-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathimportcsv.php
More file actions
89 lines (72 loc) · 3.97 KB
/
importcsv.php
File metadata and controls
89 lines (72 loc) · 3.97 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
<?php
// Load the database configuration file
include 'connection.php';
if(isset($_POST['importSubmit'])){
// Allowed mime types
$csvMimes = array('text/x-comma-separated-values', 'text/comma-separated-values', 'application/octet-stream', 'application/vnd.ms-excel', 'application/x-csv', 'text/x-csv', 'text/csv', 'application/csv', 'application/excel', 'application/vnd.msexcel', 'text/plain');
// Validate whether selected file is a CSV file
if(!empty($_FILES['file']['name']) && in_array($_FILES['file']['type'], $csvMimes)){
// If the file is uploaded
if(is_uploaded_file($_FILES['file']['tmp_name'])){
// Open uploaded CSV file with read-only mode
$csvFile = fopen($_FILES['file']['tmp_name'], 'r');
// Skip the first line
fgetcsv($csvFile);
// Parse data from CSV file line by line
while(($line = fgetcsv($csvFile)) !== FALSE){
// Get row data
$username = mysqli_real_escape_string($connection, $line[0]);
$name = mysqli_real_escape_string($connection, $line[1]);
$section =mysqli_real_escape_string($connection, $line[2]);
$password = mysqli_real_escape_string($connection, $line[3]);
$hash = password_hash($password,PASSWORD_DEFAULT);
// Check whether member already exists in the database with the same email
$prevQuery = "SELECT * FROM users WHERE username = '$username' ";
$prevResult = mysqli_query($connection, $prevQuery) or die (mysqli_error($connection));
$countResult = mysqli_num_rows($prevResult);
if($countResult>=1){
// Update member data in the database
$get_section = "SELECT * FROM section WHERE section_name = '$section' ";
$result_section = mysqli_query($connection,$get_section);
while ($row_section = mysqli_fetch_assoc($result_section)){
$sec_id = $row_section['section_id'];
$update_users = "UPDATE users SET username='$username', name='$name',
section='$sec_id', password='$hash', role='student' WHERE username='$username' ";
$result_update = mysqli_query($connection,$update_users);
if($result_update){
$stringupdate= '&update=success';
}
else{
$stingupdate= '&update=fail';
}
}
}else{
// Insert member data in the database
$get_section = "SELECT * FROM section WHERE section_name = '$section' ";
$result_section = mysqli_query($connection,$get_section);
while ($row_section = mysqli_fetch_assoc($result_section)){
$sec_id = $row_section['section_id'];
$insert_users = "INSERT INTO users (username,name,section,password,role)
VALUES ('$username','$name','$sec_id','$hash','student') ";
$result_insert = mysqli_query($connection,$insert_users);
if($insert_users){
$stringins = '&insert=success';
}
else{
$stingins = '&insert=fail';
}
}
}
}
// Close opened CSV file
fclose($csvFile);
$qstring = '?status=succ';
}else{
$qstring = '?status=err';
}
}else{
$qstring = '?status=invalid_file';
}
}
// Redirect to the listing page
header("Location:students.php".$qstring.$stringins."&add=true");