}
else{
document.getElementById("closeErr").innerHTML = "";
}
if(flag==false)
return flag;
a = new Date(open_date+" "+open_time);
b = new Date(close_date+" "+close_time);
now = new Date();
 if(a>=b || b<now){
document.getElementById("closeErr").innerHTML = "Specified
Date/Time is Invalid";
flag=false;
}
if(a<now){
document.getElementById("openErr").innerHTML = "Specified
Date/Time is Invalid";
flag=false;
}
return flag;
}
</script>
</head>
<body>
<nav><ul>
<li><a href="home.php">Home</a></li>
<li><a class="active" href="slotSelect.php">Set Slot</a></li>
<li><a href="get_files.php">Get Files</a></li>
<li><a href="upload.php">Upload</a></li>
<li style="float:right;"><a href="logout.php">Logout</a></li>
</ul></nav>
<?php
$title=$venue=$open=$close="";
$titleErr=$venueErr=$openErr=$closeErr=$msg=$Err="";
if($_SERVER["REQUEST_METHOD"]=="POST"){
$flag=true;
if(empty($_POST["title"])){
$titleErr="Please Enter Title!";
$flag=false;
}
else{
$title=clean_input($_POST["title"]);
}
if(empty($_POST["venue"])){
$venueErr="Please Enter Venue!";
$flag=false;
}
else{
$venue=clean_input($_POST["venue"]);
}
if(empty($_POST["open_date"])){
$openErr="Please Enter Opening Date!";
$flag=false;
}
 else{
$open=clean_input($_POST["open_date"]);
}
if(empty($_POST["open_time"])){
$openErr="Please Enter Opening Time!";
$flag=false;
}
else{
$open.=" ".clean_input($_POST["open_time"]);
}
if(empty($_POST["close_date"])){
$closeErr="Please Enter Closing Date!";
$flag=false;
}
else{
$close=clean_input($_POST["close_date"]);
}
if(empty($_POST["close_time"])){
$closeErr="Please Enter Closing Time!";
$flag=false;
}
else{
$close.=" ".clean_input($_POST["close_time"]);
}
try{
$cd = strtotime($close); $od = strtotime($open); $now =
time();
if($od>=$cd || $cd<$now){
$closeErr="Invalid Date/Time";
$flag=false;
}
}
catch(Exception $e){
$flag=false;
}
if($flag){
$conn = new mysqli("localhost", "root", "3333333", "VIT");
if($conn->connect_error){
$Err = "Connection failed: ".$conn->connect_error;
}
$sql = "INSERT INTO uploadcenter(id, title, venue, open_time,
close_time) values(".$_SESSION["id"].", '".$title."', '".$venue."', '".$open."',
'".$close."');";
if($conn->query($sql)===TRUE){
$msg="Slot Added for ".$title."@".$venue."!";
 }
else{
$Err="Slot was not able to be created! ".$conn->error;
}
$conn->close();
}
}
function clean_input($input){
$input = trim($input);
$input = stripslashes($input);
$input = htmlspecialchars($input);
return $input;
}
?>
<form method="post" action="<?php echo
htmlspecialchars($_SERVER["PHP_SELF"]); ?>" onsubmit="return validate();">
Title: <input type="text" id="title" name="title" value="<?php echo
$title; ?>" placeholder="Enter Title"><span class="error" id="titleErr"><?php
echo $titleErr; ?></span><br/>
Venue: <input type="text" id="venue" name="venue" value="<?php echo
$venue; ?>" placeholder="Enter Venue"><span class="error" id="venueErr"><?php
echo $venueErr; ?></span><br/>
Open Link At: <input type="time" id="open_time"
name="open_time"><input type="date" id="open_date" name="open_date"><span
class="error" id="openErr"><?php echo $openErr; ?></span><br/>
Close Link At: <input type="time" id="close_time"
name="close_time"><input type="date" id="close_date" name="close_date"><span
class="error" id="closeErr"><?php echo $closeErr; ?></span><br/>
<input type="submit" name="submit" value="Create Upload Link"><br/>
<span class="error" id="Err"><?php echo $Err; ?></span><span
class="message" id="msg"><?php echo $msg; ?></span>
</form>
<script>
var open_time=document.getElementById("open_time").value;
var open_date = document.getElementById("open_date").value;
var close_time=document.getElementById("close_time").value;
var close_date = document.getElementById("close_date").value;
if(open_time=="" && open_date=="" && close_time=="" &&
close_date==""){
var now = new Date();
var today = now.getFullYear()+"-
"+(("0"+(now.getMonth()+1)).slice(-2))+"-"+(("0"+now.getDate()).slice(-2));
document.getElementById("open_date").value = today;
document.getElementById("close_date").value = today;
//now.setHours(14); now.setMinutes(22);
 today = ("0"+now.getHours()).slice(-2)+":00";
document.getElementById("open_time").value = today;
document.getElementById("close_time").value = today;
}
</script>
<hr/>
<?php
$conn = new mysqli("localhost", "root", "3333333", "VIT");
if($conn->connect_error){
$Err = "Connection failed: ".$conn->connect_error;
}
$sql = "SELECT * FROM uploadcenter WHERE id=".$_SESSION["id"]." ORDER
BY close_time DESC, open_time DESC;";
$result = $conn->query($sql);
if($result->num_rows>0){
$i=1;
echo "<h3>Slots Currently Selected</h3>";
echo "<table
class='slots'><thead><th></th><th>Title</th><th>Venue</th><th>Opening
Time</th><th>Closing Time</th><th>Status</th></thead>";
//echo date_default_timezone_get();
$now = time(); //echo date("Y-m-d H:m", $now)."Now TIME -> ";
while($row = $result->fetch_assoc()){
$cd = strtotime($row["close_time"]); $od =
strtotime($row["open_time"]);
$status="Close"; //echo " ".date("Y-m-d H:m", $cd)."
".($cd>=$now)."and".($now>=$od)." ".date("Y-m-d H:m", $od);
if($cd>=$now && $now>=$od){
$status="Open";
}
echo
"<tr>"."<td>".$i++."</td>"."<td>".$row["title"]."</td>"."<td>".$row["venue"]."</t
d>"."<td>".$row["open_time"]."</td>"."<td>".$row["close_time"]."</td>"."<td>".$st
atus."</td>"."</tr>";
}
}
$conn->close();
?>
</body>
</html>
upload.php

<?php session_start();
// Report all errors
error_reporting(E_ALL);
date_default_timezone_set("Asia/Kolkata"); //The time is wrong
?>
<html>
<head>
<title>upload</title>
<link rel="stylesheet" type="text/css" href="css/style.css">
</head>
<body>
<nav><ul>
<li style="float:right;"><a href="facultyLogin.php">Login</a></li>
</ul></nav>
<?php
if($_SERVER["REQUEST_METHOD"]=="POST"){
$conn = new mysqli("localhost", "root", "3333333", "VIT");
if($conn->connect_error){
$Err = "Connection failed: ".$conn->connect_error;
}
$target_dir = "c:/uploads";
$target_file = $target_dir ."/";
$fileType =
strtolower(pathinfo($_FILES["ufile"]["name"],PATHINFO_EXTENSION));
$sql = "INSERT INTO files(i, reg_no, file_name, file_path,
file_type, dateofupload) VALUES(".$_POST["slot"].", '".$_POST["reg_no"]."',
'".basename($_FILES["ufile"]["name"])."', '".$target_file."', '".$fileType."',
'".date('Y-m-d H:i:s')."');";
if($conn->query($sql)===TRUE){
$last_id = $conn->insert_id;
$target_file.=$last_id.".".$fileType;
}
else{
echo $sql." = ".$conn->error;
}
//echo $target_file;
//$target_dir =
"c:/uploads/".$row["i"].$row["title"].$row["venue"].$row["id"];
$uploadOk = 1;
if (file_exists($target_file)) {
echo "Sorry, file already exists.";
$uploadOk = 0;
}

if ($_FILES["fileToUpload"]["size"] > 500000) {

echo "Sorry, your file is too large.";
$uploadOk = 0;
}

if($fileType != "pdf" && $fileType != "docx" && $fileType !=

"doc") {
echo "Only .pdf, .docx, .doc files are allowed.";
$uploadOk = 0;
}

if ($uploadOk == 0) {
deleteFromDb($last_id);
echo "Sorry, your file was not uploaded.";
}
else {
if (move_uploaded_file($_FILES["ufile"]["tmp_name"],
$target_file)) {
echo "The file ". basename( $_FILES["ufile"]["name"]). "
has been uploaded.";
} else {
deleteFromDb($last_id);
echo "Sorry, there was an error uploading your file.";
}
}
$conn->close();
}
 function deleteFromDb($file_no){
$conn = new mysqli("localhost", "root", "3333333", "VIT");
if($conn->connect_error){
die("Connection failed: ".$conn->connect_error);
}
$sql = "DELETE FROM files WHERE file_no=".$file_no.";";
if($conn->query($sql)){

}
else{
echo $sql." = ".$conn->error;
}
$conn->close();
}
?>
<form method="POST" action="<?php echo
htmlspecialchars($_SERVER["PHP_SELF"]);?>" enctype="multipart/form-data">
<table id="submitTable">
<tr>
<td><input type="text" name="reg_no" style="width:85%;"
id="reg_no" placeholder="Enter Registration Number" pattern="[0-9]{2}[a-zA-
Z]{3}[0-9]{4}" required></td>
<td><input type="file" name="ufile" id="ufile"
required></td><td><input type="submit" value="Upload"></td>
</tr>
<?php
$conn = new mysqli("localhost", "root", "3333333", "VIT");
if($conn->connect_error){
$Err = "Connection failed: ".$conn->connect_error;
}
$sql = "SELECT a.*, b.fname FROM uploadcenter a, faculty b WHERE
a.id=b.id AND close_time>=NOW();";
$result = $conn->query($sql);
if($result->num_rows>0){
$i=0;
while($row=$result->fetch_assoc()){
switch($i){
case 0:
echo "<tr><td><input type='radio' id='slot'
name='slot' value='".$row["i"]."'>".$row["fname"]."-".$row["title"]."-
".$row["venue"]."</td>";
break;
case 1:
 echo "<td><input type='radio' id='slot'
name='slot' value='".$row["i"]."'>".$row["fname"]."-".$row["title"]."-
".$row["venue"]."</td>";
break;
case 2:
echo "<td><input type='radio' id='slot'
name='slot' value='".$row["i"]."'>".$row["fname"]."-".$row["title"]."-
".$row["venue"]."</td></tr>";
break;
default:
echo "";
}
$i = ($i+1)%3;
}
}
else{
echo "<h4>No Slots available!<h4>";
}
?>
</table>
</form>
</body>
</html>

get_files.php

<?php session_start();
// Report all errors
error_reporting(E_ALL);
?>
<html>
<head>
<title>Get Files</title>
<link rel="stylesheet" type="text/css" href="css/style.css">
<script>
function validate(){
var flag = true;

}
</script>
</head>
<body>
<nav><ul>
<li><a href="home.php">Home</a></li>
<li><a href="slotSelect.php">Set Slot</a></li>
<li><a class="active" href="get_files.php">Get Files</a></li>
<li><a href="upload.php">Upload</a></li>
<li style="float:right;"><a href="logout.php">Logout</a></li>
</ul></nav>
<div class="slotsCol">
<?php
$conn = new mysqli("localhost", "root", "3333333", "VIT");
if($conn->connect_error){
die("Connection failed: ".$conn->connect_error);
}
$sql = "SELECT i, id, title, venue FROM uploadcenter WHERE
id=".$_SESSION["id"]." ORDER BY close_time DESC, open_time DESC;";
$result = $conn->query($sql);
if($result->num_rows>0){
echo "<ul>";
while($row=$result->fetch_assoc()){
if($row["i"]==$_GET["sloti"]){
echo "<li><a href='get_files.php?sloti=".$row["i"]."'
class='slot active'>".$row["title"]."@".$row["venue"]."</a></li>";
}
else{
echo "<li><a href='get_files.php?sloti=".$row["i"]."'
class='slot'>".$row["title"]."@".$row["venue"]."</a></li>";
}
}
echo "</ul>";
}
else{
echo "<h5>There are no available slots</h5>";
}
 $conn->close();
?>
</div>
<div class="filesCol">
<?php
if(isset($_GET["sloti"])){
$conn = new mysqli("localhost", "root", "3333333", "VIT");
if($conn->connect_error){
die("Connection failed: ".$conn->connect_error);
}
$sql = "SELECT b.* FROM uploadcenter a, files b WHERE a.i=b.i
AND a.id=".$_SESSION["id"]." AND b.i=".$_GET["sloti"].";";
//echo $sql;
$result = $conn->query($sql);
if($result->num_rows>0){
echo "<ul>";
while($row=$result->fetch_assoc()){
if($row["file_no"]==$_GET["filei"]){
echo "<li><a
href='get_files.php?sloti=".$_GET["sloti"]."&filei=".$row["file_no"]."'
class='file active'>".$row["reg_no"]."-".$row["file_name"]."</a></li>";
}
else{
echo "<li><a
href='get_files.php?sloti=".$_GET["sloti"]."&filei=".$row["file_no"]."'
class='file'>".$row["reg_no"]."-".$row["file_name"]."</a></li>";
}
}
echo "</ul>";
}
else{
echo "<h3>There are no files uploaded</h3>";
}
$conn->close();
}
?>
</div>
<div class="detailsCol">
<?php
//echo "<li><a
href='download.php?download_file=".$row["file_no"]."' class='file'
target='_blank'>".$row["reg_no"]."-".$row["file_name"]."</a></li>";
if(isset($_GET["filei"])){
$conn = new mysqli("localhost", "root", "3333333", "VIT");
if($conn->connect_error){
 die("Connection failed: ".$conn->connect_error);
}
$sql = "SELECT b.*, a.close_time, a.open_time FROM
uploadcenter a, files b WHERE a.i=b.i AND a.id=".$_SESSION["id"]." AND
b.i=".$_GET["sloti"]." AND b.file_no=".$_GET["filei"].";";
$result = $conn->query($sql);
if($result->num_rows==1){
$row = $result->fetch_assoc();
echo "<table class='details'>";
echo "<tr><td>File
name</td><td>".$row["file_name"]."</td></tr>";
echo "<tr><td>File
type</td><td>".$row["file_type"]."</td></tr>";
echo "<tr><td>Uploaded
by</td><td>".$row["reg_no"]."</td></tr>";
echo "<tr><td>Uploaded
on</td><td>".$row["dateofupload"]."</td></tr>";
$submit = "<td style='color:green;'>On-Time</td></tr>";
$cd = strtotime($row["close_time"]); $up =
strtotime($row["dateofupload"]); $od = strtotime($row["open_time"]);
if($up>$cd){
$submit = "<td style='color:red;'>Late</td></tr>";
}
elseif($od>$up){
$submit = "<td style='color:blue;'>Early</td></tr>";
}
echo "<tr><td>Submission</td>".$submit;
echo "<tr><td colspan='2' class='center'><a
href='download.php?download_file=".$row["file_no"]."' class='download'
target='_blank'>Download</a></td></tr>";
echo "</table>";
}
else{
echo "Invalid File!";
}
}
?>
</div>
</body>
</html>