Register more schools and trs enter workload

2025-12-06 04:01:16 +00:00 · 2025-12-06 04:01:16 +00:00 · 8c6afdf3d9
commit 8c6afdf3d9
parent 83fdeb8365
5 changed files with 57 additions and 23 deletions
--- a/admin_teachers.php
+++ b/admin_teachers.php
@ -9,6 +9,20 @@ $school_id = $_SESSION['school_id'];
 $pdo = db();
 // Handle permission toggle
 if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['toggle_permission_id'])) {
    try {
        $teacher_id = $_POST['toggle_permission_id'];
        $new_status = $_POST['new_status'];
        $stmt = $pdo->prepare("UPDATE teachers SET can_edit_workload = ? WHERE id = ? AND school_id = ?");
        $stmt->execute([$new_status, $teacher_id, $school_id]);
        $message = "Permission updated successfully.";
    } catch (PDOException $e) {
        $error = "Error updating permission: " . $e->getMessage();
    }
 }
 // Handle Delete request
 if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['delete_id'])) {
    try {
@ -187,7 +201,7 @@ try {
    <main class="container py-5">
        <div class="row justify-content-center">
-            <div class="col-lg-8">
+            <div class="col-lg-10">
                <h1 class="h2 fw-bold mb-4">Manage Teachers</h1>
                <?php if ($message): ?>
@ -213,7 +227,7 @@ try {
                            </div>
                            <div class="mb-3">
                                <label for="password" class="form-label">Password</label>
-                                <input type="password" class="form-control" id="password" name="password" <?php echo $editing_teacher ? '' : 'required'; ?>>
+                                <input type="password" class="form-.form-control" id="password" name="password" <?php echo $editing_teacher ? '' : 'required'; ?>>
                                <?php if ($editing_teacher): ?>
                                    <small class="form-text text-muted">Leave blank to keep the current password.</small>
                                <?php endif; ?>
@ -239,6 +253,7 @@ try {
                                        <tr>
                                            <th>Name</th>
                                            <th>Email</th>
                                            <th>Workload Editing</th>
                                            <th>Actions</th>
                                        </tr>
                                    </thead>
@ -248,10 +263,29 @@ try {
                                                <td><?php echo htmlspecialchars($teacher['name']); ?></td>
                                                <td><?php echo htmlspecialchars($teacher['email']); ?></td>
                                                <td>
-                                                    <a href="?edit_id=<?php echo $teacher['id']; ?>" class="btn btn-sm btn-outline-primary">Edit</a>
+                                                    <?php if ($teacher['can_edit_workload']): ?>
                                                        <span class="badge bg-success">Allowed</span>
                                                    <?php else: ?>
                                                        <span class="badge bg-secondary">Not Allowed</span>
                                                    <?php endif; ?>
                                                </td>
                                                <td>
                                                    <a href="?edit_id=<?php echo $teacher['id']; ?>" class="btn btn-sm btn-outline-primary mb-1">Edit</a>
                                                    <form action="admin_teachers.php" method="POST" class="d-inline">
                                                        <input type="hidden" name="toggle_permission_id" value="<?php echo $teacher['id']; ?>">
                                                        <?php if ($teacher['can_edit_workload']): ?>
                                                            <input type="hidden" name="new_status" value="0">
                                                            <button type="submit" class="btn btn-sm btn-warning mb-1">Revoke</button>
                                                        <?php else: ?>
                                                            <input type="hidden" name="new_status" value="1">
                                                            <button type="submit" class="btn btn-sm btn-success mb-1">Allow</button>
                                                        <?php endif; ?>
                                                    </form>
                                                    <form action="admin_teachers.php" method="POST" class="d-inline" onsubmit="return confirm('Are you sure you want to delete this teacher?');">
                                                        <input type="hidden" name="delete_id" value="<?php echo $teacher['id']; ?>">
-                                                        <button type="submit" class="btn btn-sm btn-outline-danger">Delete</button>
+                                                        <button type="submit" class="btn btn-sm btn-outline-danger mb-1">Delete</button>
                                                    </form>
                                                </td>
                                            </tr>
--- a/db/migrations/022_add_can_edit_workload_to_teachers.sql
+++ b/db/migrations/022_add_can_edit_workload_to_teachers.sql
@ -0,0 +1,2 @@
 ALTER TABLE `teachers`
 ADD COLUMN `can_edit_workload` BOOLEAN NOT NULL DEFAULT 0 COMMENT 'If true, the teacher can edit their own workload';
--- a/includes/navbar.php
+++ b/includes/navbar.php
@ -31,6 +31,11 @@ $role = $_SESSION['role'] ?? '';
                        </li>
                        <li class="nav-item"><a class="nav-link <?php echo ($current_page == 'timetable.php') ? 'active' : ''; ?>" href="/timetable.php">Class Timetable</a></li>
                    <?php endif; ?>
                    <?php if ($role === 'teacher' && !empty($_SESSION['can_edit_workload'])): ?>
                        <li class="nav-item"><a class="nav-link <?php echo ($current_page == 'teacher_workload.php') ? 'active' : ''; ?>" href="/teacher_workload.php">My Workload</a></li>
                    <?php endif; ?>
                    <li class="nav-item"><a class="nav-link <?php echo ($current_page == 'teacher_timetable.php') ? 'active' : ''; ?>" href="/teacher_timetable.php">Teacher Timetable</a></li>
                    <li class="nav-item"><a class="nav-link" href="/logout.php">Logout</a></li>
                <?php else : ?>
--- a/login.php
+++ b/login.php
@ -31,6 +31,14 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
                $_SESSION['role'] = $user['role'];
                $_SESSION['school_id'] = $user['school_id'];
                // If the user is a teacher, fetch their workload editing permission
                if ($user['role'] === 'teacher') {
                    $stmt = $pdo->prepare("SELECT can_edit_workload FROM teachers WHERE user_id = ?");
                    $stmt->execute([$user['id']]);
                    $teacher_permission = $stmt->fetchColumn();
                    $_SESSION['can_edit_workload'] = (bool)$teacher_permission;
                }
                // Redirect to the main page
                header("Location: dashboard.php");
                exit;
--- a/register.php
+++ b/register.php
@ -3,19 +3,8 @@ require_once __DIR__ . '/db/config.php';
 $message = '';
 $error = '';
 $registration_open = false;
-try {
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $pdo = db();
    $stmt = $pdo->query("SELECT COUNT(*) FROM schools");
    if ($stmt->fetchColumn() == 0) {
        $registration_open = true;
    }
 } catch (PDOException $e) {
    $error = 'Database error: ' . $e->getMessage();
 }
 if ($registration_open && $_SERVER['REQUEST_METHOD'] === 'POST') {
    $username = $_POST['username'] ?? null;
    $password = $_POST['password'] ?? null;
    $school_name = $_POST['school_name'] ?? null;
@ -25,6 +14,7 @@ if ($registration_open && $_SERVER['REQUEST_METHOD'] === 'POST') {
        $error = 'All fields are required.';
    } else {
        try {
            $pdo = db();
            $pdo->beginTransaction();
            // Check if school name already exists
@ -99,7 +89,7 @@ if ($registration_open && $_SERVER['REQUEST_METHOD'] === 'POST') {
                            <div class="alert alert-danger"><?php echo $error; ?></div>
                        <?php endif; ?>
-                        <?php if (!$message && $registration_open): ?>
+                        <?php if (!$message): ?>
                        <form action="register.php" method="POST">
                            <div class="mb-3">
                                <label for="school_name" class="form-label">School Name</label>
@ -124,11 +114,6 @@ if ($registration_open && $_SERVER['REQUEST_METHOD'] === 'POST') {
                        <div class="text-center mt-3">
                            <p>Already have an account? <a href="login.php">Login here</a>.</p>
                        </div>
                        <?php elseif (!$message): ?>
                        <div class="alert alert-info">
                            Registration is currently closed. Only one school can be registered.
                            <p class="mt-3"><a href="login.php" class="btn btn-primary">Go to Login</a></p>
                        </div>
                        <?php endif; ?>
                    </div>
                </div>
		`@ -0,0 +1,2 @@`
							ALTER TABLE `teachers`
							ADD COLUMN `can_edit_workload` BOOLEAN NOT NULL DEFAULT 0 COMMENT 'If true, the teacher can edit their own workload';