Your IP : 216.73.216.40
<?php
session_start();
if(isset($_SESSION["name"], $_SESSION["pass"])){
include 'db.php';
if(isset($_POST["news-but"])){
$news = test_input($_POST["news-text"]);
$sql = "INSERT INTO `news` (`id`, `newscontent`) VALUES (NULL, '$news')";
mysqli_query($dbconn, $sql);
}
else if(isset($_POST["adminres-but"])){
$adminres = test_input($_POST["adminres-text"]);
$sql="INSERT INTO `adminres` (`id`, `resp`) VALUES (NULL, '$adminres')";
mysqli_query($dbconn, $sql);
}
else if(isset($_POST["research-but"])){
$research = test_input($_POST["research-text"]);
$sql = "INSERT INTO `research` (`id`, `res`) VALUES (NULL, '$research')";
mysqli_query($dbconn, $sql);
}
else if(isset($_POST["pub-but"])){
$pub = test_input($_POST["pubname"]);
$pubyear = test_input($_POST["pubyear"]);
$sql = "INSERT INTO `publications` (`id`, `pub`, `year`) VALUES (NULL, '$pub', '$pubyear')";
mysqli_query($dbconn, $sql);
}
else if(isset($_POST["course-but"])){
$coursename = test_input($_POST["coursename"]);
$courselink = test_input($_POST["courselink"]);
$courseyear = test_input($_POST["courseyear"]);
$sem = test_input($_POST["sem"]);
$url = urlencode($courselink);
$url = mysql_real_escape_string($url);
$sql = "INSERT INTO `courses` (`id`, 'coursename', `link`, `year`, `sem`) VALUES (NULL, '$coursename' '$url', '$courseyear', '$sem')";
mysqli_query($dbconn, $sql);
}
else if(isset($_POST["student-but"])){
$stuname = test_input($_POST["stuname"]);
$sturoll = test_input($_POST["sturoll"]);
$stuyear = test_input($_POST["stuyear"]);
$stucourse = test_input($_POST["stucourse"]);
$project = test_input($_POST["project"]);
$sql = "INSERT INTO `students` (`id`, `stuname`, `rollno`, `stuyear`, `degree`, `project`) VALUES (NULL, '$stuname', '$sturoll', '$stuyear', '$stucourse', '$project')";
mysqli_query($dbconn, $sql);
}
else if(isset($_POST["delnewsbut"])){
$sqldel = "DELETE FROM news";
mysqli_query($dbconn, $sqldel);
}
else if(isset($_POST["deladminbut"])){
$adminid = array();
$sqlsel = "SELECT * FROM adminres";
$resultsel = mysqli_query($dbconn, $sqlsel);
while($objsel = mysqli_fetch_object($resultsel)){
array_push($adminid, $objsel->id);
}
$id = intval($_POST["deladmin"]);
$adminindex = $adminid[$id-1];
$sqldel = "DELETE FROM adminres WHERE id='$adminindex'";
mysqli_query($dbconn, $sqldel);
}
else if (isset($_POST["delresbut"])) {
$resid = array();
$sqlsel = "SELECT * FROM research";
$resultsel = mysqli_query($dbconn, $sqlsel);
while($objsel = mysqli_fetch_object($resultsel)){
array_push($resid, $objsel->id);
}
$id = intval($_POST["delres"]);
$resindex = $resid[$id-1];
$sqldel = "DELETE FROM research WHERE id='$resindex'";
mysqli_query($dbconn, $sqldel);
}
else if(isset($_POST["delpubbut"])){
$pubid = array();
$sqlsel = "SELECT DISTINCT year FROM publications ORDER BY year DESC";
$resultsel = mysqli_query($dbconn, $sqlsel);
while($objsel = mysqli_fetch_object($resultsel)){
$year = $objsel->year;
$sql1 = "SELECT * FROM publications WHERE year='$year'";
$result1 = mysqli_query($dbconn, $sql1);
while($obj1 = mysqli_fetch_object($result1)){
#echo $obj1->id;
array_push($pubid, $obj1->id);
}
}
$id = intval($_POST["delpub"]);
$pubindex = $pubid[$id-1];
$sqldel = "DELETE FROM publications WHERE id='$pubindex'";
mysqli_query($dbconn, $sqldel);
}
else if(isset($_POST["delcoursebut"])){
$courseid = array();
$sqlsel = "SELECT DISTINCT year FROM courses ORDER BY year DESC";
$resultsel = mysqli_query($dbconn, $sqlsel);
while($objsel = mysqli_fetch_object($resultsel)){
$year = $objsel->year;
$sql2 = "SELECT DISTINCT sem FROM courses WHERE year = '$year' ORDER BY sem ASC";
$result2 = mysqli_query($dbconn, $sql2);
while($obj2 = mysqli_fetch_object($result2)){
$sem = $obj2->sem;
$sql1 = "SELECT * FROM courses WHERE year='$year' AND sem='$sem'";
$result1 = mysqli_query($dbconn, $sql1);
while($obj1 = mysqli_fetch_object($result1)){
array_push($courseid, $obj1->id);
}
}
}
$id = intval($_POST["delcourse"]);
$courseindex = $courseid[$id-1];
$sqldel = "DELETE FROM courses WHERE id='$courseindex'";
mysqli_query($dbconn, $sqldel);
}
else if(isset($_POST["delstubut"])){
$stuid = array();
$sqlsel = "SELECT DISTINCT degree FROM students ORDER BY degree DESC";
$resultsel = mysqli_query($dbconn, $sqlsel);
while($objsel = mysqli_fetch_object($resultsel)){
$degree = $objsel->degree;
$sql1 = "SELECT * FROM students WHERE degree='$degree'";
$result1 = mysqli_query($dbconn, $sql1);
while($obj1 = mysqli_fetch_object($result1)){
#echo $obj1->id;
array_push($stuid, $obj1->id);
}
}
$id = intval($_POST["delstu"]);
$stuindex = $stuid[$id-1];
$sqldel = "DELETE FROM students WHERE id='$stuindex'";
mysqli_query($dbconn, $sqldel);
}
}
else{
header("location: login.php");
}
function test_input($data) {
#$data = trim($data);
#$data = stripslashes($data);
#$data = htmlspecialchars($data);
return $data;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>Update</title>
<link rel="stylesheet" type="text/css" href="css/update.css">
</head>
<body>
<div class = "temp">
<h2 style="text-align: center">Add Details</h2>
<form id = "add" method = "POST" action = "<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>">
<fieldset>
<legend>News</legend><br>
<label for="news-text">News: </label>
<input type="text" name="news-text" id="news-text" maxlength="100">
<button type = "submit" name = "news-but" id = "news-but" >Submit</button>
</fieldset>
<br> <br>
<fieldset>
<legend>Administrative Responsibilities</legend><br>
<label for="aminres-text">Administrative Responsibility: </label>
<input type="text" name="adminres-text" id="adminres-text" maxlength="1000">
<button type = "submit" name = "adminres-but" id = "adminres-but" >Submit</button>
</fieldset>
<br><br>
<fieldset>
<legend>Research</legend><br>
<label for="research-text">Research: </label>
<input type="text" name="research-text" id="research-text" maxlength="1000">
<button type = "submit" name = "research-but" id = "research-but">Submit</button>
</fieldset>
<br><br>
<fieldset>
<legend>Publications</legend><br>
<label for="pubname">Publication name: </label>
<input type="text" name="pubname" id="pubname" maxlength="1000"><br><br>
<label for="pubyear">Publication year: </label>
<input type="text" name="pubyear" id="pubyear"><br><br>
<button type = "submit" name = "pub-but" id = "pub-but" >Submit</button>
</fieldset>
<br><br>
<fieldset>
<legend>Courses</legend><br>
<label for="coursename">Course link: </label>
<input type="text" name="coursename" id="coursename" maxlength="100"><br><br>
<label for="courselink">Course link: </label>
<input type="text" name="courselink" id="courselink" maxlength="100"><br><br>
<label for="courseyear">Course year: </label>
<input type="text" name="courseyear" id="courseyear"><br><br>
<label for="sem">Semester: </label>
<select id = "sem" name = "sem">
<option id = "odd" name = "odd" value = "odd">Odd</option>
<option id = "even" name = "even" value = "even">Even</option>
</select><br><br>
<button type="submit" name="course-but" id="course-but">Submit</button>
</fieldset>
<br><br>
<fieldset>
<legend>Students</legend><br>
<label for="stuname">Name: </label>
<input type="text" name="stuname" id="stuname" maxlength="200"><br><br>
<label for="sturoll">Enrollment no. : </label>
<input type="text" name="sturoll" id="sturoll"><br><br>
<label for="stuyear">Year :</label>
<input type="text" name="stuyear" id="stuyear"><br><br>
<label for="project">Project/Thesis title :</label>
<input type="text" name="project" id="project"><br><br>
<label for="stucourse">Course: </label>
<select id = "stucourse" name = "stucourse">
<option id = "phd" name = "phd" value = "phd">Ph.D</option>
<option id = "mtech" name = "mtech" value = "mtech">M.tech</option>
<option id = "btech" name = "btech" value = "btech">B.tech</option>
</select><br><br>
<button type="submit" name="student-but" id="student-but">Submit</button>
</fieldset><br><br>
<h2 style="text-align: center">Deletion :</h2><br><br>
<fieldset>
<label for = "delnewsbut">News :</label>
<button type = "submit" name = "delnewsbut" id = "delnewsbut">Delete</button>
</fieldset><br><br>
<fieldset>
<label for = "deladmin">Admin responsibility no. :</label>
<input type="text" name="deladmin" id = "deladmin">
<button type = "submit" id = "deladminbut" name = "deladminbut">Delete</button>
</fieldset><br><br>
<fieldset>
<label for = "delres">Research no. :</label>
<input type="text" name="delres" id = "delres">
<button type = "submit" id = "delresbut" name = "delresbut">Delete</button>
</fieldset><br><br>
<fieldset>
<label for = "delpub">Publication no. :</label>
<input type="text" name="delpub" id = "delpub">
<button type = "submit" id = "delpubbut" name = "delpubbut">Delete</button>
</fieldset><br><br>
<fieldset>
<label for = "delcourse">Course no. :</label>
<input type="text" name="delcourse" id = "delcourse">
<button type = "submit" id = "delcoursebut" name = "delcoursebut">Delete</button>
</fieldset><br><br>
<fieldset>
<label for = "delstu">Student no. :</label>
<input type="text" name="delstu" id = "delstu">
<button type = "submit" id = "delstubut" name = "delstubut">Delete</button>
</fieldset><br><br>
</form><br><br>
</div>
<div class = "wrapper">
<div class = "container">Dr. Krishna Pratap Singh</div>
</div>
<div class ="logo"></div>
<a href = "logout.php" id = "logout">Logout</a>
</body>
</html>